~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ = Advisory: Certain URL constructs can allow arbitrary code execution = = Severity = Critical = Description Certain page address (URL) constructs can cause Opera to allocate the wrong amount of memory for storing the address. When it then attempts to store the address, it will overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code. ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Arch teams, please test and mark stable: =www-client/opera-11.64.1403 Target KEYWORDS="amd64 x86"
amd64 ok
amd64: pass can repoman output be fixed/hidden ? RDEPEND.badindev www-client/opera/opera-11.64.1403.ebuild: ~x86-fbsd(default/bsd/fbsd/x86/8.2) ['sys-apps/util-linux']
x86 stable
amd64 stable
@security go ahead with glsa @jer removed vulnerable version.
Thanks, folks. Added to existing GLSA request.
(In reply to comment #5) > @jer removed vulnerable version. Er, no, you did that. Please leave that to maintainers next time, and don't lie about it.
CVE-2012-3561 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3561): Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
This issue was resolved and addressed in GLSA 201206-03 at http://security.gentoo.org/glsa/glsa-201206-03.xml by GLSA coordinator Sean Amoss (ackle).
