Fixes this security-issue: (taken from Changelog) "Restricted image size in address bar, page bar and page/window cycler. This addresses issue reported in GreyMagic security advisory GM#007-OP: wide favicons could cover URL in the address line." I made two patches, one that just bumps to the new version and one that also addes the spell-use-flag (see Bug #51183), so that aspell is not needed for opera. Please note, that I added the variable OPERAFTPDIR to the ebuild, so it is much easier to change the SRC_URI in the future. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Created attachment 32579 [details, diff] opera-7.51.ebuild.patch
Created attachment 32580 [details, diff] opera-7.51.ebuild.spell.patch
added and marked stable on x86
sparc, please mark stable.
Created attachment 32584 [details, diff] opera-7.51.ebuild.patch (makes einfo depend on spell-flag) I forgot to remove the einfo-message for users that do not install spell-support. I changed that in this patch.
Stable on sparc.
Not sure this is GLSA worth... security, please vote
I vote no on a GLSA. There's no threat to the user's system; the phishing threat is probably not even that great given our audience (of hopefully-sensible users). Regardless, there's no *direct* threat here to systems running the vulnerable version and I haven't seen anyone else release advisories. Opera is probably not used by more than 5% of our users (anyone care to correct me? I know I hate the banner ads) and so the chance of ``exploitation'' is minimal.
I second Krispykringle no need for a GLSA. There is no direct threat and the issue is really minor. Remove the old vulnerable ebuilds and be done with it.
Closed without GLSA
*** Bug 53240 has been marked as a duplicate of this bug. ***