| |||||||||||||||||||
Mageia alert MGASA-2012-0326 (opera)
MGASA-2012-0326 Date: November 7th, 2012 Affected releases: 1, 2 Description: Opera 12.10 fixes several security and stability issues found in previous versions and contains new and improved features. Fixed an issue that could cause Opera not to correctly check for certificate revocation. (kb 1029) Fixed an issue where CORS requests could incorrectly retrieve contents of cross origin pages. (kb 1030) Fixed an issue where data URIs could be used to facilitate Cross-Site Scripting. (kb 1031) Fixed a high severity issue, as reported by Gareth Heyes; details will be disclosed at a later date. Fixed an issue where specially crafted SVG images could allow execution of arbitrary code, as reported by Attila Suszter. (kb 1033) Fixed a moderate severity issue, as reported by the Google Security Group; details will be disclosed at a later date. Additionally, the opera package now suggests gstreamer0.10-plugins-good so that HTML5 audio in WAV format will work in the case the package was not already installed. For a complete list of changes including the non-security fixes, see the refereced changelog. Updated Packages: Mageia 1: opera-12.10-1.mga1 Mageia 2: opera-12.10-1.1.mga2 References: http://www.opera.com/support/kb/view/1029/ http://www.opera.com/support/kb/view/1030/ http://www.opera.com/support/kb/view/1031/ http://www.opera.com/support/kb/view/1033/ http://www.opera.com/docs/changelogs/unified/1210/ https://bugs.mageia.org/show_bug.cgi?id=8007 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||