| |||||||||||||||||||
Mageia alert MGASA-2013-0043 (opera)
MGASA-2013-0043 Date: February 8th, 2013 Affected releases: 2 Media: Nonfree Description: Opera 12.14 contains fixes to several security and stability issues found in 12.12 and earlier versions and contains other general fixes. Fixed an issue where DOM events manipulation might be used to execute arbitrary code, as reported by Arthur Gerkis. (kb 1042, high severity) Fixed an issue where use of SVG clipPaths could allow execution of arbitrary code, as reported by anonymous via the iSIGHT Partners GVP Program. (kb 1043, high severity) Fixed an issue where TLS response timings could indicate network contents, as reported by Nadhem AlFardan and Kenny Paterson. (kb 1044, low severity) Fixed an issue where CORS requests could omit the preflight request, as reported by webpentest. (kb 1045, low severity) For a complete list of changes including the non-security fixes, see the referenced changelog pages. Updated Packages: i586: opera-12.14-1.mga2.nonfree.i586.rpm x86_64: opera-12.14-1.mga2.nonfree.x86_64.rpm SRPMS: opera-12.14-1.mga2.nonfree.src.rpm References: http://www.opera.com/support/kb/view/1042/ http://www.opera.com/support/kb/view/1043/ http://www.opera.com/support/kb/view/1044/ http://www.opera.com/support/kb/view/1045/ http://www.opera.com/docs/changelogs/unified/1213/ http://www.opera.com/docs/changelogs/unified/1214/ https://bugs.mageia.org/show_bug.cgi?id=8996 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||