[security-announce] openSUSE-SU-2013:0129-1: important: Recommended to 12.10
openSUSE Security Update: Recommended to 12.10 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0129-1 Rating: important References: #788321 Affected Products: openSUSE 11.4/standard/i586/patchinfo.7 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Fixed security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate Cross-Site Scripting; -a high severity issue, as reported by Gareth Heyes; details will be disclosed at a later date -an issue where specially crafted SVG images could allow execution of arbitrary code; -a moderate severity issue, as reported by the Google Security Group; details will be disclosed at a later date Full changelog available at: http://www.opera.com/docs/changelogs/unix/1210 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4/standard/i586/patchinfo.7: zypper in -t patch 2012-3 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4/standard/i586/patchinfo.7 (i586 x86_64): opera-12.10-36.1 opera-gtk-12.10-36.1 opera-kde4-12.10-36.1 References: https://bugzilla.novell.com/788321 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
participants (1)
-
opensuse-security@opensuse.org