Mailinglist Archive: opensuse-security-announce (23 mails)

< Previous Next >
[security-announce] openSUSE-SU-2012:1481-1: important: opera to 12.10
openSUSE Security Update: opera to 12.10
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:1481-1
Rating: important
References: #788321
Affected Products:
openSUSE 12.2
openSUSE 12.1
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This Opera 12.10 security update fixes following security
issues:
-an issue that could cause Opera not to correctly check for
certificate revocation;
-an issue where CORS requests could incorrectly retrieve
contents of cross origin pages;
-an issue where data URIs could be used to facilitate
Cross-Site Scripting;
-a high severity issue, as reported by Gareth Heyes;
details will be disclosed at a later date
-an issue where specially crafted SVG images could allow
execution of arbitrary code;
-a moderate severity issue, as reported by the Google
Security Group; details will be disclosed at a later date

Full changelog available at:
http://www.opera.com/docs/changelogs/unix/1210


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2012-777

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-777

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.2 (i586 x86_64):

opera-12.10-6.1
opera-gtk-12.10-6.1
opera-kde4-12.10-6.1

- openSUSE 12.1 (i586 x86_64):

opera-12.10-26.1
opera-gtk-12.10-26.1
opera-kde4-12.10-26.1


References:

https://bugzilla.novell.com/788321

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages