Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 437
Alerts This Week
Warning Icon 1 437

openSUSE 12.2 & 12.1: 2012:1481-1 Important: Opera Security Issues

opensuse
Calendar Grey November 14, 2012
Dist Opensuse Esm H88
Apply essential security patches for Opera through openSUSE updates. Tackle significant vulnerabilities and ensure robust security.
An update that contains security fixes can now be installed

Description

This Opera 12.10 security update fixes following security

issues:

-an issue that could cause Opera not to correctly check for

certificate revocation;

-an issue where CORS requests could incorrectly retrieve

contents of cross origin pages;

-an issue where data URIs could be used to facilitate

Cross-Site Scripting;

-a high severity issue, as reported by Gareth Heyes;

details will be disclosed at a later date

-an issue where specially crafted SVG images could allow

execution of arbitrary code;

-a moderate severity issue, as reported by the Google

Security Group; details will be disclosed at a later date

Full changelog available at:

https://help.opera.com/en/latest/

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2012-777

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-777

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.2 (i586 x86_64):

opera-12.10-6.1

opera-gtk-12.10-6.1

opera-kde4-12.10-6.1

- openSUSE 12.1 (i586 x86_64):

opera-12.10-26.1

opera-gtk-12.10-26.1

opera-kde4-12.10-26.1

References

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:1481-1
Rating: important
Affected Products: openSUSE 12.2 openSUSE 12.1 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.