Bug 10693 - Security update request for opera, to 12.16
: Security update request for opera, to 12.16
Product: Mageia
Classification: Unclassified
Component: Security
: 3
: All Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
: Sec team
: MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64...
: Security, validated_update
  Show dependency treegraph
Reported: 2013-07-04 19:53 CEST by Anssi Hannula
Modified: 2014-05-08 18:07 CEST (History)
2 users (show)

See Also:
Source RPM: opera
Status comment:


Description Anssi Hannula 2013-07-04 19:53:09 CEST
Opera 12.16 has been pushed to mga2+mga3 nonfree/updates_testing.

This addresses at least this upstream advisory:

I'll add a comment with the suggested update advisory as soon as the full changelog becomes available.

Comment 1 Dave Hodgins 2013-07-05 00:51:06 CEST
http://svnweb.mageia.org/advisories/10693.adv?sortby=date&view=log uploaded.

Testing complete on Mageia 2 and 3, i586 and x86_64.

Anssi, Should I go ahead and validate this update, or wait till the advisory
can be updated?
Comment 2 Anssi Hannula 2013-07-05 07:51:19 CEST
Let's wait a bit more (max 10 hours).
Comment 3 Anssi Hannula 2013-07-05 17:22:10 CEST
Suggested advisory:
description: |
  Opera 12.16 contains a replaced code signing certificate.
  Opera Software recently experienced an attack on the internal infrastructure.
  Following best practices, Opera Software is replacing signing certificates in
  Opera with newly issued certificates. Certificates in Opera include the code
  signing certificate for desktop binaries and the signing certificate for
  automatic updates to browser.js. Opera's rootstore was not affected by the
  attack and certificates used for accessing HTTPS websites are unchanged by
  this update.
 - https://bugs.mageia.org/show_bug.cgi?id=10693
 - http://www.opera.com/docs/changelogs/unified/1216/
 - http://www.opera.com/security/advisory/1048

OK to validate.
Comment 4 claire robinson 2013-07-05 17:42:05 CEST
Thanks Anssi.

Validating. Advisory updated.

Could sysadmin please push from 2 & 3 nonfree/updates_testing to nonfree/updates

Comment 5 Nicolas Vigier 2013-07-06 16:31:19 CEST

Note You need to log in before you can comment on or make changes to this bug.