Opera 12.01 has been pushed to mga1+mga2 nonfree/updates_testing by funda. Suggested advisory =================== Opera 12.01 fixes several security and stability issues found in previous versions. Re-fixed an issue where certain URL constructs could allow arbitrary code execution, as reported by Andrey Stroganov (Critical severity). http://www.opera.com/support/kb/view/1016/ Fixed an issue where certain characters in HTML could incorrectly be ignored, which could facilitate XSS attacks (High severity). http://www.opera.com/support/kb/view/1026/ Fixed another issue where small windows could be used to trick users into executing downloads as reported by Jordi Chancel (High severity). http://www.opera.com/support/kb/view/1027/ Fixed an issue where an element's HTML content could be incorrectly returned without escaping, bypassing some HTML sanitizers (High severity). http://www.opera.com/support/kb/view/1025/ An undisclosed low severity issue has also been fixed. For a complete list of changes including the non-security fixes, see http://www.opera.com/docs/changelogs/unix/120/ ==================== Packages: opera-12.01-1.mga1.nonfree opera-12.01-1.mga2.nonfree
The URL in the last line of advisory should read: http://www.opera.com/docs/changelogs/unix/1201/
CC: (none) => stormiComponent: RPM Packages => Security
Does this package fix the missing requires from Bug 6529? libgstautodetect.so libgstogg.so libgsttheora.so libgstvorbis.so libgstwavparse.so If it does, then this will be affected by bug 2317.
CC: (none) => davidwhodgins
Testing complete on Mageia 2 x86-64 using email, nntp, rss, general web browsing, flash and a java applet. I'll test Mageia 2 i586 shortly.
Whiteboard: (none) => MGA1TOO MGA2-64-OK
Testing complete on Mageia 2 i586. I'll test Mageia 1 x86-64 shortly.
Whiteboard: MGA1TOO MGA2-64-OK => MGA1TOO MGA2-64-OK MGA2-32-OK
Testing complete on Mageia 1 x86-64. The depcheck script confirms that bug 6529 has not been fixed in this security update. I'll test Mageia 1 i586 shortly.
Whiteboard: MGA1TOO MGA2-64-OK MGA2-32-OK => MGA1TOO MGA2-64-OK MGA2-32-OK MGA1-64-OK
Testing complete. Could someone from the sysadmin team push the srpm opera-12.01-1.mga2.nonfree from Mageia 2 Nonfree Updates Testing to Nonfree Updates and the srpm opera-12.01-1.mga1.nonfree from Mageia 1 Nonfree Updates Testing to Nonfree Updates. Advisory: Opera 12.01 fixes several security and stability issues found in previous versions. Re-fixed an issue where certain URL constructs could allow arbitrary code execution, as reported by Andrey Stroganov (Critical severity). http://www.opera.com/support/kb/view/1016/ Fixed an issue where certain characters in HTML could incorrectly be ignored, which could facilitate XSS attacks (High severity). http://www.opera.com/support/kb/view/1026/ Fixed another issue where small windows could be used to trick users into executing downloads as reported by Jordi Chancel (High severity). http://www.opera.com/support/kb/view/1027/ Fixed an issue where an element's HTML content could be incorrectly returned without escaping, bypassing some HTML sanitizers (High severity). http://www.opera.com/support/kb/view/1025/ An undisclosed low severity issue has also been fixed. For a complete list of changes including the non-security fixes, see http://www.opera.com/docs/changelogs/unix/120/ https://bugs.mageia.org/show_bug.cgi?id=6934
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: MGA1TOO MGA2-64-OK MGA2-32-OK MGA1-64-OK => MGA1TOO MGA2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0197
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED