Bug 8993 - Bugfix update for opera in nonfree updates testing without a bug report.
Summary: Bugfix update for opera in nonfree updates testing without a bug report.
Status: RESOLVED DUPLICATE of bug 8996
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 2
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: MGA2-64-OK MGA2-32-OK
Keywords: Security, validated_update
Depends on:
Blocks:
 
Reported: 2013-02-07 23:33 CET by Dave Hodgins
Modified: 2013-02-08 10:14 CET (History)
2 users (show)

See Also:
Source RPM: opera-12.14-1.mga2.nonfree.src.rpm
CVE:
Status comment:


Attachments

Description Dave Hodgins 2013-02-07 23:33:52 CET
Opera 12.14 is in Nonfree Updates Testing, but no bug report has
been assigned to qa.

Creating this bug report, so the update can be validated.
Comment 1 Dave Hodgins 2013-02-07 23:39:32 CET
Testing complete on Mageia 2 i586 and x86_64.

Could someone from the sysadmin team push the srpm
opera-12.14-1.mga2.nonfree.src.rpm
from Mageia 2 Nonfree Updates Testing to Nonfree Updates.

Advisory: Opera 12.14 update addresses a re-occuring crash, when updating
two or more extensions at one time.

https://bugs.mageia.org/show_bug.cgi?id=8993

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: (none) => MGA2-64-OK MGA2-32-OK

Comment 2 Anssi Hannula 2013-02-07 23:48:54 CET
Better advisory:

Suggested advisory
===================
Opera 12.14 contains fixes to several security and stability issues found in 12.12 and earlier versions and contains other general fixes.

Fixed an issue where DOM events manipulation might be used to execute arbitrary code, as reported by Arthur Gerkis. (kb 1042, high severity)

Fixed an issue where use of SVG clipPaths could allow execution of arbitrary code, as reported by anonymous via the iSIGHT Partners GVP Program. (kb 1043, high severity)

Fixed an issue where TLS response timings could indicate network contents, as reported by Nadhem AlFardan and Kenny Paterson. (kb 1044, low severity)

Fixed an issue where CORS requests could omit the preflight request, as reported by webpentest. (kb 1045, low severity)

For a complete list of changes including the non-security fixes, see the
referenced changelog pages.

http://www.opera.com/support/kb/view/1042/
http://www.opera.com/support/kb/view/1043/
http://www.opera.com/support/kb/view/1044/
http://www.opera.com/support/kb/view/1045/
http://www.opera.com/docs/changelogs/unified/1213/
http://www.opera.com/docs/changelogs/unified/1214/
====================

Keywords: (none) => Security
CC: (none) => anssi.hannula
Component: RPM Packages => Security

Comment 3 claire robinson 2013-02-08 10:14:37 CET

*** This bug has been marked as a duplicate of bug 8996 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE


Note You need to log in before you can comment on or make changes to this bug.