[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-security-announce
Subject: [security-announce] openSUSE-SU-2012:1481-1: important: opera to 12.10
From: opensuse-security () opensuse ! org
Date: 2012-11-14 16:08:37
Message-ID: 20121114160837.AFE9E32336 () maintenance ! suse ! de
[Download RAW message or body]
openSUSE Security Update: opera to 12.10
______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:1481-1
Rating: important
References: #788321
Affected Products:
openSUSE 12.2
openSUSE 12.1
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This Opera 12.10 security update fixes following security
issues:
-an issue that could cause Opera not to correctly check for
certificate revocation;
-an issue where CORS requests could incorrectly retrieve
contents of cross origin pages;
-an issue where data URIs could be used to facilitate
Cross-Site Scripting;
-a high severity issue, as reported by Gareth Heyes;
details will be disclosed at a later date
-an issue where specially crafted SVG images could allow
execution of arbitrary code;
-a moderate severity issue, as reported by the Google
Security Group; details will be disclosed at a later date
Full changelog available at:
http://www.opera.com/docs/changelogs/unix/1210
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.2:
zypper in -t patch openSUSE-2012-777
- openSUSE 12.1:
zypper in -t patch openSUSE-2012-777
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 12.2 (i586 x86_64):
opera-12.10-6.1
opera-gtk-12.10-6.1
opera-kde4-12.10-6.1
- openSUSE 12.1 (i586 x86_64):
opera-12.10-26.1
opera-gtk-12.10-26.1
opera-kde4-12.10-26.1
References:
https://bugzilla.novell.com/788321
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic