funsec mailing list archives
Opera patched its browser in secret
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 9 Jan 2007 00:22:41 +0200 (EET)
What the Heise Security article reports: "In both [JPG and SVG] cases, both the Windows and the Linux version of Opera 9.02 are affected, as older versions probably are, too. The change log for Opera 9.10 does not contain any indication of these vulnerabilities in the section on security. Instead, the release seems to have been sold as a cosmetic matter, which may have led a number of users to postpone the update." The official changelog still has no any information (Security section): http://www.opera.com/docs/changelogs/windows/910/ It appears that Opera Software only released http://www.opera.com/support/search/supsearch.dml?index=851 and http://www.opera.com/support/search/supsearch.dml?index=852 'Last edited: 2007-01-05' It is the same day when iDefense Labs pushed their advisories out. Secunia said Highly Critical (4/5) and FrSIRT Critical Risk (4/4). Not a good sign from Opera to hide the vulnerabilities, when they knew that iDefense will publish the information however. More at http://www.heise-security.co.uk/news/83279 - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Opera patched its browser in secret Juha-Matti Laurio (Jan 08)