MGASA-2012-0121
| Date: | June 19th, 2012 |
| Affected releases: | 1, 2 |
Description:
Opera 12.00 fixes several security and stability issues found
in previous versions and contains new and improved features.
Fixed an issue where hidden keyboard navigation could allow cross site
scripting or code execution, as reported by Jordi Chancel.
http://www.opera.com/support/kb/view/1021/
Fixed an issue where a combination of clicks and key presses could lead
to cross site scripting or code execution, as reported by Jordi Chancel.
http://www.opera.com/support/kb/view/1020/
Fixed an issue where cross-domain JSON resources may be exposed as
JavaScript variable data.
http://www.opera.com/support/kb/view/1019/
Fixed an issue where carefully timed reloads, redirects, and navigation
could spoof the address field, as reported by Jordi Chancel.
http://www.opera.com/support/kb/view/1018/
Fixed an issue where pages could prevent navigation to a target page,
spoofing the address field, as reported by Code Audit Labs of vulnhunt.com.
http://www.opera.com/support/kb/view/1022/
For a complete list of changes including the non-security fixes, see
http://www.opera.com/docs/changelogs/unix/1200/
Updated Packages:
Mageia 1:
opera-12.00-1.1.mga1
Mageia 2:
opera-12.00-1.1.mga2
References:
https://bugs.mageia.org/show_bug.cgi?id=6465
