Skip to content

Vulnerabilidade do Opera Browser no Opensuse 11.x

From: opensuse-security@opensuse.org
To: opensuse-security-announce@opensuse.org
Subject: [security-announce] openSUSE-SU-2011:0688-1: important: opera
Date: Fri, 24 Jun 2011 15:08:26 +0200 (CEST)
Message-ID: <20110624130826.38F8A32350@maintenance.suse.de>

openSUSE Security Update: opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0688-1 Rating: important References: #694567 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. It includes one version update.

Description: opera 11.11 fixes a security vulnerability.

Citing http://www.opera.com/support/kb/view/992/:

Framesets allow web pages to hold other pages inside them.

Certain frameset constructs are not handled correctly when the page is unloaded, causing a memory corruption.

To inject code, additional techniques will have to be employed. Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

– openSUSE 11.4: zypper in -t patch opera-4588 – openSUSE 11.3: zypper in -t patch opera-4588 To bring your system up-to-date, use “zypper patch”. Package List: – openSUSE 11.4 (i586 x86_64) [New Version: 11.11]: opera-11.11-1.2.1 opera-gtk-11.11-1.2.1 opera-kde4-11.11-1.2.1

– openSUSE 11.3 (i586 x86_64) [New Version: 11.11]: opera-11.11-1.2.1 opera-gtk-11.11-1.2.1 opera-kde4-11.11-1.2.1

References: https://bugzilla.novell.com/694567

Fonte: http://lwn.net/Articles/449150/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.