Opera 9.64 is a recommended security and stability upgrade, incorporating the
Opera Presto 2.1.1 user agent engine. Opera highly recommends all users to
upgrade to Opera 9.64 to take advantage of these improvements.
Changes and improvements since Opera 9.63:
Security:
- Fixed an issue where specially crafted JPEG images could be used to execute
arbitrary code, as reported by Tavis Ormandy of the Google Security Team
- Fixed an issue where plug-ins could be used to allow cross domain scripting,
as reported by Adam Barth; details will be disclosed at a later date.
- Fixed a moderately severe issue; details will be disclosed at a later date.
- Added Untrusted Rootstore Capability:
- Opera downloads only the detailed information about untrusted (blacklisted)
certificates when they are encountered
- If download fails for certificate information in the list, Opera considers
any certificate matching the ID as untrusted
- Added version conditional fetching of certificate dependencies from an online
repository
- Fixed a problem downloading the CRL (Certificate Revocation List)
- Fixed a problem that could cause SSL to deadlock in one state, hanging the
connection
- Fixed a problem that could cause the incorrect calculation of Certificate IDs
- Implemented Extended Validation (EV) for cross-signed EV Root Certificates
not shipped by default
- Implemented preshipping of the Entrust 2048 CA (Certificate Authority)
- Implemented Root Certificate fetching from an online repository when an
intermediate matches a certificate in the repository
- Improved support for weak encryption when importing .p12 private certificates
- Prevented security information documents from being written to disk
Miscellaneous:
- Fixed a problem which created separate feed notifications; Opera now groups
them together
- Fixed a problem with the backspace key event in the Flash plug-in
- Fixed a problem with inline find when no text was entered, and the Enter key
was pressed
PR: ports/132361
Submitted by: lioux@
Approved by: maintainer
Secuirty: http://www.opera.com/docs/changelogs/freebsd/964/
- drop 4.x support
- native amd64 binaries
- changed to the mail storage format
- changed shortcuts (part of the old one can be enabled back via Preferences)
- no search.ini FreeBSD customizations anymore (but it will keep your custom
searches)
See full log at:
http://www.opera.com/docs/changelogs/freebsd/950/
PR: ports/124678
Submitted by: Arjan van Leeuwen (maintainer)
www/opera:
- The maintainer has asked me to babysitting this while he's away for
vacation. He is gone for about five weeks started last Thursday.
- Some tweak with the plugins, I have added jdk13 and jdk14 support
but I have no idea if they will work since I don't have any FreeBSD
4.x to test. Please let me know if there has any issue.
- Does the spellcheck feature works in FreeBSD 4.x? Please, contract
me on this one too. If it works, then I will need to add a dependency
of aspell with a new WITHOUT_ASPELL knob.
- See the changelog for detail:
http://www.opera.com/freebsd/changelogs/753/
www/linux-opera:
- I didn't update it to 7.52, because it still doesn't fix the security
and the plugins was broke. The 7.53 has solved all of this to allow
me to update it.
- Please read in pkg-message about the changes of search.ini if you
have a custom of it. You will have to edit it or it will not work.
- See the changelog for detail:
7.52 = http://www.opera.com/linux/changelogs/752/
7.53 = http://www.opera.com/linux/changelogs/753/
Changelog available at http://www.opera.com/linux/changelogs/752/
<Note>
The file search.ini has been changed to ensure correct default
addresses for dictionary and encyclopedia searches. Existing
versions will be overwritten on upgrade. Users who have a
customized search.ini file that they would like to keep,
should edit its version number to 4 before upgrading. Note
that you have to edit the search.ini file located in the
/profile folder (Windows) or the /.opera folder.
[Version]
File Version=4
</Note>
Submitted by: Arjan van Leeuwen <avleeuwen@piwebs.com> (maintainer)
PR: 68782
It addresses these vulnerabilities:
- Addressing two issues reported by Jouko Pynnonen:
- Forced placement of downloaded skin-files in undesirable locations
- Buffer overflow when processing skins
- Additionally, added an OpenSSL ASN.1 patch
(from OpenSSL 0.9.6k, November 4, 2003)
Submitted by: Arjan van Leeuwen <avleeuwen@piwebs.com> (maintainer)
PR: 59542
- Security update specifically addressing the downloading
of setup files in Opera (bug reported by S.G. Masood)
- Fix for completion of help-file URL shortcuts
Submitted by: Arjan van Leeuwen <avleeuwen@piwebs.com> (maintainer)
PR: 59237
