From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Aug 20 08:50:03 2008 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A82C1106566C for ; Wed, 20 Aug 2008 08:50:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 8051B8FC20 for ; Wed, 20 Aug 2008 08:50:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m7K8o3Ap009860 for ; Wed, 20 Aug 2008 08:50:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m7K8o37R009859; Wed, 20 Aug 2008 08:50:03 GMT (envelope-from gnats) Resent-Date: Wed, 20 Aug 2008 08:50:03 GMT Resent-Message-Id: <200808200850.m7K8o37R009859@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Arjan van Leeuwen" Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36AA11065673 for ; Wed, 20 Aug 2008 08:40:57 +0000 (UTC) (envelope-from freebsd-maintainer@opera.com) Received: from mail.opera.com (mail.opera.com [213.236.208.66]) by mx1.freebsd.org (Postfix) with ESMTP id 9AC7F8FC28 for ; Wed, 20 Aug 2008 08:40:56 +0000 (UTC) (envelope-from freebsd-maintainer@opera.com) Received: from arjanl.oslo.osa (sgw-oslo.opera.com [213.236.208.47]) by mail.opera.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id m7K8RvqM015855 for ; Wed, 20 Aug 2008 08:27:59 GMT Message-Id: <1219220912.98539@arjanl.oslo.osa> Date: Wed, 20 Aug 2008 10:28:32 +0200 From: "Arjan van Leeuwen" To: "FreeBSD gnats submit" X-Send-Pr-Version: gtk-send-pr 0.4.9 Cc: Subject: ports/126677: Update www/opera to version 9.52 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2008 08:50:03 -0000 >Number: 126677 >Category: ports >Synopsis: Update www/opera to version 9.52 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Wed Aug 20 08:50:03 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Arjan van Leeuwen >Release: FreeBSD 7.0-STABLE amd64 >Organization: Opera Software ASA >Environment: System: FreeBSD 7.0-STABLE #0: Mon Aug 4 14:28:57 CEST 2008 root@arjanl.oslo.osa:/usr/obj/usr/src/sys/GENERIC >Description: This patch updates Opera (www/opera) to version 9.52. This version fixes several security issues.A diss for vuln.xml is also attached. Full changelog: http://www.opera.com/docs/changelogs/freebsd/952/ >How-To-Repeat: >Fix: --- opera.diff begins here --- diff -urN /usr/ports/www/opera/Makefile opera/Makefile --- /usr/ports/www/opera/Makefile 2008-07-04 15:11:09.000000000 +0200 +++ opera/Makefile 2008-08-20 09:44:08.042304827 +0200 @@ -24,16 +24,16 @@ ${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/opera/unix/freebsd/${OPERA_VER:S/.//}${OPERA_MINVER}/${OPERA_REL}/en/${OPERA_ARCH}/${OPERA_LIB}/&,} \ http://T32.TecNik93.com/FreeBSD/others_ports/${PORTNAME}${PKGNAMESUFFIX}/sources/ # http://www.opera.mirroarrr.de/unix/freebsd/${OPERA_VER:S/.//}${OPERA_MINVER}/${OPERA_REL}/en/${OPERA_LIB}/ \ -DISTNAME= ${PORTNAME}-${OPERA_VER}${OPERA_MINVER}-freebsd${OPERA_TYPE}-shared-qt3.${ARCH} +DISTNAME= ${PORTNAME}-${OPERA_VER}${OPERA_MINVER}-${OPERA_BUILD}.freebsd${OPERA_TYPE}-shared-qt3.${ARCH} MAINTAINER= freebsd-maintainer@opera.com COMMENT= Blazingly fast, full-featured, standards-compliant browser, devel version -OPERA_VER= 9.51 +OPERA_VER= 9.52 OPERA_MINVER= OPERA_REL= final -OPERA_DATE= 20080630 -OPERA_BUILD= 2061 +OPERA_DATE= 20080814 +OPERA_BUILD= 2091 OPERA_LIB= shared DATADIR= ${PREFIX}/share/${PORTNAME}${PKGNAMESUFFIX} diff -urN /usr/ports/www/opera/distinfo opera/distinfo --- /usr/ports/www/opera/distinfo 2008-07-04 00:00:48.000000000 +0200 +++ opera/distinfo 2008-08-20 09:43:39.409673306 +0200 @@ -1,15 +1,15 @@ -MD5 (opera-9.51-freebsd5-shared-qt3.i386.tar.bz2) = 14918e18face028c1e4f39ac5b8b64bd -SHA256 (opera-9.51-freebsd5-shared-qt3.i386.tar.bz2) = 77471011691d077dedd57220d1ff44427378b1f6f4c799027657212fb513e6be -SIZE (opera-9.51-freebsd5-shared-qt3.i386.tar.bz2) = 7104276 -MD5 (opera-9.51-freebsd6-shared-qt3.amd64.tar.bz2) = 687f3d29df7c02c1cc5e93b923a0347f -SHA256 (opera-9.51-freebsd6-shared-qt3.amd64.tar.bz2) = 10dfeaa20492c62c88574e8ddcfd1e5570d3759b301fcb8c7aede0af5c0d4f3a -SIZE (opera-9.51-freebsd6-shared-qt3.amd64.tar.bz2) = 7609790 -MD5 (opera-9.51-freebsd6-shared-qt3.i386.tar.bz2) = 2191de71f568593b10427337e7bb8754 -SHA256 (opera-9.51-freebsd6-shared-qt3.i386.tar.bz2) = e87cdd264c3ca0b1d0957f31373df4080b86b348f2f8c3bd1eb818b178be179b -SIZE (opera-9.51-freebsd6-shared-qt3.i386.tar.bz2) = 7107407 -MD5 (opera-9.51-freebsd7-shared-qt3.amd64.tar.bz2) = e2f1b7fdbdc16c1f005be08e4fa863ff -SHA256 (opera-9.51-freebsd7-shared-qt3.amd64.tar.bz2) = c062f0fe7ef1086f0d6cbde5c73257711beb888006a1bc3746c5021c6f7e8d74 -SIZE (opera-9.51-freebsd7-shared-qt3.amd64.tar.bz2) = 7522320 -MD5 (opera-9.51-freebsd7-shared-qt3.i386.tar.bz2) = 97aba5cdb35a1b43607e225556b8e09b -SHA256 (opera-9.51-freebsd7-shared-qt3.i386.tar.bz2) = ca1d766a00d3ccd363ad6098aaa79879d09849145230c9f98d141989453f37b2 -SIZE (opera-9.51-freebsd7-shared-qt3.i386.tar.bz2) = 6986633 +MD5 (opera-9.52-2091.freebsd5-shared-qt3.i386.tar.bz2) = 3b1988c02e56f6d38bd1818c81c1cfc7 +SHA256 (opera-9.52-2091.freebsd5-shared-qt3.i386.tar.bz2) = 22c3d3692ed8162de45fbd6072378dda729172d32729f77b037bf758974ffb07 +SIZE (opera-9.52-2091.freebsd5-shared-qt3.i386.tar.bz2) = 7113343 +MD5 (opera-9.52-2091.freebsd6-shared-qt3.i386.tar.bz2) = d238cfe02bbe8066fced46ff792fab4e +SHA256 (opera-9.52-2091.freebsd6-shared-qt3.i386.tar.bz2) = beba06e2f0f9671a86fa382fdfb8655fa0dd779a81e58ff50564e9f81b87b260 +SIZE (opera-9.52-2091.freebsd6-shared-qt3.i386.tar.bz2) = 7115380 +MD5 (opera-9.52-2091.freebsd6-shared-qt3.amd64.tar.bz2) = ff22f6cd6958935119779898f94aef7f +SHA256 (opera-9.52-2091.freebsd6-shared-qt3.amd64.tar.bz2) = d22bef226ec7b9be5984917ca612bde10963e71f7b2d260d7b8ae31154492f50 +SIZE (opera-9.52-2091.freebsd6-shared-qt3.amd64.tar.bz2) = 7617428 +MD5 (opera-9.52-2091.freebsd7-shared-qt3.i386.tar.bz2) = 1bda34a20680b4aee382ba93366f4cb7 +SHA256 (opera-9.52-2091.freebsd7-shared-qt3.i386.tar.bz2) = 57c0acb1a5a64def126ce3b851198cb0a697cdc322fb65f21c775d4e71c1b7b6 +SIZE (opera-9.52-2091.freebsd7-shared-qt3.i386.tar.bz2) = 6995225 +MD5 (opera-9.52-2091.freebsd7-shared-qt3.amd64.tar.bz2) = 8f0319c43136ff5c4bad92994684cda3 +SHA256 (opera-9.52-2091.freebsd7-shared-qt3.amd64.tar.bz2) = 2c1c549be7e48b5262bd6185ff6aa779fc636167904b5ed4c5d5bc448f818b9c +SIZE (opera-9.52-2091.freebsd7-shared-qt3.amd64.tar.bz2) = 7531704 --- opera.diff ends here --- --- vuln.xml.diff begins here --- --- vuln.xml.orig 2008-08-20 10:26:52.453553533 +0200 +++ vuln.xml 2008-08-20 10:25:14.179612991 +0200 @@ -34,6 +34,157 @@ --> + + opera -- Sites can change framed content on other sites + + + opera + 9.52.20080814 + + + + +
+

Scripts are able to change the addresses of framed pages that + come from the same site. Due to a flaw in the way that Opera checks + what frames can be changed, a site can change the address of frames + on other sites inside any window that it has opened. This allows + sites to open pages from other sites, and display misleading + information on them.

+
+ + + + http://www.opera.com/support/search/view/893/ + + + 2008-08-14 + 2008-08-20 + + + + + opera -- Custom shortcuts can pass the wrong parameters to applications + + + opera + 9.52.20080814 + + + + +
+

Custom shortcut and menu commands can be used to activate external + applications. In some cases, the parameters passed to these + applications are not prepared correctly, and may be created from + uninitialized memory. These may be misinterpreted as additional + parameters, and depending on the application, this could allow execution + of arbitrary code.

+

Successful exploitation requires convincing the user to modify their + shortcuts or menu files appropriately, pointing to an appropriate target + application, then to activate that shortcut at an appropriate time. To + inject code, additional means will have to be employed.

+
+ + + + http://www.opera.com/support/search/view/894/ + + + 2008-08-14 + 2008-08-20 + + + + + opera -- Insecure pages can show incorrect security information + + + opera + 9.52.20080814 + + + + +
+

When insecure pages load content from secure sites into a frame, + they can cause Opera to incorrectly report the insecure site as + being secure. The padlock icon will incorrectly be shown, and the + security information dialog will state that the connection is secure, + but without any certificate information.

+
+ + + + http://www.opera.com/support/search/view/895/ + + + 2008-08-14 + 2008-08-20 + + + + + opera -- Feed links can link to local files + + + opera + 9.52.20080814 + + + + +
+

As a security precaution, Opera does not allow Web pages to + link to files on the user's local disk. However, a flaw exists + that allows Web pages to link to feed source files on the + user's computer. Suitable detection of JavaScript events and + appropriate manipulation can unreliably allow a script to + detect the difference between successful and unsuccessful + subscriptions to these files, to allow it to discover if the + file exists or not. In most cases the attempt will fail.

+
+ + + + http://www.opera.com/support/search/view/896/ + + + 2008-08-14 + 2008-08-20 + + + + + opera -- Feed subscription can cause the wrong page address to be displayed + + + opera + 9.52.20080814 + + + + +
+

It has been reported that when a user subscribes to a news + feed using the feed subscription button, the page address + can be changed. This causes the address field not to update + correctly. Although this can mean that that misleading + information can be displayed in the address field, it can + only leave the attacking page's address in the address bar, + not a trusted third party address.

+
+ + + + http://www.opera.com/support/search/view/897 + + + 2008-08-14 + 2008-08-20 + + + cdf3 -- Buffer overflow vulnerability --- vuln.xml.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted: