Changes and improvements since Opera 9.63:
Security:
- Fixed an issue where specially crafted JPEG images ccould be used to execute arbitrary code, as reported by Tavis Ormandy of the Google Security Team; see our advisory
- Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by Adam Barth; details will be disclosed at a later date.
- Fixed a moderately severe issue; details will be disclosed at a later date.
- Added Untrusted Rootstore Capability:
- Opera downloads only the detailed information about untrusted (blacklisted) certificates when they are encountered
- If download fails for certificate information in the list, Opera considers any certificate matching the ID as untrusted
- Added version conditional fetching of certificate dependencies from an online repository
- Fixed a problem downloading the CRL (Certificate Revocation List)
- Fixed a problem that could cause SSL to deadlock in one state, hanging the connection
- Fixed a problem that could cause the incorrect calculation of Certificate IDs
- Implemented Extended Validation (EV) for cross-signed EV Root Certificates not shipped by default
- Implemented preshipping of the Entrust 2048 CA (Certificate Authority)
- Implemented Root Certificate fetching from an online repository when an intermediate matches a certificate in the repository
- Improved support for weak encryption when importing .p12 private certificates
- Prevented security information documents from being written to disk
Miscellaneous:
- Fixed a problem which created separate feed notifications; Opera now groups them together
- Fixed a problem with the backspace key event in the Flash plug-in
- Fixed a problem with inline find when no text was entered, and the Enter key was pressed
- Fixed an instability error with the 64 bit Linux version
Die neue Version gibt es wie immer hier, oder man setzt in seine /etc/apt/sources.list eine der genannten Repositories ein. Wobei letzteres im Moment ein wenig Fehlerbehaftet zu sein scheint, da aptitude einen Fehler in der Signatur meldet und der “Opera Software Archive Automatic Signing Key” ungültig ist.
Ich hoffe, dies wird bald begradigt.