FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371418
Date:      2014-10-24
Time:      01:58:13Z
Committer: zi

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2eda0c54-34ab-11e0-8103-00215c6a37bbopera -- multiple vulnerabilities

Opera reports:

Opera 11.01 is a recommended upgrade offering security and stability enhancements.

The following security vulnerabilities have been fixed:

  • Removed support for "javascript:" URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS.
  • Fixed an issue where large form inputs could allow execution of arbitrary code, as reported by Jordi Chancel; see our advisory.
  • Fixed an issue which made it possible to carry out clickjacking attacks against internal opera: URLs; see our advisory.
  • Fixed issues which allowed web pages to gain limited access to files on the user's computer; see our advisory.
  • Fixed an issue where email passwords were not immediately deleted when deleting private data; see our advisory.

Discovery 2011-01-26
Entry 2011-02-10
opera
opera-devel
linux-opera
lt 11.01

CVE-2011-0450
CVE-2011-0681
CVE-2011-0682
CVE-2011-0683
CVE-2011-0684
CVE-2011-0685
CVE-2011-0686
CVE-2011-0687
http://www.opera.com/support/kb/view/982/
http://www.opera.com/support/kb/view/983/
http://www.opera.com/support/kb/view/984/
http://secunia.com/advisories/43023
a4a809d8-25c8-11e1-b531-00215c6a37bbopera -- multiple vulnerabilities

Opera software reports:

  • Fixed a moderately severe issue; details will be disclosed at a later date
  • Fixed an issue that could allow pages to set cookies or communicate cross-site for some top level domains; see our advisory
  • Improved handling of certificate revocation corner cases
  • Added a fix for a weakness in the SSL v3.0 and TLS 1.0 specifications, as reported by Thai Duong and Juliano Rizzo; see our advisory
  • Fixed an issue where the JavaScript "in" operator allowed leakage of cross-domain information, as reported by David Bloom; see our advisory

Discovery 2011-12-06
Entry 2011-12-13
opera
linux-opera
lt 11.60

opera-devel
lt 11.60,1

CVE-2011-3389
CVE-2011-4681
CVE-2011-4682
CVE-2011-4683
http://www.opera.com/support/kb/view/1003/
http://www.opera.com/support/kb/view/1004/
http://www.opera.com/support/kb/view/1005/
e666498a-852a-11e0-8f78-080027ef73ecOpera -- code injection vulnerability through broken frameset handling

Opera Software ASA reports:

Fixed an issue with framesets that could allow execution of arbitrary code, as reported by an anonymous contributor working with the SecuriTeam Secure Disclosure program.


Discovery 2011-05-18
Entry 2011-05-23
opera
lt 11.11

opera-devel
lt 11.11

linux-opera
lt 11.11

http://www.opera.com/docs/changelogs/unix/1111/
http://www.opera.com/support/kb/view/992/
e666498a-852a-11e0-8f78-080027ef73ecOpera -- code injection vulnerability through broken frameset handling

Opera Software ASA reports:

Fixed an issue with framesets that could allow execution of arbitrary code, as reported by an anonymous contributor working with the SecuriTeam Secure Disclosure program.


Discovery 2011-05-18
Entry 2011-05-23
opera
lt 11.11

opera-devel
lt 11.11

linux-opera
lt 11.11

http://www.opera.com/docs/changelogs/unix/1111/
http://www.opera.com/support/kb/view/992/
a4a809d8-25c8-11e1-b531-00215c6a37bbopera -- multiple vulnerabilities

Opera software reports:

  • Fixed a moderately severe issue; details will be disclosed at a later date
  • Fixed an issue that could allow pages to set cookies or communicate cross-site for some top level domains; see our advisory
  • Improved handling of certificate revocation corner cases
  • Added a fix for a weakness in the SSL v3.0 and TLS 1.0 specifications, as reported by Thai Duong and Juliano Rizzo; see our advisory
  • Fixed an issue where the JavaScript "in" operator allowed leakage of cross-domain information, as reported by David Bloom; see our advisory

Discovery 2011-12-06
Entry 2011-12-13
opera
linux-opera
lt 11.60

opera-devel
lt 11.60,1

CVE-2011-3389
CVE-2011-4681
CVE-2011-4682
CVE-2011-4683
http://www.opera.com/support/kb/view/1003/
http://www.opera.com/support/kb/view/1004/
http://www.opera.com/support/kb/view/1005/
2eda0c54-34ab-11e0-8103-00215c6a37bbopera -- multiple vulnerabilities

Opera reports:

Opera 11.01 is a recommended upgrade offering security and stability enhancements.

The following security vulnerabilities have been fixed:

  • Removed support for "javascript:" URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS.
  • Fixed an issue where large form inputs could allow execution of arbitrary code, as reported by Jordi Chancel; see our advisory.
  • Fixed an issue which made it possible to carry out clickjacking attacks against internal opera: URLs; see our advisory.
  • Fixed issues which allowed web pages to gain limited access to files on the user's computer; see our advisory.
  • Fixed an issue where email passwords were not immediately deleted when deleting private data; see our advisory.

Discovery 2011-01-26
Entry 2011-02-10
opera
opera-devel
linux-opera
lt 11.01

CVE-2011-0450
CVE-2011-0681
CVE-2011-0682
CVE-2011-0683
CVE-2011-0684
CVE-2011-0685
CVE-2011-0686
CVE-2011-0687
http://www.opera.com/support/kb/view/982/
http://www.opera.com/support/kb/view/983/
http://www.opera.com/support/kb/view/984/
http://secunia.com/advisories/43023