VuXML: opera -- multiple vulnerabilities

Affected packages

linux-opera

11.60

opera

11.60

opera-devel

11.60,1

Details

VuXML ID	a4a809d8-25c8-11e1-b531-00215c6a37bb
Discovery	2011-12-06
Entry	2011-12-13

VuXML ID

a4a809d8-25c8-11e1-b531-00215c6a37bb

Discovery

2011-12-06

Entry

2011-12-13

Opera software reports:

Fixed a moderately severe issue; details will be disclosed at a later date

Fixed an issue that could allow pages to set cookies or communicate cross-site for some top level domains; see our advisory

Improved handling of certificate revocation corner cases

Added a fix for a weakness in the SSL v3.0 and TLS 1.0 specifications, as reported by Thai Duong and Juliano Rizzo; see our advisory

Fixed an issue where the JavaScript "in" operator allowed leakage of cross-domain information, as reported by David Bloom; see our advisory

[source]

References

CVE Name	CVE-2011-3389
CVE Name	CVE-2011-4681
CVE Name	CVE-2011-4682
CVE Name	CVE-2011-4683
URL	http://www.opera.com/support/kb/view/1003/
URL	http://www.opera.com/support/kb/view/1004/
URL	http://www.opera.com/support/kb/view/1005/