Opera Desktop Team

9.26 - coming soon!

By Claudio Santambrogio. Thursday, 14. February 2008, 15:51:44

stability, security, desktop, 9.26, Merlin, Opera

Stability fixes are coming your way! We are looking into releasing an update to Merlin: 9.26. It will address several stability issues, mainly on Mac where we have received several reports that we have been having trouble to reproduce. So, feedback from you is welcome! Furthermore, we are fixing a stability issue with TLS and the upcoming Windows 2008 Server (IIS 7).

We are also addressing a few security issues; details will be published in due time.

Mozilla notified us of one security issue (

) the day before they published their public advisory (

). They did not wait for us to come back with an ETA for a fix: they kept their bug reports containing the details of the exploits closed to the public for a few days, and now opened most of them to everybody (

).

Opera is as always committed to not only protecting its users, but to making the Web a safe place. We believe in responsible disclosure of vulnerabilities affecting several vendors.

Download

New snapshot: Introducing advanced tab activation9.26

Comments

1 2 3 Next »

Tamil # 14. February 2008, 16:17

Martin Rauscher # 14. February 2008, 16:20

Well those Mozilla guys think that openness is the answer to everything. :-/

Phred # 14. February 2008, 16:23

Originally posted by Hades32:

Well those Mozilla guys think that openness is the answer to everything

I agree in some instances *cough* bts *cough*

Tim Altman # 14. February 2008, 16:36

9.26 should fix the following problems for Mac users:

* Problems starting Opera or saving bookmarks/notes if you're using Leopard and FileVault
* Stability issues with plug-ins

Uwe aka JaDa # 14. February 2008, 16:41

And Linux?

Flash 9.0.115?

and this?


XML parsing failed: syntax error (Line: 0, Character: 0)

Reparse document as HTML
Error:unexpected end-of-file
Specification:http://www.w3.org/TR/REC-xml/

Tim Altman # 14. February 2008, 16:42

@Jada0007: A detailed changelog will be available when 9.26 is officially released next week.

v-love # 14. February 2008, 17:02

bad, bad, baaaaaaaaad mozilla

Gediminas # 14. February 2008, 17:10

Off-topic comment removed by Moderator. If you want to discuss Kestrel, do it in a post about Kestrel!

Lilo # 14. February 2008, 17:34

Silverlight plugin does not work at all (was announced to work in 9.22!)

Visit http://www.microsoft.com/silverlight/getassistance.aspx

KujaIX # 14. February 2008, 17:52

Thanks for fixing bug-289341

nemo # 14. February 2008, 17:54

Thank you very much. It makes me very happy that Desktop Team is working to improve Opera stability on Mac. I hate to say that, but Opera Browser is my 2nd most unstable program I have (1st is VLC...).

Tim Altman # 14. February 2008, 18:13

@nemoxx: Please let us know if 9.26 improves things for you!

Arthur Wilkinson # 14. February 2008, 18:18

Mozilla never knows when to keep their mouths shut...

Of course, considering that there are active exploits for Firefox, it's safe to say that the malware authors already knew about this security vulnerability.

Łukasz # 14. February 2008, 18:43

woooooooooow, super. wait version stable 9.26.

Micheál Seosamh # 14. February 2008, 18:54

How soon is soon?

Charles # 14. February 2008, 19:10

I'm not surprised about the Mozilla Corporation. Maybe they pretend they never have security issues with their code? There are still security issues with Firefox and with *any* software developed by humans, so they should be more humble and responsible. They're not harming Opera Software ASA, they're putting the Opera users in jeopardy, this is not a good way to have them to use Firefox. This is evil, irresponsible and antiethical at the very least. Shame on Mozilla!

Шуйский Николай [krigstask, Ŝtérkrìg] # 14. February 2008, 19:11

Nevermind, guys, let the Mozilla devs have more secure browser for at least few days (-;E

Kurt # 14. February 2008, 19:16

"Opera is as always committed to not only protecting its users, but to making the Web a safe place. We believe in responsible disclosure of vulnerabilities affecting several vendors."

Andrew Rich # 14. February 2008, 19:22

I hope this build addresses the lack of responsiveness when checking RSS feeds in Windows.

Marcin # 14. February 2008, 19:55

Hmm.. now ACID3 test = 46 ptk

It was 60+ points

http://taat.pl/typografia/eksperymenty/ilu/ - bad. (Select all text, It is obliged to appear heart)

wile-e-wonka # 14. February 2008, 20:02

I wouldn't worry too much about the Acid 3 test results. The test isn't even finished yet. Which means it won't be able to give an accurate score until the authors are sure they've actually written the code properly (for example, there was actually a bug in the Acid 2 code for quite some time making it impossible for a compliant browser to "pass"). Accordingly, the scores don't have much meaning right now. Well, except insofar as Opera does better than IE and FF--those are valid! (J/K)

Tri M. Nguyen # 14. February 2008, 20:09

The Opera focus bug still remains on the mac. That Opera doesn't regain focus on click when changing between applications

Anthony Garner # 14. February 2008, 20:16

Uh, on install, my mail folders disappeared, with all of my saved emails. Not good. It won't even let me install email information. Is M2 broken?

Upon startup, I get the following message:

Not possible to run old Opera version with new Opera mail files. Acct Manager Init failed. Engine Init() failed.

I did the upgrade option, as opposed to the new install option.

Windows XP SP2.

Claudio Santambrogio # 14. February 2008, 20:24

Originally posted by agarner:

my mail folders disappeared

Hmm, you didn't install over a 9.5 installation, did you?

Anthony Garner # 14. February 2008, 20:27

OH, Jeez. Guess I should have checked that one. I feel like a complete idiot. Sorry for the trouble.

Øyvind Østlund # 14. February 2008, 20:29

@NetJaro,

It is the Kestrel builds that does 60+ points. Opera 9.25 did 46 as well.

- ØØ -

Tim Altman # 14. February 2008, 20:36

@TriMN: That's fixed in Kestrel, IINM.

Lali # 14. February 2008, 20:42

Will be good on Linux (F.e Ubuntu) one video plugin, which work perfectly. (I try the mplayer plugin, totem plugin, vlc plugin, gxine plugin) and the Flash 9.0.115 will be good

Tri M. Nguyen # 14. February 2008, 20:57

@Junyor: ah, okei. It would be nice to see it in Merlin tho

Hehe

Stifu # 14. February 2008, 21:17

Rather than blaming Mozilla, I think you should be glad they pointed out the problem in the first place. Maybe they could have left you more time to react, yeah, but on the other hand... I can't really tell how good you're when it comes to communication/relation in general (one of the areas where Opera is the weakest, from the impression I got), so maybe they didn't think it was worth waiting... Or maybe's Mozilla's organization was bad, and they just kinda let that one slip...

Or maybe they simply maliciously did that in order to put Opera in a bad spot... but so what?

It's nice of them to take the time to point out something to Opera (which is basically both an ally and a competitor to them) for nothing in return, especially since Opera's security is based on obscurity.
(And how often does Microsoft help you?)

Don't get me wrong, I still like Opera very much. But this is just an article that calls for stupid Mozilla bashing.

nemo # 14. February 2008, 21:36

Junyor: Sure thing ;-)

Joe # 14. February 2008, 21:41

@Stifu: as far as I can tell Opera has always given other browser vendors time to fix security bugs before publishing them. But now Mozilla gives Opera the middle finger instead of returning the favor.

Mozilla has been bashing Opera in the past and pretending that they are so incredibly awesome at handling security. After a number of FUD articles from Mozilla, I think Opera is allowed to tell its users when Mozilla don't practice what they preach, to the detriment of other browser vendors.

Rijk # 14. February 2008, 21:47

Originally posted by Stifu:

Don't get me wrong, I still like Opera very much. But this is just an article that calls for stupid Mozilla bashing.

You are missing some background information it seems. It is Mozilla who has been telling everyone that they are good at 'responsible disclosure', and telling us we should share issues we find. And yes, when MSIE engineers find an issue that is applicable to other browsers, they inform us. This has actually happened.

I-Beam # 14. February 2008, 22:10

@Stifu "since Opera's security is based on obscurity"

This comment needs a reply. Opera has always shown a commitment to providing a secure browsing experience. I have used Opera for years, and one of the main reasons is their responsiveness to security issues. (Okay, the main reason overall is mouse gestures, but I did use the browser before those came along.)

From my perspective as a user, Opera's security is based on Opera considering safety as an integral part of the browser, implementing that during design and coding, and fixing any security problems as quickly as possible when they do arise, no matter how small the problems may be.

naphil # 14. February 2008, 22:19

I guess that Mozdev made a "formal"

move notifying Opera about the bug.

Nevertheless the didn't discover that exploit I wonder why the Security researchers didn't test those against Opera too.
Do they work for Mozilla?

Anyway I always regarded highly Opera ASA for they standards compliance. All the time I looked into an issue I found out that other user agents were relying on some quirks.

All the times I got the feeling that Opera ASA cares much more for interoperability than other "brands" and their uncompetitive ways.

Opera is my 1st choice browser.
If you only could extend the widget standard to merge seamlessly into Opera user interface I couldn't be happier.

Stifu # 14. February 2008, 22:28

Rijk: I didn't hear about Mozilla saying that, but I'll take your words for it. Yet, as I said, I think Opera could do much better when it comes to communication in general (but am obviously not aware about how well it communicates with other vendors).
As for Microsoft helping you, color me surprised (not sure what they have to gain). On the other hand, it sounds like it only happened once last year, while it seems to me like Mozilla was more helpful (jsfunfuzz tool comes to mind...).

I-Beam: I'm not saying Opera is not secure... but on the other hand, it can't really be compared to other browsers on that point. It can't be compared to Firefox, as Firefox is opensource, making it so issues can be spotted much more easily. It can't be compared to IE either, as IE has hundreds of times more users, making flaws much more discoverable, but also much more interesting to find, from a hacker point of view. (Yet, I don't think IE is more secure than Opera, no

)
And to add something about the obscurity comment, the closed bug-tracking system certainly doesn't help making me think otherwise. I see that as a real drawback for Opera, as I have often wanted to edit/add more info about bug reports I made, but couldn't as you can't view them once submitted... Opera's loss.

topplehat # 14. February 2008, 23:06

Can you not upgrade from a 9.50 install? Everytime I try it makes a new default instance of Opera, while my normal 9.50 stays the way it was. What I really want is to upgrade my 9.50...

Corros # 14. February 2008, 23:12

Upgrade 9.50 to 9.24? That's a downgrade

rwf # 14. February 2008, 23:20

Originally posted by Stifu:

as I have often wanted to edit/add more info about bug reports I made, but couldn't as you can't view them once submitted,Opera's loss.

I just send additional info / more crash logs to the e-mail address I get when I submit a bug-report. God only knows if they read them, but the e-mail doesn't get bounced.

Kelson Vibber # 14. February 2008, 23:21

What was the nature of the communication, though?

"Hey, we ran into some interesting issues with our browser. You might want to check yours and see if they apply."

"While testing our upcoming bugfix release yesterday, someone decided to see if any of the vulnerabilities worked on Opera, and this set does."

"We've been working on fixing these vulnerabilities for the past two months, and we're releasing the update tomorrow. And we've known you're vulnerable for the past month, but haven't bothered to tell you."

These are all very different scenarios.

topplehat # 14. February 2008, 23:31

Oops, didn't realize this was a 9.24 build.

mike hensler # 14. February 2008, 23:54

The bug report is currently inaccessible. Something about "(Selective keystroke capturing details embargoed pending discussions with other vendors)"

Perhaps this was a mistake on their part to not give advance notice to other browsers. However, seeing as Firefox is open source, don't they effectively have to disclose vulnerabilities to the public in order to get a fix?

Miloš # 15. February 2008, 00:03

Off-topic comment removed by Moderator. Please post in a Kestrel thread, referencing the bug number you're referring to.

Uwe aka JaDa # 15. February 2008, 03:04

@Jada0007: A detailed changelog will be available when 9.26 is officially released next week.

By Junyor, # 14. February 2008, 08:42:53

Junyor, the bugs are not fixed

why you don't say just No

so go fix it right now

JaDa

Kamalesh # 15. February 2008, 07:17

Trying Build 3724, but it is not starting in Leopard v10.5.2. (Build 4648 has no problems.)

Joachim Blaabjerg # 15. February 2008, 09:17

@kamalesh: were you one of the unlucky ones that launched the 4648 build that didn't use the Beta preferences directory? If so, your 9.2x preferences files have probably been upgraded to 9.50 format, and downgrading isn't supported. Try cleaning out your preferences and try again, and if it doesn't work, please report a bug and attach a crash log. Thanks!

ossi81 # 15. February 2008, 11:18

nice to see this updates comming. i use opera on macos 10.5.2 and have a problem with the upload speed. when using any connection-speed test site on the net i only get 10% of the upload speed i get with safari or firefox. i work on a 100mbit connection and normaly get 80mbit up-rate but with opera it is only like 8mbit. still fast but compared with the other browsers i assume there must be a bug.

Stifu # 15. February 2008, 12:21

Originally posted by rwf:

I just send additional info / more crash logs to the e-mail address I get when I submit a bug-report. God only knows if they read them, but the e-mail doesn't get bounced.

I don't remember the bug numbers, though... I just don't note them down or bookmark them. Is there a way to find them back?

Hypezor # 15. February 2008, 12:46

Is this security issue present in 9.50 builds?

Vlad # 15. February 2008, 12:56

Omg, I upgraded my previous beta/alpha/whatever to this build and my mail is gone, CRAP!

1 2 3 Next »

Showing comments 1 - 50 of 108.

Blog search

9.26 - coming soon!

Comments