My Opera9.64
By Claudio Santambrogiocsant. Tuesday, March 3, 2009 9:22:46 AM
We released 9.64 today. This release is a recommended security upgrade for all those running the latest stable releases.
Starting with this release, Opera on Windows supports the security measures "Data Execution Prevention (DEP)" (available in Windows XP SP2 and newer) and "Address Space Layout Randomization (ASLR)" (available in Vista and newer).
These security measures are a kind of second line of defence once an application runs into a serious fault, which would normally cause it to crash sooner or later. Of course that should just not happen in the first place, but you can never completely rule out programming errors. Depending on the exact nature of the fault, an attacker can sometimes exploit it and try to take over your system. DEP and ASLR make that a lot harder.
We also added (on all platforms, of course) a new Untrusted Certificate capability, described in a
separate article, and we are now blocking the fake certificate as mentioned in another article.
Full changelogs are available:
Windows
Mac
Linux/UNIX
Go download it - and browse the web securely!
Starting with this release, Opera on Windows supports the security measures "Data Execution Prevention (DEP)" (available in Windows XP SP2 and newer) and "Address Space Layout Randomization (ASLR)" (available in Vista and newer).
These security measures are a kind of second line of defence once an application runs into a serious fault, which would normally cause it to crash sooner or later. Of course that should just not happen in the first place, but you can never completely rule out programming errors. Depending on the exact nature of the fault, an attacker can sometimes exploit it and try to take over your system. DEP and ASLR make that a lot harder.
We also added (on all platforms, of course) a new Untrusted Certificate capability, described in a
separate article, and we are now blocking the fake certificate as mentioned in another article.
Full changelogs are available:
Windows
Mac
Linux/UNIX
Go download it - and browse the web securely!
You must be 
arghwashier # Tuesday, March 3, 2009 9:56:13 AM
Doliprane'Doliprane # Tuesday, March 3, 2009 10:17:57 AM
VladTuPLaD # Tuesday, March 3, 2009 11:38:12 AM
Christian HuffPedric # Tuesday, March 3, 2009 12:42:51 PM
mabdul # Tuesday, March 3, 2009 1:11:57 PM
http://www.infoworld.com/article/09/01/28/04TC-opera-security_1.html
Haavardhaavard # Tuesday, March 3, 2009 2:19:28 PM
arghwashier # Tuesday, March 3, 2009 2:34:35 PM
this is the same bug as the incorrect font settings I mentioned elsewhere earlier also colour scheme is afected; it is a qt4 bug but the effect is only noticable under kde4
Charles SchlossChas4 # Tuesday, March 3, 2009 2:44:42 PM
How do you Enable the DEP or ASLR on Windows?
Saribro # Tuesday, March 3, 2009 8:47:06 PM
No idea about ASLR though.
Christian HuffPedric # Tuesday, March 3, 2009 8:56:18 PM
line 40 of /usr/bin/opera:
[ "$_QTSTYLE_FROM_CMDLINE_" = NO ] && [ -f "$HOME/.qt/qtrc" ] && _OPERA_QTSTYLE=`sed -n 's/^style=//p' $HOME/.qt/qtrc` && [ "$_OPERA_QTSTYLE" ] && set -- "$@" -style "$_OPERA_QTSTYLE"
the relevant line of my ~/.qt/qtrc:
style=Klearlook
and the relevant line of my ~/.config/Trolltech.conf:
style=Cleanlooks
The result is that Opera QT4 build tries to apply the "Klearlooks" style, which, for QT4, does not exist. It should be "Cleanlooks". Everytime I install a new version of Opera/QT4, I have to manually edit /usr/bin/opera to get it to use the correct config file to read my QT4 style...
Turin # Wednesday, March 4, 2009 1:31:26 AM
feri52 # Wednesday, March 4, 2009 4:56:20 PM
o Strongly disagree with the installer's new behavior - setting Opera as default for both browse and mail without asking (upgrade over 9.62).
o The Changelogs are hard to find from the My Opera pulldowns. How about an entry there? It took me twenty minutes to find the Changelog intro page, even though it has a straightforward URL. I'm probably dense.
-Frank
Otherwise, things are running clean and fast. Appreciate the Win-specific DEP and address-randomization code. And Google calendar fixed itself! Was that you or Google?