9.64
By Claudio Santambrogio. Tuesday, 3. March 2009, 09:22:46
We released 9.64 today. This release is a recommended security upgrade for all those running the latest stable releases.
Starting with this release, Opera on Windows supports the security measures "Data Execution Prevention (DEP)" (available in Windows XP SP2 and newer) and "Address Space Layout Randomization (ASLR)" (available in Vista and newer).
These security measures are a kind of second line of defence once an application runs into a serious fault, which would normally cause it to crash sooner or later. Of course that should just not happen in the first place, but you can never completely rule out programming errors. Depending on the exact nature of the fault, an attacker can sometimes exploit it and try to take over your system. DEP and ASLR make that a lot harder.
We also added (on all platforms, of course) a new Untrusted Certificate capability, described in a
separate article, and we are now blocking the fake certificate as mentioned in another article.
Full changelogs are available:
Windows
Mac
Linux/UNIX
Go download it - and browse the web securely!
Starting with this release, Opera on Windows supports the security measures "Data Execution Prevention (DEP)" (available in Windows XP SP2 and newer) and "Address Space Layout Randomization (ASLR)" (available in Vista and newer).
These security measures are a kind of second line of defence once an application runs into a serious fault, which would normally cause it to crash sooner or later. Of course that should just not happen in the first place, but you can never completely rule out programming errors. Depending on the exact nature of the fault, an attacker can sometimes exploit it and try to take over your system. DEP and ASLR make that a lot harder.
We also added (on all platforms, of course) a new Untrusted Certificate capability, described in a
separate article, and we are now blocking the fake certificate as mentioned in another article.
Full changelogs are available:
Windows
Mac
Linux/UNIX
Go download it - and browse the web securely!
WIDGETIZE
arghwashier # 3. March 2009, 09:56
Kai # 3. March 2009, 10:17
Vlad # 3. March 2009, 11:38
Christian Huff # 3. March 2009, 12:42
mabdul # 3. March 2009, 13:11
http://www.infoworld.com/article/09/01/28/04TC-opera-security_1.html
Haavard # 3. March 2009, 14:19
arghwashier # 3. March 2009, 14:34
this is the same bug as the incorrect font settings I mentioned elsewhere earlier also colour scheme is afected; it is a qt4 bug but the effect is only noticable under kde4
Charles Schloss # 3. March 2009, 14:44
How do you Enable the DEP or ASLR on Windows?
Saribro # 3. March 2009, 20:47
No idea about ASLR though.
Christian Huff # 3. March 2009, 20:56
line 40 of /usr/bin/opera:
[ "$_QTSTYLE_FROM_CMDLINE_" = NO ] && [ -f "$HOME/.qt/qtrc" ] && _OPERA_QTSTYLE=`sed -n 's/^style=//p' $HOME/.qt/qtrc` && [ "$_OPERA_QTSTYLE" ] && set -- "$@" -style "$_OPERA_QTSTYLE"
the relevant line of my ~/.qt/qtrc:
style=Klearlook
and the relevant line of my ~/.config/Trolltech.conf:
style=Cleanlooks
The result is that Opera QT4 build tries to apply the "Klearlooks" style, which, for QT4, does not exist. It should be "Cleanlooks". Everytime I install a new version of Opera/QT4, I have to manually edit /usr/bin/opera to get it to use the correct config file to read my QT4 style...
Turin # 4. March 2009, 01:31
feri52 # 4. March 2009, 16:56
o Strongly disagree with the installer's new behavior - setting Opera as default for both browse and mail without asking (upgrade over 9.62).
o The Changelogs are hard to find from the My Opera pulldowns. How about an entry there? It took me twenty minutes to find the Changelog intro page, even though it has a straightforward URL. I'm probably dense.
-Frank
Otherwise, things are running clean and fast. Appreciate the Win-specific DEP and address-randomization code. And Google calendar fixed itself! Was that you or Google?