Opera is the world’s fifth most popular browser behind the big four of Chrome, Firefox, Internet Explorer and Safari. The latest version 12.10 includes patches for six vulnerabilities. These include a fixes to a certificate revocation issue, a cross-origin resource sharing (CORS) problem, a cross-site scripting flaw, SVG images that could allow execution of arbitrary code, and the disclosure of random chunks of memory. Each of these have their own advisory.
The sixth vulnerability is a high severity issue reported by Gareth Heyes. “Details will be disclosed at a later data,” says the Opera announcement. Meanwhile, however, Heyes has described the problem on his ‘Spanner’ blog. “Opera was leaking more properties than it should on a x-domain location,” he writes. “I did a video tutorial to show how I discovered it enjoy!” he adds. He reported the issue to Opera and it is now fixed. “BTW,” he commented on Twitter, “don’t upgrade Opera if you want to follow the video how to exploit it on Friday.”
Opera users with the auto-updater set will receive the new version automatically. This can be turned on in Preferences > Advanced > Security; or via the Opera website.
Other new features in 12.10 include improved support for Mac’s Mountain Lion operating system, such as ‘Notification Center’, and built-in sharing to Facebook, Twitter and others. Retina support also now provides twice the pixel density on Macs. Windows 8 (and 7) users get touch support, allowing scrolling, zooming and so on by touch.
More generally, Opera now supports the SPDY standard that makes loading web pages faster (it is used, for example, by Twitter and Gmail), improved HTML5 support and the inclusion of Web Sockets. The Opera ‘speed dial’ feature has also been improved. “This is an especially powerful feature in the case of social networks, appointments and email, where a user may want to keep track of new updates constantly, but not necessarily visit the website in a new tab or interact with the content right away,” notes TPMIdeaLab. “So it makes sense that Opera 12.10 includes new extensions for Gmail, Google Calendar, Twitter and Facebook.” These extensions allow users to see updates without having to visit the website itself.