Ruarí Ødegaard: "I feel the need to point out t…"

Recent searches

Search options

Only available when logged in.

I feel the need to point out that with this update, Opera went to Chromium "124.0.6367.62"… yes you read that right ".62" which is a build long before both recent 0-day exploits (it is from last month).

To be clear, Opera is not faster at responding to the CVE-2024-4761 0-day than Edge or Brave (or Chrome and Vivaldi obviously), it is much, much slower. Unless they have backported security fixes and their Changelog gives no indication of that https://blogs.opera.com/desktop/changelog-for-110/ , they are missing all of the following security improvements

• High CVE-2024-4761: Out of bounds write in V8 [0-day exploit in the wild]
• High CVE-2024-4671: Use after free in Visuals [0-day exploit in the wild]
• High CVE-2024-4558: Use after free in ANGLE
• High CVE-2024-4559: Heap buffer overflow in WebAudio
• High CVE-2024-4331: Use after free in Picture In Picture
• High CVE-2024-4368: Use after free in Dawn
• Critical CVE-2024-4058: Type Confusion in ANGLE
• High CVE-2024-4059: Out of bounds read in V8 API
• High CVE-2024-4060: Use after free in Dawn

Opera DesktopChangelog for 110110.0.5130.35 – 2024-05-22 blog post CHR-9721 Update Chromium on desktop-stable-124-5130 to 124.0.6367.202 DNA-113399 [Mac] Traffic lights always drawn as hovered DNA-114787 Crash at views::View::DoRemoveChildView(views::View*, bool, bool, views::View*) DNA-115640 Tab island is not properly displayed after drag&drop in light theme DNA-116191 Fix link in RTV Euro CoS DNA-116218 Crash at SkGpuShaderImageFilter::onFilterImage(skif::Context const&) DNA-116241 Update affiliation link […]