Hi,
sure very late, forgotten. This is not a real advisory but for
information, because problem was found during private usage.
Problem found with version
opera-6.03-20020813.3-shared-qt.i386.rpm
(perhaps older versions, too)
on a Red Hat Linux 7.3 fully updated system (time around August)
Used squid version: 2.4.STABLE6-6.7.3
Problem description:
In case of using Squid as HTTPS-proxy Opera crashes reproducable if a
HTTPS request was started to a site after (not by a global CA signed)
certificate was accepted:
URL tried: https://www.aerasec.de/
Without HTTPS-proxy (direct connection) Opera didn't crash.
Solution:
Upgrade to availible version 6.10 or later
History:
2002 Aug 19: first report to Opera to security at opera dot com
2002 Aug 20: first reaction
2002 Sep ??: provide core file, strace and captured packets
2002 Oct 04: reproduced by Opera, told that pre-release of 6.1 is ok
2002 Nov ??: 6.10 was released without this problem
They told me nothing about the reason of the problem, the
reproduction of the problem needs more time than their check that the
pre-release of 6.10 has no problems...
BTW: Sometimes the newer version of Opera (Linux, but also Window)
still crashes mostly on heavy usage of different SSL sites, has
someone else such experiences made?
Peter
---
Dr. Peter Bieringer
mailto: pb at bieringer dot de
http://www.bieringer.de/pb/
Key 0x958F422D : B501 24F4 9418 23E2 C0F3 F833 7B57 AA7B 958F 422D
This archive was generated by hypermail 2b30 : Wed Nov 20 2002 - 15:04:59 PST