Changelog 9.63

Aus Opera-Fansite

[Bearbeiten] User Interface

• Added DoubleclicktoCloseTab|Doubleclick to Close Tab to close tabs by double-clicking on them

[Bearbeiten] Mail, News, Chat

• Added a thread button in the mail toolbar
• Removed Label button from mail toolbar
• Reverted the Subject field back to its previous behavior where it is a text field and not a button
• Added shortcuts for follow (Ctrl/Cmd-D), ignore (Ctrl/Cmd-Shift-D) and go to thread (D)

[Bearbeiten] Security

• Manipulating text input contents can allow execution of arbitrary code, as reported by Red XIII. See our advisory.
• HTML parsing flaw can cause Opera to execute arbitrary code, as reported by Alexios Fakos. See our advisory.
• Long hostnames in file: URLs can cause execution of arbitrary code, as reported by Vitaly McLain. see our advisory.
• Script injection in feed preview can reveal contents of unrelated news feeds, as reported by David Bloom. See our advisory.
• Built-in XSLT templates can allow cross-site scripting, as reported by Robert Swiecki of the Google Security Team. See our advisory.
• Fixed an issue that could reveal random data, as reported by Matthew of Hispasec Sistemas. Details will be disclosed at a later date.
• SVG images embedded using <img> tags can no longer execute Java or plugin content, suggested by Chris Evans.
• Opera now imports .p12 private certificates