|
Index of /pub/opera/win/1216/int/ ../
Replaced code signing certificate; see our advisory. >>>>>>>>>>>>> 注意: Opera 12.17 经典版下载 更新update 2014年4月9日,国外媒体报道了OpenSSL“心脏流血”漏洞,成千上万的网站和软件程序受波及。早期的Opera 12.x浏览器也受到这次安全风险冲击。所幸的是,Opera并没有抛弃早期产品。今天,Opera浏览器团队推送了Opera 12.17修复版。 据Opera官方博客(http://blogs./desktop/2014/04/opera-12-17/)介绍,早期Wiindows版Opera 12产品容易遭受“心脏出血”(Heartbleed)漏洞攻击,网络罪犯可以通过未授权的Opera签名发起攻击。这次也在Opera 12.17版本中成功修复漏洞。 除此之外,Opera 12.17也解决了Windows版自动更新机制的安全问题,可能被第三方利用签名完成攻击。 Opera 12.17 安全维护版官方下载: 32位版本,12.6MB || 64位版本,13.8MB http://get.geo./ftp/pub/opera/win/1217/int/Opera_1217_int_Setup.exe http://get.geo./ftp/pub/opera/win/1217/int/Opera_1217_int_Setup_x64.exe 支持Windows XP、Vista、Win7、Win8、Win8.1等平台,支持简体中文版。 http://blogs./desktop/2014/04/opera-12-17/ Even though Presto does not use any vulnerable parts of OpenSSL, the standalone autoupdater for Opera 12 on Windows does. The autoupdater runs in a separate process, and doesn't have
much memory to leak, but might potentially leak system information
in such a case, such as local username on Windows machines. We aim
to get an update out soon. 略翻译下: The Presto engine used in Opera 12 and older does use OpenSSL, but not the features of OpenSSL which contained the vulnerability. Hence Presto is not vulnerable, on any platform. This includes Opera Mini and Opera Mail, which use Presto. Opera Mini encryption between the client and proxy is also unaffected. Opera 14 and higher runs on Chromium, Desktop versions do not use OpenSSL. Android versions do, but not the features which contained the vulnerability. Coast by Opera only uses OpenSSL for certification information, not any parts of the vulnerable code. So the short version is that Opera products are not vulnerable*. Opera will of course use plugins, and may also use or call system functions or libraries, so even if you are using Opera, you should still make sure your system is secured and up to date. Opera 12和更早版本Opera 中的Presto 引擎的确用到OpenSSL,但是不是OpenSSL这次暴露漏洞的部分。因此Presto在全平台上是安全的。包括Opera, Opera mail, Opera mini服务器间的压缩加密也有受到影响。Opera 14和更高版本采用了Chromium,桌面版和OpenSSL无关,但是安卓版本用到了,但也不是OpenSSL有漏洞的部分。Coast只用到了OpenSSL的确认信息部分,同样也不是有漏洞的那部分代码。总的来说,Opera的产品不受这次漏洞的影响。——当然Opera会用到插件,可能也会加载有漏洞的功能和库。所以即便你在使用Opera,也请确保系统是安全和保持更新的。 Opera Software also hosts a host of hosts, and many of these ran on vulnerable server versions. However, none of the public facing login systems used the offending parts of OpenSSL for encryption (see update below). We have gone through our servers and upgraded them, including changing certificates. We are in the process of revoking the old certificates, and we have changed all internal passwords. User passwords used on our services have not been exposed, including for Opera Mini, but passwords for third party services like blog comments and forums, may have been exposed. You may want to change those passwords, including for any sites where those passwords may have been reused. Opera公司持有一大堆子域名,而其中不少的服务器版本是有漏洞的。但,没有任何和公众登录相关的部分采用了受到漏洞影响的OpenSSL加密部分。我们清查并更新了自己的服务器,也变更了证书。我们正在撤销老的证书,同时修改了所有的内部密码。用户保存在我们服务器上的包括Opera Mini在内的密码没有被暴露,但是相关第三方服务比如博客评论和论坛的密码可能就悬了。所以可能你需要改变那些服务的密码,包括其他用到了这些密码的网站。 >>>>>>>>>>> Adobe Flash Player 插件 NPSWF32.dll 更新贴 2014-6-11更新 Presto版: Blink版: 最新版本为:14.0.0.125 thebluemyth 同学 于 2014.06.12 提供 Adobe Flash Player
14.0.0.125 http://bbs.kafan.cn/thread-1267479-1-1.html http://pan.baidu.com/share/link?shareid=4066145507&uk=1644525551
Index of /pub/opera/win/1216/int/ ../
Replaced code signing certificate; see our advisory. >>>>>>>>>>>>> 注意: Opera 12.17 经典版下载 更新update 2014年4月9日,国外媒体报道了OpenSSL“心脏流血”漏洞,成千上万的网站和软件程序受波及。早期的Opera 12.x浏览器也受到这次安全风险冲击。所幸的是,Opera并没有抛弃早期产品。今天,Opera浏览器团队推送了Opera 12.17修复版。 据Opera官方博客(http://blogs./desktop/2014/04/opera-12-17/)介绍,早期Wiindows版Opera 12产品容易遭受“心脏出血”(Heartbleed)漏洞攻击,网络罪犯可以通过未授权的Opera签名发起攻击。这次也在Opera 12.17版本中成功修复漏洞。 除此之外,Opera 12.17也解决了Windows版自动更新机制的安全问题,可能被第三方利用签名完成攻击。 Opera 12.17 安全维护版官方下载: 32位版本,12.6MB || 64位版本,13.8MB http://get.geo./ftp/pub/opera/win/1217/int/Opera_1217_int_Setup.exe http://get.geo./ftp/pub/opera/win/1217/int/Opera_1217_int_Setup_x64.exe 支持Windows XP、Vista、Win7、Win8、Win8.1等平台,支持简体中文版。 http://blogs./desktop/2014/04/opera-12-17/ Even though Presto does not use any vulnerable parts of OpenSSL, the standalone autoupdater for Opera 12 on Windows does. The autoupdater runs in a separate process, and doesn't have
much memory to leak, but might potentially leak system information
in such a case, such as local username on Windows machines. We aim
to get an update out soon. 略翻译下: The Presto engine used in Opera 12 and older does use OpenSSL, but not the features of OpenSSL which contained the vulnerability. Hence Presto is not vulnerable, on any platform. This includes Opera Mini and Opera Mail, which use Presto. Opera Mini encryption between the client and proxy is also unaffected. Opera 14 and higher runs on Chromium, Desktop versions do not use OpenSSL. Android versions do, but not the features which contained the vulnerability. Coast by Opera only uses OpenSSL for certification information, not any parts of the vulnerable code. So the short version is that Opera products are not vulnerable*. Opera will of course use plugins, and may also use or call system functions or libraries, so even if you are using Opera, you should still make sure your system is secured and up to date. Opera 12和更早版本Opera 中的Presto 引擎的确用到OpenSSL,但是不是OpenSSL这次暴露漏洞的部分。因此Presto在全平台上是安全的。包括Opera, Opera mail, Opera mini服务器间的压缩加密也有受到影响。Opera 14和更高版本采用了Chromium,桌面版和OpenSSL无关,但是安卓版本用到了,但也不是OpenSSL有漏洞的部分。Coast只用到了OpenSSL的确认信息部分,同样也不是有漏洞的那部分代码。总的来说,Opera的产品不受这次漏洞的影响。——当然Opera会用到插件,可能也会加载有漏洞的功能和库。所以即便你在使用Opera,也请确保系统是安全和保持更新的。 Opera Software also hosts a host of hosts, and many of these ran on vulnerable server versions. However, none of the public facing login systems used the offending parts of OpenSSL for encryption (see update below). We have gone through our servers and upgraded them, including changing certificates. We are in the process of revoking the old certificates, and we have changed all internal passwords. User passwords used on our services have not been exposed, including for Opera Mini, but passwords for third party services like blog comments and forums, may have been exposed. You may want to change those passwords, including for any sites where those passwords may have been reused. Opera公司持有一大堆子域名,而其中不少的服务器版本是有漏洞的。但,没有任何和公众登录相关的部分采用了受到漏洞影响的OpenSSL加密部分。我们清查并更新了自己的服务器,也变更了证书。我们正在撤销老的证书,同时修改了所有的内部密码。用户保存在我们服务器上的包括Opera Mini在内的密码没有被暴露,但是相关第三方服务比如博客评论和论坛的密码可能就悬了。所以可能你需要改变那些服务的密码,包括其他用到了这些密码的网站。 >>>>>>>>>>> Adobe Flash Player 插件 NPSWF32.dll 更新贴 2014-6-11更新 Presto版: Blink版: 最新版本为:14.0.0.125 |
|
|
