Opera – Phocean.net

CVE-2009-3555: Safari not yet patched ???

phocean — Sun, 10 Jun 2012 18:17:59 +0000

The other day I was shocked to find this entry in my Apache logs:

[error] SSL Library Error: 336068931 error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled

It occurs appears when I try to use a SSL client certificate with Safari. Of course, authentication is broken as it just fails on an 403 error page.

So it seems that Safari is the last browser which was not patched against CVE-2009-3555 !

2009 !! At least, I quickly checked the other browsers I had around and they were fine: IE, Firefox, Chrome… I am having an issue with Opera also, but although I have not identified the problem yet, it seems unrelated (and does not throw the same error).

Note that I reported the issue to Apple, but I did not receive any answer. Silence on the wire.

Yet OpenSSL renegociation not fully fixed

phocean — Sat, 16 Oct 2010 07:35:59 +0000

How the hell is it possible that after so many months, the fix for OpenSSL renegociation has not been yet included in either Chrome (6.0.4) or Opera (10.61)? I haven’t tested other browsers though, except Firefox which at least has fixed the issue since several months.

Opera segmentation fault after upgrading

phocean — Fri, 06 Apr 2007 19:05:00 +0000

For those who have a segmentation fault after the last update on Feisty (libx11 upgraded)…

you will find a fix there.

There is a link to a new version of Opera to download, which works with the latest libx11.