Opera 9.63 for Unix Changelog

Release Notes

Opera 9.63 is a recommended security and stability upgrade.

Opera 9.63 incorporates the Opera Presto 2.1.1 user agent engine.

Changes and improvements since Opera 9.62

User Interface

• Added opera:config > UserPrefs > DoubleclicktoCloseTab to close tabs by double-clicking on them

Mail, News, Chat

• Added a thread button in the mail toolbar
• Removed Label button from mail toolbar
• Reverted the Subject field back to its previous behavior where it is a text field and not a button
• Added shortcuts for follow (Ctrl/Cmd-D), ignore (Ctrl/Cmd-Shift-D) and go to thread (D)

Security

• Manipulating text input contents can allow execution of arbitrary code, as reported by Red XIII. See our advisory.
• HTML parsing flaw can cause Opera to execute arbitrary code, as reported by Alexios Fakos. See our advisory.
• Long hostnames in file: URLs can cause execution of arbitrary code, as reported by Vitaly McLain. see our advisory.
• Script injection in feed preview can reveal contents of unrelated news feeds, as reported by David Bloom. See our advisory.
• Built-in XSLT templates can allow cross-site scripting, as reported by Robert Swiecki of the Google Security Team. See our advisory.
• Fixed an issue that could reveal random data, as reported by Matthew of Hispasec Sistemas. Details will be disclosed at a later date.
• SVG images embedded using <img> tags can no longer execute Java or plugin content, suggested by Chris Evans.
• Opera now imports .p12 private certificates