The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Wed, 20 Nov 2002 23:20:53 +0100
From: Peter Bieringer <[email protected]>
To: Maillist full-disclosure <[email protected]>
Subject: Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site

--==========2234867794==========
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi,

sure very late, forgotten. This is not a real advisory but for
information, because problem was found during private usage.


Problem found with version

        opera-6.03-20020813.3-shared-qt.i386.rpm
        (perhaps older versions, too)

on a Red Hat Linux 7.3 fully updated system (time around August)

Used squid version: 2.4.STABLE6-6.7.3


Problem description:

In case of using Squid as HTTPS-proxy Opera crashes reproducable if a
HTTPS request was started to a site after (not by a global CA signed)
certificate was accepted:

URL tried: https://www.aerasec.de/

Without HTTPS-proxy (direct connection) Opera didn't crash.


Solution:
Upgrade to availible version 6.10 or later


History:
2002 Aug 19: first report to Opera to security at opera dot com
2002 Aug 20: first reaction
2002 Sep ??: provide core file, strace and captured packets
2002 Oct 04: reproduced by Opera, told that pre-release of 6.1 is ok
2002 Nov ??: 6.10 was released without this problem


They told me nothing about the reason of the problem, the
reproduction of the problem needs more time than their check that the
pre-release of 6.10 has no problems...


BTW: Sometimes the newer version of Opera (Linux, but also Window)
still crashes mostly on heavy usage of different SSL sites, has
someone else such experiences made?


        Peter

---
Dr. Peter Bieringer
mailto: pb at bieringer dot de
http://www.bieringer.de/pb/
Key 0x958F422D : B501 24F4 9418 23E2 C0F3  F833 7B57 AA7B 958F 422D
--==========2234867794==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE93ArGe1eqe5WPQi0RAuZiAKCTzVvPGVDLQKpBL7UxBiM5NlbPowCeIoFh
ic55V8+RqVNY9OCA04Mwkxs=
=lB3s
-----END PGP SIGNATURE-----

--==========2234867794==========--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру