Opera Software on Thursday released Opera 10.61 to address a heap buffer overflow vulnerability that could be used to execute arbitrary code, the company said in an
advisory. The flaw, classified as “high” in severity, affects the browser's HTML5 canvas, which allows developers to draw graphics using JavaScript. Due to the flaw, performing some painting operations on a canvas in Opera may result in heap buffer overflows. The update, available for Windows, Mac and Unix, also fixes two lower severity flaws involving
news feeds and
tabs. — AM