Opera Software on Thursday released Opera 10.61 to address a heap buffer overflow vulnerability that could be used to execute arbitrary code, the company said in an advisory. The flaw, classified as “high” in severity, affects the browser's HTML5 canvas, which allows developers to draw graphics using JavaScript. Due to the flaw, performing some painting operations on a canvas in Opera may result in heap buffer overflows. The update, available for Windows, Mac and Unix, also fixes two lower severity flaws involving news feeds and tabs. — AM