Opera: RSA signature forgery — GLSA 200609-18

Opera fails to correctly verify certain signatures.

Affected Packages

www-client/opera on all architectures
Affected versions < 9.02
Unaffected versions >= 9.02

Background

Opera is a multi-platform web browser.

Description

Opera makes use of OpenSSL, which fails to correctly verify PKCS #1 v1.5 RSA signatures signed by a key with exponent 3. Some CAs in Opera's list of trusted signers are using root certificates with exponent 3.

Impact

An attacker could forge certificates which will appear valid and signed by a trusted CA.

Workaround

There is no known workaround at this time.

Resolution

All Opera users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/opera-9.02"

References

Release Date
September 28, 2006

Latest Revision
September 28, 2006: 02

Severity
normal

Exploitable
remote

Bugzilla entries