Opera 9.20 was just released. From the security perspective, these are the fixes in the new release:
- Fix for character encoding inheritance issue with frames, which could enable cross-site scripting. See the advisory.
- Fixed an issue regarding handling of FTP PASV response, as reported by Mark at bindshell.net
- XMLHttpRequest now treats separate ports on the same server as a different server. Issue reported by Egmont Koblinger.
- Fixed an issue where scripts could continue to run after leaving the page, as reported by Herrmann Manuel.
- Skandiabanken.no’s message about successful certificate installation is now shown.