- Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date. - Fixed an issue with TLS certificates that could be used to execute arbitrary code, as reported by Alexander Klink (Cynops GmbH). Details will be disclosed at a later date. - Rich text editing can no longer be used to allow cross domain scripting, as reported by David Bloom. See our advisory. - Prevented bitmaps from revealing random data from memory, as reported by Gynvael Coldwind. Details will be disclosed at a later date. - Fixed a problem where malformed BMP files could cause Opera to temporarily freeze.
