Most webmail issues have been resolved. Again, sorry for the inconvenience. In case you still have some issue please contact us.
Minor update to Vivaldi 1.13 (Spectre fixes)
Today we release a minor update to 1.13 with security updates for the Spectre security issue and a crash fix for Linux.
Click here to see the full blog post
Nothing in repo?Reply Quote 0 2 Replies Last reply
@gwen-dragon: ah... yes, good point! :P
@gwen-dragon: we will fix this now
Tchelows last edited by
@ruario: But the 1.13 Stable from today it is missing in stable tree!Reply Quote 0 1 Reply Last reply
@ruario: Fixed now, repo works.Reply Quote 0 1 Reply Last reply
Guilimote last edited by Guilimote
Thanks for the quick update, out of the usual release cycle! :slight_smile:
One question about the Spectre fix, because we read many things on the net and it's hard to get clear and reliable info:
From my understanding, to be safe, one need to patch several levels of his machine:
- Hardware (via bios / motherboard update)
- Critical softwares like internet browser
The OS fixes seem to be relevant only if done in combination with bios updates. What about the browser fix that you include here?
I ask that because lot of people having HW older than a few years will never receive any update from their manufacturers. In this case, can we still expect to have at least a small layer a protection against attacks which would rely on malicious code on the net?
It's loading pages faster.Reply Quote 0 1 Reply Last reply
Volunteer - Tester / Community Rules
"A man is a wolf to another man"
@guilimote: There are no fixes for Spectre. And there will not. Only mitigations. The only fix is to change hardware, with one not vulnerable (I'm not aware of any right now...)
Each level you name can do a level of mitigation :
- At the hardware level, a microcode update can limit the usage of branch prediction
- At the OS level, the mitigations can separate more fully the user code from the kernel/core code.
- At the browser level, each tab can be run into a single process, and precision of timing accessible through JS can be limited.
Each isn't enough, and to be honest, even all together, it's not enough. It's enough right now, because you can't protect more, but in the months/years coming, other mitigations will appear, to avoid new utilisation of those vulnerabilities that appeared.
But yes, those mitigations in Vivaldi will limit the impact (for now) of those vulnerabilities. Just don't believe that you are fully safe for all times :slight_smile:
JasonJosephNYC last edited by
I was promised that in the next update we would finally have the rearrangeable web panels that are available in the Beta.
Very disappointed to see that yet again this is not included, more so because I was told that it would indeed be.
So, with that said I have but one question, when?
@cqoicebordel You are true, a real 100% fix for SPECTRE does not exist as it is a hard-/firmware design problem of the CPUs and the OS.
All so called "Fixes" will be able to slow down attackers to steal data.Reply Quote 0 1 Reply Last reply
@jasonjosephnyc: I think you have misunderstood. That feature was promised for 1.14. This is a minor update to 1.13. In such minor updates we do not introduce any new features. We only fix critical outstanding bugs. However it will still be in 1.14 as promised, snapshots of which are already available should you wish to test.
@jasonjosephnyc This version (1.13) was made as a security update, not as a regular update to version 1.14.
If you need features from 1.14 Snapshot you have to wait for 1.14 Stable.Reply Quote 0 1 Reply Last reply
DarkMagician last edited by Gwen-Dragon
New bug you introduced with this fix.
[modedit] Edited image url
Which bug? Which OS? How to reproduce?Reply Quote 0 1 Reply Last reply
@cqoicebordel Thank you for your precision, and what you say makes sens (no fix, only mitigations, ...)
But I'm still not sure about what to think... Sorry if I have misunderstood you, I will try to be clearer:
Even if I know that the more layers I update the better it is, that this is not enough to be "safe", and even if I know it is only a matter of "limiting the impact": Are the Chromium updates relevant to prevent from some of the possible browser exploits IF they are not done in combination with updates on other layers (ie HW, OS, ... )?
In other words, is it different from some of the OS updates which absolutely need bios updates to be effective?
@guilimote: Yes, each add their layer.
Each level has its own surface of attack. And thus, their mitigations are only to add hurdle on their surfaces. In other words (that are factually wrong but work as a metaphor) : each level slows the attacker ten times. If you have all the mitigations in place, you slowed it a thousand times (101010, a tenth for each level). If you have only the browsers mitigations, it is slowed only ten times.
There are not dependent from one another. At least here.
If I'm not mistaken, though, it seems to me that the new microcode Intel provided allows new commands, that can be used by compilers to compile new softwares. So, maybe, if I'm not wrong, in the near futur, there will be mitigations in softwares (including browsers) that needs the microcode updated, and the OS patched.
But again, I'm not sure on that one, and I'm not sure on the schedule of those fix either (search terms : "LFENCE opcode")
Nicd last edited by
After upgrading to this release, all my cookies and passwords are gone and will not persist even if I remove my profile. See this topic for more details: https://forum.vivaldi.net/topic/23883/cookies-and-passwords-won-t-persist-after-updating-to-1-13-1008-44
Any help would be appreciated!
@ruario I asked about this on twitter and was told by Vivaldi that this was coming in the next update, NOT in the beta but in the stable release. For a browser that prides itself on customizability, this seems like it should be in the wild already... IMHO
Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.