* Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. See our advisory.
* Image properties can no longer be used to execute scripts, as reported by Max Leonov. See our advisory.
* Fixed an issue where the representation of DOM attribute values could allow cross site scripting, as reported by Arnaud.lb. See our advisory.
* Fixed a stability issue found in Opera 9.0 to 9.25, when Opera connects securely to Windows Server 2008 or other servers supporting the TLS Certificate Status extension.
* Additional stability fixes.