Lucene search

K
suseSuseOPENSUSE-SU-2020:2359-1
HistoryDec 29, 2020 - 12:00 a.m.

Security update for opera (important)

2020-12-2900:00:00
lists.opensuse.org
14

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.221 Low

EPSS

Percentile

96.5%

An update that fixes 6 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

  • Update to version 73.0.3856.284

    • CHR-8225 Update chromium on desktop-stable-87-3856 to 87.0.4280.88
    • DNA-88454 Background of snap area above visible scrolled viewport is
      not captured
    • DNA-89749 Implement client_capabilities support for Flow / Sync
    • DNA-89810 Opera no longer autoselects full url/address bar when clicked
    • DNA-89923 [Snap] Emojis look grayed out
    • DNA-90060 Make gesture events work with search-in-tabs feature
    • DNA-90168 Display SD suggestions titles
    • DNA-90176 Player doesn���t show music service to choose on Welcome page
    • DNA-90343 [Mac] Cmd+C doesn���t copy snapshot
    • DNA-90538 Crash at extensions::CommandService::
      GetExtensionActionCommand(std::__1::basic_string const&,
      extensions::ActionInfo::Type, extensions::CommandService:: QueryType,
      extensions::Command*, bool*)
  • The update to chromium 87.0.4280.88 fixes following issues:
    CVE-2020-16037, CVE-2020-16038, CVE-2020-16039, CVE-2020-16040,
    CVE-2020-16041, CVE-2020-16042

  • Update to version 73.0.3856.257

    • DNA-89918 #enable-force-dark flag doesn���t work anymore
    • DNA-90061 Clicking on video���s progress bar breaks autopausing
    • DNA-90079 [BigSur] Blank pages
    • DNA-90154 Crash at extensions::CommandService::
      GetExtensionActionCommand(std::__1::basic_string const&,
      extensions::ActionInfo::Type, extensions::CommandService:: QueryType,
      extensions::Command*, bool*)
  • Complete Opera 73.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-73/

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:NonFree:

    zypper in -t patch openSUSE-2020-2359=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap NonFree15.1x86_64< - openSUSE Leap 15.1:NonFree (x86_64):- openSUSE Leap 15.1:NonFree (x86_64):.x86_64.rpm

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.221 Low

EPSS

Percentile

96.5%