Lucene search

K
suse
SuseOPENSUSE-SU-2022:0103-1
HistoryApr 04, 2022 - 12:00 a.m.

Security update for opera (important)

2022-04-0400:00:00
lists.opensuse.org
36

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

An update that fixes 22 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

Opera was updated to 85.0.4341.28

 - CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84
 - DNA-98092 Crash at views::MenuItemView::GetMenuController()
 - DNA-98278 Translations for O85
 - DNA-98320 [Mac] Unable to delete recent search entries
 - DNA-98614 Show recent searches for non-BABE users
 - DNA-98615 Allow removal of recent searches
 - DNA-98616 Add recent searches to ���old��� BABE
 - DNA-98617 Make it possible to disable ad-blocker per-country
 - DNA-98651 Remove Instagram and Facebook Messenger in Russia
 - DNA-98653 Add flag #recent-searches
 - DNA-98696 smoketest
   PageInfoHistoryDataSourceTest.FormatTimestampString failing
 - DNA-98703 Port Chromium issue 1309225 to Opera Stable
  • The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096

  • Changes in 85.0.4341.18

    • CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51
    • DNA-98059 [Linux] Crash at
      opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled
    • DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()
    • DNA-98126 System crash dialog shown on macOS <= 10.15
    • DNA-98331 [Snap] Meme generator cropping / resizing broken
    • DNA-98394 Audio tab indicator set to “muted” on videoconferencing sites
    • DNA-98481 Report errors in opauto_collector
  • The update to chromium 99.0.4844.51 fixes following issues:
    CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,
    CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,
    CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,
    CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,
    CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809

  • Changes in 85.0.4341.13

    • DNA-94119 Upgrade curl to 7.81.0
    • DNA-97849 [Mac monterey] System shortcut interfere with Opera���s
      ToggleSearchInOpenTabs shortcut
    • DNA-98204 Automatic popout happens when video is paused
    • DNA-98231 Shortcuts are blocked by displayed tab tooltip when
      triggered quickly after tooltip appears
    • DNA-98321 Add thinlto-cache warnings to suppression list
    • DNA-98395 Promote O85 to stable
  • Complete Opera 85.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-85/

  • Update to 84.0.4316.42

    • DNA-94119 Upgrade curl to 7.81.0
    • DNA-98092 Crash at views::MenuItemView::GetMenuController()
    • DNA-98204 Automatic popout happens when video is paused
    • DNA-98231 Shortcuts are blocked by displayed tab tooltip when
      triggered quickly after tooltip appears
  • Update to 84.0.4316.31

    • CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109
    • DNA-97573 [Win][Lin]���Close tab��� button is not displayed on tabs
      playing media when many tabs are open
    • DNA-97729 cancelling the process uploading custom Wallpaper crashes
      the browser
    • DNA-97871 Google meet tab���s icons don���t fit on pinned tab
    • DNA-97872 Tab is being unpinned when video conferencing button is
      clicked
    • DNA-98039 Dark theme top sites have black background
    • DNA-98117 Clicking current tab information should hide tooltip

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.3:NonFree:

    zypper in -t patch openSUSE-2022-103=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap NonFree15.3x86_64< - openSUSE Leap 15.3:NonFree (x86_64):- openSUSE Leap 15.3:NonFree (x86_64):.x86_64.rpm
How to protect your server from attacks?

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

Related for OPENSUSE-SU-2022:0103-1