Lucene search

K
suse
SuseOPENSUSE-SU-2022:0156-1
HistoryMay 28, 2022 - 12:00 a.m.

Security update for opera (important)

2022-05-2800:00:00
lists.opensuse.org
15

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An update that fixes 10 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

Update to 87.0.4390.25:

 - CHR-8870 Update chromium on desktop-stable-101-4390 to 101.0.4951.64
 - DNA-99209 Enable #easy-files-multiupload on all streams
 - DNA-99325 Use a preference to set number of recent searches and
   recently closed in unfiltered dropdown
 - DNA-99353 Translations for O87
 - DNA-99365 Adding title to the first category duplicates categories
   titles in the dropdown
 - DNA-99385 Feedback button in filtered dropdown can overlap with
   other web buttons for highlighted suggestion
 - DNA-99391 Add bookmarks at the bottom of a bookmarks bar folder
 - DNA-99491 Suggestion is not immediately removed form recent searches
   view in dropdown.
 - DNA-99501 Promote O87 to stable
 - DNA-99504 ���Switch to tab��� button is not aligned to the right for
   some categories in dropdown
  • The update to chromium 101.0.4951.64 fixes following issues:
    CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636,
    CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641

  • Complete Opera 87.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-87/

  • Update to 86.0.4363.59

    • DNA-99021 Crash in sidebar when extension of sidebar item was
      uninstalled
    • DNA-99359 Crash at opera::
      ContinueShoppingExpiredProductRemoverImpl::RemoveExpiredProducts()
  • Update to 86.0.4363.50

    • DNA-68493 Opera doesn���t close address field drop-down when dragging
      text from the address field
    • DNA-99003 Crash at views::Widget::GetNativeView() const
    • DNA-99133 BrowserSidebarWithProxyAuthTest.PreloadWithWebModalDialog
      fails
    • DNA-99230 Switching search engine with shortcut stopped working after
      DNA-99178
    • DNA-99317 Make history match appear on top
  • Update to 86.0.4363.32

    • DNA-98510 Blank icon in sidebar setup
    • DNA-98525 Unable to drag tab to far right
    • DNA-98893 Sound indicator is too precise in Google Meet
    • DNA-98919 Shopping corner internal API access update
    • DNA-98924 Tab tooltip gets stuck on screen
    • DNA-98981 Enable easy-files-multiupload on developer stream
    • DNA-99041 Move Shopping Corner to sidebar entry
    • DNA-99061 Enable #address-bar-dropdown-categories on all streams
    • DNA-99062 Create flag to show top sites and recently closed in
      unfiltered suggestions
    • DNA-99064 Hard to drag & drop current URL to a specific folder
      on bookmarks bar when unfiltered dropdown is displayed
    • DNA-99070 Make scroll button in Continue On scroll multiple items
    • DNA-99089 Shopping corner tab is not preserved after restart
    • DNA-99115 Request updating the Avro schema for sidebar event
    • DNA-99117 Make sure shopping corner is enabled by default
    • DNA-99178 Left/right not working in address bar dropdown
    • DNA-99204 Hide Shopping Corner by default
  • Update to 86.0.4363.23

    • CHR-8843 Update chromium on desktop-stable-100-4363 to 100.0.4896.127
    • DNA-98236 Turn on #snap-text-selection on all streams
    • DNA-98507 DCHECK at address_bar_controller.cc(547)
    • DNA-98528 Suggestions for internal pages disappear when typing their
      full name
    • DNA-98538 Change name of “Opera Crypto Wallet” to “Crypto Wallet”
    • DNA-98540 Booking.com used instead of custom search engine
    • DNA-98587 Favicon of booking suggestion in the city category is
      unexpectedly changing
    • DNA-98605 City suggestions should show URL in address field when
      selected
    • DNA-98608 #address-bar-dropdown-categories expired
    • DNA-98616 Add recent searches to ‘old’ BABE
    • DNA-98668 Switch to tab button leads to wrong tab
    • DNA-98673 Improve suggestion removal handling in suggestion providers
    • DNA-98681 Remove unused suggestion consumers
    • DNA-98684 Have a dedicated SuggestionList for the new address bar
      dropdown
    • DNA-98685 Enable #native-crypto-wallet on developer
    • DNA-98688 “Disable this feature” mini-menu settings is non-intuitive
    • DNA-98690 Autocompleted text stayed in address field after removing
      suggestion
    • DNA-98738 Inline autocomplete suggestion for SD disappears after
      typing 3rd letter of SD name
    • DNA-98743 Blank dropdown after pressing space key
    • DNA-98783 Improve showing suggestions with long URLs or page titles
    • DNA-98785 “Switch to tab” button not shown for suggestions with www
      subdomain when typing domain text
    • DNA-98879 “Disable suggestions before typing” mini-menu option should
      change to “Enable suggestions before typing” when being selected
    • DNA-98917 Translations for O86
    • DNA-98975 Turn on #snap-crop-tool on all channels
    • DNA-98980 Enable #native-crypto-wallet on all streams
    • DNA-99005 The sidebar item is not visible for already active crypto
      wallet users when #native-crypto-wallet flag is enabled.
    • DNA-99007 Crash at TemplateURLRef::ParseIfNecessary(SearchTermsData
      const&) const
    • DNA-99047 Promote O86 to stable
  • The update to chromium 100.0.4896.127 fixes following issues:
    CVE-2022-1364

  • Complete Opera 86.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-86/

  • Update to 85.0.4341.60

    • DNA-98666 Set baidu as default search engine in China
    • DNA-98707 Hint is not displayed for new crypto wallet sidebar icon
    • DNA-98775 RichHintsSearchEngineCondition.testSogouSearchEngine errors
  • Update to 85.0.4341.47

    • DNA-98249 Add feature flag #native-crypto-wallet
    • DNA-98250 Install extension on startup
    • DNA-98251 Make Crypto Wallet setting enable / disable extension
    • DNA-98252 Deactivate old desktop crypto wallet
    • DNA-98253 Always show ���Crypto Wallet��� in Sidebar Setup
    • DNA-98497 Crash when installing extension
    • DNA-98506 Enable opera_feature_crypto_wallet_encryption
      on desktop
    • DNA-98510 Blank icon in sidebar setup
    • DNA-98538 Change name of “Opera Crypto Wallet” to “Crypto Wallet”
    • DNA-98685 Enable #native-crypto-wallet on developer
    • DNA-98766 Crash at
      opera::AddressBarControllerImpl::OpenNativeDropdown()
    • DNA-98768 Crash at
      extensions::ContentFilterPrivateIsWhitelistedFunction::Run()
    • DNA-98770 Recent searches stay in address field after selecting entry
      from dropdown
    • DNA-98772 Screen sharing broken
    • DNA-98803 Autofilled part appended after selecting address bar using
      shortcut

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:NonFree:

    zypper in -t patch openSUSE-2022-156=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap NonFree15.4x86_64< - openSUSE Leap 15.4:NonFree (x86_64):- openSUSE Leap 15.4:NonFree (x86_64):.x86_64.rpm
Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Related for OPENSUSE-SU-2022:0156-1