Basic search

K
suseSuseOPENSUSE-SU-2022:10088-1
HistoryAug 16, 2022 - 12:00 a.m.

Security update for opera (important)

2022-08-1600:00:00
lists.opensuse.org
35

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An update that fixes 9 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

Opera was updated to 89.0.4447.71

 - CHR-8957 Update chromium on desktop-stable-103-4447 to 103.0.5060.134
 - DNA-100492 authPrivate.storeCredentials should work with running auth
   session
 - DNA-100649 ���Sign out��� from settings doesn���t also sign out from
   auth
 - DNA-100653 VPN Badge popup ��� not working well with different page
   zoom being set in browser settings
 - DNA-100712 Wrong spacing on text to reset sync passphrase in settings
 - DNA-100799 VPN icon is ���pro��� on disconnected
 - DNA-100841 Remove Get Subscription and Get button from VPN pro settings
 - DNA-100883 Update missing translations from chromium
 - DNA-100899 Translation error in Turkish
 - DNA-100912 Unable to select pinboards when sync everything is enabled
 - DNA-100959 Use after move RecentSearchProvider::ExecuteWithDB
 - DNA-100960 Use after move
   CountryBlacklistServiceImpl::DownloadCountryBlacklist
 - DNA-100961 Use after move
   CategorizationDataCollection::Iterator::Iterator
 - DNA-100989 Crash at
   opera::EasyFileButton::SetThumbnail(gfx::ImageSkia const&)
  • The update to chromium 103.0.5060.134 fixes following issues:
    CVE-2022-2163, CVE-2022-2477, CVE-2022-2478, CVE-2022-2479
    CVE-2022-2480, CVE-2022-2481

  • Update to 89.0.4447.51

    • DNA-99538 Typed content of address bar shared between tabs
    • DNA-100418 Set 360 so as search engine in China
    • DNA-100629 Launch Auth login when enabling sync while logged in
    • DNA-100776 Popup is too long if there are no services available
  • Update to 89.0.4447.48

    • CHR-8940 Update chromium on desktop-stable-103-4447 to 103.0.5060.114
    • DNA-100247 Make it possible to display hint when tab scrolling gets
      triggered
    • DNA-100482 Shopping corner icon availability
    • DNA-100575 Add unique IDs to all web element in opera account popup
    • DNA-100625 Opera account popup appears too high on Linux
    • DNA-100627 Enable #snap-from-panel on all stream
    • DNA-100636 DCHECK at suggestion_item.cc(484)
    • DNA-100685 Fix crash when attaching to tab strip scroll buttons
    • DNA-100693 Enable Sticky Site sidebar item to have notification bubble
    • DNA-100698 [AdBlock] Unhandled Disconnect list category:
      “emailaggressive”
    • DNA-100716 Misstype Settings “Enhanced address bar”
    • DNA-100732 Fix & escaping in translated strings
    • DNA-100759 Crash when loading personal news in private window
  • The update to chromium 103.0.5060.114 fixes following issues:
    CVE-2022-2294, CVE-2022-2295, CVE-2022-2296

  • Update to 89.0.4447.38

    • DNA-100283 Translations for O89
  • Complete Opera 89.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-89/

  • Changes in 89.0.4447.37

    • CHR-8929 Update chromium on desktop-stable-103-4447 to 103.0.5060.66
    • DNA-99780 Crash at zmq::zmq_abort(char const*)
    • DNA-100377 New opera account popup doesn���t open on Linux
    • DNA-100589 Crash at base::internal::Invoker<T>::RunOnce
      (base::internal::BindStateBase*, scoped_refptr<T>&&)
    • DNA-100607 Sync ���Sign in��� button doesn���t work with Opera Account
      popup

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:NonFree:

    zypper in -t patch openSUSE-2022-10088=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap NonFree15.4x86_64< - openSUSE Leap 15.4:NonFree (x86_64):- openSUSE Leap 15.4:NonFree (x86_64):.x86_64.rpm

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Related for OPENSUSE-SU-2022:10088-1