Lucene search

K
suse
SuseOPENSUSE-SU-2022:10108-1
HistoryAug 29, 2022 - 12:00 a.m.

Security update for opera (important)

2022-08-2900:00:00
lists.opensuse.org
8

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An update that fixes 10 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

  • Update to 90.0.4480.54

    • CHR-8981 Update chromium on desktop-stable-104-4480 to 104.0.5112.102
    • DNA-98165 [buildsign] Whitelist Silent.nib when creating universal NI
      package on Mac
    • DNA-101309 Use base filename in PUT request when uploading files to
      buildbot
  • The update to chromium 104.0.5112.102 fixes following issues:
    CVE-2022-2852, CVE-2022-2854, CVE-2022-2855, CVE-2022-2857,
    CVE-2022-2858, CVE-2022-2853, CVE-2022-2856, CVE-2022-2859,
    CVE-2022-2860, CVE-2022-2861

  • Update to 90.0.4480.48

    • DNA-100835 AddressBarModelTestWithCategories.RefreshUnfiltered
      SuggestionsWhenPrefsChanged fails on beta stream
    • DNA-101171 Translations for O90
    • DNA-101216 Remove empty string from flow client_capabilities
    • DNA-101357 Promote O90 to Stable
    • DNA-101383 Revert DNA-101033
  • Complete Opera 90.0 changelog at:
    https://blogs.opera.com/desktop/changelog-for-90/

  • Update to 89.0.4447.91

    • DNA-100673 Crash at void
      opera::ModalDialogBaseView::OnExtraButtonPressed (const class
      ui::Event& const)
    • DNA-100915 [Sync Settings] Confirm your identity to enable encryption
      message flickers
    • DNA-100937 Missing links to ToS and Privacy Statement in launcher
      dialog when running installer with ���show-eula-window-on-start
    • DNA-101002 Make errors from webpack compilation appear in the log
    • DNA-101045 Popup contents are pushed outside of popup in “Unprotected”
      VPN state
    • DNA-101076 Disabled Pinboards should have another color in Account
      popup
    • DNA-101086 Sync ��� Clicking Next on
      auth.opera.com/account/v3/desktop/login/confirm-password does not
      redirect anywhere
  • Update to 89.0.4447.83

    • DNA-99507 Badge deactivates on a basket page of the shop
    • DNA-99840 Add speed dials to start page
    • DNA-100127 Enable #enable-force-dark-from-settings on all streams
    • DNA-100233 [Settings] “Sync everything” and “Do not sync” unselects
      itself
    • DNA-100560 Add “suggested speed dials” in the Google search box
      on the start page
    • DNA-100568 Fix icon in suggestions and update layout
    • DNA-100646 Add synchronization states to Opera account popup
    • DNA-100665 Create private API to open Account popup + allow rich hints
    • DNA-100668 Use a category based suggestion list to sort search box
      suggestions
    • DNA-100701 “Force dark page” shortcut don���t work
    • DNA-100711 Unable to click suggestions on start page search box
    • DNA-100725 [WinLin] Opera account logo is offcenter
    • DNA-100762 Suggestions from networks get favicon from network
    • DNA-100764 Fix “Confirm Identity” URL
    • DNA-100905 Request to update event_sd_tile_used.type
    • DNA-100921 Add accessibility info about sync state to opera account
      button
    • DNA-100943 VPN pro popup can be zoomed
    • DNA-100945 Disable Context Menu for VPN and VPN Pro popups
    • DNA-100958 Opera account popup should display actual state of
      synchronization instead of selected option
    • DNA-100994 “Secure More devices” is pushed outside of popup
    • DNA-101009 Free VPN ��� “Try for free” disappear after clicked
    • DNA-101012 Remove VPN Pro service available from VPN pro settings when
      logged in without subscription
    • DNA-101094 Unable to close a window from JavaScript
    • DNA-101121 chrome.operaAccountPrivate is undefined

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.3:NonFree:

    zypper in -t patch openSUSE-2022-10108=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap NonFree15.3x86_64< - openSUSE Leap 15.3:NonFree (x86_64):- openSUSE Leap 15.3:NonFree (x86_64):.x86_64.rpm
Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Related for OPENSUSE-SU-2022:10108-1