openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2019:2664-1
Rating:             important
References:         
Cross-References:   CVE-2019-13720 CVE-2019-13721
Affected Products:
                    openSUSE Leap 15.1:NonFree
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   Opera was updated to version 65.0.3467.62

   - CHR-7658 Update chromium on desktop-stable-78-3467 to 78.0.3904.108
   - DNA-81387 Remove support for old bundle structure in signing scripts
   - DNA-81675 Update widevine signature localisation in signed packages
   - DNA-81884 [Advanced content blocking] Ads are blocked for whitelisted
     page in Incognito
   - DNA-82230 [Mac] URL is not correctly aligned when the Geolocation is ON
   - DNA-82368 Generating diffs for unsinged packages doesn’t work
   - DNA-82414 Wrong number of trackers displayed just after deactivating
     adblocker
   - DNA-82470 [Linux] Snap package doesn’t recognise GNOME 3.24 platform
     snap connection
   - DNA-82473 https://www.nba.com/standings not working with AdBlocker
     enabled
   - DNA-82484 Update content blocking icon
   - DNA-82485 [Mac 10.15] Opera installer error at the end of installation
     process
   - DNA-82508 [Adblocker] Predefault lists can not be unchecked
   - DNA-82557 Address bar dropdown launches HTTP GETs for every autocomplete
   - DNA-82596 Do not block first-party ‘trackers’
   - DNA-82616 Settings – Tracker Blocker – Add “Learn more” link
   - DNA-82626 [Win] High CPU usage due to media indicator animation
   - DNA-82647 Tab icons mixed after Tab closing
   - DNA-82742 Pages won’t load after closing private mode
   - DNA-82768 Mark also the reference group in “exp” header for DNA-81658
   - DNA-82840 Disable favicon fetching for typed URLs

   Complete Opera 65.0 changelog at:

     https://blogs.opera.com/desktop/changelog-for-65/

   Update to version 64.0.3417.92

   - DNA-81358 Wrong key color on extension popup in dark mode
   - DNA-82208 Cherry-pick CVE-2019-13721 and CVE-2019-13720

   Update to version 64.0.3417.83

   - DNA-79676 Use FFmpegDemuxer to demux ADTS
   - DNA-81010 Spinner takes a lot of cpu
   - DNA-81385 Keys on some popups in dark mode can’t be hovered
   - DNA-81494 [Mac] Snap onboarding doesn’t appear while the icon still
     flashes
   - DNA-82003 Restore legacy path for AudioFileReader
   - DNA-82019 Enable #ffmpeg-demuxer-everywhere by default in developer
   - DNA-82028 Enable #ffmpeg-demuxer-everywhere by default in stable on macOS

   Update to version 64.0.3417.73

   - CHR-7598 Update chromium on desktop-stable-77-3417 to 77.0.3865.120
   - DNA-80049 The upper border of “Add to bookmarks bar” popup is cut
     off in white mode
   - DNA-80395 Menu popup borders in Settings are invisible in Dark mode
   - DNA-81263 Change the continue section buttons visibility as in
     description
   - DNA-81304 Crash at chrome::NewTab(Browser*)
   - DNA-81650 Easy Setup Style looks weird
   - DNA-81708 Missing dependency on //chrome/common:buildflags
   - DNA-81732 [Mac][Catalina] Cannot maximize a window after it’s been
     minimized
   - DNA-81737 Renderer crash on https://codesandbox.io/s/vanilla-ts
   - DNA-81753 Pinned tab only remembered after next restart
   - DNA-81769 Investigate reports about slow speed dial loading in O64 blog
     comments
   - DNA-81859 [Mac 10.15] Crash whenever navigating to any page
   - DNA-81893 Get Personalised news on SpeedDials broken layout

   Update to version 64.0.3417.61

   - DNA-80760 Sidebar Messenger icon update
   - DNA-81165 Remove sharing service
   - DNA-81211 [Advanced content blocking] Can not turn off ad blocking in
     private mode
   - DNA-81323 content_filter::RendererConfigProvider destroyed
     on wrong sequence
   - DNA-81487 [VPN disclaimer][da, ta] Text should be multiline
   - DNA-81545 opr-session entry for Google ads not working
   - DNA-81580 Speed dials’ colours change after Opera update
   - DNA-81597 [Adblocker] Google Ads link hides if clicking
   - DNA-81639 Widevine verification status is PLATFORM_TAMPERED
   - DNA-81237 [Advanced content blocking] noCoinis not enabled by default
   - DNA-81375 Adblocking_AddToWhitelist_Popup and
     Adblocking_RemoveFromWhitelist_Popup metric not recorded in stats
   - DNA-81413 Error in console when Start Page connects to My Flow
   - DNA-81435 Adjust VPN disclaimer to longer strings [de]

   Update to version 64.0.3417.47

   - DNA-80531 [Reborn3] Unify Switches
   - DNA-80738 “How to protect my privacy” link
   - DNA-81162 Enable #advanced-content-blocking
     on developer stream
   - DNA-81202 Privacy Protection popup doesn’t resize after enabling
     blockers   - DNA-81230 [Mac] Drop support for 10.10
   - DNA-81280 Adjust button width to the shorter string
   - DNA-81295 Opera 64 translations
   - DNA-81346 Enable #advanced-content-blocking on all streams
   - DNA-81434 Turn on #new-vpn-flow in all streams
   - DNA-81436 Import translations from Chromium to O64
   - DNA-81460 Promote O64 to stable
   - DNA-81461 Snap onboarding is cut
   - DNA-81467 Integrate missing translations (Chinese, MS and TL) to O64/65
   - DNA-81489 Start page goes into infinite loop

   Complete Opera 64.0 changelog at:
   https://blogs.opera.com/desktop/changelog-for-64/

   Update to version 63.0.3368.94

   - CHR-7516 Update chromium on master to 78.0.3887.7
   - DNA-80966 [Linux] Integrate a new key into our packages

   Update to version 63.0.3368.88

   - DNA-79103 Saving link to bookmarks saves it to Other bookmarks folder
   - DNA-79455 Crash at views::MenuController::
     FindNextSelectableMenuItem(views::MenuItemView*, int, views::
     MenuController::SelectionIncrementDirectionType, bool)
   - DNA-79579 Continuous packages using new_mac_bundle_structure do not run
   - DNA-79611 Update opauto_paths.py:GetResourcesDir
   - DNA-79621 Add support for new bundle structure to old autoupdate clients
   - DNA-79906 Fix package build
   - DNA-80131 Sign Opera Helper(GPU).app
   - DNA-80191 Fix
     opera_components/tracking_data/tracking_data_paths.cc
   - DNA-80638 Cherry-pick fix for CreditCardTest.
     UpdateFromImportedCard_ExpiredVerifiedCardUpdatedWithSameName
   - DNA-80801 Very slow tab deletion process


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.1:NonFree:

      zypper in -t patch openSUSE-2019-2664=1



Package List:

   - openSUSE Leap 15.1:NonFree (x86_64):

      opera-65.0.3467.62-lp151.2.9.1


References:

   https://www.suse.com/security/cve/CVE-2019-13720.html
   https://www.suse.com/security/cve/CVE-2019-13721.html

--

openSUSE: 2019:2664-1: important: opera

December 10, 2019
An update that fixes two vulnerabilities is now available.

Description

This update for opera fixes the following issues: Opera was updated to version 65.0.3467.62 - CHR-7658 Update chromium on desktop-stable-78-3467 to 78.0.3904.108 - DNA-81387 Remove support for old bundle structure in signing scripts - DNA-81675 Update widevine signature localisation in signed packages - DNA-81884 [Advanced content blocking] Ads are blocked for whitelisted page in Incognito - DNA-82230 [Mac] URL is not correctly aligned when the Geolocation is ON - DNA-82368 Generating diffs for unsinged packages doesn’t work - DNA-82414 Wrong number of trackers displayed just after deactivating adblocker - DNA-82470 [Linux] Snap package doesn’t recognise GNOME 3.24 platform snap connection - DNA-82473 https://www.nba.com/standings not working with AdBlocker enabled - DNA-82484 Update content blocking icon - DNA-82485 [Mac 10.15] Opera installer error at the end of installation process - DNA-82508 [Adblocker] Predefault lists can not be unchecked - DNA-82557 Address bar dropdown launches HTTP GETs for every autocomplete - DNA-82596 Do not block first-party ‘trackers’ - DNA-82616 Settings – Tracker Blocker – Add “Learn more” link - DNA-82626 [Win] High CPU usage due to media indicator animation - DNA-82647 Tab icons mixed after Tab closing - DNA-82742 Pages won’t load after closing private mode - DNA-82768 Mark also the reference group in “exp” header for DNA-81658 - DNA-82840 Disable favicon fetching for typed URLs Complete Opera 65.0 changelog at: https://blogs.opera.com/desktop/changelog-for-65/ Update to version 64.0.3417.92 - DNA-81358 Wrong key color on extension popup in dark mode - DNA-82208 Cherry-pick CVE-2019-13721 and CVE-2019-13720 Update to version 64.0.3417.83 - DNA-79676 Use FFmpegDemuxer to demux ADTS - DNA-81010 Spinner takes a lot of cpu - DNA-81385 Keys on some popups in dark mode can’t be hovered - DNA-81494 [Mac] Snap onboarding doesn’t appear while the icon still flashes - DNA-82003 Restore legacy path for AudioFileReader - DNA-82019 Enable #ffmpeg-demuxer-everywhere by default in developer - DNA-82028 Enable #ffmpeg-demuxer-everywhere by default in stable on macOS Update to version 64.0.3417.73 - CHR-7598 Update chromium on desktop-stable-77-3417 to 77.0.3865.120 - DNA-80049 The upper border of “Add to bookmarks bar” popup is cut off in white mode - DNA-80395 Menu popup borders in Settings are invisible in Dark mode - DNA-81263 Change the continue section buttons visibility as in description - DNA-81304 Crash at chrome::NewTab(Browser*) - DNA-81650 Easy Setup Style looks weird - DNA-81708 Missing dependency on //chrome/common:buildflags - DNA-81732 [Mac][Catalina] Cannot maximize a window after it’s been minimized - DNA-81737 Renderer crash on https://codesandbox.io/s/vanilla-ts - DNA-81753 Pinned tab only remembered after next restart - DNA-81769 Investigate reports about slow speed dial loading in O64 blog comments - DNA-81859 [Mac 10.15] Crash whenever navigating to any page - DNA-81893 Get Personalised news on SpeedDials broken layout Update to version 64.0.3417.61 - DNA-80760 Sidebar Messenger icon update - DNA-81165 Remove sharing service - DNA-81211 [Advanced content blocking] Can not turn off ad blocking in private mode - DNA-81323 content_filter::RendererConfigProvider destroyed on wrong sequence - DNA-81487 [VPN disclaimer][da, ta] Text should be multiline - DNA-81545 opr-session entry for Google ads not working - DNA-81580 Speed dials’ colours change after Opera update - DNA-81597 [Adblocker] Google Ads link hides if clicking - DNA-81639 Widevine verification status is PLATFORM_TAMPERED - DNA-81237 [Advanced content blocking] noCoinis not enabled by default - DNA-81375 Adblocking_AddToWhitelist_Popup and Adblocking_RemoveFromWhitelist_Popup metric not recorded in stats - DNA-81413 Error in console when Start Page connects to My Flow - DNA-81435 Adjust VPN disclaimer to longer strings [de] Update to version 64.0.3417.47 - DNA-80531 [Reborn3] Unify Switches - DNA-80738 “How to protect my privacy” link - DNA-81162 Enable #advanced-content-blocking on developer stream - DNA-81202 Privacy Protection popup doesn’t resize after enabling blockers - DNA-81230 [Mac] Drop support for 10.10 - DNA-81280 Adjust button width to the shorter string - DNA-81295 Opera 64 translations - DNA-81346 Enable #advanced-content-blocking on all streams - DNA-81434 Turn on #new-vpn-flow in all streams - DNA-81436 Import translations from Chromium to O64 - DNA-81460 Promote O64 to stable - DNA-81461 Snap onboarding is cut - DNA-81467 Integrate missing translations (Chinese, MS and TL) to O64/65 - DNA-81489 Start page goes into infinite loop Complete Opera 64.0 changelog at: https://blogs.opera.com/desktop/changelog-for-64/ Update to version 63.0.3368.94 - CHR-7516 Update chromium on master to 78.0.3887.7 - DNA-80966 [Linux] Integrate a new key into our packages Update to version 63.0.3368.88 - DNA-79103 Saving link to bookmarks saves it to Other bookmarks folder - DNA-79455 Crash at views::MenuController:: FindNextSelectableMenuItem(views::MenuItemView*, int, views:: MenuController::SelectionIncrementDirectionType, bool) - DNA-79579 Continuous packages using new_mac_bundle_structure do not run - DNA-79611 Update opauto_paths.py:GetResourcesDir - DNA-79621 Add support for new bundle structure to old autoupdate clients - DNA-79906 Fix package build - DNA-80131 Sign Opera Helper(GPU).app - DNA-80191 Fix opera_components/tracking_data/tracking_data_paths.cc - DNA-80638 Cherry-pick fix for CreditCardTest. UpdateFromImportedCard_ExpiredVerifiedCardUpdatedWithSameName - DNA-80801 Very slow tab deletion process

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1:NonFree: zypper in -t patch openSUSE-2019-2664=1


Package List

- openSUSE Leap 15.1:NonFree (x86_64): opera-65.0.3467.62-lp151.2.9.1


References

https://www.suse.com/security/cve/CVE-2019-13720.html https://www.suse.com/security/cve/CVE-2019-13721.html--


Severity
Announcement ID: openSUSE-SU-2019:2664-1
Rating: important
Affected Products: openSUSE Leap 15.1:NonFree

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved