openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2020:1713-1
Rating:             important
References:         
Cross-References:   CVE-2020-15959 CVE-2020-15960 CVE-2020-15961
                    CVE-2020-15962 CVE-2020-15963 CVE-2020-15964
                    CVE-2020-15965 CVE-2020-15966 CVE-2020-6556
                    CVE-2020-6573 CVE-2020-6574 CVE-2020-6575
                    CVE-2020-6576
Affected Products:
                    openSUSE Leap 15.2:NonFree
                    openSUSE Leap 15.1:NonFree
______________________________________________________________________________

   An update that fixes 13 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   opera was updated to version 71.0.3770.228

     - DNA-87466 Hide extensions icon is black in dark theme
     - DNA-88580 Implement search_in_tabs telemetry benchmark
     - DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL
     - DNA-88693 Random crash in SmartFilesBrowserTest
     - DNA-88793 change VPN disclaimer modal layout
     - DNA-88799 Only active workspaces and active messengers should be
       listed in keyboard shortcuts settings
     - DNA-88838 add automatic VPN connection preference setting
     - DNA-88870 Align VPN popup to new design
     - DNA-88900 Turn off Tutorials in Opera GX – implementation
     - DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout
       requests
     - DNA-88940 Allow continue-shopping|booking-host-override switch to
       handle host and path
     - DNA-88946 Auto-connect VPN after browser startup only for existing VPN
       users     - DNA-89009 Change URL for search-suggestions
     - DNA-89021 Make RH test driver pack to a separate archive
     - DNA-89150 Unhardcode ‘From’ and ‘To’ strings in Advanced
       History Search
     - DNA-89175 Desktop without a flow paring should not initialize in
       browser startup

   Opera was updated to version 71.0.3770.198

     - CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121
     - DNA-85648 Reconnecting Flow with iOS is unstable
     - DNA-87130 Spinner is stretched instead of clipped
     - DNA-87989 In Find in Page, “No matches” doesn’t go away after
       deleting all text
     - DNA-88098 Data URLs entries should not open new tab after click on new
       history page
     - DNA-88267 Extra semicolon in Russian BABE translation
     - DNA-88312 [Win] Downloads file drag and drop doesn’t work in Opera
     - DNA-88363 Add premium extension functionality
     - DNA-88580 Implement search_in_tabs telemetry benchmark
     - DNA-88611 Black font on a dark background in sync login dialog
     - DNA-88626 Disable #easy-files on desktop-stable-85-xxxx
     - DNA-88701 String “Type a shortcut” is hardcoded
     - DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl::
       RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDelegate*)
     - DNA-88797 Change ‘Register’ to ‘Tab’ in German
     - DNA-88851 [History][Resized window] Button and date input look bad
     - DNA-88958 Crash at net::`anonymous namespace”::Escape
   - The update to chromium 85.0.4183.121 fixes following issues:
     - CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963,
       CVE-2020-15965, CVE-2020-15966, CVE-2020-15964

   - Update to version 71.0.3770.148
     - CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102
     - DNA-87785 [Mac] “Alitools” text in extension toolbar overlaps
       Install button
     - DNA-87935 Make SSD smaller by 25%
     - DNA-87963 Hidden Avira extension in avira_2 edition
     - DNA-88015 [MyFlow] Desktop doesn’t show itself in devices list
     - DNA-88469 Add context menu options to configure shortcuts
     - DNA-88496 Define a/b test in ab_tests.json
     - DNA-88537 Don’t filter out hashes from feature reference groups
       coming from rollout
     - DNA-88580 Implement search_in_tabs telemetry benchmark
     - DNA-88604 [History panel] Search bar covers the “Clear browsing
       data” button
     - DNA-88619 String ‘Download complete’ is cut on download popup
     - DNA-88645 Remove option should not be available for last workspace
     - DNA-88718 [History panel] fix delete button overflow issue
   - The update to chromium 85.0.4183.102 fixes following issues:
     - CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576,
       CVE-2020-15959
   - Complete Opera 71.0 changelog at:
     https://blogs.opera.com/desktop/changelog-for-71/

   - Update to version 70.0.3728.144
     - CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135
     - DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown
     - DNA-88204 Crash at opera::DownloadItemView::OnMousePressed
       (ui::MouseEvent const&)
   - The update to chromium 84.0.4147.135 fixes following issues:
     - CVE-2020-6556


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:NonFree:

      zypper in -t patch openSUSE-2020-1713=1

   - openSUSE Leap 15.1:NonFree:

      zypper in -t patch openSUSE-2020-1713=1



Package List:

   - openSUSE Leap 15.2:NonFree (x86_64):

      opera-71.0.3770.228-lp152.2.18.1

   - openSUSE Leap 15.1:NonFree (x86_64):

      opera-71.0.3770.228-lp151.2.30.1


References:

   https://www.suse.com/security/cve/CVE-2020-15959.html
   https://www.suse.com/security/cve/CVE-2020-15960.html
   https://www.suse.com/security/cve/CVE-2020-15961.html
   https://www.suse.com/security/cve/CVE-2020-15962.html
   https://www.suse.com/security/cve/CVE-2020-15963.html
   https://www.suse.com/security/cve/CVE-2020-15964.html
   https://www.suse.com/security/cve/CVE-2020-15965.html
   https://www.suse.com/security/cve/CVE-2020-15966.html
   https://www.suse.com/security/cve/CVE-2020-6556.html
   https://www.suse.com/security/cve/CVE-2020-6573.html
   https://www.suse.com/security/cve/CVE-2020-6574.html
   https://www.suse.com/security/cve/CVE-2020-6575.html
   https://www.suse.com/security/cve/CVE-2020-6576.html

--

openSUSE: 2020:1713-1: important: opera

October 23, 2020
An update that fixes 13 vulnerabilities is now available.

Description

This update for opera fixes the following issues: opera was updated to version 71.0.3770.228 - DNA-87466 Hide extensions icon is black in dark theme - DNA-88580 Implement search_in_tabs telemetry benchmark - DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL - DNA-88693 Random crash in SmartFilesBrowserTest - DNA-88793 change VPN disclaimer modal layout - DNA-88799 Only active workspaces and active messengers should be listed in keyboard shortcuts settings - DNA-88838 add automatic VPN connection preference setting - DNA-88870 Align VPN popup to new design - DNA-88900 Turn off Tutorials in Opera GX – implementation - DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout requests - DNA-88940 Allow continue-shopping|booking-host-override switch to handle host and path - DNA-88946 Auto-connect VPN after browser startup only for existing VPN users - DNA-89009 Change URL for search-suggestions - DNA-89021 Make RH test driver pack to a separate archive - DNA-89150 Unhardcode ‘From’ and ‘To’ strings in Advanced History Search - DNA-89175 Desktop without a flow paring should not initialize in browser startup Opera was updated to version 71.0.3770.198 - CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121 - DNA-85648 Reconnecting Flow with iOS is unstable - DNA-87130 Spinner is stretched instead of clipped - DNA-87989 In Find in Page, “No matches” doesn’t go away after deleting all text - DNA-88098 Data URLs entries should not open new tab after click on new history page - DNA-88267 Extra semicolon in Russian BABE translation - DNA-88312 [Win] Downloads file drag and drop doesn’t work in Opera - DNA-88363 Add premium extension functionality - DNA-88580 Implement search_in_tabs telemetry benchmark - DNA-88611 Black font on a dark background in sync login dialog - DNA-88626 Disable #easy-files on desktop-stable-85-xxxx - DNA-88701 String “Type a shortcut” is hardcoded - DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl:: RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDelegate*) - DNA-88797 Change ‘Register’ to ‘Tab’ in German - DNA-88851 [History][Resized window] Button and date input look bad - DNA-88958 Crash at net::`anonymous namespace”::Escape - The update to chromium 85.0.4183.121 fixes following issues: - CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15965, CVE-2020-15966, CVE-2020-15964 - Update to version 71.0.3770.148 - CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102 - DNA-87785 [Mac] “Alitools” text in extension toolbar overlaps Install button - DNA-87935 Make SSD smaller by 25% - DNA-87963 Hidden Avira extension in avira_2 edition - DNA-88015 [MyFlow] Desktop doesn’t show itself in devices list - DNA-88469 Add context menu options to configure shortcuts - DNA-88496 Define a/b test in ab_tests.json - DNA-88537 Don’t filter out hashes from feature reference groups coming from rollout - DNA-88580 Implement search_in_tabs telemetry benchmark - DNA-88604 [History panel] Search bar covers the “Clear browsing data” button - DNA-88619 String ‘Download complete’ is cut on download popup - DNA-88645 Remove option should not be available for last workspace - DNA-88718 [History panel] fix delete button overflow issue - The update to chromium 85.0.4183.102 fixes following issues: - CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959 - Complete Opera 71.0 changelog at: https://blogs.opera.com/desktop/changelog-for-71/ - Update to version 70.0.3728.144 - CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135 - DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown - DNA-88204 Crash at opera::DownloadItemView::OnMousePressed (ui::MouseEvent const&) - The update to chromium 84.0.4147.135 fixes following issues: - CVE-2020-6556

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2:NonFree: zypper in -t patch openSUSE-2020-1713=1 - openSUSE Leap 15.1:NonFree: zypper in -t patch openSUSE-2020-1713=1


Package List

- openSUSE Leap 15.2:NonFree (x86_64): opera-71.0.3770.228-lp152.2.18.1 - openSUSE Leap 15.1:NonFree (x86_64): opera-71.0.3770.228-lp151.2.30.1


References

https://www.suse.com/security/cve/CVE-2020-15959.html https://www.suse.com/security/cve/CVE-2020-15960.html https://www.suse.com/security/cve/CVE-2020-15961.html https://www.suse.com/security/cve/CVE-2020-15962.html https://www.suse.com/security/cve/CVE-2020-15963.html https://www.suse.com/security/cve/CVE-2020-15964.html https://www.suse.com/security/cve/CVE-2020-15965.html https://www.suse.com/security/cve/CVE-2020-15966.html https://www.suse.com/security/cve/CVE-2020-6556.html https://www.suse.com/security/cve/CVE-2020-6573.html https://www.suse.com/security/cve/CVE-2020-6574.html https://www.suse.com/security/cve/CVE-2020-6575.html https://www.suse.com/security/cve/CVE-2020-6576.html--


Severity
Announcement ID: openSUSE-SU-2020:1713-1
Rating: important
Affected Products: openSUSE Leap 15.2:NonFree openSUSE Leap 15.1:NonFree

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved