SUSE 5149 Published by

An opera security update has been released for openSUSE Leap 15.1.



security-announce: openSUSE-SU-2020:0635-1: important: Security update for opera


openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:0635-1
Rating: important
References:
Cross-References: CVE-2020-6457 CVE-2020-6458 CVE-2020-6459
CVE-2020-6460 CVE-2020-6461 CVE-2020-6462

Affected Products:
openSUSE Leap 15.1:NonFree
______________________________________________________________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

Opera was updated to version 68.0.3618.63

- CHR-7889 Update chromium on desktop-stable-81-3618 to 81.0.4044.122
- CHR-7896 Update chromium on desktop-stable-81-3618 to 81.0.4044.129
- DNA-85287 Set standard spacing for Yandex prompt
- DNA-85416 [Mac] Animation of tab insert is glitchy on slow machines
- DNA-85568 Verify API for triggering “unread” mode with Instagram.
- DNA-86027 Present Now not working in google meet after canceling it once
- DNA-86028 Add a back and forward button in the Instagram panel
- DNA-86029 Investigate and implement re-freshing of the instagram panel
content

- Update chromium to 81.0.4044.122 fixes CVE-2020-6458, CVE-2020-6459,
CVE-2020-6460
- Update chromium to 81.0.4044.129 fixes CVE-2020-6461, CVE-2020-6462

Update to version 68.0.3618.56

- DNA-85256 [Win] Cookies section on site pages is white in dark mode
- DNA-85474 [Mac] Dragging tabs to the left with hidden sidebar is broken
- DNA-85771 DNS-over-HTTPS example in settings is wrong
- DNA-85976 Change page display time when navigating from
opera:startpage
- CHR-7878 Update chromium on desktop-stable-81-3618 to 81.0.4044.113
(CVE-2020-6457)
- DNA-78158 PATCH-1272 should be removed
- DNA-84721 Weather widget is overlapped when ‘Use bigger tiles’
- DNA-85246 Implement 0-state dialog and onboarding
- DNA-85354 O-menu is misplaced when opened with maximized opera
- DNA-85405 Add link to Privacy Policy on the 0-state dialog
- DNA-85409 Ask for geolocation EULA once
- DNA-85426 Crash at opera::DownloadActionButton::Update()
- DNA-85454 Add id’s to elements for testing
- DNA-85493 Add “Show Weather” toggle to “Start Page” section in
Easy Setup
- DNA-85501 Set timestamps in geolocation exception record
- DNA-85514 Add fallback when geolocation fails
- DNA-85713 Report consent for geolocation on start page
- DNA-85753 Fetch news configuration from new endpoint
- DNA-85798 Incorrect padding in Search in Tabs window
- DNA-85801 Disable notification on instagram panel
- DNA-85809 Update instagram icon in the Sidebar Setup
- DNA-85854 Change Instagram panel size, to fit desktop version
- Complete Opera 68.0 changelog at:
  https://blogs.opera.com/desktop/changelog-for-68/

Update to version 67.0.3575.137

- CHR-7852 Update chromium on desktop-stable-80-3575 to 80.0.3987.163
- DNA-82540 Crash at remote_cocoa::NativeWidgetNSWindowBridge::
SetVisibilityState(remote_cocoa::mojom::WindowVisibilityState)
- DNA-84951 New PiP is completely black for some 2 GPU setups
- DNA-85284 Chrome “Open link in same tab, pop-up as tab [Free]”
extension is no longer working in Opera
- DNA-85415 [Mac] Inspect Popup not working
- DNA-85530 Create API for displaying and triggering “unread” mode for
messengers from in-app
- DNA-85537 Let addons.opera.com interact with sidebar messengers

Update to version 67.0.3575.115

- CHR-7833 Update chromium on desktop-stable-80-3575 to 80.0.3987.149
- DNA-74423 [Mac] Search/Copy popup stuck on top left of screen
- DNA-82975 Crash at blink::DocumentLifecycle::EnsureStateAtMost
(blink::DocumentLifecycle::LifecycleState)
- DNA-83834 Crash at base::MessagePumpNSApplication:: DoRun
(base::MessagePump::Delegate*)
- DNA-84632 macOS 10.15.2 fail on creating testlist.json
- DNA-84713 Switching through tabs broken when using workspaces

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:NonFree:

zypper in -t patch openSUSE-2020-635=1


Package List:

- openSUSE Leap 15.1:NonFree (x86_64):

opera-68.0.3618.63-lp151.2.15.1

References:

  https://www.suse.com/security/cve/CVE-2020-6457.html
  https://www.suse.com/security/cve/CVE-2020-6458.html
  https://www.suse.com/security/cve/CVE-2020-6459.html
  https://www.suse.com/security/cve/CVE-2020-6460.html
  https://www.suse.com/security/cve/CVE-2020-6461.html
  https://www.suse.com/security/cve/CVE-2020-6462.html