security-announce: openSUSE-SU-2020:1713-1: important: Security update for opera
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1713-1
Rating: important
References:
Cross-References: CVE-2020-15959 CVE-2020-15960 CVE-2020-15961
CVE-2020-15962 CVE-2020-15963 CVE-2020-15964
CVE-2020-15965 CVE-2020-15966 CVE-2020-6556
CVE-2020-6573 CVE-2020-6574 CVE-2020-6575
CVE-2020-6576
Affected Products:
openSUSE Leap 15.2:NonFree
openSUSE Leap 15.1:NonFree
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
opera was updated to version 71.0.3770.228
- DNA-87466 Hide extensions icon is black in dark theme
- DNA-88580 Implement search_in_tabs telemetry benchmark
- DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL
- DNA-88693 Random crash in SmartFilesBrowserTest
- DNA-88793 change VPN disclaimer modal layout
- DNA-88799 Only active workspaces and active messengers should be
listed in keyboard shortcuts settings
- DNA-88838 add automatic VPN connection preference setting
- DNA-88870 Align VPN popup to new design
- DNA-88900 Turn off Tutorials in Opera GX â implementation
- DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout
requests
- DNA-88940 Allow continue-shopping|booking-host-override switch to
handle host and path
- DNA-88946 Auto-connect VPN after browser startup only for existing VPN
users
- DNA-89009 Change URL for search-suggestions
- DNA-89021 Make RH test driver pack to a separate archive
- DNA-89150 Unhardcode âFromâ and âToâ strings in Advanced
History Search
- DNA-89175 Desktop without a flow paring should not initialize in
browser startup
Opera was updated to version 71.0.3770.198
- CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121
- DNA-85648 Reconnecting Flow with iOS is unstable
- DNA-87130 Spinner is stretched instead of clipped
- DNA-87989 In Find in Page, âNo matchesâ doesnât go away after
deleting all text
- DNA-88098 Data URLs entries should not open new tab after click on new
history page
- DNA-88267 Extra semicolon in Russian BABE translation
- DNA-88312 [Win] Downloads file drag and drop doesnât work in Opera
- DNA-88363 Add premium extension functionality
- DNA-88580 Implement search_in_tabs telemetry benchmark
- DNA-88611 Black font on a dark background in sync login dialog
- DNA-88626 Disable #easy-files on desktop-stable-85-xxxx
- DNA-88701 String âType a shortcutâ is hardcoded
- DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl::
RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDelegate*)
- DNA-88797 Change âRegisterâ to âTabâ in German
- DNA-88851 [History][Resized window] Button and date input look bad
- DNA-88958 Crash at net::`anonymous namespaceâ::Escape
- The update to chromium 85.0.4183.121 fixes following issues:
- CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963,
CVE-2020-15965, CVE-2020-15966, CVE-2020-15964
- Update to version 71.0.3770.148
- CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102
- DNA-87785 [Mac] âAlitoolsâ text in extension toolbar overlaps
Install button
- DNA-87935 Make SSD smaller by 25%
- DNA-87963 Hidden Avira extension in avira_2 edition
- DNA-88015 [MyFlow] Desktop doesnât show itself in devices list
- DNA-88469 Add context menu options to configure shortcuts
- DNA-88496 Define a/b test in ab_tests.json
- DNA-88537 Donât filter out hashes from feature reference groups
coming from rollout
- DNA-88580 Implement search_in_tabs telemetry benchmark
- DNA-88604 [History panel] Search bar covers the âClear browsing
dataâ button
- DNA-88619 String âDownload completeâ is cut on download popup
- DNA-88645 Remove option should not be available for last workspace
- DNA-88718 [History panel] fix delete button overflow issue
- The update to chromium 85.0.4183.102 fixes following issues:
- CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576,
CVE-2020-15959
- Complete Opera 71.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-71/
- Update to version 70.0.3728.144
- CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135
- DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown
- DNA-88204 Crash at opera::DownloadItemView::OnMousePressed
(ui::MouseEvent const&)
- The update to chromium 84.0.4147.135 fixes following issues:
- CVE-2020-6556
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:NonFree:
zypper in -t patch openSUSE-2020-1713=1
- openSUSE Leap 15.1:NonFree:
zypper in -t patch openSUSE-2020-1713=1
Package List:
- openSUSE Leap 15.2:NonFree (x86_64):
opera-71.0.3770.228-lp152.2.18.1
- openSUSE Leap 15.1:NonFree (x86_64):
opera-71.0.3770.228-lp151.2.30.1
References:
https://www.suse.com/security/cve/CVE-2020-15959.html
https://www.suse.com/security/cve/CVE-2020-15960.html
https://www.suse.com/security/cve/CVE-2020-15961.html
https://www.suse.com/security/cve/CVE-2020-15962.html
https://www.suse.com/security/cve/CVE-2020-15963.html
https://www.suse.com/security/cve/CVE-2020-15964.html
https://www.suse.com/security/cve/CVE-2020-15965.html
https://www.suse.com/security/cve/CVE-2020-15966.html
https://www.suse.com/security/cve/CVE-2020-6556.html
https://www.suse.com/security/cve/CVE-2020-6573.html
https://www.suse.com/security/cve/CVE-2020-6574.html
https://www.suse.com/security/cve/CVE-2020-6575.html
https://www.suse.com/security/cve/CVE-2020-6576.html
An opera security update has been released for openSUSE Leap 15.1 and 15.2.