SUSE 5184 Published by

An opera security update has been released for openSUSE Leap 15.3.



openSUSE-SU-2021:0948-1: important: Security update for opera


openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID: openSUSE-SU-2021:0948-1
Rating: important
References:
Cross-References: CVE-2021-30544 CVE-2021-30545 CVE-2021-30546
CVE-2021-30547 CVE-2021-30548 CVE-2021-30549
CVE-2021-30550 CVE-2021-30551 CVE-2021-30552
CVE-2021-30553 CVE-2021-30554 CVE-2021-30555
CVE-2021-30556 CVE-2021-30557
CVSS scores:
CVE-2021-30544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30545 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30546 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30547 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30548 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30549 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30550 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30551 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30552 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30553 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Leap 15.3:NonFree
______________________________________________________________________________

An update that fixes 14 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

Update to version 77.0.4054.146

- CHR-8458 Update chromium on desktop-stable-91-4054 to 91.0.4472.114
- DNA-92171 Create active linkdiscovery service
- DNA-92388 Fix and unskip
WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible
- DNA-93101 Tabs are being snoozed when tab snoozing is disabled
- DNA-93386 Update pinboard view when item changes
- DNA-93448 Make browser ready for Developer release
- DNA-93491 Fix failing tests after enabling #pinboard flag
- DNA-93498 Add additional music services
- DNA-93503 Blank popup on clicking toolbar icon with popup open
- DNA-93561 Do not allow zoom different from 100% in Pinboard popup
- DNA-93637 ctrl+9 shortcut is inconsistent with other browsers
- DNA-93644 Create route for `import open tabs` to `pinboard`
- DNA-93664 Adapt popup to design
- DNA-93702 Turn on flags on developer
- DNA-93737 [Pinboard] Remove Mock API
- DNA-93745 Unable to open the popup after opening it several times
- DNA-93776 Popup closes and reopens when clicking the toolbar button
- DNA-93786 DCHECK after opening popup
- DNA-93802 Crash at views::Widget::GetNativeView() const
- DNA-93810 Add pinboard icon to sidebar
- DNA-93825 Add pinboard to Opera menu
- DNA-93833 [Player] Implement seeking for new services
- DNA-93845 Do not log output of snapcraft on console
- DNA-93864 Create feature flag for start page sync banner
- DNA-93865 Implement start page banner
- DNA-93867 Use version from package instead of repository
- DNA-93878 [Player] Crash when current player service becomes
unavailable when user location changes
- DNA-93953 ???Send image to Pinboard??? has the wrong position in the
context menu
- DNA-93987 Disable zooming popup contents like in other popups
- DNA-93989 Change internal URL to opera://pinboards
- DNA-93990 Update strings to reflect new standards
- DNA-93992 Add Pinboards to Opera settings
- DNA-93993 Pinboard translations from Master
- DNA-94011 Enable feature flags for Reborn 5 on stable
- DNA-94019 Add a direct link to settings
- DNA-94088 Internal pages provoke not saving other pages to the Pinboard
- DNA-94111 [O77] Sidebar setup does not open
- DNA-94139 Crash at
opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget()
- The update to chromium 91.0.4472.114 fixes following issues:
CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557
CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547,
CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551,
CVE-2021-30552, CVE-2021-30553

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:NonFree:

zypper in -t patch openSUSE-2021-948=1


Package List:

- openSUSE Leap 15.3:NonFree (x86_64):

opera-77.0.4054.146-lp153.2.6.1

References:

  https://www.suse.com/security/cve/CVE-2021-30544.html
  https://www.suse.com/security/cve/CVE-2021-30545.html
  https://www.suse.com/security/cve/CVE-2021-30546.html
  https://www.suse.com/security/cve/CVE-2021-30547.html
  https://www.suse.com/security/cve/CVE-2021-30548.html
  https://www.suse.com/security/cve/CVE-2021-30549.html
  https://www.suse.com/security/cve/CVE-2021-30550.html
  https://www.suse.com/security/cve/CVE-2021-30551.html
  https://www.suse.com/security/cve/CVE-2021-30552.html
  https://www.suse.com/security/cve/CVE-2021-30553.html
  https://www.suse.com/security/cve/CVE-2021-30554.html
  https://www.suse.com/security/cve/CVE-2021-30555.html
  https://www.suse.com/security/cve/CVE-2021-30556.html
  https://www.suse.com/security/cve/CVE-2021-30557.html