SUSE 5149 Published by

An opera security update has been released for openSUSE Leap 15.4.



openSUSE-SU-2023:0114-1: important: Security update for opera


openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID: openSUSE-SU-2023:0114-1
Rating: important
References:
Cross-References: CVE-2023-1213 CVE-2023-1214 CVE-2023-1215
CVE-2023-1216 CVE-2023-1217 CVE-2023-1218
CVE-2023-1219 CVE-2023-1220 CVE-2023-1221
CVE-2023-1222 CVE-2023-1223 CVE-2023-1224
CVE-2023-1225 CVE-2023-1226 CVE-2023-1227
CVE-2023-1228 CVE-2023-1229 CVE-2023-1230
CVE-2023-1231 CVE-2023-1232 CVE-2023-1233
CVE-2023-1234 CVE-2023-1235 CVE-2023-1236
CVE-2023-1528 CVE-2023-1529 CVE-2023-1530
CVE-2023-1531 CVE-2023-1532 CVE-2023-1533
CVE-2023-1534 CVE-2023-2033 CVE-2023-2133
CVE-2023-2134 CVE-2023-2135 CVE-2023-2136
CVE-2023-2137 CVE-2023-2721 CVE-2023-2722
CVE-2023-2723 CVE-2023-2724 CVE-2023-2725
CVE-2023-2726
CVSS scores:
CVE-2023-1213 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1214 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1215 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1216 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1217 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2023-1218 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1219 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1220 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1221 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1222 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1223 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2023-1224 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1225 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1226 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2023-1227 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1228 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1229 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1230 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1231 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1232 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2023-1233 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2023-1234 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1235 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-1236 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-1528 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1529 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2023-1530 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1531 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1532 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1533 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-1534 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2033 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2133 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2134 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2135 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2136 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2023-2137 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2721 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2722 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2723 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2724 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2725 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-2726 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Leap 15.4:NonFree
______________________________________________________________________________

An update that fixes 43 vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

- Update to 99.0.4788.13
* CHR-9290 Update Chromium on desktop-stable-113-4788 to 113.0.5672.127
* DNA-107317 __delayLoadHelper2 crash in crashreporter
- The update to chromium 113.0.5672.127 fixes following issues:
CVE-2023-2721, CVE-2023-2722, CVE-2023-2723, CVE-2023-2724,
CVE-2023-2725, CVE-2023-2726

- Update to 99.0.4788.9
* CHR-9283 Update Chromium on desktop-stable-113-4788 to 113.0.5672.93
* DNA-107638 Translations for O99
* DNA-107678 Crash Report [@ BrowserContextKeyedServiceFactory::
BrowserContextKeyedServiceFactory(char const*,
BrowserContextDependencyManager*) ]
* DNA-107795 Fix wrong german translation of 'Close All Duplicate Tabs'
* DNA-107800 Fonts on section#folder and AddSitePanel not readable when
animated wallpaper chosen
* DNA-107840 Promote O99 to stable

- Update to 98.0.4759.39
* DNA-102363 ChromeFileSystemAccessPermissionContextTest.
ConfirmSensitiveEntryAccess_DangerousFile fails
* DNA-105534 [Add to Opera] Incorrect scroll on modal when browser
window size is too small
* DNA-106649 Opening new tab when pinned tab is active gives 2 active
tabs
* DNA-107226 Speed Dial freezes and empty space remains after Continue
booking tile dragging
* DNA-107435 Building archive_source_release target fails
* DNA-107441 [Start page] Right mouse click on tile in continue
on section opens target site in current tab
* DNA-107508 Crash at permissions::PermissionRecoverySuccessRate
Tracker::TrackUsage(ContentSettingsType)
* DNA-107528 Handle real-time SD impression reporting
* DNA-107546 Context menus broken with one workspace
* DNA-107548 Paste from Context Menu doesn’t work for Search
on StartPage
* DNA-107560 Optimize real-time SD impression reporting

- Update to 98.0.4759.15
* CHR-9259 Update Chromium on desktop-stable-112-4759 to 112.0.5615.121
* CHR-9264 Update Chromium on desktop-stable-112-4759 to 112.0.5615.165
* DNA-104949 Cleanup reauthorizer and permission
* DNA-106748 Presubmit problems
* DNA-107262 Delete faulty translations
- The update to chromium 112.0.5615.165 fixes following issues:
CVE-2023-2133, CVE-2023-2134, CVE-2023-2135, CVE-2023-2136, CVE-2023-2137
- Changes in 98.0.4759.6
* CHR-9255 Update Chromium on desktop-stable-112-4759 to 112.0.5615.87
* DNA-106342 Crash when blocking cookies in sidebar
web.infobars::InfoBarManager::AddInfoBar(std::Cr::unique_ptr, bool)
* DNA-107054 Apply patch for CVE-2023-2033
* DNA-107141 Promote O98 to stable
* DNA-107142 Translations for O98

- Update to 97.0.4719.83
* DNA-106342 Crash when blocking cookies in sidebar web.
infobars::InfoBarManager::AddInfoBar(std::Cr::unique_ptr, bool)
* DNA-106550 [SD][Drag&Drop] Create a static manual layout for speed
dials
* DNA-106791 Run smoketests on mac arm builds
* DNA-107054 Apply patch for CVE-2023-2033
- Remove setup_repo.sh, fix non-executable-script rpmlint warning and we
do not want create a repo

- Update to 97.0.4719.63
* CHR-9245 Update Chromium on desktop-stable-111-4719 to 111.0.5563.147
* DNA-105919 Set new Baidu search string
* DNA-106168 EasySetup update

- Update to 97.0.4719.43
* CHR-9236 Update Chromium on desktop-stable-111-4719 to 111.0.5563.111
* DNA-105141 Tabs to the right of the currently active one swap their
position with another when clicked
* DNA-106044 Translations for O97
* DNA-106300 Fix rule for generating archive_browser_sym_files
on crossplatform builds
* DNA-106412 Content of popup not generated for some extensions when
using more then one worksapce
* DNA-106433 Extend Easy Setup API
* DNA-106435 Increase timeout for the welcome page
* DNA-106453 Public build from desktop-stable-111-4719 do not compile
- The update to chromium 111.0.5563.111 fixes following issues:
CVE-2023-1528, CVE-2023-1529, CVE-2023-1530, CVE-2023-1531,
CVE-2023-1532, CVE-2023-1533, CVE-2023-1534

- Update to 97.0.4719.28
* DNA-106303 Extension should get proper parent window id from the
sidebar API
* DNA-106366 Opera crypto crashes on startup during session restore
- Changes in 97.0.4719.26
* CHR-9225 Update Chromium on desktop-stable-111-4719 to 111.0.5563.65
* DNA-102778 Goth reports error for utils_api test
* DNA-104983 Missing encryption option in sync settings
* DNA-105293 add RateMe feature to Speed Dials and Suggested Speed Dials
section
* DNA-105299 Opera crash when closing tab by middle mouse button
* DNA-105712 Update linux sandbox dependency for browsertests
* DNA-105787 Settings extended with the AI section
* DNA-105865 Add reload option for panels in
opr.browserSidebarPrivate namespace
* DNA-105944 Update checking of widevine certificate expiration to be
independent from dateformat
* DNA-105959 Update texts – native part
* DNA-105961 Import translated texts – native part
* DNA-105967 Crash at base::ObserverList::RemoveObserver(PrefObserver
const*)
* DNA-105973 Turn on #tab-tooltip-close-tabs on all streams
* DNA-106061 Hide extension popup
* DNA-106062 [Stable A/B Test] React Start Page for Austria, Italy,
Spain and France 50%
* DNA-106068 Extension shows if developer mode is enabled
* DNA-106070 Feedback window for highlight popup displayed in wrong place
* DNA-106079 EasySetup Disclaimer – Reduce size
* DNA-106085 Crash at
TabHoverCardController::OnViewIsDeleting(views::View*)
* DNA-106086 Player home page does not show images in dark mode
* DNA-106096 Increase prompt window in AB width
* DNA-106109 Teasers on start page don’t show transparency
* DNA-106114 AI Prompts button is after Reader Mode icon
* DNA-106168 EasySetup update
* DNA-106212 Promote O97 to stable
* DNA-106225 Enable #shodan-extension for all streams
* DNA-106229 Update J5 texts
- The update to chromium 111.0.5563.65 fixes following issues:
CVE-2023-1213, CVE-2023-1214, CVE-2023-1215, CVE-2023-1216,
CVE-2023-1217, CVE-2023-1218, CVE-2023-1219, CVE-2023-1220,
CVE-2023-1221, CVE-2023-1222, CVE-2023-1223, CVE-2023-1224,
CVE-2023-1225, CVE-2023-1226, CVE-2023-1227, CVE-2023-1228,
CVE-2023-1229, CVE-2023-1230, CVE-2023-1231, CVE-2023-1232,
CVE-2023-1233, CVE-2023-1234, CVE-2023-1235, CVE-2023-1236

- Update to 96.0.4693.80
* CHR-9221 Update Chromium on desktop-stable-110-4693 to 110.0.5481.192
* DNA-104501 Opera don’t work with #high-efficiency-mode-available flag
* DNA-105860 Enable #google-suggest-entities on all streams
* DNA-106062 [Stable A/B Test] React Start Page for Austria, Italy,
Spain and France 50%

- Update to 96.0.4693.50
* DNA-104420 Creating mechanism to detect specific shortcut
* DNA-104742 Wrong button place in opera tools section in sidebar menu
* DNA-105141 Tabs to the right of the currently active one swap their
position with another when clicked
* DNA-105426 Add provisioning profiles during builds signing
* DNA-105506 Replace all references to opera-api.com domain with
opera-api2.com
* DNA-105536 Enable kFeatureExtendedUnstoppableDomains for desktop
* DNA-105727 [Rich Hints] Screenshot event must not collide with native
PrtScr notification.
* DNA-105740 [Rich Hints] Add event_user_survey to the whitelist

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:NonFree:

zypper in -t patch openSUSE-2023-114=1


Package List:

- openSUSE Leap 15.4:NonFree (x86_64):

opera-99.0.4788.13-lp154.2.47.1

References:

  https://www.suse.com/security/cve/CVE-2023-1213.html
  https://www.suse.com/security/cve/CVE-2023-1214.html
  https://www.suse.com/security/cve/CVE-2023-1215.html
  https://www.suse.com/security/cve/CVE-2023-1216.html
  https://www.suse.com/security/cve/CVE-2023-1217.html
  https://www.suse.com/security/cve/CVE-2023-1218.html
  https://www.suse.com/security/cve/CVE-2023-1219.html
  https://www.suse.com/security/cve/CVE-2023-1220.html
  https://www.suse.com/security/cve/CVE-2023-1221.html
  https://www.suse.com/security/cve/CVE-2023-1222.html
  https://www.suse.com/security/cve/CVE-2023-1223.html
  https://www.suse.com/security/cve/CVE-2023-1224.html
  https://www.suse.com/security/cve/CVE-2023-1225.html
  https://www.suse.com/security/cve/CVE-2023-1226.html
  https://www.suse.com/security/cve/CVE-2023-1227.html
  https://www.suse.com/security/cve/CVE-2023-1228.html
  https://www.suse.com/security/cve/CVE-2023-1229.html
  https://www.suse.com/security/cve/CVE-2023-1230.html
  https://www.suse.com/security/cve/CVE-2023-1231.html
  https://www.suse.com/security/cve/CVE-2023-1232.html
  https://www.suse.com/security/cve/CVE-2023-1233.html
  https://www.suse.com/security/cve/CVE-2023-1234.html
  https://www.suse.com/security/cve/CVE-2023-1235.html
  https://www.suse.com/security/cve/CVE-2023-1236.html
  https://www.suse.com/security/cve/CVE-2023-1528.html
  https://www.suse.com/security/cve/CVE-2023-1529.html
  https://www.suse.com/security/cve/CVE-2023-1530.html
  https://www.suse.com/security/cve/CVE-2023-1531.html
  https://www.suse.com/security/cve/CVE-2023-1532.html
  https://www.suse.com/security/cve/CVE-2023-1533.html
  https://www.suse.com/security/cve/CVE-2023-1534.html
  https://www.suse.com/security/cve/CVE-2023-2033.html
  https://www.suse.com/security/cve/CVE-2023-2133.html
  https://www.suse.com/security/cve/CVE-2023-2134.html
  https://www.suse.com/security/cve/CVE-2023-2135.html
  https://www.suse.com/security/cve/CVE-2023-2136.html
  https://www.suse.com/security/cve/CVE-2023-2137.html
  https://www.suse.com/security/cve/CVE-2023-2721.html
  https://www.suse.com/security/cve/CVE-2023-2722.html
  https://www.suse.com/security/cve/CVE-2023-2723.html
  https://www.suse.com/security/cve/CVE-2023-2724.html
  https://www.suse.com/security/cve/CVE-2023-2725.html
  https://www.suse.com/security/cve/CVE-2023-2726.html