SUSE 5144 Published by

An opera security update has been released for openSUSE Leap 15.5 .



openSUSE-SU-2023:0297-1: important: Security update for opera


openSUSE Security Update: Security update for opera
_______________________________

Announcement ID: openSUSE-SU-2023:0297-1
Rating: important
References:
Cross-References: CVE-2023-5186 CVE-2023-5187 CVE-2023-5217

CVSS scores:
CVE-2023-5186 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-5187 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-5217 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-5217 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Leap 15.5:NonFree
_______________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

- Update to 103.0.4928.16
* CHR-9416 Updating Chromium on desktop-stable-* branches
* CHR-9433 Update Chromium on desktop-stable-117-4928 to 117.0.5938.89
* CHR-9449 Update Chromium on desktop-stable-117-4928 to 117.0.5938.132
* DNA-110337 Opera Intro extension custom versions
* DNA-111454 Player animations visual adjustments
* DNA-111618 Turn on #password-generator on all streams
* DNA-111645 Turn on flag #player-service-react on developer stream
* DNA-111708 Player home page is shown while music service is being
loaded
* DNA-111722 [Tab strip][Tab island] Add tab in tab island button
appears after size of tabs is changed
* DNA-111727 JsonPrefStore is created twice for Local State file
* DNA-111838 Promote 103.0 to stable
* DNA-111845 Turn on flag #player-service-react on all streams
* DNA-111868 Translations for O103
* DNA-111874 OMenu and Context Menus has transparent few px border
- The update to chromium 117.0.5938.89 fixes following issues:
CVE-2023-5217, CVE-2023-5186, CVE-2023-5187
- Complete Opera 103 changelog at:
https://blogs.opera.com/desktop/changelog-for-103/

- Update to 102.0.4880.78
* DNA-110952 Crash at base::subtle::RefCountedBase:: ReleaseImpl() const

- Update to 102.0.4880.70
* DNA-105016 Do not open file selector when closing easy files dialog
with 'close this popup' option
* DNA-110437 Extensions font color in dark mode makes the text not
visible
* DNA-110443 Crash at EasyFilesView::ShowFileSelector
* DNA-111231 Amazon Music logo update in sidebar Player
* DNA-111280 Make import from Crypto Browser to Opera Browser easier
* DNA-111355 [Sidebar] DevTools is not working correctly in with sidebar
panel
* DNA-111708 Player home page is shown while music service is being
loaded
* DNA-111162 Refresh Player home page
* DNA-111164 Implement animation in Player home page

- Update to 102.0.4880.56
* DNA-110785 Crash at static void base::allocator::
UnretainedDanglingRawPtrDetectedDumpWithoutCrashing (unsigned __int64)
* DNA-110973 Crash after dragging tab from island to another screen
* DNA-111199 Disable user_education tests from component_unittests
* DNA-111369 Crash at views::View::DoRemoveChildView(views:: View*,
bool, bool, views::View*)
* DNA-111538 All new open windows don`t have a close button 'x' in the
right upper corner.
- Changes in 102.0.4880.51
* CHR-9416 Automatic tries of updating Chromium on desktop-stable-*
branches
* DNA-110101 [Linux] Maximize/restore button does not work properly
* DNA-110669 duplicated hints on system buttons
* DNA-110823 Uninstallation Survey Countries
* DNA-110881 Scroll bar doesn't change color in dark mode
* DNA-110930 Capture mouse events on the 1-pixel edge for DevTools
* DNA-110935 ChatSonic colors are unreadable in Dark Mode
* DNA-111034 Dynamic icon does not look good in edit-tile-modal
* DNA-111035 Removal custom-image should restore dynamic icon
* DNA-111177 [Start page] Letter in SD is black on light wallpaper
* DNA-111488 Improve profile migration for desktop-stable-116-4880

- Update to 102.0.4880.46
* CHR-9416 Automatic tries of updating Chromium on desktop-stable-*
branches
* DNA-110216 [Sidebar] Straight lines instead of rounded corners
* DNA-110539 [LIN] Crash at content::WebContentsImpl::
GetLastCommittedURL()
* DNA-110631 AB test mechanism for Speed Dial
* DNA-110656 [TabStrip] Memory leak for tab group
* DNA-111322 Only show splash screen on major version update
* DNA-111417 Crash at opera::component_based::
TabAnimationController::StartAnimatedLayout(opera::
component_based::TabAnimationController::AnimationInfo,
base::OnceCallback)
* DNA-111420 Update continue on link for euro rtv agd
* DNA-111440 Crash at opera::component_based::
ComponentTabBar::GetActiveTab()

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.5:NonFree:

zypper in -t patch openSUSE-2023-297=1

Package List:

- openSUSE Leap 15.5:NonFree (x86_64):

opera-103.0.4928.16-lp155.3.12.1

References:

https://www.suse.com/security/cve/CVE-2023-5186.html
https://www.suse.com/security/cve/CVE-2023-5187.html
https://www.suse.com/security/cve/CVE-2023-5217.html