openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2024:0053-1
Rating:             important
References:         
Cross-References:   CVE-2024-1059 CVE-2024-1060 CVE-2024-1077
                    CVE-2024-1283 CVE-2024-1284
CVSS scores:
                    CVE-2024-1059 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-1060 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-1077 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-1283 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2024-1284 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.5:NonFree
______________________________________________________________________________

   An update that fixes 5 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   - Update to 107.0.5045.21
     * CHR-9604 Update Chromium on desktop-stable-121-5045 to 121.0.6167.160
     * DNA-114167 Crash at TopLevelStorageAccessPermissionContext::
       DecidePermission(permissions::PermissionRequestData, base::
       OnceCallback)
     * DNA-114303 Crash at auto std::__Cr::remove_if(auto, auto,
       base::ObserverList::Compact()::”lambda”(auto const&))
     * DNA-114478 Start Page opening animation refresh
     * DNA-114553 Change search box animation
     * DNA-114723 [Search box] No option to highlight typed text
     * DNA-114806 [Tab cycler] Domain address should be bolded
     * DNA-114846 Translations for O107
     * DNA-114924 Crash at opera::SuggestionModelBase::
       NavigateTo(WindowOpenDisposition)
   - The update to chromium 121.0.6167.160 fixes following issues:
     CVE-2024-1283, CVE-2024-1284

   - Update to 107.0.5045.15
     * CHR-9593 Update Chromium on desktop-stable-121-5045 to 121.0.6167.140
     * DNA-114421 Animate text in tab cycler from the center of the screen
     * DNA-114519 Crash at media::AVStreamToVideoDecoderConfig (AVStream
       const*, media::VideoDecoderConfig*)
     * DNA-114537 Default value for synchronization changed from 'Do not sync
       data' to 'Customise sync'
     * DNA-114554 Add shadow to tab thumbnails in tab cycler
     * DNA-114555 Fade out long tab titles
     * DNA-114686 [Import] Import from Opera Crypto is marked as done even
       when Crypto is not installed
     * DNA-114691 Update font colors
     * DNA-114692 Update shadow (glow) of tabs
     * DNA-114693 Update position of text and tabs when cycling through tabs
     * DNA-114790 [Linux] Unwanted 1px top border in full screen mode
   - Complete Opera 107 changelog at:
     https://blogs.opera.com/desktop/changelog-for-107/
   - The update to chromium 121.0.6167.140 fixes following issues:
     CVE-2024-1059, CVE-2024-1060, CVE-2024-1077

   - Update to 106.0.4998.70
     * DNA-112467 Shadow on Opera popups
     * DNA-114414 The "Move to" workspace submenu from tab strip stays blue
       when its submenu item is selected

   - Update to 106.0.4998.66
     * CHR-9416 Updating Chromium on desktop-stable-* branches
     * DNA-114489 Release and update opera:intro extension version in Opera


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.5:NonFree:

      zypper in -t patch openSUSE-2024-53=1



Package List:

   - openSUSE Leap 15.5:NonFree (x86_64):

      opera-107.0.5045.21-lp155.3.36.1


References:

   https://www.suse.com/security/cve/CVE-2024-1059.html
   https://www.suse.com/security/cve/CVE-2024-1060.html
   https://www.suse.com/security/cve/CVE-2024-1077.html
   https://www.suse.com/security/cve/CVE-2024-1283.html
   https://www.suse.com/security/cve/CVE-2024-1284.html

openSUSE: 2024:0053-1 important: opera

February 19, 2024
An update that fixes 5 vulnerabilities is now available

Description

This update for opera fixes the following issues: - Update to 107.0.5045.21 * CHR-9604 Update Chromium on desktop-stable-121-5045 to 121.0.6167.160 * DNA-114167 Crash at TopLevelStorageAccessPermissionContext:: DecidePermission(permissions::PermissionRequestData, base:: OnceCallback) * DNA-114303 Crash at auto std::__Cr::remove_if(auto, auto, base::ObserverList::Compact()::”lambda”(auto const&)) * DNA-114478 Start Page opening animation refresh * DNA-114553 Change search box animation * DNA-114723 [Search box] No option to highlight typed text * DNA-114806 [Tab cycler] Domain address should be bolded * DNA-114846 Translations for O107 * DNA-114924 Crash at opera::SuggestionModelBase:: NavigateTo(WindowOpenDisposition) - The update to chromium 121.0.6167.160 fixes following issues: CVE-2024-1283, CVE-2024-1284 - Update to 107.0.5045.15 * CHR-9593 Update Chromium on desktop-stable-121-5045 to 121.0.6167.140 * DNA-114421 Animate text in tab cycler from the center of the screen * DNA-114519 Crash at media::AVStreamToVideoDecoderConfig (AVStream const*, media::VideoDecoderConfig*) * DNA-114537 Default value for synchronization changed from 'Do not sync data' to 'Customise sync' * DNA-114554 Add shadow to tab thumbnails in tab cycler * DNA-114555 Fade out long tab titles * DNA-114686 [Import] Import from Opera Crypto is marked as done even when Crypto is not installed * DNA-114691 Update font colors * DNA-114692 Update shadow (glow) of tabs * DNA-114693 Update position of text and tabs when cycling through tabs * DNA-114790 [Linux] Unwanted 1px top border in full screen mode - Complete Opera 107 changelog at: https://blogs.opera.com/desktop/changelog-for-107/ - The update to chromium 121.0.6167.140 fixes following issues: CVE-2024-1059, CVE-2024-1060, CVE-2024-1077 - Update to 106.0.4998.70 * DNA-112467 Shadow on Opera popups * DNA-114414 The "Move to" workspace submenu from tab strip stays blue when its submenu item is selected - Update to 106.0.4998.66 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-114489 Release and update opera:intro extension version in Opera

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2024-53=1


Package List

- openSUSE Leap 15.5:NonFree (x86_64): opera-107.0.5045.21-lp155.3.36.1


References

https://www.suse.com/security/cve/CVE-2024-1059.html https://www.suse.com/security/cve/CVE-2024-1060.html https://www.suse.com/security/cve/CVE-2024-1077.html https://www.suse.com/security/cve/CVE-2024-1283.html https://www.suse.com/security/cve/CVE-2024-1284.html


Severity
Announcement ID: openSUSE-SU-2024:0053-1
Rating: important
Affected Products: openSUSE Leap 15.5:NonFree .

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved