ArchLinux: 202106-1: opera: multiple issues
Summary
- CVE-2021-30506 (content spoofing)
An incorrect security UI security issue has been found in the Web App
Installs component of the Chromium browser before version
90.0.4430.212.
- CVE-2021-30507 (incorrect calculation)
An inappropriate implementation security issue has been found in the
Offline component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30508 (arbitrary code execution)
A heap buffer overflow security issue has been found in the Media Feeds
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30509 (arbitrary code execution)
An out of bounds write security issue has been found in the Tab Strip
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30510 (arbitrary code execution)
A race condition security issue has been found in the Aura component of
the Chromium browser before version 90.0.4430.212.
- CVE-2021-30511 (information disclosure)
An out of bounds read security issue has been found in the Tab Groups
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30512 (arbitrary code execution)
A use after free security issue has been found in the Notifications
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30513 (incorrect calculation)
A type confusion security issue has been found in the V8 component of
the Chromium browser before version 90.0.4430.212.
- CVE-2021-30514 (arbitrary code execution)
A use after free security issue has been found in the Autofill
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30515 (arbitrary code execution)
A use after free security issue has been found in the File API
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30516 (arbitrary code execution)
A heap buffer overflow security issue has been found in the History
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30517 (incorrect calculation)
A type confusion security issue has been found in the V8 component of
the Chromium browser before version 90.0.4430.212.
- CVE-2021-30518 (arbitrary code execution)
A heap buffer overflow security issue has been found in the Reader Mode
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30519 (arbitrary code execution)
A use after free security issue has been found in the Payments
component of the Chromium browser before version 90.0.4430.212.
- CVE-2021-30520 (arbitrary code execution)
A use after free security issue has been found in the Tab Strip
component of the Chromium browser before version 90.0.4430.212.
Resolution
Upgrade to 76.0.4017.154-1.
# pacman -Syu "opera>=76.0.4017.154-1"
The problems have been fixed upstream in version 76.0.4017.154.
References
https://blogs.opera.com/desktop/changelog-for-76/ https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://bugs.chromium.org/p/chromium/issues/detail https://security.archlinux.org/CVE-2021-30506 https://security.archlinux.org/CVE-2021-30507 https://security.archlinux.org/CVE-2021-30508 https://security.archlinux.org/CVE-2021-30509 https://security.archlinux.org/CVE-2021-30510 https://security.archlinux.org/CVE-2021-30511 https://security.archlinux.org/CVE-2021-30512 https://security.archlinux.org/CVE-2021-30513 https://security.archlinux.org/CVE-2021-30514 https://security.archlinux.org/CVE-2021-30515 https://security.archlinux.org/CVE-2021-30516 https://security.archlinux.org/CVE-2021-30517 https://security.archlinux.org/CVE-2021-30518 https://security.archlinux.org/CVE-2021-30519 https://security.archlinux.org/CVE-2021-30520
Workaround
None.