--===============2964663105413608225=
Announcement ID:    openSUSE-SU-2020:2178-1
Rating:             important
References:         
Cross-References:   CVE-2020-16013 CVE-2020-16017
Affected Products:
                    openSUSE Leap 15.2:NonFree
                    openSUSE Leap 15.1:NonFree
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   - Update to version 72.0.3815.400
     - DNA-88996 [Mac] Vertical spacing of sidebar items incorrect
     - DNA-89698 [Mac] text on bookmark bar not visible when application is
       not focused
     - DNA-89746 Add product-name switch to Opera launcher and installer
     - DNA-89779 Implement multi-window behavior for pinned Player
     - DNA-89924 Music continue to play after the disabling Player from
       Sidebar
     - DNA-89994 Fix progress bar shape and color
     - DNA-89995 Fix font sizes, weights and colors of text in control panel
     - DNA-90010 Payment Methods in Settings mention Google account
     - DNA-90022 [Mac][BigSur] Crash at -[BrowserWindowController
       window:willPositionSheet:usingRect:]
     - DNA-90025 Player stays in the autopause after reloading panel ??? part
       2
     - DNA-90096 Sidebar click stat not collected for Player
     - DNA-90143 Adding a stat for Player sidebar clicks to the Avro schema

   - Update to version 72.0.3815.378
     - CHR-8192 Update chromium on desktop-stable-86-3815 to 86.0.4240.198
     - DNA-86550 XHRUint8Array test time out
     - DNA-88631 Unintended volume drop
     - DNA-88708 [Snap] Inproper area snapped
     - DNA-88726 [Mac] Overlay ???pause??? icon when Opera auto-pauses the
       Player
     - DNA-88903 Detach video button should not be visible
     - DNA-88938 Make home page reflect service configuration
     - DNA-88943 Learn more link on home page doesnt work
     - DNA-88944 Apple Music service slow to open
     - DNA-88948 Fetch audio focus request id from MediaSession
     - DNA-88949 Detach video button missing
     - DNA-88966 No accessiblity titles for services icons in home page
     - DNA-88967 Investigate creating a single BrowserSidebarModel instance
     - DNA-88995 Overlay ???pause??? is displayed when it shouldn???t
     - DNA-89017 Error when signing out of YouTube Music
     - DNA-89054 Audio is not resumed when muting audio in tab
     - DNA-89094 DCHECK when pressing Reload button
     - DNA-89095 Manage service data through PlayerService
     - DNA-89100 [Player] Crash ??? many scenarios
     - DNA-89187 Reload button doesn???t work properly
     - DNA-89189 Update icons and buttons
     - DNA-89217 Enable #player-service on developer stream
     - DNA-89220 SidebarCarouselTests.* failing
     - DNA-89230 Crash at v8::Context::Enter()
     - DNA-89244 Define default widths per service
     - DNA-89245 Improve Spotify logo layout in home page buttons
     - DNA-89248 Crash at opera::WebPageBrowserSidebarItemContentViewViews
       ::UpdatePlayerService()
     - DNA-89278 [Sidebar] No notification for downloads and workspaces
     - DNA-89285 [Engine] Unable to launch skype with Opera
     - DNA-89292 Do not block page loads waiting for sitecheck data
     - DNA-89316 Should be able to navigate directly to playerServices
       section in settings
     - DNA-89339 Make popup appear with tooltip-like behavior
     - DNA-89340 Implement control panel looks in light and dark mode
     - DNA-89341 Make the control panel buttons work
     - DNA-89342 Add support for the DNA to the rollout system
     - DNA-89344 Show Music Service icon in the control panel
     - DNA-89360 Make ???Settings??? menu entry go to settings
     - DNA-89366 Make opera://feedback/babe attachable by the webdriver
     - DNA-89419 Crash at base::Value::GetAsDictionary (base::DictionaryValue
       const**) const
     - DNA-89469 Autopause does not work
     - DNA-89477 Do not wait with starting the player if the interrupting
       session is short
     - DNA-89480 Crash when hovering player panel
     - DNA-89484 Crash at base::internal::CheckedObserverAdapter
       ::IsMarkedForRemoval()
     - DNA-89489 Put control panel behind feature flag
     - DNA-89514 Implement feedback button for Player
     - DNA-89516 Do not auto-pause the Player when there is no sound
     - DNA-89553 Make the control panel show current song
     - DNA-89557 No accessibility title for rating and close buttons inside
       feedback dialog
     - DNA-89561 Make the control panel show artwork that represents current
       track
     - DNA-89575 Handle longer track and artist names
     - DNA-89577 Make progress bar work correctly
     - DNA-89630 Controler pop-up is too high (and service logo too)
     - DNA-89634 Panel width is reset when it shouldn???t
     - DNA-89654 Request higher resolution images for HiDPI
     - DNA-89655 Enable #player-service-control-panel on Developer stream
     - DNA-89671 No accessiblity titles for control panel elements
     - DNA-89672 String change ???A world of music??????
     - DNA-89679 Player ??? don???t show control panel when Player in sidebar
       is opened
     - DNA-89722 Album cover arts are not visible
     - DNA-89766 Address bar does not respond to actions
     - DNA-89776 Control panel does not disappear after hovering elsewhere
     - DNA-89778 Implement multi-window behavior when no Player is pinned
     - DNA-89795 Player is enable after Opera restart (when in Settings was
       turned off)
     - DNA-89803 Artwork is cropped to the right
     - DNA-89812 Sidebar panel should hide when toggle between windows
     - DNA-89820 Incorrect music services for Philippines
     - DNA-89846 Do not show the control panel if there is nothing to show
     - DNA-89878 Clarify notification dot for messengers     - DNA-89901 [Mac][Player] Zombie crash at exit
     - DNA-89952 Crash at opera::BrowserSidebarPlayerItemContentViewViews
       ::LoadPlayerServiceURL()
     - DNA-89964 Player stays in the autopause after reloading panel
     - DNA-89971 Multi window behaviour is not respected anymore
     - DNA-89976 Disallow docking for Player
     - DNA-89986 Enable #player-service and #player-service-control-panel on
       all streams
     - DNA-90006 Change services order in RU/UA/BY
   - The update to chromium 86.0.4240.198 fixes following issues:
     CVE-2020-16013, CVE-2020-16017


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:NonFree:

      zypper in -t patch openSUSE-2020-2178=1

   - openSUSE Leap 15.1:NonFree:

      zypper in -t patch openSUSE-2020-2178=1



Package List:

   - openSUSE Leap 15.2:NonFree (x86_64):

      opera-72.0.3815.400-lp152.2.24.1

   - openSUSE Leap 15.1:NonFree (x86_64):

      opera-72.0.3815.400-lp151.2.36.1


References:

   https://www.suse.com/security/cve/CVE-2020-16013.html
   https://www.suse.com/security/cve/CVE-2020-16017.html
--===============2964663105413608225=

openSUSE: 2020:2178-1 important: opera

December 6, 2020

Description

This update for opera fixes the following issues: - Update to version 72.0.3815.400 - DNA-88996 [Mac] Vertical spacing of sidebar items incorrect - DNA-89698 [Mac] text on bookmark bar not visible when application is not focused - DNA-89746 Add product-name switch to Opera launcher and installer - DNA-89779 Implement multi-window behavior for pinned Player - DNA-89924 Music continue to play after the disabling Player from Sidebar - DNA-89994 Fix progress bar shape and color - DNA-89995 Fix font sizes, weights and colors of text in control panel - DNA-90010 Payment Methods in Settings mention Google account - DNA-90022 [Mac][BigSur] Crash at -[BrowserWindowController window:willPositionSheet:usingRect:] - DNA-90025 Player stays in the autopause after reloading panel ??? part 2 - DNA-90096 Sidebar click stat not collected for Player - DNA-90143 Adding a stat for Player sidebar clicks to the Avro schema - Update to version 72.0.3815.378 - CHR-8192 Update chromium on desktop-stable-86-3815 to 86.0.4240.198 - DNA-86550 XHRUint8Array test time out - DNA-88631 Unintended volume drop - DNA-88708 [Snap] Inproper area snapped - DNA-88726 [Mac] Overlay ???pause??? icon when Opera auto-pauses the Player - DNA-88903 Detach video button should not be visible - DNA-88938 Make home page reflect service configuration - DNA-88943 Learn more link on home page doesnt work - DNA-88944 Apple Music service slow to open - DNA-88948 Fetch audio focus request id from MediaSession - DNA-88949 Detach video button missing - DNA-88966 No accessiblity titles for services icons in home page - DNA-88967 Investigate creating a single BrowserSidebarModel instance - DNA-88995 Overlay ???pause??? is displayed when it shouldn???t - DNA-89017 Error when signing out of YouTube Music - DNA-89054 Audio is not resumed when muting audio in tab - DNA-89094 DCHECK when pressing Reload button - DNA-89095 Manage service data through PlayerService - DNA-89100 [Player] Crash ??? many scenarios - DNA-89187 Reload button doesn???t work properly - DNA-89189 Update icons and buttons - DNA-89217 Enable #player-service on developer stream - DNA-89220 SidebarCarouselTests.* failing - DNA-89230 Crash at v8::Context::Enter() - DNA-89244 Define default widths per service - DNA-89245 Improve Spotify logo layout in home page buttons - DNA-89248 Crash at opera::WebPageBrowserSidebarItemContentViewViews ::UpdatePlayerService() - DNA-89278 [Sidebar] No notification for downloads and workspaces - DNA-89285 [Engine] Unable to launch skype with Opera - DNA-89292 Do not block page loads waiting for sitecheck data - DNA-89316 Should be able to navigate directly to playerServices section in settings - DNA-89339 Make popup appear with tooltip-like behavior - DNA-89340 Implement control panel looks in light and dark mode - DNA-89341 Make the control panel buttons work - DNA-89342 Add support for the DNA to the rollout system - DNA-89344 Show Music Service icon in the control panel - DNA-89360 Make ???Settings??? menu entry go to settings - DNA-89366 Make opera://feedback/babe attachable by the webdriver - DNA-89419 Crash at base::Value::GetAsDictionary (base::DictionaryValue const**) const - DNA-89469 Autopause does not work - DNA-89477 Do not wait with starting the player if the interrupting session is short - DNA-89480 Crash when hovering player panel - DNA-89484 Crash at base::internal::CheckedObserverAdapter ::IsMarkedForRemoval() - DNA-89489 Put control panel behind feature flag - DNA-89514 Implement feedback button for Player - DNA-89516 Do not auto-pause the Player when there is no sound - DNA-89553 Make the control panel show current song - DNA-89557 No accessibility title for rating and close buttons inside feedback dialog - DNA-89561 Make the control panel show artwork that represents current track - DNA-89575 Handle longer track and artist names - DNA-89577 Make progress bar work correctly - DNA-89630 Controler pop-up is too high (and service logo too) - DNA-89634 Panel width is reset when it shouldn???t - DNA-89654 Request higher resolution images for HiDPI - DNA-89655 Enable #player-service-control-panel on Developer stream - DNA-89671 No accessiblity titles for control panel elements - DNA-89672 String change ???A world of music?????? - DNA-89679 Player ??? don???t show control panel when Player in sidebar is opened - DNA-89722 Album cover arts are not visible - DNA-89766 Address bar does not respond to actions - DNA-89776 Control panel does not disappear after hovering elsewhere - DNA-89778 Implement multi-window behavior when no Player is pinned - DNA-89795 Player is enable after Opera restart (when in Settings was turned off) - DNA-89803 Artwork is cropped to the right - DNA-89812 Sidebar panel should hide when toggle between windows - DNA-89820 Incorrect music services for Philippines - DNA-89846 Do not show the control panel if there is nothing to show - DNA-89878 Clarify notification dot for messengers - DNA-89901 [Mac][Player] Zombie crash at exit - DNA-89952 Crash at opera::BrowserSidebarPlayerItemContentViewViews ::LoadPlayerServiceURL() - DNA-89964 Player stays in the autopause after reloading panel - DNA-89971 Multi window behaviour is not respected anymore - DNA-89976 Disallow docking for Player - DNA-89986 Enable #player-service and #player-service-control-panel on all streams - DNA-90006 Change services order in RU/UA/BY - The update to chromium 86.0.4240.198 fixes following issues: CVE-2020-16013, CVE-2020-16017

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2:NonFree: zypper in -t patch openSUSE-2020-2178=1 - openSUSE Leap 15.1:NonFree: zypper in -t patch openSUSE-2020-2178=1


Package List

- openSUSE Leap 15.2:NonFree (x86_64): opera-72.0.3815.400-lp152.2.24.1 - openSUSE Leap 15.1:NonFree (x86_64): opera-72.0.3815.400-lp151.2.36.1


References

https://www.suse.com/security/cve/CVE-2020-16013.html https://www.suse.com/security/cve/CVE-2020-16017.html--===============2964663105413608225=


Severity
Announcement ID: openSUSE-SU-2020:2178-1
Rating: important
Affected Products: openSUSE Leap 15.2:NonFree openSUSE Leap 15.1:NonFree An update that fixes two vulnerabilities is now available.

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved