openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:0948-1
Rating:             important
References:         
Cross-References:   CVE-2021-30544 CVE-2021-30545 CVE-2021-30546
                    CVE-2021-30547 CVE-2021-30548 CVE-2021-30549
                    CVE-2021-30550 CVE-2021-30551 CVE-2021-30552
                    CVE-2021-30553 CVE-2021-30554 CVE-2021-30555
                    CVE-2021-30556 CVE-2021-30557
CVSS scores:
                    CVE-2021-30544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30545 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30546 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30547 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30548 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30549 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30550 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30551 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30552 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-30553 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.3:NonFree
______________________________________________________________________________

   An update that fixes 14 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   Update to version 77.0.4054.146

     - CHR-8458 Update chromium on desktop-stable-91-4054 to 91.0.4472.114
     - DNA-92171 Create active linkdiscovery service
     - DNA-92388 Fix and unskip
       WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible
     - DNA-93101 Tabs are being snoozed when tab snoozing is disabled
     - DNA-93386 Update pinboard view when item changes
     - DNA-93448 Make browser ready for Developer release
     - DNA-93491 Fix failing tests after enabling #pinboard flag
     - DNA-93498 Add additional music services
     - DNA-93503 Blank popup on clicking toolbar icon with popup open
     - DNA-93561 Do not allow zoom different from 100% in Pinboard popup
     - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers
     - DNA-93644 Create route for `import open tabs` to `pinboard`
     - DNA-93664 Adapt popup to design
     - DNA-93702 Turn on flags on developer
     - DNA-93737 [Pinboard] Remove Mock API
     - DNA-93745 Unable to open the popup after opening it several times
     - DNA-93776 Popup closes and reopens when clicking the toolbar button
     - DNA-93786 DCHECK after opening popup
     - DNA-93802 Crash at views::Widget::GetNativeView() const
     - DNA-93810 Add pinboard icon to sidebar
     - DNA-93825 Add pinboard to Opera menu
     - DNA-93833 [Player] Implement seeking for new services
     - DNA-93845 Do not log output of snapcraft on console
     - DNA-93864 Create feature flag for start page sync banner
     - DNA-93865 Implement start page banner
     - DNA-93867 Use version from package instead of repository
     - DNA-93878 [Player] Crash when current player service becomes
       unavailable when user location changes
     - DNA-93953 ???Send image to Pinboard??? has the wrong position in the
       context menu
     - DNA-93987 Disable zooming popup contents like in other popups
     - DNA-93989 Change internal URL to opera://pinboards
     - DNA-93990 Update strings to reflect new standards
     - DNA-93992 Add Pinboards to Opera settings
     - DNA-93993 Pinboard translations from Master
     - DNA-94011 Enable feature flags for Reborn 5 on stable
     - DNA-94019 Add a direct link to settings
     - DNA-94088 Internal pages provoke not saving other pages to the Pinboard
     - DNA-94111 [O77] Sidebar setup does not open
     - DNA-94139 Crash at
       opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget()
   - The update to chromium 91.0.4472.114 fixes following issues:
     CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557
     CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547,
     CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551,
     CVE-2021-30552, CVE-2021-30553


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:NonFree:

      zypper in -t patch openSUSE-2021-948=1



Package List:

   - openSUSE Leap 15.3:NonFree (x86_64):

      opera-77.0.4054.146-lp153.2.6.1


References:

   https://www.suse.com/security/cve/CVE-2021-30544.html
   https://www.suse.com/security/cve/CVE-2021-30545.html
   https://www.suse.com/security/cve/CVE-2021-30546.html
   https://www.suse.com/security/cve/CVE-2021-30547.html
   https://www.suse.com/security/cve/CVE-2021-30548.html
   https://www.suse.com/security/cve/CVE-2021-30549.html
   https://www.suse.com/security/cve/CVE-2021-30550.html
   https://www.suse.com/security/cve/CVE-2021-30551.html
   https://www.suse.com/security/cve/CVE-2021-30552.html
   https://www.suse.com/security/cve/CVE-2021-30553.html
   https://www.suse.com/security/cve/CVE-2021-30554.html
   https://www.suse.com/security/cve/CVE-2021-30555.html
   https://www.suse.com/security/cve/CVE-2021-30556.html
   https://www.suse.com/security/cve/CVE-2021-30557.html