openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:1358-1
Rating:             important
References:         
Cross-References:   CVE-2021-37974 CVE-2021-37975 CVE-2021-37976
                   
Affected Products:
                    openSUSE Leap 15.3:NonFree
                    openSUSE Leap 15.2:NonFree
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   opera was updated to version 80.0.4170.16

   Fixes:

     - CHR-8590 Update chromium on desktop-stable-94-4170 to 94.0.4606.61
     - DNA-95347 Make InstallerStep::Run async
     - DNA-95420 First suggestion in address field is often not highlighted
     - DNA-95613 Browser closing itself after closing SD/first tab and last
       opened tab
     - DNA-95725 Promote O80 to stable
     - DNA-95781 Import fixes for CVE-2021-37975, CVE-2021-37976 and
       CVE-2021-37974 to desktop-stable-94-4170

   - Complete Opera 80.0 changelog at:
     https://blogs.opera.com/desktop/changelog-for-80/
   - Drop Provides/Obsoletes for opera-gtk and opera-kde4
     opera-gtk and opera-kde4 were last used in openSUSE 13.1

   Opera was updated to version 79.0.4143.72

   Fixes:

     - DNA-94933 Add emoji panel to address bar
     - DNA-95210 Add emoji YAT address bar suggestions
     - DNA-95221 Emoji button stuck in address bar
     - DNA-95325 Make y.at navigations to be reported with page_views events
     - DNA-95327 Add ???Emojis??? context menu option in address bar field
     - DNA-95339 Add YAT emoji url suggestion to search?? dialog
     - DNA-95364 Add browser feature flag
     - DNA-95416 Remove emoji button from address bar
     - DNA-95439 Enable #yat-emoji-addresses on developer stream
     - DNA-95441 [Mac big sur] Emoji are not shown in address bar url
     - DNA-95445 Crash when removing unsynced pinboard bookmark with sync
       enabled
     - DNA-95512 Allow to show title and timer for simple banners
     - DNA-95516 Wrong label in settings for themes
     - DNA-95679 Temporarily disable AB test for a new autoupdater logic


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:NonFree:

      zypper in -t patch openSUSE-2021-1358=1

   - openSUSE Leap 15.2:NonFree:

      zypper in -t patch openSUSE-2021-1358=1



Package List:

   - openSUSE Leap 15.3:NonFree (x86_64):

      opera-80.0.4170.16-lp153.2.24.1

   - openSUSE Leap 15.2:NonFree (x86_64):

      opera-80.0.4170.16-lp152.2.70.1


References:

   https://www.suse.com/security/cve/CVE-2021-37974.html
   https://www.suse.com/security/cve/CVE-2021-37975.html
   https://www.suse.com/security/cve/CVE-2021-37976.html