openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2022:0156-1
Rating:             important
References:         
Cross-References:   CVE-2022-1364 CVE-2022-1633 CVE-2022-1634
                    CVE-2022-1635 CVE-2022-1636 CVE-2022-1637
                    CVE-2022-1638 CVE-2022-1639 CVE-2022-1640
                    CVE-2022-1641
Affected Products:
                    openSUSE Leap 15.4:NonFree
______________________________________________________________________________

   An update that fixes 10 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   Update to 87.0.4390.25:

     - CHR-8870 Update chromium on desktop-stable-101-4390 to 101.0.4951.64
     - DNA-99209 Enable #easy-files-multiupload on all streams
     - DNA-99325 Use a preference to set number of recent searches and
       recently closed in unfiltered dropdown
     - DNA-99353 Translations for O87
     - DNA-99365 Adding title to the first category duplicates categories
       titles in the dropdown
     - DNA-99385 Feedback button in filtered dropdown can overlap with
       other web buttons for highlighted suggestion
     - DNA-99391 Add bookmarks at the bottom of a bookmarks bar folder
     - DNA-99491 Suggestion is not immediately removed form recent searches
       view in dropdown.
     - DNA-99501 Promote O87 to stable
     - DNA-99504 ???Switch to tab??? button is not aligned to the right for
       some categories in dropdown

   - The update to chromium 101.0.4951.64 fixes following issues:
     CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636,
     CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641

   - Complete Opera 87.0 changelog at:
     https://blogs.opera.com/desktop/changelog-for-87/

   - Update to 86.0.4363.59

     - DNA-99021 Crash in sidebar when extension of sidebar item was
       uninstalled
     - DNA-99359 Crash at opera::
       ContinueShoppingExpiredProductRemoverImpl::RemoveExpiredProducts()


   - Update to 86.0.4363.50

     - DNA-68493 Opera doesn???t close address field drop-down when dragging
       text from the address field
     - DNA-99003 Crash at views::Widget::GetNativeView() const
     - DNA-99133 BrowserSidebarWithProxyAuthTest.PreloadWithWebModalDialog
       fails
     - DNA-99230 Switching search engine with shortcut stopped working after
       DNA-99178
     - DNA-99317 Make history match appear on top

   - Update to 86.0.4363.32

     - DNA-98510 Blank icon in sidebar setup
     - DNA-98525 Unable to drag tab to far right
     - DNA-98893 Sound indicator is too precise in Google Meet
     - DNA-98919 Shopping corner internal API access update
     - DNA-98924 Tab tooltip gets stuck on screen
     - DNA-98981 Enable easy-files-multiupload on developer stream
     - DNA-99041 Move Shopping Corner to sidebar entry
     - DNA-99061 Enable #address-bar-dropdown-categories on all streams
     - DNA-99062 Create flag to show top sites and recently closed in
       unfiltered suggestions
     - DNA-99064 Hard to drag & drop current URL to a specific folder
       on bookmarks bar when unfiltered dropdown is displayed
     - DNA-99070 Make scroll button in Continue On scroll multiple items
     - DNA-99089 Shopping corner tab is not preserved after restart
     - DNA-99115 Request updating the Avro schema for sidebar event
     - DNA-99117 Make sure shopping corner is enabled by default
     - DNA-99178 Left/right not working in address bar dropdown
     - DNA-99204 Hide Shopping Corner by default

   - Update to 86.0.4363.23

     - CHR-8843 Update chromium on desktop-stable-100-4363 to 100.0.4896.127
     - DNA-98236 Turn on #snap-text-selection on all streams
     - DNA-98507 DCHECK at address_bar_controller.cc(547)
     - DNA-98528 Suggestions for internal pages disappear when typing their
       full name
     - DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet"
     - DNA-98540 Booking.com used instead of custom search engine
     - DNA-98587 Favicon of booking suggestion in the city category is
       unexpectedly changing
     - DNA-98605 City suggestions should show URL in address field when
       selected
     - DNA-98608 #address-bar-dropdown-categories expired
     - DNA-98616 Add recent searches to 'old' BABE
     - DNA-98668 Switch to tab button leads to wrong tab
     - DNA-98673 Improve suggestion removal handling in suggestion providers
     - DNA-98681 Remove unused suggestion consumers
     - DNA-98684 Have a dedicated SuggestionList for the new address bar
       dropdown
     - DNA-98685 Enable #native-crypto-wallet on developer
     - DNA-98688 "Disable this feature" mini-menu settings is non-intuitive
     - DNA-98690 Autocompleted text stayed in address field after removing
       suggestion
     - DNA-98738 Inline autocomplete suggestion for SD disappears after
       typing 3rd letter of SD name
     - DNA-98743 Blank dropdown after pressing space key
     - DNA-98783 Improve showing suggestions with long URLs or page titles
     - DNA-98785 "Switch to tab" button not shown for suggestions with www
       subdomain when typing domain text
     - DNA-98879 "Disable suggestions before typing" mini-menu option should
       change to "Enable suggestions before typing" when being selected
     - DNA-98917 Translations for O86
     - DNA-98975 Turn on #snap-crop-tool on all channels
     - DNA-98980 Enable #native-crypto-wallet on all streams
     - DNA-99005 The sidebar item is not visible for already active crypto
       wallet users when #native-crypto-wallet flag is enabled.
     - DNA-99007 Crash at TemplateURLRef::ParseIfNecessary(SearchTermsData
       const&) const
     - DNA-99047 Promote O86 to stable

   - The update to chromium 100.0.4896.127 fixes following issues:
     CVE-2022-1364

   - Complete Opera 86.0 changelog at:
     https://blogs.opera.com/desktop/changelog-for-86/

   - Update to 85.0.4341.60

     - DNA-98666 Set baidu as default search engine in China
     - DNA-98707 Hint is not displayed for new crypto wallet sidebar icon
     - DNA-98775 RichHintsSearchEngineCondition.testSogouSearchEngine errors

   - Update to 85.0.4341.47

     - DNA-98249 Add feature flag #native-crypto-wallet
     - DNA-98250 Install extension on startup
     - DNA-98251 Make Crypto Wallet setting enable / disable extension
     - DNA-98252 Deactivate old desktop crypto wallet
     - DNA-98253 Always show ???Crypto Wallet??? in Sidebar Setup
     - DNA-98497 Crash when installing extension
     - DNA-98506 Enable opera_feature_crypto_wallet_encryption
       on desktop
     - DNA-98510 Blank icon in sidebar setup
     - DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet"
     - DNA-98685 Enable #native-crypto-wallet on developer
     - DNA-98766 Crash at
       opera::AddressBarControllerImpl::OpenNativeDropdown()
     - DNA-98768 Crash at
       extensions::ContentFilterPrivateIsWhitelistedFunction::Run()
     - DNA-98770 Recent searches stay in address field after selecting entry
       from dropdown
     - DNA-98772 Screen sharing broken
     - DNA-98803 Autofilled part appended after selecting address bar using
       shortcut


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.4:NonFree:

      zypper in -t patch openSUSE-2022-156=1



Package List:

   - openSUSE Leap 15.4:NonFree (x86_64):

      opera-87.0.4390.25-lp154.2.8.1


References:

   https://www.suse.com/security/cve/CVE-2022-1364.html
   https://www.suse.com/security/cve/CVE-2022-1633.html
   https://www.suse.com/security/cve/CVE-2022-1634.html
   https://www.suse.com/security/cve/CVE-2022-1635.html
   https://www.suse.com/security/cve/CVE-2022-1636.html
   https://www.suse.com/security/cve/CVE-2022-1637.html
   https://www.suse.com/security/cve/CVE-2022-1638.html
   https://www.suse.com/security/cve/CVE-2022-1639.html
   https://www.suse.com/security/cve/CVE-2022-1640.html
   https://www.suse.com/security/cve/CVE-2022-1641.html