openSUSE: 2022:10087-1 important: opera | LinuxSecurity.com

   openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2022:10087-1
Rating:             important
References:         
Cross-References:   CVE-2022-2163 CVE-2022-2294 CVE-2022-2295
                    CVE-2022-2296 CVE-2022-2477 CVE-2022-2478
                    CVE-2022-2479 CVE-2022-2480 CVE-2022-2481
                   
CVSS scores:
                    CVE-2022-2163 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2294 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2295 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2296 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2477 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2478 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2479 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
                    CVE-2022-2480 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-2481 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.3:NonFree
______________________________________________________________________________

   An update that fixes 9 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   opera was updated to 89.0.4447.71

     - CHR-8957 Update chromium on desktop-stable-103-4447 to 103.0.5060.134
     - DNA-100492 authPrivate.storeCredentials should work with running auth
       session
     - DNA-100649 ???Sign out??? from settings doesn???t also sign out from
       auth
     - DNA-100653 VPN Badge popup ??? not working well with different page
       zoom being set in browser settings
     - DNA-100712 Wrong spacing on text to reset sync passphrase in settings
     - DNA-100799 VPN icon is ???pro??? on disconnected
     - DNA-100841 Remove Get Subscription and Get button from VPN pro settings
     - DNA-100883 Update missing translations from chromium
     - DNA-100899 Translation error in Turkish
     - DNA-100912 Unable to select pinboards when sync everything is enabled
     - DNA-100959 Use after move RecentSearchProvider::ExecuteWithDB
     - DNA-100960 Use after move
       CountryBlacklistServiceImpl::DownloadCountryBlacklist
     - DNA-100961 Use after move
       CategorizationDataCollection::Iterator::Iterator
     - DNA-100989 Crash at
       opera::EasyFileButton::SetThumbnail(gfx::ImageSkia const&)

   - The update to chromium 103.0.5060.134 fixes following issues:
     CVE-2022-2163, CVE-2022-2477, CVE-2022-2478, CVE-2022-2479
     CVE-2022-2480, CVE-2022-2481

   opera was updated to 89.0.4447.51

     - DNA-99538 Typed content of address bar shared between tabs
     - DNA-100418 Set 360 so as search engine in China
     - DNA-100629 Launch Auth login when enabling sync while logged in
     - DNA-100776 Popup is too long if there are no services available

   opera was updated to 89.0.4447.48

     - CHR-8940 Update chromium on desktop-stable-103-4447 to 103.0.5060.114
     - DNA-100247 Make it possible to display hint when tab scrolling gets
       triggered
     - DNA-100482 Shopping corner icon availability
     - DNA-100575 Add unique IDs to all web element in opera account popup
     - DNA-100625 Opera account popup appears too high on Linux
     - DNA-100627 Enable #snap-from-panel on all stream
     - DNA-100636 DCHECK at suggestion_item.cc(484)
     - DNA-100685 Fix crash when attaching to tab strip scroll buttons
     - DNA-100693 Enable Sticky Site sidebar item to have notification bubble
     - DNA-100698 [AdBlock] Unhandled Disconnect list category:
       "emailaggressive"
     - DNA-100716 Misstype Settings "Enhanced address bar"
     - DNA-100732 Fix & escaping in translated strings
     - DNA-100759 Crash when loading personal news in private window

   - The update to chromium 103.0.5060.114 fixes following issues:
     CVE-2022-2294, CVE-2022-2295, CVE-2022-2296

   opera was updated to 89.0.4447.38

     - DNA-100283 Translations for O89

   - Complete Opera 89.0 changelog at:
     https://blogs.opera.com/desktop/changelog-for-89/

   opera was updated to 89.0.4447.37

     - CHR-8929 Update chromium on desktop-stable-103-4447 to 103.0.5060.66
     - DNA-99780 Crash at zmq::zmq_abort(char const*)
     - DNA-100377 New opera account popup doesn???t open on Linux
     - DNA-100589 Crash at base::internal::Invoker::RunOnce
       (base::internal::BindStateBase*, scoped_refptr&&)
     - DNA-100607 Sync ???Sign in??? button doesn???t work with Opera Account
       popup


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:NonFree:

      zypper in -t patch openSUSE-2022-10087=1



Package List:

   - openSUSE Leap 15.3:NonFree (x86_64):

      opera-89.0.4447.71-lp153.2.54.1


References:

   https://www.suse.com/security/cve/CVE-2022-2163.html
   https://www.suse.com/security/cve/CVE-2022-2294.html
   https://www.suse.com/security/cve/CVE-2022-2295.html
   https://www.suse.com/security/cve/CVE-2022-2296.html
   https://www.suse.com/security/cve/CVE-2022-2477.html
   https://www.suse.com/security/cve/CVE-2022-2478.html
   https://www.suse.com/security/cve/CVE-2022-2479.html
   https://www.suse.com/security/cve/CVE-2022-2480.html
   https://www.suse.com/security/cve/CVE-2022-2481.html

openSUSE: 2022:10087-1 important: opera

August 15, 2022
An update that fixes 9 vulnerabilities is now available

Description

This update for opera fixes the following issues: opera was updated to 89.0.4447.71 - CHR-8957 Update chromium on desktop-stable-103-4447 to 103.0.5060.134 - DNA-100492 authPrivate.storeCredentials should work with running auth session - DNA-100649 ???Sign out??? from settings doesn???t also sign out from auth - DNA-100653 VPN Badge popup ??? not working well with different page zoom being set in browser settings - DNA-100712 Wrong spacing on text to reset sync passphrase in settings - DNA-100799 VPN icon is ???pro??? on disconnected - DNA-100841 Remove Get Subscription and Get button from VPN pro settings - DNA-100883 Update missing translations from chromium - DNA-100899 Translation error in Turkish - DNA-100912 Unable to select pinboards when sync everything is enabled - DNA-100959 Use after move RecentSearchProvider::ExecuteWithDB - DNA-100960 Use after move CountryBlacklistServiceImpl::DownloadCountryBlacklist - DNA-100961 Use after move CategorizationDataCollection::Iterator::Iterator - DNA-100989 Crash at opera::EasyFileButton::SetThumbnail(gfx::ImageSkia const&) - The update to chromium 103.0.5060.134 fixes following issues: CVE-2022-2163, CVE-2022-2477, CVE-2022-2478, CVE-2022-2479 CVE-2022-2480, CVE-2022-2481 opera was updated to 89.0.4447.51 - DNA-99538 Typed content of address bar shared between tabs - DNA-100418 Set 360 so as search engine in China - DNA-100629 Launch Auth login when enabling sync while logged in - DNA-100776 Popup is too long if there are no services available opera was updated to 89.0.4447.48 - CHR-8940 Update chromium on desktop-stable-103-4447 to 103.0.5060.114 - DNA-100247 Make it possible to display hint when tab scrolling gets triggered - DNA-100482 Shopping corner icon availability - DNA-100575 Add unique IDs to all web element in opera account popup - DNA-100625 Opera account popup appears too high on Linux - DNA-100627 Enable #snap-from-panel on all stream - DNA-100636 DCHECK at suggestion_item.cc(484) - DNA-100685 Fix crash when attaching to tab strip scroll buttons - DNA-100693 Enable Sticky Site sidebar item to have notification bubble - DNA-100698 [AdBlock] Unhandled Disconnect list category: "emailaggressive" - DNA-100716 Misstype Settings "Enhanced address bar" - DNA-100732 Fix & escaping in translated strings - DNA-100759 Crash when loading personal news in private window - The update to chromium 103.0.5060.114 fixes following issues: CVE-2022-2294, CVE-2022-2295, CVE-2022-2296 opera was updated to 89.0.4447.38 - DNA-100283 Translations for O89 - Complete Opera 89.0 changelog at: https://blogs.opera.com/desktop/changelog-for-89/ opera was updated to 89.0.4447.37 - CHR-8929 Update chromium on desktop-stable-103-4447 to 103.0.5060.66 - DNA-99780 Crash at zmq::zmq_abort(char const*) - DNA-100377 New opera account popup doesn???t open on Linux - DNA-100589 Crash at base::internal::Invoker::RunOnce (base::internal::BindStateBase*, scoped_refptr&&) - DNA-100607 Sync ???Sign in??? button doesn???t work with Opera Account popup

 

Patch

To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3:NonFree: zypper in -t patch openSUSE-2022-10087=1

Package List

- openSUSE Leap 15.3:NonFree (x86_64): opera-89.0.4447.71-lp153.2.54.1

References

https://www.suse.com/security/cve/CVE-2022-2163.html https://www.suse.com/security/cve/CVE-2022-2294.html https://www.suse.com/security/cve/CVE-2022-2295.html https://www.suse.com/security/cve/CVE-2022-2296.html https://www.suse.com/security/cve/CVE-2022-2477.html https://www.suse.com/security/cve/CVE-2022-2478.html https://www.suse.com/security/cve/CVE-2022-2479.html https://www.suse.com/security/cve/CVE-2022-2480.html https://www.suse.com/security/cve/CVE-2022-2481.html

Severity
Announcement ID: openSUSE-SU-2022:10087-1
Rating: important
Affected Products: openSUSE Leap 15.3:NonFree .

Related News

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.