openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2023:0338-1
Rating:             important
References:         
Cross-References:   CVE-2023-5218 CVE-2023-5473 CVE-2023-5474
                    CVE-2023-5475 CVE-2023-5476 CVE-2023-5477
                    CVE-2023-5478 CVE-2023-5479 CVE-2023-5481
                    CVE-2023-5483 CVE-2023-5484 CVE-2023-5485
                    CVE-2023-5486 CVE-2023-5487
CVSS scores:
                    CVE-2023-5218 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2023-5473 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
                    CVE-2023-5474 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2023-5475 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2023-5476 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2023-5477 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
                    CVE-2023-5478 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
                    CVE-2023-5479 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2023-5481 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2023-5483 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2023-5484 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2023-5485 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
                    CVE-2023-5486 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
                    CVE-2023-5487 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products:
                    openSUSE Leap 15.5:NonFree
______________________________________________________________________________

   An update that fixes 14 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   - Update to 104.0.4944.23
     * DNA-110465 [Scrollable tab strip] Weird animation when closing tab
     * DNA-112021 Favicons disappear from history after being hovered over
     * DNA-112310 Put opening animation on start page behind a flag
     * DNA-112462 Crash at opera::SidebarItemViewImpl::
       StateChanged(views::Button::ButtonState)
     * DNA-112464 Crash at anonymous namespace::SwitchToTabButton::
       OnThemeChanged()
     * DNA-112518 Force Default as last used Profile
     * DNA-112534 Set profiles_order to Default dir

   - Changes in 104.0.4944.18
     * CHR-9471 Update Chromium on desktop-stable-118-4944 to 118.0.5993.71
     * DNA-111704 chrome.webRequest.onHeadersReceived event is not fired for
       extension if page opened from SpeedDial tile
     * DNA-111878 Highlighting of tabs and bookmarks in dark mode is almost
       invisible.
     * DNA-111883 [Address bar] Hover effect on page is placed too high
     * DNA-111922 [Linux] Change Opera beta application icon
     * DNA-111955 Reduce colors used in Opera as much as possible
     * DNA-112075 Rename palette colors in theme for better reusability
     * DNA-112108 Fix dangling WebContents ptr bound to
       TabSnoozeInfobarDelegate::Show callback
     * DNA-112222 Tab in island not marked as active
     * DNA-112242 Disable feature flag #platform-h264-decoder-in-gpu by
       default on stable channel
     * DNA-112265 Promote 104 to stable
     * DNA-112312 Turn on #wallet-selector on all streams
     * DNA-112313 Enable #pinboard-popup-refresh on all streams
     * DNA-112426 [profile migration] Renaming invalid Default to Default.old
       is not needed anymore
   - The update to chromium 118.0.5993.71 fixes following issues:
     CVE-2023-5218, CVE-2023-5487, CVE-2023-5484, CVE-2023-5475,
     CVE-2023-5483, CVE-2023-5481, CVE-2023-5476, CVE-2023-5474,
     CVE-2023-5479, CVE-2023-5485, CVE-2023-5478, CVE-2023-5477,
     CVE-2023-5486, CVE-2023-5473
   - Complete Opera 104 changelog at:
     https://blogs.opera.com/desktop/changelog-for-104/

   - Update to 103.0.4928.34
     * DNA-111680 Fix highlight of bookmarks bar folder elements
     * DNA-111703 O icon moves upon opening menu
     * DNA-111883 [Address bar] Hover effect on page is placed too high
     * DNA-111940 OMenu text displaced to the right without any indentation
     * DNA-112118 Crash at history::URLDatabase::
       CreateContinueOnIndexIfNeeded(std::__Cr::vector)

   - Update to 103.0.4928.26
     * DNA-111681 Disappearing icons of bookmarks bar folders elements
     * DNA-112020 Enable #address-bar-dropdown-cities on all streams


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.5:NonFree:

      zypper in -t patch openSUSE-2023-338=1



Package List:

   - openSUSE Leap 15.5:NonFree (x86_64):

      opera-104.0.4944.23-lp155.3.15.1


References:

   https://www.suse.com/security/cve/CVE-2023-5218.html
   https://www.suse.com/security/cve/CVE-2023-5473.html
   https://www.suse.com/security/cve/CVE-2023-5474.html
   https://www.suse.com/security/cve/CVE-2023-5475.html
   https://www.suse.com/security/cve/CVE-2023-5476.html
   https://www.suse.com/security/cve/CVE-2023-5477.html
   https://www.suse.com/security/cve/CVE-2023-5478.html
   https://www.suse.com/security/cve/CVE-2023-5479.html
   https://www.suse.com/security/cve/CVE-2023-5481.html
   https://www.suse.com/security/cve/CVE-2023-5483.html
   https://www.suse.com/security/cve/CVE-2023-5484.html
   https://www.suse.com/security/cve/CVE-2023-5485.html
   https://www.suse.com/security/cve/CVE-2023-5486.html
   https://www.suse.com/security/cve/CVE-2023-5487.html

openSUSE: 2023:0338-1 important: opera

October 29, 2023
An update that fixes 14 vulnerabilities is now available

Description

This update for opera fixes the following issues: - Update to 104.0.4944.23 * DNA-110465 [Scrollable tab strip] Weird animation when closing tab * DNA-112021 Favicons disappear from history after being hovered over * DNA-112310 Put opening animation on start page behind a flag * DNA-112462 Crash at opera::SidebarItemViewImpl:: StateChanged(views::Button::ButtonState) * DNA-112464 Crash at anonymous namespace::SwitchToTabButton:: OnThemeChanged() * DNA-112518 Force Default as last used Profile * DNA-112534 Set profiles_order to Default dir - Changes in 104.0.4944.18 * CHR-9471 Update Chromium on desktop-stable-118-4944 to 118.0.5993.71 * DNA-111704 chrome.webRequest.onHeadersReceived event is not fired for extension if page opened from SpeedDial tile * DNA-111878 Highlighting of tabs and bookmarks in dark mode is almost invisible. * DNA-111883 [Address bar] Hover effect on page is placed too high * DNA-111922 [Linux] Change Opera beta application icon * DNA-111955 Reduce colors used in Opera as much as possible * DNA-112075 Rename palette colors in theme for better reusability * DNA-112108 Fix dangling WebContents ptr bound to TabSnoozeInfobarDelegate::Show callback * DNA-112222 Tab in island not marked as active * DNA-112242 Disable feature flag #platform-h264-decoder-in-gpu by default on stable channel * DNA-112265 Promote 104 to stable * DNA-112312 Turn on #wallet-selector on all streams * DNA-112313 Enable #pinboard-popup-refresh on all streams * DNA-112426 [profile migration] Renaming invalid Default to Default.old is not needed anymore - The update to chromium 118.0.5993.71 fixes following issues: CVE-2023-5218, CVE-2023-5487, CVE-2023-5484, CVE-2023-5475, CVE-2023-5483, CVE-2023-5481, CVE-2023-5476, CVE-2023-5474, CVE-2023-5479, CVE-2023-5485, CVE-2023-5478, CVE-2023-5477, CVE-2023-5486, CVE-2023-5473 - Complete Opera 104 changelog at: https://blogs.opera.com/desktop/changelog-for-104/ - Update to 103.0.4928.34 * DNA-111680 Fix highlight of bookmarks bar folder elements * DNA-111703 O icon moves upon opening menu * DNA-111883 [Address bar] Hover effect on page is placed too high * DNA-111940 OMenu text displaced to the right without any indentation * DNA-112118 Crash at history::URLDatabase:: CreateContinueOnIndexIfNeeded(std::__Cr::vector) - Update to 103.0.4928.26 * DNA-111681 Disappearing icons of bookmarks bar folders elements * DNA-112020 Enable #address-bar-dropdown-cities on all streams

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2023-338=1


Package List

- openSUSE Leap 15.5:NonFree (x86_64): opera-104.0.4944.23-lp155.3.15.1


References

https://www.suse.com/security/cve/CVE-2023-5218.html https://www.suse.com/security/cve/CVE-2023-5473.html https://www.suse.com/security/cve/CVE-2023-5474.html https://www.suse.com/security/cve/CVE-2023-5475.html https://www.suse.com/security/cve/CVE-2023-5476.html https://www.suse.com/security/cve/CVE-2023-5477.html https://www.suse.com/security/cve/CVE-2023-5478.html https://www.suse.com/security/cve/CVE-2023-5479.html https://www.suse.com/security/cve/CVE-2023-5481.html https://www.suse.com/security/cve/CVE-2023-5483.html https://www.suse.com/security/cve/CVE-2023-5484.html https://www.suse.com/security/cve/CVE-2023-5485.html https://www.suse.com/security/cve/CVE-2023-5486.html https://www.suse.com/security/cve/CVE-2023-5487.html


Severity
Announcement ID: openSUSE-SU-2023:0338-1
Rating: important
Affected Products: openSUSE Leap 15.5:NonFree .

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved