openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2024:0205-1
Rating:             important
References:         
Cross-References:   CVE-2024-5830 CVE-2024-5831 CVE-2024-5832
                    CVE-2024-5833 CVE-2024-5834 CVE-2024-5835
                    CVE-2024-5836 CVE-2024-5837 CVE-2024-5838
                    CVE-2024-5839 CVE-2024-5840 CVE-2024-5841
                    CVE-2024-5842 CVE-2024-5843 CVE-2024-5844
                    CVE-2024-5845 CVE-2024-5846 CVE-2024-5847
                    CVE-2024-6290 CVE-2024-6291 CVE-2024-6292
                    CVE-2024-6293
CVSS scores:
                    CVE-2024-5830 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5831 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5832 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5833 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5835 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5836 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5838 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2024-5840 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2024-5841 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5842 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5843 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2024-5844 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5845 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5846 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5847 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.5:NonFree
______________________________________________________________________________

   An update that fixes 22 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   - Update to 112.0.5197.25

     * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127

   - The update to chromium 126.0.6478.127 fixes following issues:
     CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293

   - Update to 112.0.5197.24

     * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62
     * DNA-117001 Crash at base::internal::check_is_test_impl
       (base::NotFatalUntil)
     * DNA-117050 [Settings][Sync] Synchronization options aren't visible
     * DNA-117076 [Player] Background of the icons has changed and the Tidal
       icon is now missing
     * DNA-117109 Browser freezes when trying to remove a tab
     * DNA-117181 Translations for O112
     * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers()
     * DNA-117295 Remove emoji names field in picker
     * DNA-117347 Start page is not rendered on first switch to workspace
       after its creation
     * DNA-117431 Promote 112 to stable

   - Complete Opera 112 changelog at:
     https://blogs.opera.com/desktop/changelog-for-112

   - The update to chromium >= 126.0.6478.54 fixes following issues:
     CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833,
     CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837,
     CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841,
     CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845,
     CVE-2024-5846, CVE-2024-5847

   - Update to 111.0.5168.55
     * DNA-116749 Unnecessary icons in the advanced sync settings
     * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field
     * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media
       unittests


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.5:NonFree:

      zypper in -t patch openSUSE-2024-205=1



Package List:

   - openSUSE Leap 15.5:NonFree (x86_64):

      opera-112.0.5197.25-lp155.3.54.1


References:

   https://www.suse.com/security/cve/CVE-2024-5830.html
   https://www.suse.com/security/cve/CVE-2024-5831.html
   https://www.suse.com/security/cve/CVE-2024-5832.html
   https://www.suse.com/security/cve/CVE-2024-5833.html
   https://www.suse.com/security/cve/CVE-2024-5834.html
   https://www.suse.com/security/cve/CVE-2024-5835.html
   https://www.suse.com/security/cve/CVE-2024-5836.html
   https://www.suse.com/security/cve/CVE-2024-5837.html
   https://www.suse.com/security/cve/CVE-2024-5838.html
   https://www.suse.com/security/cve/CVE-2024-5839.html
   https://www.suse.com/security/cve/CVE-2024-5840.html
   https://www.suse.com/security/cve/CVE-2024-5841.html
   https://www.suse.com/security/cve/CVE-2024-5842.html
   https://www.suse.com/security/cve/CVE-2024-5843.html
   https://www.suse.com/security/cve/CVE-2024-5844.html
   https://www.suse.com/security/cve/CVE-2024-5845.html
   https://www.suse.com/security/cve/CVE-2024-5846.html
   https://www.suse.com/security/cve/CVE-2024-5847.html
   https://www.suse.com/security/cve/CVE-2024-6290.html
   https://www.suse.com/security/cve/CVE-2024-6291.html
   https://www.suse.com/security/cve/CVE-2024-6292.html
   https://www.suse.com/security/cve/CVE-2024-6293.html

openSUSE: 2024:0205-1 important: opera Advisory Security Update

July 20, 2024
An update that fixes 22 vulnerabilities is now available

Description

This update for opera fixes the following issues: - Update to 112.0.5197.25 * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127 - The update to chromium 126.0.6478.127 fixes following issues: CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 - Update to 112.0.5197.24 * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62 * DNA-117001 Crash at base::internal::check_is_test_impl (base::NotFatalUntil) * DNA-117050 [Settings][Sync] Synchronization options aren't visible * DNA-117076 [Player] Background of the icons has changed and the Tidal icon is now missing * DNA-117109 Browser freezes when trying to remove a tab * DNA-117181 Translations for O112 * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers() * DNA-117295 Remove emoji names field in picker * DNA-117347 Start page is not rendered on first switch to workspace after its creation * DNA-117431 Promote 112 to stable - Complete Opera 112 changelog at: https://blogs.opera.com/desktop/changelog-for-112 - The update to chromium >= 126.0.6478.54 fixes following issues: CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833, CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837, CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841, CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845, CVE-2024-5846, CVE-2024-5847 - Update to 111.0.5168.55 * DNA-116749 Unnecessary icons in the advanced sync settings * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media unittests

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2024-205=1


Package List

- openSUSE Leap 15.5:NonFree (x86_64): opera-112.0.5197.25-lp155.3.54.1


References

https://www.suse.com/security/cve/CVE-2024-5830.html https://www.suse.com/security/cve/CVE-2024-5831.html https://www.suse.com/security/cve/CVE-2024-5832.html https://www.suse.com/security/cve/CVE-2024-5833.html https://www.suse.com/security/cve/CVE-2024-5834.html https://www.suse.com/security/cve/CVE-2024-5835.html https://www.suse.com/security/cve/CVE-2024-5836.html https://www.suse.com/security/cve/CVE-2024-5837.html https://www.suse.com/security/cve/CVE-2024-5838.html https://www.suse.com/security/cve/CVE-2024-5839.html https://www.suse.com/security/cve/CVE-2024-5840.html https://www.suse.com/security/cve/CVE-2024-5841.html https://www.suse.com/security/cve/CVE-2024-5842.html https://www.suse.com/security/cve/CVE-2024-5843.html https://www.suse.com/security/cve/CVE-2024-5844.html https://www.suse.com/security/cve/CVE-2024-5845.html https://www.suse.com/security/cve/CVE-2024-5846.html https://www.suse.com/security/cve/CVE-2024-5847.html https://www.suse.com/security/cve/CVE-2024-6290.html https://www.suse.com/security/cve/CVE-2024-6291.html https://www.suse.com/security/cve/CVE-2024-6292.html https://www.suse.com/security/cve/CVE-2024-6293.html


Severity
Announcement ID: openSUSE-SU-2024:0205-1
Rating: important
Affected Products: openSUSE Leap 15.5:NonFree .

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved