openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2024:0223-1
Rating:             important
References:         
Cross-References:   CVE-2024-5493 CVE-2024-5494 CVE-2024-5495
                    CVE-2024-5496 CVE-2024-5497 CVE-2024-5498
                    CVE-2024-5499 CVE-2024-5830 CVE-2024-5831
                    CVE-2024-5832 CVE-2024-5833 CVE-2024-5834
                    CVE-2024-5835 CVE-2024-5836 CVE-2024-5837
                    CVE-2024-5838 CVE-2024-5839 CVE-2024-5840
                    CVE-2024-5841 CVE-2024-5842 CVE-2024-5843
                    CVE-2024-5844 CVE-2024-5845 CVE-2024-5846
                    CVE-2024-5847 CVE-2024-6290 CVE-2024-6291
                    CVE-2024-6292 CVE-2024-6293
CVSS scores:
                    CVE-2024-5830 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5831 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5832 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5833 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5835 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5836 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5838 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2024-5840 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2024-5841 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5842 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5843 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
                    CVE-2024-5844 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5845 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5846 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2024-5847 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.6:NonFree
______________________________________________________________________________

   An update that fixes 29 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   - Update to 112.0.5197.25
     * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127
   - The update to chromium 126.0.6478.127 fixes following issues:
     CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293

   - Update to 112.0.5197.24
     * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62
     * DNA-117001 Crash at base::internal::check_is_test_impl
       (base::NotFatalUntil)
     * DNA-117050 [Settings][Sync] Synchronization options aren't visible
     * DNA-117076 [Player] Background of the icons has changed and the Tidal
       icon is now missing
     * DNA-117109 Browser freezes when trying to remove a tab
     * DNA-117181 Translations for O112
     * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers()
     * DNA-117295 Remove emoji names field in picker
     * DNA-117347 Start page is not rendered on first switch to workspace
       after its creation
     * DNA-117431 Promote 112 to stable
   - Complete Opera 112 changelog at:
     https://blogs.opera.com/desktop/changelog-for-112
   - The update to chromium >= 126.0.6478.54 fixes following issues:
     CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833,
     CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837,
     CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841,
     CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845,
     CVE-2024-5846, CVE-2024-5847

   - Update to 111.0.5168.55
     * DNA-116749 Unnecessary icons in the advanced sync settings
     * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field
     * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media
       unittests

   Update to 111.0.5168.43

     * DNA-115228 Adblocker is blocking ads when turned off
     * DNA-116605 Crash at opera::BrowserContentsView::
       NonClientHitTestPoint(gfx::Point const&)
     * DNA-116855 Cannot close tab island’s tab when popup was hovered
     * DNA-116885 Add chrome.cookies api permission to Rich Hints
     * DNA-116948 [Linux] Theme toggle in settings is not working

   Update to 111.0.5168.25

     * CHR-9754 Update Chromium on desktop-stable-125-5168 to 125.0.6422.142
     * DNA-116089 [Win/Lin] Fullscreen view has rounded corners
     * DNA-116208 The red dot on the Aria’s icon is misaligned
     * DNA-116693 X (twitter) logo is not available on
       opera:about page
     * DNA-116737 [Bookmarks] Bookmarks bar favicon have light theme color in
       new window
     * DNA-116769 Extension popup – pin icon is replaced
     * DNA-116850 Fix full package installer link
     * DNA-116852 Promote 111 to stable
     * DNA-116491 Site info popup is cut with dropdown opened
     * DNA-116661 [opera:settings] IPFS/IPNS Gateway box has the wrong design
     * DNA-116789 Translations for O111
     * DNA-116813 [React emoji picker] Flag emojis are not load correctly
     * DNA-116893 Put 'Show emojis in tab tooltip' in Settings
     * DNA-116918 Translations for 'Show emojis in tab tooltip'

   - Complete Opera 111 changelog at:
     https://blogs.opera.com/desktop/changelog-for-111

   - The update to chromium 125.0.6422.142 fixes following issues:
     CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496,
     CVE-2024-5497, CVE-2024-5498, CVE-2024-5499


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.6:NonFree:

      zypper in -t patch openSUSE-2024-223=1



Package List:

   - openSUSE Leap 15.6:NonFree (x86_64):

      opera-112.0.5197.25-lp156.2.11.1


References:

   https://www.suse.com/security/cve/CVE-2024-5493.html
   https://www.suse.com/security/cve/CVE-2024-5494.html
   https://www.suse.com/security/cve/CVE-2024-5495.html
   https://www.suse.com/security/cve/CVE-2024-5496.html
   https://www.suse.com/security/cve/CVE-2024-5497.html
   https://www.suse.com/security/cve/CVE-2024-5498.html
   https://www.suse.com/security/cve/CVE-2024-5499.html
   https://www.suse.com/security/cve/CVE-2024-5830.html
   https://www.suse.com/security/cve/CVE-2024-5831.html
   https://www.suse.com/security/cve/CVE-2024-5832.html
   https://www.suse.com/security/cve/CVE-2024-5833.html
   https://www.suse.com/security/cve/CVE-2024-5834.html
   https://www.suse.com/security/cve/CVE-2024-5835.html
   https://www.suse.com/security/cve/CVE-2024-5836.html
   https://www.suse.com/security/cve/CVE-2024-5837.html
   https://www.suse.com/security/cve/CVE-2024-5838.html
   https://www.suse.com/security/cve/CVE-2024-5839.html
   https://www.suse.com/security/cve/CVE-2024-5840.html
   https://www.suse.com/security/cve/CVE-2024-5841.html
   https://www.suse.com/security/cve/CVE-2024-5842.html
   https://www.suse.com/security/cve/CVE-2024-5843.html
   https://www.suse.com/security/cve/CVE-2024-5844.html
   https://www.suse.com/security/cve/CVE-2024-5845.html
   https://www.suse.com/security/cve/CVE-2024-5846.html
   https://www.suse.com/security/cve/CVE-2024-5847.html
   https://www.suse.com/security/cve/CVE-2024-6290.html
   https://www.suse.com/security/cve/CVE-2024-6291.html
   https://www.suse.com/security/cve/CVE-2024-6292.html
   https://www.suse.com/security/cve/CVE-2024-6293.html

openSUSE: 2024:0223-1 important: opera Advisory Security Update

July 26, 2024
An update that fixes 29 vulnerabilities is now available

Description

This update for opera fixes the following issues: - Update to 112.0.5197.25 * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127 - The update to chromium 126.0.6478.127 fixes following issues: CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 - Update to 112.0.5197.24 * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62 * DNA-117001 Crash at base::internal::check_is_test_impl (base::NotFatalUntil) * DNA-117050 [Settings][Sync] Synchronization options aren't visible * DNA-117076 [Player] Background of the icons has changed and the Tidal icon is now missing * DNA-117109 Browser freezes when trying to remove a tab * DNA-117181 Translations for O112 * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers() * DNA-117295 Remove emoji names field in picker * DNA-117347 Start page is not rendered on first switch to workspace after its creation * DNA-117431 Promote 112 to stable - Complete Opera 112 changelog at: https://blogs.opera.com/desktop/changelog-for-112 - The update to chromium >= 126.0.6478.54 fixes following issues: CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833, CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837, CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841, CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845, CVE-2024-5846, CVE-2024-5847 - Update to 111.0.5168.55 * DNA-116749 Unnecessary icons in the advanced sync settings * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media unittests Update to 111.0.5168.43 * DNA-115228 Adblocker is blocking ads when turned off * DNA-116605 Crash at opera::BrowserContentsView:: NonClientHitTestPoint(gfx::Point const&) * DNA-116855 Cannot close tab island’s tab when popup was hovered * DNA-116885 Add chrome.cookies api permission to Rich Hints * DNA-116948 [Linux] Theme toggle in settings is not working Update to 111.0.5168.25 * CHR-9754 Update Chromium on desktop-stable-125-5168 to 125.0.6422.142 * DNA-116089 [Win/Lin] Fullscreen view has rounded corners * DNA-116208 The red dot on the Aria’s icon is misaligned * DNA-116693 X (twitter) logo is not available on opera:about page * DNA-116737 [Bookmarks] Bookmarks bar favicon have light theme color in new window * DNA-116769 Extension popup – pin icon is replaced * DNA-116850 Fix full package installer link * DNA-116852 Promote 111 to stable * DNA-116491 Site info popup is cut with dropdown opened * DNA-116661 [opera:settings] IPFS/IPNS Gateway box has the wrong design * DNA-116789 Translations for O111 * DNA-116813 [React emoji picker] Flag emojis are not load correctly * DNA-116893 Put 'Show emojis in tab tooltip' in Settings * DNA-116918 Translations for 'Show emojis in tab tooltip' - Complete Opera 111 changelog at: https://blogs.opera.com/desktop/changelog-for-111 - The update to chromium 125.0.6422.142 fixes following issues: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.6:NonFree: zypper in -t patch openSUSE-2024-223=1


Package List

- openSUSE Leap 15.6:NonFree (x86_64): opera-112.0.5197.25-lp156.2.11.1


References

https://www.suse.com/security/cve/CVE-2024-5493.html https://www.suse.com/security/cve/CVE-2024-5494.html https://www.suse.com/security/cve/CVE-2024-5495.html https://www.suse.com/security/cve/CVE-2024-5496.html https://www.suse.com/security/cve/CVE-2024-5497.html https://www.suse.com/security/cve/CVE-2024-5498.html https://www.suse.com/security/cve/CVE-2024-5499.html https://www.suse.com/security/cve/CVE-2024-5830.html https://www.suse.com/security/cve/CVE-2024-5831.html https://www.suse.com/security/cve/CVE-2024-5832.html https://www.suse.com/security/cve/CVE-2024-5833.html https://www.suse.com/security/cve/CVE-2024-5834.html https://www.suse.com/security/cve/CVE-2024-5835.html https://www.suse.com/security/cve/CVE-2024-5836.html https://www.suse.com/security/cve/CVE-2024-5837.html https://www.suse.com/security/cve/CVE-2024-5838.html https://www.suse.com/security/cve/CVE-2024-5839.html https://www.suse.com/security/cve/CVE-2024-5840.html https://www.suse.com/security/cve/CVE-2024-5841.html https://www.suse.com/security/cve/CVE-2024-5842.html https://www.suse.com/security/cve/CVE-2024-5843.html https://www.suse.com/security/cve/CVE-2024-5844.html https://www.suse.com/security/cve/CVE-2024-5845.html https://www.suse.com/security/cve/CVE-2024-5846.html https://www.suse.com/security/cve/CVE-2024-5847.html https://www.suse.com/security/cve/CVE-2024-6290.html https://www.suse.com/security/cve/CVE-2024-6291.html https://www.suse.com/security/cve/CVE-2024-6292.html https://www.suse.com/security/cve/CVE-2024-6293.html


Severity
Announcement ID: openSUSE-SU-2024:0223-1
Rating: important
Affected Products: openSUSE Leap 15.6:NonFree .

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved