openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1713-1
Rating: important
References:
Cross-References: CVE-2020-15959 CVE-2020-15960 CVE-2020-15961
CVE-2020-15962 CVE-2020-15963 CVE-2020-15964
CVE-2020-15965 CVE-2020-15966 CVE-2020-6556
CVE-2020-6573 CVE-2020-6574 CVE-2020-6575
CVE-2020-6576
Affected Products:
openSUSE Leap 15.2:NonFree
openSUSE Leap 15.1:NonFree
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
opera was updated to version 71.0.3770.228
– DNA-87466 Hide extensions icon is black in dark theme
– DNA-88580 Implement search_in_tabs telemetry benchmark
– DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL
– DNA-88693 Random crash in SmartFilesBrowserTest
– DNA-88793 change VPN disclaimer modal layout
– DNA-88799 Only active workspaces and active messengers should be
listed in keyboard shortcuts settings
– DNA-88838 add automatic VPN connection preference setting
– DNA-88870 Align VPN popup to new design
– DNA-88900 Turn off Tutorials in Opera GX – implementation
– DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout
requests
– DNA-88940 Allow continue-shopping|booking-host-override switch to
handle host and path
– DNA-88946 Auto-connect VPN after browser startup only for existing VPN
users
– DNA-89009 Change URL for search-suggestions
– DNA-89021 Make RH test driver pack to a separate archive
– DNA-89150 Unhardcode ‘From’ and ‘To’ strings in Advanced
History Search
– DNA-89175 Desktop without a flow paring should not initialize in
browser startup
Opera was updated to version 71.0.3770.198
– CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121
– DNA-85648 Reconnecting Flow with iOS is unstable
– DNA-87130 Spinner is stretched instead of clipped
– DNA-87989 In Find in Page, “No matches” doesn’t go away after
deleting all text
– DNA-88098 Data URLs entries should not open new tab after click on new
history page
– DNA-88267 Extra semicolon in Russian BABE translation
– DNA-88312 [Win] Downloads file drag and drop doesn’t work in Opera
– DNA-88363 Add premium extension functionality
– DNA-88580 Implement search_in_tabs telemetry benchmark
– DNA-88611 Black font on a dark background in sync login dialog
– DNA-88626 Disable #easy-files on desktop-stable-85-xxxx
– DNA-88701 String “Type a shortcut” is hardcoded
– DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl::
RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDelegate*)
– DNA-88797 Change ‘Register’ to ‘Tab’ in German
– DNA-88851 [History][Resized window] Button and date input look bad
– DNA-88958 Crash at net::`anonymous namespace”::Escape
– The update to chromium 85.0.4183.121 fixes following issues:
– CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963,
CVE-2020-15965, CVE-2020-15966, CVE-2020-15964
– Update to version 71.0.3770.148
– CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102
– DNA-87785 [Mac] “Alitools” text in extension toolbar overlaps
Install button
– DNA-87935 Make SSD smaller by 25%
– DNA-87963 Hidden Avira extension in avira_2 edition
– DNA-88015 [MyFlow] Desktop doesn’t show itself in devices list
– DNA-88469 Add context menu options to configure shortcuts
– DNA-88496 Define a/b test in ab_tests.json
– DNA-88537 Don’t filter out hashes from feature reference groups
coming from rollout
– DNA-88580 Implement search_in_tabs telemetry benchmark
– DNA-88604 [History panel] Search bar covers the “Clear browsing
data” button
– DNA-88619 String ‘Download complete’ is cut on download popup
– DNA-88645 Remove option should not be available for last workspace
– DNA-88718 [History panel] fix delete button overflow issue
– The update to chromium 85.0.4183.102 fixes following issues:
– CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576,
CVE-2020-15959
– Complete Opera 71.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-71/
– Update to version 70.0.3728.144
– CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135
– DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown
– DNA-88204 Crash at opera::DownloadItemView::OnMousePressed
(ui::MouseEvent const&)
– The update to chromium 84.0.4147.135 fixes following issues:
– CVE-2020-6556
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:NonFree:
zypper in -t patch openSUSE-2020-1713=1
– openSUSE Leap 15.1:NonFree:
zypper in -t patch openSUSE-2020-1713=1
Package List:
– openSUSE Leap 15.2:NonFree (x86_64):
opera-71.0.3770.228-lp152.2.18.1
– openSUSE Leap 15.1:NonFree (x86_64):
opera-71.0.3770.228-lp151.2.30.1
References:
https://protect2.fireeye.com/v1/url?k=306a3c72-6c788876-306da1be-000babd90757-55aa3453f9209b6c&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15959.html
https://protect2.fireeye.com/v1/url?k=2d31fc66-71234862-2d3661aa-000babd90757-66b3bc5d26ff9c46&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15960.html
https://protect2.fireeye.com/v1/url?k=8573d61d-d9616219-85744bd1-000babd90757-821e312f2f16f688&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15961.html
https://protect2.fireeye.com/v1/url?k=e1eb8a56-bdf93e52-e1ec179a-000babd90757-a85942ac943ffe30&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15962.html
https://protect2.fireeye.com/v1/url?k=f74832c9-ab5a86cd-f74faf05-000babd90757-33ed93133f02dfbe&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15963.html
https://protect2.fireeye.com/v1/url?k=4f3fe470-132d5074-4f3879bc-000babd90757-01b2a89aa488082d&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15964.html
https://protect2.fireeye.com/v1/url?k=ea636f0d-b671db09-ea64f2c1-000babd90757-88edc241f6f0d667&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15965.html
https://protect2.fireeye.com/v1/url?k=ab60a692-f7721296-ab673b5e-000babd90757-4438b6850cba512d&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-15966.html
https://protect2.fireeye.com/v1/url?k=23d680da-7fc434de-23d11d16-000babd90757-62b6c0e93d77772c&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-6556.html
https://protect2.fireeye.com/v1/url?k=02db04fa-5ec9b0fe-02dc9936-000babd90757-927b54a2cf0ee893&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-6573.html
https://protect2.fireeye.com/v1/url?k=f07f7225-ac6dc621-f078efe9-000babd90757-8eac36722474c1b5&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-6574.html
https://protect2.fireeye.com/v1/url?k=9366c894-cf747c90-93615558-000babd90757-8ceb0bf6fc048207&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-6575.html
https://protect2.fireeye.com/v1/url?k=9ff1b559-c3e3015d-9ff62895-000babd90757-faaa1e004bcbe995&q=1&e=e95141c0-7e7c-4abd-90b2-03c7dbee65c8&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-6576.html
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org