openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1713-1 Rating: important References: Cross-References: CVE-2020-15959 CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 CVE-2020-6556 CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 Affected Products: openSUSE Leap 15.2:NonFree openSUSE Leap 15.1:NonFree ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This update for opera fixes the following issues: opera was updated to version 71.0.3770.228 - DNA-87466 Hide extensions icon is black in dark theme - DNA-88580 Implement search_in_tabs telemetry benchmark - DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL - DNA-88693 Random crash in SmartFilesBrowserTest - DNA-88793 change VPN disclaimer modal layout - DNA-88799 Only active workspaces and active messengers should be listed in keyboard shortcuts settings - DNA-88838 add automatic VPN connection preference setting - DNA-88870 Align VPN popup to new design - DNA-88900 Turn off Tutorials in Opera GX – implementation - DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout requests - DNA-88940 Allow continue-shopping|booking-host-override switch to handle host and path - DNA-88946 Auto-connect VPN after browser startup only for existing VPN users - DNA-89009 Change URL for search-suggestions - DNA-89021 Make RH test driver pack to a separate archive - DNA-89150 Unhardcode ‘From’ and ‘To’ strings in Advanced History Search - DNA-89175 Desktop without a flow paring should not initialize in browser startup Opera was updated to version 71.0.3770.198 - CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121 - DNA-85648 Reconnecting Flow with iOS is unstable - DNA-87130 Spinner is stretched instead of clipped - DNA-87989 In Find in Page, “No matches” doesn’t go away after deleting all text - DNA-88098 Data URLs entries should not open new tab after click on new history page - DNA-88267 Extra semicolon in Russian BABE translation - DNA-88312 [Win] Downloads file drag and drop doesn’t work in Opera - DNA-88363 Add premium extension functionality - DNA-88580 Implement search_in_tabs telemetry benchmark - DNA-88611 Black font on a dark background in sync login dialog - DNA-88626 Disable #easy-files on desktop-stable-85-xxxx - DNA-88701 String “Type a shortcut” is hardcoded - DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl:: RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDelegate*) - DNA-88797 Change ‘Register’ to ‘Tab’ in German - DNA-88851 [History][Resized window] Button and date input look bad - DNA-88958 Crash at net::`anonymous namespace”::Escape - The update to chromium 85.0.4183.121 fixes following issues: - CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15965, CVE-2020-15966, CVE-2020-15964 - Update to version 71.0.3770.148 - CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102 - DNA-87785 [Mac] “Alitools” text in extension toolbar overlaps Install button - DNA-87935 Make SSD smaller by 25% - DNA-87963 Hidden Avira extension in avira_2 edition - DNA-88015 [MyFlow] Desktop doesn’t show itself in devices list - DNA-88469 Add context menu options to configure shortcuts - DNA-88496 Define a/b test in ab_tests.json - DNA-88537 Don’t filter out hashes from feature reference groups coming from rollout - DNA-88580 Implement search_in_tabs telemetry benchmark - DNA-88604 [History panel] Search bar covers the “Clear browsing data” button - DNA-88619 String ‘Download complete’ is cut on download popup - DNA-88645 Remove option should not be available for last workspace - DNA-88718 [History panel] fix delete button overflow issue - The update to chromium 85.0.4183.102 fixes following issues: - CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959 - Complete Opera 71.0 changelog at: https://blogs.opera.com/desktop/changelog-for-71/ - Update to version 70.0.3728.144 - CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135 - DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown - DNA-88204 Crash at opera::DownloadItemView::OnMousePressed (ui::MouseEvent const&) - The update to chromium 84.0.4147.135 fixes following issues: - CVE-2020-6556 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2:NonFree: zypper in -t patch openSUSE-2020-1713=1 - openSUSE Leap 15.1:NonFree: zypper in -t patch openSUSE-2020-1713=1 Package List: - openSUSE Leap 15.2:NonFree (x86_64): opera-71.0.3770.228-lp152.2.18.1 - openSUSE Leap 15.1:NonFree (x86_64): opera-71.0.3770.228-lp151.2.30.1 References: https://www.suse.com/security/cve/CVE-2020-15959.html https://www.suse.com/security/cve/CVE-2020-15960.html https://www.suse.com/security/cve/CVE-2020-15961.html https://www.suse.com/security/cve/CVE-2020-15962.html https://www.suse.com/security/cve/CVE-2020-15963.html https://www.suse.com/security/cve/CVE-2020-15964.html https://www.suse.com/security/cve/CVE-2020-15965.html https://www.suse.com/security/cve/CVE-2020-15966.html https://www.suse.com/security/cve/CVE-2020-6556.html https://www.suse.com/security/cve/CVE-2020-6573.html https://www.suse.com/security/cve/CVE-2020-6574.html https://www.suse.com/security/cve/CVE-2020-6575.html https://www.suse.com/security/cve/CVE-2020-6576.html -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org