April 2022 - openSUSE Security Announce

Announcement: small change in openSUSE Leap advisories
by Marcus Meissner 12 Apr '22

12 Apr '22

Hi folks, openSUSE Leap 15.3 and newer updates can come from 2 seperate buildservice instances, the internal buildservice (IBS) building the SLES parts, and open buildservice (OBS) building the openSUSE parts of Leap. Up to now I had some logic that updates released from both use "openSUSE-SU/openSUSE-RU" advisory prefixes. This worked OK in 2021, but in 2022 the ID space has started overlapping and it happened multiple times that updates shared the same id. Starting today the IBS released updates for openSUSE Leap will be labeled with SUSE prefix, e.g. "SUSE-SU/SUSE-RU", while the openSUSE ones will still be "openSUSE-" prefixed. E.g. check opensc update has now the id "SUSE-SU-2022:1156-1" and contains as products both the SUSE Linux Enterprise and the openSUSE products: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.o… Ciao, Marcus

1 0

SUSE-SU-2022:1156-1: important: Security update for opensc
by opensuse-security＠opensuse.org 12 Apr '22

12 Apr '22

SUSE Security Update: Security update for opensc ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1156-1 Rating: important References: #1114649 #1191957 #1191992 #1192000 #1192005 Cross-References: CVE-2021-42779 CVE-2021-42780 CVE-2021-42781 CVE-2021-42782 CVSS scores: CVE-2021-42779 (SUSE): 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-42780 (SUSE): 2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-42781 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2021-42782 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Realtime Extension 15-SP2 SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for opensc fixes the following issues: Security issues fixed: - CVE-2021-42782: Stack buffer overflow issues in various places (bsc#1191957). - CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c (bsc#1192000). - CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005). - CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992). Non-security issues fixed: - Fixes segmentation fault in 'pkcs11-tool.c'. (bsc#1114649) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1156=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1156=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1156=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1156=1 - SUSE Linux Enterprise Realtime Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1156=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1156=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1156=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1156=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1156=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-1156=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - openSUSE Leap 15.3 (x86_64): opensc-32bit-0.19.0-150100.3.16.1 opensc-32bit-debuginfo-0.19.0-150100.3.16.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 - SUSE CaaS Platform 4.0 (x86_64): opensc-0.19.0-150100.3.16.1 opensc-debuginfo-0.19.0-150100.3.16.1 opensc-debugsource-0.19.0-150100.3.16.1 References: https://www.suse.com/security/cve/CVE-2021-42779.html https://www.suse.com/security/cve/CVE-2021-42780.html https://www.suse.com/security/cve/CVE-2021-42781.html https://www.suse.com/security/cve/CVE-2021-42782.html https://bugzilla.suse.com/1114649 https://bugzilla.suse.com/1191957 https://bugzilla.suse.com/1191992 https://bugzilla.suse.com/1192000 https://bugzilla.suse.com/1192005

1 0

openSUSE-SU-2022:0110-1: important: Security update for opera
by opensuse-security＠opensuse.org 08 Apr '22

08 Apr '22

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0110-1 Rating: important References: Cross-References: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520 CVE-2021-30541 CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552 CVE-2021-30553 CVE-2021-30554 CVE-2021-30555 CVE-2021-30556 CVE-2021-30557 CVE-2021-30560 CVE-2021-30561 CVE-2021-30562 CVE-2021-30563 CVE-2021-30564 CVE-2021-30590 CVE-2021-30591 CVE-2021-30592 CVE-2021-30593 CVE-2021-30594 CVE-2021-30596 CVE-2021-30597 CVE-2021-30598 CVE-2021-30599 CVE-2021-30600 CVE-2021-30601 CVE-2021-30602 CVE-2021-30603 CVE-2021-30604 CVE-2021-30606 CVE-2021-30607 CVE-2021-30608 CVE-2021-30609 CVE-2021-30610 CVE-2021-30611 CVE-2021-30612 CVE-2021-30613 CVE-2021-30614 CVE-2021-30615 CVE-2021-30616 CVE-2021-30617 CVE-2021-30618 CVE-2021-30619 CVE-2021-30620 CVE-2021-30621 CVE-2021-30622 CVE-2021-30623 CVE-2021-30624 CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30629 CVE-2021-30630 CVE-2021-30631 CVE-2021-30632 CVE-2021-30633 CVE-2021-37974 CVE-2021-37975 CVE-2021-37976 CVE-2021-37977 CVE-2021-37978 CVE-2021-37979 CVE-2021-37980 CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989 CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993 CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004 CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016 CVE-2021-38017 CVE-2021-38019 CVE-2021-38020 CVE-2021-38021 CVE-2021-38022 CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055 CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059 CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064 CVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068 CVE-2021-4078 CVE-2021-4079 CVE-2021-4098 CVE-2021-4099 CVE-2021-4100 CVE-2021-4101 CVE-2021-4102 CVE-2022-0096 CVE-2022-0097 CVE-2022-0098 CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102 CVE-2022-0103 CVE-2022-0104 CVE-2022-0105 CVE-2022-0106 CVE-2022-0107 CVE-2022-0108 CVE-2022-0109 CVE-2022-0110 CVE-2022-0111 CVE-2022-0112 CVE-2022-0113 CVE-2022-0114 CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118 CVE-2022-0120 CVE-2022-0289 CVE-2022-0290 CVE-2022-0291 CVE-2022-0292 CVE-2022-0293 CVE-2022-0294 CVE-2022-0295 CVE-2022-0296 CVE-2022-0297 CVE-2022-0298 CVE-2022-0300 CVE-2022-0301 CVE-2022-0302 CVE-2022-0304 CVE-2022-0305 CVE-2022-0306 CVE-2022-0307 CVE-2022-0308 CVE-2022-0309 CVE-2022-0310 CVE-2022-0311 CVE-2022-0452 CVE-2022-0453 CVE-2022-0454 CVE-2022-0455 CVE-2022-0456 CVE-2022-0457 CVE-2022-0458 CVE-2022-0459 CVE-2022-0460 CVE-2022-0461 CVE-2022-0462 CVE-2022-0463 CVE-2022-0464 CVE-2022-0465 CVE-2022-0466 CVE-2022-0467 CVE-2022-0468 CVE-2022-0469 CVE-2022-0470 CVE-2022-0603 CVE-2022-0604 CVE-2022-0605 CVE-2022-0606 CVE-2022-0607 CVE-2022-0608 CVE-2022-0609 CVE-2022-0610 CVE-2022-0789 CVE-2022-0790 CVE-2022-0791 CVE-2022-0792 CVE-2022-0793 CVE-2022-0794 CVE-2022-0795 CVE-2022-0796 CVE-2022-0797 CVE-2022-0798 CVE-2022-0799 CVE-2022-0800 CVE-2022-0801 CVE-2022-0802 CVE-2022-0803 CVE-2022-0804 CVE-2022-0805 CVE-2022-0806 CVE-2022-0807 CVE-2022-0808 CVE-2022-0809 CVE-2022-1096 CVSS scores: CVE-2021-30506 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30507 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30508 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30509 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30510 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30511 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2021-30512 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30513 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30514 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30515 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30516 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30517 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30518 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30519 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30520 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30544 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30545 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30545 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30546 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30546 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30547 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30547 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30548 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30548 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30549 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30549 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30550 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30550 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30551 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30551 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30552 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30553 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30553 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30554 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30555 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30556 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30557 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30625 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30626 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30627 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30628 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30629 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30630 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-30632 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-30633 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2021-37974 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37975 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37976 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-37977 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37978 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37979 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37980 (NVD) : 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2021-37981 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2021-37982 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37983 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37984 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37985 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37986 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37987 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37988 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37989 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-37990 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-37991 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37992 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37993 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37994 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-37995 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-37996 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-37997 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37998 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-37999 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2021-38001 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38002 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2021-38003 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38004 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-38005 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38006 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38007 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38008 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38009 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-38010 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-38011 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38012 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38013 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2021-38014 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38015 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38016 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38017 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-38019 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-38020 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2021-38021 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-38022 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-4052 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4053 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4054 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-4055 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4056 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4057 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4058 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4059 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-4061 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4062 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4063 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4064 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4065 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4066 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4067 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4068 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2021-4078 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4079 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4098 (NVD) : 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N CVE-2021-4099 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4100 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4101 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-4102 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0096 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0097 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2022-0098 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0099 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0100 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0101 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0102 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0103 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0104 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0105 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0106 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0107 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0108 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0109 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0110 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2022-0111 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2022-0112 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2022-0113 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0114 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2022-0115 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0116 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2022-0117 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0118 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2022-0120 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0289 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0290 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2022-0291 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0292 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2022-0293 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0294 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2022-0295 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0296 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0297 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0298 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0300 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0301 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0302 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0304 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0305 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2022-0306 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0307 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0308 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0309 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2022-0310 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0311 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.4:NonFree ______________________________________________________________________________ An update that fixes 241 vulnerabilities is now available. Description: This update for opera fixes the following issues: Update to 85.0.4341.28 - CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84 - DNA-98092 Crash at views::MenuItemView::GetMenuController() - DNA-98278 Translations for O85 - DNA-98320 [Mac] Unable to delete recent search entries - DNA-98614 Show recent searches for non-BABE users - DNA-98615 Allow removal of recent searches - DNA-98616 Add recent searches to ��old�� BABE - DNA-98617 Make it possible to disable ad-blocker per-country - DNA-98651 Remove Instagram and Facebook Messenger in Russia - DNA-98653 Add flag #recent-searches - DNA-98696 smoketest PageInfoHistoryDataSourceTest.FormatTimestampString failing - DNA-98703 Port Chromium issue 1309225 to Opera Stable - The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096 - Changes in 85.0.4341.18 - CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51 - DNA-98059 [Linux] Crash at opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled - DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get() - DNA-98126 System crash dialog shown on macOS <= 10.15 - DNA-98331 [Snap] Meme generator cropping / resizing broken - DNA-98394 Audio tab indicator set to "muted" on videoconferencing sites - DNA-98481 Report errors in opauto_collector - The update to chromium 99.0.4844.51 fixes following issues: CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792, CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796, CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800, CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804, CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809 - Changes in 85.0.4341.13 - DNA-94119 Upgrade curl to 7.81.0 - DNA-97849 [Mac monterey] System shortcut interfere with Opera��s `ToggleSearchInOpenTabs` shortcut - DNA-98204 Automatic popout happens when video is paused - DNA-98231 Shortcuts are blocked by displayed tab tooltip when triggered quickly after tooltip appears - DNA-98321 Add thinlto-cache warnings to suppression list - DNA-98395 Promote O85 to stable - Complete Opera 85.0 changelog at: https://blogs.opera.com/desktop/changelog-for-85/ - Update to 84.0.4316.42 - DNA-94119 Upgrade curl to 7.81.0 - DNA-98092 Crash at views::MenuItemView::GetMenuController() - DNA-98204 Automatic popout happens when video is paused - DNA-98231 Shortcuts are blocked by displayed tab tooltip when triggered quickly after tooltip appears - Update to 84.0.4316.31 - CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109 - DNA-97573 [Win][Lin]��Close tab�� button is not displayed on tabs playing media when many tabs are open - DNA-97729 cancelling the process uploading custom Wallpaper crashes the browser - DNA-97871 Google meet tab��s icons don��t fit on pinned tab - DNA-97872 Tab is being unpinned when video conferencing button is clicked - DNA-98039 Dark theme top sites have black background - DNA-98117 Clicking current tab information should hide tooltip - Update to 84.0.4316.21 - CHR-8762 Update chromium on desktop-stable-98-4316 to 98.0.4758.102 - DNA-97333 ��Add a site�� label on start page tile barely visible - DNA-97691 Opera 84 translations - DNA-97767 Wrong string in FR - DNA-97855 Crash at ScopedProfileKeepAlive::~ScopedProfileKeepAlive() - DNA-97982 Enable #snap-upstream-implementation on all streams - The update to chromium 98.0.4758.102 fixes following issues: CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610 - Update to 84.0.4316.14 - CHR-8753 Update chromium on desktop-stable-98-4316 to 98.0.4758.82 - DNA-97177 Battery saver �� the icon looks bad for DPI!=100% - DNA-97614 automatic video pop-out for most popular websites broadcasting Winter Olympic Games 2022 - DNA-97804 Promote O84 to stable - The update to chromium 98.0.4758.82 fixes following issues: CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455, CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459, CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463, CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467, CVE-2022-0468, CVE-2022-0469, CVE-2022-0470 - Complete Opera 84.0 changelog at: https://blogs.opera.com/desktop/changelog-for-84/ - Update to 83.0.4254.54 - DNA-96581 Fast tab tooltip doesn��t always show related sites with scrollable tab strip - DNA-96608 Cannot drag a tab to create a new window - DNA-96657 Do not make tab tooltip hoverable if there��s no list of tabs - DNA-97291 Crash at opera::flow::FlowSessionImpl::RegisterDevice(base::OnceCallback) - DNA-97468 Incorrect number of restored tabs when video-popout is detached - DNA-97476 Add retry to stapling during signing - DNA-97609 Failing MetricsReporterTest.TimeSpent* smoketests - Update to 83.0.4254.27 - CHR-8737 Update chromium on desktop-stable-97-4254 to 97.0.4692.99 - DNA-96336 [Mac] Translate new network installer slogan - DNA-96678 Add battery level monitoring capability to powerSavePrivate - DNA-96939 Crash at opera::ExternalVideoService::MarkAsManuallyClosed() - DNA-97276 Enable #static-tab-audio-indicator on all streams - The update to chromium 97.0.4692.99 fixes following issues: CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292, CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296, CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301, CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306, CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310, CVE-2022-0311 - Update to 83.0.4254.19 - DNA-96079 Turn on #automatic-video-popout on developer - DNA-97070 Opera 83 translations - DNA-97119 [LastCard] Stop showing used burner cards - DNA-97131 Enable automatic-video-popout on all streams from O84 on - DNA-97257 Crash at views::ImageButton::SetMinimumImageSize(gfx::Size const&) - DNA-97259 Promote O83 to stable - Complete Opera 83.0 changelog at: https://blogs.opera.com/desktop/changelog-for-83/ - Update to 83.0.4254.16 - DNA-96968 Fix alignment of the 'Advanced' button in Settings - Update to 83.0.4254.14 - CHR-8701 Update chromium on desktop-stable-97-4254 to 97.0.4692.45 - CHR-8713 Update chromium on desktop-stable-97-4254 to 97.0.4692.56 - CHR-8723 Update chromium on desktop-stable-97-4254 to 97.0.4692.71 - DNA-96780 Crash at ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*) - DNA-96822 Tab close resize behavior change - DNA-96861 Create Loomi Options menu - DNA-96904 Support Win11 snap layout popup - DNA-96951 Tab close animation broken - DNA-96991 Tab X button doesn��t work correctly - DNA-97027 Incorrect tab size after tab close - The update to chromium 97.0.4692.71 fixes following issues: CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099, CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103, CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106, CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110, CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113, CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117, CVE-2022-0118, CVE-2022-0120 - Update to version 82.0.4227.58 - DNA-96780 Crash at ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*) - DNA-96890 Settings default browser not working for current user on Windows 7 - Update to version 82.0.4227.43 - CHR-8705 Update chromium on desktop-stable-96-4227 to 96.0.4664.110 - DNA-93284 Unstable obj/opera/desktop/common/installer_rc_generated/installer.res - DNA-95908 Interstitial/internal pages shown as NOT SECURE after visiting http site - DNA-96404 Opera doesn��t show on main screen when second screen is abruptly disconnected - The update to chromium 96.0.4664.110 fixes following issues: CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101, CVE-2021-4102 - Update to version 82.0.4227.33 - CHR-8689 Update chromium on desktop-stable-96-4227 to 96.0.4664.93 - DNA-96559 Tooltip popup looks bad in dark theme - DNA-96570 [Player] Tidal logging in via PLAY doesn��t work - DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks - DNA-96649 Update Meme button - DNA-96676 Add Icon in the Sidebar Setup - DNA-96677 Add default URL - The update to chromium 96.0.4664.93 fixes following issues: CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054, CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057, CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062, CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066, CVE-2021-4067, CVE-2021-4068 - Update to version 82.0.4227.23 - DNA-95632 With new au-logic UUID is set with delay and may be not set for pb-builds (when closing fast) - DNA-96349 Laggy tooltip animation - DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap version for Opera 82 - DNA-96493 Create 'small' enticement in credit card autofill - DNA-96533 Opera 82 translations - DNA-96535 Make the URL configurable - DNA-96553 Add switch to whitelist test pages - DNA-96557 Links not opened from panel - DNA-96558 AdBlock bloks some trackers inside the panel - DNA-96568 [Player] Tidal in sidebar Player opens wrong site when logging in - DNA-96659 Siteprefs not applied after network service crash - DNA-96593 Promote O82 to stable - Complete Opera 82.0 changelog at: https://blogs.opera.com/desktop/changelog-for-82/ - Update to version 82.0.4227.13 - CHR-8668 Update chromium on desktop-stable-96-4227 to 96.0.4664.45 - DNA-76987 [Mac] Update desktop EULA with geolocation split - DNA-93388 Problem with symlinks on windows when creating file list - DNA-95734 Discarded Recently Closed items get revived after restart - DNA-96134 "Your profile has been updated" does not disappear - DNA-96190 Opera freezes when trying to drag expanded bookmark folder with nested subfolders - DNA-96223 Easy Files not working in Full Screen - DNA-96274 Checkout autofill shouldn't show used burner card - DNA-96275 Change the notification message for pausing multi-use cards - DNA-96295 "Video pop out" setting doesn't sync - DNA-96316 Highlight text wrong colour on dark mode - DNA-96326 Wrong translation Private Mode > Turkish - DNA-96351 macOS window controls are missing in full screen - DNA-96440 Update video URL - DNA-96448 add option to pin extension via rich hints - DNA-96453 Register user-chosen option on client-side, read on hint side - DNA-96454 Choosing an option from the settings menu should close the popup - DNA-96484 Enable AB test for a new autoupdater logic (for 50%) - DNA-96500 Add "don't show me again" prefs to allowed whitelist - DNA-96538 Inline audiocomplete for www.mediaexpert.pl incorrectly suggested - The update to chromium 96.0.4664.45 fixes following issues: CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008, CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012, CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016, CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021, CVE-2021-38022 - Update to version 81.0.4196.54 - CHR-8644 Update chromium on desktop-stable-95-4196 to 95.0.4638.69 - DNA-95773 ExtensionWebRequestApiTest crashes on mac - DNA-96062 Opera 81 translations - DNA-96134 ��Your profile has been updated�� does not disappear - DNA-96274 Checkout autofill shouldn��t show used burner card - DNA-96275 Change the notification message for pausing multi-use cards - DNA-96440 Update video URL - The update to chromium 95.0.4638.69 fixes following issues: CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980, CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004 - Update to version 81.0.4196.37 - DNA-96008 Crash at content::WebContentsImpl::OpenURL(content::OpenURLParams const&) - DNA-96032 Closing the videoconference pop-up force leaving the meeting - DNA-96092 Crash at void opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result) - DNA-96142 [Yat] Emoji icon cut off in URL for Yat - Update to version 81.0.4196.31 - DNA-95733 Implement the ��Manage�� menu in card details view - DNA-95736 Update UI for paused card - DNA-95791 Crash at base::operator< - DNA-95794 Sometimes the sidebar UI fails to load - DNA-95812 Retrieve cards info when showing autofill - DNA-96035 Cannot create virtual card on Sandbox environment - DNA-96147 ��Buy�� button does not work - DNA-96168 Update contributors list - DNA-96211 Enable #fast-tab-tooltip on all streams - DNA-96231 Promote O81 to stable - Complete Opera 80.1 changelog at: https://blogs.opera.com/desktop/changelog-for-81/ - Update to version 81.0.4196.27 - CHR-8623 Update chromium on desktop-stable-95-4196 to 95.0.4638.54 - DNA-92384 Better segmenting of hint users - DNA-95523 Allow sorting in multi-card view - DNA-95659 Flow of Lastcard on first login - DNA-95735 Implement the button that reveals full card details - DNA-95747 Better way to handle expired funding card - DNA-95949 [Mac Retina] Clicking active tab should scroll to the top - DNA-95993 Update icon used for Yat in address bar dropdown - DNA-96021 Cleared download item view is never deleted - DNA-96036 Occupation field in 'Account �� Edit' is shown twice - DNA-96127 Upgrade plan button does nothing - DNA-96138 "Add Card" button does not change to "Upgrade Plan" after adding card - The update to chromium 95.0.4638.54 fixes following issues: CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984, CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988, CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992, CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996 - Update to version 80.0.4170.72 - DNA-95522 Change card view to show all types of cards - DNA-95523 Allow sorting in multi-card view - DNA-95524 Allow searching for cards by name - DNA-95658 Allow user to add a card - DNA-95659 Flow of Lastcard on first login - DNA-95660 Implement editing card details - DNA-95699 Add card details view - DNA-95733 Implement the ��Manage�� menu in card details view - DNA-95735 Implement the button that reveals full card details - DNA-95736 Update UI for paused card - DNA-95747 Better way to handle expired funding card - DNA-95794 Sometimes the sidebar UI fails to load - DNA-95812 Retrieve cards info when showing autofill - DNA-96036 Occupation field in ��Account �� Edit�� is shown twice - DNA-96127 Upgrade plan button does nothing - DNA-96138 ��Add Card�� button does not change to ��Upgrade Plan�� after adding card - Update to version 80.0.4170.63 - CHR-8612 Update chromium on desktop-stable-94-4170 to 94.0.4606.81 - DNA-95434 Crash at opera::ThemesService::UpdateCurrentTheme() - The update to chromium 94.0.4606.81 fixes following issues: CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980 - Update to version 80.0.4170.40 - CHR-8598 Update chromium on desktop-stable-94-4170 to 94.0.4606.71 - DNA-95221 Emoji button stuck in address bar - DNA-95325 Make y.at navigations to be reported with page_views events - DNA-95327 Add ��Emojis�� context menu option in address bar field - DNA-95339 Add YAT emoji url suggestion to search�� dialog - DNA-95416 Remove emoji button from address bar - DNA-95439 Enable #yat-emoji-addresses on developer stream - DNA-95441 [Mac big sur] Emoji are not shown in address bar url - DNA-95514 Crash at resource_coordinator::TabLifecycleUnitSource ::TabLifecycleUnit::OnLifecycleUnitStateChanged(mojom:: LifecycleUnitState, mojom::LifecycleUnitStateChangeReason) - DNA-95746 Enable #reader-mode everywhere - DNA-95865 Numbers are recognized as emojis - DNA-95866 Change Yat text in selection popup - DNA-95867 Show that buttons are clickable in selection popup - The update to chromium 94.0.4606.71 fixes following issues: CVE-2021-37974, CVE-2021-37975, CVE-2021-37976 - Update to version 80.0.4170.16 - CHR-8590 Update chromium on desktop-stable-94-4170 to 94.0.4606.61 - DNA-95347 Make InstallerStep::Run async - DNA-95420 First suggestion in address field is often not highlighted - DNA-95613 Browser closing itself after closing SD/first tab and last opened tab - DNA-95725 Promote O80 to stable - DNA-95781 Import fixes for CVE-2021-37975, CVE-2021-37976 and CVE-2021-37974 to desktop-stable-94-4170 - Complete Opera 80.0 changelog at: https://blogs.opera.com/desktop/changelog-for-80/ - Drop Provides/Obsoletes for opera-gtk and opera-kde4 opera-gtk and opera-kde4 were last used in openSUSE 13.1 - Drop post/postun for desktop_database_post and icon_theme_cache_post because were last used before openSUSE 15.0 - Update to version 79.0.4143.72 - DNA-94933 Add emoji panel to address bar - DNA-95210 Add emoji YAT address bar suggestions - DNA-95221 Emoji button stuck in address bar - DNA-95325 Make y.at navigations to be reported with page_views events - DNA-95327 Add ��Emojis�� context menu option in address bar field - DNA-95339 Add YAT emoji url suggestion to search�� dialog - DNA-95364 Add browser feature flag - DNA-95416 Remove emoji button from address bar - DNA-95439 Enable #yat-emoji-addresses on developer stream - DNA-95441 [Mac big sur] Emoji are not shown in address bar url - DNA-95445 Crash when removing unsynced pinboard bookmark with sync enabled - DNA-95512 Allow to show title and timer for simple banners - DNA-95516 Wrong label in settings for themes - DNA-95679 Temporarily disable AB test for a new autoupdater logic - Update to version 79.0.4143.50 - CHR-8571 Update chromium on desktop-stable-93-4143 to 93.0.4577.82 - DNA-94104 ContinueShoppingOnEbayBrowserTest.ShouldDisplayOffers TilesStartingWithMostActiveOnes fails - DNA-94894 [Rich Hint] Agent API permissions - DNA-94989 Wrong color and appearance of subpages in the settings - DNA-95241 ��Switch to tab�� button is visible only on hover - DNA-95286 Add unit tests to pinboard sync related logic in browser - DNA-95372 [Mac retina screen] Snapshot doesnt capture cropped area - DNA-95526 Some webstore extensions are not verified properly - The update to chromium 93.0.4577.82 fixes following issues: CVE-2021-30625, CVE-2021-30626, CVE-2021-30627, CVE-2021-30628, CVE-2021-30629, CVE-2021-30630, CVE-2021-30631, CVE-2021-30632, CVE-2021-30633 - Update to version 79.0.4143.22 - CHR-8550 Update chromium on desktop-stable-93-4143 to 93.0.4577.58 - CHR-8557 Update chromium on desktop-stable-93-4143 to 93.0.4577.63 - DNA-94641 [Linux] Proprietary media codecs not working in snap builds - DNA-95076 [Linux] Page crash with media content - DNA-95084 [Mac] Cannot quit through menu with snapshot editor open - DNA-95138 Add setting to synchronize Pinboards - DNA-95157 Crash at -[OperaCrApplication sendEvent:] - DNA-95204 Opera 79 translations - DNA-95240 The pinboard thumbnail cannot be generated anymore - DNA-95278 Existing Pinboards might be missing - DNA-95292 Enable #bookmarks-trash-cleaner on all streams - DNA-95293 Enable #easy-files-downloads-folder on all streams - DNA-95383 Promote O79 to stable - Complete Opera 79.0 changelog at: https://blogs.opera.com/desktop/changelog-for-79/ - The update to chromium 93.0.4577.58 fixes following issues: CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609, CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613, CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617, CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621, CVE-2021-30622, CVE-2021-30623, CVE-2021-30624 - Update to version 78.0.4093.184 - CHR-8533 Update chromium on desktop-stable-92-4093 to 92.0.4515.159 - DNA-93472 Reattaching to other browsers - DNA-93741 Multiple hint slots - DNA-93742 Allow displaying unobtrusive external hints - DNA-93744 Add slots in toolbar action view - DNA-94230 Improve text contrast for Speed Dials - DNA-94724 [Mac] Add macOS dark theme wallpaper with easy setup - DNA-94786 Crash at base::SupportsUserData:: SetUserData(void const*, std::__1::unique_ptr) - DNA-94807 Allow scripts access opera version and product info - DNA-94862 Continue on shopping Amazon doesn��t work correct - DNA-94870 Add an addonsPrivate function to install with permissions dialog first - DNA-95064 Revert DNA-93714 on stable - The update to chromium 92.0.4515.159 fixes following issues: CVE-2021-30598, CVE-2021-30599, CVE-2021-30600, CVE-2021-30601, CVE-2021-30602, CVE-2021-30603, CVE-2021-30604 - Update to version 78.0.4093.147 - CHR-8251 Update chromium on desktop-stable-92-4093 to 92.0.4515.131 - DNA-93036 Opera not starting after closing window. Processes still working. - DNA-94516 Add ��Detach tab�� entry to tab menu - DNA-94584 [Mac] Sidebar setup not closed after press ��Add extensions�� button - DNA-94761 Crash when trying to record ��Chrome developer�� trace - DNA-94790 Crash at opera::VideoConferenceTabDetachController:: OnBrowserAboutToStartClosing(Browser*) - The update to chromium 92.0.4515.131 fixes following issues: CVE-2021-30590, CVE-2021-30591, CVE-2021-30592, CVE-2021-30593, CVE-2021-30594, CVE-2021-30596, CVE-2021-30597 - Update to version 78.0.4093.112 - DNA-94466 Implement sorting Pinboards in overview - DNA-94582 Add access to APIs for showing pinboard icon in sidebar - DNA-94603 Suspicious pinboards events - DNA-94625 Disable opr.pinboardPrivate.getThumbnail() for local files - DNA-94640 Promote O78 to stable - DNA-94661 Missing translations for some languages - Complete Opera 78.0 changelog at: https://blogs.opera.com/desktop/changelog-for-78/ - Update to version 77.0.4054.277 - CHR-8502 Update chromium on desktop-stable-91-4054 to 91.0.4472.164 - DNA-94291 Video conference popout doesnt remember its size after resizing - DNA-94399 Incorrect icon for wp.pl in address bar dropdown - DNA-94462 Low quality of default wallpaper on windows - The update to chromium 91.0.4472.164 fixes following issues: CVE-2021-30541, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562, CVE-2021-30563, CVE-2021-30564 - Update to version 77.0.4054.254 - DNA-92344 Windows 10 Implementation - DNA-92486 Replace �� icon with ��settings�� icon - DNA-92487 Close individual item - DNA-92496 Create separate entry in settings for BABE - DNA-93275 Implement cycles size according to design - DNA-93280 The system theme has only half a checkmark - DNA-93728 Whatsapp notification is not refreshed - DNA-94047 Remove pinboard WebUI integration - DNA-94118 Write test for ThumbnailTabHelper changes in DNA-94100 - DNA-94120 Fix Welcome popup layout - DNA-94140 Crash at base::TaskRunner ::PostTask(base::Location const&, base::OnceCallback) - DNA-94205 Consider setting pinboard display URL in address_field_helper.cc - DNA-94211 Easy Files don��t show thumbnails - DNA-94309 Pinboards URLs don��t get lighter color treatment - DNA-94318 Wrong ��Transparency�� word translation in Swedish - DNA-94321 AB test: google suggestions on top �� bigger test - DNA-94341 Make pinboard popup testable on web page - DNA-94381 Disabling Pinboards doesn��t remove item from menu / sidebar - DNA-94392 Add u2f-devices interface to snap packages - DNA-94461 Enable #system-theme on all streams - Update to version 77.0.4054.203 - CHR-8475 Update chromium on desktop-stable-91-4054 to 91.0.4472.124 - DNA-93523 Crash at extensions::TabHelper::WebContentsDestroyed() - DNA-93917 Upload snap to edge while preparing repository package - DNA-94157 Crash at gfx::ICCProfile::operator=(gfx::ICCProfile const&) - DNA-94159 Crash at opera::auth::AuthAccountServiceImpl::GetAuthAccount() - DNA-94161 [Add tabs]Unexpected symbols instead of Workspace name - DNA-94241 Implement better process killing for timeout - DNA-94248 Allow retry on tests that timed-out - DNA-94251 heap-use-after-free in VideoConference - DNA-94315 Crash at class std::__1::basic_string ui::ResourceBundle:: LoadLocaleResources(const class std::__1::basic_string& const, bool) - DNA-94357 Fix issue in scripts - Update to version 77.0.4054.172 - DNA-93078 Do not display ��share tab�� sliding toolbar on detached tab - DNA-93358 The red underline extends beyond the Google meets conference tab outline - DNA-93404 Crash in test when destroying BABE��s webcontents - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers - DNA-93661 Add opauto test to cover new shortcut from DNA-93637 - DNA-93867 Use version from package instead of repository - DNA-93993 Pinboard translations from Master - DNA-94099 Increase new-autoupdater-logic AB test to cover 50% of new installations - DNA-94100 Thumbnail doesn��t update - DNA-94178 Automatic popout should not happen after manually closing a popout - Update to version 77.0.4054.146 - CHR-8458 Update chromium on desktop-stable-91-4054 to 91.0.4472.114 - DNA-92171 Create active linkdiscovery service - DNA-92388 Fix and unskip WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible - DNA-93101 Tabs are being snoozed when tab snoozing is disabled - DNA-93386 Update pinboard view when item changes - DNA-93448 Make browser ready for Developer release - DNA-93491 Fix failing tests after enabling #pinboard flag - DNA-93498 Add additional music services - DNA-93503 Blank popup on clicking toolbar icon with popup open - DNA-93561 Do not allow zoom different from 100% in Pinboard popup - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers - DNA-93644 Create route for `import open tabs` to `pinboard` - DNA-93664 Adapt popup to design - DNA-93702 Turn on flags on developer - DNA-93737 [Pinboard] Remove Mock API - DNA-93745 Unable to open the popup after opening it several times - DNA-93776 Popup closes and reopens when clicking the toolbar button - DNA-93786 DCHECK after opening popup - DNA-93802 Crash at views::Widget::GetNativeView() const - DNA-93810 Add pinboard icon to sidebar - DNA-93825 Add pinboard to Opera menu - DNA-93833 [Player] Implement seeking for new services - DNA-93845 Do not log output of snapcraft on console - DNA-93864 Create feature flag for start page sync banner - DNA-93865 Implement start page banner - DNA-93867 Use version from package instead of repository - DNA-93878 [Player] Crash when current player service becomes unavailable when user location changes - DNA-93953 ��Send image to Pinboard�� has the wrong position in the context menu - DNA-93987 Disable zooming popup contents like in other popups - DNA-93989 Change internal URL to opera://pinboards - DNA-93990 Update strings to reflect new standards - DNA-93992 Add Pinboards to Opera settings - DNA-93993 Pinboard translations from Master - DNA-94011 Enable feature flags for Reborn 5 on stable - DNA-94019 Add a direct link to settings - DNA-94088 Internal pages provoke not saving other pages to the Pinboard - DNA-94111 [O77] Sidebar setup does not open - DNA-94139 Crash at opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget() - The update to chromium 91.0.4472.114 fixes following issues: CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557 - Update to version 77.0.4054.90 - CHR-8446 Update chromium on desktop-stable-91-4054 to 91.0.4472.101 - The update to chromium 91.0.4472.101 fixes following issues: CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547, CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551, CVE-2021-30552, CVE-2021-30553 - Update to version 77.0.4054.80 - DNA-93656 Active cards in checkout Auto-fill - DNA-93805 Create snap packages in buildsign - DNA-93823 archive_opera_snap failures on Linux - DNA-93844 Fix AttributeError in package_type.py - Update to version 77.0.4054.64 - DNA-93159 Implement image(preview) of each created pinboard - DNA-93273 ��Send image to Pinboard�� doesn��t work correct on staging server - DNA-93277 Add/update opauto tests for the System Theme WP1 implementation p.1 - DNA-93286 [BigSur] YT not being reloaded when opened from link - DNA-93296 Opera 77 translations - DNA-93372 Build new edition for Axel Springer - DNA-93376 Write unittests for PinboardImageCollector - DNA-93401 [LastCard] Do not change user state if not needed - DNA-93409 Animation with hat and glasses is missing in Private mode - DNA-93443 API opr.pinboardPrivate.getThumbnail() returns old thumbnail image - DNA-93509 Add Opera switch for pinboard staging backend and use it for tests - DNA-93519 [Sidebar] WhatsApp ��Log out�� doesn��t work - DNA-93634 Fix errors in Slovak translations - DNA-93724 Some webstore extensions are not verified properly - Complete Opera 77.0 changelog at: https://blogs.opera.com/desktop/changelog-for-77/ - Update to version 76.0.4017.177 - DNA-92597 Sound controller doesn��t work after pressing ��Next�� button - DNA-93405 Import vmp_signer instead of starting new python process - DNA-93406 [Mac] Import plist_util instead of calling script in _generateAppEntitlements - DNA-93442 Make GX Control panel attachable by webdriver - DNA-93554 [AdBlock] Find a fix for blocking ��new�� YouTube ads - DNA-93587 Pre-refactor solution - Update to version 76.0.4017.154 - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212 - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode - DNA-92587 Sync settings: ��Use old password�� button doesn��t work - DNA-92672 Make it possible for agent to inject scripts into startpage - DNA-92712 Add SD reload API - DNA-93190 The bookmark can��t be opened in Workspace 5-6 - DNA-93247 Reopen last closed tab shortcut opens random tab on new window - DNA-93294 Binary diff for opera_browser.dll is not created on 32-bit builds - DNA-93313 Add opauto test to cover DNA-93190 - DNA-93368 Fix an error in Polish translation - DNA-93408 [Windows] widevine_cdm_component_installer does not compile on desktop-stable-90-4017 - The update to chromium 90.0.4430.212 fixes following issues: CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, CVE-2021-30519, CVE-2021-30520 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4:NonFree: zypper in -t patch openSUSE-2022-110=1 Package List: - openSUSE Leap 15.4:NonFree (x86_64): opera-85.0.4341.28-lp154.2.5.1 References: https://www.suse.com/security/cve/CVE-2021-30506.html https://www.suse.com/security/cve/CVE-2021-30507.html https://www.suse.com/security/cve/CVE-2021-30508.html https://www.suse.com/security/cve/CVE-2021-30509.html https://www.suse.com/security/cve/CVE-2021-30510.html https://www.suse.com/security/cve/CVE-2021-30511.html https://www.suse.com/security/cve/CVE-2021-30512.html https://www.suse.com/security/cve/CVE-2021-30513.html https://www.suse.com/security/cve/CVE-2021-30514.html https://www.suse.com/security/cve/CVE-2021-30515.html https://www.suse.com/security/cve/CVE-2021-30516.html https://www.suse.com/security/cve/CVE-2021-30517.html https://www.suse.com/security/cve/CVE-2021-30518.html https://www.suse.com/security/cve/CVE-2021-30519.html https://www.suse.com/security/cve/CVE-2021-30520.html https://www.suse.com/security/cve/CVE-2021-30541.html https://www.suse.com/security/cve/CVE-2021-30544.html https://www.suse.com/security/cve/CVE-2021-30545.html https://www.suse.com/security/cve/CVE-2021-30546.html https://www.suse.com/security/cve/CVE-2021-30547.html https://www.suse.com/security/cve/CVE-2021-30548.html https://www.suse.com/security/cve/CVE-2021-30549.html https://www.suse.com/security/cve/CVE-2021-30550.html https://www.suse.com/security/cve/CVE-2021-30551.html https://www.suse.com/security/cve/CVE-2021-30552.html https://www.suse.com/security/cve/CVE-2021-30553.html https://www.suse.com/security/cve/CVE-2021-30554.html https://www.suse.com/security/cve/CVE-2021-30555.html https://www.suse.com/security/cve/CVE-2021-30556.html https://www.suse.com/security/cve/CVE-2021-30557.html https://www.suse.com/security/cve/CVE-2021-30560.html https://www.suse.com/security/cve/CVE-2021-30561.html https://www.suse.com/security/cve/CVE-2021-30562.html https://www.suse.com/security/cve/CVE-2021-30563.html https://www.suse.com/security/cve/CVE-2021-30564.html https://www.suse.com/security/cve/CVE-2021-30590.html https://www.suse.com/security/cve/CVE-2021-30591.html https://www.suse.com/security/cve/CVE-2021-30592.html https://www.suse.com/security/cve/CVE-2021-30593.html https://www.suse.com/security/cve/CVE-2021-30594.html https://www.suse.com/security/cve/CVE-2021-30596.html https://www.suse.com/security/cve/CVE-2021-30597.html https://www.suse.com/security/cve/CVE-2021-30598.html https://www.suse.com/security/cve/CVE-2021-30599.html https://www.suse.com/security/cve/CVE-2021-30600.html https://www.suse.com/security/cve/CVE-2021-30601.html https://www.suse.com/security/cve/CVE-2021-30602.html https://www.suse.com/security/cve/CVE-2021-30603.html https://www.suse.com/security/cve/CVE-2021-30604.html https://www.suse.com/security/cve/CVE-2021-30606.html https://www.suse.com/security/cve/CVE-2021-30607.html https://www.suse.com/security/cve/CVE-2021-30608.html https://www.suse.com/security/cve/CVE-2021-30609.html https://www.suse.com/security/cve/CVE-2021-30610.html https://www.suse.com/security/cve/CVE-2021-30611.html https://www.suse.com/security/cve/CVE-2021-30612.html https://www.suse.com/security/cve/CVE-2021-30613.html https://www.suse.com/security/cve/CVE-2021-30614.html https://www.suse.com/security/cve/CVE-2021-30615.html https://www.suse.com/security/cve/CVE-2021-30616.html https://www.suse.com/security/cve/CVE-2021-30617.html https://www.suse.com/security/cve/CVE-2021-30618.html https://www.suse.com/security/cve/CVE-2021-30619.html https://www.suse.com/security/cve/CVE-2021-30620.html https://www.suse.com/security/cve/CVE-2021-30621.html https://www.suse.com/security/cve/CVE-2021-30622.html https://www.suse.com/security/cve/CVE-2021-30623.html https://www.suse.com/security/cve/CVE-2021-30624.html https://www.suse.com/security/cve/CVE-2021-30625.html https://www.suse.com/security/cve/CVE-2021-30626.html https://www.suse.com/security/cve/CVE-2021-30627.html https://www.suse.com/security/cve/CVE-2021-30628.html https://www.suse.com/security/cve/CVE-2021-30629.html https://www.suse.com/security/cve/CVE-2021-30630.html https://www.suse.com/security/cve/CVE-2021-30631.html https://www.suse.com/security/cve/CVE-2021-30632.html https://www.suse.com/security/cve/CVE-2021-30633.html https://www.suse.com/security/cve/CVE-2021-37974.html https://www.suse.com/security/cve/CVE-2021-37975.html https://www.suse.com/security/cve/CVE-2021-37976.html https://www.suse.com/security/cve/CVE-2021-37977.html https://www.suse.com/security/cve/CVE-2021-37978.html https://www.suse.com/security/cve/CVE-2021-37979.html https://www.suse.com/security/cve/CVE-2021-37980.html https://www.suse.com/security/cve/CVE-2021-37981.html https://www.suse.com/security/cve/CVE-2021-37982.html https://www.suse.com/security/cve/CVE-2021-37983.html https://www.suse.com/security/cve/CVE-2021-37984.html https://www.suse.com/security/cve/CVE-2021-37985.html https://www.suse.com/security/cve/CVE-2021-37986.html https://www.suse.com/security/cve/CVE-2021-37987.html https://www.suse.com/security/cve/CVE-2021-37988.html https://www.suse.com/security/cve/CVE-2021-37989.html https://www.suse.com/security/cve/CVE-2021-37990.html https://www.suse.com/security/cve/CVE-2021-37991.html https://www.suse.com/security/cve/CVE-2021-37992.html https://www.suse.com/security/cve/CVE-2021-37993.html https://www.suse.com/security/cve/CVE-2021-37994.html https://www.suse.com/security/cve/CVE-2021-37995.html https://www.suse.com/security/cve/CVE-2021-37996.html https://www.suse.com/security/cve/CVE-2021-37997.html https://www.suse.com/security/cve/CVE-2021-37998.html https://www.suse.com/security/cve/CVE-2021-37999.html https://www.suse.com/security/cve/CVE-2021-38001.html https://www.suse.com/security/cve/CVE-2021-38002.html https://www.suse.com/security/cve/CVE-2021-38003.html https://www.suse.com/security/cve/CVE-2021-38004.html https://www.suse.com/security/cve/CVE-2021-38005.html https://www.suse.com/security/cve/CVE-2021-38006.html https://www.suse.com/security/cve/CVE-2021-38007.html https://www.suse.com/security/cve/CVE-2021-38008.html https://www.suse.com/security/cve/CVE-2021-38009.html https://www.suse.com/security/cve/CVE-2021-38010.html https://www.suse.com/security/cve/CVE-2021-38011.html https://www.suse.com/security/cve/CVE-2021-38012.html https://www.suse.com/security/cve/CVE-2021-38013.html https://www.suse.com/security/cve/CVE-2021-38014.html https://www.suse.com/security/cve/CVE-2021-38015.html https://www.suse.com/security/cve/CVE-2021-38016.html https://www.suse.com/security/cve/CVE-2021-38017.html https://www.suse.com/security/cve/CVE-2021-38019.html https://www.suse.com/security/cve/CVE-2021-38020.html https://www.suse.com/security/cve/CVE-2021-38021.html https://www.suse.com/security/cve/CVE-2021-38022.html https://www.suse.com/security/cve/CVE-2021-4052.html https://www.suse.com/security/cve/CVE-2021-4053.html https://www.suse.com/security/cve/CVE-2021-4054.html https://www.suse.com/security/cve/CVE-2021-4055.html https://www.suse.com/security/cve/CVE-2021-4056.html https://www.suse.com/security/cve/CVE-2021-4057.html https://www.suse.com/security/cve/CVE-2021-4058.html https://www.suse.com/security/cve/CVE-2021-4059.html https://www.suse.com/security/cve/CVE-2021-4061.html https://www.suse.com/security/cve/CVE-2021-4062.html https://www.suse.com/security/cve/CVE-2021-4063.html https://www.suse.com/security/cve/CVE-2021-4064.html https://www.suse.com/security/cve/CVE-2021-4065.html https://www.suse.com/security/cve/CVE-2021-4066.html https://www.suse.com/security/cve/CVE-2021-4067.html https://www.suse.com/security/cve/CVE-2021-4068.html https://www.suse.com/security/cve/CVE-2021-4078.html https://www.suse.com/security/cve/CVE-2021-4079.html https://www.suse.com/security/cve/CVE-2021-4098.html https://www.suse.com/security/cve/CVE-2021-4099.html https://www.suse.com/security/cve/CVE-2021-4100.html https://www.suse.com/security/cve/CVE-2021-4101.html https://www.suse.com/security/cve/CVE-2021-4102.html https://www.suse.com/security/cve/CVE-2022-0096.html https://www.suse.com/security/cve/CVE-2022-0097.html https://www.suse.com/security/cve/CVE-2022-0098.html https://www.suse.com/security/cve/CVE-2022-0099.html https://www.suse.com/security/cve/CVE-2022-0100.html https://www.suse.com/security/cve/CVE-2022-0101.html https://www.suse.com/security/cve/CVE-2022-0102.html https://www.suse.com/security/cve/CVE-2022-0103.html https://www.suse.com/security/cve/CVE-2022-0104.html https://www.suse.com/security/cve/CVE-2022-0105.html https://www.suse.com/security/cve/CVE-2022-0106.html https://www.suse.com/security/cve/CVE-2022-0107.html https://www.suse.com/security/cve/CVE-2022-0108.html https://www.suse.com/security/cve/CVE-2022-0109.html https://www.suse.com/security/cve/CVE-2022-0110.html https://www.suse.com/security/cve/CVE-2022-0111.html https://www.suse.com/security/cve/CVE-2022-0112.html https://www.suse.com/security/cve/CVE-2022-0113.html https://www.suse.com/security/cve/CVE-2022-0114.html https://www.suse.com/security/cve/CVE-2022-0115.html https://www.suse.com/security/cve/CVE-2022-0116.html https://www.suse.com/security/cve/CVE-2022-0117.html https://www.suse.com/security/cve/CVE-2022-0118.html https://www.suse.com/security/cve/CVE-2022-0120.html https://www.suse.com/security/cve/CVE-2022-0289.html https://www.suse.com/security/cve/CVE-2022-0290.html https://www.suse.com/security/cve/CVE-2022-0291.html https://www.suse.com/security/cve/CVE-2022-0292.html https://www.suse.com/security/cve/CVE-2022-0293.html https://www.suse.com/security/cve/CVE-2022-0294.html https://www.suse.com/security/cve/CVE-2022-0295.html https://www.suse.com/security/cve/CVE-2022-0296.html https://www.suse.com/security/cve/CVE-2022-0297.html https://www.suse.com/security/cve/CVE-2022-0298.html https://www.suse.com/security/cve/CVE-2022-0300.html https://www.suse.com/security/cve/CVE-2022-0301.html https://www.suse.com/security/cve/CVE-2022-0302.html https://www.suse.com/security/cve/CVE-2022-0304.html https://www.suse.com/security/cve/CVE-2022-0305.html https://www.suse.com/security/cve/CVE-2022-0306.html https://www.suse.com/security/cve/CVE-2022-0307.html https://www.suse.com/security/cve/CVE-2022-0308.html https://www.suse.com/security/cve/CVE-2022-0309.html https://www.suse.com/security/cve/CVE-2022-0310.html https://www.suse.com/security/cve/CVE-2022-0311.html https://www.suse.com/security/cve/CVE-2022-0452.html https://www.suse.com/security/cve/CVE-2022-0453.html https://www.suse.com/security/cve/CVE-2022-0454.html https://www.suse.com/security/cve/CVE-2022-0455.html https://www.suse.com/security/cve/CVE-2022-0456.html https://www.suse.com/security/cve/CVE-2022-0457.html https://www.suse.com/security/cve/CVE-2022-0458.html https://www.suse.com/security/cve/CVE-2022-0459.html https://www.suse.com/security/cve/CVE-2022-0460.html https://www.suse.com/security/cve/CVE-2022-0461.html https://www.suse.com/security/cve/CVE-2022-0462.html https://www.suse.com/security/cve/CVE-2022-0463.html https://www.suse.com/security/cve/CVE-2022-0464.html https://www.suse.com/security/cve/CVE-2022-0465.html https://www.suse.com/security/cve/CVE-2022-0466.html https://www.suse.com/security/cve/CVE-2022-0467.html https://www.suse.com/security/cve/CVE-2022-0468.html https://www.suse.com/security/cve/CVE-2022-0469.html https://www.suse.com/security/cve/CVE-2022-0470.html https://www.suse.com/security/cve/CVE-2022-0603.html https://www.suse.com/security/cve/CVE-2022-0604.html https://www.suse.com/security/cve/CVE-2022-0605.html https://www.suse.com/security/cve/CVE-2022-0606.html https://www.suse.com/security/cve/CVE-2022-0607.html https://www.suse.com/security/cve/CVE-2022-0608.html https://www.suse.com/security/cve/CVE-2022-0609.html https://www.suse.com/security/cve/CVE-2022-0610.html https://www.suse.com/security/cve/CVE-2022-0789.html https://www.suse.com/security/cve/CVE-2022-0790.html https://www.suse.com/security/cve/CVE-2022-0791.html https://www.suse.com/security/cve/CVE-2022-0792.html https://www.suse.com/security/cve/CVE-2022-0793.html https://www.suse.com/security/cve/CVE-2022-0794.html https://www.suse.com/security/cve/CVE-2022-0795.html https://www.suse.com/security/cve/CVE-2022-0796.html https://www.suse.com/security/cve/CVE-2022-0797.html https://www.suse.com/security/cve/CVE-2022-0798.html https://www.suse.com/security/cve/CVE-2022-0799.html https://www.suse.com/security/cve/CVE-2022-0800.html https://www.suse.com/security/cve/CVE-2022-0801.html https://www.suse.com/security/cve/CVE-2022-0802.html https://www.suse.com/security/cve/CVE-2022-0803.html https://www.suse.com/security/cve/CVE-2022-0804.html https://www.suse.com/security/cve/CVE-2022-0805.html https://www.suse.com/security/cve/CVE-2022-0806.html https://www.suse.com/security/cve/CVE-2022-0807.html https://www.suse.com/security/cve/CVE-2022-0808.html https://www.suse.com/security/cve/CVE-2022-0809.html https://www.suse.com/security/cve/CVE-2022-1096.html

1 0

openSUSE-SU-2022:0108-1: important: Security update for seamonkey
by opensuse-security＠opensuse.org 08 Apr '22

08 Apr '22

openSUSE Security Update: Security update for seamonkey ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0108-1 Rating: important References: #1185055 #1188564 #1188565 #1191902 #1191904 #1191905 #1191909 #1191910 #1191911 #1191913 #1191914 #1192052 #1194198 #1194232 #1197518 Cross-References: CVE-2021-2163 CVE-2021-2341 CVE-2021-2369 CVE-2021-35556 CVE-2021-35559 CVE-2021-35560 CVE-2021-35564 CVE-2021-35565 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-41035 CVSS scores: CVE-2021-2163 (NVD) : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-2163 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-2341 (NVD) : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-2341 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-2369 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2021-2369 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2021-35556 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35556 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35559 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35560 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-35560 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-35564 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2021-35564 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2021-35565 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35565 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35578 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35578 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35586 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35586 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-35588 (NVD) : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-35588 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-41035 (SUSE): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has three fixes is now available. Description: SeaMonkey was updated to 2.53.11.1: Update to SeaMonkey 2.53.11.1 * Fix edge case when setting IntersectionObserver threshold bug 1758291. * OAuth2 prefs should use realuserName instead of username bug 1518126. * SeaMonkey 2.53.11.1 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.11.1 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.8.0 release notes for specific security fixes in this release. * Additional important security fixes up to Current Firefox 91.7 and Thunderbird 91.7 ESR plus many enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. * Remove obsolete MOZ_EXTENSIONS check in suite * Add connect button to cZ Networks Editor * Remove freenode remnants from ChatZilla in SeaMonkey * Prefer secure over insecure protocol in network list in ChatZilla * Composer - Change tag textbox is not removed after use * Clean up repo links in debugQA * Fix misspelled references to macOS in suite * Remove obsolete references to Java and Flash * Help button not working in delete cert dialog * Rearrange Message Filter Dialog to make room for new features * Use Insert key as shortcut to create new message filters * Rename some variables used in SeaMonkey's FilterListDialog to match Thunderbird's * Implement Copy to New message filter functionality * Add move to top / bottom buttons to message filters * Add preference to not prompt for message filter deletion * Clean up folder handling in FilterListDialog * Add refresh function to Filter list dialog so that it can be updated when already open and new filters are added externally * Use listbox rather than tree in FilterListDialog * MsgFilterList(args) should take targetFilter and pass it to FilterListDialog * Mail&News' start.xhtml: "We" link broken * Add search functionality to filter dialog Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-2022-108=1 openSUSE-SLE-15.3-2022-108=1 Package List: - openSUSE Leap 15.3 (ppc64le s390x x86_64): java-1_8_0-ibm-1.8.0_sr7.0-3.53.1 java-1_8_0-ibm-demo-1.8.0_sr7.0-3.53.1 java-1_8_0-ibm-devel-1.8.0_sr7.0-3.53.1 java-1_8_0-ibm-src-1.8.0_sr7.0-3.53.1 - openSUSE Leap 15.3 (i586 x86_64): seamonkey-2.53.11.1-lp153.17.5.1 seamonkey-debuginfo-2.53.11.1-lp153.17.5.1 seamonkey-debugsource-2.53.11.1-lp153.17.5.1 seamonkey-dom-inspector-2.53.11.1-lp153.17.5.1 seamonkey-irc-2.53.11.1-lp153.17.5.1 - openSUSE Leap 15.3 (x86_64): java-1_8_0-ibm-32bit-1.8.0_sr7.0-3.53.1 java-1_8_0-ibm-alsa-1.8.0_sr7.0-3.53.1 java-1_8_0-ibm-devel-32bit-1.8.0_sr7.0-3.53.1 java-1_8_0-ibm-plugin-1.8.0_sr7.0-3.53.1 References: https://www.suse.com/security/cve/CVE-2021-2163.html https://www.suse.com/security/cve/CVE-2021-2341.html https://www.suse.com/security/cve/CVE-2021-2369.html https://www.suse.com/security/cve/CVE-2021-35556.html https://www.suse.com/security/cve/CVE-2021-35559.html https://www.suse.com/security/cve/CVE-2021-35560.html https://www.suse.com/security/cve/CVE-2021-35564.html https://www.suse.com/security/cve/CVE-2021-35565.html https://www.suse.com/security/cve/CVE-2021-35578.html https://www.suse.com/security/cve/CVE-2021-35586.html https://www.suse.com/security/cve/CVE-2021-35588.html https://www.suse.com/security/cve/CVE-2021-41035.html https://bugzilla.suse.com/1185055 https://bugzilla.suse.com/1188564 https://bugzilla.suse.com/1188565 https://bugzilla.suse.com/1191902 https://bugzilla.suse.com/1191904 https://bugzilla.suse.com/1191905 https://bugzilla.suse.com/1191909 https://bugzilla.suse.com/1191910 https://bugzilla.suse.com/1191911 https://bugzilla.suse.com/1191913 https://bugzilla.suse.com/1191914 https://bugzilla.suse.com/1192052 https://bugzilla.suse.com/1194198 https://bugzilla.suse.com/1194232 https://bugzilla.suse.com/1197518

1 0

openSUSE-SU-2022:1127-1: important: Security update for MozillaFirefox
by opensuse-security＠opensuse.org 07 Apr '22

07 Apr '22

openSUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:1127-1 Rating: important References: #1197698 #1197903 Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289 CVSS scores: CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-24713 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.8.0 ESR (bsc#1197903): MFSA 2022-14 (bsc#1197903) * CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use * CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-1196: Fixed a use-after-free after VR Process destruction * CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument * CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen * CVE-2022-28286: Fixed that iframe contents could be rendered outside the border * CVE-2022-24713: Fixed a denial of service via complex regular expressions * CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 The following non-security bugs were fixed: - Adjust rust dependency for SP3 and later. TW uses always the newest version of rust, but we don't, so we can't use the rust+cargo notation, which would need both < and >= requirements. (bsc#1197698) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1127=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1127=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): MozillaFirefox-91.8.0-150200.152.26.1 MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1 MozillaFirefox-debuginfo-91.8.0-150200.152.26.1 MozillaFirefox-debugsource-91.8.0-150200.152.26.1 MozillaFirefox-devel-91.8.0-150200.152.26.1 MozillaFirefox-translations-common-91.8.0-150200.152.26.1 MozillaFirefox-translations-other-91.8.0-150200.152.26.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): MozillaFirefox-91.8.0-150200.152.26.1 MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1 MozillaFirefox-debuginfo-91.8.0-150200.152.26.1 MozillaFirefox-debugsource-91.8.0-150200.152.26.1 MozillaFirefox-devel-91.8.0-150200.152.26.1 MozillaFirefox-translations-common-91.8.0-150200.152.26.1 MozillaFirefox-translations-other-91.8.0-150200.152.26.1 References: https://www.suse.com/security/cve/CVE-2022-1097.html https://www.suse.com/security/cve/CVE-2022-1196.html https://www.suse.com/security/cve/CVE-2022-24713.html https://www.suse.com/security/cve/CVE-2022-28281.html https://www.suse.com/security/cve/CVE-2022-28282.html https://www.suse.com/security/cve/CVE-2022-28285.html https://www.suse.com/security/cve/CVE-2022-28286.html https://www.suse.com/security/cve/CVE-2022-28289.html https://bugzilla.suse.com/1197698 https://bugzilla.suse.com/1197903

1 0

openSUSE-SU-2022:0105-1: important: Security update for pdns-recursor
by opensuse-security＠opensuse.org 07 Apr '22

07 Apr '22

openSUSE Security Update: Security update for pdns-recursor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0105-1 Rating: important References: #1197525 Cross-References: CVE-2022-27227 CVSS scores: CVE-2022-27227 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27227 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pdns-recursor fixes the following issues: - CVE-2022-27227: Fixed incomplete validation of incoming IXFR transfers. It applies to setups retrieving one or more RPZ zones from a remote server if the network path to the server is not trusted. (boo#1197525) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-105=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64): pdns-recursor-4.3.5-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2022-27227.html https://bugzilla.suse.com/1197525

1 0

openSUSE-SU-2022:0104-1: important: Security update for SDL2
by opensuse-security＠opensuse.org 07 Apr '22

07 Apr '22

openSUSE Security Update: Security update for SDL2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0104-1 Rating: important References: #1181201 #1181202 #1197525 Cross-References: CVE-2020-14409 CVE-2020-14410 CVE-2022-27227 CVSS scores: CVE-2020-14409 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-14409 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-14410 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2020-14410 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-27227 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27227 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for SDL2 fixes the following issues: - CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP (bsc#1181202). - CVE-2020-14410: Fixed heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP (bsc#1181201). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-104=1 - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-104=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): SDL2-debugsource-2.0.8-11.3.1 libSDL2-2_0-0-2.0.8-11.3.1 libSDL2-2_0-0-debuginfo-2.0.8-11.3.1 libSDL2-devel-2.0.8-11.3.1 - openSUSE Leap 15.3 (x86_64): libSDL2-2_0-0-32bit-2.0.8-11.3.1 libSDL2-2_0-0-32bit-debuginfo-2.0.8-11.3.1 libSDL2-devel-32bit-2.0.8-11.3.1 - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64): pdns-4.3.1-bp153.2.3.1 pdns-backend-geoip-4.3.1-bp153.2.3.1 pdns-backend-godbc-4.3.1-bp153.2.3.1 pdns-backend-ldap-4.3.1-bp153.2.3.1 pdns-backend-lua-4.3.1-bp153.2.3.1 pdns-backend-mysql-4.3.1-bp153.2.3.1 pdns-backend-postgresql-4.3.1-bp153.2.3.1 pdns-backend-remote-4.3.1-bp153.2.3.1 pdns-backend-sqlite3-4.3.1-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-14409.html https://www.suse.com/security/cve/CVE-2020-14410.html https://www.suse.com/security/cve/CVE-2022-27227.html https://bugzilla.suse.com/1181201 https://bugzilla.suse.com/1181202 https://bugzilla.suse.com/1197525

1 0

openSUSE-SU-2022:0103-1: important: Security update for opera
by opensuse-security＠opensuse.org 04 Apr '22

04 Apr '22

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0103-1 Rating: important References: Cross-References: CVE-2022-0789 CVE-2022-0790 CVE-2022-0791 CVE-2022-0792 CVE-2022-0793 CVE-2022-0794 CVE-2022-0795 CVE-2022-0796 CVE-2022-0797 CVE-2022-0798 CVE-2022-0799 CVE-2022-0800 CVE-2022-0801 CVE-2022-0802 CVE-2022-0803 CVE-2022-0804 CVE-2022-0805 CVE-2022-0806 CVE-2022-0807 CVE-2022-0808 CVE-2022-0809 CVE-2022-1096 Affected Products: openSUSE Leap 15.3:NonFree ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: This update for opera fixes the following issues: Opera was updated to 85.0.4341.28 - CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84 - DNA-98092 Crash at views::MenuItemView::GetMenuController() - DNA-98278 Translations for O85 - DNA-98320 [Mac] Unable to delete recent search entries - DNA-98614 Show recent searches for non-BABE users - DNA-98615 Allow removal of recent searches - DNA-98616 Add recent searches to ��old�� BABE - DNA-98617 Make it possible to disable ad-blocker per-country - DNA-98651 Remove Instagram and Facebook Messenger in Russia - DNA-98653 Add flag #recent-searches - DNA-98696 smoketest PageInfoHistoryDataSourceTest.FormatTimestampString failing - DNA-98703 Port Chromium issue 1309225 to Opera Stable - The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096 - Changes in 85.0.4341.18 - CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51 - DNA-98059 [Linux] Crash at opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled - DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get() - DNA-98126 System crash dialog shown on macOS <= 10.15 - DNA-98331 [Snap] Meme generator cropping / resizing broken - DNA-98394 Audio tab indicator set to "muted" on videoconferencing sites - DNA-98481 Report errors in opauto_collector - The update to chromium 99.0.4844.51 fixes following issues: CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792, CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796, CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800, CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804, CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809 - Changes in 85.0.4341.13 - DNA-94119 Upgrade curl to 7.81.0 - DNA-97849 [Mac monterey] System shortcut interfere with Opera��s `ToggleSearchInOpenTabs` shortcut - DNA-98204 Automatic popout happens when video is paused - DNA-98231 Shortcuts are blocked by displayed tab tooltip when triggered quickly after tooltip appears - DNA-98321 Add thinlto-cache warnings to suppression list - DNA-98395 Promote O85 to stable - Complete Opera 85.0 changelog at: https://blogs.opera.com/desktop/changelog-for-85/ - Update to 84.0.4316.42 - DNA-94119 Upgrade curl to 7.81.0 - DNA-98092 Crash at views::MenuItemView::GetMenuController() - DNA-98204 Automatic popout happens when video is paused - DNA-98231 Shortcuts are blocked by displayed tab tooltip when triggered quickly after tooltip appears - Update to 84.0.4316.31 - CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109 - DNA-97573 [Win][Lin]��Close tab�� button is not displayed on tabs playing media when many tabs are open - DNA-97729 cancelling the process uploading custom Wallpaper crashes the browser - DNA-97871 Google meet tab��s icons don��t fit on pinned tab - DNA-97872 Tab is being unpinned when video conferencing button is clicked - DNA-98039 Dark theme top sites have black background - DNA-98117 Clicking current tab information should hide tooltip Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3:NonFree: zypper in -t patch openSUSE-2022-103=1 Package List: - openSUSE Leap 15.3:NonFree (x86_64): opera-85.0.4341.28-lp153.2.42.1 References: https://www.suse.com/security/cve/CVE-2022-0789.html https://www.suse.com/security/cve/CVE-2022-0790.html https://www.suse.com/security/cve/CVE-2022-0791.html https://www.suse.com/security/cve/CVE-2022-0792.html https://www.suse.com/security/cve/CVE-2022-0793.html https://www.suse.com/security/cve/CVE-2022-0794.html https://www.suse.com/security/cve/CVE-2022-0795.html https://www.suse.com/security/cve/CVE-2022-0796.html https://www.suse.com/security/cve/CVE-2022-0797.html https://www.suse.com/security/cve/CVE-2022-0798.html https://www.suse.com/security/cve/CVE-2022-0799.html https://www.suse.com/security/cve/CVE-2022-0800.html https://www.suse.com/security/cve/CVE-2022-0801.html https://www.suse.com/security/cve/CVE-2022-0802.html https://www.suse.com/security/cve/CVE-2022-0803.html https://www.suse.com/security/cve/CVE-2022-0804.html https://www.suse.com/security/cve/CVE-2022-0805.html https://www.suse.com/security/cve/CVE-2022-0806.html https://www.suse.com/security/cve/CVE-2022-0807.html https://www.suse.com/security/cve/CVE-2022-0808.html https://www.suse.com/security/cve/CVE-2022-0809.html https://www.suse.com/security/cve/CVE-2022-1096.html

1 0

openSUSE-SU-2022:1100-1: important: Security update for 389-ds
by opensuse-security＠opensuse.org 04 Apr '22

04 Apr '22

openSUSE Security Update: Security update for 389-ds ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:1100-1 Rating: important References: #1194068 #1194084 #1197275 #1197345 Cross-References: CVE-2022-0918 CVE-2022-0996 CVSS scores: CVE-2022-0918 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-0918 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-0996 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-0996 (SUSE): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for 389-ds fixes the following issues: - CVE-2022-0918: Fixed a potential denial of service via crafted packet (bsc#1197275). - CVE-2022-0996: Fixed a mishandling of password expiry (bsc#1197345). - Resolved LDAP-Support not working with DHCP by adding required schema (bsc#1194068) - Resolved multiple index migration bug (bsc#1194084) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1100=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): 389-ds-1.4.4.19~git28.b12c72226-150300.3.12.1 389-ds-debuginfo-1.4.4.19~git28.b12c72226-150300.3.12.1 389-ds-debugsource-1.4.4.19~git28.b12c72226-150300.3.12.1 389-ds-devel-1.4.4.19~git28.b12c72226-150300.3.12.1 389-ds-snmp-1.4.4.19~git28.b12c72226-150300.3.12.1 389-ds-snmp-debuginfo-1.4.4.19~git28.b12c72226-150300.3.12.1 lib389-1.4.4.19~git28.b12c72226-150300.3.12.1 libsvrcore0-1.4.4.19~git28.b12c72226-150300.3.12.1 libsvrcore0-debuginfo-1.4.4.19~git28.b12c72226-150300.3.12.1 References: https://www.suse.com/security/cve/CVE-2022-0918.html https://www.suse.com/security/cve/CVE-2022-0996.html https://bugzilla.suse.com/1194068 https://bugzilla.suse.com/1194084 https://bugzilla.suse.com/1197275 https://bugzilla.suse.com/1197345

1 0

openSUSE-SU-2022:1091-1: moderate: Security update for python
by opensuse-security＠opensuse.org 01 Apr '22

01 Apr '22

openSUSE Security Update: Security update for python ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:1091-1 Rating: moderate References: #1175619 #1186819 #1194146 #1195396 Cross-References: CVE-2021-3572 CVE-2021-4189 CVE-2022-0391 CVSS scores: CVE-2021-3572 (SUSE): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N CVE-2021-4189 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-0391 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2022-0391 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for python fixes the following issues: - CVE-2022-0391: Fixed URL sanitization containing ASCII newline and tabs in urlparse (bsc#1195396). - CVE-2021-4189: Fixed ftplib not to trust the PASV response (bsc#1194146). - CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1091=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1091=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.18-150000.38.2 libpython2_7-1_0-debuginfo-2.7.18-150000.38.2 python-2.7.18-150000.38.1 python-base-2.7.18-150000.38.2 python-base-debuginfo-2.7.18-150000.38.2 python-base-debugsource-2.7.18-150000.38.2 python-curses-2.7.18-150000.38.1 python-curses-debuginfo-2.7.18-150000.38.1 python-debuginfo-2.7.18-150000.38.1 python-debugsource-2.7.18-150000.38.1 python-demo-2.7.18-150000.38.1 python-devel-2.7.18-150000.38.2 python-gdbm-2.7.18-150000.38.1 python-gdbm-debuginfo-2.7.18-150000.38.1 python-idle-2.7.18-150000.38.1 python-tk-2.7.18-150000.38.1 python-tk-debuginfo-2.7.18-150000.38.1 python-xml-2.7.18-150000.38.2 python-xml-debuginfo-2.7.18-150000.38.2 - openSUSE Leap 15.4 (noarch): python-doc-2.7.18-150000.38.1 python-doc-pdf-2.7.18-150000.38.1 - openSUSE Leap 15.4 (x86_64): libpython2_7-1_0-32bit-2.7.18-150000.38.2 libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.38.2 python-32bit-2.7.18-150000.38.1 python-32bit-debuginfo-2.7.18-150000.38.1 python-base-32bit-2.7.18-150000.38.2 python-base-32bit-debuginfo-2.7.18-150000.38.2 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.18-150000.38.2 libpython2_7-1_0-debuginfo-2.7.18-150000.38.2 python-2.7.18-150000.38.1 python-base-2.7.18-150000.38.2 python-base-debuginfo-2.7.18-150000.38.2 python-base-debugsource-2.7.18-150000.38.2 python-curses-2.7.18-150000.38.1 python-curses-debuginfo-2.7.18-150000.38.1 python-debuginfo-2.7.18-150000.38.1 python-debugsource-2.7.18-150000.38.1 python-demo-2.7.18-150000.38.1 python-devel-2.7.18-150000.38.2 python-gdbm-2.7.18-150000.38.1 python-gdbm-debuginfo-2.7.18-150000.38.1 python-idle-2.7.18-150000.38.1 python-tk-2.7.18-150000.38.1 python-tk-debuginfo-2.7.18-150000.38.1 python-xml-2.7.18-150000.38.2 python-xml-debuginfo-2.7.18-150000.38.2 - openSUSE Leap 15.3 (x86_64): libpython2_7-1_0-32bit-2.7.18-150000.38.2 libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.38.2 python-32bit-2.7.18-150000.38.1 python-32bit-debuginfo-2.7.18-150000.38.1 python-base-32bit-2.7.18-150000.38.2 python-base-32bit-debuginfo-2.7.18-150000.38.2 - openSUSE Leap 15.3 (noarch): python-doc-2.7.18-150000.38.1 python-doc-pdf-2.7.18-150000.38.1 References: https://www.suse.com/security/cve/CVE-2021-3572.html https://www.suse.com/security/cve/CVE-2021-4189.html https://www.suse.com/security/cve/CVE-2022-0391.html https://bugzilla.suse.com/1175619 https://bugzilla.suse.com/1186819 https://bugzilla.suse.com/1194146 https://bugzilla.suse.com/1195396

1 0

openSUSE-SU-2022:1073-1: moderate: Security update for yaml-cpp
by opensuse-security＠opensuse.org 01 Apr '22

01 Apr '22

openSUSE Security Update: Security update for yaml-cpp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:1073-1 Rating: moderate References: #1121227 #1121230 #1122004 #1122021 Cross-References: CVE-2018-20573 CVE-2018-20574 CVE-2019-6285 CVE-2019-6292 CVSS scores: CVE-2018-20573 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-20573 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-20574 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-20574 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2019-6285 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-6285 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2019-6292 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-6292 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue (bsc#1121227). - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap (bsc#1121230). - CVE-2019-6285: Fixed remote DOS via a crafted YAML file in function SingleDocParser::HandleFlowSequence (bsc#1122004). - CVE-2019-6292: Fixed DOS by stack consumption in singledocparser.cpp (bsc#1122021). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1073=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libyaml-cpp0_6-0.6.1-4.5.1 libyaml-cpp0_6-debuginfo-0.6.1-4.5.1 yaml-cpp-debugsource-0.6.1-4.5.1 yaml-cpp-devel-0.6.1-4.5.1 References: https://www.suse.com/security/cve/CVE-2018-20573.html https://www.suse.com/security/cve/CVE-2018-20574.html https://www.suse.com/security/cve/CVE-2019-6285.html https://www.suse.com/security/cve/CVE-2019-6292.html https://bugzilla.suse.com/1121227 https://bugzilla.suse.com/1121230 https://bugzilla.suse.com/1122004 https://bugzilla.suse.com/1122021

1 0