openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0016-1 Rating: important References: Cross-References: CVE-2024-0222 CVE-2024-0223 CVE-2024-0224 CVE-2024-0225 CVSS scores: CVE-2024-0222 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-0223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-0224 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-0225 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.5:NonFree ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for opera fixes the following issues: opera was updated to 106.0.4998.28 * CHR-9566 Update Chromium on desktop-stable-120-4998 to 120.0.6099.200 * DNA-113161 [Weather] 'Weather Location' description is almost invisible in dark mode * DNA-113351 'Previous tile' should be the same size as 'next tile' * DNA-113443 Crash at opera::ComponentTabCyclerView:: HighlightContents(content::WebContents*, bool) * DNA-114170 [Google Meet][Tab] Links from Google Meet open as blank tabs till change workspace - The update to chromium 120.0.6099.200 fixes following issues: CVE-2024-0222, CVE-2024-0223, CVE-2024-0224, CVE-2024-0225 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2024-16=1 Package List: - openSUSE Leap 15.5:NonFree (x86_64): opera-106.0.4998.28-lp155.3.30.1 References: https://www.suse.com/security/cve/CVE-2024-0222.html https://www.suse.com/security/cve/CVE-2024-0223.html https://www.suse.com/security/cve/CVE-2024-0224.html https://www.suse.com/security/cve/CVE-2024-0225.html