openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0114-1 Rating: important References: Cross-References: CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 CVE-2023-1228 CVE-2023-1229 CVE-2023-1230 CVE-2023-1231 CVE-2023-1232 CVE-2023-1233 CVE-2023-1234 CVE-2023-1235 CVE-2023-1236 CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533 CVE-2023-1534 CVE-2023-2033 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2721 CVE-2023-2722 CVE-2023-2723 CVE-2023-2724 CVE-2023-2725 CVE-2023-2726 CVSS scores: CVE-2023-1213 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1214 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1215 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1216 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1217 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2023-1218 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1219 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1220 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1221 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1222 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1223 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2023-1224 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1225 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1226 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2023-1227 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1228 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1229 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1230 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1231 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1232 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2023-1233 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2023-1234 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1235 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2023-1236 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-1528 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1529 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-1530 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1531 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1532 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1533 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-1534 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2033 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2133 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2134 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2135 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2136 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2023-2137 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2721 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2722 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2723 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2724 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2725 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-2726 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.4:NonFree ______________________________________________________________________________ An update that fixes 43 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 99.0.4788.13 * CHR-9290 Update Chromium on desktop-stable-113-4788 to 113.0.5672.127 * DNA-107317 __delayLoadHelper2 crash in crashreporter - The update to chromium 113.0.5672.127 fixes following issues: CVE-2023-2721, CVE-2023-2722, CVE-2023-2723, CVE-2023-2724, CVE-2023-2725, CVE-2023-2726 - Update to 99.0.4788.9 * CHR-9283 Update Chromium on desktop-stable-113-4788 to 113.0.5672.93 * DNA-107638 Translations for O99 * DNA-107678 Crash Report [@ BrowserContextKeyedServiceFactory:: BrowserContextKeyedServiceFactory(char const*, BrowserContextDependencyManager*) ] * DNA-107795 Fix wrong german translation of 'Close All Duplicate Tabs' * DNA-107800 Fonts on section#folder and AddSitePanel not readable when animated wallpaper chosen * DNA-107840 Promote O99 to stable - Update to 98.0.4759.39 * DNA-102363 ChromeFileSystemAccessPermissionContextTest. ConfirmSensitiveEntryAccess_DangerousFile fails * DNA-105534 [Add to Opera] Incorrect scroll on modal when browser window size is too small * DNA-106649 Opening new tab when pinned tab is active gives 2 active tabs * DNA-107226 Speed Dial freezes and empty space remains after Continue booking tile dragging * DNA-107435 Building archive_source_release target fails * DNA-107441 [Start page] Right mouse click on tile in continue on section opens target site in current tab * DNA-107508 Crash at permissions::PermissionRecoverySuccessRate Tracker::TrackUsage(ContentSettingsType) * DNA-107528 Handle real-time SD impression reporting * DNA-107546 Context menus broken with one workspace * DNA-107548 Paste from Context Menu doesn���t work for Search on StartPage * DNA-107560 Optimize real-time SD impression reporting - Update to 98.0.4759.15 * CHR-9259 Update Chromium on desktop-stable-112-4759 to 112.0.5615.121 * CHR-9264 Update Chromium on desktop-stable-112-4759 to 112.0.5615.165 * DNA-104949 Cleanup reauthorizer and permission * DNA-106748 Presubmit problems * DNA-107262 Delete faulty translations - The update to chromium 112.0.5615.165 fixes following issues: CVE-2023-2133, CVE-2023-2134, CVE-2023-2135, CVE-2023-2136, CVE-2023-2137 - Changes in 98.0.4759.6 * CHR-9255 Update Chromium on desktop-stable-112-4759 to 112.0.5615.87 * DNA-106342 Crash when blocking cookies in sidebar web.infobars::InfoBarManager::AddInfoBar(std::Cr::unique_ptr, bool) * DNA-107054 Apply patch for CVE-2023-2033 * DNA-107141 Promote O98 to stable * DNA-107142 Translations for O98 - Update to 97.0.4719.83 * DNA-106342 Crash when blocking cookies in sidebar web. infobars::InfoBarManager::AddInfoBar(std::Cr::unique_ptr, bool) * DNA-106550 [SD][Drag&Drop] Create a static manual layout for speed dials * DNA-106791 Run smoketests on mac arm builds * DNA-107054 Apply patch for CVE-2023-2033 - Remove setup_repo.sh, fix non-executable-script rpmlint warning and we do not want create a repo - Update to 97.0.4719.63 * CHR-9245 Update Chromium on desktop-stable-111-4719 to 111.0.5563.147 * DNA-105919 Set new Baidu search string * DNA-106168 EasySetup update - Update to 97.0.4719.43 * CHR-9236 Update Chromium on desktop-stable-111-4719 to 111.0.5563.111 * DNA-105141 Tabs to the right of the currently active one swap their position with another when clicked * DNA-106044 Translations for O97 * DNA-106300 Fix rule for generating archive_browser_sym_files on crossplatform builds * DNA-106412 Content of popup not generated for some extensions when using more then one worksapce * DNA-106433 Extend Easy Setup API * DNA-106435 Increase timeout for the welcome page * DNA-106453 Public build from desktop-stable-111-4719 do not compile - The update to chromium 111.0.5563.111 fixes following issues: CVE-2023-1528, CVE-2023-1529, CVE-2023-1530, CVE-2023-1531, CVE-2023-1532, CVE-2023-1533, CVE-2023-1534 - Update to 97.0.4719.28 * DNA-106303 Extension should get proper parent window id from the sidebar API * DNA-106366 Opera crypto crashes on startup during session restore - Changes in 97.0.4719.26 * CHR-9225 Update Chromium on desktop-stable-111-4719 to 111.0.5563.65 * DNA-102778 Goth reports error for utils_api test * DNA-104983 Missing encryption option in sync settings * DNA-105293 add RateMe feature to Speed Dials and Suggested Speed Dials section * DNA-105299 Opera crash when closing tab by middle mouse button * DNA-105712 Update linux sandbox dependency for browsertests * DNA-105787 Settings extended with the AI section * DNA-105865 Add reload option for panels in opr.browserSidebarPrivate namespace * DNA-105944 Update checking of widevine certificate expiration to be independent from dateformat * DNA-105959 Update texts ��� native part * DNA-105961 Import translated texts ��� native part * DNA-105967 Crash at base::ObserverList::RemoveObserver(PrefObserver const*) * DNA-105973 Turn on #tab-tooltip-close-tabs on all streams * DNA-106061 Hide extension popup * DNA-106062 [Stable A/B Test] React Start Page for Austria, Italy, Spain and France 50% * DNA-106068 Extension shows if developer mode is enabled * DNA-106070 Feedback window for highlight popup displayed in wrong place * DNA-106079 EasySetup Disclaimer ��� Reduce size * DNA-106085 Crash at TabHoverCardController::OnViewIsDeleting(views::View*) * DNA-106086 Player home page does not show images in dark mode * DNA-106096 Increase prompt window in AB width * DNA-106109 Teasers on start page don���t show transparency * DNA-106114 AI Prompts button is after Reader Mode icon * DNA-106168 EasySetup update * DNA-106212 Promote O97 to stable * DNA-106225 Enable #shodan-extension for all streams * DNA-106229 Update J5 texts - The update to chromium 111.0.5563.65 fixes following issues: CVE-2023-1213, CVE-2023-1214, CVE-2023-1215, CVE-2023-1216, CVE-2023-1217, CVE-2023-1218, CVE-2023-1219, CVE-2023-1220, CVE-2023-1221, CVE-2023-1222, CVE-2023-1223, CVE-2023-1224, CVE-2023-1225, CVE-2023-1226, CVE-2023-1227, CVE-2023-1228, CVE-2023-1229, CVE-2023-1230, CVE-2023-1231, CVE-2023-1232, CVE-2023-1233, CVE-2023-1234, CVE-2023-1235, CVE-2023-1236 - Update to 96.0.4693.80 * CHR-9221 Update Chromium on desktop-stable-110-4693 to 110.0.5481.192 * DNA-104501 Opera don���t work with #high-efficiency-mode-available flag * DNA-105860 Enable #google-suggest-entities on all streams * DNA-106062 [Stable A/B Test] React Start Page for Austria, Italy, Spain and France 50% - Update to 96.0.4693.50 * DNA-104420 Creating mechanism to detect specific shortcut * DNA-104742 Wrong button place in opera tools section in sidebar menu * DNA-105141 Tabs to the right of the currently active one swap their position with another when clicked * DNA-105426 Add provisioning profiles during builds signing * DNA-105506 Replace all references to opera-api.com domain with opera-api2.com * DNA-105536 Enable kFeatureExtendedUnstoppableDomains for desktop * DNA-105727 [Rich Hints] Screenshot event must not collide with native PrtScr notification. * DNA-105740 [Rich Hints] Add event_user_survey to the whitelist Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4:NonFree: zypper in -t patch openSUSE-2023-114=1 Package List: - openSUSE Leap 15.4:NonFree (x86_64): opera-99.0.4788.13-lp154.2.47.1 References: https://www.suse.com/security/cve/CVE-2023-1213.html https://www.suse.com/security/cve/CVE-2023-1214.html https://www.suse.com/security/cve/CVE-2023-1215.html https://www.suse.com/security/cve/CVE-2023-1216.html https://www.suse.com/security/cve/CVE-2023-1217.html https://www.suse.com/security/cve/CVE-2023-1218.html https://www.suse.com/security/cve/CVE-2023-1219.html https://www.suse.com/security/cve/CVE-2023-1220.html https://www.suse.com/security/cve/CVE-2023-1221.html https://www.suse.com/security/cve/CVE-2023-1222.html https://www.suse.com/security/cve/CVE-2023-1223.html https://www.suse.com/security/cve/CVE-2023-1224.html https://www.suse.com/security/cve/CVE-2023-1225.html https://www.suse.com/security/cve/CVE-2023-1226.html https://www.suse.com/security/cve/CVE-2023-1227.html https://www.suse.com/security/cve/CVE-2023-1228.html https://www.suse.com/security/cve/CVE-2023-1229.html https://www.suse.com/security/cve/CVE-2023-1230.html https://www.suse.com/security/cve/CVE-2023-1231.html https://www.suse.com/security/cve/CVE-2023-1232.html https://www.suse.com/security/cve/CVE-2023-1233.html https://www.suse.com/security/cve/CVE-2023-1234.html https://www.suse.com/security/cve/CVE-2023-1235.html https://www.suse.com/security/cve/CVE-2023-1236.html https://www.suse.com/security/cve/CVE-2023-1528.html https://www.suse.com/security/cve/CVE-2023-1529.html https://www.suse.com/security/cve/CVE-2023-1530.html https://www.suse.com/security/cve/CVE-2023-1531.html https://www.suse.com/security/cve/CVE-2023-1532.html https://www.suse.com/security/cve/CVE-2023-1533.html https://www.suse.com/security/cve/CVE-2023-1534.html https://www.suse.com/security/cve/CVE-2023-2033.html https://www.suse.com/security/cve/CVE-2023-2133.html https://www.suse.com/security/cve/CVE-2023-2134.html https://www.suse.com/security/cve/CVE-2023-2135.html https://www.suse.com/security/cve/CVE-2023-2136.html https://www.suse.com/security/cve/CVE-2023-2137.html https://www.suse.com/security/cve/CVE-2023-2721.html https://www.suse.com/security/cve/CVE-2023-2722.html https://www.suse.com/security/cve/CVE-2023-2723.html https://www.suse.com/security/cve/CVE-2023-2724.html https://www.suse.com/security/cve/CVE-2023-2725.html https://www.suse.com/security/cve/CVE-2023-2726.html