openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0001-1 Rating: important References: Cross-References: CVE-2023-6702 CVE-2023-6703 CVE-2023-6704 CVE-2023-6705 CVE-2023-6706 CVE-2023-6707 CVE-2023-7024 CVSS scores: CVE-2023-6702 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6703 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6704 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6704 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6705 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6706 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6707 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-7024 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.4:NonFree ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 106.0.4998.19 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-113887 Translations for O106 - The update to chromium 120.0.6099.130 fixes following issues: CVE-2023-7024 - Update to 106.0.4998.16 * CHR-9553 Update Chromium on desktop-stable-120-4998 to 120.0.6099.109 * DNA-112522 'Find in page' option does not show text cursor * DNA-113349 Lucid mode strength in full settings bar is visible only after change * DNA-113462 Crash at opera::fcm::FcmRegistrationServiceImpl:: RemoveTokenObserverForClient(opera::fcm::FcmClient*, syncer::FCMRegistrationTokenObserver*) * DNA-113748 Split preview shows on videoconferencing * DNA-114091 Promote 106 to stable - Complete Opera 106 changelog at: https://blogs.opera.com/desktop/changelog-for-106/ - The update to chromium 120.0.6099.109 fixes following issues: CVE-2023-6702, CVE-2023-6703, CVE-2023-6704, CVE-2023-6705, CVE-2023-6706, CVE-2023-6707 - Update to 105.0.4970.48 * DNA-112522 'Find in page' option does not show text cursor Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4:NonFree: zypper in -t patch openSUSE-2024-1=1 Package List: - openSUSE Leap 15.4:NonFree (x86_64): opera-106.0.4998.19-lp154.2.68.1 References: https://www.suse.com/security/cve/CVE-2023-6702.html https://www.suse.com/security/cve/CVE-2023-6703.html https://www.suse.com/security/cve/CVE-2023-6704.html https://www.suse.com/security/cve/CVE-2023-6705.html https://www.suse.com/security/cve/CVE-2023-6706.html https://www.suse.com/security/cve/CVE-2023-6707.html https://www.suse.com/security/cve/CVE-2023-7024.html