openSUSE-SU-2023:0337-1: important: Security update for opera
openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0337-1 Rating: important References: Cross-References: CVE-2023-5218 CVE-2023-5473 CVE-2023-5474 CVE-2023-5475 CVE-2023-5476 CVE-2023-5477 CVE-2023-5478 CVE-2023-5479 CVE-2023-5481 CVE-2023-5483 CVE-2023-5484 CVE-2023-5485 CVE-2023-5486 CVE-2023-5487 CVSS scores: CVE-2023-5218 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-5473 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2023-5474 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-5475 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2023-5476 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-5477 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-5478 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2023-5479 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2023-5481 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2023-5483 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2023-5484 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2023-5485 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-5486 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2023-5487 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 15.4:NonFree ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 104.0.4944.23 * DNA-110465 [Scrollable tab strip] Weird animation when closing tab * DNA-112021 Favicons disappear from history after being hovered over * DNA-112310 Put opening animation on start page behind a flag * DNA-112462 Crash at opera::SidebarItemViewImpl:: StateChanged(views::Button::ButtonState) * DNA-112464 Crash at anonymous namespace::SwitchToTabButton:: OnThemeChanged() * DNA-112518 Force Default as last used Profile * DNA-112534 Set profiles_order to Default dir - Changes in 104.0.4944.18 * CHR-9471 Update Chromium on desktop-stable-118-4944 to 118.0.5993.71 * DNA-111704 chrome.webRequest.onHeadersReceived event is not fired for extension if page opened from SpeedDial tile * DNA-111878 Highlighting of tabs and bookmarks in dark mode is almost invisible. * DNA-111883 [Address bar] Hover effect on page is placed too high * DNA-111922 [Linux] Change Opera beta application icon * DNA-111955 Reduce colors used in Opera as much as possible * DNA-112075 Rename palette colors in theme for better reusability * DNA-112108 Fix dangling WebContents ptr bound to TabSnoozeInfobarDelegate::Show callback * DNA-112222 Tab in island not marked as active * DNA-112242 Disable feature flag #platform-h264-decoder-in-gpu by default on stable channel * DNA-112265 Promote 104 to stable * DNA-112312 Turn on #wallet-selector on all streams * DNA-112313 Enable #pinboard-popup-refresh on all streams * DNA-112426 [profile migration] Renaming invalid Default to Default.old is not needed anymore - The update to chromium 118.0.5993.71 fixes following issues: CVE-2023-5218, CVE-2023-5487, CVE-2023-5484, CVE-2023-5475, CVE-2023-5483, CVE-2023-5481, CVE-2023-5476, CVE-2023-5474, CVE-2023-5479, CVE-2023-5485, CVE-2023-5478, CVE-2023-5477, CVE-2023-5486, CVE-2023-5473 - Complete Opera 104 changelog at: https://blogs.opera.com/desktop/changelog-for-104/ - Update to 103.0.4928.34 * DNA-111680 Fix highlight of bookmarks bar folder elements * DNA-111703 O icon moves upon opening menu * DNA-111883 [Address bar] Hover effect on page is placed too high * DNA-111940 OMenu text displaced to the right without any indentation * DNA-112118 Crash at history::URLDatabase:: CreateContinueOnIndexIfNeeded(std::__Cr::vector) - Update to 103.0.4928.26 * DNA-111681 Disappearing icons of bookmarks bar folders elements * DNA-112020 Enable #address-bar-dropdown-cities on all streams Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4:NonFree: zypper in -t patch openSUSE-2023-337=1 Package List: - openSUSE Leap 15.4:NonFree (x86_64): opera-104.0.4944.23-lp154.2.56.1 References: https://www.suse.com/security/cve/CVE-2023-5218.html https://www.suse.com/security/cve/CVE-2023-5473.html https://www.suse.com/security/cve/CVE-2023-5474.html https://www.suse.com/security/cve/CVE-2023-5475.html https://www.suse.com/security/cve/CVE-2023-5476.html https://www.suse.com/security/cve/CVE-2023-5477.html https://www.suse.com/security/cve/CVE-2023-5478.html https://www.suse.com/security/cve/CVE-2023-5479.html https://www.suse.com/security/cve/CVE-2023-5481.html https://www.suse.com/security/cve/CVE-2023-5483.html https://www.suse.com/security/cve/CVE-2023-5484.html https://www.suse.com/security/cve/CVE-2023-5485.html https://www.suse.com/security/cve/CVE-2023-5486.html https://www.suse.com/security/cve/CVE-2023-5487.html
participants (1)
-
opensuse-security@opensuse.org