openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0385-1 Rating: important References: Cross-References: CVE-2023-5997 CVE-2023-6112 CVSS scores: CVE-2023-5997 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2023-6112 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.4:NonFree ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 105.0.4970.21 * DNA-112425 Choosing Workspace Icons doesn’t work as expected * DNA-112787 glow around tiles in Top Sites section in BABE in dark theme - The update to chromium 119.0.6045.159 fixes following issues: CVE-2023-5997, CVE-2023-6112 - Update to 105.0.4970.16 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-111903 [Lin] [Component-based-scrollbar] Old design is displayed on Ubuntu 20.04 * DNA-112914 Visual glitch with HWA enabled in some random places * DNA-113137 [WinLin][Sidebar autohide] Sidebar panel is not connected with sidebar - Update to 105.0.4970.13 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-111885 [Address bar] Hover effect on padlock icon is not rounded * DNA-112411 Active Tab in Tab Island in Dark Mode should have different colour * DNA-112431 Dragging tab quickly past last island on the right, causes tab to be dropped at the end of tab strip instead of at location of the cursor * DNA-112878 [Tab strip] Detached tab not restored after restarting browser * DNA-112900 Crash at opera::component_based:: ComponentTabDragController::StopViewDragging * DNA-112996 Translations for O105 * DNA-113213 Promote 105 to stable - Complete Opera 105 changelog at: https://blogs.opera.com/desktop/changelog-for-105/ - Update to 104.0.4944.54 * DNA-111938 Option 'Automatically hide sidebar' and Full screen makes Opera freeze * DNA-112241 Stuttering video on some systems with OOP SW H.264 decoding * DNA-112636 [Tab strip] Detach button on meeting tabs moves on hover and is replaced by close tab * DNA-112862 Crash at extensions::BookmarksPrivateAPI:: OnListenerAdded(extensions::EventListenerInfo const&) * DNA-112990 Crash when closing tab tooltip and opening Search tabs Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4:NonFree: zypper in -t patch openSUSE-2023-385=1 Package List: - openSUSE Leap 15.4:NonFree (x86_64): opera-105.0.4970.21-lp154.2.62.1 References: https://www.suse.com/security/cve/CVE-2023-5997.html https://www.suse.com/security/cve/CVE-2023-6112.html