openSUSE Security Update: Opera 11.01 fixes several critical security bugs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0103-1 Rating: important References: #667639 Cross-References: CVE-2011-0681 CVE-2011-0682 CVE-2011-0683 CVE-2011-0684 CVE-2011-0685 CVE-2011-0686 CVE-2011-0687 Affected Products: openSUSE 11.3 openSUSE 11.2 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. It includes one version update. Description: Opera 11.01 fixes several critical security bugs: - CVE-2011-0681: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Other (CWE-Other) - CVE-2011-0682: CVSS v2 Base Score: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C): Buffer Errors (CWE-119) - CVE-2011-0683: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Other (CWE-Other) - CVE-2011-0684: CVSS v2 Base Score: 7.8 (HIGH) (AV:N/AC:L/Au:N/C:C/I:N/A:N): Input Validation (CWE-20) - CVE-2011-0685: CVSS v2 Base Score: 3.6 (LOW) (AV:L/AC:L/Au:N/C:P/I:P/A:N): Input Validation (CWE-20) - CVE-2011-0686: CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Insufficient Information (CWE-noinfo) - CVE-2011-0687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch opera-3919 - openSUSE 11.2: zypper in -t patch opera-3919 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version: 11.01]: opera-11.01-1.2.1 opera-gtk-11.01-1.2.1 opera-kde4-11.01-1.2.1 - openSUSE 11.2 (i586 x86_64) [New Version: 11.01]: opera-11.01-1.2.1 opera-gtk-11.01-1.2.1 opera-kde4-11.01-1.2.1 References: http://support.novell.com/security/cve/CVE-2011-0681.html http://support.novell.com/security/cve/CVE-2011-0682.html http://support.novell.com/security/cve/CVE-2011-0683.html http://support.novell.com/security/cve/CVE-2011-0684.html http://support.novell.com/security/cve/CVE-2011-0685.html http://support.novell.com/security/cve/CVE-2011-0686.html http://support.novell.com/security/cve/CVE-2011-0687.html https://bugzilla.novell.com/667639