Описание
Security update for opera
This update for opera fixes the following issues:
-
Update to version 70.0.3728.71
- DNA-86267 Make
Recently closed tabsappearance consistent withSearch for open tabs. - DNA-86988 Opera 70 translations
- DNA-87530 Zen news leads not loading
- DNA-87636 Fix displaying folder icon for closed windows in recently closed list
- DNA-87682 Replace Extensions icon in toolbar with icon from sidebar
- DNA-87756 Extend chrome.sessions.getRecentlyClosed with information about last active tab in window.
- DNA-87778 Crash at opera::InstantSearchViewViews:: ~InstantSearchViewViews()
- DNA-87815 Change affiliate links for AliExpress Search
- DNA-86267 Make
-
Update to version 70.0.3728.59
- CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89
- DNA-87019 The video image does not respond to the pressing after closed the “Quit Opera?” dialog
- DNA-87342 Fix right padding in settings > weather section
- DNA-87427 Remove unneeded information from the requests’ diagnostics
- DNA-87560 Crash at views::Widget::GetNativeView()
- DNA-87561 Crash at CRYPTO_BUFFER_len
- DNA-87599 Bypass VPN for default search engines doesn’t work
- DNA-87611 Unittests fails on declarativeNetRequest and declarativeNetRequestFeedback permissions
- DNA-87612 [Mac] Misaligned icon in address bar
- DNA-87619 [Win/Lin] Misaligned icon in address bar
- DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera is minimized
- DNA-87749 Crash at opera::InstantSearchSuggestionLineView:: SetIsHighlighted(bool)
-
The update to chromium 84.0.4147.89 fixes following issues:
- CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536
-
Complete Opera 70.0 changelog at: https://blogs.opera.com/desktop/changelog-for-70/
-
Update to version 69.0.3686.77
- DNA-84207 New Yubikey enrollment is not working
- DNA-87185 Lost translation
- DNA-87382 Integrate scrolling to top of the feed with the existing scroll position restoration
- DNA-87535 Sort out news on start page state
- DNA-87588 Merge “Prevent pointer from being sent in the clear over SCTP” to desktop-stable-83-3686
-
Update to version 69.0.3686.57
- DNA-86682 Title case in Russian translation
- DNA-86807 Title case in O69 BR Portuguese translation
- DNA-87104 Right click context menu becomes scrollable sometimes
- DNA-87376 Search in tabs opens significantly slower in O69
- DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade pages
- DNA-87535 Sort out news on start page state
Список пакетов
openSUSE Leap 15.1 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2020:1148-1
- SUSE Security Ratings
- SUSE CVE CVE-2020-6510 page
- SUSE CVE CVE-2020-6511 page
- SUSE CVE CVE-2020-6512 page
- SUSE CVE CVE-2020-6513 page
- SUSE CVE CVE-2020-6514 page
- SUSE CVE CVE-2020-6515 page
- SUSE CVE CVE-2020-6516 page
- SUSE CVE CVE-2020-6517 page
- SUSE CVE CVE-2020-6518 page
- SUSE CVE CVE-2020-6519 page
- SUSE CVE CVE-2020-6520 page
- SUSE CVE CVE-2020-6521 page
- SUSE CVE CVE-2020-6522 page
- SUSE CVE CVE-2020-6523 page
- SUSE CVE CVE-2020-6524 page
- SUSE CVE CVE-2020-6525 page
- SUSE CVE CVE-2020-6526 page
- SUSE CVE CVE-2020-6527 page
Описание
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6510
- SUSE Bug 1174189
Описание
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6511
- SUSE Bug 1174189
Описание
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6512
- SUSE Bug 1174189
Описание
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Затронутые продукты
Ссылки
- CVE-2020-6513
- SUSE Bug 1174189
Описание
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
Затронутые продукты
Ссылки
- CVE-2020-6514
- SUSE Bug 1174189
- SUSE Bug 1174538
Описание
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6515
- SUSE Bug 1174189
Описание
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6516
- SUSE Bug 1174189
Описание
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6517
- SUSE Bug 1174189
Описание
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6518
- SUSE Bug 1174189
Описание
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6519
- SUSE Bug 1174189
Описание
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6520
- SUSE Bug 1174189
Описание
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6521
- SUSE Bug 1174189
Описание
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6522
- SUSE Bug 1174189
Описание
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6523
- SUSE Bug 1174189
Описание
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6524
- SUSE Bug 1174189
Описание
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6525
- SUSE Bug 1174189
Описание
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6526
- SUSE Bug 1174189
Описание
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6527
- SUSE Bug 1174189
Описание
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6528
- SUSE Bug 1174189
Описание
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6529
- SUSE Bug 1174189
Описание
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2020-6530
- SUSE Bug 1174189
Описание
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6531
- SUSE Bug 1174189
Описание
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6533
- SUSE Bug 1174189
Описание
Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6534
- SUSE Bug 1174189
Описание
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-6535
- SUSE Bug 1174189
Описание
Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.
Затронутые продукты
Ссылки
- CVE-2020-6536
- SUSE Bug 1174189