Описание
Security update for opera
This update for opera fixes the following issues:
-
Update to version 73.0.3856.344
- CHR-8265 Update chromium on desktop-stable-87-3856 to 87.0.4280.141
- DNA-90625 [Mac] Crash at opera::TabView:: GetPaintData(opera::TabState) const
- DNA-90735 Crash at opera::BrowserSidebarModel::GetItemVisible (opera::BrowserSidebarItem const*) const
- DNA-90780 Crash at extensions::CommandService::GetExtension ActionCommand(std::__1::basic_string const&, extensions:: ActionInfo::Type, extensions::CommandService::QueryType, extensions::Command*, bool*)
- DNA-90821 Crash at opera::BrowserSidebarController:: Action(opera::BrowserSidebarItem const*, opera::BrowserSidebarItemContentView*)
-
The update to chromium 87.0.4280.141 fixes following issues: CVE-2021-21106, CVE-2021-21107, CVE-2021-21108, CVE-2021-21109, CVE-2021-21110, CVE-2021-21111, CVE-2021-21112, CVE-2021-21113, CVE-2020-16043, CVE-2021-21114, CVE-2020-15995, CVE-2021-21115, CVE-2021-21116
-
Update to version 73.0.3856.329
- DNA-89156 Crash at content::RenderViewHostImpl::OnFocus()
- DNA-89731 [Mac] Bookmarks bar overlaps Babe section when hovering the OMenu
- DNA-90189 Music service portal logotypes are blurred on Win
- DNA-90336 add session data schema
- DNA-90399 Address bar dropdown suggestions overlap each other
- DNA-90520 Crash at absl::raw_logging_internal::RawLog(absl:: LogSeverity, char const*, int, char const*, …)
- DNA-90538 Crash at extensions::CommandService:: GetExtensionActionCommand(std::__1::basic_string const&, extensions::ActionInfo::Type, extensions::CommandService:: QueryType, extensions::Command*, bool*)
- DNA-90600 Don’t report workspace visibility, when functionality is disabled.
- DNA-90665 Collect music service statistics WP2
- DNA-90773 Bad translation from english to spanish in UI
- DNA-90789 Crash at opera::ThumbnailHelper::RunNextRequest()
Список пакетов
openSUSE Leap 15.2 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2021:0139-1
- SUSE Security Ratings
- SUSE CVE CVE-2020-15995 page
- SUSE CVE CVE-2020-16043 page
- SUSE CVE CVE-2021-21106 page
- SUSE CVE CVE-2021-21107 page
- SUSE CVE CVE-2021-21108 page
- SUSE CVE CVE-2021-21109 page
- SUSE CVE CVE-2021-21110 page
- SUSE CVE CVE-2021-21111 page
- SUSE CVE CVE-2021-21112 page
- SUSE CVE CVE-2021-21113 page
- SUSE CVE CVE-2021-21114 page
- SUSE CVE CVE-2021-21115 page
- SUSE CVE CVE-2021-21116 page
Описание
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2020-15995
- SUSE Bug 1180645
Описание
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
Затронутые продукты
Ссылки
- CVE-2020-16043
- SUSE Bug 1180645
Описание
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21106
- SUSE Bug 1180645
Описание
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21107
- SUSE Bug 1180645
Описание
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21108
- SUSE Bug 1180645
Описание
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21109
- SUSE Bug 1180645
Описание
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21110
- SUSE Bug 1180645
Описание
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
Затронутые продукты
Ссылки
- CVE-2021-21111
- SUSE Bug 1180645
Описание
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21112
- SUSE Bug 1180645
Описание
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21113
- SUSE Bug 1180645
Описание
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21114
- SUSE Bug 1180645
Описание
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21115
- SUSE Bug 1180645
Описание
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-21116
- SUSE Bug 1180645