Описание
Security update for opera
This update for opera fixes the following issues:
Opera was updated to version 79.0.4143.50
- CHR-8571 Update chromium on desktop-stable-93-4143 to 93.0.4577.82
- DNA-94104 ContinueShoppingOnEbayBrowserTest.ShouldDisplayOffers TilesStartingWithMostActiveOnes fails
- DNA-94894 [Rich Hint] Agent API permissions
- DNA-94989 Wrong color and appearance of subpages in the settings
- DNA-95241 “Switch to tab” button is visible only on hover
- DNA-95286 Add unit tests to pinboard sync related logic in browser
- DNA-95372 [Mac retina screen] Snapshot doesnt capture cropped area
- DNA-95526 Some webstore extensions are not verified properly
- The update to chromium 93.0.4577.82 fixes following issues: CVE-2021-30625, CVE-2021-30626, CVE-2021-30627, CVE-2021-30628, CVE-2021-30629, CVE-2021-30630, CVE-2021-30631, CVE-2021-30632, CVE-2021-30633
Список пакетов
openSUSE Leap 15.2 NonFree
openSUSE Leap 15.3 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2021:1330-1
- SUSE Security Ratings
- SUSE CVE CVE-2021-30625 page
- SUSE CVE CVE-2021-30626 page
- SUSE CVE CVE-2021-30627 page
- SUSE CVE CVE-2021-30628 page
- SUSE CVE CVE-2021-30629 page
- SUSE CVE CVE-2021-30630 page
- SUSE CVE CVE-2021-30631 page
- SUSE CVE CVE-2021-30632 page
- SUSE CVE CVE-2021-30633 page
Описание
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30625
- SUSE Bug 1190476
Описание
Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30626
- SUSE Bug 1190476
Описание
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30627
- SUSE Bug 1190476
Описание
Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30628
- SUSE Bug 1190476
Описание
Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30629
- SUSE Bug 1190476
Описание
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30630
- SUSE Bug 1190476
Описание
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Затронутые продукты
Ссылки
- CVE-2021-30631
- SUSE Bug 1190476
Описание
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30632
- SUSE Bug 1190476
Описание
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-30633
- SUSE Bug 1190476