Описание
Security update for opera
This update for opera fixes the following issues:
Opera was updated to version 80.0.4170.63
- CHR-8612 Update chromium on desktop-stable-94-4170 to 94.0.4606.81
- DNA-95434 Crash at opera::ThemesService::UpdateCurrentTheme()
- The update to chromium 94.0.4606.81 fixes following issues: CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980
Opera was updated to version 80.0.4170.40
- CHR-8598 Update chromium on desktop-stable-94-4170 to 94.0.4606.71
- DNA-95221 Emoji button stuck in address bar
- DNA-95325 Make y.at navigations to be reported with page_views events
- DNA-95327 Add “Emojis” context menu option in address bar field
- DNA-95339 Add YAT emoji url suggestion to search© dialog
- DNA-95416 Remove emoji button from address bar
- DNA-95439 Enable #yat-emoji-addresses on developer stream
- DNA-95441 [Mac big sur] Emoji are not shown in address bar url
- DNA-95514 Crash at resource_coordinator::TabLifecycleUnitSource ::TabLifecycleUnit::OnLifecycleUnitStateChanged(mojom:: LifecycleUnitState, mojom::LifecycleUnitStateChangeReason)
- DNA-95746 Enable #reader-mode everywhere
- DNA-95865 Numbers are recognized as emojis
- DNA-95866 Change Yat text in selection popup
- DNA-95867 Show that buttons are clickable in selection popup
- The update to chromium 94.0.4606.71 fixes following issues: CVE-2021-37974, CVE-2021-37975, CVE-2021-37976
Список пакетов
openSUSE Leap 15.2 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2021:1433-1
- SUSE Security Ratings
- SUSE CVE CVE-2021-37974 page
- SUSE CVE CVE-2021-37975 page
- SUSE CVE CVE-2021-37976 page
- SUSE CVE CVE-2021-37977 page
- SUSE CVE CVE-2021-37978 page
- SUSE CVE CVE-2021-37979 page
- SUSE CVE CVE-2021-37980 page
Описание
Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37974
- SUSE Bug 1191204
Описание
Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37975
- SUSE Bug 1191204
Описание
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37976
- SUSE Bug 1191204
Описание
Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37977
- SUSE Bug 1191463
Описание
Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37978
- SUSE Bug 1191463
Описание
heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37979
- SUSE Bug 1191463
Описание
Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.
Затронутые продукты
Ссылки
- CVE-2021-37980
- SUSE Bug 1191463