Описание
Security update for opera
This update for opera fixes the following issues:
Update to version 81.0.4196.31:
- DNA-95733 Implement the “Manage” menu in card details view
- DNA-95736 Update UI for paused card
- DNA-95791 Crash at base::operator<
- DNA-95794 Sometimes the sidebar UI fails to load
- DNA-95812 Retrieve cards info when showing autofill
- DNA-96035 Cannot create virtual card on Sandbox environment
- DNA-96147 “Buy” button does not work
- DNA-96168 Update contributors list
- DNA-96211 Enable #fast-tab-tooltip on all streams
- DNA-96231 Promote O81 to stable
- Complete Opera 80.1 changelog at: https://blogs.opera.com/desktop/changelog-for-81/
Update to version 81.0.4196.27
- CHR-8623 Update chromium on desktop-stable-95-4196 to 95.0.4638.54
- DNA-92384 Better segmenting of hint users
- DNA-95523 Allow sorting in multi-card view
- DNA-95659 Flow of Lastcard on first login
- DNA-95735 Implement the button that reveals full card details
- DNA-95747 Better way to handle expired funding card
- DNA-95949 [Mac Retina] Clicking active tab should scroll to the top
- DNA-95993 Update icon used for Yat in address bar dropdown
- DNA-96021 Cleared download item view is never deleted
- DNA-96036 Occupation field in 'Account – Edit' is shown twice
- DNA-96127 Upgrade plan button does nothing
- DNA-96138 'Add Card' button does not change to 'Upgrade Plan' after adding card
- The update to chromium 95.0.4638.54 fixes following issues: CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984, CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988, CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992, CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996
Update to version 80.0.4170.72
- DNA-95522 Change card view to show all types of cards
- DNA-95523 Allow sorting in multi-card view
- DNA-95524 Allow searching for cards by name
- DNA-95658 Allow user to add a card
- DNA-95659 Flow of Lastcard on first login
- DNA-95660 Implement editing card details
- DNA-95699 Add card details view
- DNA-95733 Implement the “Manage” menu in card details view
- DNA-95735 Implement the button that reveals full card details
- DNA-95736 Update UI for paused card
- DNA-95747 Better way to handle expired funding card
- DNA-95794 Sometimes the sidebar UI fails to load
- DNA-95812 Retrieve cards info when showing autofill
- DNA-96036 Occupation field in ‘Account – Edit’ is shown twice
- DNA-96127 Upgrade plan button does nothing
- DNA-96138 “Add Card” button does not change to “Upgrade Plan” after adding card
Список пакетов
openSUSE Leap 15.3 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2021:1489-1
- SUSE Security Ratings
- SUSE CVE CVE-2021-37981 page
- SUSE CVE CVE-2021-37982 page
- SUSE CVE CVE-2021-37983 page
- SUSE CVE CVE-2021-37984 page
- SUSE CVE CVE-2021-37985 page
- SUSE CVE CVE-2021-37986 page
- SUSE CVE CVE-2021-37987 page
- SUSE CVE CVE-2021-37988 page
- SUSE CVE CVE-2021-37989 page
- SUSE CVE CVE-2021-37990 page
- SUSE CVE CVE-2021-37991 page
- SUSE CVE CVE-2021-37992 page
- SUSE CVE CVE-2021-37993 page
- SUSE CVE CVE-2021-37994 page
- SUSE CVE CVE-2021-37995 page
- SUSE CVE CVE-2021-37996 page
Описание
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37981
- SUSE Bug 1191844
Описание
Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37982
- SUSE Bug 1191844
Описание
Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37983
- SUSE Bug 1191844
Описание
Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37984
- SUSE Bug 1191844
Описание
Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37985
- SUSE Bug 1191844
Описание
Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37986
- SUSE Bug 1191844
Описание
Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37987
- SUSE Bug 1191844
Описание
Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37988
- SUSE Bug 1191844
Описание
Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37989
- SUSE Bug 1191844
Описание
Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.
Затронутые продукты
Ссылки
- CVE-2021-37990
- SUSE Bug 1191844
Описание
Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37991
- SUSE Bug 1191844
Описание
Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37992
- SUSE Bug 1191844
Описание
Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37993
- SUSE Bug 1191844
Описание
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37994
- SUSE Bug 1191844
Описание
Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Затронутые продукты
Ссылки
- CVE-2021-37995
- SUSE Bug 1191844
Описание
Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file.
Затронутые продукты
Ссылки
- CVE-2021-37996
- SUSE Bug 1191844