Описание
Security update for opera
This update for opera fixes the following issues:
Update to 96.0.4693.31
- CHR-9206 Update Chromium on desktop-stable-110-4693 to 110.0.5481.178
- DNA-104492 [Stable A/B Test] React Start Page for Austria 50%
- DNA-104660 Browser crash when calling window.opr.authPrivate API in a private mode
- DNA-105000 Crash at non-virtual thunk to SadTabView::OnBoundsChanged(gfx::Rect const&)
- DNA-105138 Hang-up button is red in video popout
- DNA-105211 Johnny5 – Prepare extension to be usable in Desktop
- DNA-105377 Add API for extension to be able to open sidebar panel
- DNA-105378 Add 'AI Shorten' functionality to search/copy tooltip
- DNA-105410 Change Popup functionality depending on number of words selected
- DNA-105429 Fix privileges for Shodan api
- DNA-105434 Change popup depending on number of words
- DNA-105442 Fix Update & Recovery page styling
- DNA-105455 [Search box] Search box does not resize dynamically
- DNA-105606 Enabling news by default on SP test- 2
The update to chromium 110.0.5481.178 fixes following issues:
CVE-2023-0927, CVE-2023-0928, CVE-2023-0929, CVE-2023-0930,
CVE-2023-0931, CVE-2023-0932, CVE-2023-0933, CVE-2023-0941
Список пакетов
openSUSE Leap 15.4 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2023:0066-1
- SUSE Security Ratings
- SUSE CVE CVE-2023-0927 page
- SUSE CVE CVE-2023-0928 page
- SUSE CVE CVE-2023-0929 page
- SUSE CVE CVE-2023-0930 page
- SUSE CVE CVE-2023-0931 page
- SUSE CVE CVE-2023-0932 page
- SUSE CVE CVE-2023-0933 page
- SUSE CVE CVE-2023-0941 page
Описание
Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-0927
- SUSE Bug 1208589
Описание
Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-0928
- SUSE Bug 1208589
Описание
Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-0929
- SUSE Bug 1208589
Описание
Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-0930
- SUSE Bug 1208589
Описание
Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-0931
- SUSE Bug 1208589
Описание
Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
Ссылки
- CVE-2023-0932
- SUSE Bug 1208589
Описание
Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-0933
- SUSE Bug 1208589
Описание
Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2023-0941
- SUSE Bug 1208589