Описание
Security update for opera
This update for opera fixes the following issues:
-
Update to 104.0.4944.23
- DNA-110465 [Scrollable tab strip] Weird animation when closing tab
- DNA-112021 Favicons disappear from history after being hovered over
- DNA-112310 Put opening animation on start page behind a flag
- DNA-112462 Crash at opera::SidebarItemViewImpl:: StateChanged(views::Button::ButtonState)
- DNA-112464 Crash at anonymous namespace::SwitchToTabButton:: OnThemeChanged()
- DNA-112518 Force Default as last used Profile
- DNA-112534 Set profiles_order to Default dir
-
Changes in 104.0.4944.18
- CHR-9471 Update Chromium on desktop-stable-118-4944 to 118.0.5993.71
- DNA-111704 chrome.webRequest.onHeadersReceived event is not fired for extension if page opened from SpeedDial tile
- DNA-111878 Highlighting of tabs and bookmarks in dark mode is almost invisible.
- DNA-111883 [Address bar] Hover effect on page is placed too high
- DNA-111922 [Linux] Change Opera beta application icon
- DNA-111955 Reduce colors used in Opera as much as possible
- DNA-112075 Rename palette colors in theme for better reusability
- DNA-112108 Fix dangling WebContents ptr bound to TabSnoozeInfobarDelegate::Show callback
- DNA-112222 Tab in island not marked as active
- DNA-112242 Disable feature flag #platform-h264-decoder-in-gpu by default on stable channel
- DNA-112265 Promote 104 to stable
- DNA-112312 Turn on #wallet-selector on all streams
- DNA-112313 Enable #pinboard-popup-refresh on all streams
- DNA-112426 [profile migration] Renaming invalid Default to Default.old is not needed anymore
-
The update to chromium 118.0.5993.71 fixes following issues: CVE-2023-5218, CVE-2023-5487, CVE-2023-5484, CVE-2023-5475, CVE-2023-5483, CVE-2023-5481, CVE-2023-5476, CVE-2023-5474, CVE-2023-5479, CVE-2023-5485, CVE-2023-5478, CVE-2023-5477, CVE-2023-5486, CVE-2023-5473
-
Complete Opera 104 changelog at: https://blogs.opera.com/desktop/changelog-for-104/
-
Update to 103.0.4928.34
- DNA-111680 Fix highlight of bookmarks bar folder elements
- DNA-111703 O icon moves upon opening menu
- DNA-111883 [Address bar] Hover effect on page is placed too high
- DNA-111940 OMenu text displaced to the right without any indentation
- DNA-112118 Crash at history::URLDatabase:: CreateContinueOnIndexIfNeeded(std::__Cr::vector)
-
Update to 103.0.4928.26
- DNA-111681 Disappearing icons of bookmarks bar folders elements
- DNA-112020 Enable #address-bar-dropdown-cities on all streams
Список пакетов
openSUSE Leap 15.4 NonFree
Ссылки
- E-Mail link for openSUSE-SU-2023:0337-1
- SUSE Security Ratings
- SUSE CVE CVE-2023-5218 page
- SUSE CVE CVE-2023-5473 page
- SUSE CVE CVE-2023-5474 page
- SUSE CVE CVE-2023-5475 page
- SUSE CVE CVE-2023-5476 page
- SUSE CVE CVE-2023-5477 page
- SUSE CVE CVE-2023-5478 page
- SUSE CVE CVE-2023-5479 page
- SUSE CVE CVE-2023-5481 page
- SUSE CVE CVE-2023-5483 page
- SUSE CVE CVE-2023-5484 page
- SUSE CVE CVE-2023-5485 page
- SUSE CVE CVE-2023-5486 page
- SUSE CVE CVE-2023-5487 page
Описание
Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Ссылки
- CVE-2023-5218
- SUSE Bug 1216111
Описание
Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2023-5473
- SUSE Bug 1216111
Описание
Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5474
- SUSE Bug 1216111
Описание
Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5475
- SUSE Bug 1216111
Описание
Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5476
- SUSE Bug 1216111
Описание
Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2023-5477
- SUSE Bug 1216111
Описание
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2023-5478
- SUSE Bug 1216111
Описание
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5479
- SUSE Bug 1216111
Описание
Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5481
- SUSE Bug 1216111
Описание
Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5483
- SUSE Bug 1216111
Описание
Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5484
- SUSE Bug 1216111
Описание
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2023-5485
- SUSE Bug 1216111
Описание
Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Затронутые продукты
Ссылки
- CVE-2023-5486
- SUSE Bug 1216111
Описание
Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
Затронутые продукты
Ссылки
- CVE-2023-5487
- SUSE Bug 1216111