Security update for opera SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:1310-1 Final 1 1 2021-09-25T14:05:51Z current 2021-09-25T14:05:51Z 2021-09-25T14:05:51Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for opera This update for opera fixes the following issues: opera was updated to version 79.0.4143.22 - CHR-8550 Update chromium on desktop-stable-93-4143 to 93.0.4577.58 - CHR-8557 Update chromium on desktop-stable-93-4143 to 93.0.4577.63 - DNA-94641 [Linux] Proprietary media codecs not working in snap builds - DNA-95076 [Linux] Page crash with media content - DNA-95084 [Mac] Cannot quit through menu with snapshot editor open - DNA-95138 Add setting to synchronize Pinboards - DNA-95157 Crash at -[OperaCrApplication sendEvent:] - DNA-95204 Opera 79 translations - DNA-95240 The pinboard thumbnail cannot be generated anymore - DNA-95278 Existing Pinboards might be missing - DNA-95292 Enable #bookmarks-trash-cleaner on all streams - DNA-95293 Enable #easy-files-downloads-folder on all streams - DNA-95383 Promote O79 to stable - Complete Opera 79.0 changelog at: https://blogs.opera.com/desktop/changelog-for-79/ - The update to chromium 93.0.4577.58 fixes following issues: CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609, CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613, CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617, CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621, CVE-2021-30622, CVE-2021-30623, CVE-2021-30624 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-1310 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ E-Mail link for openSUSE-SU-2021:1310-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-30606/ SUSE CVE CVE-2021-30606 page https://www.suse.com/security/cve/CVE-2021-30607/ SUSE CVE CVE-2021-30607 page https://www.suse.com/security/cve/CVE-2021-30608/ SUSE CVE CVE-2021-30608 page https://www.suse.com/security/cve/CVE-2021-30609/ SUSE CVE CVE-2021-30609 page https://www.suse.com/security/cve/CVE-2021-30610/ SUSE CVE CVE-2021-30610 page https://www.suse.com/security/cve/CVE-2021-30611/ SUSE CVE CVE-2021-30611 page https://www.suse.com/security/cve/CVE-2021-30612/ SUSE CVE CVE-2021-30612 page https://www.suse.com/security/cve/CVE-2021-30613/ SUSE CVE CVE-2021-30613 page https://www.suse.com/security/cve/CVE-2021-30614/ SUSE CVE CVE-2021-30614 page https://www.suse.com/security/cve/CVE-2021-30615/ SUSE CVE CVE-2021-30615 page https://www.suse.com/security/cve/CVE-2021-30616/ SUSE CVE CVE-2021-30616 page https://www.suse.com/security/cve/CVE-2021-30617/ SUSE CVE CVE-2021-30617 page https://www.suse.com/security/cve/CVE-2021-30618/ SUSE CVE CVE-2021-30618 page https://www.suse.com/security/cve/CVE-2021-30619/ SUSE CVE CVE-2021-30619 page https://www.suse.com/security/cve/CVE-2021-30620/ SUSE CVE CVE-2021-30620 page https://www.suse.com/security/cve/CVE-2021-30621/ SUSE CVE CVE-2021-30621 page https://www.suse.com/security/cve/CVE-2021-30622/ SUSE CVE CVE-2021-30622 page https://www.suse.com/security/cve/CVE-2021-30623/ SUSE CVE CVE-2021-30623 page https://www.suse.com/security/cve/CVE-2021-30624/ SUSE CVE CVE-2021-30624 page openSUSE Leap 15.2 NonFree openSUSE Leap 15.3 NonFree opera-79.0.4143.22-lp153.2.18.1 opera-79.0.4143.22-lp153.2.18.1 as a component of openSUSE Leap 15.2 NonFree opera-79.0.4143.22-lp153.2.18.1 as a component of openSUSE Leap 15.3 NonFree Chromium: CVE-2021-30606 Use after free in Blink CVE-2021-30606 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30606.html CVE-2021-30606 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30607 Use after free in Permissions CVE-2021-30607 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30607.html CVE-2021-30607 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30608 Use after free in Web Share CVE-2021-30608 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30608.html CVE-2021-30608 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30609 Use after free in Sign-In CVE-2021-30609 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30609.html CVE-2021-30609 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30610 Use after free in Extensions API CVE-2021-30610 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30610.html CVE-2021-30610 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30611 Use after free in WebRTC CVE-2021-30611 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30611.html CVE-2021-30611 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30612 Use after free in WebRTC CVE-2021-30612 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30612.html CVE-2021-30612 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30613 Use after free in Base internals CVE-2021-30613 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30613.html CVE-2021-30613 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip CVE-2021-30614 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30614.html CVE-2021-30614 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30615 Cross-origin data leak in Navigation CVE-2021-30615 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30615.html CVE-2021-30615 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30616 Use after free in Media CVE-2021-30616 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30616.html CVE-2021-30616 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30617 Policy bypass in Blink CVE-2021-30617 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30617.html CVE-2021-30617 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30618 Inappropriate implementation in DevTools CVE-2021-30618 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30618.html CVE-2021-30618 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30619 UI Spoofing in Autofill CVE-2021-30619 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30619.html CVE-2021-30619 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink CVE-2021-30620 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30620.html CVE-2021-30620 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30621 UI Spoofing in Autofill CVE-2021-30621 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30621.html CVE-2021-30621 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30622 Use after free in WebApp Installs CVE-2021-30622 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30622.html CVE-2021-30622 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30623 Use after free in Bookmarks CVE-2021-30623 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30623.html CVE-2021-30623 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30624 Use after free in Autofill CVE-2021-30624 openSUSE Leap 15.2 NonFree:opera-79.0.4143.22-lp153.2.18.1 openSUSE Leap 15.3 NonFree:opera-79.0.4143.22-lp153.2.18.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDRKVDFEPABXRR653626WGJRZWK5HZ7Y/ https://www.suse.com/security/cve/CVE-2021-30624.html CVE-2021-30624 https://bugzilla.suse.com/1190096 SUSE Bug 1190096