openSUSE Security Update : opera (openSUSE-2020-1172)

High Nessus Plugin ID 139450

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.4

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for opera fixes the following issues :

- Update to version 70.0.3728.71

- DNA-86267 Make `Recently closed tabs` appearance consistent with `Search for open tabs`.

- DNA-86988 Opera 70 translations

- DNA-87530 Zen news leads not loading

- DNA-87636 Fix displaying folder icon for closed windows in recently closed list

- DNA-87682 Replace Extensions icon in toolbar with icon from sidebar

- DNA-87756 Extend chrome.sessions.getRecentlyClosed with information about last active tab in window.

- DNA-87778 Crash at opera::InstantSearchViewViews::
~InstantSearchViewViews()

- DNA-87815 Change affiliate links for AliExpress Search

- Update to version 70.0.3728.59

- CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89

- DNA-87019 The video image does not respond to the pressing after closed the “Quit Opera?”
dialog

- DNA-87342 Fix right padding in settings > weather section

- DNA-87427 Remove unneeded information from the requests’ diagnostics

- DNA-87560 Crash at views::Widget::GetNativeView()

- DNA-87561 Crash at CRYPTO_BUFFER_len

- DNA-87599 Bypass VPN for default search engines doesn’t work

- DNA-87611 Unittests fails on declarativeNetRequest and declarativeNetRequestFeedback permissions

- DNA-87612 [Mac] Misaligned icon in address bar

- DNA-87619 [Win/Lin] Misaligned icon in address bar

- DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera is minimised

- DNA-87749 Crash at opera::InstantSearchSuggestionLineView::
SetIsHighlighted(bool)

- The update to chromium 84.0.4147.89 fixes following issues :

- CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536

- Complete Opera 70.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-70/

- Update to version 69.0.3686.77

- DNA-84207 New Yubikey enrollment is not working

- DNA-87185 Lost translation

- DNA-87382 Integrate scrolling to top of the feed with the existing scroll position restoration

- DNA-87535 Sort out news on startpage state

- DNA-87588 Merge “Prevent pointer from being sent in the clear over SCTP” to desktop-stable-83-3686

- Update to version 69.0.3686.57

- DNA-86682 Title case in Russian translation

- DNA-86807 Title case in O69 BR Portuguese translation

- DNA-87104 Right click context menu becomes scrollable sometimes

- DNA-87376 Search in tabs opens significantly slower in O69

- DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade pages

- DNA-87535 Sort out news on startpage state

Solution

Update the affected opera package.

See Also

https://blogs.opera.com/desktop/changelog-for-70/

Plugin Details

Severity: High

ID: 139450

File Name: openSUSE-2020-1172.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2020/08/10

Updated: 2020/08/12

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS Score Source: CVE-2020-6524

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 2020/08/08

Vulnerability Publication Date: 2020/07/22

Reference Information

CVE: CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536