openSUSE Security Update : opera (openSUSE-2020-1172)

critical Nessus Plugin ID 139450

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for opera fixes the following issues :

- Update to version 70.0.3728.71

- DNA-86267 Make `Recently closed tabs` appearance consistent with `Search for open tabs`.

- DNA-86988 Opera 70 translations

- DNA-87530 Zen news leads not loading

- DNA-87636 Fix displaying folder icon for closed windows in recently closed list

- DNA-87682 Replace Extensions icon in toolbar with icon from sidebar

- DNA-87756 Extend chrome.sessions.getRecentlyClosed with information about last active tab in window.

- DNA-87778 Crash at opera::InstantSearchViewViews::
~InstantSearchViewViews()

- DNA-87815 Change affiliate links for AliExpress Search

- Update to version 70.0.3728.59

- CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89

- DNA-87019 The video image does not respond to the pressing after closed the “Quit Opera?”
dialog

- DNA-87342 Fix right padding in settings > weather section

- DNA-87427 Remove unneeded information from the requests’ diagnostics

- DNA-87560 Crash at views::Widget::GetNativeView()

- DNA-87561 Crash at CRYPTO_BUFFER_len

- DNA-87599 Bypass VPN for default search engines doesn’t work

- DNA-87611 Unittests fails on declarativeNetRequest and declarativeNetRequestFeedback permissions

- DNA-87612 [Mac] Misaligned icon in address bar

- DNA-87619 [Win/Lin] Misaligned icon in address bar

- DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera is minimised

- DNA-87749 Crash at opera::InstantSearchSuggestionLineView::
SetIsHighlighted(bool)

- The update to chromium 84.0.4147.89 fixes following issues :

- CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536

- Complete Opera 70.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-70/

- Update to version 69.0.3686.77

- DNA-84207 New Yubikey enrollment is not working

- DNA-87185 Lost translation

- DNA-87382 Integrate scrolling to top of the feed with the existing scroll position restoration

- DNA-87535 Sort out news on startpage state

- DNA-87588 Merge “Prevent pointer from being sent in the clear over SCTP” to desktop-stable-83-3686

- Update to version 69.0.3686.57

- DNA-86682 Title case in Russian translation

- DNA-86807 Title case in O69 BR Portuguese translation

- DNA-87104 Right click context menu becomes scrollable sometimes

- DNA-87376 Search in tabs opens significantly slower in O69

- DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade pages

- DNA-87535 Sort out news on startpage state

Solution

Update the affected opera package.

See Also

https://blogs.opera.com/desktop/changelog-for-70/

Plugin Details

Severity: Critical

ID: 139450

File Name: openSUSE-2020-1172.nasl

Version: 1.4

Type: local

Agent: unix

Published: 8/10/2020

Updated: 5/13/2022

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent

Risk Information

VPR

Risk Factor: High

Score: 8.1

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

CVSS Score Source: CVE-2020-6524

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/8/2020

Vulnerability Publication Date: 7/22/2020

Reference Information

CVE: CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536