openSUSE Security Update : opera (openSUSE-2020-1713)

critical Nessus Plugin ID 141905

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for opera fixes the following issues :

opera was updated to version 71.0.3770.228

- DNA-87466 Hide extensions icon is black in dark theme

- DNA-88580 Implement search_in_tabs telemetry benchmark

- DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL

- DNA-88693 Random crash in SmartFilesBrowserTest

- DNA-88793 change VPN disclaimer modal layout

- DNA-88799 Only active workspaces and active messengers should be listed in keyboard shortcuts settings

- DNA-88838 add automatic VPN connection preference setting

- DNA-88870 Align VPN popup to new design

- DNA-88900 Turn off Tutorials in Opera GX –
implementation

- DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout requests

- DNA-88940 Allow continue-shopping|booking-host-override switch to handle host and path

- DNA-88946 Auto-connect VPN after browser startup only for existing VPN users

- DNA-89009 Change URL for search-suggestions

- DNA-89021 Make RH test driver pack to a separate archive

- DNA-89150 Unhardcode ‘From’ and ‘To’ strings in Advanced History Search

- DNA-89175 Desktop without a flow paring should not initialize in browser startup

Opera was updated to version 71.0.3770.198

- CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121

- DNA-85648 Reconnecting Flow with iOS is unstable

- DNA-87130 Spinner is stretched instead of clipped

- DNA-87989 In Find in Page, “No matches”
doesn’t go away after deleting all text

- DNA-88098 Data URLs entries should not open new tab after click on new history page

- DNA-88267 Extra semicolon in Russian BABE translation

- DNA-88312 [Win] Downloads file drag and drop doesn’t work in Opera

- DNA-88363 Add premium extension functionality

- DNA-88580 Implement search_in_tabs telemetry benchmark

- DNA-88611 Black font on a dark background in sync login dialog

- DNA-88626 Disable #easy-files on desktop-stable-85-xxxx

- DNA-88701 String “Type a shortcut” is hardcoded

- DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl::
RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDe legate*)

- DNA-88797 Change ‘Register’ to ‘Tab’ in German

- DNA-88851 [History][Resized window] Button and date input look bad

- DNA-88958 Crash at net::`anonymous namespace”::Escape

- The update to chromium 85.0.4183.121 fixes following issues :

- CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15965, CVE-2020-15966, CVE-2020-15964

- Update to version 71.0.3770.148

- CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102

- DNA-87785 [Mac] “Alitools” text in extension toolbar overlaps Install button

- DNA-87935 Make SSD smaller by 25%

- DNA-87963 Hidden Avira extension in avira_2 edition

- DNA-88015 [MyFlow] Desktop doesn’t show itself in devices list

- DNA-88469 Add context menu options to configure shortcuts

- DNA-88496 Define a/b test in ab_tests.json

- DNA-88537 Don’t filter out hashes from feature reference groups coming from rollout

- DNA-88580 Implement search_in_tabs telemetry benchmark

- DNA-88604 [History panel] Search bar covers the “Clear browsing data” button

- DNA-88619 String ‘Download complete’ is cut on download popup

- DNA-88645 Remove option should not be available for last workspace

- DNA-88718 [History panel] fix delete button overflow issue

- The update to chromium 85.0.4183.102 fixes following issues :

- CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959

- Complete Opera 71.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-71/

- Update to version 70.0.3728.144

- CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135

- DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown

- DNA-88204 Crash at opera::DownloadItemView::OnMousePressed (ui::MouseEvent const&)

- The update to chromium 84.0.4147.135 fixes following issues :

- CVE-2020-6556

Solution

Update the affected opera package.

See Also

https://blogs.opera.com/desktop/changelog-for-71/

Plugin Details

Severity: Critical

ID: 141905

File Name: openSUSE-2020-1713.nasl

Version: 1.3

Type: local

Agent: unix

Published: 10/26/2020

Updated: 5/12/2022

Supported Sensors: Nessus Agent

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2020-6556

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.1, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 10/23/2020

Vulnerability Publication Date: 9/21/2020

Reference Information

CVE: CVE-2020-15959, CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15964, CVE-2020-15965, CVE-2020-15966, CVE-2020-6556, CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576