openSUSE Security Update: Security update for opera
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2020:0635-1
Rating:             important
References:         
Cross-References:   CVE-2020-6457 CVE-2020-6458 CVE-2020-6459
                    CVE-2020-6460 CVE-2020-6461 CVE-2020-6462
                   
Affected Products:
                    openSUSE Leap 15.1:NonFree
______________________________________________________________________________

   An update that fixes 6 vulnerabilities is now available.

Description:

   This update for opera fixes the following issues:

   Opera was updated to version 68.0.3618.63

   - CHR-7889 Update chromium on desktop-stable-81-3618 to 81.0.4044.122
   - CHR-7896 Update chromium on desktop-stable-81-3618 to 81.0.4044.129
   - DNA-85287 Set standard spacing for Yandex prompt
   - DNA-85416 [Mac] Animation of tab insert is glitchy on slow machines
   - DNA-85568 Verify API for triggering “unread” mode with Instagram.
   - DNA-86027 Present Now not working in google meet after canceling it once
   - DNA-86028 Add a back and forward button in the Instagram panel
   - DNA-86029 Investigate and implement re-freshing of the instagram panel
     content

   - Update chromium to 81.0.4044.122 fixes CVE-2020-6458, CVE-2020-6459,
     CVE-2020-6460
   - Update chromium to 81.0.4044.129 fixes CVE-2020-6461, CVE-2020-6462

   Update to version 68.0.3618.56

   - DNA-85256 [Win] Cookies section on site pages is white in dark mode
   - DNA-85474 [Mac] Dragging tabs to the left with hidden sidebar is broken
   - DNA-85771 DNS-over-HTTPS example in settings is wrong
   - DNA-85976 Change page display time when navigating from
     opera:startpage
   - CHR-7878 Update chromium on desktop-stable-81-3618 to 81.0.4044.113
     (CVE-2020-6457)
   - DNA-78158 PATCH-1272 should be removed
   - DNA-84721 Weather widget is overlapped when ‘Use bigger tiles’
   - DNA-85246 Implement 0-state dialog and onboarding
   - DNA-85354 O-menu is misplaced when opened with maximized opera
   - DNA-85405 Add link to Privacy Policy on the 0-state dialog
   - DNA-85409 Ask for geolocation EULA once
   - DNA-85426 Crash at opera::DownloadActionButton::Update()
   - DNA-85454 Add id’s to elements for testing
   - DNA-85493 Add “Show Weather” toggle to “Start Page” section in
     Easy Setup
   - DNA-85501 Set timestamps in geolocation exception record
   - DNA-85514 Add fallback when geolocation fails
   - DNA-85713 Report consent for geolocation on start page
   - DNA-85753 Fetch news configuration from new endpoint
   - DNA-85798 Incorrect padding in Search in Tabs window
   - DNA-85801 Disable notification on instagram panel
   - DNA-85809 Update instagram icon in the Sidebar Setup
   - DNA-85854 Change Instagram panel size, to fit desktop version
   - Complete Opera 68.0 changelog at:
     https://blogs.opera.com/desktop/changelog-for-68/

   Update to version 67.0.3575.137

   - CHR-7852 Update chromium on desktop-stable-80-3575 to 80.0.3987.163
   - DNA-82540 Crash at remote_cocoa::NativeWidgetNSWindowBridge::
     SetVisibilityState(remote_cocoa::mojom::WindowVisibilityState)
   - DNA-84951 New PiP is completely black for some 2 GPU setups
   - DNA-85284 Chrome “Open link in same tab, pop-up as tab [Free]”
     extension is no longer working in Opera
   - DNA-85415 [Mac] Inspect Popup not working
   - DNA-85530 Create API for displaying and triggering “unread” mode for
     messengers from in-app
   - DNA-85537 Let addons.opera.com interact with sidebar messengers

   Update to version 67.0.3575.115

   - CHR-7833 Update chromium on desktop-stable-80-3575 to 80.0.3987.149
   - DNA-74423 [Mac] Search/Copy popup stuck on top left of screen
   - DNA-82975 Crash at blink::DocumentLifecycle::EnsureStateAtMost
     (blink::DocumentLifecycle::LifecycleState)
   - DNA-83834 Crash at base::MessagePumpNSApplication:: DoRun
     (base::MessagePump::Delegate*)
   - DNA-84632 macOS 10.15.2 fail on creating testlist.json
   - DNA-84713 Switching through tabs broken when using workspaces


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended
 installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.1:NonFree:

      zypper in -t patch openSUSE-2020-635=1



Package List:

   - openSUSE Leap 15.1:NonFree (x86_64):

      opera-68.0.3618.63-lp151.2.15.1


References:

   https://www.suse.com/security/cve/CVE-2020-6457.html
   https://www.suse.com/security/cve/CVE-2020-6458.html
   https://www.suse.com/security/cve/CVE-2020-6459.html
   https://www.suse.com/security/cve/CVE-2020-6460.html
   https://www.suse.com/security/cve/CVE-2020-6461.html
   https://www.suse.com/security/cve/CVE-2020-6462.html

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org