Security update for opera SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:0296-1 Final 1 1 2021-02-15T13:04:46Z current 2021-02-15T13:04:46Z 2021-02-15T13:04:46Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for opera This update for opera fixes the following issues: - Update to version 74.0.3911.107 - CHR-8311 Update chromium on desktop-stable-88-3911 to 88.0.4324.150 - DNA-90329 Implement client_capabilities negotiation for Flow / Sync - DNA-90560 [Search Tabs] Open Tabs On Top - DNA-90620 Add opauto tests for tab snoozing - DNA-90628 Update opauto tests after design changes - DNA-90818 Only 3 recently closed tabs are shown in a search mode - DNA-90911 Enable search-tabs-open-tabs-on-top on developer - DNA-90990 Crash at opera::AddressBarView::NotifyBoundsChanged() - DNA-90991 Opera doesn’t show version and ‘Relaunch’ button despite update is ready - DNA-91097 Crash at extensions::BrowserSidebarPrivateGetPremium ExtensionsInfoFunction::Run() - DNA-91163 [Win] “URL navigation filters” subpage doesn’t react on actions - DNA-91196 [Flow] Device capabilities is not properly saved in Local State - DNA-91276 Sidebar setup wont open - The update to chromium 88.0.4324.150 fixes following issues: - CVE-2021-21148 (1181827) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-296 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J3D452OYQTKXJQRO2OWRU5IM6SC2Y3TK/ E-Mail link for openSUSE-SU-2021:0296-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1181827 SUSE Bug 1181827 https://www.suse.com/security/cve/CVE-2021-21148/ SUSE CVE CVE-2021-21148 page openSUSE Leap 15.2 NonFree opera-74.0.3911.107-lp152.2.34.1 opera-74.0.3911.107-lp152.2.34.1 as a component of openSUSE Leap 15.2 NonFree Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21148 openSUSE Leap 15.2 NonFree:opera-74.0.3911.107-lp152.2.34.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J3D452OYQTKXJQRO2OWRU5IM6SC2Y3TK/ https://www.suse.com/security/cve/CVE-2021-21148.html CVE-2021-21148 https://bugzilla.suse.com/1181827 SUSE Bug 1181827