Security update for opera SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:0016-1 Final 1 1 2024-01-10T11:01:07Z current 2024-01-10T11:01:07Z 2024-01-10T11:01:07Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for opera This update for opera fixes the following issues: opera was updated to 106.0.4998.28 * CHR-9566 Update Chromium on desktop-stable-120-4998 to 120.0.6099.200 * DNA-113161 [Weather] 'Weather Location' description is almost invisible in dark mode * DNA-113351 'Previous tile' should be the same size as 'next tile' * DNA-113443 Crash at opera::ComponentTabCyclerView:: HighlightContents(content::WebContents*, bool) * DNA-114170 [Google Meet][Tab] Links from Google Meet open as blank tabs till change workspace - The update to chromium 120.0.6099.200 fixes following issues: CVE-2024-0222, CVE-2024-0223, CVE-2024-0224, CVE-2024-0225 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2024-16 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UY4JPWBKZYYGRANOGGULA6VZCO66CVNC/ E-Mail link for openSUSE-SU-2024:0016-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-0222/ SUSE CVE CVE-2024-0222 page https://www.suse.com/security/cve/CVE-2024-0223/ SUSE CVE CVE-2024-0223 page https://www.suse.com/security/cve/CVE-2024-0224/ SUSE CVE CVE-2024-0224 page https://www.suse.com/security/cve/CVE-2024-0225/ SUSE CVE CVE-2024-0225 page openSUSE Leap 15.5 NonFree opera-106.0.4998.28-lp155.3.30.1 opera-106.0.4998.28-lp155.3.30.1 as a component of openSUSE Leap 15.5 NonFree Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-0222 openSUSE Leap 15.5 NonFree:opera-106.0.4998.28-lp155.3.30.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UY4JPWBKZYYGRANOGGULA6VZCO66CVNC/ https://www.suse.com/security/cve/CVE-2024-0222.html CVE-2024-0222 https://bugzilla.suse.com/1218533 SUSE Bug 1218533 Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-0223 openSUSE Leap 15.5 NonFree:opera-106.0.4998.28-lp155.3.30.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UY4JPWBKZYYGRANOGGULA6VZCO66CVNC/ https://www.suse.com/security/cve/CVE-2024-0223.html CVE-2024-0223 https://bugzilla.suse.com/1218533 SUSE Bug 1218533 Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-0224 openSUSE Leap 15.5 NonFree:opera-106.0.4998.28-lp155.3.30.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UY4JPWBKZYYGRANOGGULA6VZCO66CVNC/ https://www.suse.com/security/cve/CVE-2024-0224.html CVE-2024-0224 https://bugzilla.suse.com/1218533 SUSE Bug 1218533 Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-0225 openSUSE Leap 15.5 NonFree:opera-106.0.4998.28-lp155.3.30.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UY4JPWBKZYYGRANOGGULA6VZCO66CVNC/ https://www.suse.com/security/cve/CVE-2024-0225.html CVE-2024-0225 https://bugzilla.suse.com/1218533 SUSE Bug 1218533