Detections
Analytics

openSUSE Security Update : opera (openSUSE-2020-1713)

critical Nessus Plugin ID 141905

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for opera fixes the following issues :

opera was updated to version 71.0.3770.228

 - DNA-87466 Hide extensions icon is black in dark theme

 - DNA-88580 Implement search_in_tabs telemetry benchmark

 - DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL

 - DNA-88693 Random crash in SmartFilesBrowserTest

 - DNA-88793 change VPN disclaimer modal layout

 - DNA-88799 Only active workspaces and active messengers should be listed in keyboard shortcuts settings

 - DNA-88838 add automatic VPN connection preference setting

 - DNA-88870 Align VPN popup to new design

 - DNA-88900 Turn off Tutorials in Opera GX –
 implementation

 - DNA-88931 Add info about channel and product (OPR, OPRGX) to rollout requests

 - DNA-88940 Allow continue-shopping|booking-host-override switch to handle host and path

 - DNA-88946 Auto-connect VPN after browser startup only for existing VPN users

 - DNA-89009 Change URL for search-suggestions

 - DNA-89021 Make RH test driver pack to a separate archive

 - DNA-89150 Unhardcode ‘From’ and ‘To’ strings in Advanced History Search

 - DNA-89175 Desktop without a flow paring should not initialize in browser startup

Opera was updated to version 71.0.3770.198

 - CHR-8106 Update chromium on desktop-stable-85-3770 to 85.0.4183.121

 - DNA-85648 Reconnecting Flow with iOS is unstable

 - DNA-87130 Spinner is stretched instead of clipped

 - DNA-87989 In Find in Page, “No matches”
 doesn’t go away after deleting all text

 - DNA-88098 Data URLs entries should not open new tab after click on new history page

 - DNA-88267 Extra semicolon in Russian BABE translation

 - DNA-88312 [Win] Downloads file drag and drop doesn’t work in Opera

 - DNA-88363 Add premium extension functionality

 - DNA-88580 Implement search_in_tabs telemetry benchmark

 - DNA-88611 Black font on a dark background in sync login dialog

 - DNA-88626 Disable #easy-files on desktop-stable-85-xxxx

 - DNA-88701 String “Type a shortcut” is hardcoded

 - DNA-88755 Crash at extensions::WebstoreOneClickInstallerUIImpl::
 RemoveAllInfobarsExcept(opera::ExtensionInstallInfoBarDe legate*)

 - DNA-88797 Change ‘Register’ to ‘Tab’ in German

 - DNA-88851 [History][Resized window] Button and date input look bad

 - DNA-88958 Crash at net::`anonymous namespace”::Escape

 - The update to chromium 85.0.4183.121 fixes following issues :

 - CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15965, CVE-2020-15966, CVE-2020-15964

 - Update to version 71.0.3770.148

 - CHR-8091 Update chromium on desktop-stable-85-3770 to 85.0.4183.102

 - DNA-87785 [Mac] “Alitools” text in extension toolbar overlaps Install button

 - DNA-87935 Make SSD smaller by 25%

 - DNA-87963 Hidden Avira extension in avira_2 edition

 - DNA-88015 [MyFlow] Desktop doesn’t show itself in devices list

 - DNA-88469 Add context menu options to configure shortcuts

 - DNA-88496 Define a/b test in ab_tests.json

 - DNA-88537 Don’t filter out hashes from feature reference groups coming from rollout

 - DNA-88580 Implement search_in_tabs telemetry benchmark

 - DNA-88604 [History panel] Search bar covers the “Clear browsing data” button

 - DNA-88619 String ‘Download complete’ is cut on download popup

 - DNA-88645 Remove option should not be available for last workspace

 - DNA-88718 [History panel] fix delete button overflow issue

 - The update to chromium 85.0.4183.102 fixes following issues :

 - CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959

 - Complete Opera 71.0 changelog at:
 https://blogs.opera.com/desktop/changelog-for-71/

 - Update to version 70.0.3728.144

 - CHR-8057 Update chromium on desktop-stable-84-3728 to 84.0.4147.135

 - DNA-88027 [Mac] Downloads icon disappears when downloads popup is shown

 - DNA-88204 Crash at opera::DownloadItemView::OnMousePressed (ui::MouseEvent const&)

 - The update to chromium 84.0.4147.135 fixes following issues :

 - CVE-2020-6556

Solution

Update the affected opera package.

See Also

https://blogs.opera.com/desktop/changelog-for-71/

Plugin Details

Severity: Critical

ID: 141905

File Name: openSUSE-2020-1713.nasl

Version: 1.4

Type: local

Agent: unix

Published: 10/26/2020

Updated: 2/13/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2020-6556

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2020-6573

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.1, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/23/2020

Vulnerability Publication Date: 9/21/2020

Reference Information

CVE: CVE-2020-15959, CVE-2020-15960, CVE-2020-15961, CVE-2020-15962, CVE-2020-15963, CVE-2020-15964, CVE-2020-15965, CVE-2020-15966, CVE-2020-6556, CVE-2020-6573, CVE-2020-6574, CVE-2020-6575, CVE-2020-6576