Detections
Analytics

openSUSE 15 Security Update : opera (openSUSE-SU-2025:0012-1)

high Nessus Plugin ID 214241

Synopsis

The remote openSUSE host is missing a security update.

Description

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025:0012-1 advisory.

 - Update to 116.0.5366.21
 * CHR-9904 Update Chromium on desktop-stable-131-5366 to 131.0.6778.86
 * DNA-119581 Crash at views::View::ConvertPointToTarget
 * DNA-119847 Missing Opera warning color and some margins in Settings
 * DNA-119853 Eula dialog is wrong displayed and can not run installation with system scale 125%
 * DNA-119883 Dark mode: side bar player icons have no background
 * DNA-120054 Double icon effect in adress bar
 * DNA-120117 [Player] Crash when trying to Inspect Element on player's web page in panel
 * DNA-120155 Crash on opera:extensions with color-themes flag disabled
 * DNA-120195 Scroll in Theme Gallery view changes to dark color in Dark Mode
 * DNA-120211 Crash at extensions::
 TabsPrivateGetAllInWindowFunction::Run
 * DNA-120230 Start page button is blurry
 * DNA-120240 Dropdown display lacks expected overlay effect
 * DNA-120242 Translations for Opera 116
 * DNA-120317 Crash at opera::BrowserWindowImpl::
 SetBrowserUIVisible
 * DNA-120458 Crash at opera::BrowserWindowImpl::
 AddWidgetToTracked
 * DNA-120512 Promote 116.0 to stable
 - Complete Opera 116 changelog at:
 https://blogs.opera.com/desktop/changelog-for-116
 - The update to chromium 131.0.6778.86 fixes following issues:
 CVE-2024-11395


 - Update to 115.0.5322.119
 * CHR-9416 Updating Chromium on desktop-stable-* branches
 * DNA-120117 [Player] Crash when trying to Inspect Element on player's web page in panel
 * DNA-120211 Crash at extensions::
 TabsPrivateGetAllInWindowFunction::Run

 - Update to 115.0.5322.109
 * CHR-9416 Updating Chromium on desktop-stable-* branches
 * DNA-118730 Crash at opera::content_filter::
 AdBlockerWhitelistHandler::SetSiteBlocked
 * DNA-119320 [Mac] Web view corners not rounded
 * DNA-119421 [Easy setup] Dropdown for theme editing do not close after opening other dropdowns
 * DNA-119519 Implement stop mechanism for video as wallpaper
 * DNA-119550 Collect common shader rendering code in Rich Wallpaper
 * DNA-119551 Convert Midsommar to new shader-based dynamic theme format
 * DNA-119552 Convert Aurora to new shader-based dynamic theme format
 * DNA-119553 Pass configuration data to shader-based dynamic themes
 * DNA-119554 Logic for pause / resume animations in rich wallpaper page
 * DNA-119645 Install theme from the server
 * DNA-119652 Show spinner while downloading & installing theme
 * DNA-119692 'start now' button not translated in hindi
 * DNA-119783 Toggles in Dark Mode unchecked state missed background color
 * DNA-119811 Show download icon on hover
 * DNA-119812 Implement downloading new theme by clicking download button
 * DNA-119813 Implement selecting new theme by clicking tile
 * DNA-119814 Implement canceling theme download API
 * DNA-119815 Implement canceling theme download UI
 * DNA-119816 Handle error callback from download/install
 * DNA-119817 Implement ability to see themes being downloaded when opening themes gallery
 * DNA-119834 Sometimes onboarding is blank and useless
 * DNA-119835 Crash at opera::VibesServiceImpl::OnVibeInstalled
 * DNA-119846 Animated wallpapers doesn't work in Classic theme
 * DNA-119848 Add tests for addonsPrivate.cancelInstallation and isThemeInstallationPending
 * DNA-119863 Create a configuration for preinstalled theme
 * DNA-119924 Relaunch button resets the toggle instead of relaunching browser
 * DNA-119979 Crash at opera::VibesDataReaderImpl::
 LoadDefaultColorsForVibe
 * DNA-119983 DevTools reverts to Light Mode after restart
 * DNA-120018 Context menus not opening for some internal pages
 * DNA-120020 The light mode icon on the mixer page is nearly invisible
 * DNA-120210 Crash at base::internal::flat_tree::contains

 - Update to 115.0.5322.77
 * CHR-9896 Update Chromium on desktop-stable-130-5322 to 130.0.6723.137
 * DNA-119410 Crash at opera::WebPanelView::ClosePanel
 * DNA-119466 Unable to open easy setup page when color-theme flag is disabled
 * DNA-119955 [My Flow] downloading a file never ends

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected opera package.

See Also

https://www.suse.com/security/cve/CVE-2024-11395

http://www.nessus.org/u?a3776498

Plugin Details

Severity: High

ID: 214241

File Name: openSUSE-2025-0012-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 1/16/2025

Updated: 1/16/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-11395

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:15.6

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/15/2025

Vulnerability Publication Date: 11/19/2024

Reference Information

CVE: CVE-2024-11395