Security update for opera SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:0223-1 Final 1 1 2024-07-26T14:31:50Z current 2024-07-26T14:31:50Z 2024-07-26T14:31:50Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for opera This update for opera fixes the following issues: - Update to 112.0.5197.25 * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127 - The update to chromium 126.0.6478.127 fixes following issues: CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 - Update to 112.0.5197.24 * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62 * DNA-117001 Crash at base::internal::check_is_test_impl (base::NotFatalUntil) * DNA-117050 [Settings][Sync] Synchronization options aren't visible * DNA-117076 [Player] Background of the icons has changed and the Tidal icon is now missing * DNA-117109 Browser freezes when trying to remove a tab * DNA-117181 Translations for O112 * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers() * DNA-117295 Remove emoji names field in picker * DNA-117347 Start page is not rendered on first switch to workspace after its creation * DNA-117431 Promote 112 to stable - Complete Opera 112 changelog at: https://blogs.opera.com/desktop/changelog-for-112 - The update to chromium >= 126.0.6478.54 fixes following issues: CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833, CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837, CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841, CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845, CVE-2024-5846, CVE-2024-5847 - Update to 111.0.5168.55 * DNA-116749 Unnecessary icons in the advanced sync settings * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media unittests Update to 111.0.5168.43 * DNA-115228 Adblocker is blocking ads when turned off * DNA-116605 Crash at opera::BrowserContentsView:: NonClientHitTestPoint(gfx::Point const&) * DNA-116855 Cannot close tab island’s tab when popup was hovered * DNA-116885 Add chrome.cookies api permission to Rich Hints * DNA-116948 [Linux] Theme toggle in settings is not working Update to 111.0.5168.25 * CHR-9754 Update Chromium on desktop-stable-125-5168 to 125.0.6422.142 * DNA-116089 [Win/Lin] Fullscreen view has rounded corners * DNA-116208 The red dot on the Aria’s icon is misaligned * DNA-116693 X (twitter) logo is not available on opera:about page * DNA-116737 [Bookmarks] Bookmarks bar favicon have light theme color in new window * DNA-116769 Extension popup – pin icon is replaced * DNA-116850 Fix full package installer link * DNA-116852 Promote 111 to stable * DNA-116491 Site info popup is cut with dropdown opened * DNA-116661 [opera:settings] IPFS/IPNS Gateway box has the wrong design * DNA-116789 Translations for O111 * DNA-116813 [React emoji picker] Flag emojis are not load correctly * DNA-116893 Put 'Show emojis in tab tooltip' in Settings * DNA-116918 Translations for 'Show emojis in tab tooltip' - Complete Opera 111 changelog at: https://blogs.opera.com/desktop/changelog-for-111 - The update to chromium 125.0.6422.142 fixes following issues: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2024-223 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ E-Mail link for openSUSE-SU-2024:0223-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-5493/ SUSE CVE CVE-2024-5493 page https://www.suse.com/security/cve/CVE-2024-5494/ SUSE CVE CVE-2024-5494 page https://www.suse.com/security/cve/CVE-2024-5495/ SUSE CVE CVE-2024-5495 page https://www.suse.com/security/cve/CVE-2024-5496/ SUSE CVE CVE-2024-5496 page https://www.suse.com/security/cve/CVE-2024-5497/ SUSE CVE CVE-2024-5497 page https://www.suse.com/security/cve/CVE-2024-5498/ SUSE CVE CVE-2024-5498 page https://www.suse.com/security/cve/CVE-2024-5499/ SUSE CVE CVE-2024-5499 page https://www.suse.com/security/cve/CVE-2024-5830/ SUSE CVE CVE-2024-5830 page https://www.suse.com/security/cve/CVE-2024-5831/ SUSE CVE CVE-2024-5831 page https://www.suse.com/security/cve/CVE-2024-5832/ SUSE CVE CVE-2024-5832 page https://www.suse.com/security/cve/CVE-2024-5833/ SUSE CVE CVE-2024-5833 page https://www.suse.com/security/cve/CVE-2024-5834/ SUSE CVE CVE-2024-5834 page https://www.suse.com/security/cve/CVE-2024-5835/ SUSE CVE CVE-2024-5835 page https://www.suse.com/security/cve/CVE-2024-5836/ SUSE CVE CVE-2024-5836 page https://www.suse.com/security/cve/CVE-2024-5837/ SUSE CVE CVE-2024-5837 page https://www.suse.com/security/cve/CVE-2024-5838/ SUSE CVE CVE-2024-5838 page https://www.suse.com/security/cve/CVE-2024-5839/ SUSE CVE CVE-2024-5839 page https://www.suse.com/security/cve/CVE-2024-5840/ SUSE CVE CVE-2024-5840 page https://www.suse.com/security/cve/CVE-2024-5841/ SUSE CVE CVE-2024-5841 page https://www.suse.com/security/cve/CVE-2024-5842/ SUSE CVE CVE-2024-5842 page https://www.suse.com/security/cve/CVE-2024-5843/ SUSE CVE CVE-2024-5843 page https://www.suse.com/security/cve/CVE-2024-5844/ SUSE CVE CVE-2024-5844 page https://www.suse.com/security/cve/CVE-2024-5845/ SUSE CVE CVE-2024-5845 page https://www.suse.com/security/cve/CVE-2024-5846/ SUSE CVE CVE-2024-5846 page https://www.suse.com/security/cve/CVE-2024-5847/ SUSE CVE CVE-2024-5847 page https://www.suse.com/security/cve/CVE-2024-6290/ SUSE CVE CVE-2024-6290 page https://www.suse.com/security/cve/CVE-2024-6291/ SUSE CVE CVE-2024-6291 page https://www.suse.com/security/cve/CVE-2024-6292/ SUSE CVE CVE-2024-6292 page https://www.suse.com/security/cve/CVE-2024-6293/ SUSE CVE CVE-2024-6293 page openSUSE Leap 15.6 NonFree opera-112.0.5197.25-lp156.2.11.1 opera-112.0.5197.25-lp156.2.11.1 as a component of openSUSE Leap 15.6 NonFree Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5493 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5493.html CVE-2024-5493 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5494 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5494.html CVE-2024-5494 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5495 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5495.html CVE-2024-5495 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVE-2024-5496 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5496.html CVE-2024-5496 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5497 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5497.html CVE-2024-5497 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5498 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5498.html CVE-2024-5498 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVE-2024-5499 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5499.html CVE-2024-5499 https://bugzilla.suse.com/1225690 SUSE Bug 1225690 Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) CVE-2024-5830 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5830.html CVE-2024-5830 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5831 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5831.html CVE-2024-5831 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5832 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5832.html CVE-2024-5832 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) CVE-2024-5833 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5833.html CVE-2024-5833 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) CVE-2024-5834 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5834.html CVE-2024-5834 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-5835 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5835.html CVE-2024-5835 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High) CVE-2024-5836 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5836.html CVE-2024-5836 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) CVE-2024-5837 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5837.html CVE-2024-5837 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) CVE-2024-5838 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5838.html CVE-2024-5838 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2024-5839 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5839.html CVE-2024-5839 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) CVE-2024-5840 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5840.html CVE-2024-5840 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2024-5841 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5841.html CVE-2024-5841 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in Browser UI in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) CVE-2024-5842 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5842.html CVE-2024-5842 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity: Medium) CVE-2024-5843 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5843.html CVE-2024-5843 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) CVE-2024-5844 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5844.html CVE-2024-5844 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) CVE-2024-5845 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5845.html CVE-2024-5845 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) CVE-2024-5846 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5846.html CVE-2024-5846 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) CVE-2024-5847 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-5847.html CVE-2024-5847 https://bugzilla.suse.com/1226205 SUSE Bug 1226205 Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6290 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-6290.html CVE-2024-6290 https://bugzilla.suse.com/1226933 SUSE Bug 1226933 Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6291 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-6291.html CVE-2024-6291 https://bugzilla.suse.com/1226933 SUSE Bug 1226933 Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6292 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-6292.html CVE-2024-6292 https://bugzilla.suse.com/1226933 SUSE Bug 1226933 Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-6293 openSUSE Leap 15.6 NonFree:opera-112.0.5197.25-lp156.2.11.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVYUZCKNUHHW5G5BDWQLUBT3PJ65O7JM/ https://www.suse.com/security/cve/CVE-2024-6293.html CVE-2024-6293 https://bugzilla.suse.com/1226933 SUSE Bug 1226933