Security update for opera SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:0111-1 Final 1 1 2025-03-31T22:46:48Z current 2025-03-31T22:46:48Z 2025-03-31T22:46:48Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for opera This update for opera fixes the following issues: - Update to 117.0.5408.163 * DNA-120683 [Issue back] Sometimes onboarding is blank and useless * DNA-121682 Backport fix for CVE-2025-2783 to O132, O133, GX132 and Air132 - Changes in 117.0.5408.154 * DNA-121210 After enabling tab scrolling, the tab bar narrows on both the left and right sides * DNA-121560 Extension updates which requires manual confirmation do not work - Changes in 117.0.5408.142 * DNA-121314 Use the extra palette color to paint the frame * DNA-121321 Refactor ColorSet struct * DNA-121444 Crash at opera::VibesServiceImpl::VibesServiceImpl * DNA-121477 Add unit tests for ColorSet * DNA-121488 [ASAN] ColorSetTest.DefaultConstructor fails - Changes in 117.0.5408.93 * DNA-118548 After pressing Ctrl+F / Cmd+F on the Start Page (SP), the focus should be on the search bar * DNA-121183 Add 'transparent UI' parameter to Vibe logic * DNA-121184 Allow to specify extra palette for window background in Vibe logic * DNA-121232 Enable Slack, Discord and Bluesky flag on all streams * DNA-121237 Crash at opera::SidebarExpandViewEmbedder::Position * DNA-121322 [Opera Translate] [Redesign] Expired #translator flag * DNA-121385 Remove 'passkey' string - Update to 117.0.5408.53 * DNA-120848 Add 'x' button to close/dismiss translate popup * DNA-120849 Dismissing popup adds language to never translate from list * DNA-120951 Optimize MFSVE output handling * DNA-120972 Crash at TabDesktopMediaList::Refresh * CHR-9964 Update Chromium on desktop-stable-132-5408 to 132.0.6834.210 Changes in 117.0.5408.47 * CHR-9961 Update Chromium on desktop-stable-132-5408 to 132.0.6834.209 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2025-111 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SJEX6ZT5W5GYLZEQIA7L2J32HG4KGMAX/ E-Mail link for openSUSE-SU-2025:0111-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-2783/ SUSE CVE CVE-2025-2783 page openSUSE Leap 15.6 NonFree opera-117.0.5408.163-lp156.2.32.1 opera-117.0.5408.163-lp156.2.32.1 as a component of openSUSE Leap 15.6 NonFree Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) CVE-2025-2783 openSUSE Leap 15.6 NonFree:opera-117.0.5408.163-lp156.2.32.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SJEX6ZT5W5GYLZEQIA7L2J32HG4KGMAX/ https://www.suse.com/security/cve/CVE-2025-2783.html CVE-2025-2783 https://bugzilla.suse.com/1240084 SUSE Bug 1240084