Xtrabackup, Chromium, Python-Django, and more updates for SUSE Linux

SUSE 5495 Published 2025-07-28 07:25 by Philipp Esselbach

News

openSUSE-SU-2025:0270-1: moderate: Security update for xtrabackup

openSUSE Security Update: Security update for xtrabackup
_______________________________

Announcement ID: openSUSE-SU-2025:0270-1
Rating: moderate
References: #1244333 #1244383 #1244389
Cross-References: CVE-2025-5914 CVE-2025-5916 CVE-2025-5917

CVSS scores:
CVE-2025-5914 (SUSE): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
CVE-2025-5916 (SUSE): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2025-5917 (SUSE): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for xtrabackup fixes the following issues:

- CVE-2025-5916: Prevented signed integer overflow while reading warcfile
(boo#1244383).
- CVE-2025-5917: Fixed overflow in build_ustar_entry_name() (boo#1244333).
- CVE-2025-5914: Fixed double free due to an integer overflow
(boo#1244389).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-270=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

xtrabackup-2.4.26-bp157.2.3.1
xtrabackup-test-2.4.26-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-5914.html
https://www.suse.com/security/cve/CVE-2025-5916.html
https://www.suse.com/security/cve/CVE-2025-5917.html
https://bugzilla.suse.com/1244333
https://bugzilla.suse.com/1244383
https://bugzilla.suse.com/1244389

openSUSE-SU-2025:0210-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2025:0210-1
Rating: important
References:
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that contains security fixes can now be installed.

Description:

Chromium was updated to 137.0.7151.119 (stable release 2025-06-17)
(boo#1244711):

* CVE-2025-6191: Integer overflow in V8
* CVE-2025-6192: Use after free in Profiler

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-210=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 x86_64):

chromedriver-137.0.7151.119-bp157.2.12.1
chromium-137.0.7151.119-bp157.2.12.1

References:

openSUSE-SU-2025:0240-1: moderate: Security update for python-Django

openSUSE Security Update: Security update for python-Django
_______________________________

Announcement ID: openSUSE-SU-2025:0240-1
Rating: moderate
References: #1244095
Cross-References: CVE-2025-48432
CVSS scores:
CVE-2025-48432 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-Django fixes the following issues:

- Add additional hardening regarding CVE-2025-48432 (boo#1244095)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-240=1

Package List:

- openSUSE Backports SLE-15-SP6 (noarch):

python3-Django-2.2.28-bp156.15.1

References:

https://www.suse.com/security/cve/CVE-2025-48432.html
https://bugzilla.suse.com/1244095

openSUSE-SU-2025:0167-1: important: Security update for opera

openSUSE Security Update: Security update for opera
_______________________________

Announcement ID: openSUSE-SU-2025:0167-1
Rating: important
References:
Cross-References: CVE-2025-4664
Affected Products:
openSUSE Leap 15.6:NonFree
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for opera fixes the following issues:

Update to 119.0.5497.38:

* DNA-122123 [Clear browsing data on exit] Options remain checked if
previously selected after sync is enabled
* DNA-122275 Add tooltip to "On exit" part in settings
* DNA-122370 [O119 only] Remove DumpWithoutCrashing related to DNA-121917
* DNA-122377 In-house translations for on-exit tooltip
* DNA-122401 DumpWithoutCrashing at sql::(anonymous namespace)::
RecordOpenDatabaseFailureReason(const class std:: __Cr::basic_string&
const, sql::(anonymous namespace):: OpenDatabaseFailedReason)
* DNA-122411 Backport fix for CVE-2025-4664

Changes in 119.0.5497.28:

* DNA-122080 Crash when creating split screen from orphaned and pinned
tab

Update to 119.0.5497.29:

* DNA-121093 Possibility to remove the only/last classic theme
* DNA-121561 After reopening, easy setup doesn???t start from the top
* DNA-122080 Crash when creating split screen from orphaned and pinned
tab
* DNA-122287 [Clear browsing data on exit] Missing translations for
information tooltip
* DNA-122323 Promote 119 to stable
- Complete Opera 119 changelog at:
https://blogs.opera.com/desktop/changelog-for-119

Update to 118.0.5461.83:

* DNA-121994 Crash at base::ObserverList::RemoveObserver
* DNA-122012 Crash at opera::ComponentTabCyclerView:: HighlightContents
* DNA-122043 Converting different currencies into RUB, BYN, HRK, IDR
doesn't work
* DNA-122053 Text not visible when hovering over options in padlock popup

Update to 118.0.5461.60:

* DNA-121446 Crash at bookmarks::BookmarkModel::~BookmarkModel
* DNA-121567 Sometimes autocomplete in dropdown eats some letters
* DNA-121617 [Linux] No settings are displayed on the certificates page
* DNA-121790 Crash at signin::IdentityManager:: GetPrimaryAccountInfo
* DNA-121908 Installed extensions are located on the left side of the
page.
* DNA-121984 Not possible to change default cookie settings

Update to 118.0.5461.41:

* CHR-9973 Update Chromium on desktop-stable-133-5461 to 133.0.6943.143
* DNA-12079 won't activate the drop down menu buttons when clicked on
* DNA-115136 Extract common components and styles
* DNA-117250 Make split screen drop area flash on hover
* DNA-117684 Crash at opera::component_based::
SplitScreenViewDelegate::OnDragUpdated
* DNA-118000 Cache weather widget results
* DNA-118306 Wallpaper dissappears on Start Page when
opening DevTools
* DNA-118397 Crash at opera::component_based::ComponentTab
ContainerLayout::CalculateProposedLayout
* DNA-118548 After pressing Ctrl+F / Cmd+F on the Start Page (SP), the
focus should be on the search bar
* DNA-119313 Visual bug after creating split screen and destroying tab
island
* DNA-119620 Crash at opera::component_based::ComponentTabBar
::OnTabGroupClosed
* DNA-119724 Crash at TabStripModel::MoveWebContentsAt
* DNA-119767 [Video conferencing popup] Tab with
opera://video-conference-detached is unexpectedly restored after
browser restart when video conf popup is open
* DNA-119785 Icons are missing from opera://settings
* DNA-119875 Crash at TabGroupModel::GetTabGroup
* DNA-119881 [Web UI] Format TypeScript codebase and fix linting errors
* DNA-119882 [Styleguide] Format TypeScript resources and fix linting
errors
* DNA-119927 No spacing maintained between the text and popup's border
in opera://extensions
* DNA-119943 [Toolbar Miniplayer][Detached miniplayer] Toolbar and
detached miniplayer displayed at the same time
* DNA-119962 Icons are less visible on opera://settings in Themes section
* DNA-119975 [My Flow] Two entries are visible when sending a file
* DNA-120009 Remove expired feature base::
kFeatureComponentBasedContextMenu
* DNA-120191 [Dcheck] Crash at opera::vpnpro::VpnProUpdaterImpl
::GetComponentVersion
* DNA-120326 Crash at TabStripModel::AddToNewGroup
* DNA-120338 Show option to close tab in split screen on hover
* DNA-120345 Playwright tests failed on dcheck build
* DNA-120353 Enable noImplicitAny in TypeScript configuration
* DNA-120406 [Settings] Wrong UA translations for sidebar shortcuts
settings
* DNA-120431 Allow moving split screen tabs to another workspace as a
split screen
* DNA-120483 DevTools settings display Chrome UI
* DNA-120497 Encoding delay visible in WebRTC calls
* DNA-120503 Software H.264 encoder not available if hardware
acceleration is disabled completely
* DNA-120516 Optimise code adding, removing and updating Vibes
* DNA-120517 Do not use tab group in TabStripModel, maintain split group
view from SplitScreenModel
* DNA-120519 Implement session save / restore functionality for Split
Screen
* DNA-120523 [Toolbar miniplayer] When switching player services with
pinned player Option to pin player to toolbar is available
* DNA-120534 WebRtcH264BrowserTest.CanSetupH264VideoCall fail with
PlatformSoftwareH264EncoderInGpu enabled
* DNA-120542 [Toolbar Miniplayer] It is not possible to pin the
Miniplayer to the toolbar in private window.
* DNA-120547 [Toolbar miniplayer] Button to pin miniplayer to toolbar
does not match design in light mode
* DNA-120554 Add import bookmark from Arc browser
* DNA-120567 [Toolbar miniplayer] Add hover effect to buttons in toolbar
miniplayer
* DNA-120569 Crash at opera::BrowserWindowImpl:: AddWidgetToTracked
* DNA-120582 Bump major version to 118.0
* DNA-120585 "Error" button malfunction @ chrome://extensions errors page
* DNA-120588 Layout of extensions-section is broken
* DNA-120596 Discord icon is not visible in light mode
* DNA-120602 Crash at opera::WorkspacesTest:: VerifyNextTabCyclingOrder
* DNA-120610 Upgrade Midsommar from built-in to hosted theme
* DNA-120611 Upgrade Aurora from built-in to hosted theme
* DNA-120613 Crash when creating new tab from split screen with active
infobar
* DNA-120632 Crash at TabStripModel::IsTabPinned
* DNA-120637 Refreshing the page in discord logs out user
* DNA-120639 Remake Themes section in Easy setup React
* DNA-120640 Remake Start Page section in Easy setup in React
* DNA-120641 Remake AI Services section in Easy setup in React
* DNA-120642 Remake Layout section in Easy setup in React
* DNA-120648 Translations for Opera 117
* DNA-120649 Improve TypeScript tooling and code quality
* DNA-120655 [Toolbar miniplayer][Detached miniplayer] Miniplayer
remains visible after refreshing player panel
* DNA-120656 [Linux] Crash at opera::MainMenu::RunMenu
* DNA-120660 [Split screen] Content of active tab does not fit when
creating split screen via context menu
* DNA-120661 navigator.geolocation.getCurrentPosition() does not work in
extension popup
* DNA-120664 Multiple tests from parent: WebRtcH264BrowserTest fail on
goth.
* DNA-120666 WebRTC falls back from H.264 to VP8 on scaling attempt
* DNA-120669 Disable BackgroundResourceFetch
* DNA-120670 Workspaces mix up tabs and bookmarks are opened in the
wrong workspaces.
* DNA-120671 Crash at NavigationNotificationObserver::
TryFinalizeObserver
* DNA-120672 Crash at views::BubbleDialogDelegate::SetAnchorView
* DNA-120673 [Bookmarks] Open folder icon not visible in
opera://bookmarks in dark mode
* DNA-120677 Setup React-based internal page for Easy Files
* DNA-120678 extensions-section should stick to left
* DNA-120679 Create empty web-based popup for Easy Files
* DNA-120681 Create web API for retrieving Easy Files items and metadata
* DNA-120682 Create initial layout of Easy Files popup
* DNA-120683 [Issue back] Sometimes onboarding is blank and useless
* DNA-120684 Implement selecting one file
* DNA-120685 Implement canceling the popup
* DNA-120687 Implement opening system file chooser
* DNA-120688 Allow selecting multiple files
* DNA-120689 Implement selecting an image
* DNA-120691 Wrong space between mini player and sidebar
* DNA-120695 Remove initial_background_color from WebContents::
CreateParams
* DNA-120699 Crash at PrefService::SetUserPrefValue
* DNA-120718 [RateMe] Typo in Ukrainian translation of negative feedback
popup
* DNA-120720 Crash at opera::component_based::
SplitScreenPageView::GetDropAreaBoundsInScreen
* DNA-120721 Crash at opera::VideoConferencePopoutService::
OnDataAvailable
* DNA-120725 Parent menu's item is invisible when expanded
* DNA-120739 [Task manager] Red background in Opera Task manager
* DNA-120755 Rename Web UI dependencies base directory
* DNA-120756 Crash at opera::SidebarExpandViewEmbedder:: OnResized
* DNA-120760 Add possibility to hide device on synced tabs page
* DNA-120770 Update Web UI dependencies
* DNA-120791 Import from GX is not available
* DNA-120796 Can not select checkbox dont-show-again on Start Page in
Private Window
* DNA-120802 Implement disconnector on hovering of Split Screen tabs
* DNA-120803 Do not show disconnector on inactive Split Screen tabs
below minimum width
* DNA-120805 Move overlay widget out from FileSelectListenerProxy
* DNA-120814 Create public feature flag #split-screen-disconnector
* DNA-120815 Create feature flag #split-screen-toolbar
* DNA-120816 Test profiles Main and High with
#platform-software-h264-encoder-in-gpu
* DNA-120818 Crash when creating split screen by drag&drop with active
infobar
* DNA-120819 Miniplayer disappears on desktop when reopening the player
from sidebar
* DNA-120820 The Google icon in the search box is pixelated
* DNA-120823 Snippets are not handled properly
* DNA-120847 Enable BackgroundLoader
* DNA-120848 Add ???x' button to close/dismiss translate popup
* DNA-120849 Dismissing popup adds language to never translate from list
* DNA-120860 [Web UI] Format CSS codebase and fix linting errors
* DNA-120861 Tweak Stylelint rules for CSS files
* DNA-120865 [Easy Files] Popup and overlay not adjusting to the page
which requested the popup
* DNA-120867 [Easy files] Overlay corners are not rounded
* DNA-120873 Set two strings as translatable=false
* DNA-120881 Update uninstall survey looks (first screen)
* DNA-120882 Submit new uninstall survey values
* DNA-120883 Create "What features cause you trouble?" survey step
* DNA-120884 Create "Please tell us more about your reasons for
uninstall" screen
* DNA-120887 Update Discord icon
* DNA-120889 The color picker cannot be selected and cannot be used to
pick a custom color in Google applications.
* DNA-120898 Split screen group lost after switching workspace and back
* DNA-120921 "This tab was snoozed to save memory" appears for no reason
* DNA-120926 [Start Page] Remove legacy Start Page resources
* DNA-120944 Crash when dragging tab to tab island with split screen
inside
* DNA-120945 [Speed Dials] SDs background color issue when changing
themes
* DNA-120969 Crash at opera::continue_on::shopping::
ContinueShoppingBrowserTestBase::WaitUntilOffersAvailable
* DNA-120971 WebUI is shown when no Easy Files items available
* DNA-120972 Crash at TabDesktopMediaList::Refresh
* DNA-120973 Use generated types for API
* DNA-120975 Make opera://easy-files in tab work for development
* DNA-120977 Turn on flag #split-screen-disconnector
on developer
* DNA-120978 Crash at opera::BrowserWindowImpl:: GetWebViewBoundsInScreen
* DNA-120982 Increase size of the miniplayer
* DNA-120983 Add progress bar to Miniplayer
* DNA-120984 Replace ??????' button with ???pin to toolbar' button
* DNA-120985 Add blur to Miniplayer background (album cover)
* DNA-120987 Do not show album cover on the toolbar miniplayer
* DNA-120988 Show artist and track name in miniplayer on the toolbar
when not hovered
* DNA-121002 Add possibility to use mediapipe::TextEmbedder
* DNA-121017 Update TypeScript to version 5.7.3
* DNA-121021 The Easy Files popup gets hidden beneath the
overlay after the Snapshot window in the sidebar app is closed
or hidden
* DNA-121025 Ensure type safety for API listener calls
* DNA-121026 Disallow implicit "any" type in Sidebar setup files
* DNA-121027 Background color of the Easy Files popup does not match the
mockup
* DNA-121028 The wallpaper section should be hidden when the shader
theme is set
* DNA-121029 Remake Lucid Mode section in Easy setup in React
* DNA-121030 Images appear in a small square in tiles, not filling the
entire tile
* DNA-121031 The Easy Files popup doesn't fill its entire width with
tiles
* DNA-121032 The "Show all files" label should be in a different color
and centered
* DNA-121033 File path is displayed instead of the file name on the Easy
Files popup
* DNA-121035 For the sidebar, the tiles are currently displayed in just
1 row
* DNA-121036 Rate the feature popup appears in the wrong place, and
closes the Easy Files popup
* DNA-121046 Display small thumbnail of the cover photo on the left
* DNA-121049 Discord icon has additional ???shadow'
* DNA-121053 If the file is too large in width or height, it becomes
distorted in the tile
* DNA-121055 Button displaying the number of items selected has the
wrong background color
* DNA-121057 Create API definition generation script
* DNA-121059 [Web Codecs] Software H.264 encoding broken if hardware
encoding not available
* DNA-121060 Crash at extensions::TabsRemoveFunction::RemoveTab
* DNA-121061 Add emdd_main, emdd_main_ver column to history urls table
* DNA-121070 CLONE ??? Update uninstall survey looks (first screen)
* DNA-121094 Missing a frame around Easy setup window
* DNA-121097 Crash at opera::easy_files::EasyFilesView:: SelectFiles
* DNA-121122 Easy Files is not hidden/closed when lost focus with
feeback popup visible
* DNA-121123 Easy files is not closed when the user closes the snapshot
window
* DNA-121124 Release Metamorphic and Interstellar on beta/stable stream
* DNA-121131 After closing the page by pressing the home button, the
address remains in the address bar
* DNA-121133 Crash at opera::VibesServiceImpl::OnVibeUpdated
* DNA-121134 Enable #easier-files on developer stream
* DNA-121135 When the slide transitions, the slide is not fully
keyboard-navigable and requires mouse interaction to enable keyboard
support.
* DNA-121146 Unify handling global variables
* DNA-121148 The maximum spacing between tiles should be 32px
* DNA-121149 Enable opera_feature_pre_install_extension_with_
additional_config
* DNA-121161 Disallow explicit "any" type in Styleguide
* DNA-121167 Show uninstall answers in random order
* DNA-121183 Add ???transparent UI' parameter to Vibe logic
* DNA-121184 Allow to specify extra palette for window background in
Vibe logic
* DNA-121191 Split screen is not closed after browser restart
* DNA-121193 Re-layout section header and tiles
* DNA-121194 Refactor importing sidebar_setup dependencies
* DNA-121195 Adjust some fonts on internal pages
* DNA-121201 Convert Add Button into a Tile
* DNA-121207 FedEx tracking fails to retrieve shipment information
* DNA-121210 After enabling tab scrolling, the tab bar narrows
on both the left and right sides
* DNA-121211 MediaFoundationSoftwareVideoEncoder cannot be used with
854??480 frames
* DNA-121215 Crash on exit when there is a split screen
* DNA-121220 The shading beneath the tile in the popup needs to be more
intense to improve visibility
* DNA-121224 Incorrect spacing between the popup and the sidebar
* DNA-121227 Change order of themes in theme gallery
* DNA-121230 Update TypeScript configuration
* DNA-121232 Enable Slack, Discord and Bluesky flag on all streams
* DNA-121236 Crash at opera::easy_files::EasyFilesUIController::
OnClipboardItemReady
* DNA-121237 Crash at opera::SidebarExpandViewEmbedder::Position
* DNA-121238 Crash at opera::WebPageSidebarItemContentBase::
VisibilityChanged
* DNA-121256 Update tests for fonts and colors after DNA-121195
* DNA-121260 Disable background music during Google Meet call
* DNA-121268 Enable new uninstall survey on Developer stream
* DNA-121286 Enable #split-screen-close-tab on all streams
* DNA-121287 Enable #split-screen-disconnector on all streams
* DNA-121288 Enable #easier-files on all streams
* DNA-121290 Enable #miniplayer-redesign-2 on developer stream
* DNA-121314 Use the extra palette color to paint the frame
* DNA-121318 The artist and track name in the miniplayer on the toolbar
are cut off.
* DNA-121319 The track artist and track name in the miniplayer
on the toolbar is not visible.
* DNA-121320 When the miniplayer in the toolbar is hovered over, the
miniplayer buttons (previous, play, stop, next) are not visible in
light mode.
* DNA-121321 Refactor ColorSet struct
* DNA-121322 [Opera Translate] [Redesign] Expired #translator flag
* DNA-121323 Only icon is visible when dragging Speed Dials
* DNA-121328 operaaccount reacts tests not run on buildbot
* DNA-121330 React operaaccount tests fail
* DNA-121332 Skip react tests on buildbot
* DNA-121333 Reenable react tests on buildbot
* DNA-121336 opera://crashes cannot be reached
* DNA-121338 Translations for Opera 118
* DNA-121340 Blank video track produced on MediaRecorder sample site
with software H.264 enoder
* DNA-121353 Promote 118.0 to beta
* DNA-121355 [Win|Lin] Lack of close button in detached mini-player
* DNA-121378 The Miniplayer's background in the toolbar is wrong.
* DNA-121385 Remove "passkey" string
* DNA-121392 translator flag expired in 116.0
* DNA-121409 Crash in media::CdmAdapter::GetInterfaceVersion()
* DNA-121413 [Toolbar miniplayer] Control buttons are not visible in
private window
* DNA-121414 The mouse cursor should take the form of a ???hand' cursor,
also indicating the pin to toolbar icon despite the text ???pin to the
toolbar'
* DNA-121433 Extend operaBrowserPrivate to expose consent_flow.
option.usage_personalized_content
* DNA-121444 Crash at opera::VibesServiceImpl::VibesServiceImpl
* DNA-121447 Playwright tests fail on debug builds
* DNA-121456 Add to Opera modal does not fit on the screen
* DNA-121459 The font is too large and the artist's name has wrong color
* DNA-121460 The Miniplayer buttons (play, stop, next, previous) are too
small
* DNA-121462 The progress bar in Miniplayer is too thick
* DNA-121470 [Toolbar miniplayer] Album cover not displayed in new
browser window
* DNA-121474 [Toolbar miniplayer] Song title and artist font does not
match the design
* DNA-121477 Add unit tests for ColorSet
* DNA-121479 [Toolbar Miniplayer] Toolbar miniplayer does not move
smoothly when expanding/collapsing extensions section
* DNA-121484 [Toolbar miniplayer] Cover art have too rounded corner
* DNA-121499 Feedback icon not visible on start page
* DNA-121560 Extension updates which requires manual confirmation do not
work
* DNA-121566 Text in player toolbar shouldn't rotate
* DNA-121578 Use product instead of flavor in desktop/infra_build.py
* DNA-121582 Crash at extensions::TabsQueryFunction::Run
* DNA-121620 Incorrect toggle button background color
* DNA-121725 Add menu to Easy Files to give feedback or turn
off feature
* DNA-121769 The Miniplayer popup has overly sharp corners
* DNA-121792 [Easy files] Three-dot menu button should be vertical
* DNA-121817 [Toolbar miniplayer] Gap between address bar and miniplayer
is too small
* DNA-121818 [Toolbar miniplayer] Hover effect on buttons should be the
same as hover effect on address bar icons
* DNA-121819 Uninstaller ??? change default button
* DNA-121820 Remove additional confirmation popup when uninstalling
* DNA-121833 Promote 118 to stable
* DNA-121836 Create separate section for Easy Files settings
* DNA-121850 Enable #miniplayer-in-toolbar on all streams
* DNA-121851 Enable #miniplayer-redesign-2 on all streams
* DNA-121866 Inhouse translations for text in Easy Files context menu
* DNA-121881 Crash at tabs::UnpinnedTabCollection::AddTabRecursive
* DNA-121891 kEnableAdblockerTrackers switch doesnt work

Complete Opera 118 changelog at:
https://blogs.opera.com/desktop/changelog-for-118

Update to 117.0.5408.197:

* DNA-120637 Refreshing the page in discord logs out user

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.6:NonFree:

zypper in -t patch openSUSE-2025-167=1

Package List:

- openSUSE Leap 15.6:NonFree (x86_64):

opera-119.0.5497.38-lp156.2.35.1

References:

https://www.suse.com/security/cve/CVE-2025-4664.html

openSUSE-SU-2025:0250-1: important: Security update for pdns-recursor

openSUSE Security Update: Security update for pdns-recursor
_______________________________

Announcement ID: openSUSE-SU-2025:0250-1
Rating: important
References: #1231292
Cross-References: CVE-2024-25590
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for pdns-recursor fixes the following issues:

- update to 5.1.3:
* Implement rfc6303 special zones (mostly v6 reverse mappings)
* Distinguish OS imposed limits from app imposed limits, specifically on
chains.

- update to 5.1.2 (boo#1231292 CVE-2024-25590)
https://doc.powerdns.com/recursor/changelog/5.1.html#change-5.1.2

- update to 5.1.1
https://doc.powerdns.com/recursor/changelog/5.1.html#change-5.1.1
https://doc.powerdns.com/recursor/changelog/5.0.html#change-5.0.8

- update to 5.0.5:
* Do not count RRSIGs using unsupported algorithms toward RRSIGs limit
* Correctly count NSEC3s considered when chasing the closest encloser.
* Let NetmaskGroup parse dont-throttle-netmasks, allowing negations.
* Fix types of two YAML settings (incoming.edns_padding_from,
incoming.proxy_protocol_from) that should be sequences of subnets
* Fix trace=fail regression and add regression test for it

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-250=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64):

pdns-recursor-5.1.3-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2024-25590.html
https://bugzilla.suse.com/1231292

openSUSE-SU-2025:0204-1: Security update for atop

openSUSE Security Update: Security update for atop
_______________________________

Announcement ID: openSUSE-SU-2025:0204-1
Rating: low
References: #1240393
Cross-References: CVE-2025-31160
Affected Products:
openSUSE Backports SLE-15-SP6
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for atop fixes the following issues:

- Update to 2.11.1:
* Atop will not connect to the TCP port of 'atopgpud' daemon any more by
default. The flag -k can be used explicitly when 'atopgpud' is active.
Also the code to parse the received strings is improved to avoid
future issues with heap corruption.
* The flag -K has been implemented to connect to netatop/netatop-bpf.
* Fix CVE-2025-31160 (boo#1240393)

- Update to 2.11.0:
* Cgroups (version 2) support. Show the hierarchical structure of
cgroups and the related metrics with key/option 'G', and define the
cgroup depth with the keys/options 2 till 7. Key/option 8 also shows
the processes per cgroup level, except the kernel processes in the
root cgroup. Key/option 9 shows the related processes per cgroup level
including the kernel processes in the root cgroup. With key/option 'C'
the output is sorted on CPU consumption (default), with key/option 'M'
on memory consumption, and with key/option 'D' (requires root
privileges) on disk utilization. Note: The collection of cgroup
information per process is not supported any more.
* Twin mode: live measurement with review option. In twin mode atop
spawns into a lower level process that gathers the counters and writes
them to a temporary raw file, and an upper level process that reads
the counters from the temporary raw file and presents them to the
user. The reading of the upper level process keeps in pace with the
written samples
of the lower level process for live measurements. However, when
pressing the 'r' (reset to measurement begin), the 'b' (branch to
time stamp),
or the 'T' (previous sample), the upper level process implicitly
pauses with the possibility to review previous samples. The 'z'
(explicit pause) can also be used to pause the live measurement. When
pressing the 'z' again (continue after pause) viewing of the live
measurement will be continued.
* Various corrections related to JSON output.
* Improved gathering of current CPU frequency.
* Support more than 500 CPUs.
* The format of the raw file is incompatible with previous versions. Raw
files from previous versions can be converted to the new layout with
the atopconvert command.

- Update to 2.10.0:
* Additional memory statistics on system level: amount of available
memory, amount of memory used for Transparant Huge Pages, amount
of memory used by two categories of static huge pages (usually 2MiB
and 1GiB), and the number of pages transferred to/from zswap.
* Additional counters for the number of idle threads on system level and
process level.
* Refined view of memory bar graph, including free static huge pages.
* Generic way to determine the container id or pod name for
containerized processes.
* Support for a BPF-based alternative[1] for the netatop kernel module
to gather network statistics per process/thread.
* Use the -z flag followed by a regex to prepend matching environment
variables to the full command line that is shown per process (with key
'c').
* Various bugfixes (like memory leak when switching to bar graph mode)
and minor improvements.
* Bugfix: failing malloc while starting atopsar (unprivileged) for a
live measurement.
* The program atophide can be used to make an extraction from an input
raw log to an output raw log, optionally specifying a begin time
and/or an end time. The output raw log can be anonymized, i.e. the
hostname will be replaced, command names of non-standard commands will
be replaced, all command arguments will be wiped, logical volume names
will be replaced and NFS mounted volume names will be replaced.
* The format of the raw file is incompatible with previous versions. Raw
files from previous versions can be converted to the new layout with
the atopconvert command.

- Update to 2.9.0:
* Avoid compiler warning by limiting PSI average
* Install cleanup function to avoid termination of parent process
* add man for PAG steal
* Oomkills event should not remain orange after boot values
* Clarified atop man page
* Closing bracket missing in synopsis
* Add highlight concerning bar graph mode
* Introduce bar graph mode Besides all detailed information that is
supplied by atop on system and process level, a (character-based) bar
graph can be shown about the utilization of the most critical system
resources
* Freeing ethlink should depend of ifdef
* Added reset to indicate shadow file to be closed
* fix atopacctd.c: failed to start atopacct.service
* acctatop: reacquire acctfd to collect nprocexit for some bad cases
* Calibrate nprocexit to avoid atop coredumps unexpectedly
* json.c: fix avque counters output
* Resolve compiler warnings from latest versions of GCC
* Added versdate.h to make clean target
* Revert "Added versdate.h to make clean target"
* Added versdate.h to make clean target
* fix calculation for scan and steal
* only call str.decode if nvml returned bytes
* Add exit epoch to parseable output PRG (solves issue #242)
* Minor correction in man page for NVCSW/NIVCSW
* Context switches (voluntary and involuntary) on process level incorrect
* Various modifications releated to (non)voluntary context switches
* Add nvcsw and nivcsw for each process
* ifprop.c: Fix possible memory leak
* Code cleanup and prototype additions
* Consistency check on number of threads (solves issue #232)
* atop-rotate.service: use restart instead of try-restart
* Add link to atophttpd

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-204=1

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-204=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

atop-2.11.1-bp157.2.3.1
atop-daemon-2.11.1-bp157.2.3.1
atop-daemon-debuginfo-2.11.1-bp157.2.3.1
atop-debuginfo-2.11.1-bp157.2.3.1
atop-debugsource-2.11.1-bp157.2.3.1

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

atop-2.11.1-bp156.3.3.1
atop-daemon-2.11.1-bp156.3.3.1

References:

https://www.suse.com/security/cve/CVE-2025-31160.html
https://bugzilla.suse.com/1240393

openSUSE-SU-2025:0179-1: important: Security update for varnish

openSUSE Security Update: Security update for varnish
_______________________________

Announcement ID: openSUSE-SU-2025:0179-1
Rating: important
References: #1216123 #1221942 #1239892
Cross-References: CVE-2013-4484 CVE-2023-44487 CVE-2024-30156
CVE-2025-30346
CVSS scores:
CVE-2023-44487 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes four vulnerabilities is now available.

Description:

This update for varnish fixes the following issues:

- Update to release 7.7.1
* VSV-16: Resolve request smuggling attack

- Update to release 7.7.0
* The `linux` jail gained control of transparent huge pages settings.
* An issue has been fixed which could cause a crash when varnishd
receives an invalid Content-Range header from a backend.
* Timestamping for HTTP/2 requests (when idle period begins) has been
switched to be more in line with HTTP/1.
* VSV-15: The client connection is now always closed when a malformed
request is received. [CVE-2025-30346, boo#1239892]

- Update to release 7.6.0
* The Varnish Delivery Processor (VDP) filter API has been generalized
to also accommodate future use for backend request bodies.
* VDPs with no vdp_bytes_f function are now supported if the vdp_init_f
returns a value greater than zero to signify that the filter is not to
be added to the chain. This is useful to support VDPs which only need
to work on headers.
* The epoll and kqueue waiters have been improved to correctly report
WAITER_REMCLOSE, which increases the WAITER.*.remclose counter.
* varnishtest now supports the shutdown command corresponding to the
shutdown(2) standard C library call.
* VSC counters for waiters have been added:
* conns to count waits on idle connections
* remclose to count idle connections closed by the peer
* timeout to count idle connections which timed out in the waiter
* action to count idle connections which resulted in a read
* The port of a listen_endpoint given with the -a argument to varnishd
can now also be a numerical port range like "80-89".
* The warning "mlock() of VSM failed" message is now emitted when
locking of shared memory segments (via mlock(2)) fails.
* A bug has been fixed where string comparisons in VCL could fail with
the nonsensical error message "Comparison of different types: STRING
'==' STRING".
* An issue has been addressed in the builtin.vcl where backend responses
would fail if they contained a Content-Range header when no range was
requested.
* Additional SessError VSL events are now generated for various HTTP/2
protocol errors.
* A new Linux jail has been added which is now the default on Linux. For
now, it is almost identical to the Unix jail with one addition:
* When the new Linux jail is used, the working directory not mounted on
tmpfs partition.
* A race condition with VCL temperature transitions has been addressed.
* Internal management of probes has been reworked to address race
conditions.
* Backend tasks can now be instructed to queue if the backend has
reached its max_connections.
* The size of the buffer to hold panic messages is now tunable through
the new panic_buffer parameter.
* The Varnish Shared Memory (VSM) and Varnish Shared Counters (VSC)
consumer implementation in libvarnishapi have been improved for
stability and performance.
* An issue has been fixed where Varnish Shared Log (VSL) queries (for
example using ``varnishlog -q``) with numerical values would fail in
unexpected ways due to truncation.
* The ``ObjWaitExtend()`` Object API function gained a statep argument
to optionally return the busy object state consistent with the current
extension. A NULL value may be passed if the caller does not require
it.
* For backends using the ``.via`` attribute to connect through a proxy,
the connect_timeout, ``first_byte_timeout`` and
``between_bytes_timeout`` attributes are now inherited from proxy
unless explicitly given.
* varnishd now creates a worker_tmpdir which can be used by VMODs for
temporary files. The VMOD developer documentation has details.
* The environment variable VARNISH_DEFAULT_N now provides the default
"varnish name" / "workdir" as otherwise specified by the ``-n``
argument to varnishd and varnish* utilities except varnishtest.
* A glitch with TTL comparisons has been fixed which could, for example,
lead to unexpected behavior with purge.soft().

- Update to release 7.5.0
* Resolved CVE-2023-44487, CVE-2024-30156 [boo#1221942]
* The default value of cli_limit has been increased from 48KB to 64KB.
* A new ``pipe_task_deadline`` directive specifies the maximum duration
of a pipe transaction.
* All the timeout parameters that can be disabled accept the "never"
value.
* Added parameters to control the HTTP/2 Rapid Reset attach.

- update to 7.4.2 (boo#1216123, CVE-2023-44487):
* The ``vcl_req_reset`` feature (controllable through the ``feature``
parameter, see `varnishd(1)`) has been added and enabled by default to
terminate client side VCL processing early when the client is gone.
*req_reset* events trigger a VCL failure and are reported to `vsl(7)`
as ``Timestamp: Reset`` and accounted to ``main.req_reset`` in `vsc`
as visible through ``varnishstat(1)``. In particular, this feature is
used to reduce resource consumption
of HTTP/2 "rapid reset" attacks (see below). Note that *req_reset*
events may lead to client tasks for which no VCL is called ever.
Presumably, this is thus the first time that valid `vcl(7)` client
transactions may not contain any ``VCL_call`` records.
* Added mitigation options and visibility for HTTP/2 "rapid reset"
attacks Global rate limit controls have been added as parameters,
which can be overridden per HTTP/2 session from VCL using the new vmod
``h2``:
* The ``h2_rapid_reset`` parameter and ``h2.rapid_reset()`` function
define a threshold duration for an ``RST_STREAM`` to be classified
as "rapid": If an ``RST_STREAM`` frame is parsed sooner than this
duration after a ``HEADERS`` frame, it is accounted against the rate
limit described below.
* The ``h2_rapid_reset_limit`` parameter and
``h2.rapid_reset_limit()`` function define how many "rapid" resets
may be received during the time span defined by the
``h2_rapid_reset_period`` parameter / ``h2.rapid_reset_period()``
function before the HTTP/2 connection is forcibly closed with a
``GOAWAY`` and all ongoing VCL client tasks of the connection are
aborted. The defaults are 100 and 60 seconds, corresponding to an
allowance
of 100 "rapid" resets per minute.
* The ``h2.rapid_reset_budget()`` function can be used to query the
number of currently allowed "rapid" resets.
* Sessions closed due to rapid reset rate limiting are reported as
``SessClose RAPID_RESET`` in `vsl(7)` and accounted to
``main.sc_rapid_reset`` in `vsc` as visible through
``varnishstat(1)``.
* The ``cli_limit`` parameter default has been increased from 48KB to
64KB.
* ``VSUB_closefrom()`` now falls back to the base implementation not
only if ``close_range()`` was determined to be unusable at compile
time, but also at run time. That is to say, even if ``close_range()``
is compiled in, the fallback to the naive implementation remains.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-179=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

libvarnishapi3-7.7.1-bp156.2.3.1
varnish-7.7.1-bp156.2.3.1
varnish-devel-7.7.1-bp156.2.3.1

References:

https://www.suse.com/security/cve/CVE-2013-4484.html
https://www.suse.com/security/cve/CVE-2023-44487.html
https://www.suse.com/security/cve/CVE-2024-30156.html
https://www.suse.com/security/cve/CVE-2025-30346.html
https://bugzilla.suse.com/1216123
https://bugzilla.suse.com/1221942
https://bugzilla.suse.com/1239892

openSUSE-SU-2025:0160-1: moderate: Security update for afterburn

openSUSE Security Update: Security update for afterburn
_______________________________

Announcement ID: openSUSE-SU-2025:0160-1
Rating: moderate
References:
Cross-References: CVE-2025-3416
CVSS scores:
CVE-2025-3416 (SUSE): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for afterburn fixes the following issues:

- Update to version 5.8.2:
* cargo: Afterburn release 5.8.2
* docs/release-notes: update for release 5.8.2
* cargo: update dependencies
* cargo: Afterburn release 5.8.1
* cargo: Afterburn release 5.8.0
* docs/release-notes: update for release 5.8.0
* cargo: update dependencies
* packit: add initial support

- Update to version 5.7.0.git103.bae893c:
* Sync repo templates
* build(deps): bump crossbeam-channel from 0.5.13 to 0.5.15
* build(deps): bump tokio from 1.40.0 to 1.44.2
* build(deps): bump openssl from 0.10.71 to 0.10.72 fixes
RUSTSEC-2025-0022 AKA CVE-2025-3416
* build(deps): bump zbus from 4.4.0 to 5.5.0
* mod.rs: Fix clippy lint errors
* release-notes.md: add release notes for rust version update
* Cargo.toml: bump MSRV to 1.84.1
* Fix clippy lint issues
* Sync repo templates
* build(deps): bump mockito from 1.6.1 to 1.7.0
* build(deps): bump serde_json from 1.0.139 to 1.0.140
* build(deps): bump tempfile from 3.17.1 to 3.19.1
* build(deps): bump clap from 4.5.31 to 4.5.35
* build(deps): bump reqwest from 0.12.12 to 0.12.15
* Update release notes.
* proxmoxve: Add more context to log messages.
* proxmoxve: Remove unneeded fields
* proxmoxve: Add tests for static network configuration from cloud-init.
* proxmoxve: Add support for static network configuration from
cloud-init.
* build(deps): bump mailparse from 0.15.0 to 0.16.1
* Sync repo templates
* build(deps): bump ring from 0.17.8 to 0.17.13
* build(deps): bump anyhow from 1.0.95 to 1.0.96
* release notes: add notes for tempfile bump from 3.16.0 to 3.17.1
* build(deps): bump serde from 1.0.217 to 1.0.218
* build(deps): bump openssl from 0.10.70 to 0.10.71
* build(deps): bump tempfile from 3.16.0 to 3.17.1
* build(deps): bump serde_json from 1.0.138 to 1.0.139
* build(deps): bump clap from 4.5.27 to 4.5.31
* add makefile targets for fmt,lint and test
* providers/openstack: ignore ec2 metadata if not present
* build(deps): bump openssl from 0.10.66 to 0.10.70
* build(deps): bump serde_json from 1.0.137 to 1.0.138
* build(deps): bump tempfile from 3.14.0 to 3.16.0
* build(deps): bump openssl from 0.10.66 to 0.10.69
* build(deps): bump ipnetwork from 0.20.0 to 0.21.1
* build(deps): bump serde from 1.0.215 to 1.0.217
* build(deps): bump serde_json from 1.0.133 to 1.0.137
* build(deps): bump anyhow from 1.0.93 to 1.0.95
* build(deps): bump clap from 4.5.21 to 4.5.27
* build(deps): bump reqwest from 0.12.7 to 0.12.12
* Sync repo templates
* build(deps): bump mockito from 1.5.0 to 1.6.1
* build(deps): bump serde_json from 1.0.128 to 1.0.133
* build(deps): bump clap from 4.5.17 to 4.5.21
* build(deps): bump tempfile from 3.12.0 to 3.14.0
* build(deps): bump anyhow from 1.0.89 to 1.0.93
* build(deps): bump serde from 1.0.210 to 1.0.215
* docs: add changelog entry
* proxmox: use noop provider if no configdrive
* add noop provider
* release-notes: remove "upcoming"

- Update to version 5.7.0:
* cargo: Afterburn release 5.7.0
* docs/release-notes: update for release 5.7.0
* cargo: update dependencies
* dhcp: replace dbus_proxy with proxy, and zbus traits
* build(deps): bump zbus from 3.15.2 to 4.4.0
* build(deps): bump tempfile from 3.10.1 to 3.12.0
* build(deps): bump serde from 1.0.205 to 1.0.210
* build(deps): bump serde_json from 1.0.121 to 1.0.127
* build(deps): bump reqwest from 0.12.5 to 0.12.7
* build(deps): bump uzers from 0.12.0 to 0.12.1
* build(deps): bump clap from 4.5.13 to 4.5.16
* build(deps): bump serde from 1.0.203 to 1.0.205
* build(deps): bump serde_json from 1.0.119 to 1.0.121
* build(deps): bump mockito from 1.4.0 to 1.5.0
* build(deps): bump openssh-keys from 0.6.3 to 0.6.4
* build(deps): bump clap from 4.5.8 to 4.5.13
* build(deps): bump openssl from 0.10.64 to 0.10.66
* providers/hetzner: private ipv4 addresses in attributes
* openstack: Document the two platforms
* build(deps): bump zerovec-derive from 0.10.2 to 0.10.3
* build(deps): bump zerovec from 0.10.2 to 0.10.4
* build(deps): bump nix from 0.27.1 to 0.29.0
* build(deps): bump clap from 4.5.7 to 4.5.8
* build(deps): bump serde_json from 1.0.117 to 1.0.119
* microsoft/azure: allow empty certificate chain in PKCS12 file
* proxmoxve: implement proxmoxve provider
* providers/hetzner: fix duplicate attribute prefix
* build(deps): bump pnet_base from 0.34.0 to 0.35.0
* cargo: Afterburn release 5.6.0
* docs/release-notes: update for release 5.6.0
* cargo: update dependencies
* build(deps): bump libflate from 1.4.0 to 2.1.0
* build(deps): bump base64 from 0.21.7 to 0.22.1
* build(deps): bump uzers from 0.11.3 to 0.12.0
* build(deps): bump pnet_datalink from 0.34.0 to 0.35.0
* build(deps): bump nix from 0.28.0 to 0.29.0
* lint: silence deadcode warnings
* lint: address latest lint's from msrv update
* workflows/rust: directly update toolchain to 1.75.0
* cargo: update msrv to 1.75
* Sync repo templates
* build(deps): bump reqwest from 0.12.2 to 0.12.4
* build(deps): bump serde from 1.0.197 to 1.0.200
* build(deps): bump anyhow from 1.0.81 to 1.0.82
* build(deps): bump mailparse from 0.14.1 to 0.15.0
* build(deps): bump serde_json from 1.0.115 to 1.0.116
* Sync repo templates
* providers: Add "akamai" provider
* build(deps): bump h2 from 0.3.24 to 0.3.26
* build(deps): bump anyhow from 1.0.79 to 1.0.81
* build(deps): bump serde_json from 1.0.113 to 1.0.115
* build(deps): bump reqwest from 0.11.24 to 0.12.2
* build(deps): bump serde_yaml from 0.9.32 to 0.9.34+deprecated
* build(deps): bump mio from 0.8.10 to 0.8.11
* build(deps): bump mailparse from 0.14.0 to 0.14.1
* build(deps): bump openssl from 0.10.62 to 0.10.64
* build(deps): bump nix from 0.27.1 to 0.28.0
* build(deps): bump mockito from 1.2.0 to 1.4.0
* build(deps): bump tempfile from 3.9.0 to 3.10.1
* build(deps): bump serde_yaml from 0.9.31 to 0.9.32
* build(deps): bump serde from 1.0.195 to 1.0.197
* build(deps): bump h2 from 0.3.23 to 0.3.24
* build(deps): bump slog-term from 2.9.0 to 2.9.1
* build(deps): bump serde_yaml from 0.9.30 to 0.9.31
* build(deps): bump serde_json from 1.0.111 to 1.0.113
* build(deps): bump clap from 4.4.16 to 4.4.18
* build(deps): bump reqwest from 0.11.23 to 0.11.24
* Sync repo templates
* cargo: Afterburn release 5.5.1
* docs/release-notes: update for release 5.5.1
* cargo: update dependencies
* build(deps): bump anyhow from 1.0.75 to 1.0.78
* build(deps): bump serde_yaml from 0.9.27 to 0.9.29
* build(deps): bump reqwest from 0.11.22 to 0.11.23
* build(deps): bump serde_json from 1.0.108 to 1.0.109
* build(deps): bump openssl from 0.10.60 to 0.10.62
* build(deps): bump tempfile from 3.8.1 to 3.9.0
* build(deps): bump clap from 4.4.10 to 4.4.12
* build(deps): bump unsafe-libyaml from 0.2.9 to 0.2.10
* providers/vmware: add missing public functions for non-amd64
* build(deps): bump clap from 4.4.8 to 4.4.10
* cargo: Afterburn release 5.5.0
* build(deps): bump openssl from 0.10.59 to 0.10.60
* Sync repo templates
* docs/release-notes: update for release 5.5.0
* cargo: update dependencies
* ci: cancel previous build on PR update
* build(deps): allow building with libsystemd 0.7.0
* providers/vmware: Process guestinfo.metadata netplan configuration
* kubevirt: Run afterburn-hostname service
* build(deps): bump reqwest from 0.11.20 to 0.11.22
* build(deps): bump tempfile from 3.8.0 to 3.8.1
* build(deps): bump clap from 4.4.6 to 4.4.7
* build(deps): bump serde_json from 1.0.107 to 1.0.108
* build(deps): bump serde_yaml from 0.9.25 to 0.9.27
* build(deps): bump rustix from 0.37.19 to 0.37.25
* build(deps): bump clap from 4.4.2 to 4.4.6
* build(deps): bump serde_json from 1.0.105 to 1.0.107
* build(deps): bump mockito from 1.1.0 to 1.2.0
* providers: add support for scaleway
* Move away from deprecated `users` to `uzers`
* Sync repo templates
* providers/hetzner: add support for Hetzner Cloud
* build(deps): bump clap from 4.4.1 to 4.4.2
* cargo: update MSRV to 1.71
* build(deps): bump clap from 4.3.19 to 4.4.1
* chore: Get rid of Clippy warnings
* cargo: specify required features for nix dependency
* build(deps): bump nix from 0.26.2 to 0.27.1
* build(deps): bump slog-async from 2.7.0 to 2.8.0
* build(deps): bump openssl from 0.10.56 to 0.10.57
* build(deps): bump reqwest from 0.11.18 to 0.11.20
* build(deps): bump serde from 1.0.185 to 1.0.188
* Sync repo templates
* build(deps): bump tempfile from 3.7.1 to 3.8.0
* build(deps): bump serde from 1.0.183 to 1.0.185
* build(deps): bump anyhow from 1.0.72 to 1.0.75
* build(deps): bump serde_json from 1.0.104 to 1.0.105
* build(deps): bump openssl from 0.10.55 to 0.10.56
* build(deps): bump tempfile from 3.7.0 to 3.7.1
* build(deps): bump serde from 1.0.180 to 1.0.183
* Sync repo templates
* build(deps): bump serde from 1.0.179 to 1.0.180
* build(deps): bump serde_json from 1.0.103 to 1.0.104
* build(deps): bump serde from 1.0.175 to 1.0.179
* build(deps): bump pnet_datalink from 0.33.0 to 0.34.0
* build(deps): bump serde from 1.0.171 to 1.0.175
* build(deps): bump clap from 4.3.14 to 4.3.19
* build(deps): bump pnet_base from 0.33.0 to 0.34.0
* build(deps): bump serde_yaml from 0.9.23 to 0.9.25
* build(deps): bump tempfile from 3.6.0 to 3.7.0
* build(deps): bump clap from 4.3.11 to 4.3.14
* build(deps): bump serde_yaml from 0.9.22 to 0.9.23
* build(deps): bump anyhow from 1.0.71 to 1.0.72
* build(deps): bump serde_json from 1.0.100 to 1.0.103
* Sync repo templates
* build(deps): bump clap from 4.3.10 to 4.3.11
* build(deps): bump serde_json from 1.0.99 to 1.0.100
* build(deps): bump openssh-keys from 0.6.1 to 0.6.2
* build(deps): bump zbus from 3.13.1 to 3.14.1
* build(deps): bump clap from 4.3.8 to 4.3.10
* build(deps): bump serde from 1.0.164 to 1.0.165
* build(deps): bump serde_json from 1.0.96 to 1.0.99
* build(deps): bump clap from 4.3.3 to 4.3.8
* build(deps): bump serde_yaml from 0.9.21 to 0.9.22
* build(deps): bump openssl from 0.10.54 to 0.10.55
* build(deps): bump mockito from 1.0.2 to 1.1.0
* Sync repo templates
* openstack: Add attribute OPENSTACK_INSTANCE_UUID
* build(deps): bump serde from 1.0.163 to 1.0.164
* build(deps): bump clap from 4.3.2 to 4.3.3
* build(deps): bump tempfile from 3.5.0 to 3.6.0
* cargo: Afterburn release 5.4.3
* docs/release-notes: update for release 5.4.3
* cargo: update dependencies
* cargo: allow openssl 0.10.46
* build(deps): bump openssl from 0.10.52 to 0.10.54
* build(deps): bump openssh-keys from 0.6.0 to 0.6.1
* build(deps): bump vmw_backdoor from 0.2.3 to 0.2.4
* ci: strip debug symbols
* Sync repo templates
* build-sys: Use new tier = 2 for cargo-vendor-filterer
* build(deps): bump reqwest from 0.11.17 to 0.11.18
* cargo: Afterburn release 5.4.2
* docs/release-notes: update for release
* docs/release-notes: note Azure SSH regression fix with new openssl
* cargo: fix minimum version of openssl crate
* build(deps): bump serde from 1.0.162 to 1.0.163
* build(deps): bump zbus from 3.12.0 to 3.13.1
* build(deps): bump serde from 1.0.160 to 1.0.162
* build(deps): bump anyhow from 1.0.70 to 1.0.71
* build(deps): bump openssl from 0.10.51 to 0.10.52
* build(deps): bump reqwest from 0.11.16 to 0.11.17
* build(deps): bump openssl from 0.10.50 to 0.10.51
* build(deps): bump enumflags2 from 0.7.5 to 0.7.7
* build(deps): bump openssl from 0.10.48 to 0.10.50
* build(deps): bump zbus from 3.11.1 to 3.12.0
* build(deps): bump serde_json from 1.0.95 to 1.0.96
* build(deps): bump h2 from 0.3.15 to 0.3.17
* build(deps): bump openssl from 0.10.47 to 0.10.48
* microsoft/crypto/mod: replace deprecated function `parse` with `parse2`
* build(deps): bump serde from 1.0.159 to 1.0.160
* build(deps): bump serde_yaml from 0.9.19 to 0.9.21
* build(deps): bump tempfile from 3.4.0 to 3.5.0
* build(deps): bump serde from 1.0.158 to 1.0.159
* build(deps): bump mockito from 1.0.1 to 1.0.2
* Update mockito to 1.0.1
* build(deps): bump reqwest from 0.11.15 to 0.11.16
* build(deps): bump serde_json from 1.0.94 to 1.0.95
* cli: switch to clap derive
* cli: add descriptive value names for option arguments in --help
* build(deps): bump zbus from 3.11.0 to 3.11.1
* build(deps): bump openssl from 0.10.45 to 0.10.47
* build(deps): bump reqwest from 0.11.14 to 0.11.15
* build(deps): bump serde from 1.0.155 to 1.0.158
* build(deps): bump anyhow from 1.0.69 to 1.0.70
* cli: have clap require exactly one of --cmdline/--provider
* providers/*: move endpoint mocking into retry::Client
* retry/client: move URL parsing into helper function
* providers/microsoft: import crate::retry
* providers/microsoft: use stored client for all fetches
* providers/packet: use stored client for boot checkin
* build(deps): bump zbus from 3.10.0 to 3.11.0
* build(deps): bump serde from 1.0.152 to 1.0.155
* Sync repo templates
* docs: Use upstream theme and update to 0.4.1
* build(deps): bump serde_json from 1.0.93 to 1.0.94
* build(deps): bump serde_yaml from 0.9.17 to 0.9.19
* build(deps): bump mockito from 0.32.3 to 0.32.4
* build(deps): bump tempfile from 3.3.0 to 3.4.0
* initrd: remember to write trailing newline to network kargs file
* util: drop obsolete "OEM" terminology
* Update to clap 4
* build(deps): bump mockito from 0.31.1 to 0.32.3
* workflows: update clippy to 1.67
* Fix clippy lints
* Inline variables into format strings
* build(deps): bump zbus from 3.9.0 to 3.10.0
* build(deps): bump serde_json from 1.0.92 to 1.0.93

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-160=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

afterburn-5.8.2-bp156.2.3.1

- openSUSE Backports SLE-15-SP6 (noarch):

afterburn-dracut-5.8.2-bp156.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-3416.html

openSUSE-SU-2025:0269-1: moderate: Security update for python3-pycares

openSUSE Security Update: Security update for python3-pycares
_______________________________

Announcement ID: openSUSE-SU-2025:0269-1
Rating: moderate
References: #1244691
Cross-References: CVE-2025-48945
CVSS scores:
CVE-2025-48945 (SUSE): 6 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python3-pycares fixes the following issues:

- CVE-2025-48945: Fixed a use-after-free in the Channel object garbage
collection (boo#1244691)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-269=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

python3-pycares-3.1.1-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-48945.html
https://bugzilla.suse.com/1244691

openSUSE-SU-2025:15386-1: moderate: MozillaFirefox-141.0-1.1 on GA media

# MozillaFirefox-141.0-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15386-1
Rating: moderate

Cross-References:

* CVE-2025-8027
* CVE-2025-8028
* CVE-2025-8029
* CVE-2025-8030
* CVE-2025-8031
* CVE-2025-8032
* CVE-2025-8033
* CVE-2025-8034
* CVE-2025-8035
* CVE-2025-8036
* CVE-2025-8037
* CVE-2025-8038
* CVE-2025-8039
* CVE-2025-8040
* CVE-2025-8041
* CVE-2025-8042
* CVE-2025-8043
* CVE-2025-8044

CVSS scores:

* CVE-2025-8027 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-8027 ( SUSE ): 7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8028 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
* CVE-2025-8028 ( SUSE ): 7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8029 ( SUSE ): 5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-8029 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8030 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-8030 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8031 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-8031 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8032 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-8032 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8033 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-8033 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-8034 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8034 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8035 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8035 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8036 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-8036 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8037 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2025-8037 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8038 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2025-8038 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8039 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2025-8039 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8040 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8040 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-8043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-8043 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-8044 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-8044 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 18 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the MozillaFirefox-141.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* MozillaFirefox 141.0-1.1
* MozillaFirefox-branding-upstream 141.0-1.1
* MozillaFirefox-devel 141.0-1.1
* MozillaFirefox-translations-common 141.0-1.1
* MozillaFirefox-translations-other 141.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-8027.html
* https://www.suse.com/security/cve/CVE-2025-8028.html
* https://www.suse.com/security/cve/CVE-2025-8029.html
* https://www.suse.com/security/cve/CVE-2025-8030.html
* https://www.suse.com/security/cve/CVE-2025-8031.html
* https://www.suse.com/security/cve/CVE-2025-8032.html
* https://www.suse.com/security/cve/CVE-2025-8033.html
* https://www.suse.com/security/cve/CVE-2025-8034.html
* https://www.suse.com/security/cve/CVE-2025-8035.html
* https://www.suse.com/security/cve/CVE-2025-8036.html
* https://www.suse.com/security/cve/CVE-2025-8037.html
* https://www.suse.com/security/cve/CVE-2025-8038.html
* https://www.suse.com/security/cve/CVE-2025-8039.html
* https://www.suse.com/security/cve/CVE-2025-8040.html
* https://www.suse.com/security/cve/CVE-2025-8041.html
* https://www.suse.com/security/cve/CVE-2025-8042.html
* https://www.suse.com/security/cve/CVE-2025-8043.html
* https://www.suse.com/security/cve/CVE-2025-8044.html

openSUSE-SU-2025:15388-1: moderate: rpi-imager-1.9.5-1.1 on GA media

# rpi-imager-1.9.5-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15388-1
Rating: moderate

Cross-References:

* CVE-2025-5916

CVSS scores:

* CVE-2025-5916 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2025-5916 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the rpi-imager-1.9.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rpi-imager 1.9.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-5916.html

openSUSE-SU-2025:0174-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2025:0174-1
Rating: important
References: #1243741
Cross-References: CVE-2025-5063 CVE-2025-5064 CVE-2025-5065
CVE-2025-5066 CVE-2025-5067 CVE-2025-5280
CVE-2025-5281 CVE-2025-5283
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes 8 vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

Update to version 137.0.7151.55 (stable release 2025-05-27) (boo#1243741)

- CVE-2025-5063: Use after free in Compositing
- CVE-2025-5280: Out of bounds write in V8
- CVE-2025-5064: Inappropriate implementation in Background Fetch API
- CVE-2025-5065: Inappropriate implementation in FileSystemAccess API
- CVE-2025-5066: Inappropriate implementation in Messages
- CVE-2025-5281: Inappropriate implementation in BFCache
- CVE-2025-5283: Use after free in libvpx
- CVE-2025-5067: Inappropriate implementation in Tab Strip

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-174=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 x86_64):

chromedriver-137.0.7151.55-bp156.2.122.2
chromium-137.0.7151.55-bp156.2.122.2

References:

https://www.suse.com/security/cve/CVE-2025-5063.html
https://www.suse.com/security/cve/CVE-2025-5064.html
https://www.suse.com/security/cve/CVE-2025-5065.html
https://www.suse.com/security/cve/CVE-2025-5066.html
https://www.suse.com/security/cve/CVE-2025-5067.html
https://www.suse.com/security/cve/CVE-2025-5280.html
https://www.suse.com/security/cve/CVE-2025-5281.html
https://www.suse.com/security/cve/CVE-2025-5283.html
https://bugzilla.suse.com/1243741

openSUSE-SU-2025:0209-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2025:0209-1
Rating: important
References:
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that contains security fixes can now be installed.

Description:

Chromium was updated to 137.0.7151.119 (stable release 2025-06-17)
(boo#1244711):

* CVE-2025-6191: Integer overflow in V8
* CVE-2025-6192: Use after free in Profiler

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-209=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64):

chromedriver-137.0.7151.119-bp156.2.131.1
chromium-137.0.7151.119-bp156.2.131.1

References:

openSUSE-SU-2025:0265-1: important: Security update for opera

openSUSE Security Update: Security update for opera
_______________________________

Announcement ID: openSUSE-SU-2025:0265-1
Rating: important
References:
Cross-References: CVE-2025-4664 CVE-2025-5419
Affected Products:
openSUSE Leap 15.6:NonFree
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for opera fixes the following issues:

- Update to 120.0.5543.61
* DNA-119134 Crash at views::ViewAXPlatformNodeDelegate:: FireNativeEvent
* DNA-122014 [VPN Pro] Add VPN Pro section to chrome://opera-diagnostics
* DNA-122222 [Split screen] Active tab refreshes instead of current tab
* DNA-122251 [Easy Files] Transparent glitch appears with some file
types in popup
* DNA-122347 Background music resumes after toggling mic/camera in
Google Meet
* DNA-122569 Gmail video popup disappears and Meet disconnects when
switching tabs or clicking redirect button
* DNA-122601 Report client version in vpnpro diagnostics
* DNA-122695 VPN section not available in opera settings on first run
* DNA-122764 [Split screen] Popup arrow is pinned to easy setup button
instead of the password manager
* DNA-122849 The popup windows for 'Accounts saved for this website' and
the credentials view are too wide
* DNA-122853 Support multiple static wallpapers in a single theme
* DNA-122883 [SD] Tile names are not visible in folder when a custom
wallpaper is used
* DNA-122959 Refactor tab automuting
* DNA-123026 Crash when clicking manage passwords button in address bar
when "Sign in" credentials API popup is displayed
* DNA-123031 [Opera Translate] Opera Translate popup does not
open in split screen tabs
* DNA-123038 Crash at -[OperaCrApplication validateMenuItem:]
* DNA-123057 USB netinstaller is not starting
* DNA-123086 Crash at BrowserLiveTabContext:: GetSplitScreenIdForTab
* DNA-123089 [Opera Translate] "How does it work?" link leads to
incorrect page
* DNA-123100 Translate popup is shown each time page is being
autotranslated

- Update to 120.0.5543.38
* CHR-10028 Update Chromium on desktop-stable-135-5543 to 135.0.7049.115
* DNA-112048 Spelling error in speed dial German translation
* DNA-118890 Crash at opera::RegisterPathProvider
* DNA-119134 Crash at views::ViewAXPlatformNodeDelegate:: FireNativeEvent
* DNA-119349 [Split screen] Restoring tabs opens split screen tabs as
tab island
* DNA-120162 Crash at opera::MainMenu::FillOMenuHeader
* DNA-120341 Crash at opera::oauth2::DeviceNameServiceImpl::
HasDeviceNameChanged
* DNA-120753 Crash at opera::BrowserWindowCocoa::GetBounds
* DNA-120799 Hide toolbar entries based on the available width and a
prioritized list
* DNA-120928 A red dot indicating a new message appears, even though no
message has been received
* DNA-120940 [Split Screen toolbar] Snapshot is not displayed correctly
with Speed Dial page
* DNA-120997 [Split screen toolbar] 'Ask Aria' should not be visible
* DNA-120998 [Split Screen toolbar] Extensions container is displayed
for both panels
* DNA-121093 Possibility to remove the only/last classic theme
* DNA-121111 [Tab Island Split Screen] Add context menu option to move
out of tab island for split screen in tab island
* DNA-122499 [Password Management] Save-password popup displays dark
mode image in light mode
* DNA-122500 [Password Management] Save-password popup image lacks shadow
* DNA-122501 [Password Management] Incorrect styling for Password
Manager link
* DNA-121260 Disable background music during Google Meet call
* DNA-121446 Crash at bookmarks::BookmarkModel::~BookmarkModel
* DNA-121495 Can not focus folder on start page by keybard navigation
* DNA-121554 [Split screen toolbar] Icons remain visible with dropdown
opened until hovered again
* DNA-121555 [Split screen toolbar] "Add to Pinboard" feature remains in
loading state and does not complete
* DNA-121561 After reopening, easy setup doesn't start from the top
* DNA-121564 Crash at views::View::SetPaintToLayer
* DNA-121567 Sometimes autocomplete in dropdown eats some letters
* DNA-121582 Crash at extensions::TabsQueryFunction::Run
* DNA-121590 DevTools attempts to match Chrome's language setting
* DNA-121591 DevTools displays Chrome's recording feature
* DNA-121603 Disable some items in 'On Exit' tab when sync is enabled
* DNA-121617 [Linux] No settings are displayed on the certificates page
* DNA-121662 [Tab Island Split Screen] Closing split screen tab in
collapsed tab island causes island to become invisible
* DNA-121669 Search bar blends into background on opera://flags
* DNA-121708 Support theme color abstraction and expose color values
* DNA-121753 [Tab Island Split Screen] Add tab button is cut
off after dragging split screen into tab island
* DNA-121784 [Tab Island Split Screen] Dragging split screen on tab
strip hides it under tab island
* DNA-121786 SD tile colors are reversed in dark mode and light mode
* DNA-121787 Allow H.264 levels up to 5.1/5.2
* DNA-121790 Crash at signin::IdentityManager:: GetPrimaryAccountInfo
* DNA-121817 [Toolbar miniplayer] Gap between address bar and miniplayer
is too small
* DNA-121818 [Toolbar miniplayer] Hover effect on buttons should be the
same as hover effect on address bar icons
* DNA-121829 Wrap "On Exit" tab into feature flag #clear-history-on-exit
* DNA-121864 Crash at extensions::ExtensionUpdater::
OnBlocklistDownloadFinished
* DNA-121866 Translations for text in Easy Files context menu
* DNA-121869 Incorrect download origin in opera://downloads page when
"@" redirection is used
* DNA-121870 Change logic to display last 5 used emojis
* DNA-121872 Custom site panel field in sidebar setup truncates URLs
longer than 64 characters
* DNA-121875 Bump major version to 120
* DNA-121881 Crash at tabs::UnpinnedTabCollection:: AddTabRecursive
* DNA-121886 Update env variables for web UI
* DNA-121888 Opera React Web UI (operaaccount) tests fail
* DNA-121894 Crash at extensions::
ProxySwitcherPrivateEventRouter::OnBrowserRemoved
* DNA-121896 Linux ARM fails to compile
* DNA-121897 CHECK when creating split screen without
#split-screen-toolbar
* DNA-121899 Translations for Opera 119
* DNA-121901 [Split screen] Only one tab is displayed after returning to
split screen from different tab
* DNA-121908 Installed extensions are located on the left side
of the page.
* DNA-121928 Remove chromium "Safety Check" option in settings
* DNA-121937 Crash on saving split screen tabs to Pinboards
* DNA-121945 [Clear browsing data on exit] [UI check] "i" icon color
incorrectly displayed
* DNA-121946 [Clear browsing data on exit] Incorrect display of 'i'
icons for unlogged users
* DNA-121947 [Tab Island Split Screen][UI check] Split screen blends
with background in light theme
* DNA-121951 [Split screen toolbar] [UI check] VPN badge displayed on
both panels instead of just the right tab
* DNA-121973 Crash at extensions::(anonymous namespace)::
ThumbnailFetcher::Fetch when opening pinboard popup in private window
* DNA-121975 [Private window] Text in address bar dropdown is almost
invisible
* DNA-121982 [Split screen] Split screen groups become tab islands after
browser restart
* DNA-121984 Not possible to change default cookie settings
* DNA-121985 [Tab Island Split Screen] Split screen background remains
on tab strip after collapsing tab island
* DNA-121988 Saving page as PDF leads to page crash
* DNA-121990 The selection moves/'jumps' in dropdown to where the cursor
is, even if doesn't move the mouse
* DNA-121993 Crash when restoring session containing
opera://flags
* DNA-121994 Crash at base::ObserverList::RemoveObserver
* DNA-121995 Crash at opera::HeartButtonControllerImpl::Update
* DNA-121998 [VPN Pro][Settings] Location list for Express subscription
in settings shows numbers instead of flags and location names
* DNA-121999 [VPN Pro][VPN badge] For Express VPN locations different
numbers are displayed as IP address
* DNA-122001 [VPN Pro] If there are multiple locations for a country,
selecting one causes all of them to be shown as active
* DNA-122007 [Split screen toolbar] Toolbar icons not displayed
on hover
* DNA-122012 Crash at opera::ComponentTabCyclerView:: HighlightContents
* DNA-122017 Skip Ad button not shown in PiP window for YouTube ads
* DNA-122023 [Split screen] Address bar in both panels duplicates on
click
* DNA-122034 Gray out 'Create' button when limit of custom sites is
reached
* DNA-122042 Fix recently used locations for ExpressVPN provider
* DNA-122043 Converting different currencies into RUB, BYN, HRK, IDR
doesn't work
* DNA-122045 BrowserNavigatorTest.Disposition_NewPopup_ ExtensionId fails
* DNA-122053 Text not visible when hovering over options in padlock popup
* DNA-122056 Crash at opera::component_based::ComponentTabBar::
ReorderChildren
* DNA-122068 Detached split screen is incorrectly drawn
* DNA-122070 Split screen dragged out of an island is re-attached in a
wrong position
* DNA-122072 [Split screen toolbar] Clicking on translate button has no
effect
* DNA-122080 Crash when creating split screen from orphaned and pinned
tab
* DNA-122083 Workspaces cannot be edited when there's a maximum number
of them.
* DNA-122101 Crash on switching workspaces if Opera runs with
disable-animations-for-tests
* DNA-122107 [Split screen toolbar] Crash when cancelling drop action
with Esc when target drop view is visible
* DNA-122119 "Close tabs" tab menu option does not close both tabs in
inactive split screen group
* DNA-122120 Split screen group is destroyed after moving group and
another tab to a new window
* DNA-122122 [Clear browsing data on exit] History not deleted
on exit with custom sync settings
* DNA-122123 [Clear browsing data on exit] Options remain checked if
previously selected after sync is enabled
* DNA-122129 [Tab Island Split Screen][UI Check] No hover effect
on split screen tabs
* DNA-122130 Chromium warning dialog in settings
* DNA-122133 [Pinboards] Wrong tab added to Pinboards when attempting to
add tab from context menu
* DNA-122135 Incorrect translation of "may" in German language
* DNA-122137 Spelling error in speed dial German translation
* DNA-122142 Add a comment line switch to simulate a browser update
ready state
* DNA-122144 Style components with environmental tokens
* DNA-122146 [VPN Pro][Settings] If there are multiple locations for a
country, selecting one causes all of them to be shown as active
* DNA-122149 Free vpn location is broken
* DNA-122154 Reconnect to vpn service after changing vpn pro
subscriptions
* DNA-122167 Crash at PrefService::GetBoolean
* DNA-122171 'Show emojis in tab tooltip' setting visible after
disabling feature flag
* DNA-122177 [Split screen toolbar] Miniplayer is shown in both toolbars
all the time
* DNA-122178 Disable BrowserNavigatorTest.Disposition_
PictureInPicture_OpenFromWebApp
* DNA-122179 BrowserNavigatorTest.ReloadLockedTab crashes (DCHECK)
* DNA-122189 [Split screen] Web view does not show content from two tabs
after restart
* DNA-122190 [Miniplayer in toolbar] Mini-player in toolbar is
only shown in split screen
* DNA-122193 Crash at opera::component_based::
SplitScreenModelImpl::InsertSplitScreen
* DNA-122201 [Meet][Player] After closing 'Present now' popup music from
player starts playing
* DNA-122203 Bookmark folders are no longer visible in "O" menu
* DNA-122204 [Miniplayer in toolbar] Mini-player stays visible
on toolbar after being unpinned
* DNA-122217 Failure to connect with Flow push notifications not working
* DNA-122218 [Split screen toolbar] Not all available icons are visible
on hover until address bar is clicked
* DNA-122224 Use chromium's ui::ColorTransform in color mixer
* DNA-122230 Missing flag icon in settings
* DNA-122240 [Split screen toolbar] Display VPN badge for both split
screen sites
* DNA-122255 Typo in Easy Setup for RU
* DNA-122260 [VPN] The VPN icon disappears after focusing the address bar
* DNA-122275 Add tooltip to "On exit" part in settings
* DNA-122287 [Clear browsing data on exit] Missing translations for
information tooltip
* DNA-122290 Bookmarks are visible behind split screen
* DNA-122360 VideoPictureInPictureWindowControllerBrowserTest.
ControlsVisibility fails on Linux
* DNA-122361 Shader has crashed
* DNA-122363 Showing split screen as one tab in tab cycler no longer
works after enabling #split-screen-in-tab-island
* DNA-122365 Extra '&' symbol displaying in bookmarks subfolder names
* DNA-122366 Fix tab island dragging scenarios after CHR-9995
* DNA-122367 Add Split Screen restrictions on auto-PiP
* DNA-122372 Update dynamic themes list with viking
* DNA-122377 Translations for on-exit tooltip
* DNA-122395 [Clear browsing data on exit] Tooltip for "on exit" does
not match design
* DNA-122401 DumpWithoutCrashing at sql::(anonymous namespace)::
RecordOpenDatabaseFailureReason(const class std::__Cr:: basic_string&
const, sql::(anonymous namespace):: OpenDatabaseFailedReason)
* DNA-122405 [Yubikey] The 2-Step Verification popup does not appear and
the user is unable to sign in
* DNA-122407 [Split screen] Drop area is not shown when moving mouse to
other side of split screen view
* DNA-122409 [Clear browsing data on exit] Update the style for dark
theme tooltips
* DNA-122410 Google information in delete browsing data section
* DNA-122411 Backport fix for CVE-2025-4664
* DNA-122431 Manifest v2 extensions are disabled after Opera restart
* DNA-122444 Add accessibility title for password manager popup
* DNA-122503 [Opera One] Enable token support without the flag
* DNA-122504 Paypal entry in siteprefs.json is causing users to not be
able to sign in
* DNA-122512 [Password Management] Password is shown as a clear text by
system accessibility
* DNA-122513 [Password Management] Font size in password-manager page is
bigger than in settings
* DNA-122520 [VPN Pro] Download subscription after enabling
#vpn-pro-v4-support flag
* DNA-122522 Enable #split-screen-toolbar on all streams
* DNA-122532 Promoto 120 to beta
* DNA-122540 Translations for Opera 120
* DNA-122555 [Password Management] Password update prompt is shown as
sliding toolbar (old style)
* DNA-122558 "+" button shifts position after cancelled split screen
* DNA-122561 [Password Management] Manage Passwords icon is not shown in
address bar when in split screen mode
* DNA-122562 [Password Management] Save password popup is incorrectly
anchored in split screen mode
* DNA-122576 Live background loaded on GPU process crash even if not
visible
* DNA-122628 [O120] Crash at performance_manager::mechanism::
PageDiscarder::DiscardPageNodes
* DNA-122635 Backport 0-day fix for CVE-2025-5419 and chromium issue
420637585
* DNA-122659 startpage opening animation is not disabled
* DNA-122665 Tab island tooltip has incorrect design
* DNA-122715 Crash at media::ATAudioFormatReader::ChooseFormat
* DNA-122723 'Accounts saved for this website' popup has a chrome design
* DNA-122724 web page credentials popup has a chrome design
* DNA-122730 Password popup design do not match the mockup
* DNA-122734 Replace background of 'banner' on the VPN badge popup UI
* DNA-122749 Crash in AddressBarControllerImpl:: OnActiveTabChanged() on
non-developer channels
* DNA-122765 Can't close the popup by clicking the password manager icon
in the address bar
* DNA-122772 Crash at ManagePasswordsUIController::
GetManagePasswordsButtonView
* DNA-122774 Tab Island tabs dropdown not visible when "Show tabs from
the same domain in tab tooltip" is disabled
* DNA-122778 Enable #password-management-popup on all streams
* DNA-122780 [password-management-popup=off] Passwords badge not shown
until user clicks in the address bar
* DNA-122791 The button corners are not rounded enough
* DNA-122795 Password popup header does not match the mockup
* DNA-122826 Crash loop when trying to launch Opera
with-feature:pinboard=off
* DNA-122850 Missing tooltip over buttons on the 'web page credentials'
popup
* DNA-122851 Missing hover effect
* DNA-122852 On the 'Accounts saved for this website' popup, the whole
row should be clickable not only an arrow
* DNA-122864 "Copy password" button should not be visible in save
password popup
* DNA-122984 Enable #translator on all streams for Opera One
* DNA-123014 Promote 120 to stable
- Complete Opera 120 changelog at:
https://blogs.opera.com/desktop/changelog-for-120

- Update to 119.0.5497.131
* DNA-122535 Crash at opera::TabHoverCardTabArtContainerView::
OnTabArtButtonClicked
* DNA-122854 Investigate backwards compatibility for multiple wallpaper
themes
* DNA-122012 Crash at opera::ComponentTabCyclerView:: HighlightContents

- Update to 119.0.5497.110
* DNA-120753 Crash at opera::BrowserWindowCocoa::GetBounds
* DNA-122607 Make labels in themes localizable
* DNA-122715 Crash at media::ATAudioFormatReader::ChooseFormat
* DNA-122734 Replace background of 'banner' on the VPN badge popup UI

- Update to 119.0.5497.88
* DNA-122663 Close tab islands cannot be clicked if "Show tabs from the
same domain in tooltip" is disabled
- Changes in 119.0.5497.70
* DNA-120753 Crash at opera::BrowserWindowCocoa::GetBounds
* DNA-122106 Add error code and message to setError crashlog
* DNA-122203 Bookmark folders are no longer visible in "O" menu
* DNA-122149 Free vpn location is broken
* DNA-122230 Missing flag icon in settings

- Update to 119.0.5497.56
* DNA-120753 Crash at opera::BrowserWindowCocoa::GetBounds
* DNA-122361 Shader has crashed
* DNA-122402 Enable #easy-setup-react on all streams
* DNA-122409 [Clear browsing data on exit] Update the style for dark
theme tooltips
* DNA-122535 Crash at opera::TabHoverCardTabArtContainerView::
OnTabArtButtonClicked
* DNA-122576 Live background loaded on GPU process crash even if not
visible

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.6:NonFree:

zypper in -t patch openSUSE-2025-265=1

Package List:

- openSUSE Leap 15.6:NonFree (x86_64):

opera-120.0.5543.61-lp156.2.38.1

References:

https://www.suse.com/security/cve/CVE-2025-4664.html
https://www.suse.com/security/cve/CVE-2025-5419.html

Iputils update for Fedora 42

PHP and Thunderbird updates for Debian

Xtrabackup, Chromium, Python-Django, and more updates for SUSE Linux

openSUSE-SU-2025:0270-1: moderate: Security update for xtrabackup

openSUSE-SU-2025:0210-1: important: Security update for chromium

openSUSE-SU-2025:0240-1: moderate: Security update for python-Django

openSUSE-SU-2025:0167-1: important: Security update for opera

openSUSE-SU-2025:0250-1: important: Security update for pdns-recursor

openSUSE-SU-2025:0204-1: Security update for atop

openSUSE-SU-2025:0179-1: important: Security update for varnish

openSUSE-SU-2025:0160-1: moderate: Security update for afterburn

openSUSE-SU-2025:0269-1: moderate: Security update for python3-pycares

openSUSE-SU-2025:15386-1: moderate: MozillaFirefox-141.0-1.1 on GA media

openSUSE-SU-2025:15388-1: moderate: rpi-imager-1.9.5-1.1 on GA media

openSUSE-SU-2025:0174-1: important: Security update for chromium

openSUSE-SU-2025:0209-1: important: Security update for chromium

openSUSE-SU-2025:0265-1: important: Security update for opera

Windows

Linux

macOS

Community