SUSE-RU-2025:20461-1: important: Recommended update for zypper, libzypp, libsolv
SLE-UPDATES
null at suse.de
Wed Jul 9 16:30:44 UTC 2025
# Recommended update for zypper, libzypp, libsolv
Announcement ID: SUSE-RU-2025:20461-1
Release Date: 2025-07-01T12:39:34Z
Rating: important
References:
* bsc#1189788
* bsc#1216091
* bsc#1222044
* bsc#1225451
* bsc#1228434
* bsc#1229106
* bsc#1230267
* bsc#1232458
* bsc#1234752
* bsc#1235598
* bsc#1235636
* bsc#1236384
* bsc#1236481
* bsc#1236820
* bsc#1236939
* bsc#1236983
* bsc#1237044
* bsc#1237172
* bsc#1237587
* bsc#1237949
* bsc#1238315
* bsc#1239012
* bsc#1239543
* bsc#1239809
* bsc#1240132
* bsc#1240529
* bsc#1241463
* bsc#1243279
* bsc#1243457
* bsc#1243887
* bsc#1243901
* bsc#1244042
* bsc#1244105
* bsc#614646
* jsc#PED-11268
Affected Products:
* SUSE Linux Micro 6.1
An update that contains one feature and has 34 fixes can now be installed.
## Description:
This update for zypper, libzypp, libsolv fixes the following issues:
libsolv was updated to 0.7.33:
* improve transaction ordering by allowing more uninst->uninst edges
[bsc#1243457]
* implement color filtering when adding update targets
* support orderwithrequires dependencies in susedata.xml
* build both static and dynamic libraries on new suse distros
* support the apk package and repository format (both v2 and v3)
* new dataiterator_final_{repo,solvable} functions
* Provide a symbol specific for the ruby-version so yast does not break across
updates (bsc#1235598)
* fix replaces_installed_package using the wrong solvable id when checking the
noupdate map
* make POOL_FLAG_ADDFILEPROVIDESFILTERED behaviour more standard
* add rpm_query_idarray query function
* support rpm's "orderwithrequires" dependency
* improve transaction ordering by allowing more uninst->uninst edges
[bsc#1243457]
* implement color filtering when adding update targets
* support orderwithrequires dependencies in susedata.xml
* build both static and dynamic libraries on new suse distros
* support the apk package and repository format (both v2 and v3)
* new dataiterator_final_{repo,solvable} functions
* Provide a symbol specific for the ruby-version so yast does not break across
updates (bsc#1235598)
* fix replaces_installed_package using the wrong solvable id when checking the
noupdate map
* make POOL_FLAG_ADDFILEPROVIDESFILTERED behaviour more standard
* add rpm_query_idarray query function
* support rpm's "orderwithrequires" dependency
libzypp was updated to 17.37.6:
* Enhancements regarding mirror handling during repo refresh. Added means to
disable the use of mirrors when downloading security relevant files.
Requires updaing zypper to 1.14.91.
* Fix autotestcase writer if ZYPP_FULLLOG=1 (bsc#1244042) If ZYPP_FULLLOG=1 a
solver testcase to "/var/log/YaST2/autoTestcase" should be written for each
solver run. There was no testcase written for the very first solver run.
This is now fixed.
* Pass $1==2 to %posttrans script if it's an update (bsc#1243279)
* Fix credential handling in HEAD requests (bsc#1244105)
* RepoInfo: use pathNameSetTrailingSlash (fixes #643)
* Fix wrong userdata parameter type when running zypp with debug verbosity
(bsc#1239012)
* Do not warn about no mirrors if mirrorlist was switched on automatically.
(bsc#1243901)
* Relax permission of cached packages to 0644 & ~umask (bsc#1243887)
* Add a note to service maintained .repo file entries (fixes #638)
* Support using %{url} variable in a RIS service's repo section.
* Use a cookie file to validate mirrorlist cache. This patch extends the
mirrorlist code to use a cookie file to validate the contents of the cache
against the source URL, making sure that we do not accidentially use a old
cache when the mirrorlist url was changed. For example when migrating a
system from one release to the next where the same repo alias might just
have a different URL.
* Let Service define and update gpgkey, mirrorlist and metalink.
* Preserve a mirrorlist file in the raw cache during refresh.
* Code16: Enable curl2 backend and parallel package download by default. In
Code15 it's optional. Environment variables ZYPP_CURL2=<0|1> and
ZYPP_PCK_PRELOAD=<0|1> can be used to turn the features on or off.
* Make gpgKeyUrl the default source for gpg keys. When refreshing zypp now
primarily uses gpgKeyUrl information from the repo files and only falls back
to a automatically generated key Url if a gpgKeyUrl was not specified.
* Introduce mirrors into the Media backends (bsc#1240132)
* Drop MediaMultiCurl backend.
* Throttle progress updates when preloading packages (bsc#1239543)
* Check if request is in valid state in CURL callbacks (fixes
openSUSE/zypper#605)
* spec/CMake: add conditional build '\--with[out]
classic_rpmtrans_as_default'. classic_rpmtrans is the current builtin
default for SUSE, otherwise it's single_rpmtrans. The
`enable_preview_single_rpmtrans_as_default_for_zypper` switch was removed
from the spec file. Accordingly the CMake option
ENABLE_PREVIEW_SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER was removed.
* fixed build with boost 1.88.
* XmlReader: Fix detection of bad input streams (fixes #635) libxml2 2.14
potentially reads the complete stream, so it may have the 'eof' bit set.
Which is not 'good' but also not 'bad'.
* rpm: Fix detection of %triggerscript starts (bsc#1222044)
* RepoindexFileReader: add more <repo> related attributes a service may set.
Add optional attributes gpgcheck, repo_gpgcheck, pkg_gpgcheck, keeppackages,
gpgkey, mirrorlist, and metalink with the same semantic as in a .repo file.
* Drop workaround for broken rpm-4.18 in Code16 (bsc#1237172)
* BuildRequires: %{libsolv_devel_package} >= 0.7.32. Code16 moved static libs
to libsolv-devel-static.
* Drop usage of SHA1 hash algorithm because it will become unavailable in FIPS
mode (bsc#1240529)
* Fix zypp.conf dupAllowVendorChange to reflect the correct default (false).
The default was true in Code12 (libzypp-16.x) and changed to false with
Code15 (libzypp-17.x). Unfortunately this was done by shipping a modified
zypp.conf file rather than fixing the code.
* zypp.conf: Add `lock_timeout` ($ZYPP_LOCK_TIMEOUT) (bsc#1239809)
* Fix computation of RepStatus if Repo URLs change.
* Fix lost double slash when appending to an absolute FTP url (bsc#1238315)
Ftp actually differs between absolute and relative URL paths. Absolute path
names begin with a double slash encoded as '/%2F'. This must be preserved
when manipulating the path.
* Add a transaction package preloader (fixes openSUSE/zypper#104) This patch
adds a preloader that concurrently downloads files during a transaction
commit. It's not yet enabled per default. To enable the preview set
ZYPP_CURL2=1 and ZYPP_PCK_PRELOAD=1 in the environment.
* RpmPkgSigCheck_test: Exchange the test package signingkey (fixes #622)
* Exclude MediaCurl tests if DISABLE_MEDIABACKEND_TESTS (fixes #626)
* Strip a mediahandler tag from baseUrl querystrings.
* Disable zypp.conf:download.use_deltarpm by default (fixes #620) Measurements
show that you don't benefit from using deltarpms unless your network
connection is very slow. That's why most distributions even stop offering
deltarpms. The default remains unchanged on SUSE-15.6 and older.
* Make sure repo variables are evaluated in the right context (bsc#1237044)
* Introducing MediaCurl2 a alternative HTTP backend. This patch adds
MediaCurl2 as a testbed for experimenting with a more simple way to download
files. Set ZYPP_CURL2=1 in the environment to use it.
* Filesystem usrmerge must not be done in singletrans mode (bsc#1236481,
bsc#1189788) Commit will amend the backend in case the transaction would
perform a filesystem usrmerge.
* Workaround bsc#1216091 on Code16.
* Don't issue deprecated warnings if -DNDEBUG is set (bsc#1236983) Released
libyui packages compile with -Werror=deprecated-declarations so we can't add
deprecated warnings without breaking them.
* make gcc15 happy (fixes #613)
* Drop zypp-CheckAccessDeleted in favor of 'zypper ps'.
* Fix Repoverification plugin not being executed (fixes #614)
* Refresh: Fetch the master index file before key and signature (bsc#1236820)
* Allow libzypp to compile with C++20.
* Deprecate RepoReports we do not trigger.
* Create '.keep_packages' in the package cache dir to enforce keeping
downloaded packages of all repos cahed there (bsc#1232458)
* Fix missing UID checks in repomanager workflow (fixes #603)
* Move cmake config files to LIB_INSTALL_DIR/cmake/Zypp (fixes #28)
* Fix 'zypper ps' when running in incus container (bsc#1229106) Should apply
to lxc and lxd containers as well.
* Re-enable 'rpm --runposttrans' usage for chrooted systems (bsc#1216091)
zypper was updated to 1.14.91:
* BuildRequires: libzypp-devel >= 17.37.6. Enhancements regarding mirror
handling during repo refresh. Adapt to libzypp API changes. (bsc#1230267)
* Use libzypp improvements for preload and mirror handling.
* xmlout.rnc: Update repo-element (bsc#1241463) Add the "metalink" attribute
and reflect that the "url" elements list may in fact be empty, if no
baseurls are defined in the .repo files.
* man: update --allow-unsigned-rpm description. Explain how to achieve the
same for packages provided by repositories.
* Updated translations (bsc#1230267)
* Do not double encode URL strings passed on the commandline (bsc#1237587)
URLs passed on the commandline must have their special chars encoded
already. We just want to check and encode forgotten unsafe chars like a
blank. A '%' however must not be encoded again.
* Package preloader that concurrently downloads files. It's not yet enabled
per default. To enable the preview set ZYPP_CURL2=1 and ZYPP_PCK_PRELOAD=1
in the environment. (#104)
* refresh: add --include-all-archs (fixes #598) Future multi-arch repos may
allow to download only those metadata which refer to packages actually
compatible with the systems architecture. Some tools however want zypp to
provide the full metadata of a repository without filtering incompatible
architectures.
* info,search: add option to search and list Enhances (bsc#1237949)
* Annonunce --root in commands not launching a Target (bsc#1237044)
* Let zypper dup fail in case of (temporarily) unaccessible repos
(bsc#1228434, bsc#1236939, fixes #446)
* New system-architecture command (bsc#1236384) Prints the detected system
architecture.
* Change versioncmp command to return exit code according to the comparison
result (#593)
* lr: show the repositories keep-packages flag (bsc#1232458) It is shown in
the details view or by using -k,--keep-packages. In addition libyzpp
supports to enforce keeping downloaded packages of all repos within a
package cache by creating a '.keep_packages' file there.
* Try to refresh update repos first to have updated GPG keys on the fly
(bsc#1234752) An update repo may contain a prolonged GPG key for the GA
repo. Refreshing the update repo first updates a trusted key on the fly and
avoids a 'key has expired' warning being issued when refreshing the GA repo.
* Refresh: restore legacy behavior and suppress Exception reporting as non-
root (bsc#1235636)
* info: Allow to query a specific version (jsc#PED-11268) To query for a
specific version simply append "-<version>" or "-<version>-<release>" to the
"<name>" pattern. Note that the edition part must always match exactly.
* Don't try to download missing raw metadata if cache is not writable
(bsc#1225451)
* man: Update 'search' command description. Hint to "se -v" showing the
matches within the packages metadata. Explain that search strings starting
with a "/" will implicitly look into the filelist as well. Otherfise an
explicit "-f" is needed.
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Micro 6.1
zypper in -t patch SUSE-SLE-Micro-6.1-161=1
## Package List:
* SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64)
* libzypp-debuginfo-17.37.6-slfo.1.1_1.1
* libsolv-debugsource-0.7.33-slfo.1.1_1.1
* libsolv-tools-base-0.7.33-slfo.1.1_1.1
* libzypp-17.37.6-slfo.1.1_1.1
* libzypp-debugsource-17.37.6-slfo.1.1_1.1
* zypper-1.14.91-slfo.1.1_1.1
* zypper-debugsource-1.14.91-slfo.1.1_1.1
* zypper-debuginfo-1.14.91-slfo.1.1_1.1
* libsolv-tools-base-debuginfo-0.7.33-slfo.1.1_1.1
* SUSE Linux Micro 6.1 (noarch)
* zypper-needs-restarting-1.14.91-slfo.1.1_1.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1189788
* https://bugzilla.suse.com/show_bug.cgi?id=1216091
* https://bugzilla.suse.com/show_bug.cgi?id=1222044
* https://bugzilla.suse.com/show_bug.cgi?id=1225451
* https://bugzilla.suse.com/show_bug.cgi?id=1228434
* https://bugzilla.suse.com/show_bug.cgi?id=1229106
* https://bugzilla.suse.com/show_bug.cgi?id=1230267
* https://bugzilla.suse.com/show_bug.cgi?id=1232458
* https://bugzilla.suse.com/show_bug.cgi?id=1234752
* https://bugzilla.suse.com/show_bug.cgi?id=1235598
* https://bugzilla.suse.com/show_bug.cgi?id=1235636
* https://bugzilla.suse.com/show_bug.cgi?id=1236384
* https://bugzilla.suse.com/show_bug.cgi?id=1236481
* https://bugzilla.suse.com/show_bug.cgi?id=1236820
* https://bugzilla.suse.com/show_bug.cgi?id=1236939
* https://bugzilla.suse.com/show_bug.cgi?id=1236983
* https://bugzilla.suse.com/show_bug.cgi?id=1237044
* https://bugzilla.suse.com/show_bug.cgi?id=1237172
* https://bugzilla.suse.com/show_bug.cgi?id=1237587
* https://bugzilla.suse.com/show_bug.cgi?id=1237949
* https://bugzilla.suse.com/show_bug.cgi?id=1238315
* https://bugzilla.suse.com/show_bug.cgi?id=1239012
* https://bugzilla.suse.com/show_bug.cgi?id=1239543
* https://bugzilla.suse.com/show_bug.cgi?id=1239809
* https://bugzilla.suse.com/show_bug.cgi?id=1240132
* https://bugzilla.suse.com/show_bug.cgi?id=1240529
* https://bugzilla.suse.com/show_bug.cgi?id=1241463
* https://bugzilla.suse.com/show_bug.cgi?id=1243279
* https://bugzilla.suse.com/show_bug.cgi?id=1243457
* https://bugzilla.suse.com/show_bug.cgi?id=1243887
* https://bugzilla.suse.com/show_bug.cgi?id=1243901
* https://bugzilla.suse.com/show_bug.cgi?id=1244042
* https://bugzilla.suse.com/show_bug.cgi?id=1244105
* https://bugzilla.suse.com/show_bug.cgi?id=614646
* https://jira.suse.com/browse/PED-11268
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250709/fbbaaec8/attachment.htm>
More information about the sle-updates
mailing list