SUSE-RU-2025:02007-1: moderate: Recommended update for libzypp, zypper

Wed Jun 18 16:30:31 UTC 2025

# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:02007-1  
Release Date: 2025-06-18T14:03:37Z  
Rating: moderate  
References:

  * bsc#1239012
  * bsc#1239543
  * bsc#1240132
  * bsc#1241463
  * bsc#1243887
  * bsc#1243901
  * bsc#1244105

Affected Products:

  * Basesystem Module 15-SP6
  * Basesystem Module 15-SP7
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Desktop 15 SP7
  * SUSE Linux Enterprise High Performance Computing 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP7
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server 15 SP7
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that has seven fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Fix credential handling in HEAD requests (bsc#1244105)
  * RepoInfo: use pathNameSetTrailingSlash
  * Fix wrong userdata parameter type when running zypp with debug verbosity
    (bsc#1239012)
  * Do not warn about no mirrors if mirrorlist was switched on automatically.
    (bsc#1243901)
  * Relax permission of cached packages to 0644 & ~umask (bsc#1243887)
  * Add a note to service maintained .repo file entries
  * Support using %{url} variable in a RIS service's repo section.
  * Use a cookie file to validate mirrorlist cache. This patch extends the
    mirrorlist code to use a cookie file to validate the contents of the cache
    against the source URL, making sure that we do not accidentially use a old
    cache when the mirrorlist url was changed. For example when migrating a
    system from one release to the next where the same repo alias might just
    have a different URL.
  * Let Service define and update gpgkey, mirrorlist and metalink.
  * Preserve a mirrorlist file in the raw cache during refresh.
  * Enable curl2 backend and parallel package download by default. Environment
    variables ZYPP_CURL2=<0|1> and ZYPP_PCK_PRELOAD=<0|1> can be used to turn
    the features on or off.
  * Make gpgKeyUrl the default source for gpg keys. When refreshing zypp now
    primarily uses gpgKeyUrl information from the repo files and only falls back
    to a automatically generated key Url if a gpgKeyUrl was not specified.
  * Introduce mirrors into the Media backends (bsc#1240132)
  * Drop MediaMultiCurl backend.
  * Throttle progress updates when preloading packages (bsc#1239543)
  * Check if request is in valid state in CURL callbacks
  * spec/CMake: add conditional build '\--with[out]
    classic_rpmtrans_as_default'. classic_rpmtrans is the current builtin
    default for SUSE, otherwise it's single_rpmtrans. The
    `enable_preview_single_rpmtrans_as_default_for_zypper` switch was removed
    from the spec file. Accordingly the CMake option
    ENABLE_PREVIEW_SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER was removed.
  * BuildRequires: libzypp-devel >= 17.37.0.
  * Use libzypp improvements for preload and mirror handling.
  * xmlout.rnc: Update repo-element (bsc#1241463) Add the "metalink" attribute
    and reflect that the "url" elements list may in fact be empty, if no
    baseurls are defined in the .repo files.
  * man: update --allow-unsigned-rpm description. Explain how to achieve the
    same for packages provided by repositories.

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-2007=1 openSUSE-SLE-15.6-2025-2007=1

  * SUSE Linux Enterprise High Performance Computing 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-2007=1

  * SUSE Linux Enterprise Server 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-2007=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-2007=1

  * SUSE Linux Enterprise Desktop 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-2007=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2007=1

  * Basesystem Module 15-SP7  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2007=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * zypper-1.14.90-150600.10.34.3
    * libzypp-17.37.5-150600.3.60.1
    * zypper-debugsource-1.14.90-150600.10.34.3
    * libzypp-devel-17.37.5-150600.3.60.1
    * libzypp-debuginfo-17.37.5-150600.3.60.1
    * libzypp-debugsource-17.37.5-150600.3.60.1
    * libzypp-devel-doc-17.37.5-150600.3.60.1
    * zypper-debuginfo-1.14.90-150600.10.34.3
  * openSUSE Leap 15.6 (noarch)
    * zypper-log-1.14.90-150600.10.34.3
    * zypper-needs-restarting-1.14.90-150600.10.34.3
    * zypper-aptitude-1.14.90-150600.10.34.3
  * SUSE Linux Enterprise High Performance Computing 15 SP6 (aarch64 x86_64)
    * libzypp-17.37.5-150600.3.60.1
  * SUSE Linux Enterprise Server 15 SP6 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.37.5-150600.3.60.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
    * libzypp-17.37.5-150600.3.60.1
  * SUSE Linux Enterprise Desktop 15 SP6 (x86_64)
    * libzypp-17.37.5-150600.3.60.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * zypper-1.14.90-150600.10.34.3
    * libzypp-17.37.5-150600.3.60.1
    * zypper-debugsource-1.14.90-150600.10.34.3
    * libzypp-devel-17.37.5-150600.3.60.1
    * libzypp-debuginfo-17.37.5-150600.3.60.1
    * libzypp-debugsource-17.37.5-150600.3.60.1
    * zypper-debuginfo-1.14.90-150600.10.34.3
  * Basesystem Module 15-SP6 (noarch)
    * zypper-log-1.14.90-150600.10.34.3
    * zypper-needs-restarting-1.14.90-150600.10.34.3
  * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
    * zypper-1.14.90-150600.10.34.3
    * libzypp-17.37.5-150600.3.60.1
    * zypper-debugsource-1.14.90-150600.10.34.3
    * libzypp-devel-17.37.5-150600.3.60.1
    * libzypp-debuginfo-17.37.5-150600.3.60.1
    * libzypp-debugsource-17.37.5-150600.3.60.1
    * zypper-debuginfo-1.14.90-150600.10.34.3
  * Basesystem Module 15-SP7 (noarch)
    * zypper-log-1.14.90-150600.10.34.3
    * zypper-needs-restarting-1.14.90-150600.10.34.3

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1239012
  * https://bugzilla.suse.com/show_bug.cgi?id=1239543
  * https://bugzilla.suse.com/show_bug.cgi?id=1240132
  * https://bugzilla.suse.com/show_bug.cgi?id=1241463
  * https://bugzilla.suse.com/show_bug.cgi?id=1243887
  * https://bugzilla.suse.com/show_bug.cgi?id=1243901
  * https://bugzilla.suse.com/show_bug.cgi?id=1244105

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250618/ecaffe98/attachment.htm>