Avahi update (openSUSE Leap 16.0-193) erase my KDEWallet

djm38fr · January 27, 2026, 7:06pm

Hello,

I received an openSUSE Leap 16.0-193 update today regarding a security vulnerability in Avahi.

CVE-2025-68276: Fixed an issue preventing the creation of extended record browsers when the WAN is disabled (bsc#1256498)
CVE-2025-68471: Fixed a DoS vulnerability by replacing assert with return (bsc#1256500)
CVE-2025-68468: Fixed a DoS vulnerability by removing an incorrect assertion (bsc#1256499)

This Avahi update wiped my KDE wallet.

I restored the previous state using the command sudo snapper rollback to regain access to my KDE wallet while waiting for a better solution.

deano_ferrari · January 27, 2026, 7:43pm

There isn’t a direct or indirect relationship between Avahi and KWallet. Avahi cannot modify or erase KDE wallet user data. I’m curious to understand what the snapper rollback did, as it doesn’t restore /home. Something else may have impacted with its ability to unlock perhaps.

It would be interesting to know if anyone else has experienced similar behaviour. (I’m about to update a Leap 16 install this morning.)

djm38fr · January 27, 2026, 8:07pm

Hi,

I restarted from the snapshot that was automatically taken after installing the Avahi update and this time everything works.

Regards