Hello Everyone,
sorry if this feels like a really dumb question.
Is there any documentation for Leap that’s similar to:
Or something comparable to debian patchnotes:
https://www.debian.org/News/2025/20250517
The only thing I could find is:
But maybe I am looking for the documentation in the wrong places? Is this because Leap is based on SUSE SLE and patchnotes are provided be SUSE?
Or are there no “traditional patchnotes” because pacages do not change and get mainly bug and security fixes?
Or are there no “traditional patchnotes” because pacages do not change and get mainly bug and security fixes?
Yep. You should update the shared codebase SLE15/openSUSE Leap 15.x only with patches. Read SUSE update advisories or patch description in YOU (YAST Online Update) or:
# zypper list-patches
# zypper patch-info <patch id>
# zypper patch-info SUSE-SLE-Module-Basesystem-15-SP6-2025-966
Only security patches:
# zypper lp -g security
I hold back non-security patches (and non-security updates) for several months.
The SLE15 releases notes are available here:
https://www.suse.com/releasenotes/index.html
So how exactly does one hold back non-security update? Do you disable the repositories? Because as soon as one installs a 3rd party rpm file, zypper checks for updates on all repositories automatically!
So if I get it correctly, instead of using zypper update regularly one should use zypper lp -g security to check which packages need to be patched and use zypper patch to update them?
Do you abstain from using zypper update? As long as someone doesn’t use 3rd party repositories, I guess that there would be no need to use zypper update - or just keep this repository enabled for safety measures (I don’t use 3rd party repos)?
If the repository provides patches, i recommend to select and install the patches which you want install. Check with (Open-)SCAP for missing security updates (checkSecurity.sh):
https://forums.opensuse.org/t/measures-to-harden-an-opensuse-install-and-to-run-an-opensuse-system-securely/180953/17
A self-made repository simplify administration of multiple machines:
https://forums.opensuse.org/t/softwareupdates-im-allgemeinen/143270/19
Translate from German to English with a translator like www.deepl.com.
My self-made repository for desktop contains 7 3rd party rpm, 2 recompiled rpm (origin: shared codebase), and over 1600 rpm from the shared codebase (origin: SUSE). I’m happy with 7 foreign rpm.