Released products are expected to provide a certain degree of stability. Nevertheless bugs and security issues make it necessary to occasionally release package updates. To reduce risk of breaking running systems updates have to adhere to certain rules and need to be released in a coordinated manner.
- prerequisite for any update is a bug report at https://bugzilla.opensuse.org/.
- if you have questions if a fix is feasible for an update, set the state NEEDINFO email@example.com in the bug-report
- the packager submits fixed packages.
- the submission receives review from the openSUSE Maintenance team and, if the submission was not from the maintainer, from the maintainer.
- the submission gets included in a testing repository and the patch-documentation will be prepared by the openSUSE Maintenance team.
- after postive feedback by testers of the update-test repository the update gets released into the official main update repository of the particular openSUSE version.
Notes about security updates
Bug reports for security issues are supervised by firstname.lastname@example.org instead of email@example.com. Such bug reports can also be recognized by the 'VUL-0' or 'VUL-1' prefix in the bug's subject. Apart from that the process is basically identical to normal bug fixes.
Differences for openSUSE Leap
Before you start working on a fix for openSUSE Leap, please check if the package is not maintained in SLE. A list of all packages and where they are maintained you can find here:
openSUSE Leap 15.2
or via commandline:
$ osc less openSUSE:Leap:15.2:Update 00Meta lookup.yml
If the package is maintained in SLE, please open a bugreport at Bugzilla against the Leap product.