Portal:Security
openSUSE is a secure distribution. Both during development and after shipment security processes are honored and applied.
Overseeing the security of the openSUSE distribution and coordinating the updates is the SUSE Security Team.
Features
openSUSE's Security Features help to prevent bugs from being exploitable.
Documentation
For information about SUSE specific security features and their configuration see Security Documentation.
Updates
Security updates for openSUSE Leap stable releases are provided by the SUSE Security Team, with the help of community maintainers and developers. See the openSUSE Lifetime page for details on currently maintained stable releases and lifetime details.
For packages in Leap that are inherited from SUSE Linux Enterprise, the updates built from the same sources will be released for openSUSE Leap.
A well defined Incident Handling Process is used to track, coordinate and release updates.
Security announcements are sent to the security-announce@lists.opensuse.org mailinglist. An archive is also available. This security announcement lists only important features and critical updates to keep traffic low. To get all openSUSE updates, subscribe to the updates@lists.opensuse.org mailinglist.
SUSE Linux Enterprise specific announcements can be found via the SUSE Customer Center, via this mailinglist, or on the Update Notices page.
openSUSE updates are freely available on our Update Mirrors. Desktop applets warn users about new updates and offer to install them with just some mouse clicks. Alternatively command line update tools (zypper) or graphical package management tools (YaST) are also available for installing updates, or you can even turn on fully automatic update installation.
Links
openSUSE security related links on the SUSE website:
- SUSE Linux Enterprise Updates Notices
- SUSE security problems by CVE index
- Connect SUSE security Group
Other references
