On Sat 2024-03-30, -pj via openSUSE Factory wrote:
For snapshot 0328, Ring0 has been completely bootstrapped (as the attack vectors for xz were not fully known, we went the safest route) and for 0329 all of Tumbleweed rebuilt against that new base Can you suggest how for me to better understand about "Ring0 has been completely bootstrapped"? I ask this because you may know some SUSE or openSUSE webpages related to this. I am not an advanced user by any means.
Two things have happened: 1. The core of openSUSE Tumbleweed (= Ring 0) has been rebuilt from scratch. This is the base that builds everything else. Snapshot 0328. 2. Based on that everything else has been rebuilt. Snapshot 0329. In other words, openSUSE Tumbleweed has been completely rebuilt from sources - every single bit. This is in response to the XZ security issue: https://news.opensuse.org/2024/03/29/xz-backdoor/ And when you run "zypper dup", as every Tumbleweed user should, every single package should be replaced. This is not business as usual, rather to the contrary. Gerald