Hello all, Leap 15.3 has 4 update repositories instead of 2 like Leap 15.2 and previous versions: - repo-backports-update (new as of 15.3) - repo-sle-update (new as of 15.3) - repo-update - repo-update-non-oss I roughly understand the purpose of the above repos (see e.g. https://doc.opensuse.org/release-notes/x86_64/openSUSE/Leap/15.3/#installati...). But I'd like to know more about the policies/rules which apply to these repos. Questions that come to mind: - Is the repository really required to get security fixes? - Does the repository contain explicit security fixes? (I.e. are only security fixes applied to existing versions or will new versions from upstream be made available?) - Are version numbers (mostly/somewhat/...) kept stable? - Does the repository provide patches for zypper or complete RPMs only? Is there any document/description that answers these types of questions? I guess for *repo-backports-update* the policy is more or less that you ship what you (can) get from upstream. *repo-sle-update* and *repo-update* seem to contain security fixes and patch definitions (just looked briefly). How about *repo-backports-update*? Previously (e.g. with 15.2) the policy seemed to result in rather stable version numbers, i.e. few updates where minor (or even major) version numbers changed. This seems to be different for 15.3, particularly when looking at backports-update. But that's all guesswork and I couldn't find anything documentation for that. On example package that I stumbled across is --- snip --- leap153:~ # zypper se -s ruby2.5-rubygem-i18n [...] S | Name | Version | Arch | Repository --+---------------------------+-------------------+--------+----------- | ruby2.5-rubygem-i18n | 0.9.1-1.21 | x86_64 | repo-oss | ruby2.5-rubygem-i18n-0_6 | 0.6.11-bp153.1.16 | x86_64 | repo-oss | ruby2.5-rubygem-i18n-1.1 | 1.1.1-bp153.1.16 | x86_64 | repo-oss | ruby2.5-rubygem-i18n-1.8 | 1.8.10-bp153.2.1 | x86_64 | repo-backports-update --- snip --- My current understanding is that I can simply chose from any of the above versions, but none was released because of security reasons. And if so, would there be security updates for e.g. ruby2.5-rubygem-i18n-0_6 or ruby2.5-rubygem-i18n-1.1? And where would they be published? Explanations/insights/hints are much appreciated. Thanks and regards -- Till -- Dipl.-Inform. Till Dörges doerges@pre-sense.de PRESENSE Technologies GmbH Nagelsweg 41, D-20097 HH Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges, Jürgen Sander USt-IdNr.: DE263765024 Besuchen Sie uns gerne auf der digitalen Plattform it-sa 365: https://www.itsa365.de/de-de/companies/p/presense-technologies-gmbh