This update for libzypp, zypper fixes the following issues: Update zypper to version 1.14.41 Update libzypp to 17.25.4 - CVE-2017-9271: Fixed information leak in the log file - RepoManager: Force refresh if repo url has changed - RepoManager: Carefully tidy up the caches. Remove non-directory entries. - RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe . - RpmDb: If no database exists use the _dbpath configured in rpm. Still makes sure a compat symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. - Fixed update of gpg keys with elongated expire date - needreboot: remove udev from the list - Fix lsof monitoring yast-installation was updated to 4.2.48: - Do not cleanup the libzypp cache when the system has low memory, incomplete cache confuses libzypp later