OpenSUSE Leap 16.0 Release Notes: Difference between revisions

Line 1:

'''Publication Date:''' 2025-09-29

openSUSE Leap is a modern, modular operating system suitable for both traditional IT and multimodal workloads. This document highlights major features, updates, and known limitations.

Line 17:

Line 19:

* https://doc.opensuse.org.

This section describes community-driven enhancements, features, and updates that extend the SUSE Linux Enterprise core. These changes reflect the openSUSE ~~project’s~~ unique contributions, including desktop improvements, additional packages, and new workflows.

This section describes community-driven enhancements, features, and updates that extend the SUSE Linux Enterprise core. These changes reflect the openSUSE project's unique contributions, including desktop improvements, additional packages, and new workflows.

== openSUSE Leap Community Additions ==

Line 65:

Line 67:

=== Automated NVIDIA Driver and Repository Setup ===

On supported GPUs, ~~NVIDIA’s~~ open driver is installed by default along with the NVIDIA graphics driver repository. In openSUSE Leap 16, user-space drivers are also automatically installed, enabling graphical acceleration out of the box.

On supported GPUs, NVIDIA's open driver is installed by default along with the NVIDIA graphics driver repository. In openSUSE Leap 16, user-space drivers are also automatically installed, enabling graphical acceleration out of the box.

=== Security ===

Line 366:

Line 368:

openSUSE Leap 16.0 only supports 64-bit binaries. Support for 32-bit binaries (or 31-bit binaries on IBM Z) has been removed.

This means that statically-linked 32-bit binaries (or 31-bit binaries on IBM Z) and container images cannot be run anymore. 32-bit syscalls are still enabled by default on arm64, and can be enabled on x86_64 via the kernel parameter <code>ia32_emulation</code>. On other architectures ~~it’s~~ disabled without any option to enable it.

This means that statically-linked 32-bit binaries (or 31-bit binaries on IBM Z) and container images cannot be run anymore. 32-bit syscalls are still enabled by default on arm64, and can be enabled on x86_64 via the kernel parameter <code>ia32_emulation</code>. On other architectures it's disabled without any option to enable it.

==== Compiling kernel uses non-default compiler ====

Line 798:

Line 800:

===== Enhanced VM Security with AMD SEV-SNP =====

AMD SEV-SNP (Secure Encrypted Virtualization-Secure Nested Paging) is a hardware security feature in AMD EPYC processors that provides a highly secure and confidential environment for virtual machines (VMs). It offers strong memory confidentiality through per-VM encryption keys and AES encryption, and crucially, robust memory integrity protection to prevent tampering from the hypervisor or other threats. It also provides enhanced isolation and remote attestation capabilities, making it ideal for protecting sensitive data and workloads in untrusted environments like cloud computing. This release fully integrates AMD SEV-SNP for KVM-based virtual machines. This means integrated support in our kernel, along with updated QEMU, Libvirt, and OVMF Firmware. To use AMD SEV-SNP, ~~you’ll~~ need, AMD EPYC™ 3rd Gen Processors (Milan) or newer and SEV-SNP enabled in your ~~system’s~~ BIOS/UEFI.

AMD SEV-SNP (Secure Encrypted Virtualization-Secure Nested Paging) is a hardware security feature in AMD EPYC processors that provides a highly secure and confidential environment for virtual machines (VMs). It offers strong memory confidentiality through per-VM encryption keys and AES encryption, and crucially, robust memory integrity protection to prevent tampering from the hypervisor or other threats. It also provides enhanced isolation and remote attestation capabilities, making it ideal for protecting sensitive data and workloads in untrusted environments like cloud computing. This release fully integrates AMD SEV-SNP for KVM-based virtual machines. This means integrated support in our kernel, along with updated QEMU, Libvirt, and OVMF Firmware. To use AMD SEV-SNP, you'll need, AMD EPYC™ 3rd Gen Processors (Milan) or newer and SEV-SNP enabled in your system's BIOS/UEFI.

==== Others ====

Line 881:

Line 883:

Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) Version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled ~~“GNU~~ Free Documentation ~~License”~~.

Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) Version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled "GNU Free Documentation License".

This document includes content adapted from the SUSE Linux Enterprise release notes, contributed by the SUSE Documentation Team. Portions of the content are maintained by the openSUSE community.

@@ Line 1: / Line 1: @@
+'''Publication Date:''' 2025-09-29
 openSUSE Leap is a modern, modular operating system suitable for both traditional IT and multimodal workloads. This document highlights major features, updates, and known limitations.
@@ Line 17: / Line 19: @@
 * https://doc.opensuse.org.
-This section describes community-driven enhancements, features, and updates that extend the SUSE Linux Enterprise core. These changes reflect the openSUSE project’s unique contributions, including desktop improvements, additional packages, and new workflows.
+This section describes community-driven enhancements, features, and updates that extend the SUSE Linux Enterprise core. These changes reflect the openSUSE project's unique contributions, including desktop improvements, additional packages, and new workflows.
 == openSUSE Leap Community Additions ==
@@ Line 65: / Line 67: @@
 === Automated NVIDIA Driver and Repository Setup ===
-On supported GPUs, NVIDIA’s open driver is installed by default along with the NVIDIA graphics driver repository. In openSUSE Leap 16, user-space drivers are also automatically installed, enabling graphical acceleration out of the box.
+On supported GPUs, NVIDIA's open driver is installed by default along with the NVIDIA graphics driver repository. In openSUSE Leap 16, user-space drivers are also automatically installed, enabling graphical acceleration out of the box.
 === Security ===
@@ Line 366: / Line 368: @@
 openSUSE Leap 16.0 only supports 64-bit binaries. Support for 32-bit binaries (or 31-bit binaries on IBM Z) has been removed.
-This means that statically-linked 32-bit binaries (or 31-bit binaries on IBM Z) and container images cannot be run anymore. 32-bit syscalls are still enabled by default on arm64, and can be enabled on x86_64 via the kernel parameter <code>ia32_emulation</code>. On other architectures it’s disabled without any option to enable it.
+This means that statically-linked 32-bit binaries (or 31-bit binaries on IBM Z) and container images cannot be run anymore. 32-bit syscalls are still enabled by default on arm64, and can be enabled on x86_64 via the kernel parameter <code>ia32_emulation</code>. On other architectures it's disabled without any option to enable it.
 ==== Compiling kernel uses non-default compiler ====
@@ Line 798: / Line 800: @@
 ===== Enhanced VM Security with AMD SEV-SNP =====
-AMD SEV-SNP (Secure Encrypted Virtualization-Secure Nested Paging) is a hardware security feature in AMD EPYC processors that provides a highly secure and confidential environment for virtual machines (VMs). It offers strong memory confidentiality through per-VM encryption keys and AES encryption, and crucially, robust memory integrity protection to prevent tampering from the hypervisor or other threats. It also provides enhanced isolation and remote attestation capabilities, making it ideal for protecting sensitive data and workloads in untrusted environments like cloud computing. This release fully integrates AMD SEV-SNP for KVM-based virtual machines. This means integrated support in our kernel, along with updated QEMU, Libvirt, and OVMF Firmware. To use AMD SEV-SNP, you’ll need, AMD EPYC™ 3rd Gen Processors (Milan) or newer and SEV-SNP enabled in your system’s BIOS/UEFI.
+AMD SEV-SNP (Secure Encrypted Virtualization-Secure Nested Paging) is a hardware security feature in AMD EPYC processors that provides a highly secure and confidential environment for virtual machines (VMs). It offers strong memory confidentiality through per-VM encryption keys and AES encryption, and crucially, robust memory integrity protection to prevent tampering from the hypervisor or other threats. It also provides enhanced isolation and remote attestation capabilities, making it ideal for protecting sensitive data and workloads in untrusted environments like cloud computing. This release fully integrates AMD SEV-SNP for KVM-based virtual machines. This means integrated support in our kernel, along with updated QEMU, Libvirt, and OVMF Firmware. To use AMD SEV-SNP, you'll need, AMD EPYC™ 3rd Gen Processors (Milan) or newer and SEV-SNP enabled in your system's BIOS/UEFI.
 ==== Others ====
@@ Line 881: / Line 883: @@
 Copyright © 2025-2025 openSUSE contributors and SUSE LLC. All rights reserved.
-Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) Version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”.
+Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) Version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled "GNU Free Documentation License".
 This document includes content adapted from the SUSE Linux Enterprise release notes, contributed by the SUSE Documentation Team. Portions of the content are maintained by the openSUSE community.