Heya folks! It's sync day, and that means it's time for the weekly Solus roundup! We've pushed a lot of updates this week, following the release of Solus 4.8 Opportunity. If you haven't read our blog post about it, make sure to give it a read!
Qt 6 has been updated to 6.10.1. This release contains many new features and fixes from the previous series. Check out the upstream changelog for more details. Additionally, the KDE Frameworks stack has been updated to 6.20.0. This also has a bunch of new features and squashed bugs. The release announcement can be found here.
Not wanting to be left out, GNOME was also updated to 49.2. This is a bugfix release for the 49 series. The full list of changes can be read here.
Niri has also been updated to 25.11. Version 25.11 has a bunch of exciting changes, including a new Alt+Tab interface with live window previews, window animations when going to and from fullscreen mode, the addition of a true window maximize feature, dragging to scroll, and more. Be sure to check out the full release notes for the complete list of changes.
We've made some significant changes to our libwebkit-gtk packages. Before this sync, we had three different versions of webkitgtk built from separate package recipes. Now, all versions are built from the same recipe, making it easier and quicker to make updates. Additionally, the oldest version of webkitgtk, libwebkitgtk-4.0, has been dropped. Only three packages still depended on it, and all three have been ported to use libwebkitgtk-4.1.
The Nintendo DS emulator melonDS has been updated to version 1.1. It contains many fixes and improvements for its DSi mode. Check out the release announcement for more.
Lastly, Microsoft Edit has been added to the repository. This editor pays homage to the classic MS-DOS Editor, but with a modern interface, and input controls similar to VS Code. The goal is to provide an accessible editor that even users largely unfamiliar with terminals can easily use.
Security updates
We have a lot of security updates this week. Make sure to install your available updates to get the latest vulnerability fixes!
- brotli was updated to 1.2.0-13 (@EbonJaeger). Includes security fixes for CVE-2025-6176.
- golang was updated to 1.25.5-136 (@silkeh). Includes security fixes for CVE-2025-61727, CVE-2025-61729.
- imagemagick was updated to 7.1.2.8-204 (@davidjharder). Includes security fixes for GHSA-wpp4-vqfq-v4hp, GHSA-g5vw-p55v-8742.
- libpng was updated to 1.6.52-31 (@Jaredy899, @EbonJaeger). Includes security fixes for CVE-2025-66293.
- libvpx was updated to 1.15.2-22 (@joebonrichie, @Jaredy899). Includes security fixes for CVE-2025-5283.
- libwebkit-gtk was updated to 2.50.3-135 (@EbonJaeger, @EbonJaeger). Includes security fixes for CVE-2025-43421, CVE-2025-43458, CVE-2025-13947, CVE-2025-66287, CVE-2025-13502.
- openjpeg was updated to 2.5.4-22 (@davidjharder). Includes security fixes for CVE-2025-54874.
- php was updated to 8.2.29-108 (@davidjharder). Includes security fixes for CVE-2025-1735, CVE-2025-6491, CVE-2025-1220.
- python-urllib3 was updated to 2.6.0-21 (@EbonJaeger). Includes security fixes for CVE-2025-66418, CVE-2025-66471.
- tinyxml2 was updated to 11.0.0-9 (@joebonrichie). Includes security fixes for CVE-2024-50615.
- wireshark was updated to 4.6.2-100 (@silkeh, @silkeh). Includes security fixes for CVE-2025-13499, CVE-2025-13674, CVE-2025-13946, CVE-2025-13945.
- xkbcomp was updated to 1.5.0-14 (@EbonJaeger). Includes security fixes for CVE-2018-15863, CVE-2018-15853, CVE-2018-15859, CVE-2018-15861.
General updates
The full list of updated packages can be found here.
For the list of currently known issues, see the dedicated thread for it. If you begin experiencing a bug, please look for an issue on our issue tracker, and open a new one if one does not exist.
Thatβs all for this week, folks! We'll be here same time, same place next week for another roundup of the news!
