Heya folks! It's sync day, and that means it's time for the weekly Solus roundup!
KDE Gear applications have been updated to 25.12.3. This is a bugfix release for the 25.12 series. Check out the full list of changes here. In addition, qrca has been added, which is a QR Code utility that enables users to create and scan QR Codes, which can be useful for sharing Wi-Fi connection details with devices that have a camera.
Mozc, the Japanese input engine, has been updated to 3.33.6089.102. Our package has been significantly changed, mainly in that it no longer uses most system libraries. This is because the build system has no mechanism to build against system libraries, and patching it to do so is a huge task, and other Linux distributions are still using old versions of both mozc and protobuf. Important The Fcitx support in our mozc is now targeting Fcitx5. Support for both versions 4 and 5 is not possible, because they cannot both be installed at the same time on Solus.
Keepassxc has been updated to 2.7.12. The newest version of KeePassXC may break passkeys for some users with existing password databases. This is intentionally done by the developers to fix a different problem with passkeys. Refer to the fix on the blog post here if you are affected. The full changelog can be found here.
The Ghostty terminal has been updated to 1.3.0. This version features a bunch of improvements. Check them out here.
Thinkfan has been added to the repository this week. It is an application that enables users to control the fans of their IBM/ThinkPad notebook devices.
PeaZip has also been added to the repository. This is a file archive utility, supporting RAR, TAR, Zip, and more.
The Cura 3D printer software has been removed from the repository. It no longer builds with newer system libraries, and, like mozc, is an absolute nightmare to get working. It exists as both a Flatpak and an AppImage, so the decision was made to deprecate the packages.
Security updates
We have a bunch of security updates this week. As always, make sure to install available updates so you have the latest vulnerability protections.
- curl was updated to 8.19.0-113 (@silkeh). Includes security fixes for CVE-2026-1965, CVE-2026-3805, CVE-2026-3783, CVE-2026-3784.
- ghostty was updated to 1.3.0-18 (@Jaredy899). Includes security fixes for CVE-2026-26982.
- giflib was updated to 6.1.2-13 (@Jaredy899). Includes security fixes for CVE-2021-40633, CVE-2025-31344, CVE-2026-23868.
- imagemagick was updated to 7.1.2.16-208 (@Jaredy899). Includes security fixes for CVE-2026-28692, CVE-2026-30935, CVE-2026-28690, CVE-2026-30936, CVE-2026-28693, CVE-2026-28691.
- libssh was updated to 0.11.4-19 (@davidjharder). Includes security fixes for CVE-2026-0966, CVE-2026-0968, CVE-2026-0967, CVE-2026-0965.
- openssl was updated to 3.6.1-57 (@EbonJaeger). Includes security fixes for CVE-2026-22796, CVE-2025-69419, CVE-2025-15467, CVE-2026-22795, CVE-2025-15469, CVE-2025-11187, CVE-2025-69418, CVE-2025-15468, CVE-2025-69420, CVE-2025-66199, CVE-2025-68160, CVE-2025-69421.
- python-markdown was updated to 3.10.2-16 (@EbonJaeger). Includes security fixes for CVE-2025-69534.
- qt6-webengine was updated to 6.10.2-60 (@joebonrichie, @HarveyDevel). Includes security fixes for CVE-2026-3062, CVE-2026-3540, CVE-2026-3536, CVE-2026-3544, CVE-2026-3543, CVE-2026-3061, CVE-2026-3545, CVE-2026-3538, CVE-2026-3539, CVE-2026-3542, CVE-2026-3541.
General updates
The full list of updated packages can be found here.
For the list of currently known issues, see the dedicated thread for it. If you begin experiencing a bug, please look for an issue on our issue tracker, and open a new one if one does not exist.
Thatβs all for this week, folks! We'll be here same time, same place next week for another roundup of the news!
