Week 12, 2026

EbonJaeger

Heya folks! It's sync day, and that means it's time for the weekly Solus roundup! We have a lot to get through today, so let's get started.

This week, we have changed how we enable systemd services for packages. Previously, we would create a symbolic link in one of the .wants directories to make systemd start them. While this does work, it is confusing because services do not correctly show as enabled when running systemctl status. To fix this, we are now enabling services selectively via systemd presets, using a new trigger with our usysconf tool. Now, services that are enabled by us have the correct state in systemctl status, and it is easier for us to manage enabled services. Note! Users updating from the CLI will notice that usysconf will print out a lot of messages about updating services for the presets. There is no good way around this with the architecture of the tool. Important! Because of how usysconf and the trigger works, you may notice that services you had enabled previously may no longer be enabled, and you will have to re-enable them again.

As a part of this, we are also re-considering services that were not enabled out-of-the-box in the past. If you think a package should enable a service when installed, please let us know on our issue tracker.

Another major task was completed this week. We noticed that nothing used the old GStreamer 0.10 packages anymore, so they were removed. Someone then had the great idea (it may have been me) that we should re-name our gstreamer-1.0 packages to just gstreamer, since it didn't make sense to include the version in the package name. That meant rebuilding every package in the repository that depended on GStreamer, the final count being about 84. This change should be entirely transparent to users, assuming that no packages were missed in the migration. In the process of all of this, GStreamer was updated to 1.28.1. The changelog for 1.28.0 can be found here.

PipeWire has been updated to 1.6.2, marking the first time the 1.6 series has been in the Solus repository. PipeWire 1.6 contains some of the bigger changes since the 1.4 release last year. Check out the full changelog here.

In more exciting news, Plasma 6.6.3 landed in the repository. This is a bugfix release for the Plasma 6.6 series. Check out the changes here. Additionally, KDE Frameworks was updated to 6.24.0. See everything that changed here.

GNOME users weren't left out, either, as GNOME 49.5 also hit the repository this sync. This is a bugfix release for the GNOME 49 series. Check out the full list of changes here.

Our tlp package has been split into three: tlp, tlp-pd, and tlp-rdw. tlp-pd contains the power daemon, and conflicts with the Power Profiles Daemon package. Given that Power Profiles Daemon is a dependency for most, if not all, of our desktop offerings, it is unclear if tlp-pd has any use. The tlp-rdw package provides the capability to enable or disable Bluetooth and Wi-Fi devices in response to certain events.

Security updates

There are several security updates this week. Make sure you install all available updates to get the latest vulnerability fixes.

curl was updated to 8.19.0-113 (@silkeh). Includes security fixes for CVE-2026-1965, CVE-2026-3805, CVE-2026-3783, CVE-2026-3784.
ghostty was updated to 1.3.0-18 (@Jaredy899). Includes security fixes for CVE-2026-26982.
giflib was updated to 6.1.2-13 (@Jaredy899). Includes security fixes for CVE-2021-40633, CVE-2025-31344, CVE-2026-23868.
imagemagick was updated to 7.1.2.16-208 (@Jaredy899). Includes security fixes for CVE-2026-28692, CVE-2026-30935, CVE-2026-28690, CVE-2026-30936, CVE-2026-28693, CVE-2026-28691.
libssh was updated to 0.11.4-19 (@davidjharder). Includes security fixes for CVE-2026-0966, CVE-2026-0968, CVE-2026-0967, CVE-2026-0965.
openssl was updated to 3.6.1-57 (@EbonJaeger). Includes security fixes for CVE-2026-22796, CVE-2025-69419, CVE-2025-15467, CVE-2026-22795, CVE-2025-15469, CVE-2025-11187, CVE-2025-69418, CVE-2025-15468, CVE-2025-69420, CVE-2025-66199, CVE-2025-68160, CVE-2025-69421.
python-markdown was updated to 3.10.2-16 (@EbonJaeger). Includes security fixes for CVE-2025-69534.
qt6-webengine was updated to 6.10.2-60 (@joebonrichie, @HarveyDevel). Includes security fixes for CVE-2026-3062, CVE-2026-3540, CVE-2026-3536, CVE-2026-3544, CVE-2026-3543, CVE-2026-3061, CVE-2026-3545, CVE-2026-3538, CVE-2026-3539, CVE-2026-3542, CVE-2026-3541.

General updates

The full list of updated packages can be found here.

For the list of currently known issues, see the dedicated thread for it. If you begin experiencing a bug, please look for an issue on our issue tracker, and open a new one if one does not exist.

That’s all for this week, folks! We'll be here same time, same place next week for another roundup of the news!

brent

EbonJaeger To fix this, we are now enabling services selectively via systemd presets, using a new trigger with our usysconf tool. Now, services that are enabled by us have the correct state in systemctl status, and it is easier for us to manage enabled services.

this is more streamlined than straight symlinking

EbonJaeger While this does work, it is confusing because services do not correctly show as enabled when running systemctl status

an annoyance we lived with a while; I'm so glad

EbonJaeger As a part of this, we are also re-considering services that were not enabled out-of-the-box in the past. If you think a package should enable a service when installed, please let us know on our issue tracker.

muy interesante

Bold moves all around. these systemd innovations are exciting

EDIT: @EbonJaeger I did give my preset suggestion at that link you furnished. thanks for offering it to the forum users

Original-Syn

All good on my test lab and on bare metal.

Today has been a good day.

Posted to socials!

Xoph

Original-Syn

Today has been a good day.

Posted to socials!

I was busy this evening, but I knew I would get an alert on BSky from your account when it dropped. You are like the unofficial news service. Also noticed the Solus team has an official account there as well and posting update info which is good. Spread the word!

Glad you had a good day!!

totalmongobaer

Yes, its a happy Friday with a good sync and no problems after reboot! Thx EbonJager

DinimixisDEMZ

The CVE update. 0.0"

Jaredy899

Thanks for working on the presets! @EbonJaeger did a lot of work on these.

Original-Syn

Jaredy899 Indeed!
He was a machine. Hard to keep up with it. It is all working great!

ForumPheasant

Now that was a spicy meatball on the package manager, look up and see all the systemd services restarting like they're late to a party. All is tip-top as always, thank you much!

banger

All good on two bare metal Stable and Unstable on 2 VMs are ok as well. 😃

Axios

All seems ok

Julien68

Following this update, the text recognition option has disappeared in the KDE version
Before:

After:

Harvey

Julien68

Cherry-picked spectacle fix for OCR.

Upstream added a patch to "Fix tesseract not being found on Fedora " well it broke it for us. Figure out why another day. Update again an you should be good.

wazjf

The update worked great for me. no issue on Solus Plasma

Julien68

Harvey Thanks, it's working again

DinimixisDEMZ

GNOME can't record screen. 😢

JS ERROR: Error: Expected type utf8 for Argument 'argv' but got type 'null'
canScreencast@resource:///org/gnome/Shell/Screencast/js/screencastService.js:516:18

Harvey

DinimixisDEMZ

Cherry-picked gjs fix for gnome screencast (Thanks for patch goes to @alfisya)

Update again and you should be good.

VaSAMiAn

No problem here on Asus tuf dah F15 with Budgie

Pots

I did a fresh install this morning, and when I try to install Steam, I get this error message: The gst-plugins-base-32bit dependency of the Steam package is not satisfied.

Pots

Pots And I can't install it ...

Harvey

Pots

Cherry-picked fix for steam.

Update and try again

Xoph

All good on my two Plasma systems.