Week 23, 2026

EbonJaeger

Heya folks! It's sync day, and that means it's time for the weekly Solus roundup!

Our kernel packages have been updated this week. The mainline kernel is now at 7.0.11, and the LTS kernel is now at 6.18.34.

Our edk2 package has been updated and reworked to be more similar to AerynOS. The latest changelog can be found here. During this update, we took the opportunity to set FD_SIZE_4MB for EFI targets, previously 2MB. This means users should be able to run Windows 10/11 UEFI VMs without issue. Upstream also dropped support for the IA32 (i386) build target. Lastly, we've added support for RISC-V targets.

Important! User VMs will likely break as a result of this update without user intervention. You will have to rename the libvirt NVRAM directory and restart libvirt so it gets recreated. There was no way around this due to upstream limitations.

sudo mv /var/lib/libvirt/qemu/nvram /var/lib/libvirt/qemu/nvram.old-2mb
systemctl restart libvirtd.service

GNOME has been updated to 50.2. This is primarily a bugfix release for the GNOME 50 series. See all that changed here.

Krita has been updated to 6.0.2. Feature-wise, this is the same as the latest Krita 5, but runs on Qt6 instead of Qt5, which should greatly improve Krita's user experience on Wayland. Note that Krita 6 is technically still experimental software, so please report to us any bugs you encounter. We opted to use this version because a library Krita uses in the 5 series is now longer supported. See what's new here.

We've made some changes to our Lazarus package. The common files, such as lazbuild, are in the base lazarus package. Toolkit-specific GUIs will now be split into subpackages. Currently, the only one we build is lazarus-qt6.

We have some new packages in the repository this week. wild is a linker with the goal of being very fast for iterative development. 7zip has been added to replace p7zip, which has known security vulnerabilities. Lastly, HelixNotes is a local-first Markdown note-taking app that stores note in Markdown files that can be opened by other apps.

Security updates

As usual, we have a bunch of security updates this week. Make sure you install available updates to get the latest vulnerability fixes.

erlang was updated to 28.5.0.1-51 (@Jaredy899). Includes security fixes for CVE-2026-42789, CVE-2026-42790.
golang was updated to 1.26.4-143 (@HarveyDevel). Includes security fixes for CVE-2026-42504, CVE-2026-42507, CVE-2026-27145.
imagemagick was updated to 7.1.2.25-219 (@Jaredy899). Includes security fixes for GHSA-g22q-f7gc-5jhr, GHSA-px7q-ggqj-hcf2, GHSA-q62c-h75r-2xhc, GHSA-44cp-c3ww-9rv5, GHSA-j989-f892-2335, GHSA-p9rq-q46c-g4x6.
libjxl was updated to 0.11.2-10 (@EbonJaeger). Includes security fixes for CVE-2025-70103.
python-notebook was updated to 7.5.6-18 (@Jaredy899). Includes security fixes for CVE-2026-42557, CVE-2026-40171.
python-pyjwt was updated to 2.13.0-18 (@Jaredy899). Includes security fixes for CVE-2026-48525, CVE-2026-48524, CVE-2026-48526, CVE-2026-48523, CVE-2026-48522.
python-ujson was updated to 5.12.1-17 (@Jaredy899). Includes security fixes for CVE-2026-44660.
qemu was updated to 11.0.1-83 (@EbonJaeger, @silkeh). Includes security fixes for CVE-2026-41435, CVE-2026-6502, CVE-2026-8341, CVE-2026-41436, CVE-2026-41439, CVE-2026-41438, CVE-2026-41440, CVE-2026-41437.
qt6-webengine was updated to 6.11.1-80 (@HarveyDevel, @HarveyDevel, @HarveyDevel). Includes security fixes for CVE-2026-8535, CVE-2026-8549, CVE-2026-8567, CVE-2026-10011, CVE-2026-9999, CVE-2026-8534, CVE-2026-9877, CVE-2026-8539, CVE-2026-9875, CVE-2026-9997, CVE-2026-10003, CVE-2026-9881, CVE-2026-9882, CVE-2026-9996, CVE-2026-8530, CVE-2026-9893, CVE-2026-10009, CVE-2026-9115, CVE-2026-8544, CVE-2026-8545, CVE-2026-8526, CVE-2026-8543, CVE-2026-9111, CVE-2026-9885, CVE-2026-8560, CVE-2026-9890, CVE-2026-8532, CVE-2026-8523, CVE-2026-9891, CVE-2026-8581, CVE-2026-9892, CVE-2026-10016, CVE-2026-8582, CVE-2026-8569, CVE-2026-9124, CVE-2026-9887, CVE-2026-8579, CVE-2026-10007, CVE-2026-9879, CVE-2026-8571, CVE-2026-9889, CVE-2026-8538, CVE-2026-8558, CVE-2026-8573, CVE-2026-10004, CVE-2026-9126, CVE-2026-8017, CVE-2026-8524, CVE-2026-9880, CVE-2026-9112, CVE-2026-9118, CVE-2026-9876, CVE-2026-8584, CVE-2026-9873, CVE-2026-10002, CVE-2026-8542, CVE-2026-9122, CVE-2026-10006, CVE-2026-8533, CVE-2026-8578, CVE-2026-10008, CVE-2026-8537, CVE-2026-8525, CVE-2026-8529, CVE-2026-9998, CVE-2026-9995, CVE-2026-25210, CVE-2026-8585, CVE-2026-10013, CVE-2026-9872, CVE-2026-9878, CVE-2026-9883, CVE-2026-9119, CVE-2026-8577.
sshfs-fuse was updated to 3.7.6-12 (@EbonJaeger). Includes security fixes for CVE-2026-47187, CVE-2026-48711.
vifm was updated to 0.14.4-13 (@Jaredy899). Includes security fixes for CVE-2026-8997.

General updates

The full list of updated packages can be found here.

For the list of currently known issues, see the dedicated thread for it. If you begin experiencing a bug, please look for an issue on our issue tracker, and open a new one if one does not exist.

That’s all for this week, folks! We'll be here same time, same place next week for another roundup of the news!

Xoph

All good for me. New kernel all working fine on PLasma.

Happy to see HelixNotes made it in!!! I started using that a month ago (appimage) and have my notes folder in my sync folder. The nice thing is it stores everything in a hierarchical folder structure for sub-folders and notes and it is all in .md files which you can open in any markdown viewer/editor. There is also an Android app through fdroid. This makes me very happy. So much lighter on resources than Obsidian, but has the features I personally need.

totalmongobaer

All went fine and thank you for Gnome update and the new HelixNotes ! I have installed it and looks so good -like it very much! 🤩

banger

All good on my two Intel Plasma PCs. New kernel works.

JayC

Everything smoothly as always. Guess I need to try HelixNotes. Looks nice on the website. The one area I have not found an opensource app is notes. I have been using Obsidian, but too heavy and not open source.

KeysToAnUnusualWorld

My Solus sync went smoothly, same as it always does on my AMD Laptop!

spp71

All good gnome

BuzzPCSOS

Everything peachy on Plasma! Thanks again to Team Solus.

Lucien_Lachance

[✗] Updating manpages database failed
A copy of the command output follows:
Failed to start transient service unit: Unit mandb-trigger.service was already loaded or has a fragment file.

x 5

Harvey

Lucien_Lachance

You can ignore it. The way it used to work was every time the man page database needed to be updated the transaction would have to wait for it to finish before progressing.

This changed recently so it will now spin off another process to update the database in the background. No need to wait. The down side is if a man page database update gets triggered again before the first one is complete it will throw an error.

The database is still being updated. But even if it was broken 99.99% of users would never know. The man pages themselves do not need this database, it is only required by whatis and apropos, commands I bet most people don't know exist.

bubba66

The trusty Gnome box updated perfectly 😁

I've appointed the other two machines to another task for the time being, probably they'll be back on Solus at a future date 🤣

Thanks as always.

TraceyC

Harvey You can ignore it. The way it used to work was every time the man page database needed to be updated the transaction would have to wait for it to finish before progressing.

I've added this to the Known Issues for 4.9.

Phiqu

55 packages updated on my Xfce. No problems so far.

mkl

It works. Nothing suspicious.

Solarmass

No problem on Budgie x11.
helixnotes looks very good (and not electron app)

brent

Solarmass No problem on Budgie x11.

I thought once we volunteered as 10.10 testers there was no going back to 10.9 X11. Did I just imagine that? (anything is possible this year).

Wvpianoman

VM's broke, but there was a warning. Easy fix with reinstall as they are experimentals and not mission critical

As normal, solus works great.

Solarmass

brent I have not just one Budgie system 😛