Tumbleweed Monthly Update - September 2025
Software packages updating on openSUSE Tumbleweed hit a steady rhythm in September as snapshots were released almost daily. These updates delivered new features, performance improvements, and important security fixes for rolling release users.
GnuPG 2.5.12, file archiver 7-Zip 25.01, text editor Vim 9.1.1706 and Kernel Source 6.16.5 were just a few of the packages updated in the month’s snapshots.
The desktop experience was significantly enhanced with the arrival of GNOME 49 and Plasma 6.4.5. KDE Gear 25.08.1 brought widespread fixes to core applications. Other packages to update this month were QEMU 10.1.0, libvirt 11.6.0, tuned 2.26.0, GStreamer 1.26.6, Mesa 25.2.2 and more.
As always, be sure to roll back using snapper if any issues arise.
For more details on the change logs for the month, visit the openSUSE Factory mailing list.
New Features and Enhancements
GNOME 49: Several GNOME 49 packages were updated in Tumbleweed. Some of the changes include replacing Totem with Showtime as the new default video player and Evince with Papers for modern, feature-rich document viewing. The Calendar app is now fully keyboard-accessible and lets users export events. Web gains better ad blocking, OpenSearch integration, and site-specific menus. Remote desktop now supports multitouch and virtual monitors. New HDR wallpapers enhance visual fidelity, while lock screen media controls, Do Not Disturb in Quick Settings, and reboot/shutdown options improve usability. Two new apps join GNOME Circle; Mahjongg and Wordbook, a dictionary powered by WordNet.
KDE Gear 25.08.1: Dolphin now scrolls faster and avoids crashes when switching selection modes or creating folders, while also playing the trash-empty sound only when successful. KMail, Akregator, KAddressBook, KOrganizer, and PIM tools no longer show outdated “What’s New” screens on startup. Ark and KTorrent have been fixed to stop unnecessary notifications and excessive file writing, respectively. Text editor Kate has multiple crash fixes, especially in session handling and external tool integration, and now works better in Flatpak environments. Kdenlive sees significant stability improvements, which include fixes for crashes when deleting clips, applying effects, or opening projects. Itinerary improves flight and reservation handling, Konqueror works better on Wayland with corrected sidebar menus, and Okular now uses the correct default filename when signing PDFs. Other apps like Neochat, Tokodon, and KRDc fix link handling, image copying, and connection URL preservation.
Plasma 6.4.5: The Discover software center now correctly re-enables the Delete Settings button when reopening messages. Panel customization is smoother with better handling of the Esc key during editing, and folder views on the desktop no longer misplace icons when rearranging. System settings (KCMs) see various fixes, including proper font change notifications, improved notification configuration pages, and better focus behavior in the time zone selector. The KWin window manager improves display handling with better output identification using UUIDs with more reliable color management on Wayland.
KDE Frameworks 6.18.0: This KDE update ensures smoother performance across KDE applications like Dolphin, KMail, and Ark. The Breeze Icons theme has been cleaned up, removing outdated and non-standard icon sizes and third-party app icons to improve consistency. Core libraries such as KIO and KArchive see better handling of file operations, improve thumbnail loading in background threads, and enhanced security when processing malformed archive files. Kirigami, the framework for adaptive user interfaces used in apps like Itinerary and Plasma Mobile, fixes layout issues in navigation components and improves accessibility with better focus handling. Other updates include improved code quality checks across multiple frameworks, and bug fixes in KTextEditor.
OVMF edk2-stable202508: This update upgrades dependencies to OpenSSL 3.5.1 and Oniguruma 6.9.10, introduces Standalone MM support, and adds FF-A memory management with UUID-GUID conversion. Hardware and architecture support expands with ARM GICv5, RISC-V PEI booting, and improved exception handling. Legacy UGA support has been removed, and QEMU TLS and TPM2 handling are enhanced for stability. The release also brings numerous USB, SMM, and CPU hotplug fixes, better build system integration (including mingw-w64), and enables iSCSI boot by default for x64 OVMF.
tuned 2.26.0: This update adds support for MMC devices, improves hotplug handling, and enhances core calculation, variable inheritance, and logging for unsupported plugins. Power management profiles for this Daemon for monitoring and adaptive tuning now use med_power_with_dipm instead of min_power to prevent potential data loss while retaining energy savings. Additional refinements cover network latency tuning, scheduler performance detection, and sysfs monitoring.
7-Zip 25.01: This file archiver update improves security by changing how symbolic links are handled when extracting archives. Performance has been boosted as bzip2 compression speeds up by 15–40 percent and deflate (zip/gz) compression is slightly faster by 1–3 percent. Archive compatibility is enhanced with better support for ZIP, CPIO, and FAT formats. Security issues have been addressed, including fixes for incorrect handling of malformed RAR archives and crashes with certain malformed Compound File archives.
libvirt 11.6.0: This release introduces several new features, including a flag to compute baseline CPUs independent of the host, finer control over QEMU TLS priority strings, default disabling of deprecated CPU features for s390 domains and RBD namespace support for QEMU. Defaults for arm and RISC-V now use virtio-scsi instead of lsilogic. Other improvements include discard granularity settings, better NSS debugging, and relaxed TLS certificate requirements.
udisks2 2.10.91: This release improves storage management, including LUKS header backup, the ability to set labels when creating encrypted devices, and support for extra PBKDF options. Users can now use key files with BitLocker volumes, specify metadata versions for MD RAID, and take advantage of new Btrfs methods to get and set default subvolume IDs. Mount options have been expanded with new flags for ISO9660, f2fs, and ext3/ext4 filesystems.
polkit 126: With this release, actions can now be read from /etc/, /run/, and /usr/local/share, and a new LogControl1 protocol allows dynamic log level changes. Duktape simplifies dependencies and replaces mozjs. Translations were expanded to Slovenian and Hindi.
Key Package Updates
GnuPG 2.5.12: This update adds new flexibility and fixes across GnuPG. Keys sent to LDAP servers are now refreshed beforehand unless disabled with a new option, and a new --[no-]auto-key-upload setting controls automatic uploads. Compression handling has been improved by disabling default compression for 7z input. Support for Kyber variants in --edit-key:addkey has been added, and regressions with composite PQC and ECC algorithms have been fixed.
Vim 9.1.1706: This update resolves issues with buffer overruns, null dereferences, and incorrect popup window behavior. The tutor has been expanded with new sections on text objects and special registers, while outdated translations and docs were refreshed for clarity. Completion logic, command handling, and test coverage have also been refined.
Mesa 25.2.2: This release brings key updates and cleanup across the graphics stack. Legacy components were dropped, along with related packages such as Mesa-gallium, Mesa-libd3d, Mesa-libOpenCL, and libxatracker, reflecting a shift toward modern APIs and drivers. The update includes refreshed Rust crates for NVK, improved build requirements, and fixes for crate checksum mismatches.
sudo 1.9.17p2: This update fixes a rare issue that could cause sudo to send SIGHUP to all system processes when running commands in pseudo-terminals. Another fix addresses crashes when using the intercept and intercept_verify options with very large arguments or environment variables on Linux systems supporting ptrace_readv_string(). The configure script now properly supports mdoc man pages on systems without mandoc. Additionally, permission defaults for /usr/etc/sudoers have been corrected.
Postfix 3.10.4: This release fixes long-standing issues in postscreen, including socket errors after process restarts and cache lock problems that could block new processes. TLS handling is more robust with corrected legacy parameter support and prevention of null pointer crashes in tlsproxy. The update reduces unnecessary process restarts when database files change, removes obsolete OpenSSL engine dependencies, and cleans up TLS reporting by ignoring messages explicitly marked as not requiring encryption.
GStreamer 1.26.6: This update provides a more robust closed caption processing, decodebin3 tag handling, HLS directive parsing, and fallbacksrc shutdown behavior. Hardware and format support expands with V4L2 support for WVC1/WMV3, Vulkan decoder fixes, and updated Spotify integration via [librespot[(https://docs.rs/crate/librespot/latest) 0.7. New threadshare elements improve synchronization and performance, while videorate gains efficiency in drop-only mode.
fwupd 2.0.14, 2.0.15 and 2.0.16: The 2.0.15 update now supports Foxconn SDX61 modems, Jabra Evolve2 child devices, and NVIDIA ConnectX-6/7/8 NICs. Child devices can also inherit parent naming prefixes for clearer identification. Several bugs were fixed, including firmware reporting without --force, Firehose modem erasure, Goodix device enumeration, and handling versioning for BnR MTD hardware. The 2.0.14 update introduces greater flexibility by allowing firmware updates to ignore network connectivity requirements, UEFI capsule devices to opt out of Capsule-on-Disk, and plugins to access firmware versions during updates. Numerous fixes improve reliability, including better handling of modem devices, Lexar NVMe versioning, Synaptics RMI initialization, UF2 parsing, and ThunderBolt retimer detection. Newer hardware support expands fwupd’s reach across modern systems and peripherals.
Kernel Source 6.16.5, 6.16.6, 6.16.7, 6.16.8: The 6.16.8 update delivers broad stability and security fixes across filesystems, networking, and drivers. Btrfs resolves quota statistic leaks and subvolume deletion races, while NFS and NFSv4.2 improve serialization of O_DIRECT operations and capability handling. The 6.16.7 update adds mitigation for the newly documented vulnerability (CVE-2025-40300), extending protection to older Intel CPUs, enabling conditional IBPB, and warning when STIBP is disabled with SMT. The tar-up utility has been modernized by switching to the standard tar command, ensuring consistent ownership, sorting, and compatibility with Tumbleweed. The 6.16.6 update sees multiple race condition fixes for Btrfs to improve inode logging reliability, while audio and USB support is refined with codec fixes and better handling for Focusrite devices. Networking and wireless drivers receive extensive patches for cfg80211, iwlwifi, brcmfmac, and mt76 chipsets, addressing use-after-free bugs, race conditions, and scan stability. The 6.16.5 update addresses memory leaks, race conditions, and use-after-free bugs in device trees, networking, tracing, and I/O handling. Enhancements include better SMB client reliability under concurrent access, improved audio codec controls, fixes for HID and Intel quicki2c drivers, and refined io_uring worker management. Graphics drivers for MSM and Mediatek gain stability updates, while Bluetooth handling of disconnections and packet tracking is made more robust.
SELinux Policy 20250909: This update refines SELinux rules to improve compatibility with common services and system components. GDM can now create password lock files and bind sockets in the systemd userdbd directory, while nsswitch domains are permitted to connect to XDM over Unix sockets. Additional updates enable gnome-remote-desktop communication with tabrmd, nm-dispatcher plugins to read pidfs attributes, and chronyc to use setgid/setuid.
SETools 4.6.0: The seinfo tool can now display roles allowed for a given type, and a new sechecker module ensures kernel modules remain read-only. Support for the nlmsg extended permission has also been introduced. Behind the scenes, the codebase has been modernized with improved quality checks, expanded unit testing, and removal of deprecated methods. Packaging has been updated to use pyproject.toml with refined dependency handling and automated test execution during builds.
QEMU 10.1.0: VFIO now supports passthrough for SEV-SNP and TDX guests, while migration gains multifd post-copy acceleration, optimized pre-copy, and IPv6 RDMA support. The QEMU guest agent can query Windows VM load with a new command. Architecture updates include new ARM CPU features and boards, nested virtualization and CXL on the ARM virt board, LoongArch in-kernel irqchip, RISC-V ISA extensions and Kunminghu CPU support, and endian selection for Microblaze. Numerous fixes and deprecations are included.
CUPS 2.4.14: This update for printing patches two vulnerabilities: an authentication bypass with AuthType Negotiate (CVE-2025-58060) and a null dereference leading to remote DoS (CVE-2025-58364). It also introduced a new print-as-raster attribute, allowing jobs to be forced into raster format to work around printer firmware PDF issues. Additional improvements address job cleanup after restarts, subscription handling, IPP/PPD option parsing, memory leaks, and scheduler event reporting. Version 2.4.14 follows with a hotfix ensuring proper installation of localized templates and CUPS web UI pages, improving overall reliability.
Security Updates
Kernel Source 6.16.7:
CVE-2025-40300: A vulnerability in the Linux kernel’s virtualization layer could allow data from restricted memory to leak into user processes, potentially exposing sensitive information.
CVE-2025-8194: A HIGH-severity DoS in Python’s tarfile module where crafted tar archives with negative offsets can cause infinite loops or deadlocks.
Mesa 25.2.2:
CVE-2023-45913: A flaw with graphics drivers could cause crashes when the display system sends unexpected signals while handling windows and lead to application instability or denial of service.
CUPS 2.4.14:
CVE-2025-58060: In CUPS (the printing system), when authentication is configured to something other than “Basic”, the system may ignore a “Basic” auth header and skip password validation entirely — allowing anyone to bypass authentication.
CVE-2025-58364: In CUPS,unsafe handling and validation of printer configuration data can lead to a null pointer error, crashing the printing service across the local network (denial of service).
Xen 4.20.1_04:
CVE-2025-27466: A NULL pointer dereference fllaw may occur when updating a timer reference area, potentially crashing the hypervisor or guest environment.
CVE-2025-58142: A variant of the above issue assuming a synthetic timer page is always mapped can lead to a NULL pointer dereference when delivering a timer message, causing instability.
CVE-2025-58143: A race condition could let a guest trigger freeing of memory still in use, leading to information leaks or memory corruption.
CVE-2025-57807: A flaw with the package on 64-bit systems could cause the program to write data outside safe memory areas, leading to crashes or possible code execution by attackers.
libssh 0.11.3:
CVE-2025-8114: A NULL pointer dereference allowing an attacker to crash the client or server.
CVE-2025-8277: A memory flaw not freed properly allowing gradual memory exhaustion and potential crashes.
7zip 25.01:
CVE-2025-53816: Heap buffer overflow in 7-Zip’s RAR5 handler caused by writing zeroes outside the allocated heap buffer, leading to memory corruption and DoS.
CVE-2025-53817: A related security issue in 7-Zip (same package as CVE-2025-53816), also addressed in SUSE’s 7zip update.
libqt5-qtwebengine 5.15.19:
CVE-2024-10229: Security issue in **libQt5Pdf addressed in SUSE’s updates.
CVE-2024-10827: Another vulnerability in **libQt5Pdf fixed in SUSE’s maintenance release.
CVE-2024-12694: Yet another libQt5Pdf vulnerability included in the same SUSE security update.
CVE-2025-0436: Also listed among libQt5Pdf issues in SUSE’s security advisory.
CVE-2024-11477: Included in SUSE’s security fix for libQt5Pdf.
CVE-2025-0996: A spoofing vulnerability in Chrome’s Browser UI (Omnibox) on Android allowed a crafted HTML page to manipulate the URL bar.
CVE-2025-1426: A heap buffer overflow in GPU (as per your summary) included in SUSE’s libQt5Pdf security advisory.
tiff:
CVE-2025-8961: A flaw in the tool could let a local user corrupt memory, potentially causing crashes or instability.
Expat 2.7.2:
CVE-2025-59375: A vulnerability where a small, specially crafted document can force the parser to allocate very large amounts of memory—potentially causing a crash or denial of service.
Mozilla Firefox 143.0:
CVE-2025-10527: A use-after-free bug in Firefox’s Canvas2D graphics component that could allow code inside the sandbox to break out and run malicious actions.
CVE-2025-10528: An invalid pointer/undefined behavior issue in the same graphics area (Canvas2D) that could similarly lead to sandbox escape.
CVE-2025-10529: A weakness in browser layout code letting a page violate same-origin restrictions (i.e. read or affect data from another origin) under certain conditions.
CVE-2025-10530: A spoofing issue in the WebAuthn (web authentication) component of Firefox for Android; attacker can trick UI or credentials behavior.
CVE-2025-10531: A bypass of mitigation controls in the Web Compatibility / tooling side, potentially letting some protections be skipped.
CVE-2025-10532: An error in JavaScript’s garbage collection boundaries that may lead to out-of-bounds memory access or corruption.
CVE-2025-10533: An integer overflow bug in the SVG component that under specific inputs could lead to memory corruption.
CVE-2025-10534: A spoofing issue in the site permissions UI where it might trick the UI into showing misleading permission status.
CVE-2025-10535: Information disclosure / mitigation bypass in Firefox for Android’s privacy component, possibly leaking data.
CVE-2025-10536: A flaw in caching / networking logic allowing unintended data exposure.
CVE-2025-10537: A set of memory-safety bugs (across various components) that could lead to memory corruption or arbitrary code execution.
Users are advised to update to the latest versions to mitigate these vulnerabilities.
Conclusion
September 2025 was a robust month for openSUSE Tumbleweed. From major desktop improvements in GNOME 49 and KDE Gear 25.08.1 to critical under-the-hood upgrades in the Linux kernel, QEMU and others. This month’s updates underscore Tumbleweed’s commitment to delivering a reliable, well tested rolling-release. Users are encouraged to update promptly to take full advantage of these improvements.
Slowroll Arrivals
Please note that these updates also apply to Slowroll and arrive between an average of 5 to 10 days after being released in Tumbleweed snapshot. This monthly approach has been consistent for many months, ensuring stability and timely enhancements for users. Updated packages for Slowroll are regularly published in emails on openSUSE Factory mailing list.
Contributing to openSUSE Tumbleweed
Stay updated with the latest snapshots by subscribing to the openSUSE Factory mailing list. For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.
Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.
Member
CzPAsztropapucs debut single
The Hungarian band Asztropapucs has a special place in my heart. I have known these musicians for a long time, some of them even before they formed the band. Like almost everyone else, they started out playing cover songs years ago. Recently, however, they started writing their own songs. I have seen them perform at various concerts. They practiced regularly, and their hard work has led to continuous improvement. This weekend, they published their first song on several streaming services: “Maja” I’ve listened to it many times, and I recommend you do the same. :-)
TIDAL: https://tidal.com/album/460285061
Tumbleweed – Review of the week 2025/39
Dear Tumbleweed users and hackers,
The week of the desktop is extending from last week into this one. GNOME 49 has been checked in to Factory and is nearing completion. It still requires a bit of patience from your side to get there. While you are waiting for GNOME 49, we have delivered five snapshots (0918, 0919, 0920, 0922, and 0923) to bridge the time until then.
The most relevant changes in those snapshots were:
- cups 2.4.14
- openSSL 3.5.3
- Mozilla Firefox 143.0 & 143.0.1
- gdbm 1.26
- texinfo 7.2
- expat 2.7.2
- Linux kernel 6.16.8
Looking into the crystal ball – or rather staging, which gives slightly better results – we can foresee these changes reaching you anytime soon:
- GNOME 49: Upgraders might run into an issue with dynamic user generation. The issue does not originate from GNOME, but rather /etc/nsswitch.conf not having nss-systemd registered for passwd/group and shadow. See https://bugzilla.opensuse.org/show_bug.cgi?id=1250513 if you are affected, and a workaround. We are looking into ways to fix this automatically
- coreutils 9.8
- Meson 1.9.1
- Poppler 25.09.1
- openexr 3.4.0
- Boost 1.89
- cURL 8.16.0
- Linux kernel 6.16.9
openQA Gains AI-Friendly Interface
Members of the openSUSE Project have advanced automated testing with the integration of Model Context Protocol (MCP) into the project’s openQA framework.
This marks a pivotal step toward embedding Artificial Intelligence into its open-source software development workflows.
“The initial release will begin with three MCP tools, and the feature will grow over time based on user feedback,” wrote Sebastian Riedel on a blog announcing the MCP support. “This will be primarily used by SUSE QE engineers and members of the openSUSE community, who spend a lot of time reviewing test results and tracking down reasons for why automated tests have failed.”
MCP standardizes how AI models access external tools and data through Application Programming Interfaces (APIs), which enables large language models to interact with web services like openQA and others.
The update means that AI assistants can query openQA directly to review test results and generate summaries of job runs. For example, a request to summarize job 5324207 returned details about a failed ARM-based Tumbleweed test, while job 5265754 showed a passed x86_64 networking suite with only minor skips.
MCP support in openQA is currently limited to read-only access, letting AI tools collect information without making changes. Future updates may enable write operations, though those would require additional security settings and control methods. Most MCP clients today support bearer token authentication, so that is what openQA relies on as well.
Project maintainers say MCP support is still considered experimental and must be manually enabled in openqa.ini. Still, the integration highlights a step forward for blending AI with automated testing.
For openSUSE, it signals new opportunities for contributors, testers and developers to harness AI in monitoring and improving the distribution’s quality.
The integration of MCP into openQA positions open-source projects like openSUSE to lead in the emerging AI ecosystem. This approach helps maintain open standards while enabling interoperability in complex technology environments. Proprietary approaches risk vendor lock-in and lack transparency and standardization. Open-source solutions instead provide secure, context-aware interactions between AI and existing tools and give organizations access to a growing collaborative network.
The integration of MCP support into openQA is a key milestone for the Project as it enables open, intelligent and automated testing workflows that directly query test results. This should further enhance DevOps efficiency and reduce manual effort. Improved automation across infrastructure like openSUSE Build Service and openSUSE’s Bugzilla, which are expected to integrate MCP into future workflows, should increase productivity, contribution efforts and efficiency.
This MCP feature is now live for all users at openqa.opensuse.org and openSUSE demonstrates how open collaboration drives progress in open-source software.
syslog-ng 4.10.0 released
Version 4.10.0 of syslog-ng is now available. Among others it adds:
- support for file size based logrotation
- a filter that test if a value is blank
- updated MongoDB driver support
For more details check the syslog-ng release notes at https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.10.0
This release fixes several bugs introduced in syslog-ng version 4.9.0, which is the syslog-ng version available in openSUSE Leap 16.0 and Fedora 43. It’s feature freeze (and thus package version freeze) for both distros, but do not worry: bug fixes are back ported.
syslog-ng logo
Introducing Release Monitoring in OBS
Planet News Roundup
This is a roundup of articles from the openSUSE community listed on planet.opensuse.org.
The below featured highlights listed on the community’s blog feed aggregator are from September 13 to 19. The week’s Planet highlights Plasma 6.5 beta, OBS’s revamped workflow with diff comments, SecureHome testing, syslog-ng nightlies, Tumbleweed updates, the Open Developers Summit CFP, and more.
Here is a summary and links for each post:
Cursor Eyes Widget – Visual Plasmoids for Plasma 6.21
KDE Blog introduces a playful widget for Plasma 6.21 that tracks your cursor with animated eyes. This small but fun addition adds another layer of desktop personalization for Plasma users.
SecureHome Packages for openSUSE Tumbleweed
A new security solution called SecureHome, currently in development, aims to better protect home directories using FUSE. Packages are available for openSUSE Tumbleweed, but users are warned of major stability issues and advised to test only in virtual machines.
Nightly syslog-ng RPM Packages for RHEL & Co
Users of RHEL and related distributions can now access nightly builds of syslog-ng directly from the syslog-ng team, replacing the author’s previous weekly snapshots. These packages are intended for testing purposes.
The New Request Workflow in Detail
The Open Build Service (OBS) has rolled out its redesigned request workflow interface to all users. The update organizes information into distinct tabs (Conversation, Build Results, Changes, Mentioned Issues) to improve collaboration and navigation when working on software requests.
A Better Way to Discuss Code: Diff Comments
Building on the new OBS interface, the Changes tab now supports adding comments directly on specific lines of code diffs. This feature streamlines code reviews by keeping discussions tied to the relevant code sections.
HDR Wallpapers
GNOME 49 introduces a refreshed set of default wallpapers, taking advantage of HDR capabilities with wider color gamuts and higher precision. The update focuses on providing subtle, calm visuals rather than high-contrast spectacle.
Check if Your Password Has Been Compromised
CubicleNate highlights tools like HaveIBeenPwned to check if your email or password has appeared in data breaches, and PasswordMonster to estimate how long it would take to crack a password. The article emphasizes the importance of strong, unique passwords and password managers.
Submit a Talk for Open Developers Summit in Prague
The openSUSE community will host an Open Developers Summit on April 23, 2026, in Prague, coinciding with SUSECON. The event is calling for 15-minute or 30-minute talk proposals focused on open-source software and technologies until February 14, 2026.
Play Videos or Music Using SSH
Victorhck demonstrates how to use command-line tools like mpv and ffplay with SSH/SFTP URLs to stream and play multimedia files stored on a remote machine within your local network, eliminating the need to copy files locally.
Plasma 6.5 Beta Released
The first beta for KDE Plasma 6.5 is available for testing. Key improvements include a new KISS initial setup assistant, scrollable desktop panels, HDR tone mapping enhancements, visual refinements, automatic theme switching, and various performance and accessibility updates.
Slimbook News September 2025
Slimbook announces updates to three popular laptop models: the EVO now features the AMD Ryzen AI 9 365 processor, the Manjaro III gets refreshed, and the ELEMENTAL upgrades to the Intel Core 5 120U CPU, aiming to offer powerful and compatible Linux hardware.
Software Freedom Day 2025 in Barcelona
Caliu organizes the Software Freedom Day event in Barcelona on September 20, 2025, at Espai Jove La Fontana. The event will feature talks on KDE, secure messaging with Delta Chat, and the current state of free software.
openSUSE Tumbleweed Review of the Week 2025/38
This week’s Tumbleweed snapshots brought significant updates, particularly for KDE (Gear 25.08.1, Plasma 6.4.5, Frameworks 6.18.0), along with updates to fwupd, the Linux kernel, polkit, systemd, pipewire, and more. GNOME 49 updates are expected soon.
Software libre para la vuelta al cole: charla y taller – nuevo evento organizado por GNU/Linux València
GNU/Linux València invites the community to a talk and workshop on September 26 at 18:30 focused on free software tools for the educational environment, helping users start the school year more freely and productively.
View more blogs or learn to publish your own on planet.opensuse.org.
Tumbleweed – Review of the week 2025/38
Dear Tumbleweed users and hackers,
When reviewing the content of the six snapshots (0911, 0912, 0914, 0915, 0916, and 0917) released during week 38, it becomes apparent that this was ‘the week of the KDE desktop’. But don’t fear, GNOME Friends, you shall be served soon, too.
The most relevant changes published during the last week were:
- KDE Gear 25.08.1
- KDE Plasma 6.4.5
- KDE Frameworks 6.18.0
- fwupd 2.0.15 & 2.0.16
- Linux kernel 6.16.6 & 6.16.7
- polkit 126
- systemd 257.9
- SETools 4.6.0
- pipewire 1.4.8
- sudo 1.9.17p2
- GStreamer 1.26.6
- LLVM21 is now used by default
- qemu 10.1.0
- Java 25 openJDK
The testing area is filled with these changes, hopefully reaching you soon:
- openSSL 3.5.3
- Mozilla Firefox 143.0
- Boost 1.89 requires some more help, see tracking bug https://bugzilla.opensuse.org/show_bug.cgi?id=1249599
- GNOME 49: working out some build cycle, but submissions should be piled up and be ready soon
Submit a Talk for Open Developers Summit in Prague
The openSUSE community will have an Open Developers Summit on April 23, 2026, in Prague, Czech Republic.
The summit will be on the last day of SUSECON, which is April 21 - 23, 2026. Members of the project invite partners of SUSE, openSUSE contributors, open-source community projects and enthusiasts to take part.
Organizers are calling for proposals from those interested in presenting at the one-day event.
The call for papers is open until Feb. 14, 2026.
Two talks formats will be available:
- Short Talk: 15 minutes
- Standard Talk: 30 minutes
Accepted talks will highlight open-source software, operating systems, new technologies, cloud, infrastructure, edge, IoT, AI, data, toolchains, security, DevOps, hardware, performance and more.
Those who are interested in sponsoring the event can email Douglas DeMaio at ddemaio@opensuse.org. A prospectus for the event is available for companies who would like to help sponsor the open-source community.
The program schedule is expected to be released in March 2026. More details are available at events.opensuse.org.