deepin Community Monthly Report for April 2026

I. April Community Data Overview

II. Community Products

deepin 25.1 Image Officially Released: AI-Powered, Silky Smooth Experience
In April, deepin welcomed a major version update – the official release of the deepin 25.1 image. This version accumulates results from multiple internal testing rounds, delivering comprehensive upgrades in AI capabilities, kernel performance, and desktop experience:

• Major Evolution of UOS AI
  The writing agent has been completely restructured, supporting "outline-first" mode and multi‑format export. The system‑level Claw mode is now available, allowing the AI to automatically control the computer and execute cross‑application tasks via natural language commands. Native integration with Feishu, DingTalk, QQ and other IMs means that after authorization, the AI can collect information and generate document summaries on your behalf. The Skill Center is open and compatible with the OpenClaw ecosystem.

• Kernel Upgraded to 6.18
  The kernel leaps from version 6.12 to 6.18, introducing a new memory allocation mechanism and the BORE scheduler, significantly improving desktop and gaming smoothness. File system read/write speeds are greatly increased, USB audio power‑saving features are added, and the potential of new hardware such as Intel APX is deeply unleashed.

• File Manager & Desktop Experience Optimizations
  Support for pinned tabs, drag‑to‑zoom in image previews, and improved file grouping visuals. The taskbar supports splitting icons for multiple windows, the Control Center adds mouse pointer size adjustment, and multi‑screen and touch gestures are further refined.

Highlights of the Month: Kernel 6.18 upgrade / System‑level Claw mode / File Manager efficiency improvements

---

Rapid Security Response: Two High‑Risk Vulnerabilities Fixed Within 24 Hours
In April, deepin 25.1 pushed multiple security and quality updates, demonstrating extremely fast emergency response capabilities when faced with sudden high‑risk vulnerabilities:

• April 13: Merged 17 security vulnerability fixes, covering historical legacy risks.

• April 20: Fixed excessively long sudo response times in the terminal, and audio / touchpad anomalies on some laptops; also patched known CVEs.

• April 23: Emergency fix for the "Pack2TheRoot" high‑risk vulnerability (CVE-2026-41651), which could allow unauthorised users to gain root privileges. The team completed monitoring, patching, testing, and distribution within 24 hours.

• April 30: Rapid fix for the "Copy Fail" local privilege escalation vulnerability (CVE-2026-31431), which exists in the Linux kernel cryptography subsystem and could be exploited by attackers to obtain root privileges. The team completed the fix and pushed the update within 24 hours of discovery. Users on the 6.18 kernel can upgrade immediately; the fix for the 6.6 kernel version is complete and will be pushed later.

These two rapid responses to high‑risk vulnerabilities fully demonstrate deepin’s strong commitment to user system security.

Security Highlights: Pack2TheRoot & Copy Fail – both fixed within 24 hours / Multiple regular CVE fixes

---

deepin 25 WSL Offline Installation Support: Seamless Linux Experience on Windows
To meet the needs of Windows users who want to use deepin conveniently, the community officially introduces the deepin 25 WSL version, which supports completely offline installation:

• Installation Method: Users only need to download the .wsl installation package and double‑click to complete the quick installation and deployment – no network connection is required, greatly lowering the entry barrier.

• Environment Compatibility: Supports Windows 10/11, provides both AMD64 and ARM64 architectures. Users who already have deepin 23 WSL installed can run it side‑by‑side.

• Community Contribution: Special thanks to community user @KuongLienHua for providing WSL image technical support.

---

Deepin Home & Forum
In April, a total of 173 user bug reports and feature requests were received through channels such as Deepin Home and the Forum, including:

• Bug Reports: 143 total; 12 resolved, 38 replied to, 63 pending.

• Feature Requests: 30 total; 4 included in version planning, 16 added to the requirements pool, 4 rejected.

III. Community SIG

deepin-kernel SIG:

• Updated the 6.6 and 6.18 kernel branches to the latest minor versions (6.6.135 and 6.18.25), merging over 2100 patches, and synchronously fixed the core security vulnerability Copy Fail (CVE-2026-31431).

• Updated the BORE scheduler patch to version 6.6.3 in the 6.18 kernel branch, solving smoothness issues for interactive applications under high load. Enabled support for multiple zram compression formats. Enabled dmabuf heap to support user‑space camera drivers (also synchronised to the 6.6 branch).

• Architecture & Hardware Support Expansion: Added support for Guangrongtong network cards and the yogafan fan monitoring driver in both 6.6 and 6.18 branches. The 6.18 branch added pantherlake idle driver support, ARM64 end‑to‑end NVMe CRC acceleration, RISC-V string API acceleration, and support for printing AMD AGESA BIOS firmware version numbers.

• Domestic Platform Adaptation & Optimisation: For LoongArch platforms, fixed DMA errors on discrete graphics cards on the 3A6000 platform, restricted a specific touchpad driver to build only on that platform, and added support for the appcompat driver compatibility module. Updated Hygon embedded model 18h patches. Merged peripheral fix patches for chips from CIX and Phytium (codec I2S, etc.).

deepin-sysdev-team:
This month, a total of 210 PRs were processed and merged, focusing on foundational environment upgrades and system hardening:

• Security Vulnerability Fixes: Completed 27 CVE security fixes, including CopyFail (CVE-2026-31431), Pack2TheRoot (CVE-2026-41651), OpenSSL cryptographic library patch updates, and vulnerability fixes for critical network services such as nginx, curl, and openssh.

• Package Updates: Completed 89 system package upgrades, covering development toolchains (GCC-12 general sync update, Binutils architecture integration), system‑level libraries (GLIBC, Zlib), and frequently used application components (Python 3.12.13, Vim, Ansible, Wireshark, etc.).

• System Defect Handling: Completed 45 bug fixes, including system service‑level fixes such as systemd NSS load order and PolicyKit authentication recovery, thoroughly resolving some parallel build race conditions, and fine‑tuning the volume algorithm in the sound system. Additionally added enhanced support such as GVFS SFTP file/directory monitoring.

DDE SIG:

• Taskbar:

  • Fixed visual anomalies such as inaccurate application active state indicators, tray icons not being centered, and icon size not resetting after the activation animation.

  • Resolved potential crash risks in extreme edge‑case scenarios.

  • Improved touch operation experience and compatibility with the Treeland environment.

• Launcher:

  • Fine‑tuned the global appearance.

  • Fixed an issue where using the first letter or category view in small window mode could cause blank areas in the application list.

• Control Center:

  • Optimised Bluetooth option loading speed and the click trigger area for time range controls.

  • Significantly simplified the plugin loading process.

  • Fixed an issue where window size was not properly restored after maximising, and a logical flaw where the process did not actually exit after closing the window.

  • Added a visibility configuration parameter for the cancel button in the Bluetooth pairing pop‑up.

• Low‑level Compatibility: Further improved compatibility handling for application desktop files that do not conform to freedesktop standards.

dde-port SIG:

• Improved cross‑platform portability of dual DTK versions.

• Improved compatibility issues with translation tool path lookups during the build process of multiple deepin applications.

• Continuous investigation and fixing of various cross‑distribution porting details.

deepin-ports SIG:

• RVA23 Repository Construction: Completed the upgrade of Rust to 1.82 and synchronous upgrades of Mesa 26 and core dependencies (Meson, Vulkan, libdrm). Builds for all four major architectures are complete, and a test repository has been published for developer validation.

• Key Device Adaptation: The SpacemiT K3 platform is progressing steadily; close collaboration with the vendor is ongoing to formulate the GPU adaptation solution, and kernel support is being updated from upstream. For Radxa development boards, updated the A733 kernel – subsequent system images will support both A7A and A733 specifications.

• Community Event Participation: Participated in the Wuhan RISC-V Meetup, sharing RVA23 repository technical progress and the board “roaming” plan with developers.

For more details, please refer to the weekly reports provided by the group’s blog: deepin-ports SIG | Blog

deepin-translation SIG:

• Timely follow‑up and correction of translation errors reported by community users for various languages.

• Continuous updates of system text translations for multiple languages, including Spanish, Japanese, Italian, German, Arabic, Ukrainian, French, Indonesian, and Russian.

If you wish to contribute to deepin R&D, you are welcome to join the following groups and discuss with other contributors:

• You're invited to talk on Matrix

• https://t.me/deepin_community

IV. Community Ecosystem

The App Store recently completed nearly 721 application review and testing cycles, promoting the listing of 579 applications, of which 433 are brand‑new applications. WeChat completed a security upgrade; mainstream applications such as QQ and WPS underwent issue fixes and version iterations. Several Linglong applications, including Firefox, Audacity, Obsidian, and Chrome, were synchronised with upstream version updates. The self‑developed browser added local encrypted backup before cloud sync for bookmarks, fixed language display anomalies and several known bugs, further improving the overall user experience.

The Ecological Co‑construction Group steadily advanced application adaptation work. A total of 15 developers from the group enthusiastically participated in ecological construction. They maintained a total of 103 applications in various forms, including 77 deb open‑source applications, 20 Linglong applications, and 6 Wine applications. We extend our sincere thanks to all the friends who contributed to the deepin ecosystem. We invite more partners to submit high‑quality applications through the deepin community, working together to build an open and diverse community application ecosystem.