Learn more about deepin on DistroWatch: https://distrowatch.com/table.php?distribution=deepin

I. May Community Data Overview

II. Community Products

1. UOS AI 3.0

In May, UOS AI was officially upgraded, transforming from a “ask-and-leave” dialog box into a system‑level “hardcore co‑pilot”, achieving breakthroughs in several core capabilities:

  • Native system intelligence
    Leveraging MCP capabilities and extensive Skill support, the operational chain between deepin system and applications is now fully connected. With a single‑sentence command (e.g., “Download WeChat” or “Turn on Do Not Disturb mode”), XiaoU (Little U) completes the operation via native system control cards – new users never get lost, and veterans double their efficiency.

  • Cross‑application handoff: AI as the “foreman”
    Faced with sequential tasks, XiaoU acts as a “foreman”, automatically decomposing and planning. Supports cross‑software collaborative reading, calculation, and layout – users only need to issue a command, and the AI autonomously orchestrates Excel, charts, Word and other applications for multi‑threaded parallel processing.

  • Cross‑device coordination: control your computer from your phone
    Relying on the native Claw mode, interface‑level integration is achieved with major domestic and international IM platforms such as Feishu, DingTalk, and Telegram, with graphical one‑click configuration. Left your computer at work and your boss suddenly asks for a report? Just send a command from your phone – the computer automatically completes the task and sends the result directly back to your phone.

  • Vibe Coding
    Extended to over 9,000 MCP capabilities and 12,000+ Skills. When existing tools cannot meet a need, XiaoU can write code in real time to create a solution – truly achieving “action over words”.

2. deepin 25 Security Updates

High‑risk vulnerabilities urgently fixed to safeguard system security

In May, the deepin security team urgently responded to several high‑risk kernel vulnerabilities and quickly pushed fixes:

Dirty Frag local privilege escalation vulnerability fixes (CVE‑2026‑43284, CVE‑2026‑43500)
These vulnerabilities are similar variants of Copy Fail. Attackers who have already obtained local low‑privilege execution conditions could exploit them to modify the page cache of read‑only files, further escalate privileges and gain root access. Exploit code has been publicly circulated. The security team responded rapidly, and fixes have been pushed for both the 6.6 and 6.18 kernels.

No new version of deepin 25 was released this month. The team focused primarily on the development and integration testing preparation for deepin 25.1.1.

3. deepin 23 Security Updates

Emergency fixes for high‑risk vulnerabilities (Copy Fail & Dirty Frag)
Given the severity and potentially widespread impact of these vulnerabilities, although deepin 23 has reached end‑of‑life, the team made an exception and submitted manual kernel fix packages for these two vulnerabilities to the software repository. Both the 6.6 and 6.12 kernel branches are supported, covering amd64, arm64, and loong64 architectures.

⚠️ Security reminder: All users are strongly advised to upgrade their systems as soon as possible. deepin 23 users can refer to the manual upgrade guide to complete the kernel update. For long‑term security, we recommend upgrading to deepin 25.

4. deepin Home & Forum

In May, a total of 135 user bug reports and feature requests were received through channels such as deepin Home and the Forum, including:

  • Bug reports: 86 total; 9 resolved, 33 replied to, 34 pending.

  • Feature requests: 49 total; 8 included in version planning, 32 added to the requirements pool, 7 rejected.

III. Community SIG

deepin‑kernel SIG

Kernel version updates

  • Updated minor versions 6.18.25–6.18.30 with a total of 1140 patches, merged several additional bug fixes (e.g., r8152 network card fix), and fixed security vulnerabilities such as Copy Fail.

  • Updated minor versions 6.6.135–6.6.140 with a total of 657 patches, fixing security vulnerabilities including Copy Fail.

  • Updated minor versions 6.12.74–6.12.89 and other bug fixes with a total of 2880 patches, fixing all known security vulnerabilities.

Hardware support enhancements

  • Merged the new v2.0.1.2 version of the persistent RAID card driver submitted by the vendor.

  • Merged support for the Zhaoxin KX‑8000 CPU temperature detection driver into the 6.6 kernel branch.

  • Merged Zhaoxin KH‑50000 CPU multi‑socket pinctrl support into the 6.6 kernel branch.

  • Merged additional Zhaoxin bridge chip audio support and SATA LED reference count fixes into the 6.6 kernel branch.

  • Merged support for Zhaoxin and BaiAo under the ACPI‑APEI‑GHES driver into the 6.6 kernel branch.

  • Merged support for memory error and microarchitecture error detection on KH‑50000 and others via the Zhaoxin EFI standard error record interface into the 6.6 kernel branch.

  • Merged a patch into the 6.6 kernel branch to disable CPU parallel initialisation during Zhaoxin microcode updates.

  • Merged additional device support for the Hygon PWM driver into the 6.6 kernel branch.

Performance optimisations and feature enhancements

  • Merged an upstream patch into the 6.18 kernel branch to support the work queue affinity level WQ_AFFN_CACHE_SHARD for improved performance.

  • Merged an upstream patch into the 6.18 kernel branch to preferentially select sibling idle SMT cores under sched‑ext.

  • Merged Feiteng patches into the 6.6 kernel branch to fix potential issues in the Feiteng i3c/i2c driver.

  • Merged Feiteng patches into the 6.6 kernel branch to correctly identify the FT303 core code and add it to the Spectre security list.

  • Merged Loongson upstream patches into the 6.6 kernel branch to support the THP_SWAP feature, increasing swap bandwidth several times on certain platforms.

  • Merged an upstream patch into the 6.6 kernel to fix a TCP receive window limiting issue that caused data transfer performance problems, allowing users to configure larger receive windows.

Security fixes

  • Disabled the INET{6}_ESPINTCP features, which are easily exploited for vulnerability attacks, in the kernel.

  • Fixed an issue in the 6.18 kernel branch where the cjktty Chinese patch was missing under 32x32 fonts, causing Chinese characters to display as squares in the TTY.

  • Merged high‑version upstream patches into the 6.6/6.18 kernel branches to support the switchtec gen6 PCIe switch chip.

  • Merged a high‑version upstream patch into the 6.6 kernel to clean up unused xfs tracepoint code.

deepin‑sysdev‑team

Kernel and base component updates

  • Upstream kernel baseline updates (6.6.140‑p1 to p5), Phytium TLB controller/SNOOP driver updates, Leapraid SCSI driver updated to v2.0.1.2, CJK TTY support fixes.

  • systemd: backported critical upstream security patches, P1/P2 bug fixes, network stack fixes, added RemountWritePaths option, logind user management improvements.

  • glib2.0: backported upstream security and bug fixes, fixed XML parser state handling, fixed memory allocation alignment.

  • grub2: PGP command signature handling fixes (7 PRs), memory leak fixes, USBMS driver improvements.

Driver and firmware updates

  • Audio: Added Phytium PMDK‑I2S HDMI support to the ALSA library.

  • Firmware: Added support for Radxa Dragon Q8B, added Qualcomm QCM6490 firmware.

Application software updates

  • Updated components including hplip, openssh, samba, radvd, curl (curl fixed multiple security vulnerabilities).

Security patches (CVE fixes)

  • Fixed dozens of CVEs in components such as angular.js, openbabel, libheif, nasm, vtk9, twitter-bootstrap3, libvirt, util-linux, golang-go.crypto.

  • Also fixed security issues in base components including glibc, samba, vim, bind9, rsync, gnutls28.

DDE SIG

Treeland environment optimisations

  • Fixed an issue where tray menus of Wine applications would freeze for three seconds under Treeland sessions.

  • Fixed an issue where tray menus of Wine applications would appear in incorrect positions under Treeland sessions.

  • Fixed an issue where the theme used by the taskbar under Treeland sessions could be incorrect.

  • Fixed issues where some operations could cause crashes under Treeland sessions.

Taskbar optimisations

  • Various touchscreen optimisations.

  • Ensured tray plugins are displayed in a stable order.

  • Ensured the taskbar is visible in multi‑tasking view.

Launcher and Control Center

  • Enabled touchscreen scrolling support in the Launcher.

  • Continued to adapt the Control Center to the Treeland environment.

  • Aligned the scrollbar style in some parts of the Control Center with the DTK style.

  • Added an auto‑brightness toggle.

  • Fixed an issue where scaling might revert after logging out and back in.

  • Fixed an issue where the sidebar would not be displayed when restoring the Control Center window after minimising it.

Other defect fixes

dde‑port SIG

  • Improved portability of dual DTK versions.

  • Improved compatibility of translation tool path lookups during the build process of multiple deepin applications.

  • Ongoing handling of portability issues.

deepin‑ports SIG

RVA23 repository construction

  • On new devices (amd64 + riscv64), overlaid the RVA23 repository on top of deepin 25.1 and upgraded to verify repository usability – no conflicting packages.

  • Verified that mesa 26.1.0 can be built on the existing RVA23 repository baseline.

Key device adaptation

  • SpacemiT K3:

    • The K3 SDK was officially released upstream; builds for the K3 6.18 kernel and u‑boot have been added.

    • Contacted the vendor, packaged the K3 image and published installation guides.

    • Vendor reported that the K3 GPU is now usable.

    • Attempted to use the Imagination open‑source driver solution combined with Zink to start the desktop.

    • Tested using the RVA23 repository and ran benchmarks.

  • Radxa Q6A/Q8B: Packaged the Qualcomm 7.0 kernel from Radxa.

deepin‑ports maintenance

  • Released wasm‑imager: a WebAssembly‑based image creation tool that allows users to directly create write‑once images in a browser.

  • Added an image creation page on the website (beta).

  • Released a deepin 25.1 image for the K1 development board; repackaged after fixing missing packages.

  • Received K1 test reports from the development board roaming program.

  • ffmpeg patch version is being repackaged due to upstream security updates.

  • Development board roaming program: K1 development board has been sent out.

  • Received an invitation to the Radxa/Qualcomm Developer Conference; preparing booth materials.

  • Proposed two requirements that were accepted: writing sources.list in deepin live mode, and adding a watermark hint on the desktop.

For more details, please refer to the weekly reports provided by the group’s blog: deepin-ports SIG | Blog

deepin‑translation SIG

Translation fixes

  • Provided feedback and corrections for encountered translation errors.

Multi‑language updates

  • Timely updates for translations in Spanish, Japanese, Italian, German, Arabic, Ukrainian, French, Indonesian, Russian, and other languages.

IV. Community Ecosystem

The App Store recently completed nearly 493 application review and testing cycles, successfully promoting the listing of 317 applications, of which 199 are brand‑new applications. Several mainstream productivity applications, including Feishu, TickTick, and Xmind, underwent issue fixes and version iterations. Multiple Linglong applications, such as Firefox, Chrome, and Microsoft Edge, were synchronised with upstream version updates. Among self‑developed applications, the Windows Application Compatibility Engine and XiaoU (Little U) were updated and listed.

The Ecological Co‑construction Group steadily advanced application adaptation work. A total of 24 developers from the group enthusiastically participated in ecological construction. They maintained a total of 91 applications in various forms, including 60 deb open‑source applications, 26 Linglong applications, and 5 Wine applications. We extend our sincere thanks to all the friends who contributed to the deepin ecosystem. We invite more partners to submit high‑quality applications through the deepin community, working together to build an open and diverse community application ecosystem.

deepin, as an open‑source operating system that performs remarkably in the DistroWatch global ranking and is widely recognised by users worldwide, values the voice of every user. If you have any opinions or suggestions regarding the deepin community, please feel free to provide feedback on the deepin Forum.