Hello TUXEDO Fans and Open-Source Enthusiasts!
In Germany, there’s a saying – „Holla, die Waldfee“ – used when something unexpectedly knocks you off your feet. Our developer penguins have probably heard it more often than they would have liked over the past two weeks. With Pack2TheRoot , Copy Fail , and Dirty Frag , three separate security vulnerabilities appeared in Linux components that could be exploited to gain root privileges. Not exactly the kind of surprise anyone enjoys in daily work – though, admittedly, it does fit neatly into the bugfix schedule.
It’s a sobering reminder, but not a reason to sweep things under the rug. In the open-source world in particular, transparency means issues can be fixed quickly. That’s exactly what happened in TUXEDO OS, where we promptly delivered bugfixes . For „Dirty Frag“, there is already an initial mitigation in place, even if the final fix is still in progress. Honestly, we would have preferred working on new features instead of kernel edge cases.
The past weeks once again highlight why regular updates are not a tedious ritual but a core security factor. At the same time, they underline the value of long-term hardware support: a Linux system doesn’t suddenly become unsafe just because a date is reached. There’s no need to rush into new hardware purchases when software support ends – a scenario many still remember from the Windows 10 end-of-support situation. Stability also means planning reliability.
On a lighter note, beyond security alerts and patch marathons, there are more enjoyable topics as well. In this edition, we take a look at KeepSecret and the return of some true KDE classics: the Oxygen and Air themes are making a surprising comeback as part of KDE’s 30th anniversary. Between nostalgia and modern design, it shows that even the Linux desktop can get a bit emotional – no „Holla, die Waldfee“ required.
Enjoy reading,The TUXEDO OS Team
Note: We would like to keep you updated on the latest developments in TUXEDO OS with the TWIX series and introduce you to exciting applications as well as practical tips related to the KDE desktop and TUXEDO OS. However, this section should not be a one-way street: your feedback, ideas, and suggestions for improvement are very welcome! For this purpose, we have created a thread on Reddit, where you can reach us directly.
Updates in TUXEDO OS
nvidia-driver-580 (2:580.126.09–2tux1)
Required to ensure a smooth transition from branched to unbranched driver packages.
tuxedo-archive-keyring 2024.04.01tux2 (Ubuntu Noble only)
Added tuxedo-fix-copy-fail as a dependency
Security Updates in TUXEDO OS
tuxedo-fix-dirty-frag 1.0.0
Disables the kernel modules esp4 , esp6 and rxrpc
Provides protection against potential exploitation of the Dirty Frag vulnerability
The package is not rolled out automatically
Installation is strongly recommended, but may affect IPSec VPN and Kerberos functionality
Thunderbird 140.10.1esr
KDE App of the Week: Managing Passwords and Logins with KeepSecret
With KeepSecret, we take a look at a modern password manager from the KDE ecosystem that deliberately focuses on openness and interoperability. The application lets you view, edit, create, and delete credentials, and is designed for both desktop and mobile use cases. Unlike traditional standalone solutions, KeepSecret integrates flexibly into existing infrastructures built around secure credential management.
KeepSecret’s clean interface displays stored credentials in a central view and allows you to easily manage, edit, and create new entries across different compatible Secret Service backends.
Installation is straightforward via Flathub , making it independent of your distribution. Through the Discover software center, the application is ready to use within seconds – including all dependencies. This is especially beneficial in heterogeneous Linux environments, as you always get an up-to-date version directly from upstream without worrying about package sources or version conflicts.
From a technical perspective, support for the so-called Secret Service standard org.freedesktop.secrets is particularly interesting. KeepSecret acts as a frontend for various backends such as KeePassXC, GNOME Keyring, or KWallet. This means you manage your credentials centrally while remaining flexible in your choice of the actual storage system, making integration into existing workflows much easier.
This is also where KeepSecret stands out compared to KWallet: while KWallet is tightly integrated into the KDE ecosystem, KeepSecret serves as a universal interface for multiple password services. This makes it especially appealing if you work across platforms or combine different tools. You benefit from a consistent user experience without being locked into a single solution.
Info: Are you interested in Plasma development and want to know what new features are planned and which programs have been recently updated? You can find a detailed overview in the weekly column This week in Plasma by KDE developer Nate Graham.
TUXEDO OS Tips & Tricks: Oxygen and Air Ahead of Their Comeback
With the upcoming release of KDE Plasma 6.7 on June 16, 2026, two classics are making an unexpected return : the Plasma styles „Oxygen“ and „Air“ are currently being extensively reworked by the community. The goal is to make both themes usable again in time for the release and to adapt them to modern technical and visual standards.
The TUXEDO OS design presents a modern interpretation of KDE Plasma with clean lines, subtle colors, and a tidy desktop layout optimized for productive everyday use.
Breeze is the current default theme of KDE Plasma, featuring a minimalist and flat design that prioritizes functionality while deliberately reducing visual distractions.
Both themes originally date back to the KDE 4 era and significantly shaped the look and feel of the desktop environment at the time. While Oxygen introduced darker tones and a glass-like aesthetic, Air later adopted a brighter design built around transparency. Over the years, however, both fell behind, gradually losing functionality or disappearing altogether.
The current revival is driven by several KDE developers, including Filip Fila and Nuno Pinheiro, who was already involved in the original Oxygen design. Together, the team is working not only to restore these historic themes, but also to bring them up to date with modern Plasma standards.
On the technical side, Oxygen has already seen significant improvements: the panel has been completely reworked and now properly adapts to different orientations. Long-missing elements such as a minimized window indicator and updated switch designs have also been added. In addition, adaptive transparency is now supported, and previous rendering issues in widgets have been resolved.
The updated Oxygen theme brings back darker gradients and a more dimensional look, while feeling noticeably more modern and integrating surprisingly well with current Plasma versions.
Air once again embraces transparency and lightness, now enhanced with modern blur effects and refined UI elements for a more elegant and contemporary desktop experience.
Air, in turn, regains its signature transparency and enhances it with modern blur effects in the background. This not only improves readability but also gives the theme a more contemporary feel. In addition, the panel, header, and footer have been reworked, and new graphical elements for switches and controls have been introduced.
If you would like to try out these updated themes yourself, you can install them manually: download the theme files (links are available at the end of the blog post ) and open Appearance & Style » Colors & Themes » Plasma Style in the system settings. There, select Install from File… , import the desired themes, and activate them. This way, you can experience for yourself how a look back into the past meets the present.
Ubuntu Security Updates
The Ubuntu security updates listed here are generally incorporated directly into TUXEDO OS. Some updates are only available from Ubuntu for a fee and are therefore not made available to the community until a later date. Unfortunately, we have no control over this:
USN-8261–1: Linux kernel (Xilinx) vulnerabilities
USN-8260–1: Linux kernel (Azure FIPS) vulnerabilities
USN-8259–1: OpenEXR vulnerabilities
USN-8258–1: Linux kernel (Azure) vulnerabilities
USN-8256–1: opam vulnerability
USN-8246–1: Vim vulnerabilities
USN-8254–1: Linux kernel vulnerabilities
USN-8253–1: Postfix vulnerability
USN-8252–1: OpenJPEG vulnerability
USN-8251–1: libpng vulnerabilities
USN-8249–1: dpkg vulnerability
USN-8248–1: NASM vulnerabilities
USN-8245–1: Linux kernel vulnerabilities
USN-8244–1: Linux kernel vulnerabilities
USN-8242–2: PostfixAdmin vulnerability
USN-8240–1: Swish-e vulnerabilities
USN-8239–1: Apache HTTP Server vulnerabilities
USN-8238–1: EditorConfig vulnerability
USN-8237–1: WebKitGTK vulnerabilities
USN-8231–1: Dynaconf vulnerability
USN-8236–1: Slurm vulnerabilities
USN-8230–1: Docker vulnerabilities
USN-8234–1: Mako vulnerability
USN-8233–1: nghttp2 vulnerability
USN-8232–1: Django vulnerabilities
USN-8229–1: sed vulnerability
USN-8228–1: Exim vulnerabilities
USN-8227–1: curl vulnerabilities
USN-8226–1: kmod update
USN-8218–1: zuluCrypt vulnerability
