Release 2026_027 (2026-07-08)¶
This release is off-cycle to patch the Januscape vulnerability (CVE-2026-53359) on our KVM hosts. The next release will be regularly on Thursday, 2026-07-09.
Impact¶
26.05¶
Machines will reboot to activate a changed kernel.
NixOS 26.05 platform¶
linuxKernelVerify: bump to 6.18
All non-production machines, as well as all machines running in our WHQ and DEV locations, will now use a 6.18 kernel. Production machines in RZOB (our primary data center) remain at kernel 6.12 for now.
Fast track kernel update to 6.12.95 and 6.18.38 to fix Januscape (PL-135580, CVE-2026-53359)
Pull upstream NixOS changes, security fixes, and package updates:
calibre: 9.9.0 -> 9.10.0
docker: 29.5.3 -> 29.6.0
firefox: 152.0.3 -> 152.0.4
linuxKernelStable: 6.12.94 -> 6.12.95
linuxKernelVerify: 6.12.94 -> 6.18.38
phpPackages.composer: 2.9.8 -> 2.10.1
Detailed Changes¶
NixOS 26.05: platform code, nixpkgs/upstream changes, metadata, channel url