Dear Qubes Community,
We're pleased to announce that the second [release candidate](#what-is-a-release-candidate) (RC) for Qubes OS 4.2.0 is now available for [testing](Testing new releases and updates | Qubes OS). Qubes 4.2.0-rc2 is available on the [downloads](Download Qubes OS | Qubes OS) page.
## What's new in Qubes 4.2.0-rc2?
- Dom0 upgraded to Fedora 37
- Xen updated to version 4.17
- Default Debian template upgraded to Debian 12
- Default Fedora and Debian templates use Xfce instead of GNOME
- SELinux support in Fedora templates
- Several GUI applications rewritten, including:
- Applications Menu
- Qubes Global Settings
- Create New Qube
- Qubes Update
- Unified `grub.cfg` location for both UEFI and legacy boot
- PipeWire support
- fwupd integration for firmware updates
- Optional automatic clipboard clearing
- Official packages built using Qubes Builder v2
- Split GPG and Split SSH management in Qubes Global Settings
Please see the [Qubes OS 4.2.0 release notes](Qubes OS 4.2.0 release notes | Qubes OS) for details.
## When is the stable release?
That depends on the number of bugs discovered in this release candidate and their severity. As explained in our [release schedule](Version scheme | Qubes OS) documentation, our usual process after issuing a new release candidate is to collect bug reports, triage the bugs, and fix them. This usually takes around five weeks, depending on the bugs discovered. If warranted, we then issue a new release candidate that includes the fixes and repeat the whole process again. We continue this iterative procedure until we're left with a release candidate that's good enough to be declared the stable release. No one can predict, at the outset, how many iterations will be required (and hence how many release candidates will be needed before a stable release), but we tend to get a clearer picture of this with each successive release candidate, which we'll share in this section in future release candidate announcements. The feedback we receive on this release candidate will determine whether another one is required.
## Testing Qubes 4.2.0-rc2
Thank you to everyone who tested 4.2.0-rc1! Due to your efforts, this new release candidate includes fixes for several bugs that were present in the first release candidate.
If you're willing to [test](Testing new releases and updates | Qubes OS) this new release candidate, you can help us improve the eventual stable release by [reporting any bugs you encounter](Issue tracking | Qubes OS). We encourage experienced users to join the [testing team](Joining the Testing Team).
A full list of issues affecting Qubes 4.2.0 is available [here](Issues · QubesOS/qubes-issues · GitHub). We strongly recommend [updating Qubes OS](How to update | Qubes OS) immediately after installation in order to apply all available bug fixes.
## Upgrading to Qubes 4.2.0-rc2
[In-place upgrades from Qubes 4.1 to Qubes 4.2](How to upgrade to Qubes 4.2 | Qubes OS) are now implemented and ready for testing! As always, we strongly recommend [making a full backup](How to back up, restore, and migrate | Qubes OS) beforehand.
Current Qubes 4.2.0-rc1 systems should be [updated normally](How to update | Qubes OS), but please note that some templates have changed from the first release candidate. These changes are listed [above](#whats-new-in-qubes-420-rc2).
## Reminder: new signing key for Qubes OS 4.2
As a reminder, we published the following special announcement in [Qubes Canary 032](Qubes Canary 032 | Qubes OS) on 2022-09-14:
We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. Normally, we have only one RSK for each major release. However, for the 4.2 release, we will be using Qubes Builder version 2, which is a complete rewrite of the Qubes Builder. Out of an abundance of caution, we would like to isolate the build processes of the current stable 4.1 release and the upcoming 4.2 release from each other at the cryptographic level in order to minimize the risk of a vulnerability in one affecting the other. We are including this notice as a canary special announcement since introducing a new RSK for a minor release is an exception to our usual RSK management policy.
As always, we encourage you to [authenticate](Qubes security pack (qubes-secpack) | Qubes OS) this canary by [verifying its PGP signatures](Verifying signatures | Qubes OS). Specific instructions are also included in the [canary announcement](Qubes Canary 032 | Qubes OS).
As with all Qubes signing keys, we also encourage you to [authenticate](Verifying signatures | Qubes OS) the new Qubes OS Release 4.2 Signing Key, which is available in the [Qubes Security Pack (qubes-secpack)](Qubes security pack (qubes-secpack) | Qubes OS) as well as on the [downloads](Download Qubes OS | Qubes OS) page under the Qubes OS 4.2.0-rc2 ISO.
## What is a release candidate?
A release candidate (RC) is a software build that has the potential to become a stable release, unless significant bugs are discovered in testing. Release candidates are intended for more advanced (or adventurous!) users who are comfortable testing early versions of software that are potentially buggier than stable releases. You can read more about Qubes OS [supported releases](Supported releases | Qubes OS) and the [version scheme](Version scheme | Qubes OS) in our documentation.
## What is a minor release?
The Qubes OS Project uses the [semantic versioning](https://semver.org/) standard. Version numbers are written as `<major>.<minor>.<patch>`. Hence, releases that increment the second value are known as "minor releases." Minor releases generally include new features, improvements, and bug fixes that are backward-compatible with earlier versions of the same major release. See our [supported releases](Supported releases | Qubes OS) for a comprehensive list of major and minor releases and our [version scheme](Version scheme | Qubes OS) documentation for more information about how Qubes OS releases are versioned.
This announcement is also available on the Qubes website: