The attached patch updates arm-trusted-firmware packages to 2.12.2. I believe this fixes a few minor CVE, although it is not immediately obvious from upstream commit logs... All dependents build on both x86_64-linux and aarch64-linux: guix build: computing dependents of package arm-trusted-firmware-imx8mq@2.12.2... /gnu/store/gg1gmqb89kjaqbq8f9ndzs3ll7niq56d-arm-trusted-firmware-imx8mq-2.12.2 guix build: computing dependents of package arm-trusted-firmware-rk3328@2.12.2... /gnu/store/wcqyaw6cqzlk8asv3vh4alsrd9a291m7-arm-trusted-firmware-rk3328-2.12.2 /gnu/store/zxs49a0msm4vff5szc7757k1s0lpszla-u-boot-orangepi-r1-plus-lts-rk3328-2025.01 /gnu/store/vap8w54l9kvi4179cy5w0kl2a5f9ixr9-u-boot-rock64-rk3328-2025.01 guix build: computing dependents of package arm-trusted-firmware-rk3399@2.12.2... /gnu/store/0z2c2dikv1d5avr6f0jga5gsq5pl2x69-arm-trusted-firmware-rk3399-2.12.2 /gnu/store/y0yzl9wccwmhhipblkrv370kafb7d30v-u-boot-rockpro64-rk3399-2025.01 /gnu/store/mw39784wjpbnxhc5arlwcqk93ml1m7pr-u-boot-firefly-rk3399-2025.01 /gnu/store/85rgpgic0vqziczgb92csavl0vxrwm0k-u-boot-puma-rk3399-2025.01 /gnu/store/mbijwvldbwzkscb79v1qqnhnlc93sqgf-u-boot-pinebook-pro-rk3399-2025.01 guix build: computing dependents of package arm-trusted-firmware-rk3588@2.12.2... /gnu/store/dx9b2ymbj3f7h77mf7b86jagiwkxrdlg-arm-trusted-firmware-rk3588-2.12.2 guix build: computing dependents of package arm-trusted-firmware-sun50i-a64@2.12.2... /gnu/store/10sx5h064fbjnhc2c6vvkqrp43sj23f0-arm-trusted-firmware-sun50i-a64-2.12.2 /gnu/store/m35rj7p3fjhkkbanj3i9xlw808byl8gp-u-boot-pine64-lts-2025.01 /gnu/store/090mm7g00cl6ws435lf97j7cfdbnnfki-u-boot-pinebook-2025.01 /gnu/store/8f7hn13g71a8cj6pqlj4qjrz5qcbam2s-u-boot-pine64-plus-2025.01 guix build: computing dependents of package arm-trusted-firmware-sun50i-h616@2.12.2... /gnu/store/jljnh49swdkax8fpl2xqpaag065vggai-arm-trusted-firmware-sun50i-h616-2.12.2 /gnu/store/kvh138wv7ri6fni3mcan7xdbw7i3p3j2-u-boot-orangepi-zero2w-2025.01 I also boot-tested a mnt/reform2 (which admittedly uses a custom u-boot). live well, vagrant