The GNU Boot project, dedicated to providing a completely free software bootloader, has recently addressed several incidents involving the inclusion of non-free software components. These components, while not actively used by GNU Boot and therefore posing no threat to supported devices, were nonetheless discovered and promptly removed. This necessitated re-releases of the affected versions and prompted the project to actively seek community assistance in contacting potentially affected distributions to ensure widespread awareness and mitigation of the issue. The project emphasizes that the discovered non-free code did not impact the functionality of GNU Boot on any supported systems.
The discovery and subsequent removal of the non-free software highlights the ongoing challenges in maintaining a purely free software ecosystem. The GNU Boot team actively works to maintain a 100% free software distribution and encourages community participation in identifying and addressing such issues to ensure the project's ongoing commitment to its core principles. The project’s transparency, prompt response, and call for community assistance underscore its dedication to maintaining a robust and reliable free software bootloader.
Further details regarding the affected components and the remediation process are available on the GNU Boot project news page, issue reports, and mailing list discussions. A specific commit removing the non-free hdcp.bin binary from the source code has been publicly shared, demonstrating the project's commitment to openness and accountability. The GNU Boot project continues to improve its processes and infrastructure, including the adoption of Guix for more software components, to prevent future occurrences and facilitate community contributions.