coreboot™: fast, flexible and reproducible Open Source firmware!

Reproducible Coreboot

Reproducible builds enable anyone to reproduce bit by bit identical binary packages from a given source, so that anyone can verify that a given binary derived from the source it was said to be derived. There is more information about reproducible builds on the Debian wiki and on https://reproducible-builds.org. These pages explain in more depth why this is useful, what common issues exist and which workarounds and solutions are known.

Reproducible Coreboot is an effort to apply this to coreboot. Thus each coreboot.rom is build twice (without payloads), with a few variations added and then those two ROMs are compared using diffoscope. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.

There is a weekly run jenkins job to test the master branch of coreboot.git. The jenkins job is running reproducible_coreboot.sh in a Debian environment and this script is solely responsible for creating this page. Feel invited to join #reproducible-builds (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated - if you want to help, please start by looking at the ToDo list for coreboot, you might find something easy to contribute.
Thanks to IONOS for donating the virtual machines this is running on!

122 (100.0%) out of 122 built coreboot images were reproducible in our test setup ! These tests were last run on 2024-11-20 for version 24.08-733-g73d1980d23 using diffoscope 283.

variation	first build	second build
hostname	osuosl1-amd64 or osuosl2-amd64	the other one
domainname	is not yet varied between rebuilds of coreboot.
env CAPTURE_ENVIRONMENT	not set	CAPTURE_ENVIRONMENT="I capture the environment"
env TZ	TZ="/usr/share/zoneinfo/Etc/GMT+12"	TZ="/usr/share/zoneinfo/Etc/GMT-14"
env LANG	LANG="en_GB.UTF-8"	LANG="et_EE.UTF-8"
env LC_ALL	not set	LC_ALL="et_EE.UTF-8"
env PATH	PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:"	PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path"
env USER	is not yet varied between rebuilds of coreboot.
uid	is not yet varied between rebuilds of coreboot.
gid	is not yet varied between rebuilds of coreboot.
UTS namespace	is not yet varied between rebuilds of coreboot.
kernel version, modified using /usr/bin/linux64 --uname-2.6	Linux 6.11.5+bpo-amd64	Linux 2.6.71+bpo-amd64
umask	0022	0002
CPU type	AMD Opteron(tm) Processor 4284	same for both builds
/bin/sh	is not yet varied between rebuilds of coreboot.
year, month, date	today (2024-11-20)	same for both builds (currently, work in progress)
hour, minute	hour and minute will probably vary between two builds...	the future system actually runs 398 days, 6 hours and 23 minutes ahead...
Filesystem	tmpfs	same for both builds (currently, this could be varied using disorderfs)
everything else...	is likely the same. There will be more variations in the wild.

ARM_RDN2 (b98753475ff4b9b445c270bd781db0943dc0189f4325fdfa9416f56641e07ae4, 64MiB) is reproducible.
EMULATION_QEMU_AARCH64 (391f708c5fe4df0de0262d95073d0a091f1fc6aa3dc6a0d63c4b5c705fc9f090, 16MiB) is reproducible.
EMULATION_QEMU_AARCH64_FIT_SUPPORT_TIMESTAMPS (ce0032e4a8f7f85fa36f9f99368fe3de86ff1ddb8b610d44807ebc3740a26110, 16MiB) is reproducible.
EMULATION_QEMU_ARMV7 (a428e67602fac9759700b188cd8cc0accd8877eb112a9a4a84c20ebe5b21d9a6, 4MiB) is reproducible.
EMULATION_QEMU_RISCV_RV32 (50035073fb84c34a096f72c168b1573c052f14efef8901e8b6b79bda8aa1fe94, 32MiB) is reproducible.
EMULATION_QEMU_RISCV_RV64 (6054c5d7789f3c6942bf330af6efaeb0ca36ce4e93177231916deeed5e40772f, 32MiB) is reproducible.
EMULATION_QEMU_RISCV_RV64_ (171d0a8aaca18a147f8149be3f8ff81cd0df7c6537ecefd9809aac389dbcbf8e, 32MiB) is reproducible.
EMULATION_QEMU_SBSA (e7b5bf2a952f4b6aa414bbf8566279057f20a09af223a2e6d1011d83f775d0c5, 256MiB) is reproducible.
EMULATION_QEMU_X86_I440FX (c4dd77ef6e1a365547fc5c99bed9f408c938353798105bb35741be9bff842def, 4MiB) is reproducible.
EMULATION_QEMU_X86_I440FX_ (c4dd77ef6e1a365547fc5c99bed9f408c938353798105bb35741be9bff842def, 4MiB) is reproducible.
EMULATION_QEMU_X86_I440FX_ASAN (248e37eaf7c805dce2aa16eac072f1c13bfe8251cd1f88a7bf685fb6cc738bb2, 4MiB) is reproducible.
EMULATION_QEMU_X86_I440FX_DEBUG (f00ec6fd58f9084e55d16d7bf24fb1489d3bb4fea0b9fb99e29048b0d6835e26, 4MiB) is reproducible.
EMULATION_QEMU_X86_I440FX_NOSERIAL (c485c83c99679a62ccc3af4c061c7b2ba87d1aef06c651febd9d3955c11494ba, 4MiB) is reproducible.
EMULATION_QEMU_X86_I440FX_X86_64 (61c7699e453cbd7ec318ebeff04e4ec8a819c378436e934d8218cb7c1a0451f2, 4MiB) is reproducible.
EMULATION_QEMU_X86_Q35 (7629bdceafa731bebd3e1aac22866d3bb5850e0f96b5a48f3f33a47ca6b745e5, 8MiB) is reproducible.
EMULATION_QEMU_X86_Q35_SMM_TSEG (e2f3478799075cca0d91a2935b6385803e3408b677fecaf701850c3dd4033363, 8MiB) is reproducible.
EMULATION_SPIKE_RISCV (15521153f3d628fa14d044cfcf318cfe8374f3977a7a8f171978a14f7bbf4d36, 4MiB) is reproducible.
EXAMPLE_MIN86 (b4f9957c57de1449b10a0765165bc05e8d51f7e77ad592f94ebadd4f52aef3d6, 256KiB) is reproducible.
GOOGLE_ASURADA (9c8a03898babb68212f3a3893e79e18fa1dd984f28b4d090cf6e8c8335a37bdf, 8MiB) is reproducible.
GOOGLE_BOB (d60c1e4e950cee2fde7e0ac6e28b27d12afa975c5392f3732d942e5f9c11a7e4, 8MiB) is reproducible.
GOOGLE_BUBS (ae88552430bfaef4f36b9d7545e5f98668f05bec92078d266e3b49d8a75e4575, 8MiB) is reproducible.
GOOGLE_BURNET (6b789900b3cb325fb71a91224e26ee9f70277585b01d7cae10fd490b5bab6683, 8MiB) is reproducible.
GOOGLE_CERISE (8d738fe543b4219ad9c818678ee21a1558986694570da5cc68dbbcfacd7d70b6, 8MiB) is reproducible.
GOOGLE_CHERRY (423e565c304edc6b61d51db6d1d3c8e48336a059747473b392ccd8ab79fc1e4b, 8MiB) is reproducible.
GOOGLE_CHINCHOU (6d25ae93ed2c0c38904bbc6d1857dbee33db237838eacb450b2a639b37b19885, 8MiB) is reproducible.
GOOGLE_CIRI (a4612bb92629ba7c7d7bc51ff5fd04a9cac2aa28b4865deb5d05680bb26a8ef3, 8MiB) is reproducible.
GOOGLE_COACHZ (6fa1b71d948746f0c41f9455771938838e5ff3dfa87773573a0a44109508e990, 8MiB) is reproducible.
GOOGLE_COZMO (4a5d3386ec7c20eca5077acfd5aac8d454520da176c9014e4dc89bb004c5f99c, 8MiB) is reproducible.
GOOGLE_DAISY (c889f004fc3e4f6c2325e4432ebb50002d4373cb5c4485fbcefe259b486b1f17, 4MiB) is reproducible.
GOOGLE_DAMU (c11e6f1948f7dc7963887309695f4706746d93e34f99ea42947c12f6002f4d94, 8MiB) is reproducible.
GOOGLE_DOJO (434edabda7590363e1fb4186b036793060aecdd773e811a253101bb30857cdc7, 8MiB) is reproducible.
GOOGLE_ELM (b1f1ae5f4616a844a0bcd18dd2d2108ea7306765c1ef4f61a07e93c35e91893b, 4MiB) is reproducible.
GOOGLE_ESCHE (598b0261b583216e1fb81a89f718ba49b344c3f0a9b4f3be2a794a0e0a8c3591, 8MiB) is reproducible.
GOOGLE_FATCAT (1dfb16df2fc4c92b07a7d9034956117eecaeff0c1066621effa0f0a80ca95dc3, 32MiB) is reproducible.
GOOGLE_FATCATITE (57dd32182a5b70123a84954ce1847eb93b7ff826ac6fc70be728dfb98f8c8cfc, 32MiB) is reproducible.
GOOGLE_FATCATNUVO (5993c10a7ce62cc699edf250dfb92f0846a4e62fe8a06519a403919ad7bb9876, 32MiB) is reproducible.
GOOGLE_FELINO (929a09f7777a7535252751b1fc1418aa242604bf20ff184d78db4067ce0f45de, 32MiB) is reproducible.
GOOGLE_FENNEL (d3d368c626ceaf3157c8cde2fae508ae64e86048f509ceb47c24a5f12ac60f7b, 8MiB) is reproducible.
GOOGLE_FLAPJACK (1cae9ab5f5f9b35a5f999fe9fd53e261cc5532e6486248c50f354ed3f0d101a9, 8MiB) is reproducible.
GOOGLE_FOSTER (b7fe5641766abac1dcdbaf902703b93c98a48dc484e5d8cfa3266a6492eb1620, 4MiB) is reproducible.
GOOGLE_FRANCKA (de4e9e399abe4bf3dcbbdda87968b0544711505bc263eb36671f5edfa7f5132c, 32MiB) is reproducible.
GOOGLE_GALE (0f0fc209e506c4f16633fa54dbf09b1c16bf187f07cd9bb917808f1dfc5fb08b, 8MiB) is reproducible.
GOOGLE_GELARSHIE (59ee5bf1539072be8d500f0e24da36eebaf3bd731b48b992312ee16b5dfe9a6d, 8MiB) is reproducible.
GOOGLE_GERALT (15a06104a6e9006eadf2f700ed9fa08868b510f870e169da4e96dbaacbc7714c, 8MiB) is reproducible.
GOOGLE_GRU (1a28b12dd6ee951f26a2cf604ebf5f9597565f0bf0945f3bac89c4c0b42fe77c, 8MiB) is reproducible.
GOOGLE_HANA (3551974a5e3c673e643cb481d8f1431d2723c94914e94af5866552bcca50174a, 4MiB) is reproducible.
GOOGLE_HAYATO (46596cb250b0de23e9efd9b88388a84a9175ea356ae3bf1385d700f83f555eb2, 8MiB) is reproducible.
GOOGLE_HOMESTAR (964fbdc69001731917ba408a3e7195606a8170c6483ac2dfe8e341c1ab378522, 8MiB) is reproducible.
GOOGLE_HYLIA (9496ef6281ffe62e9ea0ee5090ed3af20bb82622cb32dd23f853d39eeba72b05, 8MiB) is reproducible.
GOOGLE_JACUZZI (dcb8ab2370bf05c0142dce7e0df4e1712162738d168fedeef7649f91ba3fe3af, 8MiB) is reproducible.
GOOGLE_JUNIPER (b0f3ebcf34cca28ddc17c387698ce84d97659ba156919efef0d6a3d3285f53d6, 8MiB) is reproducible.
GOOGLE_KAKADU (5b20a7c90be8621111c8c1ed470ef8faa1cf5a009cfcaab22a1a638f76e60dd1, 8MiB) is reproducible.
GOOGLE_KAPPA (52dc4ff125738d8317242d90b0eafbb054fdee24b1c5f0358975be989f808de7, 8MiB) is reproducible.
GOOGLE_KATSU (f98696dd48b6e1a68588f2b2545d6de8f09e1fd360b43ff52366107105974d33, 8MiB) is reproducible.
GOOGLE_KEVIN (3b1ffe89f7fc37ddac1f9d5e7ca65fa854e74bf2fa4fb0f671ae36cc71e6700b, 8MiB) is reproducible.
GOOGLE_KEVIN_SECDATA_MOCK (62901fc59435577828512f26eaa51ea78d95bae1de473807c315041c88eebfdf, 8MiB) is reproducible.
GOOGLE_KINGLER (9037d0b87a6e0025c0e6fa8360be3c9991161c630f5f177847501d4449f71165, 8MiB) is reproducible.
GOOGLE_KINGOFTOWN (0a766245130ca5528a6041010eaf00d41aee16079494cfe82ebe073bc76c3926, 8MiB) is reproducible.
GOOGLE_KODAMA (7c2b151f4826b641ff2e618a0990ef541a71fb7380af25f90897137de9e8a471, 8MiB) is reproducible.
GOOGLE_KRABBY (74fc96c189aea8391bff96b6c9c11d3e9b3aa98d760de75ce4a7ef0066399e31, 8MiB) is reproducible.
GOOGLE_KRANE (0821f9a68dab40b49de99eea7a09d12dea79b8b5f8501397533ea9bc98d5e0bd, 8MiB) is reproducible.
GOOGLE_KUKUI (c31f1e25f147895a4b9ce4e0d99f58e32c05c27e3484ad13e4909dcd9e4ccb59, 8MiB) is reproducible.
GOOGLE_KYOGRE (4d0d61fff8aa508d36dfeba29047a7d72229700914f2bf63a9bccd3e77712bac, 8MiB) is reproducible.
GOOGLE_LAZOR (050013344aadeb752305207615989e74aeb0f7d714c090daadc137e228e274b5, 8MiB) is reproducible.
GOOGLE_MAGIKARP (a85d1e3004cc979087d80d2ee0490ab91bb16434bcda214405d880e1b0cb5834, 8MiB) is reproducible.
GOOGLE_MAKOMO (965c6d4faa3c1b401d8802232a96aa7b1f0d9488d82974606d8cd2f373ac24c0, 8MiB) is reproducible.
GOOGLE_MARZIPAN (e5f38c4d410ef193b8358f87ba3b12a896b0e8ba533249bebcc0c5f7d8102136, 8MiB) is reproducible.
GOOGLE_MISTRAL (568777ebc43fb30aab1a9519fe2b643533d301595304aa61dc2a6e129a3aac45, 8MiB) is reproducible.
GOOGLE_MRBLAND (bca43bfa0af08e8ccd5f8917b3c2627f33ca55bacedf970de74f2763a98b93ef, 8MiB) is reproducible.
GOOGLE_MUNNA (794735d9e4f887869dc8b64025b74f49ab294e29d01965c32bdadf417dbbf878, 8MiB) is reproducible.
GOOGLE_NAVI (e66035008f4a5eeb2b366e648e474feb33f6ccfb846c7908a04c63fe3a40561e, 8MiB) is reproducible.
GOOGLE_NEFARIO (66974548b96a1764cf00cfeb2d8cb19886b5a525bab72de322d1a7771f268938, 8MiB) is reproducible.
GOOGLE_NYAN (696b143555bde599369bad511029ce6e722198da2385687083e7987026fa160d, 4MiB) is reproducible.
GOOGLE_NYAN_BIG (aa715d7e6c1121272f330082713ab2625cd662cf0238b8ee3648881ef31acc9f, 4MiB) is reproducible.
GOOGLE_NYAN_BLAZE (62de19d2a1941c5f9e84f9cefda0428131c79c039e3656043e785a5ce588d820, 4MiB) is reproducible.
GOOGLE_OAK (696a47d94f66a2277103ac91044180b55a06e2148d3ddcf6100c5e4a721b7123, 4MiB) is reproducible.
GOOGLE_PAZQUEL (bcd555f0588c2739209fc50366a3c08ea237ecca92cd57bd9049ca83f121e5b7, 8MiB) is reproducible.
GOOGLE_PEACH_PIT (10d3548c530dd82eac8dd9314d238a7487bbe93847d9e8604fea9ea6341daef3, 4MiB) is reproducible.
GOOGLE_PICO (ed2a3148639d8b8fcea37eb19bd550dd5b2494e0a2c71b8ec5951cdb6ac33355, 8MiB) is reproducible.
GOOGLE_POMPOM (28fe695629c375c57e94ce1b58bbd2a9437c953717e80e560679655032c00532, 8MiB) is reproducible.
GOOGLE_PONYTA (997a524a2d3fcebb4cd8fa78834187a2d5ca52e72530b423fa4d5b0eae404c0f, 8MiB) is reproducible.
GOOGLE_QUACKINGSTICK (822871728725898054361c19261cd40002d8f3acef4927e364c68ed47e248dcd, 8MiB) is reproducible.
GOOGLE_RAINIER (803478155c401939ddf548ef03959df097b764be5c9ec0a831c07d8f6ca40b3b, 8MiB) is reproducible.
GOOGLE_RAURU (822a35d123871daf580bdd6223f5e4f8d0df696c583daf552e096f25f2997343, 8MiB) is reproducible.
GOOGLE_SCARLET (80b68aba5c1e2953204f5fd110286adf34ef283b36a1aa5af897e770cd9d1925, 8MiB) is reproducible.
GOOGLE_SKITTY (6e16d46b8afd1d8ec3542a7e18bbaae21c9cf9756f634eb6a0a361cac64a88ed, 8MiB) is reproducible.
GOOGLE_SMAUG (fb59c0b057dd5aaed1f669ecafe6bf52f2a7dc9fe6002d1944acdb034872c22d, 16MiB) is reproducible.
GOOGLE_SPHERION (196204bff7d1e227fba581332b3b925c56e05cfa8ff89d9459fc2f8d807ad59e, 8MiB) is reproducible.
GOOGLE_SQUIRTLE (a681d5f6063903e9922a16dc52627a6e2e9cb7acf031cd15321bced94ee4053e, 8MiB) is reproducible.
GOOGLE_STARMIE (fca289182638adbdae50a9489bff46fb5d63de24579fd36301d4a37a728ef979, 8MiB) is reproducible.
GOOGLE_STEELIX (bf66141c84086b6022d3c9dc0fb96fa142ad565739834f0c20729c3a19491544, 8MiB) is reproducible.
GOOGLE_STERN (cd54f2cdd5fdc9a22ddac6a764e3cabab72117d1f34d21b04869df2bfddf1418, 8MiB) is reproducible.
GOOGLE_STORM (516ae3e890b948047ce91fcaa328ab57e08331d61b46e8782a2857b7b663bf8f, 8MiB) is reproducible.
GOOGLE_TENTACRUEL (764cab405e5549d38786c052da9f0ff783c1ee1f1ff6d8f90fb796ba9d09ffc1, 8MiB) is reproducible.
GOOGLE_TOMATO (6c7ec77b1dd5ea99fa71d5594fab7d04d58d30441b77cee19f96170e8ecacacc, 8MiB) is reproducible.
GOOGLE_TROGDOR (14590646a2ea15dbc6097612ad92bd8b7c403ed50f38cd817e6c5d4b5e14d24e, 8MiB) is reproducible.
GOOGLE_VELUZA (177f0d487deaaefdfce4ade57b8771e05d1bb7aef0d4e7939b68713a030f8cea, 8MiB) is reproducible.
GOOGLE_VEYRON_JAQ (a6ae97164f9c47d2e2f2bf83053035bfb9a996db57aad976806890e13e86df70, 4MiB) is reproducible.
GOOGLE_VEYRON_JERRY (bf439e104b57bb183295ffa22a4d3fa7651f298124dea23717b67b24e5a37e42, 4MiB) is reproducible.
GOOGLE_VEYRON_MICKEY (de5f7dd4b6eaf0c0e1a3cb6d0ff1bd4d681866a0076327ce33dc2107acc2eb3b, 4MiB) is reproducible.
GOOGLE_VEYRON_MIGHTY (63b83fac377c7db6ad3087e8dd23b277fe0fb072b685682c16dffdf9674f98e1, 4MiB) is reproducible.
GOOGLE_VEYRON_MINNIE (68ed5b8c480ab4eb4523307ba826d9e6fabd92dec99b76175b9efd0130dd772b, 4MiB) is reproducible.
GOOGLE_VEYRON_RIALTO (8f61328282dfff97cf8aebb4a45c75d7f9b91115949b71a984b8824f3d5a78f8, 4MiB) is reproducible.
GOOGLE_VEYRON_SPEEDY (f88db24af6c32605323654e746b4a8fae9a585e41db5409a051ef7dd7090cba1, 4MiB) is reproducible.
GOOGLE_VOLTORB (096989bb01c8f44d4c4b24b132d3e9b2fb9aabc7d5d6fef7d29960181a986174, 8MiB) is reproducible.
GOOGLE_WILLOW (c87f367017d8f7aa787e16951440ded6e0aefd391e67ebb5aa0c7dc3ee65d757, 8MiB) is reproducible.
GOOGLE_WORMDINGLER (e5332500fca007990e881fa961fdba5a0c49960cafa1e61bdbbcc79dcd094f79, 8MiB) is reproducible.
GOOGLE_WUGTRIO (e76fafb1654029b175f6f515e0946617aa74bb710b71af5ab7de47c76d074054, 8MiB) is reproducible.
INTEL_AVENUECITY_CRB (6c24fa73f77b7b473753fae7f5d955239a505d1b9200de6cb116580e66c2ac3d, 64MiB) is reproducible.
INTEL_BEECHNUTCITY_CRB (a69d3d78cc3380206da8d003fdcc346d34ffc38c89270dcd80b521ad0eb5e2f3, 64MiB) is reproducible.
OPENCELLULAR_ELGON (49771a9baf75f24fa10a156a9193e5d38c360153c28a00973e27f76be4da0c94, 16MiB) is reproducible.
PCENGINES_APU2 (c117152694bd91790e191cd22a485aaa87e839a23effb4f0ee7f7fae29c4ff86, 8MiB) is reproducible.
PCENGINES_APU2_ (9288bbe3a1d7bdf3b4b5d40b7d012e69a42e4be630693307419097362632fe62, 8MiB) is reproducible.
PCENGINES_APU3 (3365af7ff87c0934497f58810445cffc3229ed304213e4e01430e813f54df76e, 8MiB) is reproducible.
PCENGINES_APU3_ (7c5a58d8f6fd6641e6aa7ef967b40e1dd28a6db07d7c6ef25b81c46bc1158f7d, 8MiB) is reproducible.
PCENGINES_APU4 (b52a1c739e9db474942c49a8762ef99eeab6ae7a8df9455aeb7486eeb8e3b46f, 8MiB) is reproducible.
PCENGINES_APU4_ (1b851d18537583e4ef26effdb5feb8933c05d6d2bce052a8ea1cbb919e0a2894, 8MiB) is reproducible.
PCENGINES_APU5 (cbdeda8ff1e08fdc3dee315e32b58311c0810998897eb849304fa0fb630b2158, 8MiB) is reproducible.
PCENGINES_APU5_ (38e5b4140d6ed3a58718bd23d5d7809a4d03044f64344ce4590cc1e108267dba, 8MiB) is reproducible.
PINE64_ROCKPRO64 (1e7e165f17f259a6c04fdbcde1dd068694b158b55aa9984b3b7edda2a7d6a048, 16MiB) is reproducible.
TI_BEAGLEBONE (755f70e7944711c73e1f0b2c0ff64359464929aa40eb61a6a7a46d1392eb9e72, 32MiB) is reproducible.
VIA_EPIA_EX (946366c2c0794a19fcbf31018a1a5c3bc2874378d2a6ad48070646df6fa62aa7, 512KiB) is reproducible.

commit 73d1980d23ab3ec95f67c8c881584c6bdea3f746
Author: Bora Guvendik 
Date:   Fri Nov 8 14:23:41 2024 -0800

    soc/intel/pantherlake/acpi: Update camera_clock_ctl.asl
    
    Fix ISCLK register definitions
    
    Reference: 813032 - Panther Lake H I/O Registers
    
    BUG=b:357011633
    TEST=check camera functionality on fatcat
    
    Change-Id: Ie9f1f639970344eb359dee37914ee26a02dcfb4b
    Signed-off-by: Bora Guvendik 
    Reviewed-on: https://review.coreboot.org/c/coreboot/+/85058
    Reviewed-by: Subrata Banik 
    Tested-by: build bot (Jenkins) 
    Reviewed-by: Kapil Porwal 
    Reviewed-by: Pranava Y N

cross toolchain source	sha256sum
acpica-unix-20230628.tar.gz	86876a745e3d224dcfd222ed3de465b47559e85811df2db9820ef09a9dff5cce
binutils-2.43.1.tar.xz	13f74202a3c4c51118b797a39ea4200d3f6cfbe224da6d1d95bb938480132dfd
gcc-14.2.0.tar.xz	a7b39bc69cbf9e25826c5a60ab26477001f7c08d85cec04bc0e29cabed6f3cc9
gmp-6.3.0.tar.xz	a3c2b80201b89e68616f4ad30bc66aee4927c3ce50e33929ca819d5c43538898
mpc-1.3.1.tar.gz	ab642492f5cf882b74aa0cb730cd410a81edcdbec895183ce930e706c1c759b8
mpfr-4.2.1.tar.xz	277807353a6726978996945af13e52829e3abd7a9a5b7fb2793894e18f1fcbb2

Debian 12.8 package on amd64	installed version
gcc	4:12.2.0-3
g++	4:12.2.0-3
make	4.3-4.1
cmake	3.25.1-1
flex	2.6.4-8.2
bison	2:3.8.2+dfsg-1+b1
pkg-config	1.8.1-1