coreboot releases are currently done on a roughly quarterly release cycle.

In general these releases are done for OEM/ODMs and other groups who want a "stable" release base. If you are a developer or end user, we recommend that you use the master branch of the coreboot repository.

Get the coreboot source from the git repository

$ git clone

Release archives

Release Date Source Source
Blobs Blobs


The releases are signed with a PGP/GPG signature. To verify the release, run:

$ gpg --verify coreboot-24.02.tar.xz.sig coreboot-24.02.tar.xz

If you get a message saying "Can't check signature: No public key", copy the key fingerprint from below and fetch it from the keyserver.

$ gpg --receive-keys "574C E6F6 855C FDEB 7D36  8E9D 1979 6C2B 3E4F 7DF7"

Then rerun the verification step.

Note that the warnings "This key is not certified with a trusted signature!" and "There is no indication that the signature belongs to the owner." are normal


Fingerprints of keys used to sign the binaries as of 24.02:

C75A AA4E 5C9D B017 C1DC 6EDB DB1B 0EC2 9202 D874 - Matt DeVillier <>

1504 DB83 B939 05F5 160E B3FD 86EB 2116 4957 3F59 - Jason Glenesk (coreboot developer) <>

D0BB 76A6 FB81 653A 2B17 5BC2 DB68 2C09 2C49 D476 - Patrick Georgi <>

7642 F206 B20B 77DA EB5B 611A 53C8 8CBF BC4F 65F3 - Angel Pons <>

EB51 718A 2D22 AB1D A92C 74B1 1F99 1B62 CCC9 259B - Patrick Georgi <>

3D70 5758 E41E B17A 3D28 7549 4105 0E81 8DCB 9057 - Patrick Georgi <>

390D CF78 8BF9 AA50 4F8F F1E2 C29E 9DA6 A0DF 8604 - Alexander Couzens <> [expired]

574C E6F6 855C FDEB 7D36 8E9D 1979 6C2B 3E4F 7DF7 - Martin Roth (coreboot developer) <>

Go back to the main page