This is a request to version bump raspberrypi-firmware, raspberrypi-image, and raspberrypi-userland-bin to 1.20161020. Raspberrypi-image is likely vulnerable to DirtyCOW (CVE-2016-5195). Upstream released a new image in response. The new image needs new firmware to boot. Userland-bin should match the firmware. I version bumped the 3 packages, just changing the version number to 20161020 where relevant, and adding the ".tar.gz" ending to the raspberrypi-image packagename for download. Note if using the Raspberry Pi's hardware RNG, the module name changed from bcm2708_rng to bcm2835_rng, at least for the 1st gen Pi.
Bump, could we get a recent version? I hit a bug with the RPi sources now that they are based on 4.9.y kernel, which requires recent firmware files to work correctly with device trees (specifically 1wire-gpio in my case).
At the moment one has to use the live ebuild, or in case not having a fast internet connection, download a recent relase from their github and extract the files accordingly to what is written in the ebuild + the config files. The default kernel won't boot with the 2016 something firmware, nada.
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8087386405b15949bf94973b0a4a81181173cbcd and co.