From 92c1bc18e4db1695dcb47e8bf6a46263a4931b94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Tue, 14 Oct 2025 14:55:12 +0200 Subject: [PATCH 1/5] Bump OS to pre-release version 16.3.rc1 --- buildroot-external/meta | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/buildroot-external/meta b/buildroot-external/meta index e5e7bbb76..42afb1ad4 100644 --- a/buildroot-external/meta +++ b/buildroot-external/meta @@ -1,8 +1,8 @@ VERSION_MAJOR="16" VERSION_MINOR="3" -VERSION_SUFFIX="dev0" +VERSION_SUFFIX="rc1" HASSOS_NAME="Home Assistant OS" HASSOS_ID="haos" -DEPLOYMENT="development" +DEPLOYMENT="staging" From 25c082fc7d9a595a5d59ffc145ac5e51867d23f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Viktor=20Ljungstr=C3=B6m?= Date: Wed, 29 Oct 2025 08:47:38 +0100 Subject: [PATCH 2/5] Disable UAS via usb-storage.quirks on RPi for JMicron JMS583Gen 2 to PCIe Gen3x2 Bridge (#4366) Vendor ID: 152d Product ID: 0583 (cherry picked from commit 4e7b99d2339900385abca98f7b7fa7dceb7fbe23) --- buildroot-external/board/raspberrypi/cmdline.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buildroot-external/board/raspberrypi/cmdline.txt b/buildroot-external/board/raspberrypi/cmdline.txt index 211e1eec4..0efd20342 100644 --- a/buildroot-external/board/raspberrypi/cmdline.txt +++ b/buildroot-external/board/raspberrypi/cmdline.txt @@ -1 +1 @@ -dwc_otg.lpm_enable=0 console=tty0 usb-storage.quirks=174c:55aa:u,2109:0715:u,152d:0578:u,152d:0579:u,152d:1561:u,174c:0829:u,14b0:0206:u,174c:225c:u,7825:a2a4:u,152d:0562:u,125f:a88a:u,152d:a583:u,152d:a578:u +dwc_otg.lpm_enable=0 console=tty0 usb-storage.quirks=174c:55aa:u,2109:0715:u,152d:0578:u,152d:0579:u,152d:1561:u,174c:0829:u,14b0:0206:u,174c:225c:u,7825:a2a4:u,152d:0562:u,125f:a88a:u,152d:a583:u,152d:a578:u,152d:0583:u From 3cdb465ecfac52d444c88b00b174d349d2085311 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Wed, 29 Oct 2025 13:50:49 +0100 Subject: [PATCH 3/5] Fix Docker issue that could cause slow system startup (#4369) A bug introduced in Docker v28.2+ can cause slow container restart in some cases because of usage of IPv4 mapped IPv6 addresses in iptables command. Backport a simple patch from upstream to fix it before we bump to a newer Docker version. Fixes #4363 (cherry picked from commit b3a9e765219246f88997a9f51fae5bbf25b409ce) --- ...map-IPv4-addresses-loaded-from-store.patch | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 buildroot-external/patches/docker-engine/0001-Unmap-IPv4-addresses-loaded-from-store.patch diff --git a/buildroot-external/patches/docker-engine/0001-Unmap-IPv4-addresses-loaded-from-store.patch b/buildroot-external/patches/docker-engine/0001-Unmap-IPv4-addresses-loaded-from-store.patch new file mode 100644 index 000000000..7daff6438 --- /dev/null +++ b/buildroot-external/patches/docker-engine/0001-Unmap-IPv4-addresses-loaded-from-store.patch @@ -0,0 +1,33 @@ +From 050f3d1930d9bf4fea986ed21feaaa6474822191 Mon Sep 17 00:00:00 2001 +From: Rob Murray +Date: Wed, 27 Aug 2025 16:37:00 +0100 +Subject: [PATCH] Unmap IPv4 addresses loaded from store +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When a endpoint's net.IPNet is loaded from store and converted +to a netip.Addr, unmap it so that iptables rules don't contain +IPv4-mapped IPv6 addresses. + +Signed-off-by: Rob Murray +(cherry picked from commit 071e6472db32a34ed0f73f7166e0c2b405ae23a5) +Signed-off-by: Rob Murray +(backported for 28.3.3 from 31f405932a349e99f45388afe764ec5433b30de2) +Signed-off-by: Jan Čermák +--- + libnetwork/drivers/bridge/bridge_linux.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/libnetwork/drivers/bridge/bridge_linux.go b/libnetwork/drivers/bridge/bridge_linux.go +index 19fcf43..15002f2 100644 +--- a/libnetwork/drivers/bridge/bridge_linux.go ++++ b/libnetwork/drivers/bridge/bridge_linux.go +@@ -1218,6 +1218,7 @@ func (d *driver) CreateEndpoint(ctx context.Context, nid, eid string, ifInfo dri + func (ep *bridgeEndpoint) netipAddrs() (v4, v6 netip.Addr) { + if ep.addr != nil { + v4, _ = netip.AddrFromSlice(ep.addr.IP) ++ v4 = v4.Unmap() + } + if ep.addrv6 != nil { + v6, _ = netip.AddrFromSlice(ep.addrv6.IP) From eef29878b417fd474f91b8b0557952b0d712f2ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Fri, 31 Oct 2025 12:29:57 +0100 Subject: [PATCH 4/5] Remove usage of --content-trust CLI option in Supervisor tests (#4371) With https://github.com/home-assistant/cli/pull/604, there is no --content-trust option anymore. Remove the call and only check if Supervisor is healthy and there are no issues. This replaces #4370 which is too broad. (cherry picked from commit 1d29f6b099d797215f0be22b69c281d3425f6992) --- tests/supervisor_test/test_supervisor.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/tests/supervisor_test/test_supervisor.py b/tests/supervisor_test/test_supervisor.py index 2b8bc1b2a..ec9266d73 100644 --- a/tests/supervisor_test/test_supervisor.py +++ b/tests/supervisor_test/test_supervisor.py @@ -117,11 +117,7 @@ def test_addon_install(shell_json): @pytest.mark.dependency(depends=["test_supervisor_is_updated"]) -def test_code_sign(shell_json): - # enable Content-Trust - assert ( - shell_json("ha security options --content-trust=true --no-progress --raw-json").get("result") == "ok" - ), "Content-Trust enable failed" +def test_supervisor_errors(shell_json): # run Supervisor health check health_check = shell_json("ha resolution healthcheck --no-progress --raw-json") assert health_check.get("result") == "ok", "Supervisor health check failed" From bd5ea3763f7cb7e47c280f72b837e12b6578bd8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Mon, 3 Nov 2025 12:48:01 +0100 Subject: [PATCH 5/5] Bump OS to release version 16.3 --- buildroot-external/meta | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/buildroot-external/meta b/buildroot-external/meta index 42afb1ad4..b9d0b37a6 100644 --- a/buildroot-external/meta +++ b/buildroot-external/meta @@ -1,8 +1,8 @@ VERSION_MAJOR="16" VERSION_MINOR="3" -VERSION_SUFFIX="rc1" +VERSION_SUFFIX="" HASSOS_NAME="Home Assistant OS" HASSOS_ID="haos" -DEPLOYMENT="staging" +DEPLOYMENT="production"