diff --git a/meta-lxatac-bsp/recipes-core/rauc/files/0001-src-nbd-initialize-info_headers-to-NULL.patch b/meta-lxatac-bsp/recipes-core/rauc/files/0001-src-nbd-initialize-info_headers-to-NULL.patch
deleted file mode 100644
index 4a4912ee..00000000
--- a/meta-lxatac-bsp/recipes-core/rauc/files/0001-src-nbd-initialize-info_headers-to-NULL.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 967d32571e226d15c345b2d8cec932a651716f4b Mon Sep 17 00:00:00 2001
-From: Enrico Jorns <ejo@pengutronix.de>
-Date: Thu, 18 Jan 2024 16:49:46 +0100
-Subject: [PATCH] src/nbd: initialize info_headers to NULL
-
-When g_variant_dict_lookup() does not find the given key, it does not
-modify the values of the arguments provided.
-
-This results in info_headers being undefined and can cause the
-rauc-nbd-server to crash, which will result in a broken request on
-client side that lets RAUC terminate hard with:
-
-(rauc:769): rauc-nbd-ERROR **: 15:40:30.553: failed to recv nbd config reply header
-
-The behavior of g_variant_dict_lookup() has also recently been clarified
-in the glib documentation:
-https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3334
-
-Upstream-Status: Submitted [https://github.com/rauc/rauc/pull/1332]
-
-Signed-off-by: Enrico Jorns <ejo@pengutronix.de>
----
- src/nbd.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/nbd.c b/src/nbd.c
-index 41c43b3..018022e 100644
---- a/src/nbd.c
-+++ b/src/nbd.c
-@@ -562,7 +562,7 @@ static void start_configure(struct RaucNBDContext *ctx, struct RaucNBDTransfer *
- 
- 	/* only read from the client on the first try */
- 	if (!ctx->url) {
--		GStrv info_headers; /* array of strings such as 'Foo: bar' */
-+		GStrv info_headers = NULL; /* array of strings such as 'Foo: bar' */
- 
- 		res = r_read_exact(ctx->sock, (guint8*)data, xfer->request.len, NULL);
- 		g_assert_true(res);
diff --git a/meta-lxatac-bsp/recipes-core/rauc/rauc-conf.bbappend b/meta-lxatac-bsp/recipes-core/rauc/rauc-conf.bbappend
new file mode 100644
index 00000000..da83f234
--- /dev/null
+++ b/meta-lxatac-bsp/recipes-core/rauc/rauc-conf.bbappend
@@ -0,0 +1,52 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+
+DEPENDS += "openssl-native"
+RDEPENDS:${PN} += "bash"
+
+SRC_URI += " \
+    file://rauc-disable-cert.sh \
+    file://rauc-enable-cert.sh \
+    file://devel.cert.pem \
+    file://stable.cert.pem \
+    file://testing.cert.pem \
+    "
+
+do_install:append() {
+    install -D -m 0755 ${WORKDIR}/rauc-disable-cert.sh \
+        ${D}${bindir}/rauc-disable-cert
+
+    install -D -m 0755 ${WORKDIR}/rauc-enable-cert.sh \
+        ${D}${bindir}/rauc-enable-cert
+
+    install -d ${D}${sysconfdir}/rauc/certificates-available
+    install -d ${D}${sysconfdir}/rauc/certificates-enabled
+
+    # Ship the different release channel certificates with each image.
+    # Which of these gets activated when updating via RAUC is decided in
+    # the RAUC hook.
+    # The RAUC hook will activate the certificate matching the key the
+    # bundle was signed with.
+    for cert in devel stable testing; do
+        install -D -m 0644 ${WORKDIR}/${cert}.cert.pem \
+            ${D}${sysconfdir}/rauc/certificates-available/${cert}.cert.pem
+    done
+
+    KEYRING_FILE_NAME=$(basename "${RAUC_KEYRING_FILE}")
+
+    # If RAUC_KEYRING_FILE is not overridden by a customization layer on top
+    # of meta-lxatac this will point to devel.cert.pem and the file
+    # installed above is overwritten by this mv.
+    # If RAUC_KEYRING_FILE is overridden the extra cert will be installed
+    # along with the other ones.
+    mv ${D}${sysconfdir}/rauc/${KEYRING_FILE_NAME} \
+        ${D}${sysconfdir}/rauc/certificates-available/${KEYRING_FILE_NAME}
+
+    # Due to the certificate enable/disable logic in the RAUC hook the
+    # following line is only relevant for images _not_ installed via RAUC.
+    for cert in ${RAUC_CERT_ENABLE}; do
+        ln -s ../certificates-available/${cert} \
+            ${D}${sysconfdir}/rauc/certificates-enabled/${cert}
+    done
+
+    openssl rehash ${D}${sysconfdir}/rauc/certificates-enabled
+}
diff --git a/meta-lxatac-bsp/recipes-core/rauc/rauc_%.bbappend b/meta-lxatac-bsp/recipes-core/rauc/rauc_%.bbappend
index 913dcad4..e352ea21 100644
--- a/meta-lxatac-bsp/recipes-core/rauc/rauc_%.bbappend
+++ b/meta-lxatac-bsp/recipes-core/rauc/rauc_%.bbappend
@@ -1,58 +1,14 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
 
-RDEPENDS:${PN}:append = "bash e2fsprogs-resize2fs"
+RDEPENDS:${PN} += "e2fsprogs-resize2fs"
 
-SRC_URI:append = " \
-    file://0001-src-nbd-initialize-info_headers-to-NULL.patch \
+SRC_URI += " \
     file://require-mount-srv.conf \
-    file://rauc-disable-cert.sh \
-    file://rauc-enable-cert.sh \
-    file://devel.cert.pem \
-    file://stable.cert.pem \
-    file://testing.cert.pem \
     "
 
 do_install:append() {
     install -D -m 0644 ${WORKDIR}/require-mount-srv.conf \
         ${D}${systemd_unitdir}/system/rauc.service.d/require-mount-srv.conf
-
-    install -D -m 0755 ${WORKDIR}/rauc-disable-cert.sh \
-        ${D}${bindir}/rauc-disable-cert
-
-    install -D -m 0755 ${WORKDIR}/rauc-enable-cert.sh \
-        ${D}${bindir}/rauc-enable-cert
-
-    install -d ${D}${sysconfdir}/rauc/certificates-available
-    install -d ${D}${sysconfdir}/rauc/certificates-enabled
-
-    # Ship the different release channel certificates with each image.
-    # Which of these gets activated when updating via RAUC is decided in
-    # the RAUC hook.
-    # The RAUC hook will activate the certificate matching the key the
-    # bundle was signed with.
-    for cert in devel stable testing; do
-        install -D -m 0644 ${WORKDIR}/${cert}.cert.pem \
-            ${D}${sysconfdir}/rauc/certificates-available/${cert}.cert.pem
-    done
-
-    KEYRING_FILE_NAME=$(basename "${RAUC_KEYRING_FILE}")
-
-    # If RAUC_KEYRING_FILE is not overridden by a customization layer on top
-    # of meta-lxatac this will point to devel.cert.pem and the file
-    # installed above is overwritten by this mv.
-    # If RAUC_KEYRING_FILE is overridden the extra cert will be installed
-    # along with the other ones.
-    mv ${D}${sysconfdir}/rauc/${KEYRING_FILE_NAME} \
-        ${D}${sysconfdir}/rauc/certificates-available/${KEYRING_FILE_NAME}
-
-    # Due to the certificate enable/disable logic in the RAUC hook the
-    # following line is only relevant for images _not_ installed via RAUC.
-    for cert in ${RAUC_CERT_ENABLE}; do
-        ln -s ../certificates-available/${cert} \
-            ${D}${sysconfdir}/rauc/certificates-enabled/${cert}
-    done
-
-    openssl rehash ${D}${sysconfdir}/rauc/certificates-enabled
 }
 
 FILES:${PN} += "${systemd_unitdir}/system/rauc.service.d/"
diff --git a/meta-rauc b/meta-rauc
index 760e9926..f6b3fcd2 160000
--- a/meta-rauc
+++ b/meta-rauc
@@ -1 +1 @@
-Subproject commit 760e9926239739385348501326e522973e5091af
+Subproject commit f6b3fcd20bc08be8bb41a93feffd94b1626b3c6c