touchpi is intended for hobbyists and not for productions systems. Nevertheless, security is important for touchpi maintainers and its community

The latest versions of touchpi is supported. touchpi sticks to the support cycle of Raspberry Pi OS (Debian). touchpi is being developed and mainly tested with the lowest operating system version which is currently being supported by Raspberry Pi Foundation. When a Debian version ist out of life, the development and library requirements are moved to the next higher version.

Nevertheless, touchpi works and is tested with higher Raspberry OS versions:

• Raspberry Pi OS Buster lite image
• Raspberry Pi OS Bullseye lite image
• Raspberry Pi OS Bookworm lite image

If you think you found a vulnerability, please report it right away by sending an email to: touchpi@bruu.eu. Please try to be as explicit as possible. Detailed description and example code helps to reproduce the security issue. Please restrain from public discussion a potential security vulnerability. It is better to talk in private to assess the risks and then decide how to limit the impact as much as possible in advance or whether to describe the threat publicly.

Thanks for your help!

The touchpi community and we thank you for that.