Security
The Security page will hopefully some day migrate into the main maemo.org site, until then this wiki page attempts to collect all available information about any security issues in maemo software and third-party maemo applications.
Also, please note that this wiki page may be edited by anyone and is therefore not an official and verified security bulletin or authoritative source for security issues.
Reporting security issues
Bugs
This is a collection of open security issues in maemo software and third party applications available through the maemo.org Application Catalog and the Nokia ITOS distribution.
- 1173: Mnotify's link to Gmail not https
- 1768: Email app doesn't verify SSL certificates
- 1795: MicroB uses pre-1.9 mozilla password manager
- 2332: IM client accepts self-signed certificates
- 2770: /dev/urandom produces predicatble data just after boot
Wishlist
Please vote for the security related features you would like to have by clicking through to bugzilla in the Wishlist below.
- 387: Impossible to specify proxy username and password
- 417: WEP with 802.1x EAP PEAP not supported
- 637: CA Certificates not backed up or restored
- 639: Certificate Manager does not import PKCS#7 files
- 1921: OTR support for IM client
- 2097: Openssh Server Needs a GUI
Contacts
The main security reporting contact point is security@maemo.org. For details, please see "Reporting security issues".
You may also use any of the following volunteers as contacts for any security issues in maemo code or third-party maemo applications. We can help you with confirming potential security issues, filing security-related bug reports and coordinating with third party developers.
- Tagged for Security
- Security