Contributors

Re: OCA and security notices

For me the path is clear: upgrade to the latest possible Odoo version, and that's why OpenUpgrade is done and funded by OCA itself, and the most famous OCA modules are migrated to all versions by regular contributors.

Regards.

by Pedro M. Baeza - 03:11 - 31 Dec 2020

Reference

OCA and security notices

Hi community,

Yesterday a security notices has been published.

Stefan has begun to bring one security fix to OCB with this PR

It raises what seems to be an important point about the handling of the security fixes for the unsupported Odoo version on OCB. Will this should be taken in charge by OCA, as OCB is under OCA umbrella or it'll remain on the goodwill of the community's members ? I don't have any problem with one of the possible responses.

My point is how do we takle the minimum about this topic. I mean how do we organize the contribution members on this topics ?

My first idea will be to open an issue on OCB for each security notice and organize the work as it done for modules migration. What do you think ? Creating a PSC team security could be another idea.

Finding the security issues seems to be easy but at this point we don't have a tracking on the ones that are brought back on the unsupported version on OCB.

Here at Coop IT Easy we'll probably focus on the versions affecting our customers it means 9.0 as 11.0 and later are still supported.

Regards,

Housine

Virus-free. www.avast.com

by Houssine BAKKALI - 11:46 - 23 Dec 2020

Archives

Contributors

Re: OCA and security notices

Re: OCA and security notices

Re: OCA and security notices

Reference

OCA and security notices

Follow us