Contributors mailing list archives
contributors@odoo-community.org
Browse archives
Re: OCA and security notices
by
InitOS GmbH, Frederik Kramer
Hi Tom, at least i heard the same about other partners treating the even versions as innovative and the uneven as stabilizing. At initOS we pretty much do the same. To me even 2 years cyles seem somewhat odd in an ERP world. I personally think Odoo constantly tries to dance on several weddings. One of them is the VC that requires "measurable" process, the other general Marketing conduct (you always have to have news to sell / upsell) and than of course the underlying drag of community features into enterprise (and back ;-)). I'd personally recommend trying to optimize for a two year cycle but i am not really in favour of name that LTS, simply because that would again be a matter of discussion within the OCA and especially in the already difficult communication with Odoo S.A. So in short treating even versions as somewhat LTS (without naming it like that) is reasonable and probably a good strategy. For OpenUpgrade however we need to cover the uneven version in the same manner Best and happy new year in advance Frederik Am Donnerstag, den 31.12.2020, 13:56 +0000 schrieb Tom: > Odoo is not taking any responsibility for fixing security issues on > older versions. Since OCA is understaffed, it's hard to keep all > balls in the air: maintaining and bugfixing older modules, doing > security patches in OCB, maintaining OpenUpgrade, etc. > > I heard that Akretion is skipping the uneven versions of Odoo, but > maybe I heard wrong. > > Would it be a good idea to take the initiative to designate certain > versions as "LTS" releases, making sure that these have security > patches, bugfixes and an upgrade path? Similar to eg. Django or Linux > Mint. It might serve to bring more focus into a scattered (but > wonderful) open source effort. > > > Dec 23, 2020 11:47:43 Houssine BAKKALI <houssine@coopiteasy.be>: > > > Hi community, > > > > Yesterday a security notices has been published. > > > > Stefan has begun to bring one security fix to OCB with this PR > > > > It raises what seems to be an important point about the handling of > > the security fixes for the unsupported Odoo version on OCB. Will > > this should be taken in charge by OCA, as OCB is under OCA umbrella > > or it'll remain on the goodwill of the community's members ? I > > don't have any problem with one of the possible responses. > > > > My point is how do we takle the minimum about this topic. I mean > > how do we organize the contribution members on this topics ? > > > > My first idea will be to open an issue on OCB for each security > > notice and organize the work as it done for modules migration. What > > do you think ? Creating a PSC team security could be another idea. > > > > Finding the security issues seems to be easy but at this point we > > don't have a tracking on the ones that are brought back on the > > unsupported version on OCB. > > > > Here at Coop IT Easy we'll probably focus on the versions affecting > > our customers it means 9.0 as 11.0 and later are still supported. > > > > Regards, > > > > Housine > > > > > > Virus-free. www.avast.com > > _______________________________________________ > > Mailing-List: https://odoo-community.org/groups/contributors-15 > > Post to: mailto:contributors@odoo-community.org > > Unsubscribe: https://odoo-community.org/groups?unsubscribe > > > > _______________________________________________ > Mailing-List: https://odoo-community.org/groups/contributors-15 > Post to: mailto:contributors@odoo-community.org > Unsubscribe: https://odoo-community.org/groups?unsubscribe -- Dr.-Ing. Frederik Kramer Geschäftsführer initOS GmbH An der Eisenbahn 1 21224 Rosengarten Phone: +49 4105 56156-12 Fax: +49 4105 56156-10 Mobil: +49 179 3901819 Email: frederik.kramer@initos.com Web: www.initos.com Geschäftsführung: Dr.-Ing. Frederik Kramer & Dipl.-Ing. (FH) Torsten Francke Sitz der Gesellschaft: Rosengarten – Klecken Amtsgericht Tostedt, HRB 205226 Steuer-Nr: 15/200/53247 USt-IdNr.: DE815580155
Reference
-
OCA and security notices
byOpen Architects Consulting, Houssine BAKKALI- 23/12/2020 11:41:53 - 0-
-
-
-
-
-
Re: OCA and security notices
byGreenCloud Consulting, Juan Del Castillo Gómez- 02/01/2021 15:00:48 - 0 -
-
-
-
-
