Odoo Community Association
Replies: 3 comments
-
|
15.0 is already EOL (end of life) since the first of October. What I doubt is that such vulnerabilities that they mention really affect Odoo. One thing is to have an outdated version of the JS library X that contains N known vulnerabilities, and the other is that such vulnerabilities are exploitable in the Odoo code, because Odoo only makes use of a small fraction of it, and most of the times, the attacker is not even able to access externally to such libraries. |
Beta Was this translation helpful? Give feedback.
-
|
You can notify security issues responsibly following instructions from https://odoo-community.org/contactus. https://github.com/OCA/OCB still supports Odoo 15 and "EOL" has a different meaning there, if it has some. Possibly some contributor can fix those security issues if relevant. |
Beta Was this translation helpful? Give feedback.
-
|
I would suspect about such "vulnerabilities", as they probably don't impact
the parts used by Odoo, but it's worth checking.
Regards.
El mié, 20 nov 2024 a las 13:25, Jairo Llopis ***@***.***>)
escribió:
… You can notify security issues responsibly following instructions from
https://odoo-community.org/contactus.
https://github.com/OCA/OCB still supports Odoo 15 and "EOL" has a
different meaning there, if it has some. Possibly some contributor can fix
those security issues if relevant.
—
Reply to this email directly, view it on GitHub
<#191 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABWVOS3X3CSW55IIFBQ3YIL2BR5VJAVCNFSM6AAAAABQO5SJ7GVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTCMZSGE3TKNI>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
Hello everyone,
I developed a custom website using Odoo 15 Community. During the delivery phase, a security audit conducted by the client revealed vulnerabilities in certain JavaScript libraries (jQuery, underscore.js). Additionally, Odoo 15 will reach its end of support next November. However, upgrading to a newer version will take considerable time due to its complexity and the resources required.
My question is: what is the exact end-of-support date for Odoo 15 Community? Given that the migration will take time, what solutions would you recommend to address the vulnerabilities identified during the security audit?
Thanks for your help!
Beta Was this translation helpful? Give feedback.
All reactions