66161b1566
Sistema NEXUS v3.4 migrado con: Estructura principal: - core/orchestration: Sistema SIMCO + CAPVED (27 directivas, 28 perfiles) - core/catalog: Catalogo de funcionalidades reutilizables - shared/knowledge-base: Base de conocimiento compartida - devtools/scripts: Herramientas de desarrollo - control-plane/registries: Control de servicios y CI/CD - orchestration/: Configuracion de orquestacion de agentes Proyectos incluidos (11): - gamilit (submodule -> GitHub) - trading-platform (OrbiquanTIA) - erp-suite con 5 verticales: - erp-core, construccion, vidrio-templado - mecanicas-diesel, retail, clinicas - betting-analytics - inmobiliaria-analytics - platform_marketing_content - pos-micro, erp-basico Configuracion: - .gitignore completo para Node.js/Python/Docker - gamilit como submodule (git@github.com:rckrdmrd/gamilit-workspace.git) - Sistema de puertos estandarizado (3005-3199) Generated with NEXUS v3.4 Migration System EPIC-010: Configuracion Git y Repositorios
41 lines
1.7 KiB
Markdown
41 lines
1.7 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| 18.0 | :white_check_mark: |
|
|
| 17.0 | :white_check_mark: |
|
|
| 16.0 | :white_check_mark: |
|
|
| <=15.0 | :x: |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Please share privately the details of your security vulnerability by contacting our Security Team:
|
|
[Contact Info](https://www.odoo.com/security-report)
|
|
|
|
Make sure to include as much information as possible, with the detailed steps to reproduce the problem,
|
|
the versions that are affected, the expected results and actual results, and any other information that
|
|
might help us react faster and more efficiently.
|
|
|
|
We tend to prefer _text-based descriptions_ accompanied with a proof-of-concept script/exploit, rather
|
|
than screenshots and videos.
|
|
|
|
Our [Responsible Disclosure](https://www.odoo.com/security-report) page gives an overview of the
|
|
process, including:
|
|
|
|
- Our Incident Response Procedure (what will happen after you report an issue)
|
|
- Our Rules (what you can and cannot do while researching security issues)
|
|
- Guidelines with **DO REPORT** and **DO NOT REPORT** issues
|
|
(what kind of issues will be accepted/rejected)
|
|
|
|
|
|
## Important note
|
|
|
|
We receive a majority of security reports that have little to no impact on the security of Odoo or
|
|
the Odoo Cloud, and we ultimately have to reject them. To avoid a disappointing experience when
|
|
contacting us, please try to put together a proof-of-concept attack and take a critical look at
|
|
what's really at risk.
|
|
If the proposed attack scenario turns out unrealistic, your report will probably be rejected.
|
|
Also be sure to review our list of [non-qualifying issues](https://www.odoo.com/security-report#what).
|