We are committed to providing security updates and long-term stability for OpenCalcOS. This document outlines our support lifecycle and instructions for reporting security issues.
Also keep in mind that only the following are considered code vulnerabilities:
- Damage to the TI-Nspire CX
- Incorrect kernel logic or security holes in OCOS
- Other issues without hacking or custom scripts
We categorize our support status based on version milestones. Please ensure you are running a version that receives active security updates.
| Version Range | Status | Support Level |
|---|---|---|
| 550 and above | ✅ | Supported (Active updates & patches) |
| 450 – 549 | Deprecated (Legacy; requires update) | |
| Below 450 | ❌ | End of Life (Unsupported; security risk) |
Note: If you are running a version below 450, please upgrade to the latest stable release immediately to ensure your system remains secure.
We take the security of OpenCalcOS very seriously. If you have discovered a potential security vulnerability, please follow the guidelines below to help us resolve it quickly and responsibly.
To report a vulnerability, please create an Issue with the title [Vulnerability] where you will describe the specific problem, the TI-Nspire CX version, and other information.
- Acknowledgment: You will receive an initial response within 48 hours confirming that we have received your report.
- Timeline: We aim to investigate and provide an update on the status of your report within 7 days.
- Resolution: If the vulnerability is confirmed, we will work on a patch and coordinate a release date with you.
- Recognition: Once the vulnerability is patched and documented, we will acknowledge your contribution in our security advisories.
We ask that you keep the details of the vulnerability confidential until we have had sufficient time to release a fix and notify the community.