making the order more clear, adding linux distros mailing lists to our cc

1 files changed, 13 insertions, 10 deletions

diff --git a/RELEASING_RAILS.rdoc b/RELEASING_RAILS.rdoc
index f4197e0eb2..cbc9d0e1de 100644
--- a/RELEASING_RAILS.rdoc
+++ b/RELEASING_RAILS.rdoc
@@ -145,22 +145,25 @@ commits should be added to the release branch besides regression fixing commits.
 Many of these steps are the same as for the release candidate, so if you need
 more explanation on a particular step, so the RC steps.
 
-=== Release the gem.
+Today, do this stuff in this order:
+
+* Apply security patches to the release branch
+* Update CHANGELOG with security fixes.
+* Update RAILS_VERSION to remove the rc
+* Release the gems
+* Email security lists
+* Email general announcement lists
 
-See steps for releasing the RC.  Make sure to release the gem before
-announcing security issues in the next step.
+=== Emailing the rails security announce list
 
-=== Email the rails security announce list, once for each vulnerability fixed.
+Email the security announce list once for each vulnerability fixed.
 
 You can do this, or ask the security team to do it.
 
-Email the security reports to: rubyonrails-security@googlegroups.com
+Email the security reports to:
 
-* Apply security patches to the release branch
-* Update CHANGELOG with security fixes.
-* Update RAILS_VERSION to remove the rc
-* Release the gems
-* Email announcement
+* rubyonrails-security@googlegroups.com
+* linux-distros@vs.openwall.org
 
 Be sure to note the security fixes in your announcement along with CVE numbers
 and links to each patch.  Some people may not be able to upgrade right away,