From 22e611ed5b0a708d17ef2e7574bcdf2edf2db01b Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Tue, 16 Aug 2011 17:39:58 -0700 Subject: making the order more clear, adding linux distros mailing lists to our cc --- RELEASING_RAILS.rdoc | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'RELEASING_RAILS.rdoc') diff --git a/RELEASING_RAILS.rdoc b/RELEASING_RAILS.rdoc index f4197e0eb2..cbc9d0e1de 100644 --- a/RELEASING_RAILS.rdoc +++ b/RELEASING_RAILS.rdoc @@ -145,22 +145,25 @@ commits should be added to the release branch besides regression fixing commits. Many of these steps are the same as for the release candidate, so if you need more explanation on a particular step, so the RC steps. -=== Release the gem. +Today, do this stuff in this order: + +* Apply security patches to the release branch +* Update CHANGELOG with security fixes. +* Update RAILS_VERSION to remove the rc +* Release the gems +* Email security lists +* Email general announcement lists -See steps for releasing the RC. Make sure to release the gem before -announcing security issues in the next step. +=== Emailing the rails security announce list -=== Email the rails security announce list, once for each vulnerability fixed. +Email the security announce list once for each vulnerability fixed. You can do this, or ask the security team to do it. -Email the security reports to: rubyonrails-security@googlegroups.com +Email the security reports to: -* Apply security patches to the release branch -* Update CHANGELOG with security fixes. -* Update RAILS_VERSION to remove the rc -* Release the gems -* Email announcement +* rubyonrails-security@googlegroups.com +* linux-distros@vs.openwall.org Be sure to note the security fixes in your announcement along with CVE numbers and links to each patch. Some people may not be able to upgrade right away, -- cgit v1.2.3