projects / tools.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
release-tools/release.sh et al: introduce FULL_VERSION and use it
[tools.git] / HOWTO-make-a-release.md
diff --git a/HOWTO-make-a-release.md b/HOWTO-make-a-release.md
index dcfbfe65307f8f806c493410954ae4ceb9770376..0b4e523c425c161f798dd16d9d7b075aba88e53d 100644 (file)
--- a/HOWTO-make-a-release.md
+++ b/HOWTO-make-a-release.md
@@ -291,7 +291,7 @@ in this section.
 
 Check that the release has been uploaded properly.  The release tarballs and
 associated files should be in ~openssl/dist/new.  They should be owned by
-the openssl userid and world-readable.
+the "upload" userid and world-readable.
 
 Copy the tarballs to appropriate directories.  This can be done using the
 do-release.pl script.  See $TOOLS/release-tools/DO-RELEASE.md for a
@@ -327,6 +327,24 @@ option. You must specify the repository / remote and tag to be pushed:
 
     git push <repository> <tagname>
 
+Upload the release files to the "Releases" section on github. Visit this URL:
+
+https://github.com/openssl/openssl/releases
+
+Click the "Draft a new release" button. Give the release a title, e.g.
+"OpenSSL 3.1.0". Give it a description. Typically this will be the same text
+that was used in the newsflash.txt file to announce the release. Upload the
+four release files, e.g.
+
+openssl-3.1.0.tar.gz
+openssl-3.1.0.tar.gz.asc
+openssl-3.1.0.tar.gz.sha1
+openssl-3.1.0.tar.gz.sha256
+
+If this is not the latest stable release, uncheck the "Set as the latest release"
+checkbox. If this is an alpha or beta release check the "Set as a pre-release"
+checkbox. Finally click "Publish release".
+
 ## Updating the release data
 
 If there is a PR against the release repo to be merged, perform the merge
@@ -408,14 +426,21 @@ Then copy the result to the temporary directory on dev.openssl.org:
 To finish, log in on dev.openssl.org and send the signed Security
 Advisory by email as the user that signed the advisory.
 
-For all releases, send them to the default set of public mailing lists:
+For all releases, send it to the default set of public mailing lists:
 
     REPLYTO="openssl@openssl.org" mutt -s "OpenSSL Security Advisory" \
             openssl-project openssl-users openssl-announce \
             </tmp/secadv_FILENAME.txt.asc
 
-For premium releases, send them to support-announce as well *and
-separately*:
+We also send it separately to oss-security (to avoid cross-posting with our
+own lists):
+
+    REPLYTO="openssl@openssl.org" mutt -s "OpenSSL Security Advisory" \
+            oss-security@lists.openwall.com \
+            </tmp/secadv_FILENAME.txt.asc
+
+Finally we also, send it to support-announce as well *and separately*. We always
+do this, even if a premium release has not been affected:
 
     REPLYTO="openssl@openssl.org" mutt -s "OpenSSL Security Advisory" \
             support-announce </tmp/secadv_FILENAME.txt.asc
Unnamed repository; edit this file 'description' to name the repository.