Last Comment Bug 507800 - (bz-release341) Release Bugzilla 3.4.1
: Release Bugzilla 3.4.1
Product: Bugzilla
Classification: Server Software
Component: Bugzilla-General (show other bugs)
: 3.4
: All All
-- blocker (vote)
: ---
Assigned To: Max Kanat-Alexander
: default-qa
Depends on: 507801 507802
Blocks: bz-release
  Show dependency treegraph
Reported: 2009-08-01 03:59 PDT by Max Kanat-Alexander
Modified: 2009-08-01 08:40 PDT (History)
0 users
mkanat: blocking3.4.1+
See Also:
QA Whiteboard:
Iteration: ---
Points: ---

v1 (111.73 KB, patch)
2009-08-01 05:07 PDT, Max Kanat-Alexander
LpSolit: review+
Details | Diff | Splinter Review
Release Announcement, v1 (2.14 KB, text/plain)
2009-08-01 05:14 PDT, Max Kanat-Alexander
no flags Details
Release Announcement, v2 (2.14 KB, text/plain)
2009-08-01 05:28 PDT, Max Kanat-Alexander
LpSolit: review+

Description User image Max Kanat-Alexander 2009-08-01 03:59:34 PDT
There is a security issue in Bugzilla 3.4 that requires us to release 3.4.1.

I was originally going to also do a development release, 3.5.1, at this time, but it's so untested (even I haven't even used it at all, really) that I'm nervous about doing any release with it, even a development release.
Comment 1 User image Max Kanat-Alexander 2009-08-01 05:07:29 PDT
Created attachment 392081 [details] [diff] [review]

Here are the web site updates for 3.4, including a dummy security advisory that will be replaced with the real thing when we actually release.
Comment 2 User image Max Kanat-Alexander 2009-08-01 05:14:12 PDT
Created attachment 392082 [details]
Release Announcement, v1
Comment 3 User image Frédéric Buclin 2009-08-01 05:26:28 PDT
Comment on attachment 392081 [details] [diff] [review]

>Index: lib/releases-list.txt

>+3,4.1	2009/08/01	current

There is a comma instead of a dot after 3.

> 3.2.2	2009/02/03
> 3.2.3	2009/03/30
> 3.2.1	2009/02/02

Please reorder them: 3.2.3 should be above 3.2.2.

>Index: src/news/index.html

>+  We are releasing 3.4.1 to address this issue. We recommend that all
>+  Bugzilla administrators running 3.3.4, 3.4rc1, or 3.4 upgrade
>+  read the <a href="../security/3.4/">Security Advisory</a> that was
>+  published along with these releases, and upgrade immediately if your

"... with these releases, ..."? You mean "with this release" right?

>+  <li><a href="../download/#v34">Download 3.4.1</a></li>

This link still points to 3.4.

>Index: src/security/index.html

>+  <li><a href="3.4.1/">[2009-08-01] Security advisory for versions
>+    prior to 3.4.1</a></li>

The link should point to 3.4, not 3.4.1.
Comment 4 User image Max Kanat-Alexander 2009-08-01 05:28:15 PDT
Created attachment 392083 [details]
Release Announcement, v2

Fix the same text that LpSolit pointed out was in error on the news patch.
Comment 5 User image Max Kanat-Alexander 2009-08-01 07:25:13 PDT
I'm going to prepare the release now, as I'm assuming that all the tinderboxen are going to pass on the security fix (as enough have already passed).
Comment 6 User image Max Kanat-Alexander 2009-08-01 07:32:45 PDT
I've bumped the version number and tagged the releases:

Created Tags:
$VAR1 = {
          '3.4.1' => [
Comment 7 User image Max Kanat-Alexander 2009-08-01 08:00:43 PDT
tarball rolled and posted

website updates checked in
Comment 8 User image Max Kanat-Alexander 2009-08-01 08:40:41 PDT
Web site changes built and posted.

Sent out the sec adv and the release announcement.

Updated FreshMeat.

Bumped the version number post-release.

We're done.

Note You need to log in before you can comment on or make changes to this bug.