Update security document with the link to patch document.

Marin Jankovski
1 parent f7d2f360
Showing 2 changed files with 2 additions and 7 deletions Show diff stats
doc/release/patch.md
doc/release/security.md
@@ -12,6 +12,7 @@ Otherwise include it in the monthly release and note there was a regression fix 
 1. Create an issue on private GitLab development server
 1. Name the issue "Release X.X.X CE and X.X.X EE", this will make searching easier
 1. Fix the issue on a feature branch, do this on the private GitLab development server
+1. Consider creating and testing workarounds
 1. After the branch is merged into master, cherry pick the commit(s) into the current stable branch
 1. In a separate commit in the stable branch, update the VERSION and CHANGELOG
 1. For EE, update the CHANGELOG-EE if it is EE specific fix. Otherwise, merge the stable CE branch and add to CHANGELOG-EE "Merge community edition changes for version X.X.X"
@@ -13,14 +13,8 @@ Please report suspected security vulnerabilities in private to support@gitlab.co
  
 1. Verify that the issue can be repoduced
 1. Acknowledge the issue to the researcher that disclosed it
-1. Fix the issue on a feature branch, do this on the private GitLab development server and update the VERSION and CHANGELOG in this branch
-1. Consider creating and testing workarounds
+1. Do the steps from [patch release document](doc/release/patch.md), starting with "Create an issue on private GitLab development server"
 1. Create feature branches for the blog post on GitLab.com and link them from the code branch
-1. Merge the code feature branch into master
-1. Cherry-pick the code into the latest stable branch
-1. Create an annotated tag vX.X.X for CE and another patch release for EE
-1. Push the code and the tags to all the CE and EE repositories
-1. Apply the patch to GitLab Cloud and the private GitLab development server
 1. Merge and publish the blog posts
 1. Send tweets about the release from @gitlabhq
 1. Send out an email to the subscribers mailing list on MailChimp
...	...	@@ -12,6 +12,7 @@ Otherwise include it in the monthly release and note there was a regression fix
12	12	1. Create an issue on private GitLab development server
13	13	1. Name the issue "Release X.X.X CE and X.X.X EE", this will make searching easier
14	14	1. Fix the issue on a feature branch, do this on the private GitLab development server
	15	+1. Consider creating and testing workarounds
15	16	1. After the branch is merged into master, cherry pick the commit(s) into the current stable branch
16	17	1. In a separate commit in the stable branch, update the VERSION and CHANGELOG
17	18	1. For EE, update the CHANGELOG-EE if it is EE specific fix. Otherwise, merge the stable CE branch and add to CHANGELOG-EE "Merge community edition changes for version X.X.X"
...	...
...	...	@@ -13,14 +13,8 @@ Please report suspected security vulnerabilities in private to support@gitlab.co
13	13
14	14	1. Verify that the issue can be repoduced
15	15	1. Acknowledge the issue to the researcher that disclosed it
16		-1. Fix the issue on a feature branch, do this on the private GitLab development server and update the VERSION and CHANGELOG in this branch
17		-1. Consider creating and testing workarounds
	16	+1. Do the steps from [patch release document](doc/release/patch.md), starting with "Create an issue on private GitLab development server"
18	17	1. Create feature branches for the blog post on GitLab.com and link them from the code branch
19		-1. Merge the code feature branch into master
20		-1. Cherry-pick the code into the latest stable branch
21		-1. Create an annotated tag vX.X.X for CE and another patch release for EE
22		-1. Push the code and the tags to all the CE and EE repositories
23		-1. Apply the patch to GitLab Cloud and the private GitLab development server
24	18	1. Merge and publish the blog posts
25	19	1. Send tweets about the release from @gitlabhq
26	20	1. Send out an email to the subscribers mailing list on MailChimp
...	...