summaryrefslogtreecommitdiff
path: root/.gitlab/issue_templates/Security Release.md
blob: a3689bff4502009ff8911edc81701edca1cfe4bc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<!--
# Read me first!

Set the title to: `Security Release: 12.2.X, 12.1.X, and 12.0.X`
-->

## Releases tasks

- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/release-manager.md
- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md
- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/security-engineer.md

## Version issues:

12.2.X, 12.1.X, 12.0.X: {release task link}

## Issues in GitLab Security

To include your issue and merge requests in this Security Release, please mark
your security issues as related to this release tracking issue. You can do this
in the "Linked issues" section below this issue description.

:warning: If your security issues are not marked as related to this release
tracking issue, their merge requests may not be included in the security
release.

## Issues in Omnibus-GitLab

Omnibus security fixes need to be added manually to this issue description
using and below the following template:

```markdown
* {https://gitlab.com/gitlab-org/security/gitlab/issues/ link}

| Version | MR |
|---------|----|
| 12.2 | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
| 12.1 | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
| 12.0 | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
| master | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
```

## QA
{QA issue link}

## Blog post

Dev: {https://dev.gitlab.org/gitlab/www-gitlab-com/merge_requests/ link}<br/>
GitLab.com: {https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/ link}

## Email notification
{https://gitlab.com/gitlab-com/marketing/general/issues/ link}

/label ~security ~"upcoming security release"
/confidential