The release cycle is in order of months currently, so when a
security fix is applied to LTS (long-term support) branches,
it is recommended to release a new version.
The idea is to keep the latest LTS tarball less vulnerable.
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
advisory to appropriate mailing lists (ovs-announce, ovs-discuss), and
post the security advisory on the Open vSwitch webpage.
+When the patch is applied to LTS (long-term support) branches, a new
+version should be released.
+
The security advisory should be GPG-signed by a security team member
with a key that is in a public web of trust.