Hi,
A patch for a "potentially exploitable crash" [0] in Firefox was made public by mistake, resulting in Firefox 52.7.3esr and Tor Browser 7.5.3, so we need yet another emergency release, Tails 3.6.2, which I'll be the RM for. This also gives us the opportunity to sneak in a few other important fixes. You can extract the plan from the release manager view:
https://labs.riseup.net/code/projects/tails/issues?query_id=295
Due to lack of RM resources the schedule is very relaxed:
* 2018-03-27: Start preparing Tails 3.6.2.
* 2018-03-30:
- Finish preparing Tails 3.6.2.
- Build and upload Tails 3.6.2.
- Start testing Tails 3.6.2.
* 2018-04-03:
- Finish testing Tails 3.6.2.
- Release Tails 3.6.2.
(((
Actually, the above schedule is so relaxed it paints a pretty pessimistic picture in terms of how long users are potentially vulnerable. I find the following schedule more likely to be what happens in practice *if* tester availability is good on 2018-03-29 and 2018-03-30:
* 2018-03-28:
- Finish preparing Tails 3.6.2.
* 2018-03-29:
- Build and upload Tails 3.6.2.
- Start testing Tails 3.6.2.
* 2018-03-30:
- Finish testing Tails 3.6.2.
- Release Tails 3.6.2.
)))
Usual testers, you'll be asked for your availability off-band. Others that want to help are encouraged to email me privately (unless you are fine with sharing your availability in public on this thread :)).
Cheers!
[0]
https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/