Dear Wiki user, You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.
The "Release_Procedure" page has been changed by NoahSlater: http://wiki.apache.org/couchdb/Release_Procedure?action=diff&rev1=163&rev2=164 == Checking the Candidate == + All of the standard checks are performed for you by the scripts. + - Assume that you cannot trust: + However, assume that you cannot trust: * The source code the archive was built from. * The host operating system the archive was built on. @@ -243, +245 @@ Some ideas: * Verify the contents of the generated files. + * This could be done by preparing your own reference archive, and comparing the files. * Audit the types of file contained within the archive. + * Is anything unexpected included in the archive? - * Run a virus or exploit scanner on the archive. + * Run a virus scanner on the archive. + * Are there any known threats detected? This part of the process is left to your discretion.
