[ANNOUNCE] Gerrit 3.4.4 w/ Security Fixes

[Luca Milanesio]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Gerrit version 3.4.4 is now available.

This release includes a fix to prevent DoS by anonymous users performing
unlimited changes queries. See the release notes for more details.

Release Notes:
https://www.gerritcodereview.com/3.4.html#344

Documentation:
http://gerrit-documentation.storage.googleapis.com/Documentation/3.4.4/index.html

Log of changes since 3.4.3:
https://gerrit.googlesource.com/gerrit/+log/v3.4.3..v3.4.4?no-merges

Download:
https://gerrit-releases.storage.googleapis.com/gerrit-3.4.4.war

SHA1:
2dee20817b3c439650c319dde6cd7a97770ad1f0

SHA256:
60265cad223d1d6df209a1ba30290c3c46719804de7e3780777e1b241e9889a3

MD5:
af8d4ea9228c49a0d5a671010e826f99

Maintainers' public keys:
https://www.gerritcodereview.com/releases/public-keys.md

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEmCU49QQ43XtIE8giC0731aK2mH4FAmI0yEwACgkQC0731aK2
mH5/lw//T7o+zLDPBdiamr3QLw8KZ9S5sAJjrAdGdrCec4iwAjQmCU2wrp694rnj
oWKo0kPz1ouFfardB5Uz6U9AXxh0WPRdcZMsTmEapYNVselL+b2P0SfdfkVO2b6A
1bN3cyYLHZCuJ0st9S8TUQBTPbIpmsQHFSiEM9ZPYd8nKWpxso3Axs2/JBCLipxX
U7LVRzyoCaDM2fFxAPOS7UEyHNkNIH39ltqdiUalhhjMkJlDPdu56TrbAYykmXIQ
TZc33Z94jC/9MaZ3V8O5hDxODbaj3Q13zNF4S/nIQE27JZuL3mfhTTeurbgTPJlS
psdrOTNIWtZN76GOGN1H1CA4EgzYqCoeCE+V92GiE/pu1yGwlKQRXjBPJt07jwBT
X+21Zlm0eWz7nY2FbnY/QL/ArteEyuPHettAM1zufaR7onadzP/oKJwhwjD6M+Y7
yUJXbJ4BvAUid9j7T6hL0KYvccsYeJ8aa+XSHi8aFhO7y4a3tlWl7iZWZM8K1m8u
eyZ8lACNULNIegPpmShibjtyxQa1EY7YUMovhrlLSt5Bt1wfmVLolNLU1YkyJEeJ
2FqBAPcCfJosHT92ABJehp1ZMmIkR9lN3FnhUtooStO071doF2p6ZU2eG5Tyybz6
m4RCeM7JT0iblNxX7/o+TW9PQMAuOVrc1ybxemPRO6wQFoWL23Q=
=uBQN
-----END PGP SIGNATURE-----

[Luca Milanesio]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Binary packages (Deb / Rpm) of Gerrit version 3.4.4 are now available
=====================================================================

How to install/upgrade: 3.4.4
*****************************

If you have a previous version of Gerrit 3.x installed via native packages:

(on Debian / Ubuntu)
apt-get update & apt-get install gerrit=3.4.4-1

(on CentOS / RedHat)
yum clean all && yum install gerrit-3.4.4-1

(on Fedora)
dnf clean all && dnf install gerrit-3.4.4-1

If it is a new installation and you don't have the GerritForge repositories
configured, please follow the instructions at:
http://gitenterprise.me/2015/02/27/gerrit-2-10-rpm-and-debian-packages-available/

Docker images
*************

Gerrit is distributed on DockerHub at:
https://hub.docker.com/r/gerritcodereview/gerrit/

The following tags have been published
3.4.4 => 3.4.4-almalinux8
3.4.4-almalinux8
3.4.4-ubuntu20

More information on how to use Gerrit Docker image for testing, staging, and production at:
https://gerrit.googlesource.com/docker-gerrit

NOTE: CentOS 8 AppStream has disappeared; AlmaLinux 8.5 is used as replacement for the Gerrit image.

MacOS native package
********************

MacOS Gerrit native installer is available for download at:

https://gerritforge.com/gerrit/mac/gerrit-installer-3.4.4.pkg

SHA1:
2d77578fe63992954ce873f8c38ea7be728d5150

SHA256:
19301e00ca96ad0fe2d13c1c9a34ebdd30e7db86e0467604bd481670506dedfc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEmCU49QQ43XtIE8giC0731aK2mH4FAmI0yM4ACgkQC0731aK2
mH7x0A//cJWLrN1cK9ri20PvMhyFgRUIEgvSlu2hse2ebIfPx22rxyQ7tm0kgrMH
k7FrSx4yFu6jqbe+C4vx4S9aKz8EK7WoF4EvMdJ+9u8VrKQMU4neK+3T+hZFcA8I
ysH5rVEk4v2puavX7sFrv25VP+EwAC/criz0p/k3DxntHNSfCZLzGdBBHsasfZ9t
SDShrgKq6lOIZv0i612HS9zpqUfnaJ7f1xu/EEM/rRma4SYprzNaGvJzdkjXy9M0
QxrHSCpAE+FIQn5dhwBLUILlUTag0bngJMc7P2oBjbrA91HVf/DejVZNLeiPyy3l
MIJsgz+Cz1/Ctn/9Z3OcnDS83u84I4LODCSz+JIMOqbFTVacqv8+mSjjp3q13Rhw
GLRcDoskIHCSuedW1v7uH6pjT4/rAlBDu68cqyhrqtCbQhJXXF2YKuws4xahG0nr
hWjsjayDzae7BUrJwu9Cj9FEUID5EOu3r5Xo9YaKajbG2EajX0Y3OrEIGspkC4+z
Ny4v2kLMjq/4UZRXszbQQFwWZRY0oZQRrAikXW2Roc/m0R+j1UGGZruy23Vzfzz6
Zi4x1ibK3WNekFdADpxqbyHhmxNuCMlTHsAR1xiz6DqDQ460mXLT7ywy/x6hvNCc
9HUrVRHj0hlGqvCY1YwEFxD120m41gkMtJcUrvaV3PKv2OE1w7k=
=TtEp
-----END PGP SIGNATURE-----