From 95a39e552801ce8ed8894d68b29c1888a64f5227 Mon Sep 17 00:00:00 2001
From: James Robinson <james.em.robinson@gmail.com>
Date: Wed, 22 May 2024 09:21:17 +0100
Subject: [PATCH 1/5] :alien: Upgrade to Guacamole 1.5.5 to avoid disconnection
 bug described here
 https://lists.apache.org/thread/0sok6jgddhoxl01yvvlptqf1ptqnp5lc

---
 .../resources/guacamole_docker_compose.mustache.yaml          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/deployment/secure_research_environment/cloud_init/resources/guacamole_docker_compose.mustache.yaml b/deployment/secure_research_environment/cloud_init/resources/guacamole_docker_compose.mustache.yaml
index d3493ae0bd..af716fd6f0 100644
--- a/deployment/secure_research_environment/cloud_init/resources/guacamole_docker_compose.mustache.yaml
+++ b/deployment/secure_research_environment/cloud_init/resources/guacamole_docker_compose.mustache.yaml
@@ -35,7 +35,7 @@ services:
 
     guacd:
         container_name: guacd_guacamole_compose
-        image: guacamole/guacd:1.5.4
+        image: guacamole/guacd:1.5.5
         networks:
             - network_private
         volumes:
@@ -47,7 +47,7 @@ services:
 
     guacamole:
         container_name: guacamole_guacamole_compose
-        image: guacamole/guacamole:1.5.4
+        image: guacamole/guacamole:1.5.5
         depends_on:
             guacd:
                 condition: service_started

From 60791cbb11b1f4fda75f323b9989e1bc6db0619e Mon Sep 17 00:00:00 2001
From: Jim Madge <jmadge@turing.ac.uk>
Date: Wed, 22 May 2024 09:41:32 +0100
Subject: [PATCH 2/5] Update supported versions

---
 SECURITY.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index f11adf3995..4fb522a9b1 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -7,8 +7,8 @@ All organisations using an earlier version in production should update to the la
 
 | Version                                                                                 | Supported          |
 | --------------------------------------------------------------------------------------- | ------------------ |
-| [4.2.0](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.2.0)   | :white_check_mark: |
-| < 4.2.0                                                                                 | :x:                |
+| [4.2.1](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.2.1)   | :white_check_mark: |
+| < 4.2.1                                                                                 | :x:                |
 
 ## Reporting a Vulnerability
 

From b071b95d417253f707169c34096221448a9c2373 Mon Sep 17 00:00:00 2001
From: Jim Madge <jmadge@turing.ac.uk>
Date: Wed, 22 May 2024 09:43:03 +0100
Subject: [PATCH 3/5] Update used versions

---
 VERSIONING.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/VERSIONING.md b/VERSIONING.md
index 6004e1b1e4..41801b06b5 100644
--- a/VERSIONING.md
+++ b/VERSIONING.md
@@ -67,6 +67,7 @@ We usually deploy the latest available version of the Data Safe Haven for each o
 | May 2023         | DSG 2023-05                   | [v4.0.3](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.0.3)           |
 | September 2023   | DDRC DSG Exeter 2023          | [v4.1.0](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.1.0)           |
 | December 2023    | DSG 2023-12                   | [v4.1.0](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.1.0)           |
+| May 2024         | DSG 2024-05                   | [v4.2.1](https://github.com/alan-turing-institute/data-safe-haven/releases/tag/v4.2.1)           |
 
 Additionally, a production instance of DSH is maintained for use by research projects at the Turing.
 

From 50ac8f9636bbe2cd3dbfeb5d6c369dba5c8439ea Mon Sep 17 00:00:00 2001
From: Matt Craddock <mcraddock@turing.ac.uk>
Date: Wed, 22 May 2024 09:52:59 +0100
Subject: [PATCH 4/5] Update release_checklist.md

---
 .github/ISSUE_TEMPLATE/release_checklist.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/ISSUE_TEMPLATE/release_checklist.md b/.github/ISSUE_TEMPLATE/release_checklist.md
index df97d6fff3..082659b713 100644
--- a/.github/ISSUE_TEMPLATE/release_checklist.md
+++ b/.github/ISSUE_TEMPLATE/release_checklist.md
@@ -17,6 +17,9 @@ Refer to the [Deployment](https://data-safe-haven.readthedocs.io/en/latest/deplo
 - [ ] Consult the `data-safe-haven/VERSIONING.md` guide and determine the version number of the new release. Record it in the title of this issue.
 - [ ] Create a release branch called e.g. `release-v0.0.1`
 - [ ] Draft a changelog for the release similar to our previous releases, see https://github.com/alan-turing-institute/data-safe-haven/releases
+
+### For minor releases and above
+
 - [ ] Deploy an SHM from this branch and save a transcript of the deployment logs
 - [ ] Build an SRE compute image (SRD) and save transcripts of the logs
 - Using the new image, deploy a tier 2 and a tier 3 SRE
@@ -24,7 +27,7 @@ Refer to the [Deployment](https://data-safe-haven.readthedocs.io/en/latest/deplo
     - [ ] Save the transcript of your tier 3 SRE deployment
 - [ ] Complete the [Security evaluation checklist](https://data-safe-haven.readthedocs.io/en/latest/deployment/security_checklist.html) from the deployment documentation
 
-### For major releases
+### For major releases only
 
 - [ ] Confirm that a third party has carried out a full penetration test evaluating:
   1. external attack surface
@@ -32,6 +35,10 @@ Refer to the [Deployment](https://data-safe-haven.readthedocs.io/en/latest/deplo
   1. ability to transfer data between SREs
   1. ability to escalate privileges on the SRD.
 
+### For patch releases
+
+- [ ] Confirm that the resource to which the patch applies can be successfully deployed
+
 ### Update documentation
 
 - [ ] Update supported versions in `SECURITY.md`

From edfc7882d48c4902c23e58698a4f0f5e91c39c63 Mon Sep 17 00:00:00 2001
From: James Robinson <james.em.robinson@gmail.com>
Date: Wed, 22 May 2024 09:56:37 +0100
Subject: [PATCH 5/5] :truck: Move patch section earlier

---
 .github/ISSUE_TEMPLATE/release_checklist.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/release_checklist.md b/.github/ISSUE_TEMPLATE/release_checklist.md
index 082659b713..acca08b093 100644
--- a/.github/ISSUE_TEMPLATE/release_checklist.md
+++ b/.github/ISSUE_TEMPLATE/release_checklist.md
@@ -18,6 +18,10 @@ Refer to the [Deployment](https://data-safe-haven.readthedocs.io/en/latest/deplo
 - [ ] Create a release branch called e.g. `release-v0.0.1`
 - [ ] Draft a changelog for the release similar to our previous releases, see https://github.com/alan-turing-institute/data-safe-haven/releases
 
+### For patch releases only
+
+- [ ] Confirm that the resource to which the patch applies can be successfully deployed
+
 ### For minor releases and above
 
 - [ ] Deploy an SHM from this branch and save a transcript of the deployment logs
@@ -35,10 +39,6 @@ Refer to the [Deployment](https://data-safe-haven.readthedocs.io/en/latest/deplo
   1. ability to transfer data between SREs
   1. ability to escalate privileges on the SRD.
 
-### For patch releases
-
-- [ ] Confirm that the resource to which the patch applies can be successfully deployed
-
 ### Update documentation
 
 - [ ] Update supported versions in `SECURITY.md`