Liaise with security team, and with a JIRA search for any issues in this release which are Security: Unpublished. If there are matches,
Consult the "Security and Release Planning" spreadsheet and check the security items which are marked for this release:
* A security advisory node for each security fix must be ready to be published on https://civicrm.org
* A security advisory CiviMail must be ready to be sent to members of group Security Notifications ([more information](https://civicrm.org/security))
The release must be made within the security release window.
* Verify that each advisory is published. Ensure that the advisory's date matches the current date. (Tip: To ensure pleasant order, set the time as `12:00:{advisorynumber}`.) Ensure that the author is `dev-team`. Browse https://civicrm.org/advisory
* Verify that each JIRA issue is closed (Done/Fixed) with appropriate version#. Leave the security level as "Security: Unpublished".
Next, prepare a mail blast in CiviMail. The message should:
* Use the template below
* Link to each security advisory (Tip: Double-check these links. During the writing/editing process, the URL may change whenever someone fixes text in the advisory title.)
* Send the blast to members of the group "Security Notifications" ([more information](https://civicrm.org/security))
