It's still available, but not as directly. The patches were provided with the intent that people could use those to upgrade their site if they are nervous about all the other changes (bugfixes, features) in core. They may have facilitated your use case, but it wasn't a primary purpose.
Now we provide two full releases: one that is the same as the previous core release but with the security patches (6.21) and one that is both security and all the bugfixes that have happened. This is easier for most users because it doesn't require working with patch files.
If you really want to see the specific changes, look at
http://drupalcode.org/project/drupal.git Click "log" next to the security only release so you see http://drupalcode.org/project/drupal.git/log/refs/tags/6.21 Click commitdiff next to the most recent commit so you see http://drupalcode.org/project/drupal.git/commitdiff/7c4e429b7fa771676a18321a...
Regards, Greg
On Thu, May 26, 2011 at 2:37 AM, Ivan Sergio Borgonovo mail@webthatworks.it wrote:
Once upon a time security advisories came with a link to: a) new drupal releases b) patches
Direct link to patches was quite useful to evaluate the changes and the security treat quickly.
security emails are in plain text so the increase in risk to trick users to download trojaned software should be minimal.
Could this feature be reintroduced?
thanks
-- Ivan Sergio Borgonovo http://www.webthatworks.it
-- [ Drupal support list | http://lists.drupal.org/ ]