Seems like a new release should be done? Isn't that what RC and pre releases are for?

Was the release uploaded to pypi or a download page? If so, that's released IMHO. eg, debian, various news outlets, and others auto scan download pages for new releases.

Well, what we do is generate everything, then share it privately and quickly amongst the core team for final review before flipping switches and making things public. One actually important part of this is verifying things like "the package I download from what will become the public release URL has checksums that match what's in the checksum file", so it does have to actually go up on our server for that.

And if we catch a minor packaging error at this point, it's easy enough to fix on the spot without having to do an entire new release.

Except in this case somebody got really eager, saw the release process starting, and posted a link to our downloads page (and I'm not entirely certain if it would have been possible to get the incorrect package from it), rather than waiting for and linking to the release announcement once we'd vetted and made everything public.

That "somebody" would be me then. Sorry for any inconvenience this may have caused. I saw "Latest Release: 1.6" on the djangoproject.com home page, checked if it was on PyPI already (it was), did a "pip install Django" and got 1.6. These together to me seemed to be a pretty good sign that 1.6 was released.

Will wait for the official release announcement next time. Sorry again.

Next time around we'll probably do more to hide things up until the announcement (though of course we can't hide the commits on github, and the download URLs are predictable, so someone who sees the commits will be able to figure out where the release is going to live).

Perhaps the better thing to do for this would be that no changes are made between the last release candidate and the final release. Some projects do it, some don't.

Mistakes can be made if you have to do version number tweaks in various places before releasing.