Mailing list for security and other critical announcements?

[LuisN]

Does Parallels have a mailing list one can subscribe to in order to get security and other critical announcements regarding Plesk? For example, I only learned about the ProFTPD vulnerability through a web hoster that was nice enough to alert all its customers but that's not always going to be reliable.

Thanks!

 

[IgorG]

It was not Plesk security problem but proftpd service. Plesk use many thir-party components like php, mysql, proftpd, apache, etc and all these components have own security problems and announcements.

 

[Jonas21]

IgorG: thats true but *YOU* provide the psa-proftpd package and its your responsability to update it if there is a vulnerability. People purchase a one-key solution from you and expect updates if Parallels actually supplied the software.

 

[IgorG]

You can find all necessary information on our site. For example - Did you see it?
http://www.parallels.com/products/plesk/ProFTPD

 

[LuisN]

You can find all necessary information on our site. For example - Did you see it?
http://www.parallels.com/products/plesk/ProFTPD

That's assuming your customers visit your site daily. Not a good assumption.

Note: I tried to reply to your original response but the moderation system appears to have eaten my response. I'm not sure why since there was nothing questionable in my post. Am I the only one that things its strange that this forum is moderated?

 

[Bevan]

My answer to this thread wasn't accepted, too ;-)

At the moment I'm building a site where versions and security issues of third-party software that Plesk uses are listed: http://psa.bi-co.net/.

Who is interested in it can subscribe and will be informed as soon as I receive information concerning security problems. Also it would be great if people inform me when they hear about security problems in the listed software.

So we can build a network and ensure that everybody is informed quickly

--
edited on 14 Nov 2010, 01:57 GMT