• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Undocumented and wrong declared updates done although automated updates are disabled!

andre.spindler

Basic Pleskian
Hello I have Plesk 11.5.30 running on CentOS 6.5.

Today MU#37 was installed, but automated updates are disabled. Please tell why!
In configuration there is mentioned that critical security updates are installed anyway. I wanted to check this out, but at the moment the plesk knowledge base didn't find a microupdate #37 for plesk 11.5.30. Only for 11.0.9 and 10.4.4.
So there are updates installed on production systems BEFORE documentation is available!

Before I stated that security fixes are installed anyway. There has been installed MU36 for 11.5.30 automatically.
Look into the KB article: http://kb.parallels.com/en/120537

The following issues were resolved:

[-] Users could not add a CNAME record of a subdomain to the DNS zone of the main domain. ( PPPM-1009)
[-] IIS sites remained inactive after completion of server backup with the option "Suspend domains until backup task is completed". (PPPM-718, PPPM-46)
[-] Users could not create a subscription for a domain name that coincided with the Plesk server's host name. (PPPM-1462)

Summary by Parallels:

The 11.5.30 MU#36 update is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

Ah, some bugs now become a security fix - ???

By just incorrectly declaring sume bugfixes as a security fix this enforces all installations to install this update.
Does this mean that there are also criticical security fixes included in this update to legitimate a required update? And this is an act of cowardice by parallels not telling us about?

Please explain this.

André
 
Last edited by a moderator:
Back
Top