• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Update notes not in release notes

matt.simpson

matt.simpson

Basic Pleskian
Hello Parallels,

Can you do me a kindness? Please do not release micro updates without adding some sort of documentation to your release notes section. The documentation should be done before the MU is available for download so people know what "important" security updates they are / have applied. I've noticed this happening with a good number of the 11.0.9 micro updates (#16 being the latest).

While we're on the topic, change log entries like "Major security enhancements." in #13 really needs to be elaborated on IMO. You don't need to go into specifics, but at least give us a clue what you're changing before we apply an update.

2c,
-Matt Simpson
 
Please do not release micro updates without adding some sort of documentation to your release notes section. The documentation should be done before the MU is available for download so people know what "important" security updates they are / have applied. I've noticed this happening with a good number of the 11.0.9 micro updates (#16 being the latest).
Click to expand...

If you have enabled manual mode of MU installation it doesn't matter when we publish notification because you can wait and read announcement and then make decision of installing or not installing this MU.
If you have enabled automatic mode of MU installation it doesn't matter as well because MU will be applied despite fact when you read announcement.

While we're on the topic, change log entries like "Major security enhancements." in #13 really needs to be elaborated on IMO. You don't need to go into specifics, but at least give us a clue what you're changing before we apply an update.
Click to expand...

When we fix well known security issue we publish corresponding CVE. When we fix security issue which was found with help of internal audit we can't provide any information because it is security question and we do not want to give any hint to intruders. But we provide indicator for customers - Minor, Major or Critical security update. I think it is enough for most customers for making decision about importance of this security MU.
 
You must log in or register to reply here.

Similar threads

learning_curve
Resolved Fail2Ban Update By Plesk?
Replies
5
Views
2K
IgorG
IgorG
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
2K
iainh
I
Automata
  • Poll
Input FEATURE REQUEST: Add SSH2 extension to PHP default extensions to improve security.
Replies
2
Views
2K
Automata
Automata
korsar
  • Sticky
Important Keep your Plesk server up-to-date to have it secure and features complete
Replies
2
Views
9K
IvanV
I
J
Issue “Driver's SQLAllocHandle on SQL_HANDLE_ENV failed” after component update 7 May 2019
Replies
3
Views
8K
Janus Bahs Jacquet
J
Back
Top