wswd

Well-Known Member
Aug 9, 2005
150
28
178
cPanel Access Level
Root Administrator
Just curious...why does it take days to update the changelog inside WHM?

We're on 11.40.1.3 but it's still showing 11.40.1.1 in the changelog. This happens all the time...literally all the time. I just happened to catch a thread here that said Build 3 was released. Normally I use the changelog to see the new updates, but it's never updated.

Any idea why?
 

mtindor

Well-Known Member
Sep 14, 2004
1,497
130
193
inside a catfish
cPanel Access Level
Root Administrator
Just curious...why does it take days to update the changelog inside WHM?

We're on 11.40.1.3 but it's still showing 11.40.1.1 in the changelog. This happens all the time...literally all the time. I just happened to catch a thread here that said Build 3 was released. Normally I use the changelog to see the new updates, but it's never updated.

Any idea why?
When a Targeted Security Release is issued, information about that release is not listed in the Changelog for days [or however long cPanel deems it sensible to keep that information out of the Changelog] in order to give admins a chance to update their servers. When cPanel feels enough time has passed for admins to have updated their cPanel installs, they list the information in the Changelog regarding that TSR.

Mike
 

Shavaun

Well-Known Member
Aug 15, 2013
106
0
91
cPanel Access Level
Root Administrator
If your server has received an update and the Change Log isn't displaying the information for the update, I recommend that you try the following steps:

1) Clear the cache in your browser and refresh the page. As simple as this step is, it should resolve the issue in many cases.
2) Wait a few hours from when the release went live. This provides our documentation servers time to sync.
3) Look on the forums for a post like this one http://forums.cpanel.net/f133/tsr-2013-0011-announcement-380142.html. As previously mentioned by the other posters, sometimes we have to delay detailed information for security reasons.

If all else fails, please don't hesitate to post here and we will double check to make sure everything is updated and synced.
 

wswd

Well-Known Member
Aug 9, 2005
150
28
178
cPanel Access Level
Root Administrator
Hi Shavaun,

Have tried 1 and 2, and it's not a caching issue.

As far as #3, there should never be a delay for security reasons. In fact, even more of a reason to put it in the changelog, so people know there is a new update available. You don't have to list the exact things that were wrong or fixed, but at least list that there is a new version available. For example, 11.40.1.3 : Security Update or something to that extent is all that is needed. Doesn't make things any less secure, and people know there is an update.

Seems simple...
 

mtindor

Well-Known Member
Sep 14, 2004
1,497
130
193
inside a catfish
cPanel Access Level
Root Administrator
Change Logs shows it, and if I log into my servers and click on Changelog, it is shown there as well.

You should consider getting on the mailing list. Mailing Lists | cPanel, Inc. . Another great mailing list is the HostingSecList.

If cPanel or a third party discovers a vulnerability and it is not disclosed publicly because the parties are working together to come up with a fix, then details about the vulnerability(s) shouldn't be published anywhere until such time that the fixes have been made available and server admins have had a chance to update. At least that is my feeling. And if you are on the cPanel mailing list, you are made aware that updates to resolve those issues are being pushed to the update servers -- sans details.

I do agree that it wouldn't hurt to have the new version at least listed in the Changelog, with very minimal information. But if you are on their mailing list you are made aware of it very quickly, likely quicker than you would ever see it in the Changelog. After all, most people I know check email a lot more often than they check the Changelog.

Mike
 

wswd

Well-Known Member
Aug 9, 2005
150
28
178
cPanel Access Level
Root Administrator
Change Logs shows it, and if I log into my servers and click on Changelog, it is shown there as well.
Yes, it shows it now. 11.40.1.3 wasn't in there quite literally for days.


If cPanel or a third party discovers a vulnerability and it is not disclosed publicly because the parties are working together to come up with a fix, then details about the vulnerability(s) shouldn't be published anywhere until such time that the fixes have been made available and server admins have had a chance to update.
Like I said, details regarding the vulnerabilities do not have to be disclosed or published. Not really sure why you keep going back to that. I already listed a reasonable alternative...you simply put that an update is available. Then you don't have to find it in a thread somewhere or via the mailing list, which I'm not really interested in joining right now. I don't want "company news, and other related topics", filling my inbox, to be honest. Updates and such are fine, but I could do without the rest.
 

wswd

Well-Known Member
Aug 9, 2005
150
28
178
cPanel Access Level
Root Administrator
And now it's gone again! Fantastic! The changelog in the servers is showing 11.40.1.1 as the latest, even though we're on 1.5.

You have to go to the "cPanel & WHM Change Log Feed" to see the actual changes.

I don't get it. This shouldn't be this difficult.
 

Shavaun

Well-Known Member
Aug 15, 2013
106
0
91
cPanel Access Level
Root Administrator
I apologize for the misunderstanding. The Change Log document is being updated - but it is not updating properly when viewed through WHM.

I've opened internal case 86225 on the issue and will post an update as soon as I have more information.

I understand that it is less convenient, but in the meantime you can view all updates here: CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki

Thank you for reporting this issue.
 

jimlongo

Well-Known Member
Mar 20, 2008
289
24
68
I apologize for the misunderstanding. The Change Log document is being updated - but it is not updating properly when viewed through WHM.

I've opened internal case 86225 on the issue and will post an update as soon as I have more information.

I understand that it is less convenient, but in the meantime you can view all updates here: CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki

Thank you for reporting this issue.
As has been noted before, the mirrors used for the documentation link above do not always update properly. For instance this link today is still on 11.40.1.5 although there have been 2 subsequent updates since then.

It's not a cache issue, I was just looking at .5, refreshed my browser's cache, checked again and the latest version is .4 !
 
Last edited:

wswd

Well-Known Member
Aug 9, 2005
150
28
178
cPanel Access Level
Root Administrator
Yep! Same as jimlongo.

What's perhaps even more hilarious is that the 3 places seem to be showing 3 different things. WHM is showing one thing, the TWiki is showing another, and the Change Logs (changelog.cpanel.net) is showing something completely different from the other two!! And even more...none of them are showing the correct update! Two of them have tons of updates missing in between. It goes from 11.40.0.29 right to 11.40.1.5 (and 11.40.1.4 on another) with nothing in between!

Come on cPanel...you're better than this! This is just completely ridiculous! Why not just put these all in one place, and actually keep it updated? Is there really a need for 3 documents (or more) if they aren't going to be updated? This isn't rocket science. It's a simple document. Surely somebody in the corporate office somewhere is dropping the ball on this. If one of my employees couldn't keep a simple document or two updated, they'd be shown the door. Not sure whose responsibility it is to update these, but it hasn't been done properly for at least several months...probably much longer.
 

Shavaun

Well-Known Member
Aug 15, 2013
106
0
91
cPanel Access Level
Root Administrator
We apologize for the delay in the 11.40.1.7 (and now 11.40.1.8) release information. Although it is security related, we normally update the Change Log as soon as we provide full disclosure about the update. We will update the Change Log with the recent releases soon. In the meantime you can find information on it here: TSR 2013-0012 Full Disclosure | cPanel, Inc..

We may have any number of internal builds before we release a new version of the product, which results in a jump in the version number. You can read more about how our release versions work here: cPanel & WHM Versions and the Release Process

ChangeLog.cpanel.net should point to Change Logs which does not contain any specific version information. It links to the other Change Log documents such as this one: CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki. Can you elaborate on what you see on that page that is incorrect, other than the absent 11.40.1.7/8 information?

I have been unable to reproduce the issue of 11.40.1.4 showing as the latest update on the 11.40 Change Log page (CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki), however I have refreshed the page on the server and hopefully that will address any lingering issues. If it continues to happen please make sure to mention it.

Internal ticket 86225 will address the missing updates in WHM when you select "Change Log."

If you notice any other discrepancies, please provide as specific detail as you can, so we can correct them.
 

wswd

Well-Known Member
Aug 9, 2005
150
28
178
cPanel Access Level
Root Administrator
Looks like we're back to business as usual. Changelog in WHM hasn't been updated in weeks, and now all the versions are different again...none of them close to actually being up-to-date.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
33
473
Go on, have a guess
It appears that with the new documentation site the old changelog RSS/Atom feeds are not being updated and there are no RSS/Atom feeds for the new one that I can find.