Changelog Never Updated...Why?

[wswd]

Just curious...why does it take days to update the changelog inside WHM?

We're on 11.40.1.3 but it's still showing 11.40.1.1 in the changelog. This happens all the time...literally all the time. I just happened to catch a thread here that said Build 3 was released. Normally I use the changelog to see the new updates, but it's never updated.

Any idea why?

 

[mtindor]

Just curious...why does it take days to update the changelog inside WHM?

We're on 11.40.1.3 but it's still showing 11.40.1.1 in the changelog. This happens all the time...literally all the time. I just happened to catch a thread here that said Build 3 was released. Normally I use the changelog to see the new updates, but it's never updated.

Any idea why?

When a Targeted Security Release is issued, information about that release is not listed in the Changelog for days [or however long cPanel deems it sensible to keep that information out of the Changelog] in order to give admins a chance to update their servers. When cPanel feels enough time has passed for admins to have updated their cPanel installs, they list the information in the Changelog regarding that TSR.

Mike

 

[tank]

Good answer. That makes complete sense

 

[Shavaun]

If your server has received an update and the Change Log isn't displaying the information for the update, I recommend that you try the following steps:

1) Clear the cache in your browser and refresh the page. As simple as this step is, it should resolve the issue in many cases.
2) Wait a few hours from when the release went live. This provides our documentation servers time to sync.
3) Look on the forums for a post like this one http://forums.cpanel.net/f133/tsr-2013-0011-announcement-380142.html. As previously mentioned by the other posters, sometimes we have to delay detailed information for security reasons.

If all else fails, please don't hesitate to post here and we will double check to make sure everything is updated and synced.

 

[wswd]

Hi Shavaun,

Have tried 1 and 2, and it's not a caching issue.

As far as #3, there should never be a delay for security reasons. In fact, even more of a reason to put it in the changelog, so people know there is a new update available. You don't have to list the exact things that were wrong or fixed, but at least list that there is a new version available. For example, 11.40.1.3 : Security Update or something to that extent is all that is needed. Doesn't make things any less secure, and people know there is an update.

Seems simple...

 

[mtindor]

Change Logs shows it, and if I log into my servers and click on Changelog, it is shown there as well.

You should consider getting on the mailing list. Mailing Lists | cPanel, Inc. . Another great mailing list is the HostingSecList.

If cPanel or a third party discovers a vulnerability and it is not disclosed publicly because the parties are working together to come up with a fix, then details about the vulnerability(s) shouldn't be published anywhere until such time that the fixes have been made available and server admins have had a chance to update. At least that is my feeling. And if you are on the cPanel mailing list, you are made aware that updates to resolve those issues are being pushed to the update servers -- sans details.

I do agree that it wouldn't hurt to have the new version at least listed in the Changelog, with very minimal information. But if you are on their mailing list you are made aware of it very quickly, likely quicker than you would ever see it in the Changelog. After all, most people I know check email a lot more often than they check the Changelog.

Mike

 

[wswd]

Change Logs shows it, and if I log into my servers and click on Changelog, it is shown there as well.

Yes, it shows it now. 11.40.1.3 wasn't in there quite literally for days.

If cPanel or a third party discovers a vulnerability and it is not disclosed publicly because the parties are working together to come up with a fix, then details about the vulnerability(s) shouldn't be published anywhere until such time that the fixes have been made available and server admins have had a chance to update.

Like I said, details regarding the vulnerabilities do not have to be disclosed or published. Not really sure why you keep going back to that. I already listed a reasonable alternative...you simply put that an update is available. Then you don't have to find it in a thread somewhere or via the mailing list, which I'm not really interested in joining right now. I don't want "company news, and other related topics", filling my inbox, to be honest. Updates and such are fine, but I could do without the rest.

 

[wswd]

And now it's gone again! Fantastic! The changelog in the servers is showing 11.40.1.1 as the latest, even though we're on 1.5.

You have to go to the "cPanel & WHM Change Log Feed" to see the actual changes.

I don't get it. This shouldn't be this difficult.

 

[Shavaun]

I apologize for the misunderstanding. The Change Log document is being updated - but it is not updating properly when viewed through WHM.

I've opened internal case 86225 on the issue and will post an update as soon as I have more information.

I understand that it is less convenient, but in the meantime you can view all updates here: CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki

Thank you for reporting this issue.

 

[wswd]

Thanks Shavaun!!

 

[jimlongo]

I apologize for the misunderstanding. The Change Log document is being updated - but it is not updating properly when viewed through WHM.

I've opened internal case 86225 on the issue and will post an update as soon as I have more information.

I understand that it is less convenient, but in the meantime you can view all updates here: CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki

Thank you for reporting this issue.

As has been noted before, the mirrors used for the documentation link above do not always update properly. For instance this link today is still on 11.40.1.5 although there have been 2 subsequent updates since then.

It's not a cache issue, I was just looking at .5, refreshed my browser's cache, checked again and the latest version is .4 !

 

[wswd]

Yep! Same as jimlongo.

What's perhaps even more hilarious is that the 3 places seem to be showing 3 different things. WHM is showing one thing, the TWiki is showing another, and the Change Logs (changelog.cpanel.net) is showing something completely different from the other two!! And even more...none of them are showing the correct update! Two of them have tons of updates missing in between. It goes from 11.40.0.29 right to 11.40.1.5 (and 11.40.1.4 on another) with nothing in between!

Come on cPanel...you're better than this! This is just completely ridiculous! Why not just put these all in one place, and actually keep it updated? Is there really a need for 3 documents (or more) if they aren't going to be updated? This isn't rocket science. It's a simple document. Surely somebody in the corporate office somewhere is dropping the ball on this. If one of my employees couldn't keep a simple document or two updated, they'd be shown the door. Not sure whose responsibility it is to update these, but it hasn't been done properly for at least several months...probably much longer.

 

[Shavaun]

We apologize for the delay in the 11.40.1.7 (and now 11.40.1.8) release information. Although it is security related, we normally update the Change Log as soon as we provide full disclosure about the update. We will update the Change Log with the recent releases soon. In the meantime you can find information on it here: TSR 2013-0012 Full Disclosure | cPanel, Inc..

We may have any number of internal builds before we release a new version of the product, which results in a jump in the version number. You can read more about how our release versions work here: cPanel & WHM Versions and the Release Process

ChangeLog.cpanel.net should point to Change Logs which does not contain any specific version information. It links to the other Change Log documents such as this one: CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki. Can you elaborate on what you see on that page that is incorrect, other than the absent 11.40.1.7/8 information?

I have been unable to reproduce the issue of 11.40.1.4 showing as the latest update on the 11.40 Change Log page (CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki), however I have refreshed the page on the server and hopefully that will address any lingering issues. If it continues to happen please make sure to mention it.

Internal ticket 86225 will address the missing updates in WHM when you select "Change Log."

If you notice any other discrepancies, please provide as specific detail as you can, so we can correct them.

 

[Shavaun]

Update: The Change Log has been updated for the 10.40.1.7, 10.40.1.8, and 10.40.0.31 releases:

CPanelVersion1140 < AllDocumentation/ChangeLog < TWiki

It may take a few hours for the documentation servers to sync.

 

[Shavaun]

Update: Internal case 86225 has been resolved and WHM should now display the updated Change Log.

 

[wswd]

Looks like we're back to business as usual. Changelog in WHM hasn't been updated in weeks, and now all the versions are different again...none of them close to actually being up-to-date.

 

[Infopro]

This appears to be up to date on my end:
https://documentation.cpanel.net/display/ALD/11.42+Change+Log

 

[chirpy]

It appears that with the new documentation site the old changelog RSS/Atom feeds are not being updated and there are no RSS/Atom feeds for the new one that I can find.

 

[Infopro]

I've just opened a report on this, thanks.

The new docs site [ http://documentation.cpanel.net/ ] is going to be great, but there is going to be some issues during the change over from one to the other I'm sure.

 

[chirpy]

Thank you