The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site Software not updated with latest versions?

Discussion in 'General Discussion' started by halie, Jan 28, 2009.

  1. halie

    halie Active Member

    Joined:
    Apr 12, 2006
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Hi

    I have been told that CPanel "Site Software tends to be behind on its updates". Obviously this is not a good sign bearing in mind we rely on WHM and CPanel products to properly secure our servers and, it goes without saying that, outdated software poses significant security risks.

    Would it be possible for the CPanel team to explain why this is the case, and whether there will be any improvement in future?

    Thanks in advance
    Halie
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Nowadays, we tend to stay up to date with the Site Software (also known as cPAddons). Is there any particular application you feel is currently out-of-date?
     
  3. halie

    halie Active Member

    Joined:
    Apr 12, 2006
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    David

    If you don't mind me saying, your answer is rather ambiguous; words such as "nowadays" and "tend" do not impart much peace of mind.

    Wasn't it *always* a priority for CPanel to keep it's software free of known security vulnerabilities, and doesn't CPanel *ensure* that Site Software is always kept up to date? If not, may I ask what is the company policy on this product?

    I will try to let you know the main concerns about specific software in the suite shortly.

    Thanks for your response.
    Halie
     
  4. halie

    halie Active Member

    Joined:
    Apr 12, 2006
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    David
    The software that we are most interested in are those that are not available in Fantastico:

    PostNuke
    ClickCartPro
    E107
    phpMyChat
    OSCommerce
    cPSupport
    Advanced_Guestbook
    YaBB
    AgoraCart

    Do you know what the schedule is for updates to the new versions of each of these products via "Site Software", compared with the actual releases direct from the respective websites?

    Thanks
    Halie
     
  5. halie

    halie Active Member

    Joined:
    Apr 12, 2006
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    My provider is adamant that they will remove the "Site Software" addon for security reasons.

    Is anyone able to tell me when and if the above products have been udpated to the latest versions? What is the schedule for updates for these products in the future?

    I cannot find this information on the cpanel website, and without it it's obviously impossible to present a reasoned argument to my provider in favour of this product.

    Thanks
    Halie
     
  6. halie

    halie Active Member

    Joined:
    Apr 12, 2006
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    I hope it's clear from my posts that I am genuinely attempting to find the correct information about the cPanel Site Software addin product and, in case there was an assumption to the contrary, I am not simply being antagonistic.

    Hence, I would appreciate an answer to my previous questions as, currently, the silence implies that my provider was correct to remove this software.

    Thank you
    Hal
     
  7. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    Hello,

    I understand the importance of your question, allow me to explain the process:

    We have a version watching system that alerts us when a given script has been updated.

    As soon as the alert comes into our feed we create a case and review the update, typically within minutes of the alert. An good example of what we try to shoot for is the recent CopperMine update. The same day as Coppermine released their update we released the updated cPAddon of Coppermine.

    Sometimes that is not always possible for various reasons. For example, by means of hyperbole:

    There are currently 4 cPAddons needing to be updates. I will list them below along with the cause of the delay:

    phpMyChat: it is actually up to date but there is a new, maintained, product that replaces it, we can't do an update to it though as the new version does not support table prefixes. The script developers have know about this for several months.

    Xoops: the new 2.3.0 branch is essentially a new product and great care will need taken to convert the data without losing any of it

    Geeklog: essentially the same problem as Xoops

    PostNuke: This was literally made into a new product and we've been waiting since Jun 11, 2008 for the developers to get back to us about a few things they promised to give us information about. We've since then decided to handle the new product like we did with phpBB 2.x to phpBB 3.x and it should be out later this week.

    Aside from freak situations like these 4 that happened almost simultaneously (and which very few people even use), our target is to release the cPAddon update the same day as the script is updated barring other important factors and of course factoring in review and QA. The most common factor in delay is "destructive SQL changes" and no documentation about what data needs moved to where. If the various projects would document their SQL changes typically it'd take approximately 30 minutes to create and initially test a cPAddon update.

    I hope that helps you to see the importance to us of and our dedication to updating cPAddons as quickly as possible while at the same time ensuring they are done safely!
     
  8. halie

    halie Active Member

    Joined:
    Apr 12, 2006
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Dan
    It is good to have this insight into your processes, and I feel that the reasons you give for the exceptions/delays are understandable.
    Thank you very much for explaining the situation in such detail.
    Halie
     
  9. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    I should also note that although PostNuke was discontinued in June they did not have a conversion utility to the new (and still very buggy according to the announcement) version until Feb 2nd, those sorts of delays also mean we can't do much with it :)
     
  10. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    You're very welcome, any time :)
     
  11. gkgcpanel

    gkgcpanel Well-Known Member

    Joined:
    Jun 6, 2007
    Messages:
    217
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    phpMyChat has a broken link in it.

    Dear cPanel team,

    Looks like the link to phpmychat.sourceforge.net is no longer available.

    It seems to redirect to: http://www.phpheaven.net/phpmychat:home which results in a 404 page not found error.

    This link is found when first going into phpMyChat under Site Software.

    cPAddon cPanel::Chat::phpMyChat
    This is a cPanel packaged module. (v0.1)

    Website http://phpmychat.sourceforge.net/

    Description: (v0.15.0)
    PHP/MySQL based Chat

    Just thought you might want to correct that as customers are asking us why the site is not there.
     
  12. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    It appears their own link to phpMyChat is broken on their website (phpHeaven.net). They may just be experiencing website issues but I have contacted them about this issue so they are aware of the situation.
     
  13. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    The link provided by cPAddons (Site Software) is now working again. Thanks for bringing this to our attention.
     
  14. sharmaine001

    sharmaine001 Well-Known Member

    Joined:
    Jun 23, 2006
    Messages:
    143
    Likes Received:
    0
    Trophy Points:
    16
    Wordpress is already outdated. a new version 2.8.5 has been released. yours is still 2.8.4

    when are you going to update? it has been several weeks since 2.8.5 has been released
     
  15. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    It will be early this week, thanks! We'll post back here when it is available.
     
  16. sharmaine001

    sharmaine001 Well-Known Member

    Joined:
    Jun 23, 2006
    Messages:
    143
    Likes Received:
    0
    Trophy Points:
    16
    Thanks

    Normally we do not have to request here a script to be updated right? and you update it automatically even without someone requesting?
     
  17. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    Correct, this month's schedule was very abnormal.
     
  18. sharmaine001

    sharmaine001 Well-Known Member

    Joined:
    Jun 23, 2006
    Messages:
    143
    Likes Received:
    0
    Trophy Points:
    16
    I see. I hope you will be able to fix your schedule to keep scripts in the cPAddon updated. I'm still waiting for wordpress to be updated.
     
  19. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    Hello, I apologize - I forgot to post back here: wordpress was updated tuesday morning. As for the scheduling, yes, it is very important to us to keep everything updated. Again this was an abnormal thing so shouldn't be a problem :)
     
  20. sharmaine001

    sharmaine001 Well-Known Member

    Joined:
    Jun 23, 2006
    Messages:
    143
    Likes Received:
    0
    Trophy Points:
    16
    Thanks so much!

    However I believe 2.8.6 has released

    WordPress 2.8.6 prevents malicious code from being uploaded. So is it possible to upgrade your script to 2.8.6?

    Thanks!
     
Loading...

Share This Page