There have to be more in one or 2 places.
Separated Security, and real BUGS
MAIN topics somewhere with if possible kind of email list for warnings!
For now you have to take care all yourself on many many different places and locations to have in time enough and right information if you can find at all ;).
THAT is to "weak" for proffesional BUG and also security / patch management!
While this could also shorten support time needed to have those better organised for Virtualmin suport and here forum itself.
More clear obvious one place and so on!
While if updates are wrong/buggie/not ready. ( known problems for some combinations as speaking now some PHPfpm and MARIADB are)
To late at security high risk.
You can't know read in your virtualmin box with updates text or even no updates there.
Lot of searching at to many different places are needed at this time to have some clarifications but . hmmmmmm :(
Some links regarding security.
Security "audit" system als free version available. Homepage here https://cisofy.com/lynis/ ( NICE DUTCH GUY) the free version for small or not very critical is OK
OYES this doesn't help to in changelog for versions!
and a bunch of other bugfixes and small improvements.