106 Change Log


Last modified: November 15, 2022

106.0.10


2022-11-14
  • [security] Fixed case SEC-665: Prevent accounts from arbitrary file reads via injecting bad include directives into a DNS zone file.
  • [security] Fixed case SEC-666: Fix various maketext vulnerabilities.
  • [security] Fixed case SEC-661: Fix test used by cpsrvd to check PHP for extra PATH info
  • [security] Fixed case SEC-662: Fix HttpRequest from writing to homedirs
  • [security] Fixed case SEC-667: Ensure SET_SERVICE_PROXY_BACKENDS is the calling user.

106.0.9


2022-10-10
  • [security] Fixed case SEC-650: cPanel Visitors UI does not display direct apache access when ea-nginx is installed/enabled.

106.0.8


2022-09-28
  • Fixed case HB-6538: Disable Horde by default in the Tweak Settings.
  • Fixed cases HB-6555, CPANEL-41501: Add Horde deprecation notice in WHM.
  • Fixed case CPANEL-41569: Update cpanel-exim to 4.95-6.cp11104.

106.0.7


2022-09-19
  • Fixed case CPANEL-40231: Fix lack of description for plugins within WHM >> Manage Plugins on Ubuntu.
  • Fixed case CPANEL-41297: Ensure create_user_session properly handles the case where the hostname fails to resolve.
  • Fixed case CPANEL-41331: Update MariaDB yum/dnf repository files.
  • Fixed case CPANEL-41387: Provide help option for bin/process_ssl_pending_queue.
  • Fixed case CPANEL-41404: Fix broken reference to “default” throttle option for process_ssl_pending_queue.
  • Fixed case CPANEL-41414: Fixed adminbin limit error for large number of domains.
  • Fixed case CPANEL-41186: Update cpanel-clamav to 0.104.4-1.cp11100.
  • Fixed case CPANEL-41482: Update cpanel-roundcubemail to 1.5.2.1-6.cp11106.

106.0.4


2022-08-22
  • Fixed case CPANEL-35583: Fix invalid ACL error message when no backup metadata yet exists.
  • Fixed case CPANEL-40673: Don't show disk-related "Upgrade Opportunities" info for unlimited quota users in WHM List Accounts.
  • Fixed case CPANEL-40713: Adjust routing for cpsrvd to allow URL arguments for PHP apps.
  • Fixed case CPANEL-40769: Ensure sane minrate setting is in place for dnf.conf.
  • Fixed case CPANEL-40890: Fixed a condition where it was possible that upcp updates could fail early, and alerts to the user would not be set.
  • Fixed case CPANEL-40931: Prevent currently-unlimited bandwidth users from being incorrectly flagged for excessive prior month bandwidth usage.
  • Fixed case CPANEL-41250: Prevent modifyacct from erasing contact email addresses inadvertently.
  • Fixed case CPANEL-41293: Fix typo in WHM search results for SSL/TLS Configuration.
  • Fixed case CPANEL-41345: Exclude kernel-modules* when running /scripts/update-packages on EL8-derived distributions.
  • Fixed case PH-18407: Language survey link update.

106.0.3


2022-08-15
  • [security] Fixed case SEC-646: Explicitly set the error log in /usr/local/cpanel/scripts/cleanphpsessions.php.
  • [security] Fixed case SEC-652: Fix Self-XSS vulnerability in ModSecurity Tools interface.
  • [security] Fixed case SEC-653: Prevent unprivileged accounts from performing arbitrary file reads when a DNS zone is parsed.
  • [security] Fixed case SEC-654: Fix XSS vulnerability in WHM ModSecurity Vendors interface.
  • [security] Fixed case SEC-655: Verify necessary domain ownership for cPanel subdomain API calls.
  • [security] Fixed case SEC-658: Prevent database user account name collisions for accounts created when MySQL is temporarily disabled.

106.0.2


2022-08-09
  • Fixed case CPANEL-40883: Add breadcrumbs to Team Manager interfaces.
  • Fixed case CPANEL-41071: Improve WHM's header search for plugins.
  • Fixed case CPANEL-41110: Allow Ubuntu systems to update the “kmod” package even when kernel updates are disabled.
  • Fixed case CPANEL-41110: Ensure that stale package excludes on Ubuntu are not retained.
  • Fixed case CPANEL-41192: Return an ip url for sessions when the hostname cannot resolve.
  • Fixed case CPANEL-41208: Fix warning issued by the Apache assessor in the Security Advisor on Virtuozzo 7 systems.
  • Fixed case CPANEL-41235: check_cpanel_pkgs needs to remove ubuntu pkgs with –force-all.
  • Fixed case PH-18745: Improve appearance of the WHM main menu scroll bar.

106.0.1


2022-07-27
  • Fixed case CPANEL-40863: Updated the i_cpanel_snowmen locale to be hidden by default.
  • Fixed case CPANEL-40958: Update cpanel-roundcubemail to 1.5.2.1-5.cp11106.
  • Fixed case CPANEL-41067: Execute findphpversion in the background to avoid potential bottlenecks during upcp.
  • Fixed case CPANEL-41141: Have clean_user_php_sessions script use defaults to clean session files in directories associated with uninstalled php versions.
  • Fixed case DUCK-7209: Discourage API Log spoofing and dangerous characters.
  • Implemented case CPANEL-41025: Report cPanel ELevate blockers in Security Advisor.

106.0.0


2022-07-14
  • Fixed case COBRA-13884: Prevent cPanel’s AutoSSL provider from requesting duplicate certs.
  • Fixed case CPANEL-40783: Update cpanel-php74 to 7.4.30-2.cp11102.
  • Fixed case CPANEL-40966: Improve performance of Webmail using the Jupiter theme.
  • Fixed case CPANEL-41023: Respect pre-install configuration with regards to FTP server selection.
  • Fixed case CPANEL-41068: Update cpanel-git to version 2.37.0.
  • Fixed case CPANEL-41085: Update cpanel-php74-turba to 4.2.29-1.cp11102.

105.9999.90


2022-07-07
  • Fixed case BWG-3396: Fix httpd being down after post_snapshot changes the hostname.
  • Fixed case CPANEL-39888: Fix order of operations issue when validating MySQL upgrade conf.
  • Fixed case CPANEL-40724: For DNSOnly servers, prevent erroneous "service down" notices for the cpanel_php_fpm service since it does not run on DNSOnly.
  • Fixed case CPANEL-40761: Fixed paper_lantern sprites not being generated on installation.
  • Fixed case CPANEL-40782: Improvements to Modify/Upgrade Multiple Accounts.
  • Fixed case CPANEL-40934: Adjusted the ability of a user to undo file changes in file manager, after they commit to a save.
  • Fixed case CPANEL-40940: Update cpanel-dovecot to 2.3.18-3.cp11104.
  • Fixed case CPANEL-40941: Allow system package updates to remove obsolete packages blocking dependencies on EL8-derived distributions.
  • Fixed case PH-18365: Add a feature showcase to disclose the language removals.
  • Fixed case ZC-9975: EA recommendations display in a list.

105.9999.82


2022-06-27
  • Fixed case ART-2045: Turn WHM 'Top Tools' into 'Favorites' and allow customization.
  • Fixed case ART-2047: Add the ability to view Favorites in a compact way.
  • Fixed case ART-2170: Public contact tab should prevent navigation with changes.
  • Fixed case ART-2202: Usability improvements to cPHulk WHM UI.
  • Fixed case ART-2217: Provide a way to download the cphulk blacklist and whitelist ips.
  • Fixed case ART-2359: Improvements to how we show load averages in WHM Jupiter.
  • Fixed case ART-2480: Added instructions to help users with editing Favorites.
  • Fixed case ART-2552: Improve statistics panel hostname wrapping.
  • Fixed case ART-2612: Updated the WHM cPHulk app to support full download and upload of the whitelist & blacklists including any provided comments.
  • Fixed case ART-2804: Extend certain post install updates until the next LTS version.
  • Fixed case ART-2831: Update the new stats header based on user study data.
  • Fixed case BOO-1773: Implement prefix-size flag for create database/user uapi calls.
  • Fixed case BOO-2098: Implement force_short_prefix tweak setting.
  • Fixed case BWG-2711: Create minimal cpuser file for reseller without domain.
  • Fixed case BWG-3049: Add plugin system to snapshot_prep, and handle CCS.
  • Fixed case COBRA-13671: Remove 'Aliases' interface in cPanel (Jupiter only).
  • Fixed case COBRA-13672: Remove 'Subdomains' interface in cPanel (Jupiter only).
  • Fixed case COBRA-13672: Remove 'Addon Domains' interface in cPanel.
  • Fixed case COBRA-13674: Rename “Aliases” to “Alias Domains” in cPanel’s stats bar.
  • Fixed case COBRA-13746: Store cpuser contact email addresses solely in cpuser files.
  • Fixed case COBRA-13747: Make set_email_addresses() API call use its own admin function.
  • Fixed case COBRA-13748: Convert Contact Information UI to use new contact-email APIs.
  • Fixed case COBRA-13802: Improve Discoverability of WHM Notifications.
  • Fixed case COBRA-13811: Improve UAPI contact email APIs.
  • Fixed case COBRA-13856: Allow administrators to force-disable insecure contact-email updates.
  • Fixed case COBRA-13866: Add Feature Showcase item for contact-email hardening.
  • Fixed case COBRA-13887: Add improved help text to domain's creation interface.
  • Fixed case CPANEL-13538: Add utilities to prepare cPanel servers for image creation and deployment.
  • Fixed case CPANEL-38316: Improve zonefile chown order of operations.
  • Fixed case CPANEL-39344: Hide Email Routing Configuration link on unsupported product types.
  • Fixed case CPANEL-39483: Fix empty data save message in WHM's Configure Remote Service IPs.
  • Fixed case CPANEL-39800: Remove “Department Name” from the OV/EV certificate order fields.
  • Fixed case CPANEL-40020: Prevent rsync hangs on AlmaLinux backups.
  • Fixed case CPANEL-40176: Improve horizontal scroll bar on List Accounts page.
  • Fixed case CPANEL-40191: Ensure web stats are always run.
  • Fixed case CPANEL-40352: Update webcomponents to fix style load issues in WHM and cPanel Jupiter theme.
  • Fixed case CPANEL-40402: MariaDB 10.4 can no longer be used as a remote database profile.
  • Fixed case CPANEL-40429: Update net-google-drive-simple to v3.01.
  • Fixed case CPANEL-40437: Change color for Favorites selector icon.
  • Fixed case CPANEL-40451: Enable Munin MySQL plugins only when MySQL/MariaDB is installed.
  • Fixed case CPANEL-40493: Disable regenerate_tokens task on initial install, and increase timeout.
  • Fixed case CPANEL-40505: Fix Pushbullet validation message in contact preferences.
  • Fixed case CPANEL-40510: Sort authentication providers on login page.
  • Fixed case CPANEL-40547: No longer depend on cpanel-mysql.
  • Fixed case CPANEL-40550: Rebuild cpanel-analog against static zlib v1.2.12.
  • Fixed case CPANEL-40570: Remove nsd/mydns from nameserverconfig UI.
  • Fixed case CPANEL-40604: Fix bug preventing delete selected black/whitelist ips in cphulk.
  • Fixed case CPANEL-40616: Fix the toggle switch web-component to properly support accessibility.
  • Fixed case CPANEL-40626: Show - - - on load average API error rather the NaN.
  • Fixed case CPANEL-40629: Disable most Perl backtraces from appearing in the error log unless the file “/var/cpanel/log_stack_traces” exists.
  • Fixed case CPANEL-40630: Fix innodb optimization check for MariaDB 10.5+.
  • Fixed case CPANEL-40680: Stop spurious button capitalization in Domains UI. (Jupiter only).
  • Fixed case CPANEL-40720: Include full cPanel build number in the installed_versions WHMAPI1 output.
  • Fixed case CPANEL-40721: Fixed overwrite exceptions warnings regarding the timezone cache when running uapi as a cPanel user.
  • Fixed case CPANEL-40724: For DNSOnly servers, prevent erroneous "service down" notices for services that do not run on DNSOnly.
  • Fixed case CPANEL-40728: Generate /var/cpanel/install_version on install.
  • Fixed case CPANEL-40731: Fix a bug where webmail partially showed dark styles.
  • Fixed case CPANEL-40735: The textboxes for the advanced search fields on the Transfer Tools page are now uniform in size.
  • Fixed case CPANEL-40771: Add RockyLinux to Cpanel::OS.
  • Fixed case CPANEL-40779: Restore RPM lock wait behavior on RHEL 8+ systems.
  • Fixed case CPANEL-40797: Discard non-hostname-matching issued hostname certs.
  • Fixed case CPANEL-40834: Remove some mentions of legacy access hashes from DNS Clustering.
  • Fixed case CPANEL-40853: Ensure links in the Feature Showcase can open in a new tab.
  • Fixed case CPANEL-40866: Remove CDB files after removal of legacy locale files.
  • Fixed case CPANEL-40898: Fix up arrow bug in WHMs search dropdown.
  • Fixed case DUCK-6916: Log cPanel API calls.
  • Fixed case DUCK-7007: Fix typo in Tweak Settings help text.
  • Fixed case DUCK-7174: Fix bugs with disabling team_manager.
  • Fixed case HB-6454: Allow account restore over existing accounts w/overrides.
  • Fixed case PH-17723: Improve visual user experience in the main menu.
  • Fixed case PH-17820: Ask user feedback to get more information about what additional languages to support.
  • Fixed case PH-17947: Remove legacy languages from the product.
  • Fixed case PH-17960: Show a warning when on the Edit Account interface for users on removed locales.
  • Fixed case PH-18015: Improve the search feature in the WHM main navigation menu by adding fuzzy logic.
  • Fixed case PH-18033: Add the new sub-header stats panel.
  • Fixed case PH-18033: Remove the whm server info button and menu.
  • Fixed case PH-18033: Improvements to the load average web-component.
  • Fixed case PH-18033: Fixed menu overlay problems with the header menus.
  • Fixed case PH-18039: Add ‘x’ button in WHM main menu nav search box.
  • Fixed case PH-18107: Improve the keyboard shortcuts for the search box filter navigation.
  • Fixed case PH-18192: Updated the Pricing and Term agreement.
  • Fixed case PH-18193: Update the Privacy Policy to version 04-29-2022.
  • Fixed case PH-18268: Add deprecation warning to paper-lantern theme.
  • Fixed case PH-18270: Implement the switch to Jupiter feature showcase.
  • Implemented case CPANEL-40533: Auto upgrade MyDNS to PowerDNS on upgrades.
  • Implemented case CPANEL-40480: Auto upgrade NSD to PowerDNS on upgrades.
  • Implemented case CPANEL-40517: Send iContact notification for auto-upgrade to PowerDNS.
  • Implemented case DUCK-6670: Add list team view part of the Manage Team UI.
  • Fixed case CPANEL-39456: Update cpanel-exim to 4.95-5.cp11104.
  • Fixed case CPANEL-40182: Update cpanel-geoipfree-data to 106.0-1.cp11106.
  • Fixed case CPANEL-40183: Update cpanel-knownproxies-data to 106.0-1.cp11106.
  • Fixed case CPANEL-40244: Update cpanel-roundcubemail to 1.5.2.1-3.cp11106.
  • Fixed case CPANEL-40711: Update cpanel-roundcubemail to 1.5.2.1-4.cp11106.
  • Fixed case CPANEL-40899: Update cpanel-php74 to 7.4.30-1.cp11102.
  • Fixed case HB-6470: Update cpanel-php74-turba to 4.2.28-1.cp11102 (resolves UPS-462).
  • Fixed case HB-6313: Update cpanel-roundcubemail to 1.5.2.1-1.cp11106.
  • Fixed case CPANEL-40560: Emit a message if checkallsslcerts is run while disabled.

Additional Documentation