58 Change Log


58.0.52


2017-07-17
  • [security] Fixed case SEC-263: Stored XSS during WHM cPAddons install.
  • [security] Fixed case SEC-264: Stored XSS during WHM cPAddons upgrades.
  • [security] Fixed case SEC-265: Stored XSS during WHM cPAddons file operations.
  • [security] Fixed case SEC-266: Stored XSS during WHM cPAddons uninstallation.
  • [security] Fixed case SEC-267: Stored XSS during WHM cPAddons cron operations.
  • [security] Fixed case SEC-268: Stored XSS during moderated WHM cPAddons installation.
  • [security] Fixed case SEC-269: Stored XSS in WHM cPAddons processing.
  • [security] Fixed case SEC-272: EasyApache 4 conversion sets loose domlog ownership and permissions.
  • [security] Fixed case SEC-273: Domain log files become readable after log processing.
  • [security] Fixed case SEC-280: The cpdavd_error_log can be created with insecure permissions.
  • [security] Fixed case SEC-288: Resellers can read other accounts domain log files.
  • [security] Fixed case SEC-289: Insecure log file permissions after account modification.
  • [security] Fixed case SEC-290: Apache domlogs become temporarily world-readable during log processing.
  • [security] Fixed case SEC-291: Apache SSL domain logs left behind after account termination.
  • [security] Fixed case SEC-294: Corrupted user and group ownership when using ‘reassign_post_terminate_cruft’.
  • [security] Fixed case SEC-297: Self XSS Vulnerability in WHM Upload Locale interface.

58.0.51


2017-07-13
  • Fixed case CPANEL-9529: Have restartsrv’s systemd logic factor in pidfile.
  • Implemented case CPANEL-14440: Accomodate new Comodo DCV format and path.

58.0.50


2017-05-31
  • Fixed case CPANEL-1865: Silence spurious warning while restoring mailman attachments.
  • Implemented case CPANEL-12323: Allow suppression of certificate generation in WHM generatessl.

58.0.49


2017-05-15
  • [security] Fixed case SEC-234: Horde MySQL to SQLite conversion can leak database password.
  • [security] Fixed case SEC-236: Code execution for webmail and demo accounts with the store_filter API call.
  • [security] Fixed case SEC-237: Code execution as root via SET_VHOST_LANG_PACKAGE multilang adminbin call.
  • [security] Fixed case SEC-238: Demo account code execution with BoxTrapper API.
  • [security] Fixed case SEC-239: Demo account file read vulnerability in Fileman::getfileactions API2 call.
  • [security] Fixed case SEC-240: Webmail account arbitrary code execution via forwarders.
  • [security] Fixed case SEC-242: Demo account code execution through Encoding API calls.
  • [security] Fixed case SEC-243: Demo account code execution via ImageManager_dimensions API call.
  • [security] Fixed case SEC-244: Demo users have access to traceroute via api2.
  • [security] Fixed case SEC-245: Demo accounts able to redirect web traffic.
  • [security] Fixed case SEC-246: Cpanel::SPFUI API commands are available to demo accounts.
  • [security] Fixed case SEC-247: Demo and suspended accounts allowed to port-forward via SSH.
  • [security] Fixed case SEC-248: Cpanel SSH API commands are allowed for Demo accounts.
  • [security] Fixed case SEC-249: Demo restrictions not enforced in SSL API calls.
  • [security] Fixed case SEC-250: File read and write for demo accounts in SourceIPCheck API.
  • [security] Fixed case SEC-251: Code execution for Demo accounts via ClamScanner_getsocket API.
  • [security] Fixed case SEC-252: Limited file read via Serverinfo_manpage API call.
  • [security] Fixed case SEC-254: Limited file rename as root via scripts/convert_roundcube_mysql2sqlite.
  • [security] Fixed case SEC-255: Limited file chmod in /scripts/convert_roundcube_mysql2sqlite.
  • [security] Fixed case SEC-257: User crontab publicly visible during cPAddon upgrades.
  • [security] Fixed case SEC-259: Code execution via Rails configuration files.
  • [security] Fixed case SEC-260: Supplemental groups lost during account renames.
  • [security] Fixed case SEC-262: Stored XSS in WHM cPAddons install interface.

58.0.48


2017-05-10
  • Fixed case CPANEL-7519: Make upgrade check for ftp/cpanel user existence.
  • Fixed case CPANEL-7818: Taskrun: fix typo on eximstatus update.
  • Fixed case CPANEL-13029: Avoid speaking plain HTTP to cabundle server on port 443.

58.0.47


2017-04-24
  • Fixed case CPANEL-10931: Disable CGIEmail and CGIEcho on update, and on new installs.

58.0.46


2017-04-13
  • Fixed case CPANEL-9217: Allow for streaming and skiphomedir in restore disk check.
  • Fixed case CPANEL-11474: Cpanel::Sysquota inode cache is always empty.

58.0.45


2017-03-20
  • [security] Fixed case SEC-208: Addon domain conversion did not require a package for resellers.
  • [security] Fixed case SEC-217: Self XSS Vulnerability in WHM cPAddons ‘showsecurity’ interface.
  • [security] Fixed case SEC-219: File overwrite when renaming an account.
  • [security] Fixed case SEC-220: Arbitrary code execution during account modification.
  • [security] Fixed case SEC-223: Security policy questions were not transfered during account rename.
  • [security] Fixed case SEC-224: CPHulk one day ban bypass when IP based protection enabled.
  • [security] Fixed case SEC-225: Code execution as root via overlong document root path settings.
  • [security] Fixed case SEC-226: Arbitrary file overwrite via WHM Zone Template editor.
  • [security] Fixed case SEC-227: Expand list of reserved usernames.
  • [security] Fixed case SEC-228: Adding parked domains to mail config did not respect domain ownership.
  • [security] Fixed case SEC-229: URL filtering flaw allowed access to restricted resources.
  • [security] Fixed case SEC-232: Demo code execution via Htaccess::setphppreference API.
  • [security] Fixed case SEC-233: Arbitrary code execution for demo accounts via NVData_fetchinc API call.

58.0.44


2017-03-07
  • Fixed case CPANEL-6889: Do not reset self signed certs if flag file exists.
  • Fixed case CPANEL-8311: Fixed quote_identifier error during transfer restore.
  • Fixed case CPANEL-9173: Add p0f to yum excludes.
  • Fixed case CPANEL-10529: Reduce number of dovecot/dict lookups to reduce disk I/O.
  • Fixed case CPANEL-11023: Fix can_stream check in transfer system.
  • Fixed case CPANEL-11219: Add Comodo to cPanel trusted root store.
  • Fixed case CPANEL-11289: Limit generatessl required params to ones used for DV.

58.0.43


2017-01-16
  • [security] Fixed case SEC-196: Fixed password used for Munin MySQL test account.
  • [security] Fixed case SEC-197: Self-XSS in paper_lantern password change screen.
  • [security] Fixed case SEC-198: Reflected XSS in reset password interfaces.
  • [security] Fixed case SEC-199: Self-XSS in webmail Password and Security page.
  • [security] Fixed case SEC-201: Arbitrary file read via Exim valiases.
  • [security] Fixed case SEC-204: Exim piped filters ran as wrong user when delivering to a system user.
  • [security] Fixed case SEC-205: Leech Protect did not protect certain directories.
  • [security] Fixed case SEC-206: Exim transports could be run as the nobody user.
  • [security] Fixed case SEC-207: Improper ACL checks in xml-api for Rearrange Account.
  • [security] Fixed case SEC-209: SSL certificate generation in WHM uses an unreserved email address.
  • [security] Fixed case SEC-210: Account ownership not enforced by has_mycnf_for_cpuser WHM API call.
  • [security] Fixed case SEC-211: Stored XSS Vulnerability in WHM Account Suspension List interface.
  • [security] Fixed case SEC-212: Format string injection vulnerability in cgiemail.
  • [security] Fixed case SEC-213: WHM ‘enqueue_transfer_item’ API allowed resellers to queue non rearrange modules.
  • [security] Fixed case SEC-214: Open redirect vulnerability in cgiemail.
  • [security] Fixed case SEC-215: HTTP header injection vulnerability in cgiemail.
  • [security] Fixed case SEC-216: Reflected XSS vulnerability in cgiemail addendum handling.

58.0.41


2017-01-05
  • Fixed case CPANEL-8772: Remove code to manage cpanel plugins in Roundcube.
  • Fixed case CPANEL-8789: WHM: Ensure the cPHulk History Reports are always paginated.
  • Fixed case CPANEL-9209: Fix removing FTP account along with addon domain.
  • Fixed case CPANEL-9510: BoxTrapper: fix JavaScript on review queue page.
  • Fixed case CPANEL-9701: Increase apache restart timeout to handle many SSL certs.
  • Fixed case CPANEL-9895: Update rpm.versions to use the newer Amazon::S3 library.
  • Fixed case CPANEL-9969: Update Security Advisor to latest version.
  • Fixed case CPANEL-10321: Update cpanel-roundcubemail to 1.1.7-1.cp1158.
  • Fixed case CPANEL-10401: Update cpanel-roundcubemail to 1.1.7-1.cp1158.
  • Fixed case CPANEL-10542: Update exim to 4.87-7.cp1156.
  • Fixed case ZC-2347: Update Security Advisor to the latest version.

58.0.37


2016-11-21
  • [security] Fixed case SEC-158: Arbitrary file overwrite when account domain is modified.
  • [security] Fixed case SEC-159: Stored XSS in WHM Repair Mailbox Permissions interface.
  • [security] Fixed case SEC-160: Stored XSS Vulnerability in the WHM Manage cPAddons interface.
  • [security] Fixed case SEC-161: File overwrite during preparation for MySQL upgrades.
  • [security] Fixed case SEC-162: Open redirect via /cgi-sys/FormMail-clone.cgi.
  • [security] Fixed case SEC-164: Arbitrary file overwrites when updating Roundcube.
  • [security] Fixed case SEC-165: File create and chmod via ModSecurity Audit logfile processing.
  • [security] Fixed case SEC-168: Enforce feature list restrictions when calling the multilang adminbin.
  • [security] Fixed case SEC-169: Arbitrary code execution for ACL limited resellers during account creation.
  • [security] Fixed case SEC-173: Arbitrary file chown via reassign_post_terminate_cruft.
  • [security] Fixed case SEC-174: Stored XSS in homedir removal during WHM Account termination.
  • [security] Fixed case SEC-175: Stored XSS in MySQL database names during WHM Account termination.
  • [security] Fixed case SEC-176: Stored XSS in perlinstaller directory removal in WHM Account Termination.
  • [security] Fixed case SEC-177: Self-XSS Vulnerability in WHM Tweak Settings for autodiscover_host.
  • [security] Fixed case SEC-178: Self-Stored XSS Vulnerability in listftpstable API.
  • [security] Fixed case SEC-179: Stored XSS in api1_listautoresponders.
  • [security] Fixed case SEC-180: Stored XSS Vulnerability in ftp_sessions API.
  • [security] Fixed case SEC-180: Self-XSS Vulnerability in UI_confirm API.
  • [security] Fixed case SEC-181: Self-Stored XSS in postgres API1 listdbs.
  • [security] Fixed case SEC-182: Self-Stored XSS in SSL_listkeys.
  • [security] Fixed case SEC-184: Self-XSS in alias upload interface.
  • [security] Fixed case SEC-185: Sensitive file contents revealed during file copy operations.
  • [security] Fixed case SEC-186: Apache SSL keys readable by the nobody group.
  • [security] Fixed case SEC-187: Host Access Control improperly handles action-less host.deny entries.
  • [security] Fixed case SEC-188: Arbitrary code execution via Maketext in PostgreSQL adminbin.
  • [security] Fixed case SEC-191: Code execution via cpsrvd 403 response handler.
  • [security] Fixed case SEC-192: HTTP POST to listinput.cpanel.net does not use TLS.

58.0.36


2016-11-16
  • Fixed case CPANEL-7518: Show maximum and minimum values for applicable fields on WHM Basic Setup page.
  • Fixed case CPANEL-8794: Addon Domain: Prompt to remove FTP accounts when removing domain.
  • Fixed case CPANEL-8945: Update checkallsslcerts renewal period message to reflect new 25d period.
  • Fixed case CPANEL-9011: Use correct tailwatchd binary in restartsrv.
  • Fixed case CPANEL-9515: tail-check: ensure tailwatchd is restarted using systemd.
  • Fixed case CPANEL-9667: Fixed ModSecurity 2 configuration when migrating to EasyApache 4.
  • Fixed case CPANEL-9824: Update Compress::Raw::Lzma to avoid segfault.

58.0.34


2016-11-02
  • Fixed case CPANEL-6137: Fix “network error” message in IE logging into WHM.
  • Fixed case CPANEL-8017: Lengthen timeout for restoring databases.
  • Fixed case CPANEL-8942: restorepkg: ensure parked domains can be fully restored.
  • Fixed case CPANEL-8972: Rebuild transport objects correctly.
  • Fixed case CPANEL-9122: Restart cpbackup_transport connections on failure.
  • Fixed case CPANEL-9122: Fix half-closed backup transporter connections.
  • Fixed case CPANEL-9244: Fix backup transporter.
  • Fixed case CPANEL-9274: Allow Software Collection (SCL) commands to work under jailshell.
  • Fixed case CPANEL-9309: Correct destination validation for FTP.
  • Fixed case CPANEL-9329: Fix caching which leads to false mod_userdir / mod_ruid2 conflict.
  • Fixed case CPANEL-9335: Remove the use of tsflags from Cpanel::SysPkgs::YUM.
  • Fixed case CPANEL-9335: Remove the need for tsflags and its installation.
  • Fixed case CPANEL-9520: userdirctl now reloads all supported Apache options in EA4.
  • Fixed case CPANEL-9527: Ensure FTP backups are uploaded into the correct directory.

58.0.32


2016-10-10
  • Fixed case CPANEL-7593: Update cpanel-perl-522-munin to 2.0.25-6.cp1158.
  • Fixed case CPANEL-8752: Update cpanel-perl-522 to 5.22.1-13.cp1156.
  • Fixed case CPANEL-8864: Increase the timeout for ea4_ and packagemanager API URIs.

58.0.31


2016-09-22
  • Fixed case CPANEL-8636: Parse yum python on systems w/ no pre JSON header output.
  • Fixed case CPANEL-8673: Fix spurious error message about Mailman archive permissions.
  • Fixed case CPANEL-8756: Perform cPanel YUM calls with EPEL disabled.

58.0.30


2016-09-21
  • Fixed case CPANEL-3338: Restart cpbackup_transport connections on failure.
  • Fixed case CPANEL-5886: Allow Pushbullet API tokens with periods.
  • Fixed case CPANEL-8298: Don’t die if user not present in /etc/trueuserowners.
  • Fixed case CPANEL-8332: ModSecurity now logs events for jailshell users in EA4.
  • Fixed case CPANEL-8333: Close PwCache filehandles as part of untie.
  • Fixed case CPANEL-8426: Don’t pipe /dev/null into mailman crontab on service disable.
  • Fixed case CPANEL-8432: Update MySQL55 to 5.5.52-1.cp1156.
  • Fixed case CPANEL-8433: Update the phpMyAdmin config when changing MySQL profiles.
  • Fixed case CPANEL-8434: Update MySQL56 to 5.6.33-1.cp1156.
  • Fixed case CPANEL-8448: Setting Apache handler for PHP now ignores temporary users.
  • Fixed case CPANEL-8448: WHM now detects temporary cpanel accounts.
  • Fixed case CPANEL-8448: The WHM MultiPHP Manager interface now ignores temporary cpanel users.
  • Fixed case CPANEL-8455: Adjust hostname cert renewal to T-25, start warnings at T-20.
  • Fixed case CPANEL-8461: Fix upgrades from 11.44 and older for 32-bit systems.
  • Fixed case CPANEL-8468: Disable overquota reject at SMTP if dovecot is set to defer.
  • Fixed case CPANEL-8476: Update cpanel-perl-522 to 5.22.1-12.cp1156.
  • Fixed case CPANEL-8478: Replace broken 2FA go links.
  • Fixed case CPANEL-8494: WHM: Ensure link to Upgrade Versions works on Update Preferences.

58.0.29


2016-09-19
  • [security] Fixed case SEC-141: Code execution as other accounts via mailman list archives.
  • [security] Fixed case SEC-152: Arbitrary code execution due to faulty shebang in Mail::SPF scripts.
  • [security] Fixed case SEC-154: Arbitrary file read due to multipart form processing error.
  • [security] Fixed case SEC-156: Stored XSS Vulnerability in WHM tail_upcp2.cgi interface.

58.0.28


2016-09-08
  • Fixed case CPANEL-8357: On EA4 UI Conflicts, Requires should resolve fine.
  • Fixed case CPANEL-8415: Update git to version 2.10.0.

58.0.27


2016-09-07
  • Fixed case CPANEL-8292: Fix upgrades from 11.44 and older on CentOS 5.
  • Fixed case CPANEL-8401: Don’t remove needed RPMs when uninstalling Munin.

58.0.26


2016-09-01
  • Fixed case CPANEL-7649: Keep default-character-set setting in migrations to MySQL 5.6.
  • Fixed case CPANEL-7914: Fix loading of custom mod_security rules.
  • Fixed case CPANEL-8027: Update cpanel-dnspython to 1.12-2.cp1158.
  • Fixed case CPANEL-8128: Gracefully handle unavailable MySQL in WHM main page.
  • Fixed case CPANEL-8153: Ensure Exim fail filters use specified message.
  • Fixed case CPANEL-8274: Add missing mailbox icon to Edit Filters page.
  • Fixed case CPANEL-8283: Remove spam headers from outside servers to avoid confusion.
  • Fixed case CPANEL-8286: Removed include_path from basic directives.
  • Fixed case CPANEL-8300: Ensure that rebuildhttpdconf –preview outputs to correct location.
  • Fixed case CPANEL-8303: Transfers icon appears even when reseller lacks proper permissions.
  • Fixed case CPANEL-8304: Ensure the RoR icon is visible after installruby is run.
  • Implemented case CPANEL-8293: Disallow invalid mail filter characters.

58.0.25


2016-08-29
  • Fixed case CPANEL-7970: Updated save to folder filter creation.
  • Fixed case CPANEL-8165: Fix Horde loading issue with Turkish locale.
  • Fixed case CPANEL-8229: Remove scripts/installimagemagick for 11.58.
  • Fixed case CPANEL-8230: Fix fileprotect control scripts to function with EA4.
  • Fixed case CPANEL-8231: Added unconditional warning about custom user mime types.
  • Fixed case CPANEL-8254: Update dovecot to 2.2.25-2.cp1158.
  • Fixed case CPANEL-8260: WHM: Ensure the ‘Transfers’ Header is properly visible in all cases.
  • Implemented case CPANEL-8184: Exim: ensure 5xx status when localuser over quota.

58.0.24


2016-08-23
  • Fixed case CPANEL-7770: Switch to posix fs for dovecot lastlogin tracking.
  • Fixed case CPANEL-7994: Make Dovecot’s config VSZ limit adjustable.
  • Fixed case CPANEL-8042: Have Dovecot give a more descriptive over-quota failure message.
  • Fixed case CPANEL-8045: generate_maildirsize: don’t add email users’ quotas to main account.
  • Fixed case CPANEL-8093: Improve detection of CloudLinux for update blocker.
  • Fixed case CPANEL-8098: Fix display on unparsable JSON data in AutoSSL log.
  • Fixed case CPANEL-8099: Fix removal of cPanel AutoSSL queue entry on domain rename.
  • Fixed case CPANEL-8100: Prevent rewriting of /etc/init.d/httpd on EA4 sysV systems.
  • Fixed case CPANEL-8109: rlimits for a service will only be set when starting it.
  • Fixed case CPANEL-8115: WHM: Do not display broken HTML on the View Bandwidth interface.
  • Fixed case CPANEL-8126: Clear disk quota cache on change.
  • Fixed case CPANEL-8154: Don’t make HOMEMATCH match /home/cagefs-skeleton.

58.0.23


2016-08-19
  • Fixed case CPANEL-6436: Prevent tailwatchd from starting multiple processes.
  • Fixed case CPANEL-7540: Hide PHP & suExec Configuration for EA 4.
  • Fixed case CPANEL-7584: Updated to cpanel-perl-522-Mail-SpamAssassin-3.004001-10.cp1156.
  • Fixed case CPANEL-7698: Updated ClamAV to 0.99.2-1.cp1156.
  • Fixed case CPANEL-7708: Add directory permissions validation to bin/rebuild-templates.
  • Fixed case CPANEL-7804: Strip RPM release tags from Roundcube version numbers.
  • Fixed case CPANEL-7872: Disable mailauth quota checks if quotas are disabled.
  • Fixed case CPANEL-7932: Add mysqli and FileInfo to EA3 -> EA4 Map.
  • Fixed case CPANEL-7944: Speed up AutoSSL log render speed in browser.
  • Fixed case CPANEL-7947: Allow reconversion of maildir to mdbox without –remove-old-format.
  • Fixed case CPANEL-7950: Update cpanel-roundcubemail to 1.1.4-7.cp1158.
  • Fixed case CPANEL-7953: Avoid batching recipients not in a visible header.
  • Fixed case CPANEL-7958: Update cpanel-mailman to 2.1.21-14.cp1158.
  • Fixed case CPANEL-7971: Handle legacy filter destinations with an extra leading dot in the domain.
  • Fixed case CPANEL-8001: Ensure main domain is synced to cluster on restore.
  • Fixed case CPANEL-8002: Add unsupported MySQL version banner to home and other WHM pages.
  • Fixed case CPANEL-8004: Update cpanel-git to 2.9.3-1.cp1158.
  • Fixed case CPANEL-8034: WHM: Improve ‘Unsupported MySQL’ warning.
  • Fixed case CPANEL-8046: Search is visible in PHP Extensions & Modules step.
  • Fixed case CPANEL-8106: WHM: Ensure the ‘Unsupported MySQL version’ warning only appears for root users.
  • Implemented case CPANEL-8031: Accommodate Amazon Linux’s versioning in Let’s Encrypt installer.

58.0.20


2016-08-11
  • Fixed case CPANEL-7823: Fix the is_upcp_running() check in chkservd.
  • Fixed case CPANEL-7832: New setting to enable counting Trash against the users mail quota.
  • Fixed case CPANEL-7845: Give a “nice” error message on local root mail delivery.
  • Fixed case CPANEL-7892: Install an SSL Cert: don’t break UI if cert data missing.
  • Fixed case CPANEL-7911: Update cpanel-mailman to 2.1.21-13.cp1158.
  • Fixed case CPANEL-7915: Adjust wording of LogLevel in Apache Tweak Setting.
  • Fixed case CPANEL-7924: Remove unused spf_bl Exim ACL.
  • Fixed case CPANEL-7930: Fix parsing of blocker file.
  • Fixed case CPANEL-7931: Remove old lock for /etc/mtab.
  • Implemented case CPANEL-7922: Add migration hooks to EA4 migration script.

58.0.19


2016-08-09
  • Fixed case CPANEL-7418: Fixed error page when attempting to reset password for ‘root’.
  • Fixed case CPANEL-7486: Set cpanel service to have a KillMode=process.
  • Fixed case CPANEL-7827: Add extfilter and diskcache to EA3 -> EA4 Map.
  • Fixed case CPANEL-7838: Avoid leaving lock files when reading /etc/mtab.
  • Fixed case CPANEL-7858: Hardcode suexec patch version to 2.0 when cloudlinux is detected.
  • Fixed case CPANEL-7894: Allow forwarders to go through even if a user is over quota.
  • Fixed case CPANEL-7896: Add fallback to reading /etc/fstab if /dev/root is a broken symlink.

58.0.17


2016-08-08
  • Fixed case CPANEL-7566: Purge the quota cache when quotas are updated for an account.
  • Fixed case CPANEL-7677: Don’t replace an expiring cert with another expiring cert.
  • Fixed case CPANEL-7684: Send STDOUT and STDERR to error_log from autossl_check when non-TTY.
  • Fixed case CPANEL-7779: Make process_min_avail and client_limit adjustable for LMTP.
  • Fixed case CPANEL-7805: Modify whostmgr10 to correctly handle multiline update blockers.
  • Fixed case CPANEL-7821: Replace non-LMTP Dovecot configs in builddovecotconf.
  • Fixed case CPANEL-7824: check_security_advice_changes: don’t warn if nothing’s wrong.
  • Fixed case CPANEL-7828: Recalculate the dovecot quota when running generate_maildirsize.
  • Fixed case CPANEL-7829: Increase memory limits when converting to dovecot delivery on 64bit systems.
  • Fixed case CPANEL-7830: Corrected mailperms applied by /scripts/fixvaliases.
  • Fixed case CPANEL-7835: Split dovecot lastlogin tracking into a seperate sqlite db.
  • Fixed case CPANEL-7836: Update the cPanel AutoSSL queue on account rename or deletion.
  • Fixed case CPANEL-7850: Pass Return-Path and Delivered-To to dovecot LMTP.
  • Fixed case CPANEL-7856: Have admins adjust LMTP’s process_limit, not client_limit.
  • Fixed case CPANEL-7857: Ensure systems with dovecot delivery meet min required memory limits.
  • Fixed case CPANEL-7859: Clear dovecot-quota cache files after quota resync.
  • Fixed case CPANEL-7875: Update Cpanel::CORE::Dependencies to version 1.6.
  • Implemented case CPANEL-7579: Small AutoSSL text and usability improvements.
  • Implemented case CPANEL-7816: Scripts to install and uninstall the Let’s Encrypt AutoSSL provider.

58.0.13


2016-08-04
  • Fixed case CPANEL-6604: cpsrvd: avoid segfaults when running webmail.
  • Fixed case CPANEL-7594: Resolve /proc/mounts symlink when fixing missing /dev/root.
  • Fixed case CPANEL-7630: Prevent wildcard (*) subdomain from creating dotted docroot.
  • Fixed case CPANEL-7645: Wrap individual cPAddon install require’s in evals.
  • Fixed case CPANEL-7659: Preserve ea3’s PHP handler when migrating to ea4.
  • Fixed case CPANEL-7671: Add explicit PHP info to php version check and tech preview verbiage.
  • Fixed case CPANEL-7676: Improved error handling for autossl_check_cpstore_queue.
  • Fixed case CPANEL-7707: Suppress warnings when certificate polling fails without a status code.
  • Fixed case CPANEL-7732: modifyacct: Update maildir symlinks for subdomains.
  • Fixed case CPANEL-7819: Prevent spurious service down notifications.

58.0.12


2016-07-29
  • Fixed case CPANEL-7729: Ensure the proper reason is displayed when domain validation fails.
  • Fixed case CPANEL-7756: Fix mailman suexec version update blocker on EA4 hosts.
  • Implemented case CPANEL-7723: Prevent multiple copies of tailwatchd from being started.
  • Implemented case CPANEL-7724: Added API and interface for altering OAuth Button Styles.

58.0.11


2016-07-28
  • Fixed case CPANEL-7115: apitool: allow passing multiple of the same parameter.
  • Fixed case CPANEL-7492: Remove mailman RPM permissions & ownership modifications in cP scripts.
  • Fixed case CPANEL-7523: Suppressed display of EA3 unless system is EA3 or was EA3.
  • Fixed case CPANEL-7637: Restore argument parsing in cPanel APIs with apitool.
  • Fixed case CPANEL-7644: Update cpanel-roundcubemail to 1.1.4-6.cp1158.
  • Fixed case CPANEL-7652: Fixed tabs in mailbox converter that were causing logout.
  • Fixed case CPANEL-7659: Preserve ea3’s PHP handler when migrating to ea4.
  • Fixed case CPANEL-7678: Update cpanel-perl-522 to 5.22.1-10.cp1156.
  • Fixed case CPANEL-7680: Upgrading mysql to MariaDB 10.1 removes roundcube RPM.
  • Fixed case CPANEL-7685: Missing dovecot-quota files are not properly regenerated with maildir.
  • Fixed case CPANEL-7705: linksubemailtomainacct must skip users with mdbox.
  • Fixed case CPANEL-7712: Remove unused debugging information.
  • Fixed case CPANEL-7715: updatenow: avoid failed upgrade due to undefined function.
  • Fixed case CPANEL-7718: apitool: properly URI decode arguments for cPanel APIs.
  • Fixed case CPANEL-7736: Update cpanel-mailman to 2.1.21-12.cp1158.

58.0.8


2016-07-26
  • Fixed case CPANEL-3478: restorepkg: handle mbx to mailbox conversion correctly.
  • Fixed case CPANEL-5908: Repackage X::MarketDisabled for frontend consumption.
  • Fixed case CPANEL-7481: Make vhost SSL checks ignore “*.” subdomains.
  • Fixed case CPANEL-7549: Fix password validation for slow connections.
  • Fixed case CPANEL-7555: Update cpanel-perl-522-munin to 2.0.25-5.cp1158.
  • Fixed case CPANEL-7619: Preserve EA 3’s PHP as the default PHP when migrating to EA 4.
  • Fixed case CPANEL-7624: EA4 Profiles page is re-designed.
  • Fixed case CPANEL-7669: PwCache must reset pwcache_inited when clearing the cache.
  • Implemented case CPANEL-7613: Temporary Tweak Setting to enable security advisor notices.

58.0.7


2016-07-19
  • Fixed case CPANEL-6749: Update cpanel-mailman to 2.1.21-11.cp1158.
  • Fixed case CPANEL-7462: Added basic sanity check for broken repos during migration.
  • Fixed case CPANEL-7538: Generate_maildirsize: add missing module.
  • Fixed case CPANEL-7541: Paper Lantern: Remove extraneous semicolon from Setup Mail Client page.
  • Fixed case CPANEL-7542: Paper Lantern: Ensure notices have icons on the Mail Authentication page.
  • Fixed case CPANEL-7545: Update cpanel-git to 2.9.2-1.cp1158.

58.0.6


2016-07-19
  • Fixed case CPANEL-6338: Implemented work around for broken /dev/root symlink during quotacheck.
  • Fixed case CPANEL-7294: Improve description of the quota-handling option in the Dovecot config UI.
  • Fixed case CPANEL-7485: Ensure Fileman::getdiskinfo properly indicates unlimited quota.
  • Fixed case CPANEL-7522: Ensure an aborted yum setup does not leave the repo broken.
  • Fixed case CPANEL-7527: Provide more useful DCV error reporting.
  • Fixed case CPANEL-7535: Trap errors from cPanel AutoSSL provider so the whole batch runs.
  • Implemented case CPANEL-7534: Add exit codes to migrate script per CloudLinux.

58.0.5


2016-07-19
  • Fixed case CPANEL-4731: Update git to version 2.9.1.
  • Fixed case CPANEL-7031: Invalidate quota cache when modified.
  • Fixed case CPANEL-7036: Select All Directive now properly displays the number of items.
  • Fixed case CPANEL-7111: Show notification when no package to display in EA4.
  • Fixed case CPANEL-7357: Paper Lantern: Prevent long redirects from breaking the Redirects page layout.
  • Fixed case CPANEL-7385: Remove Roundcube custom installer mechanism.
  • Fixed case CPANEL-7450: WHM: Fixed sorting by expiration date on the Manage SSL Hosts page.
  • Fixed case CPANEL-7454: Fallback to RtNetlink if if_list fails.
  • Fixed case CPANEL-7504: Support CL EA4 migrate script revert.
  • Fixed case CPANEL-7509: Fix incorrect blocker error message on CentOS 5.
  • Fixed case CPANEL-7516: Ensure CL & EA4 repo are not left in EA4 Migration.
  • Fixed case CPANEL-7525: Disable phpextensionmgr in EA4.

58.0.4


2016-07-18
  • [security] Fixed case SEC-130: Apache logfiles start with loose permissions.
  • [security] Fixed case SEC-133: WHM ‘Purchase and Install an SSL Certificate’ page lists all server domains.
  • [security] Fixed case SEC-134: File ownership change to ‘nobody’ via rearrangeacct.
  • [security] Fixed case SEC-137: Set the pear tmp directory during php install.
  • [security] Fixed case SEC-138: Demo mode breakout via Site Templates and Boxtrapper API calls.
  • [security] Fixed case SEC-139: Improper session handling for shared users.
  • [security] Fixed case SEC-142: Code execution as other user accounts through the PHP CGI handler.

58.0.3


2016-07-11
  • Fixed case CPANEL-7310: Update exim to 4.87-6.cp1156.
  • Fixed case CPANEL-7329: Market Provider Manager: improve visual of programmatic tab change.
  • Fixed case CPANEL-7351: Avoid calling undefined subroutine on email account error.
  • Fixed case CPANEL-7356: Have migrate script call CloudLinux migrate wrapper script when needed.
  • Fixed case CPANEL-7356: Use SSL aware HTTP client in migration script.
  • Fixed case CPANEL-7370: Add PHP rebuild warning to EA4 Migration.
  • Fixed case CPANEL-7388: Fixed accessing a Cpanel account’s phpmyadmin page from root or reseller.
  • Fixed case CPANEL-7391: Make dovecot a part of the exim target.
  • Fixed case CPANEL-7411: Remove chkservd file for apache_php_fpm.
  • Fixed case CPANEL-7427: Remove EA4 Migration UI from WHM.
  • Fixed case CPANEL-7436: Disabling dovecot and upgrading to v58 breaks mail delivery.
  • Implemented case CPANEL-7393: get_available_authentication_providers is now consistent.

57.9999.116


2016-07-07
  • Fixed case CPANEL-7297: Certificate Sharing should be hidden without a dedicated IP.
  • Fixed case CPANEL-7298: create-swap: avoid warning when no swap present.
  • Fixed case CPANEL-7312: Account for newly available db engines in the db map.
  • Fixed case CPANEL-7313: On CL boxes EA4 Migration UI is hidden.
  • Fixed case CPANEL-7325: PHP Extensions are not removed anymore.
  • Fixed case CPANEL-7330: Market Provider Manager: hide spinner once tab content loads.
  • Fixed case CPANEL-7333: EA4 and YumUpdate UIs must fully daemonize.
  • Fixed case CPANEL-7363: WHM supports /etc/apache2/conf.d and /etc/apache2/conf.d/modsec.
  • Fixed case CPANEL-7366: Remove access to PHP-FPM from 58.
  • Implemented case CPANEL-7286: Error from an API-initiated AutoSSL check when AutoSSL is disabled.

57.9999.113


2016-07-05
  • Fixed case CPANEL-6760: Added features to chkservd to enable manipulating enabled and monitored status.
  • Fixed case CPANEL-7097: Defer rendering paper lantern stats until after icon groups.
  • Fixed case CPANEL-7098: Convert Addon to Account: Ensure Maildir Format is preserved upon conversion.
  • Fixed case CPANEL-7114: Fix warning output in RearrangeAccount.
  • Fixed case CPANEL-7200: Change PHPFPM if the username and/or the primary domain is changed.
  • Fixed case CPANEL-7205: Guard against code failure when Postgres DB doesn’t exist.
  • Fixed case CPANEL-7239: Fix back/forward UI issue in WHM Mailbox Converter.
  • Fixed case CPANEL-7244: Add help text to tweak settings UI to clarify that original format is retained.
  • Fixed case CPANEL-7252: Notify the user about updating the php.ini file to enable PHP PECL extensions.
  • Fixed case CPANEL-7259: The apache adminbin incorrectly returns a header for scalar items.
  • Fixed case CPANEL-7283: Prevent required services from being disabled.
  • Fixed case CPANEL-7295: Overquota is no longer rejected at smtp time.

57.9999.108


2016-06-30
  • Fixed case CPANEL-5943: Fix progress bar width issue on Transfer Tool UI.
  • Fixed case CPANEL-6179: Ensure dovecot is always installed and imap can be disabled.
  • Fixed case CPANEL-6681: Fix update_horde_config optimization check.
  • Fixed case CPANEL-6705: Add a run of the bandmin-cleanup task for sandboxes.
  • Fixed case CPANEL-6721: Provided access to /etc/alternatives in Jailshell.
  • Fixed case CPANEL-6736: Allowed deletion of mapping data for deleted PostgreSQL DB.
  • Fixed case CPANEL-6769: Prevent unlimited .floodprotect file creation for invalid users.
  • Fixed case CPANEL-6898: Bug: Was able to create users despite ‘demo mode’ in User Manager.
  • Fixed case CPANEL-6902: Message in reset password still mentions click a link that is obsolete.
  • Fixed case CPANEL-6931: Fix bugs related to removing an account or working with add/sub domains.
  • Fixed case CPANEL-6991: Fixed password change output text.
  • Fixed case CPANEL-6994: Resetpass/invitation cpsrvd handler and cgi not strict enough.
  • Fixed case CPANEL-7003: Change subdomain pools to have the correct docroot.
  • Fixed case CPANEL-7006: Add socket to data passed to AdvConfig templates.
  • Fixed case CPANEL-7018: View profile shows packages for AllPHPOption ones.
  • Fixed case CPANEL-7070: Tweak Setting entry should match description in Feature Showcase.
  • Fixed case CPANEL-7077: Disabled RequireJS timeout to allow for low bandwidth loading.
  • Fixed case CPANEL-7090: Update dovecot to 2.2.24-1.cp1158.
  • Fixed case CPANEL-7093: Resolved panel-widget content width rendering issue on home interface.
  • Fixed case CPANEL-7117: Added loading indicator to home page.
  • Fixed case CPANEL-7125: Apply publichtmlsubsonly setting at the API layer.
  • Fixed case CPANEL-7163: Mailbox conversions fail if there is no mail in the account.
  • Fixed case CPANEL-7197: Improve error handling in Cpanel::Backup::restored.
  • Fixed case CPANEL-7202: Changes to automerge.cfg.
  • Fixed case CPANEL-7220: Revert “Accounts could leave behind processes after termination.”.
  • Implemented case CPANEL-7099: Prevent reflow on AutoSSL page when next-run time loads.
  • Implemented case CPANEL-7112: Post-harvest string fix.
  • Implemented case CPANEL-7112: Harvested strings for v56 and v58.

57.9999.105


2016-06-27
  • Fixed case CPANEL-5076: Switch Exim’s “quotadiscard” to Dovecot’s “quota_full_tempfail”.
  • Fixed case CPANEL-5869: Added AgoraCart to the cpaddons blacklist.
  • Fixed case CPANEL-5913: Update cpanel-perl-522-munin to 2.0.25-3.cp1158.
  • Fixed case CPANEL-6101: Convert phpMyAdmin to RPM.
  • Fixed case CPANEL-6101: Update cpanel-phpmyadmin to use noarch.
  • Fixed case CPANEL-6774: Have Cpanel::PHPFPM make sure the services start on reboot.
  • Fixed case CPANEL-6825: Add boxtrapper log msg when adding to list or delivering.
  • Fixed cases CPANEL-6836, CPANEL-6886: Navigation links appear only in cutomize mode.
  • Fixed case CPANEL-6856: Improve the display of min pw strength in the security policy page.
  • Fixed case CPANEL-6856: Only prompt once for password modification from Security Policy.
  • Fixed case CPANEL-6867: Fix new password validation for invites and resets.
  • Fixed case CPANEL-6872: Change chdir for php-fpm daemons to user’s home directory.
  • Fixed case CPANEL-6881: Improve validation for Subaccount invites.
  • Fixed case CPANEL-6893: Fix space issue on RLimitMEM Settings page.
  • Fixed case CPANEL-6906: Make setupmailserver ensure that the dovecot config directory exists.
  • Fixed case CPANEL-6911: Log message if DNS lookup failure for clustermaster.
  • [security] Fixed case CPANEL-6923: Avoid newline injection via LOC records.
  • Fixed case CPANEL-6943: Improve Bandmin cleanup logic in installer.
  • Fixed case CPANEL-6944: Update text on EasyApache 4 not available page.
  • Fixed case CPANEL-6947: Done button on EA4Migration will reload the WHM frameset.
  • Fixed case CPANEL-6959: Set rlimit to unlimited for ea4 related background processes.
  • Fixed case CPANEL-6973: Update cpanel-php56-horde to 5.2.10-4.cp1158.
  • Fixed case CPANEL-6975: /etc/userdomains can become empty if / is disk full.
  • Fixed case CPANEL-6986: Restored drag and drop group ordering in the application list.
  • Fixed case CPANEL-6996: Improve error reporting in “Manage Users” AutoSSL UI.
  • Fixed case CPANEL-6998: Have web vhost SSL check indicate missing/empty certificates.
  • Fixed case CPANEL-6999: Adjusted window width rules for padding of general statistics sections.
  • Fixed case CPANEL-7000: Removed Feature Showcase from cPanel home page.
  • Fixed case CPANEL-7002: Fixed order of parens and username/domain in account switcher for RTL.
  • Fixed case CPANEL-7011: Stats bar should not show FTP if FTP service is disabled.
  • Fixed case CPANEL-7035: Resolve iOS Safari compatiblity issues.
  • Fixed case CPANEL-7043: Update cpanel-mailman in rpm.versions.
  • Fixed case CPANEL-7045: Fixed progress bar width/fill for IE10.
  • Fixed case CPANEL-7064: Provision link is removed for wizard steps.
  • Fixed case CPANEL-7074: Wait 8 days to expire AutoSSL requests from the cPanel provider.
  • Fixed case HB-1682: Updated restart code for PHPFPM to use restartsrv system.
  • Fixed case HB-1683: Changed default for PHP-FPM workers to run as the user rather than nobody.
  • Implemented case CPANEL-6873: Fix the maketext calls to translatable and makevar.
  • Implemented case CPANEL-7005: Created an API to get user feature settings.
  • Implemented case CPANEL-7050: Add in-progress and username metadata to AutoSSL logs.
  • Implemented case CPANEL-7072: Ensure subaccount symlinks are added/removed on maildir/mdbox convert.
  • Implemented case CPANEL-7119: AutoSSL ManageUsers UI Improvments and API Bug Fixes.
  • Implemented case CPANEL-7128: Prevent iOS from unexpectedly opening in new windows.
  • Implemented case CPANEL-7137: Cpanel::SysAccounts only partially clears the pwcache.

57.9999.101


2016-06-20
  • Fixed case CPANEL-6281: Make builddovecotconf move invalid template files.
  • Fixed case CPANEL-6334: Use the cPanel pg_restore to restore databases.
  • Fixed case CPANEL-6633: Remove legacy mailserver selection areas.
  • Fixed case CPANEL-6654: Avoid warnings when running updatenow.static.
  • Fixed case CPANEL-6739: Improve the error message when the original ip is unavailable.
  • Fixed case CPANEL-6743: Fix failures when adding FPM to accounts.
  • Fixed case CPANEL-6758: Paper Lantern: Display success message upon password update.
  • Fixed case CPANEL-6782: Fix Apache Global Configuration spacing between option names and inputs.
  • Fixed case CPANEL-6783: Updated paths for sockets and log files for Apache PHP-FPM.
  • Fixed case CPANEL-6786: Do not incorrectly alter PEAR configuration on EasyApache 4 servers.
  • Fixed case CPANEL-6787: Reduce memory consumption for resetpass.cgi.
  • Fixed case CPANEL-6797: Make email account suspensions clear the authn cache.
  • Fixed case CPANEL-6801: Prune invalid dbusers from DB map.
  • Fixed case CPANEL-6807: Avoid panicking when downloading email setup scripts.
  • Fixed case CPANEL-6809: Fixed breadcrumbs after submit of ‘Add an A Entry for your Hostname’.
  • Fixed case CPANEL-6816: WHM: Fix browser console error on Exim Configuration Manager.
  • Fixed case CPANEL-6818: Fix changelog rendering for development versions.
  • Fixed case CPANEL-6821: Remove account, set to kill sessions before killing processes.
  • Fixed case CPANEL-6824: Fixed backup cfg messages and invalid output format.
  • Fixed case CPANEL-6829: Convert Addon to Account: Normalize the DB creation process.
  • Fixed case CPANEL-6830: Disallow certain PECL modules when using Mod Ruid2 on EasyApache 4 systems.
  • Fixed case CPANEL-6838: Update password strength link to use go.cpanel.net.
  • Fixed case CPANEL-6844: Fix of tweaksettings radio buttons alignment.
  • Fixed case CPANEL-6847: Removed inline style to resolve text flow breakage.
  • Fixed case CPANEL-6854: Convert Addon: Allow the ESC key to clear the filter.
  • Fixed case CPANEL-6862: Avoiding disk usage being converted to MBs twice.
  • Fixed case CPANEL-6863: Paper Lantern: Warn the user if the password is too weak on submit.
  • Fixed case CPANEL-6870: Update cpanel-git to 2.9.0-1.cp1156.
  • Fixed case CPANEL-6874: Paper Lantern: Verify access to the Two Factor Authentication interface.
  • Fixed case CPANEL-6894: WHM: Update ‘RLimitMEM’ documentation links to use go.cpanel.net.
  • Fixed case CPANEL-6895: Suppress spurious error if acl_outgoing_spam_scan is missing.
  • Fixed case CPANEL-6899: WHM: Validate MySQL user when changing MySQL user password.
  • Fixed case CPANEL-6912: Fixed being able to switch back to Per Account MySQL backups.
  • Fixed case CPANEL-6913: Convert Addon to Account: Preserve ownership for non-self owned resellers.
  • Fixed case CPANEL-6920: Greylisting: Remove service from chksrvd’s monitored list when disabled.
  • Fixed case CPANEL-6925: Restrict get_disabled_users_features to root.
  • Fixed case CPANEL-6938: whostmgr12 shows as 11 instead of 12.
  • Fixed case CPANEL-6945: Add breadcrumbs to EA4 Migration Tool.
  • Fixed case CPANEL-6946: Update EA4 UI and migration verbiage to reflect ea4’s state in 11.58.
  • Fixed case CPANEL-6964: The dovecot cache needs to be purged on password change.
  • Fixed case CPANEL-6981: The Modsecurity Tools interface now displays rules while using EasyApache 4.
  • Implemented case CPANEL-6796: Lighten several modules with submodules of Cpanel::Autodie.
  • Implemented case CPANEL-6861: Subsequent calls to connect_cphulkd in the same child always fail.
  • Implemented case CPANEL-6882: Prevent getpwnam from being polluted by fetch_pwcache.
  • Implemented case CPANEL-6890: Ensure the dovecot cache is reset on quota change.
  • Implemented case CPANEL-6937: Clarify workflow of mailbox conversion UI.

57.9999.95


2016-06-14
  • Fixed case CPANEL-1628: Clarify “Allow users to install SSL Hosts” tweak setting.
  • Fixed case CPANEL-3433: Disallow enabling Jail Apache with ruid2 when suphp is enabled.
  • Fixed case CPANEL-3898: Paper Lantern: Redirect users to the login page after password change.
  • Fixed case CPANEL-5018: Updated JS validation for MySQL database names.
  • Fixed case CPANEL-5200: Make sure taskrun task exceptions trigger a notification.
  • Fixed case CPANEL-5250: Plugin installation with spaces in feature.
  • Fixed case CPANEL-5714: Review Transfers should survive hostname changes.
  • Fixed case CPANEL-5759: Accounts could leave behind processes after termination.
  • Fixed case CPANEL-5848: Improve ftpquotacheck output.
  • Fixed case CPANEL-5907: Remove httpd.service from cPanel & add to EA3/EA4.
  • Fixed case CPANEL-5963: During migration, prompt w/ details when ea3 PHP version isn’t in ea4.
  • Fixed case CPANEL-5984: Find PHP version as part of EA 4 migration.
  • Fixed case CPANEL-6030: Update MySQL56 to 5.6.31-2.cp1156.
  • Fixed case CPANEL-6138: Remove redundent code from Yum Update page.
  • Fixed case CPANEL-6167: Fix database name handling for Roundcube.
  • Fixed case CPANEL-6193: initquotas fails if the disk label cannot be resolved by mount.
  • Fixed case CPANEL-6219: Ensure that SPF is always available in SpamAssassin.
  • Fixed case CPANEL-6274: Cpanel::CPAN::Maketext::Locale needlessly imports utf8.
  • Fixed case CPANEL-6431: Ensure subdomains of the maindomain get updated on IP change.
  • Fixed case CPANEL-6448: Ensure the cPanel bandwidth cache directory exists.
  • Fixed case CPANEL-6520: Fix scripts/resetquotas.
  • Fixed case CPANEL-6535: Paper Lantern: Ensure the table on the Visitors page is scrollable.
  • Fixed case CPANEL-6545: Don’t attempt to install CDB_File by default.
  • Fixed case CPANEL-6569: Report missing IP when restoring account.
  • Fixed case CPANEL-6587: Update database index when creating a MySQL database.
  • Fixed case CPANEL-6595: Speed up update_horde_config –create-defaults.
  • Fixed case CPANEL-6601: Fix fetchnameservers for invalid TLDs.
  • Fixed case CPANEL-6602: Avoid fatal error in Feature Showcase.
  • Fixed case CPANEL-6609: Update cpanel-git to 2.8.4-1.cp1156.
  • Fixed case CPANEL-6621: Update backup config when setting remote MySQL.
  • Fixed case CPANEL-6625: Reset Password not sending emails when notification disabled.
  • Fixed case CPANEL-6628: Disable web browser password autofill.
  • Fixed case CPANEL-6631: Catch quotaoff corner cases with pkgacct & XFS.
  • Fixed case CPANEL-6652: Properly set up firewall on CentOS 7 without firewalld.
  • Fixed case CPANEL-6657: Don’t create cpuser files for system users.
  • Fixed case CPANEL-6660: Prevent the PHP-FPM handler from showing.
  • Fixed case CPANEL-6662: FPM Master Processes were not always restarted correctly.
  • Fixed case CPANEL-6670: Make sure FPM is removed on account/subdomain/addon domain removal.
  • Fixed case CPANEL-6672: Do not check for cpsrvd and cpdavd in AdvConfig.
  • Fixed case CPANEL-6676: WHM: Ensure legacy stylesheets are loaded on “cPanel Web Disk Configuration” UI.
  • Fixed case CPANEL-6684: Apache configuration UI Update.
  • Fixed case CPANEL-6686: Update cpanel-php56-horde to 5.2.10-3.cp1158.
  • Fixed case CPANEL-6693: Update cpanel-php56-webmail to 5.2.14-1.cp1158.
  • Fixed case CPANEL-6693: Update cpanel-php56-Horde-Mime to 2.9.5-1.cp1158.
  • Fixed case CPANEL-6693: Update cpanel-php56-turba to 4.2.14-1.cp1158.
  • Fixed case CPANEL-6694: Update cpanel-php56-nag to 4.2.9-2.cp1158.
  • Fixed case CPANEL-6695: Make buildeximconf not always modify SpamAssassin’s init.pre.
  • Fixed case CPANEL-6697: Inform admins that scope of publichtmlsubsonly now includes the UI.
  • Fixed case CPANEL-6698: Ensure overquota does not prevent fetching quota.
  • Fixed case CPANEL-6719: Improve error messages on invite failuer.
  • Fixed case CPANEL-6720: Automerge.cfg: Update ZeroCool team members.
  • Fixed case CPANEL-6733: WHM: Ensure EasyApache 4 is detected properly when managing PHP PECL.
  • Fixed case CPANEL-6748: Update IP to country database.
  • Fixed case CPANEL-6753: pkgacct: Ensure that ‘null char’ exclude rules are handled properly.
  • Fixed case CPANEL-6848: Fix undefined subroutine error in dovecot sync.
  • Fixed case CPANEL-6855: Fix cpdavd login issue.
  • Implemented case CPANEL-4893: Allow removal of UID/GID from the tracking database.
  • Implemented case CPANEL-6484: Cpanel::Output::Multi indent changes need to propagate to its objects.
  • Implemented case CPANEL-6523: Use SQLite WAL mode on Cent7 for dovecot and always for transfers.
  • Implemented case CPANEL-6568: Fix scripts/pkgacct timestamp output.
  • Implemented case CPANEL-6588: Initial stage of AutoSSL project.
  • Implemented case CPANEL-6598: MailboxConversion Transfer System module.
  • Implemented case CPANEL-6632: Install Cloudlinux’s EA4 during cPanel initial install on CL machines.
  • Implemented case CPANEL-6635: Fix inverted arguments to sql downgrade warning in transfer tool.
  • Implemented case CPANEL-6638: Remove Bandmin from the product.
  • Implemented case CPANEL-6646: Added a new API to allow you to fetch a list of users disabled features.
  • Implemented case CPANEL-6647: Eliminate editing of mailman’s Defaults.py.
  • Implemented case CPANEL-6649: Convert Addon to Account: Create standard hook points to the conversion process.
  • Implemented case CPANEL-6650: Mailbox Conversion WHM User Interface.
  • Implemented case CPANEL-6677: Added Switch Account and Switch Theme to Home page.
  • Implemented case CPANEL-6678: Removed Dashboard interface from paper lantern.
  • Implemented case CPANEL-6688: Defer service restarts for AutoSSL while certs are being installed.
  • Implemented case CPANEL-6689: Replace custom logic in Cpanel::Time::ISO with CPAN Moment.pm.
  • Implemented case CPANEL-6700: Have AutoSSL’s UI tell the user when the next scheduled AutoSSL check is.
  • Implemented case CPANEL-6702: Tweak display of AutoSSL logs not to overflow the container.
  • Implemented case CPANEL-6703: Added support for PHP-FPM daemons in chkservd.
  • Implemented case CPANEL-6703: Added support for PHP-FPM daemons in chkservd.
  • Implemented case CPANEL-6718: Provide Apache LogLevel Adjustment in WHM.
  • Implemented case CPANEL-6725: Let the AutoSSL log reader read files for unavailable provider modules.
  • Implemented case CPANEL-6726: String fix and harvest for mailbox converter.
  • Implemented case CPANEL-6729: Supplimented AutoSSL UI to allow enable/disable on user level.
  • Implemented case CPANEL-6732: Disable angular debug mode in mailbox converter.
  • Implemented case CPANEL-6738: Improve restorepkg output formatting.
  • Implemented case CPANEL-6756: Remove dependency on “sslinstall” feature for AutoSSL.
  • Implemented case CPANEL-6770: Add loading indicators to tab views in the AutoSSL UI.
  • Implemented case CPANEL-6780: Make toggle-switch directive stop spinning on rejected promises.
  • Implemented case CPANEL-6781: Add a button to do an AutoSSL check for a single user via the UI.
  • Implemented case CPANEL-6790: Move Cpanel::Autodie::read to Cpanel::Autodie::Read::read.

57.9999.76


2016-06-07
  • Fixed case CPANEL-4183: Paper Lantern: Ensure Calendars and Contacts page is responsive.
  • Fixed case CPANEL-4353: Paper Lantern: Fixed table wrapping on the Cron Jobs interface.
  • Fixed case CPANEL-4404: WHM: Prevent validation from triggering after adding a feature list.
  • Fixed case CPANEL-4720: Fixed browser console errors in Mod Security.
  • Fixed case CPANEL-4952: Added facility for cleaning malencoded UTF8 strings.
  • Fixed case CPANEL-4971: WHM: Avoid browser ‘confirm’ and ‘alert’ prompts in Terminate an Account UI.
  • Fixed case CPANEL-5001: Fixed MySQL restores with DEFINER clause.
  • Fixed case CPANEL-5445: Adjust systemd settings for MariaDB instead of my.cnf.
  • Fixed case CPANEL-5453: Paper Lantern: Fixed warning alignment on home page with Retro style.
  • Fixed case CPANEL-5462: WHM: Improved form layout on the Quota Modification page.
  • Fixed case CPANEL-5488: Removed show all from site publisher.
  • Fixed case CPANEL-5502: Avoid iptables failure by waiting for xtables lock.
  • Fixed case CPANEL-5641: Fixed styles on the reset password page for iOS 9.3.
  • Fixed case CPANEL-5686: MySQL Upgrade: Update the ‘EasyApache upgrade in-progress’ message.
  • Fixed case CPANEL-5694: Improve support for Amazon Linux AMI.
  • Fixed case CPANEL-5695: Disallow use of system RBL names for custome RBLs.
  • Fixed case CPANEL-5735: Display important_errors in the partial backup failure notification.
  • Fixed case CPANEL-5736: Disallow entire MySQL directory backup selection for remote MySQL.
  • Fixed case CPANEL-5754: The NAT public IP for the server main ip was showing up as dedicated.
  • Fixed case CPANEL-5793: Fixed reporting of max percentage email failed per hour.
  • Fixed case CPANEL-5936: Use grub2 environment to determine default boot kernel.
  • Fixed case CPANEL-5940: Ensure saving changes is possible in Edit a Locale.
  • Fixed case CPANEL-5954: Fixed bug in cpbackup_transporter log rollover logic.
  • Fixed case CPANEL-5996: Check local IP before doing DCV preflight on NAT.
  • Fixed case CPANEL-6008: Avoid displaying services on DNSONLY if they won’t run.
  • Fixed case CPANEL-6064: Enablefileprotect: log and continue on error.
  • Fixed case CPANEL-6065: Ensure proper dependencies for ipaliases init script.
  • Fixed case CPANEL-6094: No stack trace in log for pid file warning during ftp service switch.
  • Fixed case CPANEL-6111: Ensure SSH keys can be converted to Putty format in all locales.
  • Fixed case CPANEL-6111: Ensure private SSH keys can be exported multiple times.
  • Fixed case CPANEL-6115: Fix several small bugs with the Cpanel::PageRequst module.
  • Fixed case CPANEL-6150: Fix User Manager sorting and listing.
  • Fixed case CPANEL-6181: Update PHP from version 5.4 to version 5.6.
  • Fixed case CPANEL-6183: Disable performance-schema on upgrade to MySQL 5.6.
  • Fixed case CPANEL-6196: Change account removal to use “userdel -f”.
  • Fixed case CPANEL-6202: Resolved deliver to folder bug when accessing email filters from webmail.
  • Fixed case CPANEL-6203: Webmail accounts could not trigger a security policy.
  • Fixed case CPANEL-6217: Improve performance of hostname lookups for SpamAssassin.
  • Fixed case CPANEL-6217: Fix perlcritic warnings in Cpanel::SpamAssassinSandBox.
  • Fixed case CPANEL-6218: Ensure SpamAssassin body rules get recompiled on update.
  • Fixed case CPANEL-6229: Update /var/cpanel/sysinfo.config only once daily.
  • Fixed case CPANEL-6260: Add second set of translations to cPanel.
  • Fixed case CPANEL-6282: Allow hyphens in usernames for “Grant cPanel Support Sccess”.
  • Fixed case CPANEL-6301: Fix wide character warning from /bin/uapi.
  • Fixed case CPANEL-6306: Fix setting preferred_username in link_user_authn_provider.
  • Fixed case CPANEL-6317: WHM: Ensure that quotas are detected properly.
  • Fixed case CPANEL-6331: Update p0f upstream sources to 3.09b.
  • Fixed case CPANEL-6346: Fix Firefox bug in Transfer Tool.
  • Fixed case CPANEL-6352: Update exim to 4.87-5.cp1156.
  • Fixed case CPANEL-6363: Remove append-only attribute from logfiles in Makefile.
  • Fixed case CPANEL-6367: Bug fix: Multiphp Manager page will not re-enable PHP FPM settings.
  • Fixed case CPANEL-6371: Ensure cpservice reports status correctly in non-English locales.
  • Fixed case CPANEL-6374: Make php downgrade on sandboxes work with make sandbox.
  • Fixed case CPANEL-6376: Fixed minor issues with reset password and invite session cleanup.
  • Fixed case CPANEL-6382: Address caching concerns with the ‘list FTP accounts’ adminbin call.
  • Fixed case CPANEL-6383: Drop C5 support from cPanel code.
  • Fixed case CPANEL-6390: EasyApache PHPFPM now uses vhost instead of htaccess.
  • Fixed case CPANEL-6394: Correct error message in updatenow to specify we support 64 not 32 bit kernels.
  • Fixed case CPANEL-6395: Fix include discrepancies in the cPanel code base.
  • Fixed case CPANEL-6395: Add build-tools/find_binary_unloadable_modules.
  • Fixed case CPANEL-6395: Provide cplint utility to find include discrepancies.
  • Fixed case CPANEL-6397: Test amazon package changes on RHEL compatibility version 5, not version 2015.
  • Fixed case CPANEL-6404: Do not install mailman on dnsonly.
  • Fixed case CPANEL-6408: The docroot cache cannot handle multiple users.
  • Fixed case CPANEL-6410: Reduce memory bloat of exim.pl.local.
  • Fixed case CPANEL-6412: Restore loadcpuserfile caching functionality.
  • Fixed case CPANEL-6419: Remove scripts/patcheximconf.
  • Fixed case CPANEL-6428: Remove patchposixtypes, patchtypes, and patchtypesizes.
  • Fixed case CPANEL-6428: Remove pingtest.
  • Fixed case CPANEL-6430: Address existing IncludeDiscrepancies issues hit by ec1fddf.
  • Fixed case CPANEL-6430: Various ea4-installed-by-default improvements and fixes.
  • Fixed case CPANEL-6431: Ensure subdomains of the maindomain get updated on IP change.
  • Fixed case CPANEL-6432: WHM: Ensure you can select a staging dir from the Available Partitions list.
  • Fixed case CPANEL-6442: Dramatically improve the performance of the recursive dns resolver.
  • Fixed case CPANEL-6448: Ensure the cPanel bandwidth cache directory exists.
  • Fixed case CPANEL-6462: Update cpanel-mailman to 2.1.21-6.cp1158.
  • Fixed case CPANEL-6463: Update cpanel-roundcubemail to 1.1.4-5.cp1158.
  • Fixed case CPANEL-6467: Updated EA4 migration script to support Amazon Linux.
  • Fixed case CPANEL-6469: Fixed tooltip can’t contain HTML markups issue in PHP FPM page.
  • Fixed case CPANEL-6471: Include Composer for PHP as an RPM.
  • Fixed case CPANEL-6472: Secure /var/cpanel/invitation directory when it is created.
  • Fixed case CPANEL-6474: Set exim to use require SSL or use STARTTLS by default on new installs.
  • Fixed case CPANEL-6475: Ensure atomic replaces can handle files with special characters.
  • Fixed case CPANEL-6477: Fix API UserManager username validation.
  • Fixed case CPANEL-6479: Improve diagnostics when auto adjusting MySQL settings.
  • Fixed case CPANEL-6480: Prevent resellers from destroying the openid link cache.
  • Fixed case CPANEL-6491: Add PHP-FPM Pool Options to the MultiPHP UI.
  • Fixed case CPANEL-6495: Remove obsolete PHP_MAJOR constant.
  • Fixed case CPANEL-6500: Remove Cpanel::AcctUtils::getdomainownerBAMP.
  • Fixed case CPANEL-6504: Implemented UI for EA4 Migration.
  • Fixed case CPANEL-6515: Update MySQL55 to 5.5.50-1.cp1156.
  • Fixed case CPANEL-6519: Update MySQL56 to 5.6.31-1.cp1156.
  • Fixed case CPANEL-6538: Ensure cpsrvd restarts on failed database resync.
  • Fixed case CPANEL-6543: Cphulkd: prevent failure when getting a SIGALRM in dormant mode.
  • Fixed case CPANEL-6544: Fix permissions on squirrelmail configuration post 11.56 upgrade.
  • Fixed case CPANEL-6552: Update default TLS ciphers to latest Mozilla recommendations.
  • Fixed case CPANEL-6554: Improved performance of stats in paper_lantern.
  • Fixed case CPANEL-6555: Fix cpanel_schema_info updating code.
  • Fixed case CPANEL-6557: Remove Cpanel::lib.
  • Fixed case CPANEL-6558: Update userdata before enabling mod_userdir tweak.
  • Fixed case CPANEL-6561: Remove old/obsolete/deprecated scripts.
  • Fixed case CPANEL-6562: Run the phpsanitycheck task during make sandbox.
  • Fixed case CPANEL-6566: Upgrade Horde to latest version.
  • Fixed case CPANEL-6578: Reset password CGI does not correct permissions on session folders.
  • Fixed case CPANEL-6594: Fixed various rpm.versions that were out of sync.
  • Implemented case CPANEL-5068: New AngularJS filter to generate numeric range for ngRepeat.
  • Implemented case CPANEL-6153: Check inodes limits when also checking block limits.
  • Implemented case CPANEL-6170: Include a stats_log preview in the stats lagging notification.
  • Implemented case CPANEL-6272: Cpanel::PIDFile needs to allow a new pid if the process is dead.
  • Implemented case CPANEL-6302: Convert rearrange to use the newer checked_reload call for FPM.
  • Implemented case CPANEL-6322: Re-factor cPanel’s MailMan into RPM, update to 2.1.21.
  • Implemented case CPANEL-6329: Ensure resellers transfer first to speed up multi account transfers.
  • Implemented case CPANEL-6353: Obsolete jQuery 1.7, jQueryUI and jQuery-UI-Themes.
  • Implemented case CPANEL-6373: Added statistics to home page in Paper Lantern.
  • Implemented case CPANEL-6381: Ensure dovecot can restart if lmtp is stuck.
  • Implemented case CPANEL-6406: Breakout DCV checks so they can be used without UAPI.
  • Implemented case CPANEL-6409: Improve performance of Cpanel::Exception.
  • Implemented case CPANEL-6411: Cleanup mdbox (if enabled) during nightly maintenance.
  • Implemented case CPANEL-6484: Cpanel::Output::Multi indent changes need to propagate to its objects.
  • Implemented case CPANEL-6494: Improved progress reporting for addon-to-account conversions.
  • Implemented case CPANEL-6514: Reduce memory required for dovecot-auth.
  • Implemented case CPANEL-6534: WHM: Update the ‘PHP’ module installers to be MultiPHP (EasyApache 4) aware.
  • Implemented case CPANEL-6572: Honor the timezone field for locale datetime calls.
  • Implemented case CPANEL-6599: Run dovecot_maintence in the background so it does not block upcp.
  • Implemented case CPANEL-6600: Disable exiscan support if /etc/exiscandisable exists.

57.9999.62


2016-05-24
  • Fixed case CPANEL-4783: Deprecate cgi-sys/scgiwrap in 11.58, advise using suexec instead.
  • Fixed case CPANEL-4790: Disable upstream version check in phpMyAdmin.
  • Fixed case CPANEL-5055: Consistently validate character counts in security questions.
  • Fixed case CPANEL-5691: Fix changing user domain from a (now) invalid one.
  • Fixed case CPANEL-5806: Tolerate missing suspend and hold mail listings.
  • Fixed case CPANEL-5946: Reuse same Horde db handle for multiple operations.
  • Fixed case CPANEL-5979: pkgacct: clean up owner-* aliases with –skipmailman.
  • Fixed case CPANEL-6009: Fix SFTP configuration file download.
  • Fixed case CPANEL-6015: Update ClamAV to 0.99.2.
  • Fixed case CPANEL-6102: Changed invite process to have a simpler workflow.
  • Fixed case CPANEL-6144: Restore rearrange account functionality as a granted privilege.
  • Fixed case CPANEL-6155: Use system copy of libxml2.
  • Fixed case CPANEL-6177: Password Reset: fix check for password strength.
  • Fixed case CPANEL-6184: Fix Exim Transfer Tool bug.
  • Fixed case CPANEL-6193: initquotas fails if the disk label cannot be resolved by mount.
  • Fixed case CPANEL-6205: Ensure ModSecurity domains can be disabled and enabled.
  • Fixed case CPANEL-6206: Move HTTP constants out of Cpanel::Server to reduce bloat in Handlers.
  • Fixed case CPANEL-6207: Speedup Cpanel::Tar by using CachedCommand.
  • Fixed case CPANEL-6209: Rename Cpanel::MailMan::DiskUsage.
  • Fixed case CPANEL-6211: Upgrade to 11.58 with php5.6 breaks zend on downgrade to 11.56.
  • Fixed case CPANEL-6220: Regenerate the cPanel PHP-FPM config during account rearrange.
  • Fixed case CPANEL-6240: Detect looping CNAME records.
  • Fixed case CPANEL-6243: Fix minor bug in invalid invocation in Cpanel::Template::Zone.
  • Fixed case CPANEL-6256: Improvements to the Easy Apache PHP-FPM system.
  • Fixed case CPANEL-6268: Avoid a segfault from Cpanel::Syscall.
  • Fixed case CPANEL-6280: Remove obsolete Cpanel::Template::Zone.
  • Fixed case CPANEL-6286: userdata_update: add missing use statements.
  • Fixed case CPANEL-6292: Update cpanel-git to 2.8.3-1.cp1156.
  • Fixed case CPANEL-6295: Update cpanel-php54 to 5.4.31-3.cp1156.
  • Fixed case CPANEL-6298: Symlink .user.ini in domain docroot to the user’s php.ini file.
  • Fixed case CPANEL-6308: SSHControl must report unknown errors and suppress tty errors.
  • Fixed case CPANEL-6323: Add Lets Encrypt OCSP servers to list that need newer openssl.
  • Fixed case CPANEL-6326: Avoid tar 1.16 – file list workaround on tar 1.15 and before.
  • Implemented case CPANEL-6026: Roundcube is now provided as an RPM.
  • Implemented case CPANEL-6120: TLS Wiz: Accommodate cases where cert is installed before “confirmed”.
  • Implemented case CPANEL-6169: Tools to convert existing mailboxes to maildir or mdbox.
  • Implemented case CPANEL-6192: Resolve forward merge of transfer session creator access.
  • Implemented case CPANEL-6252: Ensure that root ‘createacct’ API calls set a dedicated IP when required.
  • Implemented case CPANEL-6252: Ensure that the ‘list FTP accounts’ API calls only return valid FTP accounts.
  • Implemented case CPANEL-6252: Expand and improve the Convert Addon Domain to Account functionality.
  • Implemented case CPANEL-6252: Ensure that the ‘list Web Disk accounts’ API calls only return valid accounts.
  • Implemented case CPANEL-6273: Fixed TLS Wizard to work with new version of bootstrap.
  • Implemented case CPANEL-6288: Configurations.json should not be stored in the document-root.
  • Implemented case CPANEL-6307: Prevent JSON and XML api from returning HTML locale text.
  • Implemented case CPANEL-6318: Updated File Manager’s HTML Editor to work with updated libraries.
  • Implemented case CPANEL-6330: Create new mailboxes in the users format instead of the default.

57.9999.56


2016-05-18
  • Fixed case CPANEL-6134: Make pg_dump work on CentOS 5.
  • Fixed case CPANEL-6165: Resolve a deadlock when rsyncing with Interconnect.
  • Fixed case CPANEL-6182: Allow use of ea4_main.local templates with EA4.
  • Fixed case CPANEL-6189: Normalize the return values from Quota::query on XFS.
  • Fixed case CPANEL-6197: Resolve JS error on paper_lantern cron page.
  • Fixed case CPANEL-6208: Improve timeout handling when downloading files.
  • Implemented case CPANEL-6201: Support custom ea4 profile on cPanel install.

57.9999.54


2016-05-17
  • Fixed case CPANEL-5471: Make sure BIND starts after IPAliases has run (systemd).
  • Fixed case CPANEL-5490: Fix mailips scan to use sender domain when using dkim.
  • Fixed case CPANEL-5556: Use API for DNS cluster setup.
  • Fixed case CPANEL-5556: Honor security policy settings for 2FA with API calls.
  • Fixed case CPANEL-5707: Fix background pkgacct on transfer with sudo user.
  • Fixed case CPANEL-5726: Restart dnsadmin after update to 11.56.
  • Fixed case CPANEL-5750: Properly detect nameservers in NAT mode.
  • Fixed case CPANEL-5771: Remove mention of perl magic user loader if not activated.
  • Fixed case CPANEL-5819: Don’t use passwd cache when performing NSCD check.
  • Fixed case CPANEL-6003: Have pkg resolution parser handle single and double line pkg entries.
  • Fixed case CPANEL-6038: Don’t complain about permissions of crontab binary.
  • Fixed case CPANEL-6038: Fix check for proper crontab permissions.
  • Fixed case CPANEL-6041: Avoid OCSP calls to ocsp2.globalsign.com if openssl is too old.
  • Fixed case CPANEL-6052: Missing use statement creating suspend account errors.
  • Fixed case CPANEL-6053: Security Advisor should only trigger iContact for WARN or higher.
  • Fixed case CPANEL-6054: Ensure crontab_perms checks the system crontab binary.
  • Fixed case CPANEL-6073: Revert SHA-1 certificates weakness check until Dec 28th 2016Z.
  • Fixed case CPANEL-6089: Update pure-ftpd to 1.0.42-5.cp1156.
  • Fixed case CPANEL-6095: Cpanel::DnsRoots::Resolver fails if nat loopback is not enabled.
  • Fixed case CPANEL-6104: Webmail contact info page not loading for email users.
  • Fixed case CPANEL-6105: Update for B::C to address utf8_heavy issues.
  • Fixed case CPANEL-6107: Update cpanel-perl-522-CryptX to 0.034-1.cp.
  • Fixed case CPANEL-6107: Update cpanel-perl-522-CryptX to 0.034-1.cp1156.
  • Fixed case CPANEL-6114: HttpRequest: don’t time out unless we stop making progress.
  • Fixed case CPANEL-6116: Always add new accounts to backup.
  • Fixed case CPANEL-6124: Improve performance of _get_cpconf in the default template plugin.
  • Fixed case CPANEL-6135: Avoid account removal failure when PHP-FPM is disabled.
  • Fixed case CPANEL-6141: Remove unused module from Cpanel::DB::Prefix.
  • Fixed case CPANEL-6145: Subdomain Redirection: Avoid overencoding URLs.
  • Fixed case CPANEL-6152: WHM: Ensure FTP configurations can be saved.
  • Fixed case CPANEL-6164: Fix redirect failure with /cpanel URLs.
  • Fixed case CPANEL-6180: Set all logfiles passed to unpriviledged subprocesses to append-only.
  • Fixed case CPANEL-6186: Fixed border width changes on hover in paper_lantern email accounts.
  • Fixed case CPANEL-6190: Cpanel::Autodie::Readlink must be perl 5.8 safe for upcp.static.
  • [security] Fixed case SEC-58: SQLite journal allowed for arbitrary file overwrite during Horde Restore.
  • [security] Fixed case SEC-109: Demo account arbitrary code execution via ajax_maketext_syntax_util.pl.
  • [security] Fixed case SEC-110: Self XSS Vulnerability in Paper Lantern Landing Page.
  • [security] Fixed case SEC-112: Limited denial of service via /scripts/killpvhost.
  • [security] Fixed case SEC-113: /scripts/addpop and /scripts/delpop exposed TTY’s.
  • [security] Fixed case SEC-114: /scripts/checkinfopages exposed TTY to unprivileged process.
  • [security] Fixed case SEC-115: /scripts/maildir_converter exposed TTY to unprivileged process.
  • [security] Fixed case SEC-116: /scripts/unsuspendacct exposed TTY’s.
  • [security] Fixed case SEC-117: /scripts/enablefileprotect exposed TTY’s.
  • [security] Fixed case SEC-118: Self-XSS in ftp account creation under addon domains.
  • [security] Fixed case SEC-119: Demo restriction breakout via show_template.stor.
  • [security] Fixed case SEC-120: Arbitrary file read for Webmail accounts via Branding APIs.
  • [security] Fixed case SEC-121: Webmail account arbitrary code execution through forwarders.
  • [security] Fixed case SEC-123: SQL Injection via ModSecurity TailWatch log file.
  • [security] Fixed case SEC-124: Logfile permissions not set correctly in dnsadmin-startup and spamd-startup.
  • [security] Fixed case SEC-125: User log files become world-readable when rotated by cpanellogd.
  • Implemented case CPANEL-5764: Site Publisher should retain a copy of the original document root.
  • Implemented case CPANEL-6005: Communicate “order not found” from cP Market to UI.
  • Implemented case CPANEL-6043: Automatically restart cpanel_php_fpm if the reload fails.
  • Implemented case CPANEL-6062: Optimize account creation and paper_lantern stats.
  • Implemented case CPANEL-6078: Added a catch for undefined steps to prevent getting stuck at checkout.
  • Implemented case CPANEL-6080: Update tooltip in TLS Wiz for DNS -> DCV change.
  • Implemented case CPANEL-6084: Send a notification when dovecot hits its memory limit.
  • Implemented case CPANEL-6086: WHMAPI1 calls for setting and getting event importance.
  • Implemented case CPANEL-6097: ‘code’ parameter now clears on redirect to wizard.
  • Implemented case CPANEL-6108: Preemptive changes to support new AutoSSL framework.
  • Implemented case CPANEL-6154: Verify cpanel_php_fpm is enabled before reload during account remove.

57.9999.48


2016-05-12
  • Fixed case CPANEL-202: Fixed “List Accounts” search on and sort by IPs.
  • Fixed case CPANEL-325: Updated user help text in WHM’s Branding interface.
  • Fixed case CPANEL-361: Ignore cagefs mounts in disk usage statistics.
  • Fixed case CPANEL-2099: Make appropriate attributes in custom generated plugins translatable.
  • Fixed case CPANEL-2566: Greylisting: Save the Common Mail Provider hosts in a Exim-parsable file.
  • Fixed case CPANEL-2566: Exim: Integrate Greylisting Trusted Hosts and Common Mail Providers.
  • Fixed case CPANEL-2770: Fixed setting the timezone in cpsrvd.
  • Fixed case CPANEL-3100: Simplify translated JavaScript cleanup on customer systems.
  • Fixed case CPANEL-3557: Disallow modification of domain if it exists in cluster.
  • Fixed case CPANEL-3883: RemoteMySQL: Check the version of MySQL as part of the validation process.
  • Fixed case CPANEL-4244: WHM: Verify account’s package settings properly when modifying an account.
  • Fixed case CPANEL-4418: Changing main domain fixed to update Horde “from” address.
  • Fixed case CPANEL-4456: Fixed Mail Only feature list ability to enable non-default features.
  • Fixed case CPANEL-4500: Fix greylisting to sanitize non-standard IPs reported by some hosts.
  • Fixed case CPANEL-4644: Set proper Cache-Control headers for responses.
  • Fixed case CPANEL-4662: Clean up perlcritic warnings in Cpanel.
  • Fixed case CPANEL-4662: Ensure the CONF value in templates loads data properly.
  • Fixed case CPANEL-4662: Remove unused function in Cpanel.
  • Fixed case CPANEL-4685: Block outgoing spam scan if SpamAssassin is disabled.
  • Fixed case CPANEL-4686: Update exim to 4.87-4.cp1156.
  • Fixed case CPANEL-4698: Improve algorithm for detection of subdomains.
  • Fixed case CPANEL-4701: Fix adding LOC DNS records through WHM API.
  • Fixed case CPANEL-4717: Remove unneeded migration code.
  • Fixed case CPANEL-4756: Add port 587 to firewall rules.
  • Fixed case CPANEL-4757: Update cpanel-libspf2 to 1.2.10-3.cp1136.
  • Fixed case CPANEL-4763: Create a swap file on low-memory systems without swap.
  • Fixed case CPANEL-4763: Add a utility to create swap files.
  • Fixed case CPANEL-4785: Only display output for HTML when disabling services.
  • Fixed case CPANEL-4791: Block backup functionality/pages from cPanel users with backups disabled.
  • Fixed case CPANEL-4794: Hotlink Protection: automatically list addon domains.
  • Fixed case CPANEL-4800: Cpanel::Config::userdata: clean up various perlcritic warnings.
  • Fixed case CPANEL-4800: Always update main domain when changing hostname.
  • Fixed case CPANEL-4836: Style callouts correctly for RTL languages.
  • Fixed case CPANEL-4852: Don’t say tables are corrupt just because MySQL is down.
  • Fixed case CPANEL-4910: Don’t say install errors are fatal if we’ll retry.
  • Fixed case CPANEL-4924: Prevent JavaScript errors with nonexistent feature list.
  • Fixed case CPANEL-4941: pam_hulk no longer aborts sshd when given non-UTF-8 user name.
  • Fixed case CPANEL-4943: Fix adding MX entries when none are present.
  • Fixed case CPANEL-4969: Don’t warn for symlinks to optional binaries.
  • Fixed case CPANEL-4996: Reflect enabled status of Feature Showcase entries in non-English locales.
  • Fixed case CPANEL-5003: Validate recognized IP addresses added in WHM Security Questions.
  • Fixed case CPANEL-5005: Stop warning about the lack of CDB_File.
  • Fixed case CPANEL-5006: Stop allowing password change to the same password.
  • Fixed case CPANEL-5010: Fix password age restrictions in cPanel.
  • Fixed case CPANEL-5012: exim_tidydb: avoid warning about missing lock file.
  • Fixed case CPANEL-5018: Updated JS validation for MySQL database names.
  • Fixed case CPANEL-5054: Improve message when no databases match search.
  • Fixed case CPANEL-5063: Move Cpanel::CPAN::YAML::Syck out of Cpanel::CPAN.
  • Fixed case CPANEL-5079: Remove Cpanel::CPAN::Template::Tiny from cpanel.
  • Fixed case CPANEL-5102: Prevent nobody from sending mail by default.
  • Fixed case CPANEL-5106: Remove the use of Cpanel::CPAN::Umask::Local in favor of Umask::Local.
  • Fixed case CPANEL-5107: Drop the use of Cpanel::CPAN::String::ShellQuote in favor of the CPAN version.
  • Fixed case CPANEL-5128: Webmail: Fix scrolling on mobile view.
  • Fixed case CPANEL-5146: Remove LoadModule dependencies from Cpanel::Exception.
  • Fixed case CPANEL-5152: Improve exception handling.
  • Fixed case CPANEL-5155: Reject incomplete file uploads.
  • Fixed case CPANEL-5159: Make updateuserdomains resilient against out-of-space errors.
  • Fixed case CPANEL-5163: Use XS module MIME::Base64 instead of pure Perl version.
  • Fixed case CPANEL-5166: Move Encoding/BER.pm out of Cpanel::CPAN to Cpanel to show its divergence.
  • Fixed case CPANEL-5177: Greylisting: Speed up the cPGreyList::list_domains UAPI call.
  • Fixed case CPANEL-5180: Disable false warnings ‘Failed to unlink’ on install.
  • Fixed case CPANEL-5201: Remove bin/boxtrappermigrate.
  • Fixed case CPANEL-5206: Remove bin/popsh.
  • Fixed case CPANEL-5231: Remove unused WHM SSH key interface.
  • Fixed case CPANEL-5241: Optimize the delivery of iContact messages.
  • Fixed case CPANEL-5283: Ignore imported symbols in API Shell.
  • Fixed case CPANEL-5294: Allow importing ECDSA and Ed25519 SSH keys.
  • Fixed case CPANEL-5316: Add missing file to etc/.js_files_in_repo_with_mt_calls.
  • Fixed case CPANEL-5363: Avoid overly long pathnames in temporary file creation.
  • Fixed case CPANEL-5363: Allow creation of accounts with domains up to 245 characters.
  • Fixed case CPANEL-5365: Show the Cipher configuration UI when typing cipher.
  • Fixed case CPANEL-5404: Properly display version numbers in Transfer Tool.
  • Fixed case CPANEL-5406: Require MySQL-server when installing cpanel-mydns.
  • Fixed case CPANEL-5407: Enable mod_userdir protection by default.
  • Fixed case CPANEL-5408: Add Feature Showcase item for Apache mod_userdir protection.
  • Fixed case CPANEL-5429: Indicate that redirects are for both HTTP and HTTPS.
  • Fixed case CPANEL-5433: Remove perl514 target and RPMs.
  • Fixed case CPANEL-5438: Greylisting: Update trusted netblocks file when the Trusted Hosts are altered.
  • Fixed case CPANEL-5440: Remove Cpanel::CPAN modules nothing uses.
  • Fixed case CPANEL-5446: Restrict path traversal calls from the template parameter in Fileman.
  • Fixed case CPANEL-5452: Fix alignment of login page for RTL languages.
  • Fixed case CPANEL-5454: Honor impersonation settings for root-owned accounts.
  • Fixed case CPANEL-5464: Set mounts as private in Jailshell.
  • Fixed case CPANEL-5473: Remove convert2courier.
  • Fixed case CPANEL-5476: Exim: Integrate Greylisting Trusted Hosts and Common Mail Providers.
  • Fixed case CPANEL-5495: Only suggest public_html when public_html subdomains only is enabled.
  • Fixed case CPANEL-5497: Remove stunnel and non-native support for SSL.
  • Fixed case CPANEL-5522: Fix typo in cpanel_initial_install.
  • Fixed case CPANEL-5533: Avoid confusing help output for createacct.
  • Fixed case CPANEL-5533: Clean up perlcritic warnings in wwwacct.
  • Fixed case CPANEL-5533: Make createacct a symlink to wwwacct.
  • Fixed case CPANEL-5534: Properly detect encrypted OpenSSH Ed25519 private keys.
  • Fixed case CPANEL-5539: Add missing cldr data for cjt2.0 cldr dependent locale methods.
  • Fixed case CPANEL-5550: Feature Manager: restore human-readable descriptions.
  • Fixed case CPANEL-5550: Feature Manager: unset cPAddons features are on.
  • Fixed case CPANEL-5552: cpanel_initial_install: remove unused dependency.
  • Fixed case CPANEL-5562: Folder browse no longer overlaps the branding version element.
  • Fixed case CPANEL-5577: Block upgrade on CentOS 5 and 32-bit systems.
  • Fixed case CPANEL-5585: Update rrdtool to version 1.5.5.
  • Fixed case CPANEL-5587: Fixed trial and development license banners in paper_lantern.
  • Fixed case CPANEL-5596: Signal cpsrvd when password strength configuration changes.
  • Fixed case CPANEL-5613: Show number of accounts when viewing all.
  • Fixed case CPANEL-5615: Switch maketext to use bracket notation whitelist.
  • Fixed case CPANEL-5627: Remove top inner shadow from text fields on the login page for iOS 9.3.
  • Fixed case CPANEL-5632: Fixed cpdavd digest authentication.
  • Fixed case CPANEL-5637: Fix broken validation of ModSecurity param.
  • Fixed case CPANEL-5658: EA4: Combine UI and migrate script MOTD.
  • Fixed case CPANEL-5662: Improve MySQL version from host.
  • Fixed case CPANEL-5667: Fix grammar error in Initial Setup Wizard.
  • Fixed case CPANEL-5683: Install tmpwatch on CentOS 6 systems.
  • Fixed case CPANEL-5685: Fix ‘No such file’ warnings during fresh installation.
  • Fixed case CPANEL-5699: Add quiet option for running SQL commands.
  • Fixed case CPANEL-5699: Update SecurityAdvisor to latest upstream version.
  • Fixed case CPANEL-5737: Prevent deadlock in updateuserdomains.
  • Fixed case CPANEL-5744: Authorize support access should send the contact email.
  • Fixed case CPANEL-5760: Fixed issues in user manager/reset password related to contact info.
  • Fixed case CPANEL-5774: URL Parameter cruft is now removed when navigating to SSL purchase.
  • Fixed case CPANEL-5785: Fix listing accounts in Manage Account Suspension.
  • Fixed case CPANEL-5786: Remove port option from cpanel.config.
  • Fixed case CPANEL-5791: Update Dovecot RPM to 2.2.24.
  • Fixed case CPANEL-5794: Allow WHM API call get_remote_access_hash for all resellers.
  • Fixed case CPANEL-5817: Always do background mail delivery when outbound spam scanning is enabled.
  • Fixed case CPANEL-5823: Updated incorrect module path.
  • Fixed case CPANEL-5840: Correct version of munin displayed in manage plugins.
  • Fixed case CPANEL-5852: Updated incorrect module path.
  • Fixed case CPANEL-5916: Daily Process Log: sort numerically on CPU field.
  • Fixed case CPANEL-5963: During migration, prompt w/ details when ea3 PHP version isn’t in ea4.
  • Fixed case CPANEL-5968: Remove obsolete module Whostmgr::JS.
  • Fixed case CPANEL-5971: Install EA4 by default starting in ‘58.
  • Fixed case CPANEL-5978: Handle account restores of a backup with –newuser into a user that exists.
  • Fixed case CPANEL-5984: Find PHP version as part of EA 4 migration.
  • Fixed case CPANEL-5991: Fixed trial and development license banners in paper_lantern retro.
  • Fixed case CPANEL-6004: Add Makefile dependency for php-setup target.
  • Fixed case CPANEL-6018: cpanellogd: stop looking for port configuration variable.
  • Fixed case CPANEL-6022: Add Crypt::Rijndael_PP to cpanel for foreign pkgacct.
  • Fixed case CPANEL-6029: Additional search terms for Service Manager.
  • Fixed case CPANEL-6031: Ensure Cpanel::cPQuota loads Cpanel::Quota::Fileys.
  • Fixed case CPANEL-6059: Update cpanel-mydns to 1.2.8.31-4.cp1156.
  • Fixed case CPANEL-6060: Update nsd to 3.2.18-3.cp1156.
  • Fixed case CPANEL-6074: Reduce memory bloat in Quota.pm.
  • Fixed case CPANEL-6075: Avoid overencoding in Email All Users.
  • Fixed case CPANEL-6118: Provide a temporary workaround to utf8_heavy.pl bug in multilang adminbin binary.
  • Implemented case CPANEL-5144: Remove unused Blackberry Level 3 integration code.
  • Implemented case CPANEL-5394: Consolidate dovecot calls into Cpanel::Dovecot::Utils.
  • Implemented case CPANEL-5396: Deliver mail using dovecot-lmtp/lda instead of exim.
  • Implemented case CPANEL-5496: Walkthru docs and comments on recusive resolution.
  • Implemented case CPANEL-5548: Changes to facilitate the upgrade to Angular-UI Bootstrap 1.2.5.
  • Implemented case CPANEL-5603: Resetmailmanurls should not create multiple children.
  • Implemented case CPANEL-5609: WHM API calls to determine if a username is available.
  • Implemented case CPANEL-5610: Add ability to log successful logins.
  • Implemented case CPANEL-5624: Upgraded lodash in WHM, Webmail, cPanel, and X3 interfaces.
  • Implemented case CPANEL-5626: Removed usage of angular-ui-utils in favor of native angular key events.
  • Implemented case CPANEL-5650: Optimize the transfer session setup process.
  • Implemented case CPANEL-5653: Convert Transfer system to use sqlite instead of mysql.
  • Implemented case CPANEL-5672: A warning has been added when “Delete FTP User home dir is selected”.
  • Implemented case CPANEL-5696: Fix copyright path in Cpanel/Dovecot/Server.pm.
  • Implemented case CPANEL-5697: Migrate old transfer sessions from mysql to sqlite.
  • Implemented case CPANEL-5698: Fix pod warnings in –help for bin/regenerate_filters.
  • Implemented case CPANEL-5702: Update cPanel/WHM to Munin to 2.0.25.
  • Implemented case CPANEL-5703: Ensure pop3 and imap are disabled if dovecot was previously disabled.
  • Implemented case CPANEL-5708: Add tests for handle_cpdoveauthd_connection.
  • Implemented case CPANEL-5716: Support merge for mdbox converter.
  • Implemented case CPANEL-5724: Added script which helps doc workflow.
  • Implemented case CPANEL-5727: Add a link to download and view the .eml file in boxtrapper review queue.
  • Implemented case CPANEL-5798: Ensure dovecot is always enabled since it now as the LDA.
  • Implemented case CPANEL-5816: Tweak Setting to select the mail storage format for new boxes.
  • Implemented case CPANEL-5839: CloudLinux: Hardened PHP promotion.
  • Implemented case CPANEL-5876: Added an API to set display configurations for external auth modules.
  • Implemented case CPANEL-5879: Add MultiPHP INI Editor (multiphp_ini_editor) to WHM Feature Manager.
  • Implemented case CPANEL-5925: Improve mdbox support in various legacy systems.
  • Implemented case CPANEL-5965: Optimize the editquota process.
  • Implemented case CPANEL-5976: Add MySQL to TTUI.
  • Implemented case CPANEL-5994: Merge PHP-FPM vertical slice.
  • Implemented case CPANEL-6070: Prevent convertmaildir running if the mailbox is in mdbox format.
  • Implemented case CPANEL-6083: Make remove_dangling_symlinks_in_dir() not remove links to dangling links.