60 Change Log

Last modified: February 8, 2023


  • [security] Fixed case SEC-279: SSL hostname verification for support agreement download not enforced.
  • [security] Fixed case SEC-282: Stored XSS Vulnerability in WHM MySQL Password Change Interfaces.
  • [security] Fixed case SEC-283: CPanel backup interface could return a backup with all MySQL databases.
  • [security] Fixed case SEC-284: User account backups could contain all MySQL databases on the server.
  • [security] Fixed case SEC-285: Addon domain conversion can copy all MySQL databases to the new account.
  • [security] Fixed case SEC-296: Account rename can result in Apache logfiles becoming world-readable.
  • [security] Fixed case SEC-299: Backup system overwrites root’s home directory when mount disappears.
  • [security] Fixed case SEC-300: Open redirect in /unprotected/redirect.html.
  • [security] Fixed case SEC-302: Code execution as mailman user due to faulty environmental variable filtering.
  • [security] Fixed case SEC-303: Arbitrary file overwrite via Roundcube SQLite schema update.


  • Fixed case CPANEL-12973: Solve redirected too many times by clearing stale webmail cookies.
  • Fixed case CPANEL-13024: Make etc/init/safekill not kill() its own ancestors.
  • Fixed case CPANEL-13107: Update URL for CPAN mirror search.
  • Fixed case CPANEL-13176: New sshd_config items are now placed above any Match blocks.
  • Fixed case CPANEL-13187: Fail prior to call home if cpkeyclt doesn’t have enough info for a request.
  • Fixed case CPANEL-13187: Provide a more helpful message on cpkeyclt failure.
  • Fixed case CPANEL-14172: Cpanel::Kill::Single::safekill camn hang forever.
  • Fixed case CPANEL-14175: CPGreylist: ensure canonical IPv6 ranges so Exim works.


  • Fixed case CPANEL-14830: Restrict LTS to version 60 and 62.


  • [security] Fixed case SEC-263: Stored XSS during WHM cPAddons install.
  • [security] Fixed case SEC-264: Stored XSS during WHM cPAddons upgrades.
  • [security] Fixed case SEC-265: Stored XSS during WHM cPAddons file operations.
  • [security] Fixed case SEC-266: Stored XSS during WHM cPAddons uninstallation.
  • [security] Fixed case SEC-267: Stored XSS during WHM cPAddons cron operations.
  • [security] Fixed case SEC-268: Stored XSS during moderated WHM cPAddons installation.
  • [security] Fixed case SEC-269: Stored XSS in WHM cPAddons processing.
  • [security] Fixed case SEC-271: Demo accounts allowed to create databases and users.
  • [security] Fixed case SEC-272: EasyApache 4 conversion sets loose domlog ownership and permissions.
  • [security] Fixed case SEC-273: Domain log files become readable after log processing.
  • [security] Fixed case SEC-274: Apache configuration file changed to world-readable when rebuilt.
  • [security] Fixed case SEC-280: The cpdavd_error_log can be created with insecure permissions.
  • [security] Fixed case SEC-288: Resellers can read other accounts domain log files.
  • [security] Fixed case SEC-289: Insecure log file permissions after account modification.
  • [security] Fixed case SEC-290: Apache domlogs become temporarily world-readable during log processing.
  • [security] Fixed case SEC-291: Apache SSL domain logs left behind after account termination.
  • [security] Fixed case SEC-294: Corrupted user and group ownership when using reassign_post_terminate_cruft.
  • [security] Fixed case SEC-297: Self XSS Vulnerability in WHM Upload Locale interface.


  • Fixed case CPANEL-12899: Fix incorrect warning when loading reseller IP delegation.
  • Fixed case CPANEL-13718: Add a timeout to Cpanel::Net::Whois::IP::Cached.
  • Implemented case CPANEL-14439: Accomodate new Comodo DCV format and path.


  • [security] Fixed case SEC-234: Horde MySQL to SQLite conversion can leak database password.
  • [security] Fixed case SEC-236: Code execution for webmail and demo accounts with the store_filter API call.
  • [security] Fixed case SEC-237: Code execution as root via SET_VHOST_LANG_PACKAGE multilang adminbin call.
  • [security] Fixed case SEC-238: Demo account code execution with BoxTrapper API.
  • [security] Fixed case SEC-239: Demo account file read vulnerability in Fileman::getfileactions API2 call.
  • [security] Fixed case SEC-240: Webmail account arbitrary code execution via forwarders.
  • [security] Fixed case SEC-242: Demo account code execution through Encoding API calls.
  • [security] Fixed case SEC-243: Demo account code execution via ImageManager_dimensions API call.
  • [security] Fixed case SEC-244: Demo users have access to traceroute via api2.
  • [security] Fixed case SEC-245: Demo accounts able to redirect web traffic.
  • [security] Fixed case SEC-246: Cpanel::SPFUI API commands are available to demo accounts.
  • [security] Fixed case SEC-247: Demo and suspended accounts allowed to port-forward via SSH.
  • [security] Fixed case SEC-248: Cpanel SSH API commands are allowed for Demo accounts.
  • [security] Fixed case SEC-249: Demo restrictions not enforced in SSL API calls.
  • [security] Fixed case SEC-250: File read and write for demo accounts in SourceIPCheck API.
  • [security] Fixed case SEC-251: Code execution for Demo accounts via ClamScanner_getsocket API.
  • [security] Fixed case SEC-252: Limited file read via Serverinfo_manpage API call.
  • [security] Fixed case SEC-254: Limited file rename as root via scripts/convert_roundcube_mysql2sqlite.
  • [security] Fixed case SEC-255: Limited file chmod in /scripts/convert_roundcube_mysql2sqlite.
  • [security] Fixed case SEC-257: User crontab publicly visible during cPAddon upgrades.
  • [security] Fixed case SEC-259: Code execution via Rails configuration files.
  • [security] Fixed case SEC-260: Supplemental groups lost during account renames.
  • [security] Fixed case SEC-262: Stored XSS in WHM cPAddons install interface.


  • Fixed case CPANEL-1865: Silence spurious warning while restoring mailman attachments.
  • Fixed case CPANEL-11493: Fix overquota rejection at smtp time.
  • Fixed case CPANEL-11793: Ensure domain quota file can be read by exim.
  • Fixed case CPANEL-12378: DnsRoots: Fallback to TCP DNS if UDP DNS is blocked.
  • Implemented case CPANEL-12323: Allow suppression of certificate generation in WHM generatessl.


  • [security] Fixed case SEC-208: Addon domain conversion did not require a package for resellers.
  • [security] Fixed case SEC-217: Self XSS Vulnerability in WHM cPAddons showsecurity interface.
  • [security] Fixed case SEC-218: Arbitrary file read via WHM /styled/ URLs.
  • [security] Fixed case SEC-219: File overwrite when renaming an account.
  • [security] Fixed case SEC-220: Arbitrary code execution during account modification.
  • [security] Fixed case SEC-221: Arbitrary code execution during automatic SSL installation.
  • [security] Fixed case SEC-223: Security policy questions were not transfered during account rename.
  • [security] Fixed case SEC-224: CPHulk one day ban bypass when IP based protection enabled.
  • [security] Fixed case SEC-225: Code execution as root via overlong document root path settings.
  • [security] Fixed case SEC-226: Arbitrary file overwrite via WHM Zone Template editor.
  • [security] Fixed case SEC-227: Expand list of reserved usernames.
  • [security] Fixed case SEC-228: Adding parked domains to mail config did not respect domain ownership.
  • [security] Fixed case SEC-229: URL filtering flaw allowed access to restricted resources.
  • [security] Fixed case SEC-232: Demo code execution via Htaccess::setphppreference API.
  • [security] Fixed case SEC-233: Arbitrary code execution for demo accounts via NVData_fetchinc API call.


  • Fixed case CPANEL-11337: Do not migrate to ea4 if yum is too old.
  • Fixed case CPANEL-11474: Cpanel::Sysquota inode cache is always empty.
  • Fixed case CPANEL-11488: Allow AdvConfig to rebuild httpd.conf if httpd.conf is corrupt.


  • Fixed case CPANEL-8311: Fixed quote_identifier error during transfer restore.
  • Fixed case CPANEL-10331: Turn up noise level when pruning not done.
  • Fixed case CPANEL-10359: Use correct check for invalid themes in restorepkg.
  • Fixed case CPANEL-10931: Disable CGIEmail and CGIEcho on update, and on new installs.
  • Fixed case CPANEL-10954: Allow MySQL to determine whether or not to use native/old password auth.
  • Fixed case CPANEL-11023: Fix can_stream check.
  • Fixed case CPANEL-11033: Test .htaccess syntax in Directory context.
  • Fixed case CPANEL-11042: Warn instead of fail if MySQL restore child aborts on destruction.
  • Fixed case CPANEL-11074: Update cpanel-perl-522-cPanel-TaskQueue to 0.800-3.cp1156.
  • Fixed case CPANEL-11219: Add Comodo to cPanel trusted root store.
  • Fixed case CPANEL-11289: Limit generatessl required params to ones used for DV.


  • Fixed case CPANEL-8647: Improve reseller-create account email limits.
  • Fixed case CPANEL-9829: Don’t overwrite mysql.service when applying custom MySQL limits.
  • Fixed case CPANEL-10581: Write to correct cache file for DNS cluster config.
  • Fixed case CPANEL-10588: Save zone changes to MyDNS database when changing account IP.
  • Fixed case CPANEL-10636: Update ClamAV scanning config for Exim 4.88.
  • Fixed case CPANEL-10656: Send warnings from SSL install into log, fix admin response syntax.
  • Fixed case CPANEL-10672: Fix backport of Cpanel::SSL::OCSP to include Try::Tiny.
  • Fixed case CPANEL-10677: Add error detection in cgi and render in EA4 Migration.
  • Fixed case CPANEL-10685: Restore performance to login pages by fixing asset caching.
  • Fixed case CPANEL-10700: Fix whmapi1 to stop outputting JSON::PP::Boolean values instead of 0 or 1.
  • Fixed case CPANEL-10706: Fixed issue with granting for DNSOnly servers.
  • Fixed case CPANEL-10758: Make cpsrvd’s SNI obey the server’s Web Services cipher list setting.
  • Fixed case CPANEL-10826: Allow MySQL to determine whether to use old/native passwords.
  • Fixed case CPANEL-10869: Update cpanel-dnspython to 1.12.0-4.cp1158.


  • [security] Fixed case SEC-196: Fixed password used for Munin MySQL test account.
  • [security] Fixed case SEC-197: Self-XSS in paper_lantern password change screen.
  • [security] Fixed case SEC-198: Reflected XSS in reset password interfaces.
  • [security] Fixed case SEC-199: Self-XSS in webmail Password and Security page.
  • [security] Fixed case SEC-201: Arbitrary file read via Exim valiases.
  • [security] Fixed case SEC-204: Exim piped filters ran as wrong user when delivering to a system user.
  • [security] Fixed case SEC-205: Leech Protect did not protect certain directories.
  • [security] Fixed case SEC-206: Exim transports could be run as the nobody user.
  • [security] Fixed case SEC-207: Improper ACL checks in xml-api for Rearrange Account.
  • [security] Fixed case SEC-209: SSL certificate generation in WHM uses an unreserved email address.
  • [security] Fixed case SEC-210: Account ownership not enforced by has_mycnf_for_cpuser WHM API call.
  • [security] Fixed case SEC-211: Stored XSS Vulnerability in WHM Account Suspension List interface.
  • [security] Fixed case SEC-212: Format string injection vulnerability in cgiemail.
  • [security] Fixed case SEC-213: WHM enqueue_transfer_item API allowed resellers to queue non rearrange modules.
  • [security] Fixed case SEC-214: Open redirect vulnerability in cgiemail.
  • [security] Fixed case SEC-215: HTTP header injection vulnerability in cgiemail.
  • [security] Fixed case SEC-216: Reflected XSS vulnerability in cgiemail addendum handling.


  • Fixed case CPANEL-10672: Fix backport of Cpanel::SSL::OCSP to include Try::Tiny.


  • Fixed case CPANEL-7881: Use dedicated mail IP for forwarding domain, if available.
  • Fixed case CPANEL-8279: Ensure cpsrvd starts only after the network is online.
  • Fixed case CPANEL-8511: Updated cpanel_initial_install script and YUM lib dor AWS and ensure plugins.
  • Fixed case CPANEL-10047: Update MySQL passwords to native format as needed.
  • Fixed case CPANEL-10213: Prevent AutoSSL requests for excess domains on a single certificate.
  • Fixed case CPANEL-10582: Significantly improve dovecot-lda performance with large sni.conf.


  • Fixed case CPANEL-9591: Don’t create monthly/weekly hardlinks when keeplocal is disabled.
  • Fixed case CPANEL-9785: Proxy Subdomains cause X::AccessForbidden when Creating Support Tickets.
  • Fixed case CPANEL-9899: Resolve race condition when converting from mdbox to maildir.
  • Fixed case CPANEL-10103: Update AutoSSL message when a cert will be replaced in the 3 days window.
  • Fixed case CPANEL-10181: AutoSSL/cPStore: Remove DCV file if a domain fails DCV.
  • Fixed case CPANEL-10211: Ensure http.conf syntax checks show the first invalid line.
  • Fixed case CPANEL-10275: Update cpanel-perl-522-Mail-SpamAssassin to 3.004001-12.cp1156.
  • Fixed case CPANEL-10318: Protect dormant services against infinite loop.
  • Fixed case CPANEL-10321: Update cpanel-roundcubemail to 1.1.7-1.cp1158.
  • Fixed case CPANEL-10336: Make packman python execution errors be errors again.
  • Fixed case CPANEL-10346: Update cpanel-perl-522-Mail-SpamAssassin to 3.004001-13.cp1156.
  • Fixed case CPANEL-10392: Update cpanel-dnspython to 1.12.0-3.cp1158.
  • Fixed case CPANEL-10401: Update cpanel-roundcubemail to 1.1.7-1.cp1158.
  • Fixed case CPANEL-10471: WHM: Ensure the administrator is notified when a new version is available.
  • Fixed case CPANEL-10542: Update exim to 4.87-7.cp1156.
  • Fixed case ZC-2347: Update Security Advisor to the latest version.
  • Implemented case CPANEL-10147: Added a save call to ensure localstorage is updated.
  • Implemented case CPANEL-10241: Make OCSP HTTP errors log a warning rather than die()ing.
  • Implemented case CPANEL-10308: Use local time in AutoSSL log timestamps.


  • Fixed case CPANEL-8436: Reduce number of dovecot/dict lookups to reduce disk I/O.
  • Fixed case CPANEL-9337: Fix erroneously added mail. parked, addon, and subdomains.
  • Fixed case CPANEL-9421: Ensure symlinked templates are precompiled.
  • Fixed case CPANEL-9510: BoxTrapper: fix JavaScript on review queue page.
  • Fixed case CPANEL-10090: Properly handle *.sch.uk domains in DnsRoots.
  • Fixed case CPANEL-10100: Don’t insert extra newlines when deleting email account.
  • Fixed case CPANEL-10135: Ensure terminatereseller terminates all accounts.
  • Fixed case CPANEL-10140: Log when the transfer session db is unexpected not connected.
  • Fixed case CPANEL-10148: Make vhost_name first in returned domains list for cert.
  • Fixed case CPANEL-10225: Update dovecot to
  • Fixed case CPANEL-9343: MultiPHP Manager Does Not Show Correct PHP-FPM Values When Sub-domains Are Listed.


  • Fixed case CPANEL-9790: Use correct working directory when calling cpanel-email.
  • Fixed case CPANEL-9895: Update Amazon::S3 to 0.45-1.
  • Fixed case CPANEL-9998: Don’t terminate reseller limits for non-reseller users.
  • Fixed case CPANEL-10040: Improved ticket system integration.
  • Fixed case CPANEL-10093: Update dovecot to
  • Implemented case CPANEL-10059: Fix a minor spelling problem in TLS Wizard.


  • Fixed case CPANEL-9508: Add better CA Bundle verification messaging.
  • Fixed case CPANEL-9738: Account for customer-created “mail.” subdomains.
  • Fixed case CPANEL-9781: Don’t attempt to enable AutoSSL on DNSONLY.
  • Fixed case CPANEL-9788: Updated to cpanel-php56-5.6.20-25.
  • Fixed case CPANEL-9820: Avoid failure message when saving in Optimize Website.
  • Fixed case CPANEL-9842: Only add TLS domains to dovecot if they have email accts.
  • Fixed case CPANEL-9851: Ensure queueprocd –stop works correctly.
  • Fixed case CPANEL-9862: Make packman Python 2.7/Yum 3.4 compatible.
  • Fixed case CPANEL-9865: Prevent double-listing of SSL-enabled domains in PL SSL install screen.
  • Fixed case CPANEL-9877: Ensure “force” param is passed from create_dbowner to add_dbowner_to_all.
  • Fixed case CPANEL-9887: Remove DCV file when cPanel’s AutoSSL fails on certificate order.
  • Fixed case CPANEL-9904: Clean up auto-created mail. subdomains on account removal.
  • Fixed case CPANEL-9933: Provide better error when deleting nonexistent subdomain.
  • Fixed case CPANEL-9952: Update Security Advisor to the latest version.
  • Fixed case CPANEL-9974: Properly localize SSL installation error messages.
  • Fixed case CPANEL-9981: Prevent legacy userdata_update from auto creating mail. domains.
  • Fixed case CPANEL-10018: OCSP should return undef when revocation cannot be determined.
  • Fixed case CPANEL-10027: Backup Configuration: save all data when remote MySQL is enabled.
  • Implemented case CPANEL-9863: Avoid installing certificates into Domain TLS that don’t verify.
  • Implemented case CPANEL-9884: Remove unused Mail SNI checkbox from Service Certs.
  • Implemented case CPANEL-9958: Improve error reporting from cPanel Store for AutoSSL.
  • Implemented case CPANEL-9980: Add –force flag option to autossl_check_cpstore_queue.
  • Implemented case CPANEL-10010: Fixed pending certificates UI to properly restore multi-vhost-certs.


  • [security] Fixed case SEC-159: Stored XSS in WHM Repair Mailbox Permissions interface.
  • [security] Fixed case SEC-161: File overwrite during preparation for MySQL upgrades.
  • [security] Fixed case SEC-162: Open redirect via /cgi-sys/FormMail-clone.cgi.
  • [security] Fixed case SEC-164: Arbitrary file overwrites when updating Roundcube.
  • [security] Fixed case SEC-165: File create and chmod via ModSecurity Audit logfile processing.
  • [security] Fixed case SEC-168: Enforce feature list restrictions when calling the multilang adminbin.
  • [security] Fixed case SEC-171: Format string injection in exception message handling.
  • [security] Fixed case SEC-172: Self-XSS Vulnerability in the tail_ea4_migration.cgi interface.
  • [security] Fixed case SEC-173: Arbitrary file chown via reassign_post_terminate_cruft.
  • [security] Fixed case SEC-174: Stored XSS in homedir removal during WHM Account termination.
  • [security] Fixed case SEC-177: Self-XSS Vulnerability in WHM Tweak Settings for autodiscover_host.
  • [security] Fixed case SEC-178: Self-Stored XSS Vulnerability in listftpstable API.
  • [security] Fixed case SEC-179: Stored XSS in api1_listautoresponders.
  • [security] Fixed case SEC-180: Stored XSS Vulnerability in ftp_sessions API.
  • [security] Fixed case SEC-180: Self-XSS Vulnerability in UI_confirm API.
  • [security] Fixed case SEC-181: Self-Stored XSS in postgres API1 listdbs.
  • [security] Fixed case SEC-182: Self-Stored XSS in SSL_listkeys.
  • [security] Fixed case SEC-184: Self-XSS in alias upload interface.
  • [security] Fixed case SEC-185: Sensitive file contents revealed during file copy operations.
  • [security] Fixed case SEC-186: Apache SSL keys readable by the nobody group.
  • [security] Fixed case SEC-187: Host Access Control improperly handles action-less host.deny entries.
  • [security] Fixed case SEC-188: Arbitrary code execution via Maketext in PostgreSQL adminbin.
  • [security] Fixed case SEC-191: Code execution via cpsrvd 403 response handler.
  • [security] Fixed case SEC-192: HTTP POST to listinput.cpanel.net does not use TLS.


  • Fixed case CPANEL-9823: Update dovecot to
  • Fixed case CPANEL-9824: Compress::Raw::Lzma: remove version check


  • Fixed case CPANEL-8580: Support icon appears for all Resellers.
  • Fixed case CPANEL-8793: Removeacct was not removing main psql user or cleaning up.
  • Fixed case CPANEL-9004: Fix mail authentication for users with local part of “0”.
  • Fixed case CPANEL-9298: Updated functionallity to allow custom overrides of PHP-FPM server values.
  • Fixed case CPANEL-9582: Fixed adding conflicts properly with _.union.
  • Fixed case CPANEL-9688: Bail out of .htaccess redirect normalizations if not user-user owned.
  • Fixed case CPANEL-9702: Added a check for existence of a group before modifying it’s links.
  • Fixed case CPANEL-9743: Fix Email::list_forwarders API call.
  • Fixed case CPANEL-9756: PowerDNS: use the renamed cpanel-pdns RPM.
  • Fixed case CPANEL-9765: Fixed misspelling in EA4 migration script.
  • Fixed case CPANEL-9772: Restart tailwatchd via the service manager in chkservd-install.
  • Fixed case CPANEL-9775: Prevent error during normal ticket creation workflow.
  • Fixed case CPANEL-9776: Tighten integrity of .htaccess permissions pre-check.
  • Fixed case CPANEL-9804: Include security token for PhpPgAdmin.
  • Implemented case CPANEL-9755: Don’t add www. domains in dovecot SNI conf.


  • Fixed case CPANEL-9593: Avoid cpanel.service falsely reporting cpsrvd as dead.
  • Fixed case CPANEL-9683: Flush privileges before enumerating user grants.
  • Fixed case CPANEL-9698: Fix error when changing hostname.
  • Fixed case CPANEL-9701: Increase apache restart timeout to handle many SSL certs.
  • Fixed case CPANEL-9714: Inherit shows up in the PHP dropdown.


  • Fixed case CPANEL-9673: Always include current theme in the cPanel theme selection drop down.
  • Fixed case CPANEL-9684: Reduce AutoSSL polling frequency during peak times.
  • Fixed case CPANEL-9686: Update grants for all hostnames when changing password.


  • Fixed case CPANEL-9209: Fix removing FTP account along with addon domain.
  • Fixed case CPANEL-9286: Make determining user theme consistent.
  • Fixed case CPANEL-9491: Disallow ownage of the hostname by the system user.
  • Fixed case CPANEL-9529: Have restartsrv’s systemd logic factor in pidfile.
  • Fixed case CPANEL-9530: Drop the CPANEL_BASE_INSTALL environment variable from cpsrvd.
  • Fixed case CPANEL-9560: Fix ipv6. subdomains with AutoSSL.
  • Fixed case CPANEL-9561: Remove the use of tsflags from Cpanel::SysPkgs::YUM.
  • Fixed case CPANEL-9572: Quota Modification: avoid error when no resource limits set.
  • Fixed case CPANEL-9618: Ensure Market Provider Manager only shows ACL all.
  • Fixed case CPANEL-9624: Retrieve only local AutoSSL config on feature showcase.
  • Fixed case CPANEL-9660: Make updateuserdomains work with custom mailips.
  • Fixed case CPANEL-9662: Fix addon domain creation when email archiving feature is off.
  • Fixed case CPANEL-9664: Always restart Exim on hostname change.
  • Fixed case CPANEL-9665: Installruby: fix undefined subroutine error on gem install.
  • Fixed case CPANEL-9668: Fixed ModSecurity 2 configuration when migrating to EasyApache 4.
  • Implemented case CPANEL-9549: Remove revoked/rejected certs from cpstore autossl queue.


  • Fixed case CPANEL-9511: Prevent AutoSSL cPStore queue from running more than once at a time.
  • Fixed case CPANEL-9524: Update cpanel-git to 2.10.2-1.cp1158.
  • Fixed case CPANEL-9541: Mail Filters: allow user to specify folder manually.
  • [security] Fixed case CPANEL-9559: Ensure system accounts do not have a valid password.


  • Fixed case CPANEL-5142: Disable MySQL upgrade interface when using a remote MySQL server.
  • Fixed case CPANEL-6896: System PHP version is now updated properly.
  • Fixed case CPANEL-9485: Non-existent packages shown without ea prefix.
  • Fixed case CPANEL-9504: Fix Grant cPanel Support Access UI element positioning.
  • Fixed case CPANEL-9515: Tail-check: ensure tailwatchd is restarted using systemd.
  • Fixed case CPANEL-9522: Userdirctl now reloads all supported Apache options in EA4.
  • Fixed case CPANEL-9527: Ensure FTP backups are uploaded into the correct directory.


  • Fixed case CPANEL-9114: Fix shebang line issue in EA4 Migration tailing script.
  • Fixed case CPANEL-9420: Fix broken template links for mailman_service.
  • Fixed case CPANEL-9452: Cleanup the server object before destruction.
  • Implemented case CPANEL-9466: Ensure SMTP rejections are logged.


  • Fixed case CPANEL-8818: Updated PowerDNS to 3.4.10-1.cp1160.
  • Fixed case CPANEL-9373: Resolve JSON error with whmapi1 start_background_mysql_upgrade.
  • Fixed case CPANEL-9428: Don’t send duplicate symlink/ruid Security Advisor notifications.


  • Fixed case CPANEL-6049: MySQLClean maintenance task shouldn’t run on systems with remote MySQL server.
  • Fixed case CPANEL-6049: Exempt the local MySQL instance from the <= 5.1 version check.
  • Fixed case CPANEL-9309: Correct destination validation for FTP.
  • Fixed case CPANEL-9309: Stop abuse of Cpanel::Transport::Files interface.
  • Fixed case CPANEL-9413: Fix tcp6 parser for ipv6 connection lookup.
  • Fixed case CPANEL-9417: Avoid errors due to inability to load JavaScript files.
  • Fixed case CPANEL-9434: Make the PowerDNS Feature Showcase item readonly.
  • Implemented case CPANEL-9412: Stop looking for incorrect datastore in dumpinodes.


  • Fixed case CPANEL-9054: Update sort order on grant-access page.
  • Fixed case CPANEL-9095: Fixed set_local_mysql_root_password call for WHMAPI1.
  • Fixed case CPANEL-9332: Fix a logic error in DCV autocorrect.
  • Fixed case CPANEL-9368: Restore permissions on .htaccess after committing changes.
  • Fixed case CPANEL-9392: Harden tailwatchd’s dupe process check.


  • Fixed case CPANEL-8658: Slip streamed CLDR data is not loaded correctly when changing languages.
  • Fixed case CPANEL-9352: Use php.ini.dist as base when rebuilding internal php config.


  • Fixed case CPANEL-8504: Improved clean-up of obsolete UI files.
  • Fixed case CPANEL-9011: Use correct tailwatchd binary in restartsrv.
  • Fixed case CPANEL-9194: Disable spamd when exim is disabled.
  • Fixed case CPANEL-9217: Allow for streaming and skiphomedir in restore disk check.
  • Fixed case CPANEL-9218: Stop looking for incorrect datastore in dumpquotas.
  • Fixed case CPANEL-9274: Allow Software Collection (SCL) commands to work under jailshell.
  • Fixed case CPANEL-9318: Show appropriate error message in DNS Clustering.
  • Fixed case CPANEL-9358: Duplicate INI directives wont be saved in new file.


  • Fixed case CPANEL-9227: Make restartsrv case sensitve when checking crond.
  • Fixed case CPANEL-9234: Act gracefully when the cPanel AutoSSL queue has a too-old entry.
  • Fixed case CPANEL-9241: Update MySQL56 to 5.6.34-2.cp1156.
  • Fixed case CPANEL-9257: Defer sslstorage cleanup until after autossl is completed.
  • Fixed case CPANEL-9284: AutoSSL cannot fix htaccess files that contain RequireAll.
  • Fixed case CPANEL-9289: Ensure .htaccess files can be locked when they are not writeable.
  • Fixed case CPANEL-9303: X3 is not always displayed as theme for users after upcp to 60.
  • Fixed case CPANEL-9329: Fix caching which leads to false mod_userdir / mod_ruid2 conflict.
  • Implemented case CPANEL-9270: Apache->DomainTLS copy: Skip certs without any installations.


  • Fixed case CPANEL-9250: Ensure maxemailsperhour is update when set in tweak settings.
  • Fixed case CPANEL-9251: Make sure the theme returned from Cpanel::Config is valid.
  • Fixed case CPANEL-9269: EA4 Migration UI is not available on CloudLinux.
  • Fixed case CPANEL-9271: Increase http restart timeout to 180s.
  • Fixed case CPANEL-9273: Updated updatable string for EA4 update state.
  • Fixed case CPANEL-9276: Whostmgr::Accounts::Remove is needed for Whostmgr::Resellers::Kill.
  • Implemented case CPANEL-9258: Fix vhost->FQDN logic of initial copy into Domain TLS.
  • Implemented case CPANEL-9259: Treat /etc/trustedmailhosts as a netblock list.


  • Fixed case CPANEL-8225: Keep Apache conf records in parsed order.
  • Fixed case CPANEL-9055: Add a notice that the support tool opens ticket with cPanel.
  • Fixed case CPANEL-9135: Remove now invalid conflicts in EA3 profile conversion.
  • Fixed case CPANEL-9166: Insecure go.cpanel.net link.
  • Fixed case CPANEL-9188: Generate cache buster over both SVG and PNG sprites.
  • Fixed case CPANEL-9192: Fixed issue with notifications on Iphone SE.
  • Fixed case CPANEL-9214: Make the Apache->DomainTLS copy script ignore invalid certificates.
  • Fixed case CPANEL-9219: Ensure cpsrvd can startup when missing ssl_socket_args.
  • Fixed case CPANEL-9220: Prevent the TLS wizard for moving forward without selection.
  • Fixed case CPANEL-9221: Exempt DNSONLY from the SNI blocker.
  • Fixed case CPANEL-9222: Preserve configuration for cPanel PHP on upgrade.
  • Fixed case CPANEL-9225: Ensure permissions are correct for quota cache.
  • Fixed case CPANEL-9228: Exim: honor explicit daemon_smtp_ports setting.
  • Fixed case CPANEL-9239: Raise default dovecot config_vsz limit for additional SSL certs.
  • Fixed case CPANEL-9254: Ensure the global max emails limit comes last in email_send_limits.
  • Implemented case CPANEL-9159: Improve logic that gets all FQDNs on a vhost to include “mail”.




  • Fixed case CPANEL-9089: Update git to version 2.10.1-1.cp1158.
  • Fixed case CPANEL-9162: Ensure AutoSSL does not duplicate domains on a CSR.
  • Fixed case CPANEL-9165: Address various ea4 issues that affect many CloudLinux servers.
  • Fixed case CPANEL-9173: Add p0f to yum excludes.
  • Implemented case CPANEL-9174: Ensure all exim config files are included in backups.


  • Fixed case CPANEL-8541: Timestamp cpdavd dormant STDERR logging.
  • Fixed case CPANEL-8775: Fixed issue with Email and Global Filters.
  • Fixed case CPANEL-8935: WHM: Style the Browse button on the cPanel Plugin File Generator page.
  • Fixed case CPANEL-9138: Fixed misreported error that the system was unable to install httpd.
  • Fixed case CPANEL-9142: Revert changes to get_service_ssl_base_uri_by_service_name.
  • Fixed case CPANEL-9151: Ensure /logout/ is ignored inside of goto_uri.
  • Implemented case CPANEL-9137: Avoid relogin when linking openid accounts.
  • Implemented case CPANEL-9155: Update API calls to ensure SSL UIs know about mail. subdomains.


  • Fixed case CPANEL-8968: Change ea3 specific verbiage in bin/cloudlinux_update.
  • Fixed case CPANEL-8972: Fix half-closed backup transporter connections.
  • Fixed case CPANEL-8972: Rebuild transport objects correctly.
  • Fixed case CPANEL-9053: Create ticket doesn’t understand multiple emails.
  • Fixed case CPANEL-9078: Fix localizability of PHP-FPM error message.
  • Fixed case CPANEL-9118: One time warning about manual PHP-FRPM pool options configuration.
  • Implemented case CPANEL-9130: Make AutoSSL default to not replacing non-AutoSSL certificates.


  • Fixed case CPANEL-8998: Run System Update button only in profile page.
  • Fixed case CPANEL-9065: Use the configured MySQL port when determining MySQL version.
  • Fixed case CPANEL-9066: Report non-HTTP errors during Ticket API queries correctly.
  • Fixed case CPANEL-9072: Avoid showing stale data after activating a profile in Manage MySQL Profiles.
  • Fixed case CPANEL-9073: Apache restart fails is SSL assets are removed before reload.
  • Fixed case CPANEL-9105: Unselecting PHP version removes all its extensions.
  • Implemented case CPANEL-9079: Bump version number for public release.


  • Fixed case CPANEL-6887: Use system utilities when backing up/restoring postgres databases.
  • Fixed case CPANEL-8576: Update cpanel-perl-522 to 5.22.1-14.cp1156.
  • Fixed case CPANEL-8637: Single row edit wont refresh handler table.
  • Fixed case CPANEL-8682: Convert Addon to Account: Ensure Autoresponders are handled properly.
  • Fixed case CPANEL-8716: Fix warning symbol clipping.
  • Fixed case CPANEL-8797: Convert Account to Addon: Ensure DNS Zones are updated properly on a NAT server.
  • Fixed case CPANEL-8807: Use pointer cursor for clickable text.
  • Fixed case CPANEL-8845: Reinstate automatic growl message removal in WHM.
  • Fixed case CPANEL-8914: Uploading gz’d SQL file no longer hangs.
  • Fixed case CPANEL-8928: Be able to delete email accounts that don’t fully exist.
  • Fixed case CPANEL-8942: Restorepkg: ensure parked domains can be fully restored.
  • Fixed case CPANEL-8956: WHM changes for sudo users in ticket grant process.
  • Fixed case CPANEL-8970: Capitalize PHP display name in EA4 UI.
  • Fixed case CPANEL-9024: Remove Perl 5.24 on downgrade to 11.60.
  • Fixed case CPANEL-9048: Ensure mail domains can have ssl certs installed.
  • Fixed case CPANEL-9049: Fix typo in Cpanel::SSL::DCV::verify_http.
  • Implemented case CPANEL-8836: Additional exception handling to htaccess management.


  • Fixed case CPANEL-8615: Ensure /etc/trueuserowners is correct after removing resellers.
  • Fixed case CPANEL-8689: Transfer Tool’s only should disable Easy Apache if a blocker exists.
  • Fixed case CPANEL-8698: Fix or disable HTML5 mode for some WHM features.
  • Fixed case CPANEL-8722: Subdomains that match proxy subdomains won’t be removed.
  • Fixed case CPANEL-8726: Fix “default” appearing on separate line in tweak settings related pages.
  • Fixed case CPANEL-8727: Degrade blocker to warning for a mandatory package if in an “updates” repo.
  • Fixed case CPANEL-8821: Improve the autossl message when a cert is not issued by AutoSSL.
  • Fixed case CPANEL-8879: Fixed an issue where wildcards were included in advanced certs.
  • Fixed case CPANEL-8886: Address security issues with style upload.
  • Fixed case CPANEL-8908: Drop root before executing tar command.
  • Fixed case CPANEL-8927: PowerDNS: Install the necessary compat-boost RPMs on Amazon Linux.
  • Fixed case CPANEL-8946: Update password stregth error to pass string review.
  • Fixed case CPANEL-8975: Remove unused Disable mail SNI from interfaces.
  • Fixed case CPANEL-9001: Fix SCALAR inclusion into local.ini and user’s php.ini.


  • Fixed case CPANEL-6907: Transfer the php-fpm configuration file over but do not activate it.
  • Fixed case CPANEL-7281: Fix bug where punctuation in docroot would cause fpm to fail.
  • Fixed case CPANEL-7593: Update cpanel-perl-522-munin to 2.0.25-6.cp1158.
  • Fixed case CPANEL-7961: Only present the mail. subdomain for email config if it exists.
  • Fixed case CPANEL-8352: Fixed alignment issues with styles in change style.
  • Fixed case CPANEL-8379: Fix the French translation for Create.
  • Fixed case CPANEL-8383: Avoid setting permissions on files managed by cpsrvd.
  • Fixed case CPANEL-8407: Fix EA4 Migrate blockers on CloudLinux.
  • Fixed case CPANEL-8608: Add data to the post change site IP address event.
  • Fixed case CPANEL-8638: Update blocker message to list supported OSes.
  • Fixed case CPANEL-8706: Fix command2 for DNS Only.
  • Fixed case CPANEL-8752: Update cpanel-perl-522 to 5.22.1-13.cp1156.
  • Fixed case CPANEL-8761: Disabled spotlight when quota is reached.
  • Fixed case CPANEL-8766: Address arbitrary code execution during restricted restores.
  • Fixed case CPANEL-8771: WHM Module Installers search phrase stays unencoded.
  • Fixed case CPANEL-8790: Unset AWSTATS_SSL_DIR for non-ssl awstats link.
  • Fixed case CPANEL-8826: Make updates of ~/.contactemail transaction.
  • Fixed case CPANEL-8830: Tweak Settings: validate empty_trash_days.
  • Fixed case CPANEL-8840: Correctly set default user style.
  • Fixed case CPANEL-8843: Update pdns to 3.4.9-5.cp1160.
  • Fixed case CPANEL-8862: Fix undefined function warning in Mailman install script.
  • Fixed case CPANEL-8876: Email account creation now waits until account creation is complete.
  • Fixed case CPANEL-8877: Import eximstats.sql now via queueprocd.
  • Fixed case CPANEL-8878: Prevent downloading of retro style.
  • Fixed case CPANEL-8880: WHM: Fix JavaScript errors on the Greylisting page.
  • Fixed case CPANEL-8882: Fix the ng-include bug in Transfer Tool that causing it not working.
  • Fixed case CPANEL-8884: Fixed issue with empty message not showing up.
  • Fixed case CPANEL-8887: EA4 UI Refactored.
  • Fixed case CPANEL-8901: WHM: Ensure tooltips respond to user action on cPHulk Black/White list.
  • Fixed case CPANEL-8904: Update ProgLang to use Cpanel::Transaction::File::Raw.
  • Fixed case CPANEL-8909: Style name should appear in curly quotes.
  • Fixed case CPANEL-8918: WHM: Fix JavaScript error when adding Trusted Hosts in Greylisting.
  • Fixed case CPANEL-8920: Adjust phrasing for the new RBL check exemptions.
  • Fixed case CPANEL-8921: Remove domains that overlap a wildcard from certificate orders.
  • Fixed case CPANEL-8934: Switch “Yes” button on hacked question.
  • Fixed case CPANEL-8938: Add in strings from Translators.
  • Fixed case CPANEL-8945: Update checkallsslcerts renewal period message to reflect new 25d period.
  • Fixed case CPANEL-8955: Add orphaned file list to the check status.
  • Fixed case CPANEL-8957: Reseller’s personal styles should not show in WHM customization UI.
  • Fixed case CPANEL-8966: Do not unlink ~/.contactemail when updating user’s contact.
  • Implemented case CPANEL-8894: Rebuild branding cache when changing enabled market providers.


  • Fixed case CPANEL-1326: Fix proxy subdomains check when removing vhost.
  • Fixed case CPANEL-7236: CPanel: Integrated tooltip text into placeholder and updated tests.
  • Fixed case CPANEL-8487: Validation for the PHP FPM pool options.
  • Fixed case CPANEL-8574: Verify domain ownership in multilang admin bin.
  • Fixed case CPANEL-8614: Fix false success when checking zone validity.
  • Fixed case CPANEL-8665: Display the correct password placeholder text on the Configure Mail Client page.
  • Fixed case CPANEL-8705: Update EA4 Migration UI to use real time tail log cgi.
  • Fixed case CPANEL-8723: Remove accounts from trusted user list upon termination.
  • Fixed case CPANEL-8760: Display warning in restorepkg when commenting CNAME.
  • Fixed case CPANEL-8772: Remove code to manage cpanel plugins in roundcube.
  • Fixed case CPANEL-8789: WHM: Ensure the cPHulk History Reports are always paginated.
  • Fixed case CPANEL-8794: Addon Domain: Prompt to remove FTP accounts when removing domain.
  • Fixed case CPANEL-8804: Ensure that MySQL DB restoration works for large files.
  • Fixed case CPANEL-8820: Make CommandAlreadyRunning exceptions not print stack trace usually.
  • Fixed case CPANEL-8834: Require the dnssec feature for DNSSEC adminbin calls.
  • Fixed case CPANEL-8849: Avoid spurious warning messages when php.ini gets created.
  • Implemented case CPANEL-8774: Added an upgrade blocker for SNI support.
  • Implemented case CPANEL-8851: Made UI/UX improvements and hardened the TLS Wizard Interface.


  • Fixed case CPANEL-6773: Always redo log rotate links due to ea4 paths.
  • Fixed case CPANEL-7285: Corrected FPM setting to allow alternative extensions.
  • Fixed case CPANEL-7849: Fix unlimited query for email track delivery.
  • Fixed case CPANEL-7949: Don’t complain about missing locales during install.
  • Fixed case CPANEL-8196: Improvements to .htaccess updates and reporting in Modify Account.
  • Fixed case CPANEL-8318: Fixing tailwatchd memory hogging while recovering eximstats.sql.
  • Fixed case CPANEL-8457: Add a fake –force flag to bin/updateeximstats.
  • Fixed case CPANEL-8497: Ensure interactive templates don’t print prematurely.
  • Fixed case CPANEL-8497: Prevent double header in some WHM pages.
  • Fixed case CPANEL-8581: WHM: Remove Search Accounts from the menu.
  • Fixed case CPANEL-8586: Permit overquota checks as the user.
  • Fixed case CPANEL-8606: WHM: Ensure styles for the Test Build banner are correct.
  • Fixed case CPANEL-8607: EasyApache 4 migration UI does not load.
  • Fixed case CPANEL-8612: Disabling features in Feature Showcase, autoenable on install.
  • Fixed case CPANEL-8618: Prevent error message when creating an account.
  • Fixed case CPANEL-8619: User Manager: Ensure service icons appear within borders in Retro style.
  • Fixed case CPANEL-8625: WHM: Added additional search terms for cPanel Customization.
  • Fixed case CPANEL-8626: Support IPv6 Addresses for Nameservers in Initial Setup Wizard.
  • Fixed case CPANEL-8630: Remove old link for modify account suspension page.
  • Fixed case CPANEL-8633: Properly generate /etc/mailhelo.
  • Fixed case CPANEL-8634: Perform cPanel YUM calls with EPEL disabled.
  • Fixed case CPANEL-8641: Update IP to country database.
  • Fixed case CPANEL-8654: Have Domain TLS install/uninstall SSL certificate for mail.*.
  • Fixed case CPANEL-8657: Ensure IPv6 addresses for nameservers are optional in Initial Setup Wizard.
  • Fixed case CPANEL-8662: Ensure the logo is present on the File Upload page.
  • Fixed case CPANEL-8673: Fix spurious error message about Mailman archive permissions.
  • Fixed case CPANEL-8675: The LANG cpuser key is no longer added by default.
  • Fixed case CPANEL-8685: Add extra protection when writing a json file.
  • Fixed case CPANEL-8695: Parse yum python on system’s w/ no pre JSON header output.
  • Fixed case CPANEL-8696: Ensure SVG sprites use cache busting.
  • Fixed case CPANEL-8718: Ensure removeacct has needed modules for AutoSSL.
  • Fixed case CPANEL-8720: WHM: Do not display the maximum value for Max Request Workers.
  • Fixed case CPANEL-8736: WHM: Fix javascript error on the Apache Global Configuration page.
  • Fixed case CPANEL-8748: Ensure the generated CSS classes contain a width and height for SVG icons.
  • Fixed case CPANEL-8777: Ensure that the lookupnsips WHM APIv1 call is functional.
  • Fixed case CPANEL-8784: Convert Addon to Account: Validate MySQL profile prior to handling MySQL data.
  • Fixed case CPANEL-8792: Add missing use to convert_roundcube_mysql2sqlite.
  • Fixed case CPANEL-8812: Add backupmxhosts to the list of internal dbs.
  • Fixed case CPANEL-8815: Use MagicRevision for CJT2 apps to avoid cache issues.
  • Fixed case HB-1764: Moved _killacct() to after the pre-kill hooks.
  • Fixed case HB-1859: Added support for the restart script handler to report no fpm rpms.
  • [security] Fixed case SEC-141: Code execution as other accounts via mailman list archives.
  • [security] Fixed case SEC-152: Arbitrary code execution due to faulty shebang in Mail::SPF scripts.
  • [security] Fixed case SEC-154: Arbitrary file read due to multipart form processing error.
  • [security] Fixed case SEC-156: Stored XSS Vulnerability in WHM tail_upcp2.cgi interface.
  • Implemented case CPANEL-8603: New interface allows purchasing of wildcard certificates.
  • Implemented case CPANEL-8646: Remove unused Domain TLS API calls.
  • Implemented case CPANEL-8653: Ensure Template::Parser is loaded before localizing output.
  • Implemented case CPANEL-8751: Ensure wildcard domains do not get passed to GETDOMAINIP.


  • Fixed case CPANEL-3338: Restart cpbackup_transport connections on failure.
  • Fixed case CPANEL-5886: Allow Pushbullet API tokens with periods.
  • Fixed case CPANEL-7799: Update cpanel-perl-522-GD to 2.56-2.cp1156.
  • Fixed case CPANEL-8298: Don’t die if user not present in /etc/trueuserowners.
  • Fixed case CPANEL-8332: ModSecurity now logs events for jailshell users in EA4.
  • Fixed case CPANEL-8333: Close PwCache filehandles as part of untie.
  • Fixed case CPANEL-8357: On EA4 UI Conflicts, Requires should resolve fine.
  • Fixed case CPANEL-8426: Don’t pipe /dev/null into mailman crontab on service disable.
  • Fixed case CPANEL-8432: Update MySQL55 to 5.5.52-1.cp1156.
  • Fixed case CPANEL-8433: Update the phpMyAdmin config when changing MySQL profiles.
  • Fixed case CPANEL-8434: Update MySQL56 to 5.6.33-1.cp1156.
  • Fixed case CPANEL-8448: Whostmgr now detects temporary cpanel accounts.
  • Fixed case CPANEL-8448: The WHM MultiPHP Manager interface now ignores temporary cpanel users.
  • Fixed case CPANEL-8448: Setting Apache handler for PHP now ignores temporary users.
  • Fixed case CPANEL-8455: Adjust hostname cert renewal to T-25, start warnings at T-20.
  • Fixed case CPANEL-8461: Fix upgrades from 44 and older for 32-bit systems.
  • Fixed case CPANEL-8468: Disable overquota reject at SMTP if dovecot is set to defer.
  • Fixed case CPANEL-8476: Update cpanel-perl-522 to 5.22.1-12.cp1156.
  • Fixed case CPANEL-8478: Replace broken 2FA go links.
  • Fixed case CPANEL-8494: WHM: Ensure link to Upgrade Versions works on Update Preferences.
  • Fixed case CPANEL-8553: Generate_changelog: allow using short version numbers.
  • Fixed case CPANEL-8560: WHM: Require an account to be selected before suspension/unsuspension.
  • Fixed case CPANEL-8569: Restore custom RBLs from cpconftool backups.
  • Fixed case CPANEL-8570: Fix JavaScript error on Reseller Center page.
  • Fixed case CPANEL-8571: Cpsrvd: Ensure the redirect handler triggers properly.
  • Fixed case CPANEL-8585: Produce reproducible sprites and sprite maps.
  • Fixed case CPANEL-8593: Remove extra closing brace in EA 4 JavaScript file.
  • Implemented case CPANEL-8550: Added mail. to serveralias list for main and parked domains.
  • Implemented case CPANEL-8551: Automatically rewrite .htaccess to exclude DCV redirections.


  • Fixed case CPANEL-7529: Clear domain forwarding before removing virtual host.
  • Fixed case CPANEL-8268: Fixed missing theme and reseller switcher.
  • Fixed case CPANEL-8427: Copy global filters to newly-created addon domains.
  • Fixed case CPANEL-8496: Changelog: avoid wide character warnings.
  • Fixed case CPANEL-8540: Have ea4 handle ea3 profiles without Apache 2.4.
  • Fixed case CPANEL-8542: Native technical support ticket wizard in WHM.
  • Fixed case CPANEL-8564: Disabled cPanel Spotlight when impersonating a user.
  • Fixed case CPANEL-8566: CPanel Spotlight can now be dismissed by typing.
  • Implemented case CPANEL-8425: Setting to exempt common and trusted providers from RBLs.
  • Implemented case CPANEL-8472: Avoid locking the ip pool on update.
  • Implemented case CPANEL-8522: Use Net::SSLeay for certificate chain verification.
  • Implemented case CPANEL-8545: Improvements to Paper Lantern style management.


  • Fixed case CPANEL-5947: Use correct short url for transfer tool documentation.
  • Fixed case CPANEL-6011: Suppress Netlink warnings from redirect SSL checks.
  • Fixed case CPANEL-6162: Backup and Restore custom RBLs in the configuration backup.
  • Fixed case CPANEL-6195: Transfer Tool: automatically fix bad permissions on SSH socket.
  • Fixed case CPANEL-7055: When a user reaches disk space quota, actively detect resolution.
  • Fixed case CPANEL-7697: Added ACL_RECIPIENT_BLOCK to look only at local domains.
  • Fixed case CPANEL-7963: Add PHP ini conversion step when a user is migrating a system to EA4.
  • Fixed case CPANEL-8132: Un-hide pagination control in AutoSSL -> Manage Users.
  • Fixed case CPANEL-8189: Update the snowmen locale to contain current strings.
  • Fixed case CPANEL-8309: Fix IO::Handle errors in Cpanel/Notify.pm.
  • Fixed case CPANEL-8332: ModSecurity now logs events for jailshell users in EA4.
  • Fixed case CPANEL-8335: Raise AWStats invalid log entry limit to 10000.
  • Fixed case CPANEL-8342: Add timestamps to cpdavd STDERR output.
  • Fixed case CPANEL-8387: Ensure that the Mail Only feature list is migrated properly.
  • Fixed case CPANEL-8390: If rpm is broken, skip rpm-related maintenance.
  • Fixed case CPANEL-8391: Fix typo in login success message.
  • Fixed case CPANEL-8394: Fixed issue with help not sliding in WHM.
  • Fixed case CPANEL-8397: Prevent UI from showing ignored errors when loading modules.
  • Fixed case CPANEL-8401: Don’t remove needed RPMs when uninstalling Munin.
  • Fixed case CPANEL-8409: AutoSSL: avoid failure message when no users exist.
  • Fixed case CPANEL-8414: Update go links to use HTTPS.
  • Fixed case CPANEL-8415: Update git to version 2.10.0.
  • Fixed case CPANEL-8429: Tweak Settings: correct misspelling of “configuration”.
  • Fixed case CPANEL-8433: Update the phpMyAdmin config when changing MySQL profiles.
  • Fixed case CPANEL-8443: Use proper password cache location for virtual users.
  • Fixed case CPANEL-8444: Non-root users can access SCL etc/php.d/*.ini config files.
  • Fixed case CPANEL-8445: MultiPHP Manager now works when tech support logs into system.
  • Fixed case CPANEL-8445: Whostmgr now detects temporary tech support accounts.
  • Fixed case CPANEL-8454: Fix logger error from Cpanel::Themes::Cachebuster.
  • Fixed case CPANEL-8455: Adjust hostname cert renewal to T-25, start warnings at T-20.
  • Fixed case CPANEL-8476: Update cpanel-perl-522 to 5.22.1-12.cp1156.
  • Fixed case CPANEL-8478: Replace broken 2FA go links.
  • Fixed case CPANEL-8500: Conditionally display the EA 4 Migration GUI.
  • Fixed case CPANEL-8505: Optimize package resolution related code.
  • Fixed case CPANEL-8516: Additional test coverage and validation for Cpanel::PackMan.
  • Fixed case CPANEL-8523: Call a hook script when cPanel install completes.
  • Fixed case CPANEL-8524: Add hook points for change a site IP.
  • Implemented case CPANEL-8349: Add PL style management to WHM Customize cPanel interface.
  • Implemented case CPANEL-8377: Expand reject nobody email to include mail not sent with sendmail.
  • Implemented case CPANEL-8418: Sign .mobileconfig files with domain certificate when available.
  • Implemented case CPANEL-8419: Only enable AutoSSL by default on new installs.
  • Implemented case CPANEL-8424: Improve durability of .htaccess updates.
  • Implemented case CPANEL-8463: Bump the Net::SSLeay version to 1.78-3.
  • Implemented case CPANEL-8471: WHM: Allow users to configure AAAA records for their nameservers.


  • Fixed case CPANEL-7719: Update DBD::mysql module to version 4.036.
  • Fixed case CPANEL-8124: Make ModSecurity configuration change failure erros more informative.
  • Fixed case CPANEL-8269: Support augmented security_advisor_history.json structure.
  • Fixed case CPANEL-8278: Prevent UI timeout during MySQL database restore.
  • Fixed case CPANEL-8326: WHM: Use a separate icon for the Change Log interface.
  • Fixed case CPANEL-8334: Isolate stats processing errors on a per-domain basis.
  • Fixed case CPANEL-8338: WHM: Ensure frames render correctly in RTL languages.
  • Fixed case CPANEL-8341: WHM: Ensure access key is displayed properly on Remote Access Key interface.
  • Fixed case CPANEL-8350: Skip displaying Addon Sub & Parked Domains in MultiPHP UI.
  • Fixed case CPANEL-8351: Removed the security advisor notification tweak setting.
  • Fixed case CPANEL-8368: Stop allowing blocker logic to be called below current LTS upgrade.
  • Fixed case CPANEL-8375: Disable customers from running apache_conf_distiller –update on EA4.
  • Fixed case CPANEL-8389: Toggle all checkbox does not work in MultiPHP Manager.
  • Fixed case CPANEL-8393: WHM: Ensure icons appear level on category pages.
  • Fixed case CPANEL-8396: Added cPanel Spotlight feature list entry toggle spotlight availability.
  • Fixed case CPANEL-8432: Update MySQL55 to version 5.5.52-1.cp1156.
  • Fixed case CPANEL-8434: Update MySQL56 to version 5.6.33-1.cp1156.
  • Implemented case CPANEL-8320: Remove stale Domain TLS entries on Apache certificate replacement.
  • Implemented case CPANEL-8371: Reduce memory required for various binaries.
  • Implemented case CPANEL-8411: Add AutoSSL to the feature showcase.
  • Implemented case CPANEL-8413: Remove unused Cpanel/Sys/Hardware/Ethernet.pm.


  • Fixed case CPANEL-5254: Contact notification levels in Contact Manager are incorrect.
  • Fixed case CPANEL-6537: Fix privilege checking code for Horde migration.
  • Fixed case CPANEL-7190: Fix anonymous FTP logins on CentOS 7.
  • Fixed case CPANEL-7282: Include runtime data in the smoker report.
  • Fixed case CPANEL-7649: Keep default-character-set setting in migrations to MySQL 5.6.
  • Fixed case CPANEL-7782: Have all cpbackup_transporter output go to its log.
  • Fixed case CPANEL-7842: Server Time: suggest rebooting server after changing time zone.
  • Fixed case CPANEL-7882: Update MySQL systemd LimitNOFILE parameter when appropriate.
  • Fixed case CPANEL-7906: WHM: Create a new interface to review Upgrade Blockers.
  • Fixed case CPANEL-7906: WHM: Refactor recent activity event listeners to remove YUI dependency.
  • Fixed case CPANEL-7909: WHM: Fix RTL issues on Convert Addon to Account.
  • Fixed case CPANEL-7913: Make redirect success message less confusing.
  • Fixed case CPANEL-7914: Fix loading of custom mod_security rules.
  • Fixed case CPANEL-7999: SSH: disambiguate default key name.
  • Fixed case CPANEL-8027: Update cpanel-dnspython to 1.12-2.cp1158.
  • Fixed case CPANEL-8043: Use system ImageMagick by default.
  • Fixed case CPANEL-8043: Remove unused button making modules.
  • Fixed case CPANEL-8043: Ensure Fileman module is loaded before API calls.
  • Fixed case CPANEL-8043: sprite_generator: use mogrify instead of Image::Magick.
  • Fixed case CPANEL-8094: fixquotas: use proper method to detect CloudLinux.
  • Fixed case CPANEL-8136: Add IDs to checkbox on Terminate Accounts page.
  • Fixed case CPANEL-8151: Adjust SNI detection for OpenLiteSpeed.
  • Fixed case CPANEL-8153: Ensure Exim fail filters use specified message.
  • Fixed case CPANEL-8177: Exfiltrate stderr/stout from fpm children to log.
  • Fixed case CPANEL-8190: Paper Lantern: Update placeholder text for search field.
  • Fixed case CPANEL-8193: Make removeacct work properly to temporary resellers.
  • Fixed case CPANEL-8197: Provide correct message when parking a domain on main domain.
  • Fixed case CPANEL-8205: Lengthen MySQL restore timeout for Transfer Tool.
  • Fixed case CPANEL-8217: WHM: Wrap IPv6 addresses in the Assign IPv6 interface.
  • Fixed case CPANEL-8235: Email Filters: fix broken button in non-English locales.
  • Fixed case CPANEL-8246: restartsrv: properly handle Apache PHP-FPM.
  • Fixed case CPANEL-8249: Add SNI keyword to relevant entries in WHM.
  • Fixed case CPANEL-8271: update_featurelist: allow editing only one feature via API.
  • Fixed case CPANEL-8274: Add missing mailbox icon to edit filters page.
  • Fixed case CPANEL-8283: Remove Spam headers from outside servers to avoid confusion.
  • Fixed case CPANEL-8285: Don’t translated fixed names of feature lists.
  • Fixed case CPANEL-8286: Removed include_path from basic directives.
  • Fixed case CPANEL-8288: Update IDs to use the vhost as part on MultiPHP Manager page.
  • Fixed case CPANEL-8292: Fix upgrades from 44 and older.
  • Fixed case CPANEL-8294: Ensure etc/php.ini has proper extension variables.
  • Fixed case CPANEL-8294: Order do_once blocks by version number.
  • Fixed case CPANEL-8297: Fix Spanish mistranslation of “Deliver selected”.
  • Fixed case CPANEL-8300: Ensure that rebuildhttpdconf –preview outputs to correct location.
  • Fixed case CPANEL-8303: Transfers icon appears even when Reseller lacks proper permissions.
  • Fixed case CPANEL-8304: Ensure the RoR icon is visible after installruby is run.
  • Fixed case CPANEL-8308: Rebuild the Mail Only feature list on upgrade.
  • Fixed case CPANEL-8312: Fix HTTP Keep-alives with HTTP::Tiny.
  • Fixed case CPANEL-8313: WHM: Correct padding issues in the layout for RTL languages.
  • Fixed case CPANEL-8319: sprite_generator: provide –all for backward compatibility.
  • Fixed case CPANEL-8329: Update copyright dates.
  • Fixed case CPANEL-8330: WHM: add “EA3” and “EA4” as search terms.
  • Fixed case CPANEL-8332: ModSecurity now logs events for EA4 jailshell users.
  • Fixed case CPANEL-8346: Ensure ImageMagick RPM is not marked as modified.
  • Implemented case CPANEL-8212: Domain TLS for Dovecot (always on), and update SSL host-choosing logic.
  • Implemented case CPANEL-8261: Speed up the accountsummary API call.
  • Implemented case CPANEL-8293: Disallow invalid mail filter characters.
  • Implemented case CPANEL-8305: Remove Domain TLS entries when parked and subdomains are removed.
  • Implemented case CPANEL-8317: Breakup Email Validation modules to reduce memory usage.
  • Implemented case CPANEL-8322: TT::Parser on demand since most templates are cached.
  • Implemented case CPANEL-8327: Reduce dnsadmin memory needs.


  • Fixed case CPANEL-6147: Exclude SSL DCV checks from .htaccess RewriteRule.
  • Fixed case CPANEL-6313: Resolve phpMyAdmin stalling due to php bug 69724.
  • Fixed case CPANEL-6655: Remove warnings that httpd is not present in early installation.
  • Fixed case CPANEL-7970: Updated save to folder filter creation.
  • Fixed case CPANEL-8017: Lengthen timeout for restoring databases.
  • Fixed case CPANEL-8128: Gracefully handle unavailable MySQL in WHM main page.
  • Fixed case CPANEL-8170: HTTP Keepalive are always reset for cpaneld and webmaild.
  • Fixed case CPANEL-8183: Restore grouporder element in available application API call.
  • Fixed case CPANEL-8191: FTP Accounts: ensure validation error message is properly formatted.
  • Fixed case CPANEL-8220: Update cpanel-php56 to 5.6.20-cp1158.
  • Fixed case CPANEL-8222: Properly count the number of autoresponders available.
  • Fixed case CPANEL-8229: Remove scripts/installimagemagick.
  • Fixed case CPANEL-8230: Fix fileprotect control scripts to function with EA4.
  • Fixed case CPANEL-8231: Added unconditional warning about custom user mime types.
  • Fixed case CPANEL-8238: EA4 UI: Make packages more readable.
  • Fixed case CPANEL-8245: Add missing Fcntl module requirement in SourceIPCheck.
  • Fixed case CPANEL-8254: Update dovecot to 2.2.25-2.cp1158.
  • Fixed case CPANEL-8260: WHM: Ensure the Transfers Header is properly visible in all cases.
  • Fixed case CPANEL-8264: WHM: Disable the DNS Cluster interface if DNSSEC is configured on any domains.
  • Fixed case CPANEL-8280: Transfers icon appears even when Reseller lacks proper permissions.
  • Fixed case CPANEL-8287: Updated footer logos of cPanel Basic, Retro, and Webmail to use SVG.
  • Implemented case CPANEL-7332: Remove code that handles non-SNI systems in SSL install.
  • Implemented case CPANEL-7912: Hooks for AutoSSL providers to respond to major account operations.
  • Implemented case CPANEL-8156: Have modifyacct/changeusersdomain update Domain TLS (cpsrvd/cpdavd).
  • Implemented case CPANEL-8174: Reduce memory required for cpsrvd.
  • Implemented case CPANEL-8179: Added support for PHP-FPM in cPanel UI.
  • Implemented case CPANEL-8184: Exim: ensure 5xx status when localuser over quota.
  • Implemented case CPANEL-8194: Create Cpanel::Security::Authn::User::Modify.
  • Implemented case CPANEL-8198: Make Exim use Domain TLS for SSL certificates (and thus be always on).
  • Implemented case CPANEL-8239: Added new icons to WHM home page.


  • Fixed case CPANEL-3746: Update Cpanel::Class to v1.0.6-3.cp1156.
  • Fixed case CPANEL-8165: Fix Horde loading issue with Turkish locale.
  • Fixed case CPANEL-8208: The DynamicUI cache needs to handle locales.
  • Fixed case CPANEL-8221: Add missing return statement for two factor auth security policy.
  • Fixed case CPANEL-8221: Ensure cpsrvd starts when security policies enabled.
  • Fixed case CPANEL-8232: Restore Cpanel::cPFunctions.
  • Fixed case CPANEL-8236: Avoid loading locale in security policy modules.


  • Fixed case CPANEL-7770: Switch to posix fs for dovecot lastlogin tracking.
  • Fixed case CPANEL-7797: Make cpipv6.service wait for the network to be up.
  • Fixed case CPANEL-8003: Improvements to auto-purging of File Manager Trash.
  • Fixed case CPANEL-8042: Have Dovecot give a more descriptive over-quota failure message.
  • Fixed case CPANEL-8093: Improve detection of CloudLinux for update blocker.
  • Fixed case CPANEL-8095: Improve package resolution.
  • Fixed case CPANEL-8109: rlimits for a service will only be set when starting it.
  • Fixed case CPANEL-8114: Ensure that the updateuserdomains does not emit Perl errors.
  • Fixed case CPANEL-8121: Ensure that upgrade blocker notifications are sent when blockers are found.
  • Fixed case CPANEL-8121: Manage MySQL Profiles: Disallow MySQL 5.1 on remote MySQL servers.
  • Fixed case CPANEL-8126: Clear disk quota cache on change.
  • Fixed case CPANEL-8133: Remove Cpanel::Url::TamperProof.
  • Fixed case CPANEL-8135: Correct reversed entries for domain forwarders.
  • Fixed case CPANEL-8154: Backport Cpanel::Filesys::Info/Mount changes from CPANEL-7241.
  • Fixed case CPANEL-8164: Fix unknown function error in Cpanel::Sys::Hostname::Modify.
  • Implemented case CPANEL-8016: Optimize moving between pages in paper lantern.
  • Implemented case CPANEL-8028: Update comment for Rand::Get preload increase.
  • Implemented case CPANEL-8051: Avoid locking the group file for reading.
  • Implemented case CPANEL-8055: Amazon-aware logic to get cPanel version for RPMs for Cpanel::Plugins.
  • Implemented case CPANEL-8058: Add SNI support to cpsrvd; lay groundwork for other services to use.
  • Implemented case CPANEL-8091: Added Spotlight of User Manager in side navigation of cPanel interface.
  • Implemented case CPANEL-8119: Optimize changing a users domain.
  • Implemented case CPANEL-8134: Update Cpanel::SSL::OCSP to use Net::SSLeay API.
  • Implemented case CPANEL-8155: SNI for cpdavd.
  • Implemented case CPANEL-8158: Fix invocation of SSL_Context object in cpsrvd.
  • Implemented case CPANEL-8159: Prevent non-SNI SSL requests from polluting system logs.
  • Implemented case CPANEL-8160: Optimize Domain TLS OCSP revocation check by passing the CA bundle.


  • Fixed case CPANEL-6016: Updated SpamAssassin to 3.004001-cp1156.
  • Fixed case CPANEL-6436: Prevent tailwatchd from starting multiple processes.
  • Fixed case CPANEL-7540: Hide PHP & suExec Configuration for EA 4.
  • Fixed case CPANEL-7643: Include webmail, cPanel, & WHM for addon/parked domains.
  • Fixed case CPANEL-7667: Exim: avoid false positives in malicious file types filter.
  • Fixed case CPANEL-7695: Add meaningful error message to API2 DKIMUI when feature disabled.
  • Fixed case CPANEL-7721: Prevent File Manager from allowing Password Protect when disabled.
  • Fixed case CPANEL-7872: Disable mailauth quota checks if quotas are disabled.
  • Fixed case CPANEL-7932: Add Mysqli and FileInfo to EA3 -> EA4 Map.
  • Fixed case CPANEL-7958: Update cpanel-mailman to 2.1.21-14.cp1158.
  • Fixed case CPANEL-7994: Make Dovecot’s config VSZ limit adjustable.
  • Fixed case CPANEL-8001: Ensure main domain is synced to cluster on restore.
  • Fixed case CPANEL-8024: Paper Lantern: Fix feature search for “Password & Security”.
  • Fixed case CPANEL-8033: Ensure WHM logo is displayed on the Feature Showcase interface.
  • Fixed case CPANEL-8044: Optimize Cpanel::ProgLang::Supported::php to use CachedCommand.
  • Fixed case CPANEL-8045: Generate_maildirsize: don’t add email users’ quotas to main account.
  • Fixed case CPANEL-8046: Search is visible in PHP Extensions & Modules step.
  • Fixed case CPANEL-8052: Update cPanel::TaskQueue to 0.800-2.cp1156.
  • Fixed case CPANEL-8098: Fix display on unparsable JSON data in AutoSSL log.
  • Fixed case CPANEL-8099: Fix removal of cPanel AutoSSL queue entry on domain rename.
  • Fixed case CPANEL-8100: Prevent rewriting of /etc/init.d/httpd on EA4 sysV systems.
  • Fixed case CPANEL-8104: Ensure not installed and unaffected for EA4 UI.
  • Fixed case CPANEL-8106: WHM: Ensure the Unsupported MySQL version warning only appears for root users.
  • Fixed case CPANEL-8115: WHM: Do not display broken HTML on the View Bandwidth interface.
  • Implemented case CPANEL-8031: Accommodate Amazon Linux’s versioning in Let’s Encrypt installer.
  • Implemented case CPANEL-8108: Update to perl 5.22.1-11 for HTTP::Tiny 0.58.
  • Implemented case CPANEL-8111: Added width rounding to ensure browser interprets sprite size properly.


  • Fixed case CPANEL-3338: Restart cpbackup_transport connections on failure.
  • Fixed case CPANEL-7475: FTP accounts page to honor “Restrict doc roots to public_html”.
  • Fixed case CPANEL-7584: Updated to cpanel-perl-522-Mail-SpamAssassin-3.004001-10.cp1156.
  • Fixed case CPANEL-7590: Fix handling exim ports from exim.conf.local.
  • Fixed case CPANEL-7662: Don’t suspend outgoing email when restoring an account.
  • Fixed case CPANEL-7698: Updated ClamAV to 0.99.2-1.cp1156.
  • Fixed case CPANEL-7708: Add directory permissions validation to bin/rebuild-templates.
  • Fixed case CPANEL-7852: Don’t reissue GRANTs when adding new MySQL remote.
  • Fixed case CPANEL-7897: Add FPM inventory to scripts/php_fpm_config for troubleshooting.
  • Fixed case CPANEL-7943: Avoid exception running updateuserdomains on fresh install.
  • Fixed case CPANEL-7944: Speed up AutoSSL log render speed in browser.
  • Fixed case CPANEL-7953: Avoid batching recipients not in a visible header.
  • Fixed case CPANEL-7977: Improve wording in outdated software notification.
  • Fixed case CPANEL-7986: Optimize package info related code.
  • Fixed case CPANEL-7986: Switch python from argparse to getopt to support centos 6.3.
  • Fixed case CPANEL-7995: Updated Cpanel::CORE::Depdencies to 1.8-1.cp1156.
  • Fixed case CPANEL-8000: Fix UI order of email forwarder and destination.
  • Fixed case CPANEL-8002: Add unsupported MySQL version banner to home and other WHM pages.
  • Fixed case CPANEL-8004: Update cpanel-git to 2.9.3-1.cp1158.
  • Fixed case CPANEL-8023: Reduce memory required for locale.
  • Fixed case CPANEL-8026: Revert the need for python-argparse.
  • Fixed case CPANEL-8034: WHM: Improve Unsupported MySQL warning.
  • Implemented case CPANEL-8020: Fix invocation of Cpanel::Exception in Plugins.pm.


  • Fixed case CPANEL-7649: Keep default-character-set setting in migrations to MySQL 5.6.
  • Fixed case CPANEL-7804: Strip RPM release tags from Roundcube version numbers.
  • Fixed case CPANEL-7865: Use auto-detection for server type in filezilla client config.
  • Fixed case CPANEL-7904: Updated site publisher element IDs and removed Dashboard references.
  • Fixed case CPANEL-7937: On EA4 UI Conflicts, Requires should resolve fine.
  • Fixed case CPANEL-7938: Changed links in Webmail user dropdown to use app_keys.
  • Fixed case CPANEL-7942: Update cpanel-perl-522-Cpanel-CORE-Dependencies to 1.7-1.cp1156.
  • Fixed case CPANEL-7947: Allow reconversion of maildir to mdbox without –remove-old-format.
  • Fixed case CPANEL-7960: Optimized Cpanel::API::Styles::current.
  • Fixed case CPANEL-7966: Remove conversion script install/Munin.pm not relevant since 36.
  • Fixed case CPANEL-7966: Remove obsolete RPM references in etc/rpm.version already force removed in 58.
  • Fixed case CPANEL-7971: Handle legacy filter destinations with an extra leading dot in the domain.
  • Fixed case CPANEL-7972: Background slow running PHPFPM service operations.
  • Fixed case CPANEL-7975: WHM: Added tooltip to context-sensitive help icon.
  • Fixed case CPANEL-7979: Changing pre_migrate_check to parse output of yum for repo information.
  • Fixed case HB-1878: Fix for verbose PackMan processing showing up in API headers.
  • Implemented case CPANEL-7860: Optimize and cache listing system mounts.
  • Implemented case CPANEL-7935: Created a new consolidated Terminate Accounts Page.
  • Implemented case CPANEL-7983: Add support for DNSSEC with PowerDNS.
  • Implemented case CPANEL-8006: Bug fixes related to addition of killacct interface.


  • Fixed case CPANEL-6434: Email::list_forwarders returns documented values.
  • Fixed case CPANEL-7418: Fixed error page when attempting to reset password for root.
  • Fixed case CPANEL-7472: Backups: provide actual log file name in notifications.
  • Fixed case CPANEL-7823: Fix the is_upcp_running() check in ChkServd.
  • Fixed case CPANEL-7827: Add extfilter and diskcache to EA3 -> EA4 Map.
  • Fixed case CPANEL-7832: New setting to enable counting Trash against the users mail quota.
  • Fixed case CPANEL-7845: Give a “nice” error message on local root mail delivery.
  • Fixed case CPANEL-7858: Hardcode suexec patch version to 2.0 when CloudLinux is detected.
  • Fixed case CPANEL-7878: Redirect Search Accounts to List Accounts.
  • Fixed case CPANEL-7892: Install an SSL Cert: don’t break UI if cert data missing.
  • Fixed case CPANEL-7894: Allow forwarders to go through even if a user is over quota.
  • Fixed case CPANEL-7896: Add fallback to reading /etc/fstab if /dev/root is a broken symlink.
  • Fixed case CPANEL-7911: Update cpanel-mailman to 2.1.21-13.cp1158.
  • Fixed case CPANEL-7915: Adjust wording of LogLevel in Apache Tweak Setting.
  • Fixed case CPANEL-7924: Remove unused spf_bl Exim ACL.
  • Fixed case CPANEL-7930: Fix parsing of blocker file.
  • Fixed case CPANEL-7931: Remove old lock for /etc/mtab.
  • Fixed case CPANEL-7946: Migrate_branding: fix missing function error.
  • Fixed case CPANEL-7946: No longer run migrate_branding on upgrade.
  • Fixed case CPANEL-7950: Update cpanel-roundcubemail to 1.1.4-7.cp1158.
  • Fixed case HB-1852: Enable some verbosity during ea4 migration.
  • Implemented case CPANEL-7922: Add migration hooks to EA4 migration script.
  • Implemented case CPANEL-7955: Added ability to support svg icons for plugins.


  • Fixed case CPANEL-153: WHM: Support multiple validators for a field on the Backup Configuration page.
  • Fixed case CPANEL-674: Don’t timeout cpses_tool when many DBs exist.
  • Fixed case CPANEL-1225: Replace question mark with glyphicon.
  • Fixed case CPANEL-2084: Remove erroneous space in phpMyAdmin name in Spanish locale.
  • Fixed case CPANEL-2112: Remove old Allow Sharing Nameserver IPs tweak setting.
  • Fixed case CPANEL-4889: Don’t regenerate GRANTs that already exist.
  • Fixed case CPANEL-4909: Fix exception errors from scripts/updatenow.
  • Fixed case CPANEL-5192: Checkphpini: preserve user-configured php.ini settings.
  • Fixed case CPANEL-5308: Fixed erroneous MySQL privilege restoration during transfers.
  • Fixed case CPANEL-5604: Enable passive FTP by default.
  • Fixed case CPANEL-5679: Make MyDNS zone removal more efficient.
  • Fixed case CPANEL-5886: Allow Pushbullet API tokens with periods.
  • Fixed case CPANEL-6012: Added link to documentation facilitating CalDAV client setup.
  • Fixed case CPANEL-6016: Update cpanel-perl-522-Mail-SpamAssassin to 3.004001-10.cp1156.
  • Fixed case CPANEL-6057: During a restore, skip email quota file if missing.
  • Fixed case CPANEL-6137: Fix “network error” message in IE logging into WHM.
  • Fixed case CPANEL-6199: Extract ZIPped Unicode filenames in File Manager.
  • Fixed case CPANEL-6236: Update cpanel-perl-522-Archive-Tar-Builder to 2.5000-1.cp1156.
  • Fixed case CPANEL-6248: Add ability to specify domain owner to scripts/adddns.
  • Fixed case CPANEL-6257: Clear mail tracker files during maintenance if eximstats is disabled.
  • Fixed case CPANEL-6275: Prevent cphulkdsetup hang from hanging change hostname.
  • Fixed case CPANEL-6297: Added GET_SERVER_INFORMATION as a valid MySQL demo action.
  • Fixed case CPANEL-6338: Implemented work around for broken /dev/root symlink during quotacheck.
  • Fixed case CPANEL-6362: Fix UAPI error reporting for suspended accounts.
  • Fixed case CPANEL-6400: Firewall: avoid removing rules when firewall is down.
  • Fixed case CPANEL-6418: Address Importer: don’t fail on large numbers of addresses.
  • Fixed case CPANEL-6436: Prevent tailwatchd from starting multiple processes.
  • Fixed case CPANEL-6454: Set “Max cPanel process memory” to default to 768 MB.
  • Fixed case CPANEL-6483: Fixetchosts: ensure hostname is valid before adding.
  • Fixed case CPANEL-6620: Allow restarsrv crond to work without failure.
  • Fixed case CPANEL-6640: Fixed detecting mount given a home directory.
  • Fixed case CPANEL-6812: Make whostmgr2 ip migrate step 6 account for NATed IPs in zonefiles.
  • Fixed case CPANEL-6869: Allow get_update_availability call on DNSONLY.
  • Fixed case CPANEL-6901: Make FTP download links use go.cpanel.net.
  • Fixed case CPANEL-6979: Update cpanel-mailman to 2.1.21-10.cp1158.
  • Fixed case CPANEL-7015: Correctly wait on file clean up before creating weekly backup links.
  • Fixed case CPANEL-7023: On demand load of Cpanel::Exception.
  • Fixed case CPANEL-7030: Fix request all usernames on Purchase & Install SSL Cert WHM Page.
  • Fixed case CPANEL-7033: Installpostgres: fix installation on Amazon Linux.
  • Fixed case CPANEL-7081: Ensure Cpanel::TempFile removes temp files created in children.
  • Fixed case CPANEL-7115: Apitool: allow passing multiple of the same parameter.
  • Fixed case CPANEL-7131: Prevent deleting an FTP account from removing the public_html directory.
  • Fixed case CPANEL-7158: Replace warns() deep in the CustInfo system with thrown exceptions.
  • Fixed case CPANEL-7159: Exclude “lh” from API Shell UPAI function list.
  • Fixed case CPANEL-7206: Update pure-ftpd to 1.0.42-6.cp1156.
  • Fixed case CPANEL-7226: Make restartsrv_cpsrvd restart cpsrvd, not all cPanel services.
  • Fixed case CPANEL-7227: Cleaned up unneeded cpanelpost hooks.
  • Fixed case CPANEL-7245: Update cpanel-php56-Horde-Role to lliuuu1.0.1-3.cp1158.
  • Fixed case CPANEL-7258: Fix issue with custom MySQL socket locations.
  • Fixed case CPANEL-7261: Updated app_key for Email Accounts.
  • Fixed case CPANEL-7266: Updateuserdomains: avoid uninitialized value warnings.
  • Fixed case CPANEL-7266: Ensure userdomains files don’t end up empty.
  • Fixed case CPANEL-7267: Paper Lantern: Fix browser console error on Email Filters interface.
  • Fixed case CPANEL-7305: Adding jQuery and Bootstrap js to Paper Lantern.
  • Fixed case CPANEL-7306: Correctly handle usage of sendmail when DEMO mode is disabled.
  • Fixed case CPANEL-7354: Use standard time zone abbreviations for Server Time.
  • Fixed case CPANEL-7402: Make FTP use standard TLS cipher suite defaults.
  • Fixed case CPANEL-7402: Allow specifying TLS protocols for ProFTPD.
  • Fixed case CPANEL-7402: Add the ability to provide a default TLS protocol list.
  • Fixed case CPANEL-7410: Remove Cpanel::Validate::FilesystemPermissions.
  • Fixed case CPANEL-7416: Fix PwCache when rebuilding cache.
  • Fixed case CPANEL-7435: WHM: Hide progress bars on Quota Modification page when quotas are disabled.
  • Fixed case CPANEL-7437: Raise file restore limit on transfers to 2 million.
  • Fixed case CPANEL-7443: Fix scripts/gentomcatlist2 to use Cpanel::PwCache.
  • Fixed case CPANEL-7445: Upgrade_subaccount_databases runs needlessly.
  • Fixed case CPANEL-7446: Don’t prune old backups if backup was a partial failure.
  • Fixed case CPANEL-7449: Have add_system_user validate user names against system user rules.
  • Fixed case CPANEL-7480: Paper Lantern: Display the file name in the browser title when editing a file.
  • Fixed case CPANEL-7483: Paper Lantern Webmail: Fix menu indentation for RTL languages.
  • Fixed case CPANEL-7488: Always monitor the dnsadmin service.
  • Fixed case CPANEL-7490: Added check for and recover of eximstats.sql to maintenance script.
  • Fixed case CPANEL-7491: suspend incoming email now enforced with Exim ACL.
  • Fixed case CPANEL-7496: Ensure all alerts are visible on the Calendars and Contacts page.
  • Fixed case CPANEL-7498: Paper Lantern: Do not use uppercase for usernames in the header.
  • Fixed case CPANEL-7518: Show maximum and minimum values for applicable fields on WHM Basic Setup page.
  • Fixed case CPANEL-7519: Make upgrade check for ftp/cpanel user existence.
  • Fixed case CPANEL-7532: Remove dead and buggy Horde restore code.
  • Fixed case CPANEL-7564: Use SHA1 of domain for socket name.
  • Fixed case CPANEL-7566: Purge the quota cache when quotas are updated for an account.
  • Fixed case CPANEL-7571: Fix Backups::restoredb API call.
  • Fixed case CPANEL-7581: Avoid traceback error in Encryption interface.
  • Fixed case CPANEL-7594: Resolve /proc/mounts symlink when fixing missing /dev/root.
  • Fixed case CPANEL-7604: Ensure users processes are killed on account termination.
  • Fixed case CPANEL-7622: Disallow chmod for symlinks in file manager.
  • Fixed case CPANEL-7626: Secureit: allow disabling via touch file.
  • Fixed case CPANEL-7628: Removed duplicate ID from toggle switch.
  • Fixed case CPANEL-7630: Prevent wildcard (*) subdomain from creating dotted docroot.
  • Fixed case CPANEL-7635: Removed “use warnings” from Cpanel/Fileman.pm.
  • Fixed case CPANEL-7637: Restore argument parsing in cPanel APIs with apitool.
  • Fixed case CPANEL-7639: CachedDataStore never uses the cache if it locks the datastore.
  • Fixed case CPANEL-7640: Whoowns: accept URLs as arguments.
  • Fixed case CPANEL-7642: Paper Lantern: Prevent long domains from breaking the Addon Domains layout.
  • Fixed case CPANEL-7650: Updated check and status functions for restartsrv_apache_php_fpm script.
  • Fixed case CPANEL-7658: Option: Auto-empty user .trash dirs.
  • Fixed case CPANEL-7670: Restore missing function to cpanelpost.
  • Fixed case CPANEL-7673: Dnsadmin cleanup processes before switching to dormant.
  • Fixed case CPANEL-7681: Removal of references of Sweetalert.
  • Fixed case CPANEL-7686: PwCache: fix call to nonexistent function.
  • Fixed case CPANEL-7708: Add directory permissions validation to bin/rebuild-templates.
  • Fixed case CPANEL-7734: Fix pkgacct to create full backup for user backups.
  • Fixed case CPANEL-7748: Fixed a bug where IE9 / IE10 SVG icons don’t show up.
  • Fixed case CPANEL-7751: Silence warning when logging in over plain HTTP.
  • Fixed case CPANEL-7759: Update MySQL55 to 5.5.51-1.cp1156.
  • Fixed case CPANEL-7760: Update MySQL56 to 5.6.32-1.cp1156.
  • Fixed case CPANEL-7768: Ticket system API query tool.
  • Fixed case CPANEL-7769: Restore ability to read large JSON files in transactions.
  • Fixed case CPANEL-7769: Print error message when locking Apache datastore fails.
  • Fixed case CPANEL-7771: Clean up WHM breadcrumbs related to “Copy Multiple Accounts”.
  • Fixed case CPANEL-7771: Replace auto-generated link with explicit links.
  • Fixed case CPANEL-7771: Remove unused “Additional Software” from WHM Menus.
  • Fixed case CPANEL-7771: Modified context-sensitive help to support WHM plugin pages.
  • Fixed case CPANEL-7771: Remove WHM pages replaced by Transfer Tool.
  • Fixed case CPANEL-7772: Added CSS animations for toggling cPanel Sea of Icons groups.
  • Fixed case CPANEL-7775: Fixed reset page settings.
  • Fixed case CPANEL-7790: Harden Demo Mode and Reseller interactions.
  • Fixed case CPANEL-7803: Reorganize and rework cpsrvd URI parsing.
  • Fixed case CPANEL-7818: Taskrun: fix typo on eximstatus update.
  • Fixed case CPANEL-7887: Update B::C to version 5.022009-2.cp1156.
  • Implemented case CPANEL-2394: Automated the sql log recovery of Eximstats.
  • Implemented case CPANEL-6794: Improve the performance of reading and saving zone files.
  • Implemented case CPANEL-6795: Avoid updating neighbor netblocks on account creation.
  • Implemented case CPANEL-6876: CJT2: Update the search directive so the ESC key can clear the search.
  • Implemented case CPANEL-7056: Add Tweak Setting and Feature Showcase for Subaccount Invites.
  • Implemented case CPANEL-7079: Optimize createacct hashing.
  • Implemented case CPANEL-7118: Removing bootstrap and jQuery libraries for master.
  • Implemented case CPANEL-7166: Use Cpanel::InternalDBS for Cpanel::Updatedomains::CORE.
  • Implemented case CPANEL-7209: Prefer Cpanel::Transaction over Cpanel::SafeFile directly.
  • Implemented case CPANEL-7229: Restore optimizations loading paper lantern.
  • Implemented case CPANEL-7240: Speed up account creation and removal.
  • Implemented case CPANEL-7241: Defer horde and ruby account creation for speed.
  • Implemented case CPANEL-7243: Adding About Me template.
  • Implemented case CPANEL-7331: Remove legacy Cpanel::Bytes in favor of core bytes.
  • Implemented case CPANEL-7335: Optimize and enable deferred BIND reloads.
  • Implemented case CPANEL-7338: Optimize account removal speed.
  • Implemented case CPANEL-7371: Make realadduser use IdTrack to avoid reusing uids.
  • Implemented case CPANEL-7375: Ability to specifically target applications in Paper Lantern stylesheet.
  • Implemented case CPANEL-7389: Add invitation notices within User Manager.
  • Implemented case CPANEL-7474: Add SVG support to the sprite generator.
  • Implemented case CPANEL-7511: Add PowerDNS as an available Name Server.
  • Implemented case CPANEL-7531: Remove x3 and x3mail from cPanel code base.
  • Implemented case CPANEL-7547: Optimize build_locale_databases.
  • Implemented case CPANEL-7570: Added context-sensitive help to WHM pages.
  • Implemented case CPANEL-7578: Update CDB with fetch_all support for build locale speed.
  • Implemented case CPANEL-7621: Improve pod for various account remove modules.
  • Implemented case CPANEL-7623: Restore userdata and fix zonefile caching.
  • Implemented case CPANEL-7780: Make updates to localdomains diskfull safe.
  • Implemented case CPANEL-7787: Added css classes to target cpanel and webmail.
  • Implemented case CPANEL-7789: Added app specific ids to webmail.
  • Implemented case CPANEL-7809: Added Home to feature search.
  • Implemented case CPANEL-7812: Updated sidebar links to use app key as id.
  • Implemented case CPANEL-7820: Add Preflight Checks to the EA4 Migration.
  • Implemented case CPANEL-7825: Added svg logo support for cPanel, webmail and whm.
  • Implemented case CPANEL-7826: More robust handling of Let’s Encrypt plugin install/uninstall.

Additional Documentation