78 Change Log

Last modified: February 8, 2023


  • [security] Fixed case SEC-485: Remote code execution via Exim filter path handling.
  • [security] Fixed case SEC-491: Bypass of SMTP greylisting restrictions.
  • [security] Fixed case SEC-497: Jailshell breakout via chsh.
  • [security] Fixed case SEC-549: Insecure BIND RNDC credentials used in templated VMs.
  • [security] Fixed case SEC-550: Insecure Dovecot auth policy API key used in templated VMs.
  • [security] Fixed case SEC-551: Insecure Mailman site password used in templated VMs.
  • [security] Fixed case SEC-552: Insecure SRS secret used in templated VMs.
  • [security] Fixed case SEC-554: Insecure chkservd test credentials used in templated VMs.
  • [security] Fixed case SEC-558: World-readable permissions on proxy subdomains log file.


  • [security] Fixed case CPANEL-26503: Update cpanel-mailman to 2.1.27-3. Fixes CVE-2018-13796.
  • [security] Fixed case CPANEL-30815: Update rpm.versions for cpanel-perl-528-Mail-SpamAssassin 3.004003-2.cp1178. Fixes CVE-2020-1931, CVE-2020-1930, CVE-2019-12420, CVE-2018-11805.
  • [security] Fixed case CPANEL-32310: Update rpm.versions for proftpd 1.3.6c-1.cp1170. Fixes CVE-2020-9273.


  • [security] Fixed case SEC-505: Bandwidth suspensions can be triggered remote via mail log strings.
  • [security] Fixed case SEC-540: Cpanel account backup leaks access to current working directory.


  • Fixed case CPANEL-26557: Enable maildir_broken_filename_sizes in the default config for dovecot.
  • Fixed case CPANEL-29958: Rebuild dovecot configuration upon upgrade.
  • Fixed case CPANEL-30371: Handle the LTS tier correctly and update help text in the Update Preferences interface.
  • Fixed case CPANEL-30391: Support password and shadow file lookups with windows line endings.
  • Fixed case CPANEL-30456: Rewrite CPANEL=11.78 to CPANEL=lts in /etc/cpupdate.conf.
  • Fixed case CPANEL-30983: Add MySQL database size statistics to the metadata.
  • Implemented case CPANEL-29877: Better Handle LetsEncrypt Errors in AutoSSL interface.


  • [security] Fixed case SEC-515: Self-XSS Vulnerability via temporary character set specification.
  • [security] Fixed case SEC-535: Self-stored XSS vulnerability in HTML file editor.
  • [security] Fixed case SEC-537: Arbitrary code execution as root via dnsadmin when using PowerDNS.
  • [security] Fixed case SEC-541: Feature and demo restrictions not enforced for WebDisk UAPI calls.
  • [security] Fixed case SEC-542: Demo checks enforced incorrectly in Market UAPI namespace.
  • [security] Fixed case SEC-543: Demo account file modifications through Branding API calls.
  • [security] Fixed case SEC-546: Demo account code execution via PassengerApps APIs.
  • [security] Fixed case SEC-547: Arbitrary file deletion for Webmail and Demo accounts.


  • Fixed case CPANEL-30391: Support password and shadow file lookups with windows line endings.


  • [security] Fixed case SEC-499: Authentication bypass due to variations in webmail username handling
  • [security] Fixed case SEC-508: Account suspension bypass via virtual mail accounts.
  • [security] Fixed case SEC-516: Authentication bypass due to faulty password file format parsing.
  • [security] Fixed case SEC-520: Self-XSS due to faulty JSON string escaping.
  • [security] Fixed case SEC-525: Cpanel::Rand::Get can produce predictable output.
  • [security] Fixed case SEC-532: Root chown on arbitrary paths in cPanel log processing.
  • [security] Fixed case SEC-533: Stored-XSS Vulnerability in WHM Backup Restoration
  • [security] Fixed case SEC-534: WebDAV authentication bypass due to faulty connection sharing logic.


  • Fixed case CPANEL-23061: Rebuild apache config when generating default SSL certs for cPanel services.
  • Fixed case CPANEL-28441: Avoid named.conf cache rebuild on zone reload.
  • Fixed case CPANEL-28444: Reduce the rate at which AutoSSL redoes the DCV setup.
  • Fixed case CPANEL-28615: Report configuration information.


  • [security] Fixed case CPANEL-29672: Updated Exim for CVE-2019-16928


  • [security] Fixed case SEC-503: Demo account code execution via Chrome::get_dom UAPI function.
  • [security] Fixed case SEC-521: Self-XSS vulnerability in the cPanel SSL Certificate Upload interface.
  • [security] Fixed case SEC-524: Self-XSS vulnerabilities in cPanel LiveAPI example scripts.
  • [security] Fixed case SEC-526: Self-XSS vulnerability in the cPanel SSL Key Delete interface.
  • [security] Fixed case SEC-527: Self-stored XSS vulnerability in the WHM SSL Storage Manager interface.
  • [security] Fixed case SEC-528: Self-XSS Vulnerability in the WHM Update Preferences interface.


  • [security] Fixed case CPANEL-29236: Update rpm.versions for exim 4.92-5.cp1178. Fixes CVE-2019-15846.


  • Fixed case CPANEL-25646: Ensure that modifyacct properly handles addon domains that are subdomains of the primary domain.
  • Fixed case CPANEL-26328: Fix bug in custom backup transports where the timeout was a more general timeout instead of a read timeout.
  • Fixed case CPANEL-29060: Update rpm.versions for dovecot Fixes CVE-2019-11500.


  • Fixed case CPANEL-25608: Add touchfile /var/cpanel/skip-repo-setup to prevent setup of EA4 repository during upcp & sysup for customers who have already got their own custom repo or mirror.
  • Fixed case CPANEL-25775: Fix bug of adding IPv6 subdomain of addon domain as a new addon domain.
  • Fixed case CPANEL-25777: The EasyApache 4 landing page will fully load before showing profiles.
  • Fixed case CPANEL-26819: EA4 UI shows the correct state of packages (i.e. install/uninstall) in all scenarios.
  • Fixed case CPANEL-28146: Avoid overwriting existing firewall settings.


  • [security] Fixed case CPANEL-28456: Update rpm.versions for exim 4.92-4.cp1178. Fixes CVE-2019-13917.


  • [security] Fixed case SEC-501: Demo account remote code execution via faulty URI dispatching.
  • [security] Fixed case SEC-504: Stored-XSS vulnerability in WHM Tomcat Manager interface.
  • [security] Fixed case SEC-506: Self XSS vulnerability in cPanel and webmail master templates.
  • [security] Fixed case SEC-507: Unauthenticated file creation vulnerability via Exim log parsing.
  • [security] Fixed case SEC-512: Stored-XSS vulnerability in WHM Modify Account interface.
  • [security] Fixed case SEC-514: Reseller package creation ACLs enforced incorrectly.


  • Fixed case CPANEL-22022: Switch to Net::IDN::Encode for punycode.
  • Fixed case CPANEL-24832: Work around systemd race condition which can cause it to kill cpsrvd.
  • Fixed case CPANEL-25221: Ensure AutoSSL can install a certificate when the account is overquota.
  • Fixed case CPANEL-25442: Fix datastore corruption from incomplete writes to disk.
  • Fixed case CPANEL-25920: Remove all “default._domainkey” records when removing/replacing DKIM.
  • Fixed case CPANEL-26002: Allow working around LMTP failures related to broken system quotas by making rebuildeximconf know to disable quota checking in the event this situation is detected.
  • Fixed case CPANEL-26227: EasyApache 4 in CloudLinux will no longer display packages that cannot be installed.
  • Fixed case CPANEL-26283: Prevent cpses_tool from creating too many mysql connections.
  • Fixed case CPANEL-27695: Don’t generate stacktraces in the error_log for bad requests.
  • Implemented case CPANEL-27982: Add a WHM API 1 method to get the current user count.
  • Implemented case CPANEL-27985: Add a new API to get_maximum_users via whmapi1.


  • Fixed case CPANEL-27874: Attempt to get to the latest version in your major if blocked getting to a different major version.


  • Fixed case CPANEL-27723: Update exim to 4.92-1.cp1178. Fixes CVE-2019-10149.
  • Fixed case CPANEL-25858: Update cpanel-roundcubemail to 1.3.7-3.cp1176.
  • Fixed case CPANEL-26309: Give MySQL more time to startup before declaring failure on upgrade.
  • Fixed case CPANEL-26324: Block MySQL upgrades on systems with badly configured root MySQL passwords.
  • Fixed case CPANEL-26599: Make cPHulkd responsible for restarting the cPHulkd dbprocessor if cphulkd_db.sock is missing.
  • Fixed case CPANEL-27153: Ensure that system perl CPAN modules are installed during initial setup.
  • Fixed case CPANEL-27524: Fix apache_conf_distiller –store-data so as not crash on the RequireAll directive.
  • Implemented case CPANEL-27439: Support Solo 4 Partners.


  • [security] Fixed case SEC-486: Local code execution as other cPanel accounts via insecure cpphp execution.
  • [security] Fixed case SEC-489: Unsafe file operations as root via fetch_ssl_certificates_for_fqdns API.
  • [security] Fixed case SEC-494: Queueprocd log is created with world readable permissions.
  • [security] Fixed case SEC-495: API Analytics adminbin allows arbitrary data to be inserted into log.
  • [security] Fixed case SEC-496: Arbitrary file modification for demo accounts via extractfile API1 call.
  • [security] Fixed case SEC-498: Demo account code execution via ajax_maketext_syntax_util.pl.


  • Fixed case CPANEL-25603: Ensure keys with null values are correctly handled when rebuilding /etc/my.cnf.
  • Fixed case CPANEL-25852: Fix upgrades to MariaDB 10.3 when deprecated keys are present in the /etc/my.cnf file.
  • Fixed case CPANEL-26207: Resolver to handle 2nd level domains on the public suffix list.
  • Fixed case CPANEL-26211: No longer set the account IP to when restoring with the –skipaccount flag.
  • Fixed case CPANEL-26694: Fix OOM error on file uploads smaller than 5GB in BackBlaze B2 transport.
  • Fixed case CPANEL-26695: Update cpanel-roundcubemail to 1.3.7-2.
  • Fixed case CPANEL-26864: Make the EA3 check in the upgrade blocker more robust.
  • Fixed case CPANEL-26250: Update dovecot to 2.3.5-4.cp1178. Fixes CVE-2019-10691.
  • Fixed case CPANEL-27045: Fix dovecot for CVE-2019-10691.
  • Fixed case CPANEL-27105: Update dovecot to 2.3.5-6.cp1178. Fixes CVE-2019-11494, CVE-2019-11499.


  • Fixed case CPANEL-25310: Fix uninitialized variable warning in Backblaze transport.
  • Fixed case CPANEL-26688: Fix bug in backup transporter testing script caused by bad require.


  • Fixed case CPANEL-23165: Ensure cphulkd service checks verify the socket files exist.
  • Fixed case CPANEL-23889: Ensure the PHP-FPM packages are installed prior to switching PHP versions.
  • Fixed case CPANEL-24289: Display modsec_vendor SSL error during upcp process.
  • Fixed case CPANEL-25278: Make account removal tolerate invalid web vhosts config.
  • Fixed case CPANEL-25310: Fix bug where the file upload part counter was being improperly incremented when a part failed to upload in a manner we could re-try.
  • Fixed case CPANEL-25611: Fix checkallsslcerts for servers with an IPv6 address.
  • Fixed case CPANEL-26195: Ensure MariaDB 10.3 is supported on new cPanel installs.
  • Fixed case CPANEL-26228: Reuse DNS query ID for parallel queries in DNS resolver.
  • Fixed case CPANEL-26238: Disable persistent UDP in DnsRoots::Resolver.
  • Fixed case CPANEL-26312: Ensure install is successful when /etc/install_legacy_ea3_instead_of_ea4 exists.
  • [security] Fixed case CPANEL-26539: Update dovecot to 2.3.5-3. Fixes CVE-2019-7524.


  • [security] Fixed case SEC-477: Unsafe file operations as root in SSL certificate storage.
  • [security] Fixed case SEC-479: Local root via userdata cache misparsing.
  • [security] Fixed case SEC-480: Code execution via addforward API1 call.
  • [security] Fixed case SEC-481: Unsafe terminal capabilities determination using infocmp.
  • [security] Fixed case SEC-483: Open mail relay due to faulty domain redirect routing.
  • [security] Fixed case SEC-484: Limited file read as root via EXIM virtual_user_spam router.
  • [security] Fixed case SEC-487: Demo account code execution via securitypolicy.cgi
  • [security] Fixed case SEC-493: Remote Stored XSS Vulnerability in BoxTrapper Queue Listing


  • Fixed case CPANEL-25247: Fix erroneous use of continue instead of next in backblaze transport.
  • Fixed case CPANEL-25795: Update exim to version 4.91-5.cp1178
  • Fixed case CPANEL-25926: Update cpanel-perl-528-Net-Amazon-Signature-V4 to 0.19-2.


  • Fixed case CPANEL-25577: Don’t generate errors attempt to convert non-existent ssl-parameters.dat on new installs.
  • Fixed case CPANEL-25846: Email Deliverability +include customization now validates as zone-name.
  • Fixed case CPANEL-25909: Cache root nameserver lookups in DNS resolver.
  • Fixed case CPANEL-25929: Ensure pkgacct can dump MySQL data as the user.
  • Fixed case CPANEL-25954: Honor email notification setting for UAPI Backup::fullbackup_to_homedir.
  • Fixed case CPANEL-25955: Add support for some OpenStack QEMU systems.
  • Fixed case CPANEL-25960: Prevent spurious update error notification when yum writes to STDERR.


  • Fixed case CPANEL-25389: Preserve munin-node.conf when changing major Perl versions.
  • Fixed case CPANEL-25413: Make create_user_session return an ip if the hostname is missing dns.
  • Fixed case CPANEL-25806: Match exim white-space behavior when parsing /etc/mailips.
  • Fixed case CPANEL-25849: Rename invalid PHP-FPM config files during service startup.
  • Fixed case CPANEL-25893: Block updates for CentOS/RHEL 7 when outdated openssl is installed.
  • Implemented case CPANEL-25414: Provide a one time login url after the install.
  • Implemented case CPANEL-25899: Fallback to IPv4 DCV when IPv6 DCV fails for known proxies.


  • Fixed case CPANEL-25203: Add a stronger out of date notification for MySQL versions less than 5.6.
  • Fixed case CPANEL-25612: Ensure Global DCV passthrough defaults to On.
  • Fixed case CPANEL-25626: EA4 install should use cPanelPublicRPMKey.asc.
  • Fixed case CPANEL-25629: Add removed options for MariaDB 10.3 to migration.
  • Fixed case CPANEL-25680: Improve reliability of gpg key download in fix-cpanel-perl.
  • Fixed case CPANEL-25682: Resolve installer and UI errors when no license is provisioned.
  • Fixed case CPANEL-25734: Prevent resolver from inheriting nameservers for root domains.
  • Fixed case CPANEL-25762: Improved validation of the mdbox_rotate_interval dovecot setting.
  • Fixed case CPANEL-25765: Update cpanel-phpmyadmin to 4.8.3-7.
  • Fixed case CPANEL-25785: Fix restoration of MySQL password hashes in account restorations.
  • Fixed case CPANEL-25790: Block updates to cPanel & WHM version 78 from LiteSpeed versions which are older than 5.3.6.


  • Fixed case CPANEL-25816: Fix cpsrvd startup issues.


  • Fixed case CPANEL-25758: Prevent cpsrvd from calling cpkeyclt too many times at startup


  • Fixed case CPANEL-22906: SPF record types in zone files are now treated as TXT records.
  • Fixed case CPANEL-25216: Remove unneeded .ssh directory from /var/lib/mysql.
  • Fixed case CPANEL-25351: ChkServd must do hard restarts to recover failed services.
  • Fixed case CPANEL-25395: Prevent checkallsslcerts from running from restartsrv_httpd.
  • Fixed case CPANEL-25402: Ensure graceful tailwatchd restarts are successful.
  • Fixed case CPANEL-25425: Reduce time needed to update EA4.
  • Fixed case CPANEL-25455: Nameserver lookup always fails during zone creation.
  • [security] Fixed case CPANEL-25461: Update cpanel-dovecot to for CVE-2019-3814.
  • Fixed case CPANEL-25481: Check for conflicts in the userdata cache when restoring domains.
  • Fixed case CPANEL-25483: Prevent removing dns zones that are still linked to active domains.
  • Fixed case CPANEL-25495: Fix rebuild_phpconf to continue when there are errors due to an account being over quota.
  • Fixed case CPANEL-25522: Prevent cPanel logins from blocking forever if cphulk is unresponsive.
  • Fixed case CPANEL-25560: Fix permissions on update_sa_config.
  • Fixed case CPANEL-25580: CloudLinux 7 install can fail if libicu is missing.
  • Fixed case CPANEL-25594: Auto clear dovecot auth cache after cpsrvd recovery.
  • Fixed case CPANEL-25604: find_outdated_services must ignore auditd.
  • Fixed case CPANEL-25609: Prevent check_mysql from running when local MySQL is disabled.
  • Fixed case CPANEL-25615: cphulkd fails to bring dbprocessor back up if it fails.
  • Fixed case CPANEL-25623: Prevent deadlock while running build_mysql_conf during MySQL upgrade.
  • Fixed case CPANEL-25624: Wait for mysql to startup before declaring an upgrade has failed.


  • Fixed case CPANEL-25205: Updated display of domain names in the Site Publisher interface.
  • Fixed case CPANEL-25257: De-duplicate restart requests for Apache PHP-FPM when creating or enabling FPM for cPanel users.
  • [security] Fixed case CPANEL-25286: Update to cpanel-phpmyadmin to 4.8.3-6 to address CVE-2019-6798 and CVE-2019-6799.
  • Fixed case CPANEL-25292: Present the appropriate Litespeed licensing options in the EasyApache 4 interface based on the server’s installed RAM.
  • Fixed case CPANEL-25320: EasyApache 4: Autoscroll the output window instead of the browser window.
  • Fixed case CPANEL-25377: Fix initial cPanel installs stalls because dnsadmin was started too late.
  • Fixed case CPANEL-25397: Prevent duplicate service restarts during tweaksettings save.
  • Fixed case CPANEL-25401: Prevent setupmailserver from running checkallsslcerts.


  • Fixed case CPANEL-21675: The “Create Support Ticket” wizard will now suggest opening tickets with the users license provider.
  • Fixed case CPANEL-22514: Adjust maxmem minimum to 4GiB for mmap()ed files.
  • Fixed case CPANEL-22775: Lift quotas during Roundcube sqlite conversion sooner.
  • Fixed case CPANEL-23334: Update ClamAV to version 0.100.2
  • Fixed case CPANEL-24687: Add mysqlclient16 to the MySQL installers incompatible list.
  • Fixed case CPANEL-25047: Add thread_concurrency to the MySQL 5.7 migration list.
  • Fixed case CPANEL-25083: Update PTR Messaging in Email Deliverability.
  • Fixed case CPANEL-25089: Email Deliverability: Let users scroll through DKIM keys in the UI.
  • Fixed case CPANEL-25090: Verify DKIM validity cache when validity check API confirms validity.
  • Fixed case CPANEL-25091: Update cpanel-perl-528-munin to 2.0.30-2.
  • Fixed case CPANEL-25108: Make service manager always check local MySQL version.
  • Fixed case CPANEL-25126: Rebuild user’s PHP handlers on upcp to 78 in case format changes.
  • Fixed case CPANEL-25132: Ensure WHM can load when proxied under CloudFlare.
  • Fixed case CPANEL-25146: Reject invalid tags in DKIM RR parsing.
  • Fixed case CPANEL-25147: Email Deliverability: Fix double HTML-encode in read-only form values.
  • Fixed case CPANEL-25153: Regenerate DKIM public keys when they are missing.
  • Fixed case CPANEL-25157: Update MySQL56 to 5.6.43-2.
  • Fixed case CPANEL-25165: Correct display of data for third party hostname certificate replacement.
  • Fixed case CPANEL-25169: Update cpanel-phpmyadmin to 4.8.3-5.
  • Fixed case CPANEL-25171: Ensure Cookie IP Validation works with IPv6.
  • Fixed case CPANEL-25197: Use SafeRun Object for sql backups to ensure failure detection.
  • Fixed case CPANEL-25209: IPv6 Support for DCV.
  • Fixed case CPANEL-25219: Fix quota under dovecot 2.3 when an inode limit is setup.
  • Fixed case CPANEL-25220: Prevent mailrecords from loading Crypt::Format for most matches.
  • Fixed case CPANEL-25264: Change the wrapper hash key in whmapi EmailAuth to payload.
  • Fixed case CPANEL-25294: Ensure the EasyApache 4 interface is functional when cPStore is unreachable.
  • Implemented case CPANEL-25098: Email Deliverability: Re-term “Download” as “View” for DKIM keys.
  • Implemented case CPANEL-25180: Disable LiteSpeed links in EA4 interface when needed.


  • Fixed case CPANEL-20396: Speed up major perl version upgrades by pre-installing supporting modules.
  • Fixed case CPANEL-20580: Resolve spurious uninitialized value during boxtrapper processing.
  • Fixed case CPANEL-23915: Prevent setting an autodomain in the hostname.
  • Fixed case CPANEL-24514: Ensure that style changes take effect properly in paper_lantern.
  • Fixed case CPANEL-24659: Queue autossl_check as soon as possible when requested.
  • Fixed case CPANEL-24888: Prevent duplicate cpgreylistd daemons.
  • Fixed case CPANEL-24995: Ensure an A entry for the hostname exists before installing DKIM.
  • Fixed case CPANEL-24996: Silence spurious errors from gather-update-logs.
  • Fixed case CPANEL-25013: MySQL Upgrade UI needs to remain present when MySQL is missing.
  • Fixed case CPANEL-25014: Show connnection error instead of MySQL is down on failure.
  • Fixed case CPANEL-25016: Fix Manage Plugins after plugins repo file change.
  • Fixed case CPANEL-25027: Update cpanel-perl-528-Mail-SpamAssassin to 3.004002-10.cp1178.
  • Fixed case CPANEL-25051: Fix error reporting when account transfers fail.
  • Fixed case CPANEL-25053: Ensure /etc/nameddisable exists if local_nameserver_type is disabled.
  • Fixed case CPANEL-25055: Prevent multiple dkim validity cache refreshes from running at once.
  • Fixed case CPANEL-25059: Improved protocol support for Site Publisher templates.
  • Fixed case CPANEL-25069: Fix permissions on dovecot stats-writer to avoid spurious error.
  • Fixed case CPANEL-25070: Update dovecot to 2.3.4-2.cp1178.
  • Fixed case CPANEL-25072: Ensure kernel care suggestion only appears if its compatible.
  • Fixed case CPANEL-25085: Make MySQL upgrade UI depend on the MySQL role.
  • Fixed case CPANEL-25104: Hide modify zone file link when using remote DNS.
  • Implemented case CPANEL-24886: Prevent rpm from digesting and checking signature on simple queries.
  • Implemented case CPANEL-24893: Add missing service stop scripts.


  • [security] Fixed case SEC-415: Internal data disclosed to OpenID providers.
  • [security] Fixed case SEC-460: Demo accounts allowed to link with OpenID providers.
  • [security] Fixed case SEC-466: Arbitrary file read via Passenger adminbin.
  • [security] Fixed case SEC-472: Maketext format string injection in Email “store_filter” UAPI.
  • [security] Fixed case SEC-473: Demo account limited arbitrary file write via DCV UAPI calls.
  • [security] Fixed case SEC-474: Maketext format string injection in DCV “check_domains_via_dns” UAPI.
  • [security] Fixed case SEC-476: Limited file write as shared users during connection resets.
  • [security] Fixed case SEC-478: Userdata cache temporary file can conflict with domains.


  • Fixed case CPANEL-19332: Prevent a single tailwatchd from blocking other driver modules.
  • Fixed case CPANEL-21855: Defer ssl setup and AutoSSL until after account restore is complete.
  • Fixed case CPANEL-23680: Fix cpanel-plugins YUM repo on certain Amazon systems.
  • Fixed case CPANEL-23686: Handle race in ensure_directory_existence_and_mode.
  • Fixed case CPANEL-24565: Workaround crash during Roundcube backup with MySQL 5.6.
  • Fixed case CPANEL-24638: Teach UAPI to handle unrecognized exceptions gracefully.
  • Fixed case CPANEL-24681: DCV failure warnings fail to chomp messages.
  • Fixed case CPANEL-24781: Prevent Cpanel::Analytics from consuming memory when not in use.
  • Fixed case CPANEL-24863: Fix Gzip detection in Cpanel::Gzip::ungzip.
  • Fixed case CPANEL-24866: Prevent account removal failure when nobody userdata is missing.
  • Fixed case CPANEL-24879: Prevent updates from terminating webdisk connections.
  • Fixed case CPANEL-24909: Restore SSL in the same process for account restores.
  • Fixed case CPANEL-24910: Ensure a swap file is available when needed.
  • Fixed case CPANEL-24939: Revert set_socket optimization in cpsrvd.
  • Fixed case CPANEL-24953: Fix incorrect key while setting up proxy subdomains.
  • Fixed case CPANEL-24962: Update cpanm to release 1.7043.cp3.
  • Implemented case CPANEL-24868: Remove legacy authtab support.
  • Implemented case CPANEL-24869: Remove legacy migrate_x3.
  • Implemented case CPANEL-24871: Prevent filelimits from being reinstalled every update.
  • Implemented case CPANEL-24876: Fix serializer crash when taskqueue is loaded out of order.
  • Implemented case CPANEL-24881: Resolve cpsrvd startup failure race condition.
  • Implemented case CPANEL-24882: Prevent duplicate tailwatchd restart on update.
  • Implemented case CPANEL-24891: Prevent cpanellogd –stop from unexpectedly failing.
  • Implemented case CPANEL-24894: Prevent dnsonlystartup from hard restarting cphulkd.


  • Fixed case CPANEL-16297: Update cpanel-php72-kronolith to 4.2.24-6.cp1176.
  • Fixed case CPANEL-16859: Handle sub (plus) addressing for forwarders.
  • Fixed case CPANEL-19867: Fix aborts in the transfer system.
  • Fixed case CPANEL-20941: Add a message to the webmail interface when all webmail clients are disabled.
  • Fixed case CPANEL-22144: Fix bug in scripts/php_fpm_config where it wouldn’t restart apache_php_fpm when running with the –rebuild flag.
  • Fixed case CPANEL-23378: Override upstream logic to allow for WebDAV clients such as Nextcloud to be used for remote backup destinations.
  • Fixed case CPANEL-23849: Privilege assignment through the cPanel MySQL Database Wizard now matches the MySQL Databases page.
  • Fixed case CPANEL-23885: Prevent unintended exit codes from occurring when running scripts/check_mysql.
  • Fixed case CPANEL-24064: Make cpsrvd return a 400 page on invalid request.
  • Fixed case CPANEL-24075: Warnings generated by the checkallsslcerts script are now sent in an iContact email.
  • Fixed case CPANEL-24339: Ensure the Two Factor Authentication Manage Users tab works for resellers without users.
  • Fixed case CPANEL-24347: Ensure the WHM MySQL Upgrade interface can be accessed on dnsonly servers.
  • Fixed case CPANEL-24371: Properly format entry for PHP-FPM configuration.
  • Fixed case CPANEL-24394: Added the first non-loopback ethernet device as the default ethernet device used by cPanel during the post installation setup.
  • Fixed case CPANEL-24465: Fix warning thrown by API SPFUI::install.
  • Fixed case CPANEL-24468: Fix warning thrown by API SPFUI::load_current_values.
  • Fixed case CPANEL-24504: find_and_fix_rpm_issues fails to report which rpms are duplicated.
  • Fixed case CPANEL-24527: Improve UX on non-ea3 and –skip-apache servers.
  • Fixed case CPANEL-24541: Fix php_set_handler so it doesn’t die on missing userdata.
  • Fixed case CPANEL-24552: Account for underscores when changing MySQL object definers.
  • Fixed case CPANEL-24560: Update to dovecot-2.3.4.
  • Fixed case CPANEL-24575: Email Deliverability: Fix off-by-one visual nit with “Rechecking”.
  • Fixed case CPANEL-24585: Email Deliverability: Fix broken side-scroll through suggested entries.
  • Fixed case CPANEL-24594: Resolve loading-indicator UX issues with Email Deliverability.
  • Fixed case CPANEL-24596: Handle invalid data in password cache files.
  • Fixed case CPANEL-24598: Allow writing ModSecurity events with no http_status to modsec.sqlite.
  • Fixed case CPANEL-24599: Silence spurious HTTPS warning during redirect.
  • Fixed case CPANEL-24607: Ensure all task processors are using FastSpawn.
  • Fixed case CPANEL-24622: Fix uninitialized value warning generated by Whostmgr::DNS::MX in WHM’s DNS Zone Editor.
  • Fixed case CPANEL-24629: Fix display and wording issues in Email Deliverability.
  • Fixed case CPANEL-24641: WHM Feature Manager: Dismiss erroneous validation error when selecting a feature list to edit.
  • Fixed case CPANEL-24643: Fix /scripts/rebuildhttpdconf –help output.
  • Fixed case CPANEL-24655: CachedDataStore fails to lock newly created datastores.
  • Fixed case CPANEL-24656: Update cP global cache file after toggling “allowcpsslinstall”.
  • Fixed case CPANEL-24671: Do not warn about PTR mismatches when using a smarthost for email.
  • Fixed case CPANEL-24673: Fix bad error handling for missing pear/pecl binaries.
  • Fixed case CPANEL-24686: Fix “I want to …” links in cPanel Email Deliverability.
  • Fixed case CPANEL-24697: Fix TAB-accessibility of several controls in Email Deliverability.
  • Fixed case CPANEL-24698: Handle case where domain has no nameservers in Email Deliverability.
  • Fixed case CPANEL-24716: Avoid replacing third party hostname certs until expiration is imminent.
  • Fixed case CPANEL-24719: Handle APNS certificates when listing certificates.
  • Fixed case CPANEL-24722: Make Email Deliverability PTR validation incorporate an SMTP HELO check.
  • Fixed case CPANEL-24736: When migrating to dovecot 2.3 use TLSv1.2 if there is no prior setting.
  • Fixed case CPANEL-24740: Accommodate providers that need includes in SPF records.
  • Fixed case CPANEL-24741: Make CJT2 breadcrumbs keyboard-accessible.
  • Fixed case CPANEL-24750: Fix race condition in Email Deliverability UI.
  • Fixed case CPANEL-24762: Ensure creating an email account and providing an alternate email address to set the password will work correctly.
  • Fixed case CPANEL-24828: Make DnsRoots resolver comply with RFC1035 sections 3.3.14 and 3.3.
  • Fixed case CPANEL-24851: Do not report sa-update exit code 3 as a failure.
  • Implemented case CPANEL-24577: Add toggle between full and split views on TXT records.
  • Implemented case CPANEL-24755: Users with no local DKIM key will now be able to create one.
  • Implemented case CPANEL-24849: Ensure Spamassassin update output appears in the update logs.


  • Fixed case CPANEL-24047: Improve Git Version Control to retain field states when the user has selected the “Create Another” checkbox.
  • Fixed case CPANEL-24048: Ensure postgrescheck properly handles escaped password characters.
  • Fixed case CPANEL-24185: Update exim to release 4.91-4.cp1178.
  • Fixed case CPANEL-24248: WHM’s graceful reboot interface can now handle KernelCare reporting an unknown patch type.
  • Fixed case CPANEL-24323: Make View Backups buttons inactive when no accounts are selected.
  • Fixed case CPANEL-24360: Fixed problem where phpMyAdmin could not rename a database.
  • Fixed case CPANEL-24366: Update phpMyAdmin to release 4.8.3-4.cp1176.
  • Fixed case CPANEL-24370: Exclude LiteSpeed cache in account transfer.
  • Fixed case CPANEL-24410: Ensure delete confirmation on Terminate Accounts is usable on smaller screens.
  • Fixed case CPANEL-24429: Ensure logging out of webmail triggers the Roundcube logout if appropriate.
  • Fixed case CPANEL-24507: Reduce memory required for SSL restores.
  • Fixed case CPANEL-24511: Fix bug in modifyacct where main domains without SSL vhosts failed to convert to the new domain.
  • Fixed case CPANEL-24518: Cache NS records in each zone file to avoid loading everything in RAM.
  • Fixed case CPANEL-24520: Patch POE::Test::Loops for @INC safeness.
  • Fixed case CPANEL-24521: Added a warning when switching from deprecated nameservers.
  • Fixed case CPANEL-24524: Preload hooks system in cpsrvd to avoid performance slowdown.
  • Fixed case CPANEL-24535: Fix whmapi0 getlanglist api call.
  • Fixed case CPANEL-24547: Improved varcache use to ensure correct icon display.
  • Fixed case CPANEL-24582: Add “Change Hostname” and add Search Terms to WHM Email UI.
  • Fixed case CPANEL-24627: Use patched Net::DNS::Resolver::Recurse (cf. RT #128081).
  • Fixed case CPANEL-24634: Remove the Automatic HTTPS redirect feature from Cpanel’s domains interface.
  • Implemented case CPANEL-24526: Improved feedback on updating records.
  • Implemented case CPANEL-24528: Improve Whostmgr::Accounts::DB::Remove performance.


  • Fixed case CPANEL-5949: Prevent sender rewrites from breaking mailman deliveries and boxtrapper.
  • Fixed case CPANEL-12976: Admins may now enable the purging of temporary Horde files for all users.
  • Fixed case CPANEL-14790: Modify SPF records when IP address is changed.
  • Fixed case CPANEL-17461: Fix bug in mdbox conversion where we were being too strict regarding what to exclude during conversion.
  • Fixed case CPANEL-19463: Encourage use of SSL/TLS Wizard for expired/expiring certificates.
  • Fixed case CPANEL-19746: Remove unnecessary PHP-FPM pools for cPanel internal system users.
  • Fixed case CPANEL-20834: Fixed bug in WHMAPI1 php_set_vhost_versions where FPM could be enabled even when PHP-FPM is not installed for the specified PHP version.
  • Fixed case CPANEL-21377: Leech Protect: don’t show Invalid Directory for symlinks.
  • Fixed case CPANEL-21613: Fix the issue where the parked domain and redirect domain are both shown in cPanel’s Aliases page.
  • Fixed case CPANEL-21746: Ensure Webmail landing page shows when all clients are disabled.
  • Fixed case CPANEL-22121: UTF-8 Mailbox names are now supported.
  • Fixed case CPANEL-22136: Add a backup queue handler to clean up the backup staging directory.
  • Fixed case CPANEL-22174: Don’t warn about multi-version MySQL/MariaDB upgrades when not applicable.
  • Fixed case CPANEL-22194: Assume MySQL 5.7 as the default installed version.
  • Fixed case CPANEL-22239: Fix empty validation messages for FTP and SFTP destination forms.
  • Fixed case CPANEL-22320: Ensure EA4 repo is available on DNSONLY, and that yum-universal-hooks-plugin is installed.
  • Fixed case CPANEL-22553: Improve navigation for Backup Configuration destination forms.
  • Fixed case CPANEL-22603: Ensure http -> https redirects added via cPanel work.
  • Fixed case CPANEL-22678: Fix errant warning when eximstats_spam_check works on a system user.
  • Fixed case CPANEL-22740: Fix username validation for some Backup Configuration forms.
  • Fixed case CPANEL-22813: Updated cPanel::TaskQueue to 0.902-1.cp1178
  • Fixed case CPANEL-22877: Prevent cpconftool from changing files/dirs when restore modules report failures.
  • Fixed case CPANEL-22935: Ensure users with packages that have unlimited bandwidth can be restored.
  • Fixed case CPANEL-22948: Provide a useful error when calling the cpapi2 resetzone function without the appropriate privileges.
  • Fixed case CPANEL-22971: Default focus to search bar on Basic WebHost Manager® Setup, Exim Configuration Manager, and Tweak Settings.
  • Fixed case CPANEL-23005: Remove unused LAYER key from cpsources.conf.
  • Fixed case CPANEL-23031: Update cpanel-perl-526-Selenium-Remote-Driver to 1.30-1.cp1174.
  • Fixed case CPANEL-23075: Fix string handling related to backups.
  • Fixed case CPANEL-23076: Remove dovecot expires entries for POP accounts that no longer exist.
  • Fixed cases CPANEL-23109,CPANEL-23110,CPANEL-23111,CPANEL-23112,CPANEL-23114: Correct a small number of typos in user-facing strings.
  • Fixed case CPANEL-23146: Generate a warning for unknown services when running outdated process checks.
  • Fixed case CPANEL-23146: Ignore comment lines when processing chkservd service configuration files.
  • Fixed case CPANEL-23163: Reduce cpu time needed to call get_update_availability WHMAPI1.
  • Fixed case CPANEL-23172: Add Oxford comma to transport form bucket validation messages.
  • Fixed case CPANEL-23193: Accept –help option for /usr/local/cpanel/scripts/gather-update-logs.
  • Fixed case CPANEL-23200: Don’t attempt to notify about expiring certificates on a fresh install.
  • Fixed case CPANEL-23213: System alert notifications now use CJT2/alertService instead of growls.
  • Fixed case CPANEL-23257: In Edit Reseller Privileges UI, if the reseller is limited account creation by Resource Usage, the Create Packages with Unlimited Disk Usage and Create Packages with Unlimited Bandwidth options will be disabled.
  • Fixed case CPANEL-23279: Allow the addition of non-www -> www wildcard redirects.
  • Fixed case CPANEL-23295: Update cPanel Perl to version 5.28.0.
  • Fixed case CPANEL-23311: Enabled update_updateconfig WHMAPI for DNSOnly.
  • Fixed case CPANEL-23323: Fix PHP-FPM config files for Apache when users are named like true, false, or null.
  • Fixed case CPANEL-23324: Fix MultiPHP Manager so background PHP version changes are properly reflected.
  • Fixed case CPANEL-23341: Update cpanel-git to version 2.19.1.
  • Fixed case CPANEL-23345: Improved wording of “Sender Verification” help text in WHM » Exim Configuration Manager.
  • Fixed case CPANEL-23348: Correct integer validation in cPanel Email change quota.
  • Fixed case CPANEL-23350: Ensure dbindex is updated when an account is removed.
  • Fixed case CPANEL-23358: Increase queueprocd maximum children to 6.
  • Fixed case CPANEL-23372: Webmail - Uninstall Squirrelmail on upgrade to v78.
  • Fixed case CPANEL-23385: Don’t display SSL/TLS manager when feature is disabled.
  • Fixed case CPANEL-23391: Break apart Cpanel::DIp into Cpanel::DIp::Group.
  • Fixed case CPANEL-23393: Fixed broken MultiPHP Manager page when no PHP installed.
  • Fixed case CPANEL-23411: Update dovecot to 2.2.36-4.cp1162.
  • Fixed case CPANEL-23451: Update Mail::SpamAssassin to release 4.cp1178.
  • Fixed case CPANEL-23452: Return an error when calling create_user_session for a suspended user.
  • Fixed case CPANEL-23508: Resolve problem starting cpdavd.
  • Fixed case CPANEL-23511: Fix Greylisting page in cPanel when a DNS zone is deleted.
  • Fixed case CPANEL-23515: Remove HipChat integration from Contact Manager.
  • Fixed case CPANEL-23516: Update cpanel-roundcubemail to 1.3.7.
  • Fixed case CPANEL-23571: Update MySQL56 to 5.6.42-1.cp1162.
  • Fixed case CPANEL-23572: Update MySQL55 to 5.5.62-1.cp1162.
  • Fixed case CPANEL-23600: Correctly handle restoring/transferring MAXPASSENGERAPPS setting.
  • Fixed case CPANEL-23619: Optimize backup compression, retrieval, and buffering.
  • Fixed case CPANEL-23625: Ensure Apache config is rebuilt and Apache is restarted when enabling or disabling service subdomains.
  • Fixed case CPANEL-23644: Fix caching problems with SSE on IE11 and one other IE bug.
  • Fixed case CPANEL-23650: Reduce memory overhead for bandwidthdb backup.
  • Fixed case CPANEL-23651: Optimize backup downloads from cPanel.
  • Fixed case CPANEL-23667: the fcgi PHP handler no longer supersedes other PHP handlers.
  • Fixed case CPANEL-23679: Redirect SSH::genkey_legacy to SSH::genkey.
  • Fixed case CPANEL-23688: Added a module to validate PHP-FPM configurations.
  • Fixed case CPANEL-23708: Fix DAV warnings on account creation & restoration.
  • Fixed case CPANEL-23726: Change “Comodo” name and logo to “Sectigo”.
  • Fixed case CPANEL-23738: Update Mail::SPF to 2.9.0-2.cp1178.
  • Fixed case CPANEL-23750: Prevent the apache_php_fpm metaservice monitoring from being disabled.
  • Fixed case CPANEL-23751: Skip missing custom filters instead of failing to generate a config.
  • Fixed case CPANEL-23761: Fixes for perl CVEs CVE-2018-18311, CVE-2018-12015, CVE-2018-18312, CVE-2018-18314
  • Fixed case CPANEL-23790: Remove conflicting CNAME entries on zone reset.
  • Fixed case CPANEL-23798: Add the above_stats_bar UI include back to Paper Lantern.
  • Fixed case CPANEL-23830: Make update_spamassassin_config report sa-update failures.
  • Fixed case CPANEL-23844: Updated Mail::SpamAssassin to 3.004002-5.cp1178.
  • Fixed case CPANEL-23852: Don’t attempt cphulk connections when it’s disabled.
  • Fixed case CPANEL-23875: Replaced growls with alertService in SSL/TLS Wizard.
  • Fixed case CPANEL-23876: Fix standard/fancy index options in cPanel.
  • Fixed case CPANEL-23892: Ensure that cache keys for WHM chrome caches are valid on CloudLinux™.
  • Fixed case CPANEL-23900: EA3 servers are now blocked from updating to v78 or newer.
  • Fixed case CPANEL-23905: Log server-level analytics enable/disabling.
  • Fixed case CPANEL-23965: MySQL procedures can now be edited when logging into cPanel and PHPMyAdmin from WHM.
  • Fixed case CPANEL-23973: Fix Apache configuration rebuilds for very long domain names.
  • Fixed case CPANEL-23979: Allow records to be added to nonowned DNS zones.
  • Fixed case CPANEL-23980: Accommodate AutoSSL certificates from cPanel L.L.C. CA.
  • Fixed case CPANEL-24013: Allow restoration of empty values to cpanel.config.
  • Fixed case CPANEL-24015: Ensure the context menu in File Manager is legible when hovering.
  • Fixed case CPANEL-24015: Ensure symlinks have an icon to represent them in the File Manager.
  • Fixed case CPANEL-24018: Include the KernelCare price to the banner on the Graceful Server Reboot page.
  • Fixed case CPANEL-24043: Improve the look and feel of breadcrumbs in cPanel’s Dark style.
  • Fixed case CPANEL-24050: Remove /var/cpanel/cpnat when all local ips are the same as the pulic ips.
  • Fixed case CPANEL-24074: Ensure username shows up in User Preferences menu on Dark and Light themes.
  • Fixed case CPANEL-24095: Mitigate Apache restart slowdown caused by adding Litespeed support.
  • Fixed case CPANEL-24096: Optimize loading of UiIncludes.
  • Fixed case CPANEL-24108: Fix the #! for all cpanel-perl scripts we ship.
  • Fixed case CPANEL-24120: Update the display of feature headers in Webmail.
  • Fixed case CPANEL-24133: Support custom php.ini directives under mod_lsapi handler.
  • Fixed case CPANEL-24153: Remove EA3 end points.
  • Fixed case CPANEL-24175: loadConfig double parses arguments if it does not have a cache.
  • Fixed case CPANEL-24177: Optimize extract of body rules during sa-compile.
  • Fixed case CPANEL-24179: Don’t allow hostnames over 60 characters for additional MySQL hosts.
  • Fixed case CPANEL-24180: Prevent Security Advisor check from timing out during update.
  • Fixed case CPANEL-24195: Multiple queueprocd restarts can corrupt the queue.
  • Fixed case CPANEL-24208: Ignore errors caused by PHP-FPM cruft files.
  • Fixed case CPANEL-24212: Prevent Dovecot from rejecting logins while cphulkd is restarting.
  • Fixed case CPANEL-24214: Prevent hard shutdown of tailwatchd on update.
  • Fixed case CPANEL-24221: Schedule an AutoSSL for domains that are registered after account setup.
  • Fixed case CPANEL-24222: Improve status reporting for hostname SSL certificates.
  • Fixed case CPANEL-24226: Build get_update_availability API into cpsrvd for performance.
  • Fixed case CPANEL-24234: Fix destinations list to always show correct item status.
  • Fixed case CPANEL-24236: Remove PHP-FPM conflicted parameters.
  • Fixed case CPANEL-24238: Migrate hostnames in MX records on account transfer/restoration.
  • Fixed case CPANEL-24239: Fallback support for old rpm versions when looking for multiple files.
  • Fixed case CPANEL-24250: Ensure DKIM validity cache is initialized before rebuilding exim.conf.
  • Fixed case CPANEL-24262: Do not perform LTS specific update blockers during a fresh install.
  • Fixed case CPANEL-24268: Fix rebuildhttpdconf from having errors when the Apache paths cache file is empty.
  • Fixed case CPANEL-24276: Make /scripts/ckillall a bit friendlier.
  • Fixed case CPANEL-24298: Address regression in Cpanel::SafeDir::MK with .. dirs.
  • Fixed case CPANEL-24302: Create a DKIM key for the hostname if one is not installed.
  • Fixed case CPANEL-24311: Provide a useful message in the Terminal interface when a user’s shell is set to /bin/false.
  • Fixed case CPANEL-24315: Handle ghost files when running check_cpanel_rpms.
  • Fixed case CPANEL-24316: Fix AutoSSL run on account restore.
  • Fixed case CPANEL-24317: Optimize Mail Deliverability Lookups.
  • Fixed case CPANEL-24325: Improve CJT2’s APIService.js handler support for aborted XHR calls.
  • Fixed case CPANEL-24326: Ensure MySQL profile activation reports any errors in the UI.
  • Fixed case CPANEL-24337: Add DNS zone to the output of has_local_authority.
  • Fixed case CPANEL-24355: Fix auto-disable of DNS cluster peers after threshold is met.
  • Fixed case CPANEL-24376: Ensure service authentication via dovecot is always available.
  • Fixed case CPANEL-24379: Fix FPM configuration syntax checker for MultiPHP Manager on older versions of PHP-FPM.
  • Fixed case CPANEL-24396: Prevent ParkAdmin from checking all DKIM keys on new domain setup.
  • Fixed case CPANEL-24399: Fix uninitialized variable errors in log when changing addon domain docroots.
  • Fixed case CPANEL-24406: Fix Backup Configuration form reset clean up logic.
  • Fixed case CPANEL-24413: Fix spurious warning in WHM API v1 “setsiteip”.
  • Fixed case CPANEL-24442: Corrected EOL date for MariaDB/MySQL.
  • Fixed case CPANEL-24461: Add nameservers for arpa domains to validate_current_ptrs.
  • Fixed case CPANEL-24475: Reduce transfer system memory dep tree.
  • Fixed case CPANEL-24500: Reduce noise during SPF lookup failures.
  • Implemented case CPANEL-21524: Add 2 cPanel UAPI calls to the SSL module: toggle_https_redirect_for_domains can_https_redirect.
  • Implemented case CPANEL-21524: Add input return_https_redirect_status=1 to API calls: UAPI DomainInfo domains_data UAPI DomainInfo single_domain_data API2 Park listparkeddomains API2 SubDomain listsubdomains API2 AddonDomain listaddondomains This results in extra information about https redirect status to the caller when passed.
  • Implemented case CPANEL-21965: Added MariaDB 10.3 Support.
  • Implemented case CPANEL-22968: Added post login hook event to cpsrvd.
  • Implemented case CPANEL-23180: Add backup_get_transport_status WHMAPI1 call.
  • Implemented case CPANEL-23301: Use SMTP auth when sending iContact messages.
  • Implemented case CPANEL-23333: Update cpanel-roundcubemail to 1.3.6-2.cp1176.
  • Implemented case CPANEL-23386: Make fullbackup API available via UAPI.
  • Implemented case CPANEL-23412: Treat cpanel as a reserved email account name.
  • Implemented case CPANEL-23454: Use Mail::Pyzor for SpamAssassin (up to 60% faster spam scan).
  • Implemented case CPANEL-23473: Reduce Cpanel::Server::Type regex overhead.
  • Implemented case CPANEL-23484: Reduce Quota run time overhead when cache is available.
  • Implemented case CPANEL-23489: Add getdomainowner WHMAPI1 call.
  • Implemented case CPANEL-23505: Make cpanel@* always pass sender verification.
  • Implemented case CPANEL-23518: Add a UAPI DNS method to validate PTR records.
  • Implemented case CPANEL-23522: Change default minimum spam scan size to 1000K.
  • Implemented case CPANEL-23566: Group notifications from account functions to reduce load.
  • Implemented case CPANEL-23581: Prevent creating mailing lists with reserved names.
  • Implemented case CPANEL-23592: Adding Backblaze B2 as a Backup Remote destination.
  • Implemented case CPANEL-23703: Update dovecot to 2.3.3.
  • Implemented case CPANEL-23833: New WHM interface for Configure cPanel Analytics.
  • Implemented case CPANEL-23883: Create on-disk per-domain DKIM validity cache and set Exim to use it.
  • Implemented case CPANEL-23981: Implement DNS DCV support for hostname certificates.
  • Implemented case CPANEL-23996: Normalize dns installer’s domain status reporting.
  • Implemented case CPANEL-24046: Add UAPI methods to validate DKIM and SPF records.
  • Implemented case CPANEL-24049: New UAPI functions for installing DKIM keys and SPF records.
  • Implemented case CPANEL-24054: Make MySQL version check logic more robust.
  • Implemented case CPANEL-24118: Add has_local_authority method to UAPI EmailAuth.
  • Implemented case CPANEL-24131: CloudLinux promotion banner for LSAPI in MultiPHP Manager.
  • Implemented case CPANEL-24137: Create PHP-FPM Configuration Editor.
  • Implemented case CPANEL-24140: Add fetch_dkim_private_keys and get_mail_helo_ip EmailAuth UAPIs.
  • Implemented case CPANEL-24170: Add 1-Click LiteSpeed license and install functionality to WHM.
  • Implemented case CPANEL-24210: cPanel Authentication is now Email Deliverability.
  • Implemented case CPANEL-24216: MyDNS and NSD are marked as deprecated in WHM’s Nameserver Selection page. And a banner is put up if the server is still using either nameserver.
  • Implemented case CPANEL-24220: Add dns lookup caching to the validate_current_spfs API call backend.
  • Implemented case CPANEL-24252: Fix Backup Configuration save button enable/disable logic.
  • Implemented case CPANEL-24255: Add warning banner to various interfaces in WHM about upgrading MySQL 5.5.
  • Implemented case CPANEL-24273: A New WHM Email Deliverability UI.
  • Implemented case CPANEL-24349: Break apart DKIM api call to allow key generation without dns install.
  • Implemented case CPANEL-24386: Include nameservers in has_local_authority output.
  • Implemented case CPANEL-24436: Create a feature showcase item for Email Deliverability.
  • Implemented case CPANEL-24446: UAPIs to disable/enable mailbox auto-create for subaddressing.
  • Implemented case CPANEL-24453: Make Email Deliverability UI accessible with the MailSend role, not DNS.

Additional Documentation