94 Change Log

Last modified: February 8, 2023


  • [security] Fixed case SEC-629: Fixed arbitrary directory creation exploit in bxd.cgi.
  • [security] Fixed case SEC-630: Update cpanel-php73-horde to 5.2.21-1.cp1194.
  • [security] Fixed case SEC-631: Fix MySQL admin takeover via cpmysql adminbin.
  • [security] Fixed case SEC-632: MySQL admin takeover via postponed dbuser creation.
  • [security] Fixed case SEC-633: Fix demo mode bypass in Htaccess::setindex.
  • [security] Fixed case SEC-634: Block cronjob removal when using API1 calls for accounts with demo mode enabled.
  • [security] Fixed case SEC-641: Account modification API calls ensure remote node API tokens are not included in the returned user data.
  • [security] Fixed case SEC-643: Perform an immediate check of account ownership for all accounts submitted to massmodifyacct.
  • [security] Fixed case STS-762: A notification now goes out if a demo account is distributing mail to a child node after an upgrade. it is recommended that these accounts be removed as this is no longer a valid configuration.
  • [security] Fixed case STS-763: Block remote nodes on restoration of an account that is in demo mode.


  • Fixed case CPANEL-40073: Update cpanel-phppgadmin to 5.6.0-1.cp1194.


  • [security] Fixed case SEC-594: Avoid usage of predictable PostgreSQL socket in /tmp.
  • [security] Fixed case SEC-607: Disable liveAPI system for accounts in demo mode.
  • [security] Fixed case SEC-610: Fixes potential code injection vulnerabilities on the manage git repo page.
  • [security] Fixed case SEC-615: Failed linked node account creation leaves account on mail node.
  • [security] Fixed case SEC-617: Demo mode status does not propagate to child nodes.
  • [security] Fixed case SEC-619: Variables::get_user_information UAPI call could reveal sensitive information.
  • [security] Fixed case SEC-620: cPanel account takeover via API2 savecontactinfo.
  • [security] Fixed case SEC-621: Sensitive information revealed by CustInfo::contactprefs and CustInfo::displaycontactinfo API calls.
  • [security] Fixed case SEC-622: Fixed possible reseller ACL restriction bypass for package creation/modification on linked nodes.
  • [security] Fixed case SEC-624: Fix root privilege escalation vulnerability in passengerapps registration/modification.
  • [security] Fixed case SEC-625: Fixes XSS vulnerabilities when using DNS Zone Manager.


  • Fixed case CPANEL-39889: Install 'pcre2', 'json-c’' as required dependencies.
  • Fixed case CPANEL-39889: clamav 0.104.2. Now using local httpupdate mirrors by default.


  • Fixed case CPANEL-39774: Update product codebase for new MySQL GPG keys.


  • Fixed case ART-1278: When transitioning from a trial, retain automatically enabled analytics for root.
  • Fixed case ART-1278: Improvement for license type and status detection.
  • Fixed case CPANEL-38674: Update the license change detector to use more reliable way to detect trial licenses.
  • Fixed case CPANEL-39227: Fix Internal Server Error when accessing WHM > phpMyAdmin on a server with a trial license.
  • Fixed case CPANEL-39273: Update cpanel-roundcubemail to 1.4.12-1.cp1196.


  • Fixed case COBRA-13435: Make AutoSSL not apply ancestor DCV substition for HTTP DCV.


  • [security] Fixed case SEC-592: Arbitrary code execution via install_locallib_loginprofile script.
  • [security] Fixed case SEC-593: Cpanel::SecureDownload executes shell commands in an insecure manner.
  • [security] Fixed case SEC-597, SEC-598, SEC-599, SEC-608: Stored-XSS Vulnerability in ModSecurity Rules Interface.
  • [security] Fixed case SEC-600: Reflected-XSS Vulnerability in ModSecurity Vendors Interface.
  • [security] Fixed case SEC-602: Self-XSS Vulnerability in WHM Change Hostname interface.
  • [security] Fixed case SEC-603: Self-stored XSS Vulnerability in WHM Edit Reseller Nameservers and Privileges interface.
  • [security] Fixed case SEC-606: Passphrase submitted via GET request in scripts2/dogencrt.


  • Fixed case CPANEL-30985: Run update gatherer from cron instead of upcp.
  • Fixed case CPANEL-37479: Update dovecot to 2.3.13-2.cp1194.
  • Fixed case CPANEL-38142: Update libspf to version 1.2.11: CVE-2021-20314.
  • Fixed case CPANEL-38203: Fix for bugs preventing analytics UI from being enabled.
  • Fixed case CPANEL-38203: Improvements to cPanel Analytics.
  • Fixed case CPANEL-38648: Update the End User License Agreement and Pricing Agreement.
  • Fixed case CPANEL-39075: Update cpanel-mailman to 2.1.35-1.cp1194.
  • Fixed case CPANEL-39104: Update cpanel-php73 to 7.3.32-1.cp1194.


  • [Security] SEC-596: Reflected XSS Vulnerability in Legacy Login Page.
  • [Security] SEC-595: Boxtrapper runs with /tmp as the working directory.


  • Fixed case CPANEL-38091: Update cpanel-perl-532-Encode to 3.12-2.cp1194.


  • Fixed case COBRA-13054: Dynamic DNS Now Properly Sets IP Address when Specified.
  • Fixed case CPANEL-35877: Lengthen Exim->Dovecot quota query timeouts.
  • Fixed case CPANEL-36640: Fix disappearing-filehandle bug between curl & unbound.
  • Fixed case CPANEL-36734: Reset cache_id if styles are changed on disk.
  • Fixed case CPANEL-36853: Add phpFpmSocketPath key to appconfig.
  • Fixed case CPANEL-37718: Change Jetbackup package name used for installation and updates.


  • [security] Fixed case SEC-585: WHM Locale Upload allows vulnerable to XXE and unserialization attacks.
  • [security] Fixed case SEC-589: Insecure file operations performed by /scripts/cpan_config.


  • Fixed case CPANEL-36352: Fix memory-leak warnings at the end of an AutoSSL run.
  • Fixed case CPANEL-36623: Rename "CloudLinux LVE Manager" to "CloudLinux Manager".
  • Fixed case CPANEL-37088: Update cpanel-phpmyadmin to 4.9.7-1.cp1186.


  • Fixed case CPANEL-35716: Improve error handling in Dynamic DNS.
  • Fixed case CPANEL-36477: Update cpanel-php73-Horde-Smtp to 1.9.5-2.cp1186.
  • Fixed case CPANEL-36560: Update to latest Known Proxies data.
  • Fixed case CPANEL-36574: Allow installation of WP Toolkit on AlmaLinux.
  • Fixed case CPANEL-36585: Make to-distributed Mail Node conversions withhold cron.
  • Fixed case CPANEL-36610: Implement tweak setting to control the deployment of default error documents on account / subdomain creation.
  • Fixed case CPANEL-36654: Disallow installation of MyDNS on CloudLinux 6, CloudLinux 8, AlmaLinux, and CentOS 8.
  • Fixed case CPANEL-36663: Sidestep Exim spam ACL taint bug.
  • Fixed case CPANEL-36683: Remove cl-ea4-testing repos in favor of cl-ea4.
  • Fixed case CPANEL-36790: Fix incorrect error message displayed when running "/scripts/setupnameserver nsd" on a system where NSD is not supported.
  • Fixed case CPANEL-36840: Add Integration Links support for a context parameter.
  • Fixed case CPANEL-36859: Update cpanel-php73 to 7.3.28-1.cp1186.
  • Fixed case CPANEL-36909: Update exim to 4.94.2-2.cp1194.
  • Implemented case CPANEL-35902: Teach AccountRemoteUser transfers to “skipaccount”; validate better.
  • Implemented case CPANEL-36029: Do mail-routing updates in scripts/xfertool in batch.


  • [security] Fixed case SEC-584: Information disclosure via weak web stats permissions.


  • Fixed case CPANEL-36274: Fixed broken template variable for outgoing spam scores.
  • Fixed case CPANEL-36876: Work around change in exim readsocket behavior.


  • Fixed case CPANEL-36837: Update exim to 4.94.2-1.cp1194.


  • Fixed case CPANEL-35873: Update feature showcase to indicate which features configurations have been saved.
  • Fixed case CPANEL-35954: Do not transfer cPanel & WHM settings that are specific to an IP.
  • Fixed case CPANEL-35966: Fix reporting specific error under cPanel indicating that PostgreSQL database users cannot have the same name as PostgreSQL databases.
  • Fixed case CPANEL-36082: Update cpanel-phpmyadmin to 4.9.5-2.cp1186.
  • Fixed case CPANEL-36215: Add error handling for empty rdate server response.
  • Fixed case CPANEL-36224: Remove api-logfile and api-readonly from the PowerDNS configuration file.
  • Fixed case CPANEL-36328: Disallow NSD and MyDNS on AlmaLinux.
  • Fixed case CPANEL-36506: Fix downloading of files with “+” in their names via File Manager.
  • Fixed case CPANEL-36518: Add hook point for TweakSettings::Main.
  • Fixed case CPANEL-36653: Update exim to 4.94-2.cp1194.
  • Implemented case CPANEL-36065: Update the getremotecpmove script to use API2 instead of API1.


  • Fixed case CPANEL-34502: Remove Duplicate History Items in WHM Marketplace.
  • Fixed case CPANEL-35484: Prevent pkgacct from hanging when running unprivileged.
  • Fixed case CPANEL-35750: Remove restarts of sssd during cache flushing.
  • Fixed case CPANEL-35799: Allow using /etc/hosts when creating an account with a mail node.
  • Fixed case CPANEL-35903: Update cpanel-roundcubemail to 1.4.11-1.cp1196.
  • Fixed case CPANEL-35946: Update cpanel-git to 2.30.1-1.cp1194.
  • Fixed case CPANEL-35947: Update cpanel-php73 to 7.3.27-1.cp1186.
  • Fixed case CPANEL-35961: Ensure AlmaLinux uses the same SQL repos as CentOS.
  • Fixed case CPANEL-35965: Enable “Add An A entry for Your Hostname” on DNSONLY systems.
  • Fixed case CPANEL-35973: Run rebuilddnsconfig on AlmaLinux installs.
  • Fixed case CPANEL-36017: Update kernel exclude list to avoid installing unwanted kernel packages.
  • Fixed case CPANEL-36041: Allow systems running AlmaLinux to upgrade.
  • Fixed case CPANEL-36043: Install MariaDB gpg key up front in cpanel_initial_install just like with MySQL's gpg key.
  • Fixed case CPANEL-36046: Fix issue where quotas might not initialize on CentOS 8 with XFS.
  • Fixed case CPANEL-36068: Teach EOL notification to determine if an update is available.
  • Fixed case CPANEL-36069: Update cpanel-perl-532 to 5.32.0-3.cp1194.
  • Fixed case CPANEL-36089: Fix missing-method error on account-distribution when restoring.
  • Fixed case CPANEL-36095: Fix handling of account creation limits for resellers with no limit.
  • Fixed case CPANEL-36097: Update cpanel-puttygen to 0.74-1.cp1186.
  • Fixed case CPANEL-36099: Copy cPanel error documents into the doc root for new users upon account creation.
  • Fixed case CPANEL-36101: Update cpanel-pdns to 4.3.1-10.cp1194.
  • Fixed case CPANEL-36102: Fix user-distribution conversion timeouts.
  • Fixed case CPANEL-36113: Avoid setting log metadata on account-distribution conversion error.
  • Fixed case CPANEL-36114: Update cpanel-pdns to 4.3.1-11.cp1194.
  • Fixed case CPANEL-36132: Fix missing-method error in account-transfer MySQL streaming.
  • Fixed case CPANEL-36178: Update cpanel-perl-532-munin to 2.0.30-2.cp1194.
  • Implemented case CPANEL-35801: Implement a new Tweak Setting to limit resellers with the 'edit-account' ACL to their user account limits.
  • Implemented case CPANEL-35802: Teach to-distributed conversions to sync mail at the end.


  • [security] Fixed case SEC-581: Self-XSS Vulnerability in EasyApache 4 Save Profile.


  • Fixed case CPANEL-35825: Clarify description of Configuration Cluster interface.
  • Fixed case CPANEL-35836: Rebuild the dovecot local template for Imunify360 users after upgrade.
  • Fixed case CPANEL-35851: Enable STABLE version for JetBackup on CentOS 8.
  • Fixed case CPANEL-35853: Prevent DNS Zone Manager errors when cpuser files do not exist.
  • Fixed case CPANEL-35869: Run scripts/configure_firewall_for_cpanel on 92 -> 94 updates on CentOS 8 to fix bug in SOLR firewall configuration.
  • Fixed case CPANEL-35880: Restore expected download behavior for cPanel applications.
  • Fixed case CPANEL-35882: Fix DKIM signing in Exim.
  • Fixed case CPANEL-35899: Present meaningful errors when attempting to rename a database to have the same name as a database that already exists or when attempting to create a database with the same name as one that already exists.
  • Fixed case CPANEL-35927: Update cpanel-phppgadmin to 5.6.0-2.cp1186.
  • Fixed case CPANEL-35930: Fix stale role-enabled cache when changing role state.
  • Fixed case CPANEL-35942: Fix DKIM signing for hostname-sent messages.
  • Fixed case CPANEL-35970: Correct errant detection of failure in license update.
  • Fixed case CPANEL-35989: Reinstate ability to 'Reset a DNS Zone' on non-distributed standard nodes.
  • Implemented case CPANEL-35819: Update Messaging in ModifyAcct to Reflect Distribution Changes.
  • Implemented case CPANEL-35920: Create “get_service_proxy_backends” WHM API v1 function.
  • Implemented case CPANEL-35924: Block v94 point updates if any child node runs pre-


  • Fixed case CPANEL-35386: Do not expose the password hash if a user already exists.
  • Fixed case CPANEL-35693: Allow the UAPI Ftp list_ftp_with_disk function to return results when account is over quota.
  • Fixed case CPANEL-35726: Fix acceptance of linked-node alias of “0”.
  • Fixed case CPANEL-35751: Fix “Prototype mismatch” errors from cPanel::PublicAPI.
  • Fixed case CPANEL-35782: Enable installation of Whostmgr::Imunfy360 on CentOS/CloudLinux 8 systems.
  • Fixed case CPANEL-35789: Fix quota initialization on CloudLinux 8.
  • Fixed case CPANEL-35823: Ensure appconfig can access php-fpm in WHM.
  • Fixed case CPANEL-35845: Resolved fatal error with non-cPanel/WHM transfers.
  • Fixed case CPANEL-35854: Update cpanel-pdns to 4.3.1-9.cp1194.
  • Fixed case CPANEL-35866: Migrate existing dovecot ssl configuration directives to the new ssl.conf file.
  • Fixed case CPANEL-35878: Add cpinit.service to the ignorelist in find_outdated_services.
  • Implemented case CPANEL-35639: Make removeacct API call forward warnings to the caller.
  • Implemented case CPANEL-35769: Improve Exim’s report of sender verification failure.


  • Fixed case CPANEL-35174: Propagate feature lists to child nodes as part of package propagation.
  • Fixed case CPANEL-35251: Update delayed upgrade message.
  • Fixed case CPANEL-35660: Make configureservice accessible pre-install.


  • Fixed case CPANEL-33910: Teach a few services, APIs, and UIs when cpdavd is unneeded.
  • Fixed case CPANEL-34318: Make Live Transfer & Express Transfer update acct suspension includes.
  • Fixed case CPANEL-34344: Account xfers: Avoid trying to stream MySQL if homedir can’t stream.
  • Fixed case CPANEL-34605: Suspended accounts will be included in the total returned by the "get_current_users_count" WHM API call.
  • Fixed case CPANEL-34637: Fix MySQL database transfers from version 8.x to 5.x.
  • Fixed case CPANEL-34775: Fix WebCalls component of unprivileged pkgacct calls.
  • Fixed case CPANEL-34776: Allow pkgacct run as user to backup WHM API tokens.
  • Fixed case CPANEL-34913: Tighten integrity of used-UIDs datastore.
  • Fixed case CPANEL-35183: Fixed upgrading to MySQL 8 on RHEL 7.
  • Fixed case CPANEL-35188: Convert cphulkd to systemd notify type service.
  • Fixed case CPANEL-35189: Convert cpdavd to a systemd notify type service.
  • Fixed case CPANEL-35279: Fix the use of wildcards for recognized IPs in WHM's security questions.
  • Fixed case CPANEL-35342: Fix the create_parked_domain_for_user API call for resellers with the appropriate privileges.
  • Fixed case CPANEL-35350: Keep SSL certificates installed on addon domains after modifying the account to change the primary domain.
  • Fixed case CPANEL-35375: Block the Email Routing if a cPanel User Is Distributed.
  • Fixed case CPANEL-35375: Remove Generic Mail Node Alert in Email Routing.
  • Fixed case CPANEL-35413: Avoid parsing dns zones without CAA when we can pre-check.
  • Fixed case CPANEL-35432: Clear mounts cache before running disk usage check with chkservd.
  • Fixed case CPANEL-35464: PowerDNS: change the order of operations to avoid errors during RPM installation.
  • Fixed case CPANEL-35503: Hide child-node component accounts’ domains in WHM parked/subdomain UIs.
  • Fixed case CPANEL-35520: Restore old kernel exclude line in Cpanel::SysPkgs::YUM.
  • Fixed case CPANEL-35528: Fix PostgreSQL username processing when using “Modify an Account” in WHM to change a user's name.
  • Fixed case CPANEL-35532: Fix issues with newer versions of GPG not listing key info correctly.
  • Fixed case CPANEL-35542: Fix Dovecot template icontact race condition with i360.
  • Fixed case CPANEL-35550: Omit proxying data from cpdoveauthd responses to doveadm.
  • Fixed case CPANEL-35554: Ensure Cpanel::Systemd::Notify objects are cleaned up during the appropriate Perl execution phase.
  • Fixed case CPANEL-35556: Update cpanel-perl-532-TestRail-API to 0.048-4.cp1194.
  • Fixed case CPANEL-35569: Fix /scripts/mailperm not to set wrong perms on /etc/valiases &c.
  • Fixed case CPANEL-35588: Remove go back link on the virus scanner app and include loading spinner and helpful callouts to facilitate a smoother navigation.
  • Fixed case CPANEL-35590: Fix warning from WHMAPI v1 create_user_session for root.
  • Fixed case CPANEL-35592: Allow jailed shell users to use the "man" command.
  • Fixed case CPANEL-35598: Forgo httpd and web vhost updates on hostname change.
  • Fixed case CPANEL-35599: Fix error from set_php_memory_limits during the initial setup of a DNSOnly system.
  • Fixed case CPANEL-35602: Allow installation of WordPressToolkit on CentOS 8 and CloudLinux 8.
  • Fixed case CPANEL-35613: Fix miscellaneous bugs in NFTables, SSSD and Async Exec logic on CentOS 8.
  • Fixed case CPANEL-35622: Downgrade cpanel-perl-532-Net-Google-Drive-Simple to 0.14.
  • Fixed case CPANEL-35625: Do not report nginx caching is active when ea-nginx-standalone is installed.
  • Fixed case CPANEL-35645: Fix title attribute binding on Contact Manager.
  • Fixed case CPANEL-35670: Forgo remote-domain and domain-registration checks on child nodes.
  • Fixed case CPANEL-35671: Always release bandwidth DB transactions.
  • Fixed case CPANEL-35673: Update MySQL56 to 5.6.51-1.cp1186.
  • Fixed case CPANEL-35676: Teach SSL-invalid-detection logic about CentOS 8.
  • Fixed case CPANEL-35686: Block distributed accounts on child node in 'List Accounts'.
  • Fixed case CPANEL-35689: Make spamassassin feature depend on child node & role.
  • Fixed case CPANEL-35690: Fix and refactor cpdavd’s socket init logic.
  • Fixed case CPANEL-35697: Add quota warning to 'Modify an Account'.
  • Fixed case CPANEL-35704: Record a child node’s state as such.
  • Fixed case CPANEL-35706: Improved installer reliability.
  • Fixed case CPANEL-35741: Fix warnings generated by scripts/compilers.
  • Fixed case CPANEL-35754: Fix ClamScanner logger for mail disinfections.
  • Fixed case CPANEL-35761: Show warning that the virus scanner will not scan all the files in the mail directory in specific cases.
  • Fixed case CPANEL-35778: Fix condition syntax for the Exim virtual_user_filter.
  • [security] Fixed case SEC-578: Reseller suspension lock bypass.
  • [security] Fixed case SEC-579: MySQL user suspension fails with old-style password hashes.
  • Implemented case CPANEL-35201: localdomains/remotedomains now reflects server linkage.
  • Implemented case CPANEL-35211: Update exim to 4.94.
  • Implemented case CPANEL-35463: Remove Mail Node Experimental Warnings from Create Account.
  • Implemented case CPANEL-35463: Remove Mail Node Experimental warning from Link Server Nodes.
  • Implemented case CPANEL-35463: Remove Mail Node Experimental Warning from Modify Account.
  • Implemented case CPANEL-35463: Remove Experimental Warning from Transfer cPanel Account.
  • Implemented case CPANEL-35463: Remove Mail Node Experimental Warnings from Transfer Tool.
  • Implemented case CPANEL-35497: Filter child accounts from the WHM AutoSSL UI.
  • Implemented case CPANEL-35510: Create a cache of distributed accounts.
  • Implemented case CPANEL-35515: Implement iContact email when local configuration templates are in use.
  • Implemented case CPANEL-35526: Update Virus Scanner UI to use Angular and UAPI ClamScanner.
  • Implemented case CPANEL-35558: Remove linked-node-parity restrictions for resellers.
  • Implemented case CPANEL-35570: Make WHM IPv6 UIs require WebServer role.
  • Implemented case CPANEL-35571: Make the IPv6 APIs require the WebServer role.
  • Implemented case CPANEL-35572: Fix cpsrvd webmail redirections to child node.
  • Implemented case CPANEL-35578: Hide child accounts in Force Password Change UI.
  • Implemented case CPANEL-35580: Make the “forcepasswordchange” API call reject child accounts.
  • Implemented case CPANEL-35621: Ensure multi-part AutoSSL messages are separated by a space.
  • Implemented case CPANEL-35628: Teach quota-setting logic to propagate to child nodes.
  • Implemented case CPANEL-35721: Display warning in API Tokens page if Child Accounts exist.


  • Fixed case CPANEL-33636: Skip empty MySQL notes during restorepkg
  • Fixed case CPANEL-34753: Disable the "Enable Force HTTPS Redirect" button on Domains when no domains are selected.
  • Fixed case CPANEL-34816: Remove false messages about restoring database users under a different name when restoring MySQL databases on an account that already exists.
  • Fixed case CPANEL-34951: Reintroduce the yum.conf kernel exclude as a simple wildcard entry.
  • Fixed case CPANEL-34996: Fix parsing of character set option when editing autoresponders.
  • Fixed case CPANEL-35002: Make Dynamic DNS’s SSL certificate checking tolerate missing caIssuer.
  • Fixed case CPANEL-35104: Replace usage of bin/cloudlinux_system_install with upstream installer from CloudLinux in bin/cloudlinux_update.
  • Fixed case CPANEL-35173: Update the cPanel & WHM Pricing and Term Agreement to version 11-17-2020.
  • Fixed case CPANEL-35233: Make the 'recommended' label consider current DB software on MySQL/MariaDb Upgrade UI.
  • Fixed case CPANEL-35255: Fix systemd notifications in dormant services when Linux::Systemd is not available.
  • Fixed case CPANEL-35261: Make fix_pdns_startup task start pdns if it is down.
  • Fixed case CPANEL-35275: Fix copied script execution in WebSocket-based transfers.
  • Fixed case CPANEL-35311: Fix “Show Docs” URL for installed modules under “PHP PEAR Packages”, “Perl Modules”, and “RubyGems” interfaces in cPanel.
  • Fixed case CPANEL-35333: Refresh NSCD cache on user shell modification.
  • Fixed case CPANEL-35351: Fix error reporting when creating an email account through the cPanel interface.
  • Fixed case CPANEL-35354: Fix ALL showing up in Host Access Control for rules when it should not have been.
  • Fixed case CPANEL-35363: Block API 1 as appropriate for Mail Node profile & distributed accounts.
  • Fixed case CPANEL-35365: New UAPI calls for ClamScanner: start_scan, get_scan_status.
  • Fixed case CPANEL-35371: Add an automated test to exercise autodomain script.
  • Fixed case CPANEL-35387: Use correct version of pip to ensure dependencies for python applications.
  • Fixed case CPANEL-35389: Update cpanel-git to 2.30.0-1.cp1194.
  • Fixed case CPANEL-35395: Remove the “PID File” field from the WHM “Spamd Startup Configuration” interface.
  • Fixed case CPANEL-35405: Fix faulty setlist filter syntax in templates.
  • Fixed case CPANEL-35410: Fix WHM "Change Root Password" implicit submission.
  • Fixed case CPANEL-35412: Ensure the inet table exists in NFTables for CentOS 8.
  • Fixed case CPANEL-35421: Update strings in Host Access Control for CentOS 8.
  • Fixed case CPANEL-35431: Ensure that mounts within the root directory can be ignored during disk usage checks.
  • Fixed case CPANEL-35448: Add nftables package to sysup on CentOS 8.
  • Fixed case CPANEL-35453: Stop shipping legacy ruby installer.
  • Fixed case CPANEL-35457: Fix certain internal Perl error conditions in admin commands.
  • Fixed case CPANEL-35471: Replace old Multiphp UI with the new one.
  • Fixed case CPANEL-35478: Update cpanel-perl-532-TestRail-API to 0.048-3.cp1194.
  • Fixed case CPANEL-35491: Update cpanel-php73 to 7.3.26-1.cp1186.
  • Fixed case CPANEL-35502: Create UAPI ClamScanner calls for scan paths and disinfecting files.
  • Fixed case CPANEL-35517: Add NGINX cache status to cPanel’s General Information.
  • Implemented case CPANEL-35263: Implement “forced” dedistribution.
  • Implemented case CPANEL-35308: Add MySQL Manager page in cPanel UI as experimental feature.
  • Implemented case CPANEL-35347: cPanel > Filters > Edit now uses Email::get_spam_settings.
  • Implemented case CPANEL-35359: Update Modify Account to Allow Dedistribution.
  • Implemented case CPANEL-35366: Lock Email Routing Controls for Distributed Accounts.
  • Implemented case CPANEL-35391: Reset DNS Zone now prevents access to child accounts.
  • Implemented case CPANEL-35391: Convert Addon No Longer Displays Distributed Accounts.
  • Implemented case CPANEL-35391: Child Accounts No Longer Show in Add Reseller List.
  • Implemented case CPANEL-35391: WHM MySQL Password List No Longer Displays child Accounts.
  • Implemented case CPANEL-35391: Update DNS Zone List to Not Display Child Accounts.
  • Implemented case CPANEL-35391: WHM Park a Domain No Longer Displays Child Accounts.
  • Implemented case CPANEL-35401: Use parent's password-strength enforcement on child node.
  • Implemented case CPANEL-35415: Update WHM API SSL methods to block user API methods for child accounts.
  • Implemented case CPANEL-35446: Custom PHP recommendations can be displayed in the cPanel MultiPHP interface.
  • Implemented case CPANEL-35450: Add ability to view and force de-distribute distributed accounts in 'Link Server Nodes' interface.
  • Implemented case CPANEL-35459: Remove global CentOS 8 experimental software banner.
  • [security] Fixed case CPANEL-34541: Update MySQL56 to 5.6.50-1.cp1186.


  • Fixed case CPANEL-29212: Convert tailwatchd to systemd notify type service.
  • Fixed case CPANEL-29212: Convert queueprocd to systemd notify type service.
  • Fixed case CPANEL-29212: Convert cpsrvd to systemd notify type service.
  • Fixed case CPANEL-30810: Do not install the EA4 repo if /etc/apachedisable.
  • Fixed case CPANEL-32334: Configurable email delivery handling for suspended accounts.
  • Fixed case CPANEL-33115: Special characters in database names no longer prevent restores and interacting with MySQL in cPanel UIs.
  • Fixed case CPANEL-33684: Reject attempts to add a forwarder when logged into Webmail as the cPanel user.
  • Fixed case CPANEL-33768: Fix Synchronize DNS Records radio button behavior.
  • Fixed case CPANEL-33861: Explain database options in WHM » Backup » Backup Configuration.
  • Fixed case CPANEL-33922: Update the WHM » Transfers » Transfer Tool interface to clarify when and how reseller privileges may be transferred.
  • Fixed case CPANEL-34051: Fix stack trace error when attempting to enable monitoring on a skipped service via WHM API 1.
  • Fixed case CPANEL-34055: Only monitor services that are available on DNSONLY systems.
  • Fixed case CPANEL-34104: Restoring or transferring an account will no longer create MySQL grants with the old server's host name or IP address.
  • Fixed case CPANEL-34135: The Imunify360 PAM extension is now supported when rebuilding the dovecot configuration templates.
  • Fixed case CPANEL-34135: Dovecot 2.3 now uses a separate ssl.conf file for ssl related configuration values.
  • [security] Fixed case CPANEL-34231: Update cpanel-php73 to 7.3.23-1.cp1186.
  • Fixed case CPANEL-34287: Fix mail bytes logging for accounts on CentOS 8.
  • Fixed case CPANEL-34389: Update rpm.versions for cpanel-geoipfree-data to 94.0-1.cp1194.
  • Fixed case CPANEL-34402: Standardize calls to Cpanel::Version::Compare.
  • Fixed case CPANEL-34417: Fix default error documents for new accounts.
  • Fixed case CPANEL-34481: Fix Autodomain self-signed errors in DNSONLY.
  • Fixed case CPANEL-34483: Fix WHM API set_local_mysql_root_password to version check the local mysql server.
  • Fixed case CPANEL-34511: Always show 'Copy' button when 'Packages' or 'Service Configurations' tab is selected.
  • Fixed case CPANEL-34541: Update MySQL56 to 5.6.50-1.cp1186.
  • Fixed case CPANEL-34542: Fix mail-related values returned by StatsBar UAPI call when invoked via uapi_cpanel WHM API call.
  • Fixed case CPANEL-34548: Clarify MySQL warnings on the Backup Configuration WHM UI.
  • Fixed case CPANEL-34580: Fix error message for changing the package for an account.
  • Fixed case CPANEL-34587: WHM Marketplace manage button now sends partners to manage2 and direct customers to the store.
  • Fixed case CPANEL-34601: Use the DDNS domain’s base domain in the AutoSSL new-cert notification.
  • Fixed case CPANEL-34619: Ensure cron job for legacy cpbackup is not removed prematurely.
  • Fixed case CPANEL-34620: Convert tailwatchd to a notify-type service on systems that use systemd.
  • Fixed case CPANEL-34640: Fix verify_slack_access for POSTing to multiple WebHook URLs.
  • Fixed case CPANEL-34645: Ensure FTP quota recalculation restores previous public_ftp dir permissions.
  • Fixed case CPANEL-34648: Use "edge" repo for JetBackup 5 on CentOS 8.
  • Fixed case CPANEL-34653: Fix implicit submission of DDNS creation form.
  • Fixed case CPANEL-34677: Improve support for CloudLinux 8.
  • Fixed case CPANEL-34678: Don't show references to MultiPHP Manager on in Cron Jobs area in cPanel when MultiPHP Manager is disabled as a feature.
  • Fixed case CPANEL-34685: Update the email group to the first position for all accounts.
  • Fixed case CPANEL-34716: Properly report status of PowerDNS service when the RPM database is corrupted.
  • Fixed case CPANEL-34725: Add support for KernelCare and ImunifyAV CentOS8 in security advisor.
  • Fixed case CPANEL-34730: Improve support for nftables.
  • Fixed case CPANEL-34732: Update wording of SSL-ready emails for DDNS.
  • Fixed case CPANEL-34733: Fix errors when trying to save the Dynamic DNS domain description.
  • Fixed case CPANEL-34738: Strip “proxy_backend” from web vhost configs on account restore.
  • Fixed case CPANEL-34757: Fix the cPanel MySQL Databases interface when there when the grant output contains role information.
  • Fixed case CPANEL-34765: Remove additional authentication request when creating a ticket.
  • Fixed case CPANEL-34777: Allow scripts/pkgacct to save the description of Remote MySQL hosts when the program is run as a cPanel user.
  • Fixed case CPANEL-34782: Switch cPanel to use Perl 5.32.
  • Fixed case CPANEL-34807: Update cpanel-php-composer to 2.0.6-1.cp1186.
  • Fixed case CPANEL-34810: Preparation for PHP 8 and other future major PHP versions.
  • Fixed case CPANEL-34822: Update SSL/TLS Status to reflect the current state of support for wildcard domains with AutoSSL.
  • Fixed case CPANEL-34830: Clean up yum output when checking dependencies in cPaddons Site Software.
  • Fixed case CPANEL-34834: Display BoxTrapper dates with the server timezone and not UTC.
  • Fixed case CPANEL-34836: Improve the email account create view.
  • Fixed case CPANEL-34837: Make a note in the backup log when an account is skipped for backups because it is not configured for backups.
  • Fixed case CPANEL-34850: Make AutoSSL confirm local authority before DNS DCV.
  • Fixed case CPANEL-34851: Update cpanel-perl-532-Crypt-GPG to 1.64-2.cp1194.
  • Fixed case CPANEL-34852: Fix install failures on CentOS 8.
  • Fixed case CPANEL-34894: Remove scripts/unify_virtual_user_password_strengths.
  • Fixed case CPANEL-34900: Remove scripts/migrate-api-tokens-for-service.
  • Fixed case CPANEL-34901: Fix tailwatchd on CloudLinux 6 servers with custom Python 2.7.
  • Fixed case CPANEL-34905: Ensure resellers can create accounts with the chosen package's feature list.
  • Fixed case CPANEL-34931: Teach Cpanel::PackMan about change to yum shell output in C8.
  • Fixed case CPANEL-34932: Ensure VPS Optimized cPanel does not have duplicate SpamAssassin parameters.
  • Fixed case CPANEL-34938: Speed up mod security installed check.
  • Fixed case CPANEL-34945: Update cpanel-git to 2.29.2-1.cp1194.
  • Fixed case CPANEL-34947: Fix the WHM Expired Password page for resellers.
  • Fixed case CPANEL-34964: Update cpanel-perl-532-Amazon-S3 to 0.45-2.cp1194.
  • Fixed case CPANEL-34970: No longer create double the normal firewall rules in some rare cases when modifying an account.
  • Fixed case CPANEL-34980: Fix bug with NFTables and Dovecot SOLR firewall rules.
  • Fixed case CPANEL-34981: Only run one build_global_cache at a time.
  • Fixed case CPANEL-34985: Always show 'Linked Mail Node' option in 'Mail Routing Settings' of 'Create a New Account' UI for root and root-resellers.
  • Fixed case CPANEL-34989: Improve performance of servicestatus api.
  • Fixed case CPANEL-34992: Improve performance of reset_service_ssl_certificate.
  • Fixed case CPANEL-34996: Fix parsing of character set option when editing autoresponders.
  • Fixed case CPANEL-34999: Update cpanel-php73 to 7.3.25-1.cp1186.
  • Fixed case CPANEL-35005: Add backwards compatibility to the modsec2 installed check.
  • Fixed case CPANEL-35011: Fix bugs in user/group data caching when sssd is running.
  • Fixed case CPANEL-35025: Fix unsuspendacct’s removal of service proxying.
  • Fixed case CPANEL-35042: Ensure that all glibc locale packages are installed for Horde.
  • Fixed case CPANEL-35057: Use system openssl for EA4 on C8.
  • Fixed case CPANEL-35064: Speed up service restarts on upcp.
  • Fixed case CPANEL-35073: Improve UI appearance by converting buttons from "ALL CAPS" to "Title Case" style.
  • Fixed case CPANEL-35084: Simplify parallel service startup.
  • Fixed case CPANEL-35092: Use the status api for service running checks.
  • Fixed case CPANEL-35114: Add lsapi banner to new MultiPHP Manager UI.
  • Fixed case CPANEL-35116: Add trial banner to Login themes.
  • Fixed case CPANEL-35137: Convert dnsadmin to systemd notify type service.
  • Fixed case CPANEL-35140: Replace API1 with UAPI in cPanel Autoresponders interface.
  • Fixed case CPANEL-35141: Better handle files with EUC-TW character encoding in File Manager.
  • Fixed case CPANEL-35152: Replace API1 with UAPI in cPanel edit email quotas system.
  • Fixed case CPANEL-35153: Replace API1 with UAPI in cPanel email import CSV system.
  • Fixed case CPANEL-35164: Catch a failure that prevented the WHM UI from loading when the RPM database is corrupt.
  • Fixed case CPANEL-35168: Improve the Welcome Panel by temporarily hiding it when a user enters a search term into the search box.
  • Fixed case CPANEL-35171: Fully implement configurable email delivery for suspended accounts.
  • Fixed case CPANEL-35173: Update the cPanel & WHM Pricing and Term Agreement to version 11-17-2020.
  • Fixed case CPANEL-35176: Replace API1 CSVImport doimport method with UAPI method.
  • Fixed case CPANEL-35216: Explicitly define NotifyAccess in some service unit configurations.
  • Fixed case CPANEL-35219: Ensure that /etc/localdomains exists when scripts/updateuserdomains is invoked.
  • Fixed case CPANEL-35228: Improve the look of the Welcome Panel with minor visual changes.
  • Fixed case CPANEL-35232: Add ability for the server owner to enable cPanel analytics in the Feature Showcase.
  • Fixed case CPANEL-35244: Add support for weekly backups to the “backup_user_list” WHM API1 call.
  • Fixed case CPANEL-35244: Return proper metadata upon failure for the “backup_user_list” and “get_users_and_domains_with_backup_metadata” WHM API1 calls.
  • Fixed case CPANEL-35248: Initialize the HAC chain on CentOS 8 automagically if it does not exist.
  • Fixed case CPANEL-35254: Ship the Linux::Systemd module by default to allow better systemd notification support.
  • Fixed case CPANEL-35257: Fix ALL validator in Host Access Control for CentOS 8.
  • Fixed case CPANEL-35265: Fix issue with cache removal for nftables.
  • Fixed case CPANEL-35266: Remove spurious ModSecurity warnings pertaining OWASP rule 920280 being tripped by chkservd.
  • Fixed case CPANEL-35268: Handle the error of trying to set SpamAssassin's PID file to a directory more gracefully.
  • Fixed case CPANEL-35274: Fix queueprocd service restart error during upcp.
  • Fixed case CPANEL-35276: Improve license handling for WPT.
  • Fixed case CPANEL-35286: Update cpanel-perl-532-TestRail-API to 0.047-3.cp1194.
  • Fixed case CPANEL-35296: Create UAPI calls for configuring BoxTrapper allow and ignore lists.
  • Fixed case CPANEL-35305: Fix bug where CloudLinux testing repos for version 8 were enabled for CL7.
  • Fixed case CPANEL-35311: Fix “Show Docs” URL for installed modules under “PHP PEAR Packages”, “Perl Modules”, and “RubyGems” interfaces in cPanel.
  • Fixed case CPANEL-35316: Add ability to skip disk space checks on specific mounts.
  • Fixed case CPANEL-35319: Don't show the FTP Connections tool on CloudLinux.
  • Fixed case CPANEL-35320: Make Application Manager backend multi-ruby aware.
  • Fixed case CPANEL-35335: Update cpanel-roundcubemail to 1.4.10-1.cp1188.
  • Fixed case CPANEL-35355: Fix validator bug in Host Access Control for CentOS 8.
  • Fixed case CPANEL-35390: Update dovecot to 2.3.13-1.cp1194.
  • Implemented case CPANEL-31057: Ensure a Better Workflow in Link Server Nodes.
  • Implemented case CPANEL-33584: Implemented case CPANEL-33584: Event hook for cPanel user approaching and at account quota.
  • Implemented case CPANEL-34554: Add the ability to de-distribute accounts.
  • Implemented case CPANEL-34590: Make Live Transfer mode NOT block dynamic content.
  • Implemented case CPANEL-34615: Expose control for user to choose system-default SSL key type.
  • Implemented case CPANEL-34687: Accommodate non-MySQL setups in suspend/unsuspend operations.
  • Implemented case CPANEL-34708: Correctly check for remote MySQL in cPanel.
  • Implemented case CPANEL-34735: Hide disk-usage related items in stats bar; fix tests.
  • Implemented case CPANEL-34759: Create WHM API v1 “start_upcp” function.
  • Implemented case CPANEL-34762: Improve cPanel user's onboarding experience using a Welcome Panel.
  • Implemented case CPANEL-34768: Update CloudLinux installer-helper code for CentOS 8.
  • Implemented case CPANEL-34780: Teach UAPI Backup APIs to accept a “homedir” parameter.
  • Implemented case CPANEL-34803: Make user-authenticated transfers stream the home directory, and add scripts/transfer_account_as_user.
  • Implemented case CPANEL-34817: Fix start_cpanel_update spec file.
  • Implemented case CPANEL-34853: Replace API1 with UAPI in cPanel Subdomains interface.
  • Implemented case CPANEL-34893: Restrict cPanel API calls on child accounts.
  • Implemented case CPANEL-34917: Update WHM API 1 massmodify OAPI.
  • Implemented case CPANEL-34917: Update OAPI for WHM API 1 modifyacct.
  • Implemented case CPANEL-34917: New tweak setting added to prevent firewall changes when modifying an account.
  • Implemented case CPANEL-34929: Speed up set_hostname.
  • Implemented case CPANEL-34972: Display demos of new CJT3 components in Canary.
  • Implemented case CPANEL-35027: Update the End User License Agreement to version 11-16-2020.
  • Implemented case CPANEL-35038: Synchronize child accounts’ child status on upgrade.
  • Implemented case CPANEL-35047: Update Welcome Panel to only show to brand new accounts.
  • Implemented case CPANEL-35048: Reject cPanel logins for users with child workloads defined.
  • Implemented case CPANEL-35075: Report MySQL restore failures, and connect them to retry logic.
  • Implemented case CPANEL-35106: Transfer scripts: allow arguments to the session initialization logic.
  • Implemented case CPANEL-35117: Prevent direct child account password changes: List Accounts.
  • Implemented case CPANEL-35128: Prevent setting child accounts’ passwords via WHM API v1.
  • Implemented case CPANEL-35131: Remove several of the excluded packages in the /etc/yum.conf.
  • Implemented case CPANEL-35133: Update Messaging for Edit DNS Zone to extend the deprecation.
  • Implemented case CPANEL-35169: cpapi1 fixuppipedprog was removed.
  • Implemented case CPANEL-35169: uapi check_pipe_forwarder has been removed.
  • Implemented case CPANEL-35169: cpapi1 checkpipefwd was removed.
  • Implemented case CPANEL-35184: Make pkgacct exit nonzero if any component modules fail.
  • Implemented case CPANEL-35194: Speed up rpmup.
  • Implemented case CPANEL-35196: Remove legacy post install scripts.
  • Implemented case CPANEL-35259: Restrict certain WHM API v1 functions for child accounts.
  • Implemented case CPANEL-35267: Child Node WHM Interfaces now block editing distributed accts.
  • Implemented case CPANEL-35282: Fix migrate-pdns-conf for pdns 4.3.1 compatibility.
  • Implemented case CPANEL-35291: Add button to enable PHP-FPM on all domains.
  • Implemented case CPANEL-35345: Site Software is no longer available on a mail profile.

Additional Documentation