68 Change Log

68.0.39 2018-05-21

[security] Fixed case SEC-393: API tokens retain ACLs that are removed from accounts. [security] Fixed case SEC-394: Stored code execution injections in WHM cPAddons interface. [security] Fixed case SEC-395: Arbitrary file unlink via cPAddons moderation system. [security] Fixed case SEC-396: Email injection in cPAddons moderation. [security] Fixed case SEC-398: Remote-Stored XSS in WHM cPAddons installation interface. [security] Fixed case SEC-399: Remote-stored XSS in YUM autorepair functionality. [security] Fixed case SEC-400: Remote-Stored XSS in WHM Save Theme Interface. [security] Fixed case SEC-408: ClamAV installation reveals the contents of root’s crontab. [security] Fixed case SEC-427: Cron feature restriction not enforced for API calls. [security] Fixed case SEC-429: Backup feature restriction not enforced for API calls. [security] Fixed case SEC-430: Images feature restriction not enforced for API calls. [security] Fixed case SEC-432: Cpanel Mime::list_hotlinks API feature restriction not enforced. [security] Fixed case SEC-435: Arbitrary file read in pkgacct custom template handling. 68.0.38 2018-05-02

Fixed case CPANEL-13158: Limit AutoSSL DCV failure content logging to 1024 bytes. Fixed case CPANEL-19127: Avoid rpm dependency calculation during file verification. Fixed case CPANEL-19260: Ensure Mysql profiles activation rolls back upon failure. Fixed case CPANEL-19329: Eximstats_spam_check now filters empty senders. Fixed case CPANEL-19487: Cpanel::PublicSuffix expire cache when PublicSuffix.pm size changes. Fixed case CPANEL-19535: Update cpanel-squirrelmail to 2012.12.09-2.cp1162. 68.0.37 2018-04-16

Fixed case CPANEL-19051: Update cpanel-perl-524 to 5.24.1-9.cp1168 for CVE-2018-6913, CVE-2018-6797, and CVE-2018-6798. [security] Fixed case CPANEL-19680: Update cpanel-roundcubemail to 1.3.3-4.cp1164 to fix CVE-2018-9846. 68.0.36 2018-03-28

Fixed case CPANEL-19455: New crontab breaking update on upgrade. Fixed case CPANEL-19511: Avoid hang during Dovecot FTS rescan. 68.0.34 2018-03-26

Fixed case CPANEL-17197: Increase SQLITE_BUSY_TIMEOUT and add random jitter. Fixed case CPANEL-17645: Create test and Page Object for cPHulk Configuration Settings. Fixed case CPANEL-18966: Update dovecot to 2.2.34-2.cp1162. Fixed case CPANEL-19351: Update cpanel-squirrelmail to 2012.12.09-1.cp1162. Implemented case CPANEL-18952: Update AutoSSL provider to sort vhost FQDNs for Apache TLS. 68.0.33 2018-03-19

[security] Fixed case SEC-338: Arbitrary file chmod during legacy incremental backups. [security] Fixed case SEC-357: Self-XSS in WHM cPAddons showsecurity Interface. [security] Fixed case SEC-359: Code execution via ‘.’ in @INC during perl syntax check of cpaddonsup. [security] Fixed case SEC-362: Demo account code execution via awstats. [security] Fixed case SEC-364: Root accesshash revealed by WHM /cgi/trustclustermaster.cgi. [security] Fixed case SEC-368: OpenID providers can inject arbitrary data into cPanel session files. [security] Fixed case SEC-369: Stored XSS in WHM Edit DNS Zone. [security] Fixed case SEC-370: Stored XSS in WHM Edit MX Entry. [security] Fixed case SEC-371: Any user is able to shut down Solr. [security] Fixed case SEC-372: Remote Stored XSS in WHM DNS Cluster. [security] Fixed case SEC-373: Remote Stored XSS in WHM Create Account. [security] Fixed case SEC-374: Remote Stored XSS in WHM Edit DNS Zone. [security] Fixed case SEC-375: Remote Stored XSS in WHM Delete a DNS Zone. [security] Fixed case SEC-376: Remote Stored XSS in WHM DNS Cleanup. [security] Fixed case SEC-377: Remote Stored XSS in WHM Synchronize DNS Records. [security] Fixed case SEC-378: Arbitrary file read and unlink via WHM style uploads. [security] Fixed case SEC-379: Local privilege escalation via WHM Legacy Language File Upload interface. [security] Fixed case SEC-380: Local privilege escalation via WHM Locale XML Upload interface. [security] Fixed case SEC-382: Jailshell breakout via incorrect crontab parsing. [security] Fixed case SEC-391: Remote Stored XSS in cpaddons vendor interface. [security] Fixed case SEC-392: Open redirect via /unprotected/redirect.html endpoint. [security] Fixed case SEC-401: Htaccess restrictions bypass when “Htaccess Optimization” enabled. [security] Fixed case SEC-405: Demo account code execution via cPanel Landing Page. [security] Fixed case SEC-406: Apache logs exposed by creation of certain domains. [security] Fixed case SEC-410: Stored XSS in WHM Edit DNS Zone. [security] Fixed case SEC-411: Email account suspensions can be applied to unowned accounts. [security] Fixed case SEC-412: Stored XSS in WHM Reset a DNS Zone. 68.0.30 2018-03-07

Fixed case CPANEL-14816: Workaround crash in mysqldump when exporting many roundcube ids. Fixed case CPANEL-15777: Ensure non-root-resellers can retrieve messages from mail delivery report. Fixed case CPANEL-15951: Report an error if php-fpm does not start. Fixed case CPANEL-16783: Remove mysql dependency from cphulk service configuration. Fixed case CPANEL-17902: WHM: Do not display the ‘default SSL’ on the Manage SSL Hosts interface. Fixed case CPANEL-17902: EA3: Ensure the ‘default SSL’ vhost is bound to all of the shared IPs. Fixed case CPANEL-18132: yum timeout errors aren’t errors when trying other mirrors. Fixed case CPANEL-18601: Ensure get_shared_ip is accessable to resellers. Fixed case CPANEL-18811: Prevent restore stall when autossl excluded domains cannot be restored. 68.0.29 2018-02-13

Fixed case CPANEL-13116: Ignore “publichtmlsubsonly” on account restore. Fixed case CPANEL-15496: Update cpanel-phpmyadmin to 4.7.7-1.cp1166. Fixed case CPANEL-17746: Send litespeed USR2 and TERM to ensure clean shutdown on forced_restart. Fixed case CPANEL-17982: Change dovecot index for spam and sent. Fixed case CPANEL-18045: Remove errant check of waitpid status, left in from earlier rewrite. Fixed case CPANEL-18065: Simplify permissions handling in SafeFile. Fixed case CPANEL-18067: Reduce overhead for the trash empty task. Fixed case CPANEL-18074: Allow proxy subdomain HTTP DCV to work over nonstandard non-SSL port. Fixed case CPANEL-18114: Update cpanel-perl-524-build to 5.24.1-7.cp1168. Fixed case CPANEL-18114: Update cpanel-perl-524 to 5.24.1-7.cp1168. Fixed case CPANEL-18126: Remove module restrictions from cpsrvd-dormant. Fixed case CPANEL-18162: Ignore custom provided srs_config when srs is already enabled. Fixed case CPANEL-18181: Set-tls-settings: save settings for Dovecot with missing config. Fixed case CPANEL-18183: Make the popup on exim conf restore version mismatch visible. Fixed case CPANEL-18326: Resolve race condition with forced and deferred Apache restarts. Fixed case CPANEL-18380: Update dovecot to Fixed case CPANEL-18511: Update exim to 4.89.1-2.cp1162. 68.0.28 2018-01-24

Fixed case CPANEL-14701: Improve robustness of .htaccess syntax checker. Fixed case CPANEL-16352: Ensure MyDNS is updated when using SYNCZONES calls (DKIM, SPF, etc). Fixed case CPANEL-16647: Defer transaction reads until the data is needed. Fixed case CPANEL-17617: Initial support for IPv4-only servers. Fixed case CPANEL-17767: Ensure lock is released when updating SSL vhosts. Fixed case CPANEL-17841: Ensure sysup fetches update config in scalar context. Fixed case CPANEL-17983: Ensure ssl certificates are available during replacement. Fixed case CPANEL-17983: Fix SSL install in the replacement case. 68.0.27 2018-01-22

[security] Fixed case SEC-308: SRS secret revealed in exim.conf. [security] Fixed case SEC-321: Database and dbuser names were not validated during renames. [security] Fixed case SEC-324: Ownership not enforced by addpkgext and delpkgext WHM API calls. [security] Fixed case SEC-339: Backups revealed contents of directories that the user did not own. [security] Fixed case SEC-342: Root’s crontab briefly world-readable when enabling backups. [security] Fixed case SEC-349: Arbitrary file read via restore adminbin. [security] Fixed case SEC-351: Root’s crontab briefly world-readable during crontab configuration. [security] Fixed case SEC-352: Root’s crontab briefly world-readable during post update tasks. [security] Fixed case SEC-353: World-readable copy of httpd.conf created during syntax test. [security] Fixed case SEC-354: Insecure file operations in bin/csvprocess. [security] Fixed case SEC-355: World-readable archive created by archive_sync_zones script. [security] Fixed case SEC-356: Limited arbitrary file write via telnetcrt script. [security] Fixed case SEC-383: Self-XSS in cPanel Backup Restoration. [security] Fixed case SEC-385: Self-XSS in WHM Apache Configuration Include Editor. [security] Fixed case SEC-386: Self-Stored-XSS in WHM Account Transfer. [security] Fixed case SEC-387: Self-XSS in WHM Spamd Startup Config. [security] Fixed case SEC-388: World-readable files created when using WHM Apache Includes Editor. [security] Fixed case SEC-389: Self-XSS in WHM listips interface. 68.0.26 2018-01-11

Fixed cases CPANEL-17912,CPANEL-17907: Reject .invalid as a TLD. 68.0.25 2018-01-10

Fixed case CPANEL-16591: Ensure dead mailman lock file are cleaned up. Fixed case CPANEL-16820: Ensure outdated service checker can handle when a virtuozzo is run vzctl. Fixed case CPANEL-17449: Initialize Domain TLS when installing SSL. Fixed case CPANEL-17507: Ensure disk usage is calculated consistently. Fixed case CPANEL-17549: Make pkgacct errors and warnings show as warnings in Transfer Tool. Fixed case CPANEL-17667: Use the combined file to check if a CAB needs to be updated. Fixed case CPANEL-17721: Update awstats to 7.4-3.cp1162 for CVE-2017-1000501. Fixed case CPANEL-17725: Update cpanel-pigz to 2.4-1.cp1168. Fixed case CPANEL-17763: Ensure block_on_send is set for deferred notifications. Fixed case CPANEL-17784: Improve flock() lock contention. Fixed case CPANEL-17809: Update cpanel-awstats to 7.6-2.cp1168. 68.0.23 2017-12-21

Fixed case CPANEL-17154: SSL vhost for hostname. Fixed case CPANEL-17311: Skip integrity check for EximStats DB in TailWatch. Fixed case CPANEL-17364: Update cpanel-phpmyadmin to 4.7.3-4.cp1166. Fixed case CPANEL-17378: Improved reliablity of safefile locking with high contention. Fixed case CPANEL-17413: Accomodate race condition in queueprocd where the pidfile is empty. Fixed case CPANEL-17414: API Tokens: Allow ‘get_password_strength’ API call via the ‘create-acct’ priv. Fixed case CPANEL-17428: Update cpanel-perl-524-IO-Socket-SSL to 2.047-4.cp1162. Fixed case CPANEL-17489: Adjust IPs list for hostname SSL. 68.0.21 2017-12-13

Fixed case CPANEL-16066: Update cpanel-perl-524-IO-Socket-SSL to 2.047-3.cp1162. Fixed case CPANEL-16112: Memoize the password strength responses to avoid unnecessary network calls. Fixed case CPANEL-16112: Display the password strength even when it is below the required strength. Fixed case CPANEL-16858: maintenance: allow check_mysql to exit 2. Fixed case CPANEL-16878: AutoSSL: make PKI validation helper handle IPv6. Fixed case CPANEL-16878: get_local.cgi: use correct Content-Type. Fixed case CPANEL-16973: API Tokens: Allow ‘version’ and ‘gethostname’ WHMAPI calls with clustering priv. Fixed case CPANEL-17029: Imporove helpfulness of EA4 SSLCertificateKeyFile blocker message. Fixed case CPANEL-17046: Fix JavaScript date localization in Thai, Chinese, and Finnish. Fixed case CPANEL-17067: Ensure older InnoDB data can be restored on newer MySQL/MariaDB. Fixed case CPANEL-17091: Update cpanel-pdns to 3.4.11-1.cp1160. Fixed case CPANEL-17118: Update cpanel-git to 2.15.1-1.cp1162. Fixed case CPANEL-17124: Ensure deferred vhosts additions abort after account deletion. Fixed case CPANEL-17141: Update CJT1 window scroller for modern browser support. Fixed case CPANEL-17149: Ensure incremental backups update the homedir for overquota users. Fixed case CPANEL-17165: WHM Plugins: Ensure the appconfig utilities report errors with malformed URLs. Fixed case CPANEL-17171: Transfer Tool: fix transfers with sudo. Fixed case CPANEL-17210: WHM: Disable Grammerly on the API Token field in Configuration Cluster inteface. Fixed case CPANEL-17219: Apache restarts too frequently when piped logs are enabled. Fixed case CPANEL-17223: Ensure orphaned cpses mysql users are cleaned up. Fixed case CPANEL-17237: Fix SSL errors in addon domain conversion. Fixed case CPANEL-17244: WHM: Avoid duplicate messages on the Terminate Accounts interface. Fixed case CPANEL-17268: Reduce overhead needed to generate en iContact notiifcations. Fixed case CPANEL-17272: iContact should only parse arguments once per notification. Fixed case CPANEL-17285: Avoid checking autorebuildable sqlite databases during iContact. Fixed case CPANEL-17302: Remove certificate PEMs from iContact notification task queue items. Fixed case CPANEL-17322: Ensure problems db can be written during autossl_check. 68.0.20 2017-12-11

Fixed case CPANEL-17082: Improve race safety of SQLite db setup logic. Fixed case CPANEL-17087: Update exim to 4.89-4.cp1162. Fixed case CPANEL-17119: Prevent a single failing install script from skipping the rest of them. Fixed case CPANEL-17120: Ensure roundcube updates happen when a user is over quota. Fixed case CPANEL-17122: Ensure Cpanel::Dovecot::Config is loaded in Whostmgr::Accounts::Create. Fixed case CPANEL-17130: Update exim to 4.89.1-1.cp1162. 68.0.19 2017-11-29

Fixed case CPANEL-16965: Bump B::C to version 5.024024. Fixed case CPANEL-16969: Remove inert userland SSLStorage logic from pkgacct. Fixed case CPANEL-16990: pkgacct: avoid uninitialized value warning with –skiphomedir. Fixed case CPANEL-16999: Make scripts/mysqlconnectioncheck save the password when it resets. Fixed case CPANEL-17012: Workaround the show grants bug for Maria 10.2. Fixed case CPANEL-17026: Update to check mysql with new MysqlUtils::Check module. Fixed case CPANEL-17054: Block upgrades if IPv6 is disabled. Fixed case CPANEL-17081: Simplify execution flow in Cpanel::SafeFile. 68.0.17 2017-11-22

Fixed case CPANEL-15538: Ensure the autossl queue is backed up when using incremental backups. Fixed case CPANEL-16347: Remove hostname from default proxy subdomain vhosts. (EA3). Fixed case CPANEL-16632: update_spamassassin_config: don’t use easy_install on CentOS 6. Fixed case CPANEL-16672: Fix layout issues with Custom Company Name in Webmail. Fixed case CPANEL-16853: Added conditionals to make the userlist handle zero users when optional. Fixed case CPANEL-16886: Make AutoSSL avoid deferral for self-signed when “clobber” is enabled. Fixed case CPANEL-16932: SafeFile: Accomodate empty lock files from system or disk crashes. Fixed case CPANEL-16936: Move mysqlconnectioncheck from restartsrv to mysqluserstore. Fixed case CPANEL-16982: Make scripts/quotacheck send notifications via queueprocd. 68.0.16 2017-11-20

Fixed case CPANEL-12824: Defer revocation of old hostname cert until new hostname passes DCV. Fixed case CPANEL-16463: Backups: indicate bucket name requirements for S3. Fixed case CPANEL-16762: Fixed issue where MySQL wasn’t defaulting to on for non-my.cnf users. Fixed case CPANEL-16801: Ensure the Edit Reseller Privileges interface displays 3rdparty software privs. Fixed case CPANEL-16807: WHM: Fix the user selectors to handle resellers without an associated domain. Fixed case CPANEL-16850: Make the AutoSSL Problems DB delete entries in batches. Fixed case CPANEL-16876: Ensure domain TLS entries can be replaced right after unset. Fixed case CPANEL-16887: Backups: avoid sending cron emails when disabled. Fixed case CPANEL-16900: Backup Restoration: avoid Perl warnings on corrupt file. Fixed case CPANEL-16916: Public Contact: ensure valid JSON. Fixed case CPANEL-16919: Have AutoSSL use queueprocd to send notifications. Fixed case CPANEL-16937: Reset MySQL Password can fail due to race condition. Fixed case CPANEL-16938: Increase SQLite Busy timeout for the transfer system. Fixed case CPANEL-16940: Teach AutoSSL to handle missing and empty certificate files. Implemented case CPANEL-16901: Set /var/cpanel/email_send_limits to 0751. 68.0.15 2017-11-20

[security] Fixed case SEC-306: Unreserved email address used in DNS zone SOA records. [security] Fixed case SEC-309: Home directory backups written to incorrect location. [security] Fixed case SEC-310: Jailed accounts could restore files that are outside the jail. [security] Fixed case SEC-311: Unprivileged users can access restricted directories during account restores. [security] Fixed case SEC-313: Arbitrary code execution via Maketext injection in PostgresAdmin. [security] Fixed case SEC-314: Arbitrary code execution via Maketext injection in Reseller style upload. [security] Fixed case SEC-315: Jailshell fails to set umask before peforming sensitive file operations. [security] Fixed case SEC-318: String format injection vulnerability in dovecot-xaps-plugin. [security] Fixed case SEC-322: Code exectuion as root due to loose permissions on incremental backups. [security] Fixed case SEC-323: Backup files are briefly world-readable. [security] Fixed case SEC-325: PostgreSQL databases assigned to multiple accounts caused collisions. [security] Fixed case SEC-326: Add ‘postmaster’ to the list of reserved usernames. [security] Fixed case SEC-327: Expand the list of reserved usernames. [security] Fixed case SEC-328: Add ‘ssl’ to the list of reserved usernames. [security] Fixed case SEC-329: Arbitrary file read via Exim vdomainaliases. [security] Fixed case SEC-330: Preserve permissions for local backup transport. [security] Fixed case SEC-331: DnsUtils allows zone creation on hostname and account subdomains. [security] Fixed case SEC-332: Root crontab visible when enabling or disabling sqloptimizer. [security] Fixed case SEC-333: Local root code execution via cpdavd. [security] Fixed case SEC-334: User accounts partially created with invalid username formats. [security] Fixed case SEC-336: Stored-XSS vulnerability via cpaddons moderated upgrade. [security] Fixed case SEC-337: Code execution as ‘nobody’ account via Mailman archives. [security] Fixed case SEC-341: Domain data can be deleted for domains with ‘lock’ TLD. [security] Fixed case SEC-345: Arbitrary file read in backup htaccess modification logic. 68.0.14 2017-11-14

Fixed case CPANEL-14200: Set SQLITE_TMPDIR during optimize_eximstats. Fixed case CPANEL-16575: Ensure sysup does not leave kernel excluded from yum.conf. Fixed case CPANEL-16808: Avoid locking when reading cpuser file. Fixed case CPANEL-16862: Remove PERL5LIB from environment before running pkgacct. Fixed case CPANEL-16864: AutoSSL: avoid performing DCV checks for excluded domains. Implemented case CPANEL-16842: Add options to disable AutoSSL notifications. 68.0.13 2017-11-13

Fixed case CPANEL-16521: Update schema files for Roundcube 1.3.1. Fixed case CPANEL-16670: Ensure cpuser files contain a USER entry. Fixed case CPANEL-16732: Fix load of missing stylesheet on WHM > Password Modification. Fixed case CPANEL-16737: Fix spacing in error message when IP address is already in use. Fixed case CPANEL-16757: Increase timeout for v68 SSL storage conversion. Fixed case CPANEL-16761: Improve checkmailman reliability by using restart and stop methods. Fixed case CPANEL-16833: Update cpanel-roundcubemail to 1.3.3-1.cp1164. Fixed case CPANEL-16834: Update Roundcube schema files. 68.0.12 2017-11-07

Fixed case CPANEL-16109: Respect current value of HASCGI when not given to modify account call. Fixed case CPANEL-16243: Clear the TMP and TEMP variables for cpsrvd. Fixed case CPANEL-16284: Fix warning from Cpanel/SafeFile.pm. Fixed case CPANEL-16615: Create fstab if missing. Fixed case CPANEL-16729: Handle quota errors when C::Email::DiskUsage locks maildirsize. Fixed case CPANEL-16734: Gracefully handle empty FTP config file. Fixed case CPANEL-16755: Ensure disabled notifications options are hidden in cPanel. Fixed case CPANEL-16756: Prevent warning when updating Mailman cache. Fixed case CPANEL-16759: Gracefully handle missing PIDs on restart. Fixed case CPANEL-16760: chkservd: ignore monitored but disabled services. Fixed case CPANEL-16760: chkservd: fix warning when processing IMAP commands. 68.0.10 2017-11-07

Fixed case CPANEL-15942: Fix S3 transport of incomplete backups. Fixed case CPANEL-15961: Preserve dedicated IPs when updating userdata. Fixed case CPANEL-16050: Location return button above file selection controls. Fixed case CPANEL-16403: Restore Y and j to the uppercase and lowercase alphabets. Fixed case CPANEL-16640: install_dovecot_fts now removes disable flag. Fixed case CPANEL-16642: chkservd restarts must use the restart_service when specified. Fixed case CPANEL-16651: Update cpanel-git to 2.15.0-1.cp1162. Fixed case CPANEL-16669: Ensure autodiscover works when run with system hostname. Fixed case CPANEL-16716: restartsrv_postgresql: avoid uninitialized value warning. 68.0.9 2017-10-31

Fixed case CPANEL-8860: Fix User Manager to lookup a domain’s root folder. Fixed case CPANEL-10022: Fix autossl_check: update expiring cert when all covered domains pass. Fixed case CPANEL-14870: Pushed chkservd notifications of failed services off to queuprocd. Fixed case CPANEL-15635: Ensure correct serializer is used by taskqueue when restoring backup. Fixed case CPANEL-16330: Update cpanel-perl-524-DBI to 1.636-2.cp1168. Fixed case CPANEL-16433: Revert CPANEL-13945 due to backwards compatibility concerns. Fixed case CPANEL-16448: Update MySQL56 to 5.6.38-1.cp1162. Fixed case CPANEL-16449: Update MySQL55 to 5.5.58-1.cp1162. Fixed case CPANEL-16475: Move TLS configuration setting to set-tls-settings. Fixed case CPANEL-16475: set-tls-settings: provide more helpful output with –verbose. Fixed case CPANEL-16475: Migrate TLS settings verbosely. Fixed case CPANEL-16510: API Tokens: Ensure we account for DNS Only mode when creating/editing tokens. Fixed case CPANEL-16535: Update dovecot to Fixed case CPANEL-16548: Defer sending certificate expiry notifications until history catches up. Fixed case CPANEL-16550: Make notify_expiring_certificates use queueprocd to send notifications. Fixed case CPANEL-16563: Fix feature detection bugs in SSL/TLS Status page. Fixed case CPANEL-16577: Ignore network when restarting outdated services. Fixed case CPANEL-16592: Respect send welcome email checkbox setting. Fixed case CPANEL-16614: Fix restart_service alternate service name in Chkservd. Fixed case CPANEL-16618: Change permissions on possibly newly created $domain/etc dir correctly. Fixed case CPANEL-16624: Find_outdated_services: handle grsec kernel more gracefully. Fixed case CPANEL-16626: Stale users do not get removed from userdatadomains. Fixed case CPANEL-16661: Catch per-vhost errors in notify_expiring_certificates. 68.0.8 2017-10-25

Fixed case CPANEL-15012: Remove dependence on position in string processing. Fixed case CPANEL-15870: Improved UX to check MPM requirement. Fixed case CPANEL-16322: Increase maximum email quota from 4TiB to 4PiB. Fixed case CPANEL-16495: Ensure max_user_instances is always set to a reasonable minimum. Fixed case CPANEL-16507: Ensure intermediate CA chain is presented on apache 2.2. Fixed case CPANEL-16523: Update wording on new tweak and feature showcase. Fixed case CPANEL-16527: Switch user command login profile to use cPanel perl. Fixed case CPANEL-16532: maintenance: ignore if check_mysql exits 255. Fixed case CPANEL-16532: check_mysql: fix misspelling of “MySQL”. Fixed case CPANEL-16538: Ensure autoresponders default to utf-8. Fixed case CPANEL-16557: Update cpanel-git to 2.14.3-1.cp1162. 68.0.7 2017-10-23

Fixed case CPANEL-16150: Improve AutoSSL error message for the ipv6 subdomain. Fixed case CPANEL-16424: Fix typo in localization string / key. Fixed case CPANEL-16450: autorespond: improve detection of email addresses. Fixed case CPANEL-16466: Ensure API-created sessions don’t trigger password policies. Fixed case CPANEL-16470: Avoid locking with CachedDataStore when a lock has not been requested. Fixed case CPANEL-16490: Resolve corruption of Unicode characters in webmail passwords. 68.0.6 2017-10-18

Fixed case CPANEL-15146: Have our find_outdated_services not do httpd. Fixed case CPANEL-16336: API Tokens: Enforce restrictions properly on ‘local’ DNS Clustering requests. Fixed case CPANEL-16457: Updated the MySQL upgrade wizard to require selection of upgrade process. Fixed case CPANEL-16459: Fix bug in blocker detection for litespeed builds. Fixed case CPANEL-16462: Split the ports combination in two groups. Fixed case CPANEL-16462: Fallback earlier to hardcoded IPs on DNS issues. Fixed case CPANEL-16464: Block update to v68 if EA4 updates have been failing or disabled. Fixed case CPANEL-16465: Ensure webmail app config can be read as the user. Implemented case CPANEL-16452: Add URL help doc file to Public Contact feature showcase. 68.0.4 2017-10-17

Fixed case CPANEL-15892: try-later: don’t send “Output from your job” emails. Fixed case CPANEL-15952: Autorespond: handle missing space between name and address. Fixed case CPANEL-16278: Fix logic error in Cpanel::Backup::StreamFileList. Fixed case CPANEL-16386: Ensure that the bits are displayed properly for DNSSEC keys on Zone Editor. Fixed case CPANEL-16396: Paper Lantern: Ensure the basic style has a styles.css stylesheet. Fixed case CPANEL-16444: Restart Dovecot on upgrade to apply settings. 68.0.3 2017-10-16

Fixed case CPANEL-14751: Moved placement of the tooltip to the bottom of the elements. Fixed case CPANEL-15794: Fixed DNS zone updates during IP migrations. Fixed case CPANEL-16011: Resolve GUID mismatch during dovecot in-place mailbox conversion. Fixed case CPANEL-16345: API Tokens: Enforce token restrictions on cPanel API passthrough in WHM API 0. Fixed case CPANEL-16371: cPHulk: Ensure IPv6 connection data is handled properly. Fixed case CPANEL-16385: Do not migrate invalid directives in a local.ini. Fixed case CPANEL-16388: Update dovecot to Fixed case CPANEL-16412: Remove check for MySQL being up from mailbox conversions. Implemented case CPANEL-16402: AutoSSL: Improve strings on the UI. 68.0.2 2017-10-16

Fixed case CPANEL-16404: Ensure TLS settings are preserved on upgrade to 68. 68.0.1 2017-10-12

Fixed case CPANEL-14077: Fixed issue where asterisk shortcut is overriding nav search. Fixed case CPANEL-14906: Amazon S3: prune backups when no folder specified. Fixed case CPANEL-15659: Fixed issue with missing feature name. Fixed case CPANEL-15945: Redirect user after forced password change. Fixed case CPANEL-15959: wwwacct: more gracefully handle invalid domain names. Fixed case CPANEL-15973: Backups: prune when no subdirectory is specified. Fixed case CPANEL-16210: Fixed issue where overscrolling caused page to not reload in safari. Fixed case CPANEL-16226: Remove spotlight has been removed from Paper Lantern. Fixed case CPANEL-16268: Create mailbox_format.cpanel on user creation. Fixed case CPANEL-16269: Improve backup file security. Fixed case CPANEL-16283: Compile ensure_autoenabled_features. Fixed case CPANEL-16319: Workaround Virtuozzo iptables bugs to enable support in cphulkd. Fixed case CPANEL-16327: Bump version number to 68. Fixed case CPANEL-16332: Change text in cPanel Log Rotation Configuration. Fixed case CPANEL-16339: API Tokens: Ensure the ‘all’ privilege is respected for cPanel API passthrough. Fixed case CPANEL-16344: Restrict the fetch_doc_key WHM API 0 call to root resellers. Fixed case CPANEL-16358: Update the WHM cP copyright link to .com & https. Fixed case CPANEL-16373: Fix misencoded SSL cache files. Fixed case CPANEL-16374: Fix failed upgrade from 66 to 68. 67.9999.130 2017-10-09

Fixed case CPANEL-13945: Fixed issue with logo resizing in cPanel. Fixed case CPANEL-14558: Optimize recursion logic in safe_recchmod(). Fixed case CPANEL-15583: Give template level warning text better contrast in WHM. Fixed case CPANEL-15929: Added exception for general restoration failure. Fixed case CPANEL-16044: Teach WHM sidebar about Solo licenses. Fixed case CPANEL-16082: Avoid logging the sender identification when not assoicated with a user. Fixed case CPANEL-16098: Fixed the odd parenthesis on the userDomainList. Fixed case CPANEL-16125: Cpanel::Transaction should not warn when writing a 0444 file. Fixed case CPANEL-16145: Reduce AutoSSL problems insert size to accomodate SQLite limits. Fixed case CPANEL-16146: Ensure AutoSSL does not run on restore until after ssl is restored. Fixed case CPANEL-16152: Limit AutoSSL Renewal Coverage problems list to affected domains. Fixed case CPANEL-16171: Remove calls to cpanel-cracklib-check / cracklib-check. Fixed case CPANEL-16255: Improved WHM UI when no accounts exist. Fixed case CPANEL-16257: Convert Apache TLS and Domain TLS datastores to defer deletions. Fixed case CPANEL-16261: Add themed styles for table-striped-child. Fixed case CPANEL-16272: Removed the show-count to improve performance on the Status page. Fixed case CPANEL-16287: Fix regexp security issue. Fixed case CPANEL-16294: Remove Git Version Control and Deployment from the product. Fixed case CPANEL-16296: File level restore into a deleted directory. Fixed case CPANEL-16305: Prevent needless Inotify warning from SafeFile.pm. Fixed case CPANEL-16326: Add new Feature Showcase for DisableIS tweak. Implemented case CPANEL-16217: SSL/TLS Status: Vhosts with expired certs show correct domain status. Implemented case CPANEL-16316: Add color styling to email accounts search field. 67.9999.128 2017-10-05

Fixed case CPANEL-14488: Fixed alignment issues with transfer tool. Fixed case CPANEL-15728: Silence ENOENT key warnings during install. Fixed case CPANEL-15987: Public contact now validates on the front end and earlier on the backend. Fixed case CPANEL-16007: Prevent browsers from offering to save new account. Fixed case CPANEL-16046: Fix “Not a directory” warning that occurred during upcp. Fixed case CPANEL-16116: Make sure userdata cache exists before restoring domains. Fixed case CPANEL-16131: Autodiscover: ensure redirect is emitted properly. Fixed case CPANEL-16198: Improve AutoSSL cPStore queue management on dups. Fixed case CPANEL-16218: Remove older informational entries from Feature Showcase. Fixed case CPANEL-16265: WHM: Ensure ‘public-contact’ reseller privilege is preserved. Fixed case CPANEL-16288: Fixed bug where anonymous FTP would not enable. Fixed case CPANEL-16290: Fixed alignment issues on feature items in cPanel homepage. Fixed case CPANEL-16292: Fix locale unable to parse error message issue. 67.9999.127 2017-10-04

Fixed case CPANEL-13172: Paper Lantern: ensure informational table rows have the correct color. Fixed case CPANEL-13873: Don’t let the default speed check happen. Fixed case CPANEL-15928: Added better error when nothing is found for the root directory listing. Fixed case CPANEL-16090: Fix time zone problem caused by symlink stat cache. Fixed case CPANEL-16205: Paper Lantern: Make the QR Code in Two Factor Authentication more legible. Fixed case CPANEL-16213: Fix bug in iOS push entry not loading in WHM >> Manage Service SSL. Fixed case CPANEL-16234: Disallow arbitrary backupIDs. 67.9999.125 2017-10-03

Fixed case CPANEL-14076: Factor LSWS into webserver_runs_as_user(). Fixed case CPANEL-14642: Only warn about local templates applicable to the current EasyApache. Fixed case CPANEL-14758: Fixed issue with missing chrome in IP Migration. Fixed case CPANEL-15544: Making reboot recommendation banner less sensitive. Fixed case CPANEL-15562: Update WHM UI cache to use current locale. Fixed case CPANEL-15767: Make chkservd’s httpd ea3, ea4, C6, and C7 agnostic. Fixed case CPANEL-15904: Prevent XSS attack in growl messages in Backup Restore. Fixed case CPANEL-15954: Update WHM file and directory backup restoration icon. Fixed case CPANEL-16000: mainipcheck: correct invalid entries. Fixed case CPANEL-16025: Clear password inputs when appropriate. Fixed case CPANEL-16057: Prevent attempts at traversal when loading package. Fixed case CPANEL-16072: Service Status: avoid spurious load warning on single CPU systems. Fixed case CPANEL-16074: Update cpanel-git to 2.14.2-1.cp1162. Fixed case CPANEL-16086: Basic WHM Setup: fix misencoding of UTF-8 characters. Fixed case CPANEL-16108: Add EA 3 custom opt mod phalcon to EA 4 map. Fixed case CPANEL-16114: File Manager: improve upload error message when over quota. Fixed case CPANEL-16126: Rebuild the FTP configuration files if they don’t exist. Fixed case CPANEL-16133: Empower non-root resellers to run Public Contact APIs. Fixed case CPANEL-16135: Update help output in file protect scripts for EA4. Fixed case CPANEL-16149: HTML encode problems in AutoSSL failure emails. Fixed case CPANEL-16167: Ensure LiteSpeed 5.2.1 build 2 or later before updating to v68. Fixed case CPANEL-16178: Ensure DNS is reloaded after adding DKIM, SPF, and proxy subdomains. Fixed case CPANEL-16218: Remove older informational entries from Feature Showcase. Fixed case CPANEL-16223: Update UI to reflect leading, trailing, and internal spaces. Fixed case CPANEL-16224: Edit name of file restoration feature. Implemented case CPANEL-16183: Add tooltip to disable shared address book button. Implemented case CPANEL-16191: Fix validation with alpha characters in quota. 67.9999.124 2017-10-02

Fixed case CPANEL-12641: Fix bug where action links registered 3x in Manage Service SSL. Fixed case CPANEL-14734: WHM: Fix issue with missing bottom padding. Fixed case CPANEL-15780: Update exim to 4.89-3.cp1162. Fixed case CPANEL-15869: Allow reboot functions on dnsonly. Fixed case CPANEL-15877: Ensure accounts with missing userdata can be terminated. Fixed case CPANEL-15895: Ensure reseller public contact data is renamed on user rename. Fixed case CPANEL-15909: Fix existence change on files with newlines. Fixed case CPANEL-15953: Avoid warning about missing user file for nobody. Fixed case CPANEL-15988: Make Apache TLS auto-repopulate when it’s rebuilt. Fixed case CPANEL-15997: Improve error message for UAPI SSL::mail_sni_status. Fixed case CPANEL-16016: WHM: Do not display submit button for a userlist with no domains. Fixed case CPANEL-16027: Ensure Market provider is offered since SSL Status no longer does. Fixed case CPANEL-16032: WHM: Ensure Edit Reseller Nameservers and Privileges works in single user mode. Fixed case CPANEL-16033: Fix account creation when CGI Access is not granted. Fixed case CPANEL-16062: WHM: Ensure the navigation menu does not show empty ‘Clusters’ group. Fixed case CPANEL-16071: Fix SSL copy error in coversion of Addon to Account. Fixed case CPANEL-16075: SSL expiry notiifcations are confusing when sent after already expired. Fixed case CPANEL-16083: Fix bug in messaging for cpuwatch when CURLOAD > MAXLOAD. Fixed case CPANEL-16087: WHM: Fix RTL expand/collapse widget on Edit Reseller Privileges page. Fixed case CPANEL-16094: Fix SSLCerts state detection and auto re-create missing symlink. Fixed case CPANEL-16096: Fix uninitialized value warn to log when adding reseller privilieges. Fixed case CPANEL-16100: secureit: fix find invocation. Fixed case CPANEL-16100: cpservice: include errors as part of returned output. Fixed case CPANEL-16105: Ensure userdata is downgraded to be backwards compatible for ssl restore. Fixed case CPANEL-16111: WHM: Ensure the Password Modification interface loads under debug mode. Fixed case CPANEL-16118: Increased loading indicator size for traversing file tree. Fixed case CPANEL-16122: Improve cpmove restore compatibility with NFS. Fixed case CPANEL-16130: Don’t delete DNS entry for proxy subdomain when deleting override. Fixed case CPANEL-16148: New parameter for configureservice WHM API 1. Fixed case CPANEL-16177: Fix issues with query_file_info on non-existing directories. Implemented case CPANEL-16009: Disable Git version control feature. Implemented case CPANEL-16013: Do not die when failing to unlink old lognames on domain modification. Implemented case CPANEL-16110: Add missing public contact search text to Customization in WHM. Implemented case CPANEL-16129: Cleanly handle long domains in add email account. Implemented case CPANEL-16132: Re-work confusing AutoSSL notification descriptions. Implemented case CPANEL-16134: Handle awkward truncation of long account names. Implemented case CPANEL-16139: Fix overlap on status message on add email account. 67.9999.118 2017-09-26

Fixed case CPANEL-12997: Update dovecot to 2.2.32-2.cp1162. Fixed case CPANEL-14095: Prune unused/duplicate hash members from api1 router. Fixed case CPANEL-14615: Alters the password strength algorithm to use an entropy based approach. Fixed case CPANEL-15091: Spamd Configuration: Present the form without the table layout. Fixed case CPANEL-15091: WHM: Ensure that responsive tables work properly. Fixed case CPANEL-15433: Add new tweak setting for phpMyAdmin DisableIS. Fixed case CPANEL-15484: jail_safe_passwd: avoid error message on non-UTF-8 locale. Fixed case CPANEL-15591: Update Mail::SpamAssassin to use update_sa_rules during install in background. Fixed case CPANEL-15613: Improve mobile responsiveness of WHM >> Changelog page. Fixed case CPANEL-15633: Don’t allow upgrades that would result in a broken MariaDB installation. Fixed case CPANEL-15703: Properly display email quota usage in progress bar. Fixed case CPANEL-15707: Reduce xml-api bloat from recent merges. Fixed case CPANEL-15746: Debloat uapi from recent email additions. Fixed case CPANEL-15748: Reduce overhead and optimize display of login templates. Fixed case CPANEL-15749: Breakout get_user_ipv6_address into Cpanel::IPv6::User. Fixed case CPANEL-15785: New icon for cPanel version control system. Fixed case CPANEL-15800: Improvements to cPanel’s proprietary file locking mechanism. Fixed case CPANEL-15818: Make CachedRebootStatus not try to update task queue in SecurityPolicy. Fixed case CPANEL-15824: Make changes to enable better testing of SSL Market. Fixed case CPANEL-15827: Ensure UAPI Email::enable_spam_assassin works from apitool. Fixed case CPANEL-15843: Ensure userdata code handles Rails datastores correctly. Fixed case CPANEL-15850: Return an error when asking for a non-existant directory. Fixed case CPANEL-15854: adduser: avoid symlink to /scripts. Fixed case CPANEL-15857: Exclude and include process and btns now are limited to capable domains. Fixed case CPANEL-15861: iContact: try to ensure spaces between sentences. Fixed case CPANEL-15879: Ensure that the legacybackups taskrun task succeeds. Fixed case CPANEL-15883: Avoid warning on nonexistent feature files. Fixed case CPANEL-15894: Update the strings about the backup destinations. Fixed case CPANEL-15897: Fix SSL proxy subdomain redirects not to include non-proxy domains. Fixed case CPANEL-15901: Update icon and add scroll ability for cleaner UI. Fixed case CPANEL-15906: Optimize Disk Usage reporting in cPanel. Fixed case CPANEL-15918: Generate a fatal error when data directory would break MariaDB upgrade. Fixed case CPANEL-15920: Clarify SSL notifications in WHM Contact area. Fixed case CPANEL-15925: Resolve exception during password creation on FTP pages in cPanel. Fixed case CPANEL-15926: SSL: fix decoding of UTF8String. Fixed case CPANEL-15935: Add -fstack-check to wrap binaries. Fixed case CPANEL-15938: Fix bug in upgrade button appearance on createacct page. Fixed case CPANEL-15944: Avoid formatting unseen email account disk usage keys. Fixed case CPANEL-15950: Fix metadata with spaces in file name. Fixed case CPANEL-15956: TFA: Ensure that a validation message is displayed when maxlength is exceeded. Fixed case CPANEL-15958: Optimize ssl status page angular binding. Fixed case CPANEL-15963: WHM: Update the ‘Select Reseller’ interfaces to be more consistent. Fixed case CPANEL-15965: Apply fixes for issues with email accounts page. Fixed case CPANEL-15970: Make root-enabled resellers use PublicContact as root. Fixed case CPANEL-15982: Manage API Tokens: Ensure the warnings are accurate. Fixed case CPANEL-15982: WHM: Ensure the applications in whostmgr6 are accessible. Fixed case CPANEL-15985: Don’t HTML-escape form values from Feature Showcase. Fixed case CPANEL-16019: Prevent IdTrack from reloading the uid/gid list when not allocating. Fixed case CPANEL-16020: Adminbin serializer clone corrupts UTF-8 data. Fixed case CPANEL-16021: ensure_mode_and_owner should only open files it needs to alter. Implemented cases CPANEL-14921,CPANEL-15017: Create File Backup Restoration for cPanel. Implemented case CPANEL-15503: Turn the old pops.html page into a stub redirect to the new. Implemented case CPANEL-15558: Use email database for diskusage to avoid scanning all maildir files. Implemented case CPANEL-15708: Updated the AutoSSL icon and the tooltip in the TLS Status page. Implemented case CPANEL-15743: Add additional AutoSSL notifications during autossl_check. Implemented case CPANEL-15795: New UI in WHM for restoring single files from a backup. Implemented case CPANEL-15822: UAPI calls for trigger AutoSSL and checking if AutoSSL in progress. Implemented case CPANEL-15836: APIs for new PublicContact datastore. Implemented case CPANEL-15851: Updated the go link to be 68 specific. Implemented case CPANEL-15860: Use the vhost name to identify a vhost in several SSL-related notices. Implemented case CPANEL-15862: Added messaging to clarify the banner “unsecured” messaging. Implemented case CPANEL-15878: Public Contact: Fix CGI error handling, add API POD, etc. Implemented case CPANEL-15881: Add backup and restore for resellers’ public contact information. Implemented case CPANEL-15891: UI Controls for a reseller to control Public Contact. Implemented case CPANEL-15899: Fix contact_details.cgi regarding resellers and permissions. Implemented case CPANEL-15912: TLS Status page now has the ability to initiate an AutoSSL check. Implemented case CPANEL-15936: API Tokens: Allow users to restrict tokens to a limited set of privileges. Implemented case CPANEL-15960: Feature Showcase controls for Public Contact information. 67.9999.103 2017-09-18

Fixed case CPANEL-15021: Fix 401 errors when generating Google credentials. Fixed case CPANEL-15105: Pop the cache for GenSysInfo on rpmup. Fixed case CPANEL-15163: fixquotas: handle CloudLinux 7 systems without separate /boot. Fixed case CPANEL-15437: Update description of Rsync transport to reflect accurate information. Fixed case CPANEL-15492: Apply smtpmailgidonly tweak after network.target on CentOS 7. Fixed case CPANEL-15493: Make sure incremental dirs are removed when asked. Fixed case CPANEL-15649: Avoid warnings when fetching zone. Fixed case CPANEL-15671: set_zone_ttl: fix uninitialized value warning. Fixed case CPANEL-15729: Fix install log warning due to feature files not existing. Fixed case CPANEL-15730: Fix install warn in resetpwcache task run. Fixed case CPANEL-15731: EA4_ConflictRemove iContact added. Fixed case CPANEL-15737: Always use regexp to match SSL proxy subdomain in vhost. Fixed case CPANEL-15738: Lock the apache conf during modsec vendor updates to block restarts. Fixed case CPANEL-15750: Make UAPI Ftp::list_sessions work with long usenames. Fixed case CPANEL-15775: Ensure email accounts can be read when over quota. Fixed case CPANEL-15789: Make remdefssl a no-op on ea4 machines. Fixed case CPANEL-15793: Ensure EA4 installs required updates when cPanel updates. Fixed case CPANEL-15796: Optimize modules supporting session_call admin bin. Fixed case CPANEL-15806: Reboot Status: avoid exception in Security Policy. Fixed case CPANEL-15808: Fix logic for restoring directories. Fixed case CPANEL-15809: Fix a typo in SpammerDetector template. Fixed case CPANEL-15810: Error when executing /scripts/restartsrv_apache on AWS. Fixed case CPANEL-15811: When daily is copied to weekly or monthly metadata is incorrect. Fixed case CPANEL-15812: Getting Started Wizard: improve legibility of nameserver text. Fixed case CPANEL-15816: File Manager: make compression work for names with “-”. Fixed case CPANEL-15833: Ensure the content-type is properly set for mobileconfig attachments. Implemented case CPANEL-15676: TLS Status page now has AutoSSL log and pending queue information. Implemented case CPANEL-15734: Resolve FTP daemon config rebuild issues:. Implemented case CPANEL-15819: Add integrity check to autorebuild sqlite dbs. [security] Fixed case SEC-276: SQL injection in eximstats processing. [security] Fixed case SEC-279: SSL hostname verification for support agreement download not enforced. [security] Fixed case SEC-282: Stored XSS Vulnerability in WHM MySQL Password Change Interfaces. [security] Fixed case SEC-283: CPanel backup interface could return a backup with all MySQL databases. [security] Fixed case SEC-284: User account backups could contain all MySQL databases on the server. [security] Fixed case SEC-285: Addon domain conversion can copy all MySQL databases to the new account. [security] Fixed case SEC-296: Account rename can result in Apache logfiles becoming world-readable. [security] Fixed case SEC-299: Backup system overwrites root’s home directory when mount disappears. [security] Fixed case SEC-300: Open redirect in /unprotected/redirect.html. [security] Fixed case SEC-302: Code execution as mailman user due to faulty environmental variable filtering. [security] Fixed case SEC-303: Arbitrary file overwrite via Roundcube SQLite schema update. 67.9999.99 2017-09-13

Fixed case CPANEL-12680: dovecot_maintenance purges expunged msgs better. Fixed case CPANEL-14998: Remove interstitial page updateprivs. Fixed case CPANEL-15367: Prevent overlapping shared IPv6 with enabled ranges. Fixed case CPANEL-15636: Remove legacy newmailcgi notifications. Fixed case CPANEL-15638: Reduce bloat in bin/tail-check. Fixed case CPANEL-15683: Update to perl to 5.24.1-6.cp1168. Fixed case CPANEL-15690: Exim Config Manager: Ensure navigation menu is not shown in the ‘Edit’ dialogs. Fixed case CPANEL-15697: Fix local.ini extension migration to handle missing newline. Fixed case CPANEL-15712: WHM: Correct the description for the ‘Remote Account Username’ field. Fixed case CPANEL-15714: Ensure interchange chkservd file is removed. Fixed case CPANEL-15725: Improve error message for setresellermainip WHM API call. Fixed case CPANEL-15756: Fix tailwatchd logging when the APNS push database is broken. Fixed case CPANEL-15768: updateuserdomains: don’t generate full data for nobody. Fixed case CPANEL-15797: Remove unused TempFile in Cpanel::Capture. Implemented case CPANEL-15663: Notify when an AutoSSL or SSL Certificate is reaching expiry. 67.9999.96 2017-09-12

Fixed case CPANEL-12003: Ensure autoresponders work with single-byte character sets. Fixed case CPANEL-13238: Use 307 instead of 308 for IE redirects. Fixed case CPANEL-14310: Display warning for user when incremental backup selected. Fixed case CPANEL-14392: Reduce complexity of virtfs cleaning code. Fixed case CPANEL-14425: Create temporary sudoers entries for tickets if needed. Fixed case CPANEL-14552: accountsummary: display single user’s IPv6 address. Fixed case CPANEL-14648: IPv6 network address are added through Netlink. Fixed case CPANEL-14745: Sync Time with Time Server did not have a breadcrumb. Fixed case CPANEL-14821: Add IPv6 address labels through Netlink. Fixed case CPANEL-14932: More gracefully handle /home/virtfs as a symlink. Fixed case CPANEL-15109: Update Pristine::Tar to version 1.40. Fixed case CPANEL-15309: Backup Rsync transport: make link-dest option absolute. Fixed case CPANEL-15360: Edit DNS Zone: allow LOC records where final seconds digit is 9. Fixed case CPANEL-15404: Fix tooltip anomalies in TLS Status. Fixed case CPANEL-15444: Restore the ability to use JQuery using the published technique. Fixed case CPANEL-15460: Update dovecot-xaps to 2.2.32-1.cp1162. Fixed case CPANEL-15460: Update dovecot to 2.2.32-1.cp1162. Fixed case CPANEL-15517: WHM: Ensure navigation menu is not shown after step 2 of Initial Setup Wizard. Fixed case CPANEL-15534: Fix WHM’s Manage SSL Hosts domain coverage logic. Fixed case CPANEL-15573: Stop cPanel from always creating cgi-bin. Fixed case CPANEL-15575: Make missing mail_apns cert warning look less like error. Fixed case CPANEL-15590: Ensure WHM chrome directories are created 700. Fixed case CPANEL-15612: Reduce superfluous OpenSSL verification in SSL installs. Fixed case CPANEL-15618: Disable .local SSL vhost template files that use “SSLCertificateKeyFile”. Fixed case CPANEL-15628: Avoid JavaScript errors on domain pages. Fixed case CPANEL-15634: Avoid warning from Update Gatherer with certain IPv6 addresses. Fixed case CPANEL-15643: Remove problems from the AutoSSL Problems DB once they are cleared. Fixed case CPANEL-15652: Manually migrate extension directives from local.ini. Fixed case CPANEL-15658: Defer ATLS load. Fixed case CPANEL-15661: Confusing label in Configure Security Policies. Fixed case CPANEL-15664: Uninitialized values are logged when editing a DNS zone as a reseller. Fixed case CPANEL-15665: Add warning to the EA4 ssl_vhost templates. Fixed case CPANEL-15668: Breakout Apache IP and Port functions. Fixed case CPANEL-15674: Avoid undefined function when handling unmanaged database. Fixed case CPANEL-15677: Fix warning from Pureftpd.pm during install. Fixed case CPANEL-15678: Failure to specify a package name causes log spew. Fixed case CPANEL-15679: Remove use of “$foo::$bar” in source code. Fixed case CPANEL-15680: Add sticky bit to php session directories. Fixed case CPANEL-15691: The maildir size counter must accept files with 2 lines or more. Fixed case CPANEL-15693: Preserve quotes for email addresses. Fixed case CPANEL-15695: Update B::C RPM to release 5.024018-1.cp1168. Fixed case CPANEL-15700: Update B::C RPM to release 5.024019-1.cp1168. Fixed case CPANEL-15701: Fixed issue with SIGPIPE on switching ftp via script. Fixed case CPANEL-15709: Make the EA 4 Migration GUI available to all. Fixed case CPANEL-15711: Make “dbindex” task queue call the script more cleanly. Fixed case CPANEL-15717: Avoid warnings from bin/rebuild-templates. Fixed case CPANEL-15718: Fix warnings from bin/wwwacct. Fixed case CPANEL-15726: Remove check for cPStore in SSL Status Feature Showcase metamodule. Fixed case CPANEL-15732: Fix warning during install generated by Whostmgr::Addons. Fixed case CPANEL-15733: Restore list_pops_with_disk performance. Fixed case CPANEL-15739: Add file to package caching for needs-restarting. Fixed case CPANEL-15740: Optimize memory required by tailwatchd. Fixed case CPANEL-15741: Reduce memory for bin/admin/Cpanel/ssl_call. Fixed case CPANEL-15744: Update appearance of Service Status page. Fixed case CPANEL-15752: Detect ntpd on systemd-enabled systems. Fixed case CPANEL-15764: CJT2: Fall back to ‘POST’ properly when determining the HTTP method. Fixed case CPANEL-15770: Update B::C to version 5.024020. 67.9999.86 2017-09-06

Fixed case CPANEL-14251: Fix warning when changing site IP with ProFTPd. Fixed case CPANEL-14570: Fix EA4 migrate –help uninit warning & yum output. Fixed case CPANEL-14813: Transfer Tool: allow passwordless sudo. Fixed case CPANEL-14815: Update cpanel-perl-524-Net-CIDR to 0.18-2.cp1162. Fixed case CPANEL-14822: Add logic to remove IPv6 Address Labels through Netlink. Fixed case CPANEL-15279: Use fastspawn for running stats problems from cpanellogd. Fixed case CPANEL-15306: Avoid recompiling regexes in Net::DNS::ZoneFile::Fast. Fixed case CPANEL-15322: Fix internal usage of remove_vhosts_by_user. Fixed case CPANEL-15334: Avoid triggering SpamAssassin whitespace rules in iContact. Fixed case CPANEL-15342: Avoid transporting backup_incomplete file as directory. Fixed case CPANEL-15363: Restore cpsrvd performance. Fixed case CPANEL-15364: Avoid adding NameVirtualHost to httpd.conf when using EA4. Fixed case CPANEL-15366: Simplify storage of IdTrack. Fixed case CPANEL-15375: Reduce update_horde_config time by ~30%. Fixed case CPANEL-15388: Optimize account creation. Fixed case CPANEL-15411: Avoid double-lock error when enabling demo mode. Fixed case CPANEL-15445: Update webalizer to 2.23-08. Fixed case CPANEL-15453: Fix ambiguous regex detecting JSON. Fixed case CPANEL-15453: Address cplint issues with tweaked modules. Fixed case CPANEL-15455: Avoid cache re-sync on update for each cPanel users file. Fixed case CPANEL-15457: Ensure roundcube restore does not overwrite cpuser MySQL password. Fixed case CPANEL-15510: Update cpanel-puttygen to 0.70. Fixed case CPANEL-15530: Add X-Frame-Options and X-Content-Type-Options to cpsrvd. Fixed case CPANEL-15531: migrate_x3: don’t warn about package extension directory. Fixed case CPANEL-15532: setpostgresconfig: don’t warn if PostgreSQL is not installed. Fixed case CPANEL-15536: Avoid uninitialized value warnings on fresh install. Fixed case CPANEL-15545: Update firewalld rules automatically for CentOS 7.4. Fixed case CPANEL-15548: Suppress spurious warnings in Security Policy UIs. Fixed case CPANEL-15550: Mock key generation in Test::SSL where possible. Fixed case CPANEL-15565: Feature Showcase entry for Spammer Detection. Fixed case CPANEL-15566: Refactor 4 file stats to 1. Fixed case CPANEL-15581: Avoid warning when account has no creation date. Fixed case CPANEL-15582: Capture Google credential generation errors. Fixed case CPANEL-15593: Avoid warnings from WHM “Reset Resellers”. Fixed case CPANEL-15597: Add labels for “Virus Scanner” page in cPanel. Fixed case CPANEL-15598: Fix warnings when running “Virus Scanner”. Fixed case CPANEL-15600: Add copyright header to new class file. Fixed case CPANEL-15601: Add enable_spam_assassin and trace_filter tests. Fixed case CPANEL-15609: Create new-install feature showcase. Fixed case CPANEL-15614: Fix ability to restore symlinks. Fixed case CPANEL-15615: Fix warnings from cPanel Disk Usage on first access. Fixed case CPANEL-15619: Fix 404 error from WHM menu ‘Copy a Locale’. Fixed case CPANEL-15621: Update UAPI SSL::installed_hosts’s disk cache path for Apache TLS. Fixed case CPANEL-15627: Keep HTML out of cron-initiated AutoSSL run logs. Fixed case CPANEL-15630: Ensure pkgacct copies Application userdata properly. Fixed case CPANEL-15655: Fix autossl_purge_user task to accept the correct number of arguments. Implemented case CPANEL-1807: Update PathTools to 3.62-1.cp1162. Implemented case CPANEL-14980: Remove bin/scanfornewemail in favor of new outgoing spam detector. Implemented case CPANEL-15385: Increase the speed of bin/purge_comet_files. Implemented case CPANEL-15425: Additional speedups to Cpanel::DiskCounter. 67.9999.78 2017-08-31

Fixed case CPANEL-168: Terminate WHM Account restore when timeout happens. Fixed case CPANEL-13384: IContact API calls usable by resellers. Fixed case CPANEL-13604: Update cpanel-phpmyadmin to 4.7.3-1.cp1166. Fixed case CPANEL-13956: Restart cpanel-php-fpm when PHP settings in TweakSettings change. Fixed case CPANEL-14635: Update Mail::SpamAssasin to 3.004001-6.cp1162. Fixed case CPANEL-14725: Strip HTML from data destined for title element. Fixed case CPANEL-15307: Significantly improve transfer tool session setup time with EA4. Fixed case CPANEL-15317: Remove legacy upcp2 tail code. Fixed case CPANEL-15360: Edit DNS Zone: allow LOC records where final seconds digit is 9. Fixed case CPANEL-15398: Backups: ensure rsync operations use default timeout. Fixed case CPANEL-15440: Ensure suspend_outgoing_email handles forged messages. Fixed case CPANEL-15462: Open userdata files without a lock attempt when running as user. Fixed case CPANEL-15464: Ensure dnsadmin returns plain text errors. Fixed case CPANEL-15504: Allow templates access to the notification level. Fixed case CPANEL-15509: PHP example in cPanel Cron UI. Fixed case CPANEL-15511: Remove all references to the MySQL50 and MySQL51 target. Fixed case CPANEL-15513: Improve security for backup and restore via uapi. Fixed case CPANEL-15520: Restart Exim on upgrade to 68. Fixed case CPANEL-15525: Allow installing cPAddons to an existing database. Fixed case CPANEL-15526: Update Mail::SpamAssasin to 3.004001-7.cp1162. Fixed case CPANEL-15554: Make the meta data file utf-8 compliant. Implemented case CPANEL-14841: Experimental cpsrvd child process run time reduction. Implemented case CPANEL-15447: Migrate installed SSLStorage to new, simpler storage format. Implemented case CPANEL-15498: Script to query EximStats DB, report spammers. Implemented case CPANEL-15507: AutoSSL successful install notification with ability to disable. 67.9999.76 2017-08-29

Fixed case CPANEL-7815: C::D:M::getmainserverip returns only valid address from /v/c/mainip. Fixed case CPANEL-11965: Made the password reset system smarter about insecure requests. Fixed case CPANEL-14019: Archive contact group membership based on group id, not contact id. Fixed case CPANEL-14286: Remove TLSCertificateChainFile from protftpd config when it’s not needed. Fixed case CPANEL-14538: Remove Wrapped_Select component where it is not longer used. Fixed case CPANEL-14609: DNS Clustering: prevent uninitialized value warnings. Fixed case CPANEL-14779: Handle Unicode characters properly in mail filters. Fixed case CPANEL-14779: Email Filters: move rule processing to a separate function. Fixed case CPANEL-14779: Exim Filters: move header generation into a separate function. Fixed case CPANEL-14840: Expunge_expired_certificates_from_sslstorage is slow. Fixed case CPANEL-14971: Fix translations in pagination ARIA labels. Fixed case CPANEL-14979: Speed up ftpquotacheck. Fixed case CPANEL-15080: Avoid running timedatactl if /etc/localtime has not changed. Fixed case CPANEL-15095: Optimize _determine_proxy_subdomains. Fixed case CPANEL-15333: Add angle brackets around iContact To header. Fixed case CPANEL-15333: Add a message ID for emails. Fixed case CPANEL-15335: Update the Security Policy pages to use Strength Check API. Fixed case CPANEL-15395: Remove cgiemail/cgiecho from product. Fixed case CPANEL-15405: Don’t instruct users to reboot when they’re running a custom kernel. Fixed case CPANEL-15408: Bump version for Amazon::S3. Fixed case CPANEL-15419: Fix Perl Module icon in retro theme. Fixed case CPANEL-15422: Reduce bloat from AutoSSL problems feature. Fixed case CPANEL-15429: Use correct spelling of ‘privileges’ in Reseller Center. Fixed case CPANEL-15431: Ignore blank lines in passwd file. Fixed case CPANEL-15435: Reject package names with commas. Fixed case CPANEL-15446: Update cpanel-pigz to version 2.3.4. Fixed case CPANEL-15448: Ensure security policies render correctly in WHM. Fixed case CPANEL-15454: Skip .htaccess optimize showcase if local apache template exist. Fixed case CPANEL-15456: Have local.ini migration do on/off fix on boolean & integer types. Fixed case CPANEL-15461: Add ignore rules for cpanel-wordpress-instance-manager. Fixed case CPANEL-15463: Ensure Cpanel::YAML gets built into updatenow.static. Fixed case CPANEL-15467: Get rid of all POD warnings in cPanel modules. Fixed case CPANEL-15469: Remove unused legacy javacript password cheker / generator files. Fixed case CPANEL-15470: Add comma to list of interfaces on Basic WebHost Manager Setup. Fixed case CPANEL-15474: Do not suggest demo users can obtain reseller privileges. Fixed case CPANEL-15478: apitool: remove PERL5LIB environment variable. Fixed case CPANEL-15482: Ensure upgrading systems preserve Exim TLS settings. Fixed case CPANEL-15489: Improve wording and styling of host-route based message. Implemented case CPANEL-14607: Minor optimization to parsing large form data in dnsadmin. Implemented case CPANEL-14612: Reduce deptree in Whostmgr::LibShare. Implemented case CPANEL-14643: Eliminate “exists but empty” state from Cpanel::SafeFile lock file. Implemented case CPANEL-14670: Run Apache syntax check with FastSpawn. Implemented case CPANEL-14796: Remove legacy scripts from CPanelPost. Implemented case CPANEL-14801: Securemysql is slow. Implemented case CPANEL-14820: Install::SecurityCheck is slow. Implemented case CPANEL-14824: Install::ChkServDSetup is slow. Implemented case CPANEL-14843: Speed up Cpanel::DiskCounter. Implemented case CPANEL-14850: Install::BoxTrapper is slow. Implemented case CPANEL-14959: Optimize SafeRun use of PwCache. Implemented case CPANEL-14982: Defer loading the plural rules compiler until needed. Implemented case CPANEL-14984: Add missing locales to Native. Implemented case CPANEL-14989: Breakout isdedicatedip to Cpanel::DIp::IsDedicated. Implemented case CPANEL-15029: Constant fold PwCache internals where possible. Implemented case CPANEL-15041: Optimize Disk I/O writes and opens. Implemented case CPANEL-15384: Add WHMAPI1 for accessing DCV problems and the queue. Implemented case CPANEL-15472: Add new paper lantern modules to the pre-compile list. Implemented case CPANEL-15477: Include port number for systems running sshd on non-default ports. 67.9999.64 2017-08-24

Fixed case CPANEL-2937: Include /etc/pki/tls/certs/ directory with backups. Fixed case CPANEL-5399: Change language to correctly reflect when users should expect backup emails. Fixed case CPANEL-7342: upcp preflight check for RPM DB with insufficient permissions. Fixed case CPANEL-10936: Always restore Roundcube after MySQL during account transfers. Fixed case CPANEL-11300: Updating of cpaddons via the terminal outputs HTML. Fixed case CPANEL-11521: Add support for Virtuozzo 7 Containers. Fixed case CPANEL-11920: Switch Nameserver IP lookup in GSW to use JSON API version 1. Fixed case CPANEL-11922: Add zlib.output_compression to MultiPHP INI Editor. Fixed case CPANEL-11959: MySQL auto-adjust: only reload systemd once. Fixed case CPANEL-11959: Don’t try to create systemd files on CentOS 6. Fixed case CPANEL-12003: Ensure autoresponders work with single-byte character sets. Fixed case CPANEL-12539: Support autoresponder expansion in empty subject. Fixed case CPANEL-12847: Force restoration of accounts to honor public_html config. Fixed case CPANEL-13146: Ensure enabling hotlink protection sets defaults. Fixed case CPANEL-13190: Tweak Settings: note mod_headers requirement for Proxy Subdomains. Fixed case CPANEL-13201: Add support for IPv6 addresses to MySQL Access Hosts. Fixed case CPANEL-13410: Fix some perlcritic warnings in Cpanel::BoxTrapper::CORE. Fixed case CPANEL-13410: BoxTrapper: display URL for verification. Fixed case CPANEL-13564: cPAddons: send notifications from cpanel@hostname. Fixed case CPANEL-13565: Limited destination name length to 256 characters. Fixed case CPANEL-13711: Add IPv6 support to Cpanel::IP::LocalCheck. Fixed case CPANEL-13722: Fixed horizontal scroll buttons on Tweak Settings. Fixed case CPANEL-13758: Don’t show shared IP in reserved IPs interface. Fixed case CPANEL-13786: Manage Download Locales with the locale-edit ACL. Fixed case CPANEL-13809: Add styleguide styles to product. Fixed case CPANEL-13815: Change keydown listener to only target the sidebar in command.js. Fixed case CPANEL-13869: Add scrollability to the yellow notification buttons in the header. Fixed case CPANEL-13891: Convert Addon to Account: Improve errors reported for EasyApache 4 data. Fixed case CPANEL-13955: Allow IPv6 addresses and prefixes in RBL whitelists. Fixed case CPANEL-13990: Reject hostnames longer than 64 characters. Fixed case CPANEL-14057: Add .gitignore for cPanel WordPress Manager plugin files. Fixed case CPANEL-14083: Update Spamd Config with Bootstrap classes. Fixed case CPANEL-14085: Wrap: remove -fexpensive-optimizations. Fixed case CPANEL-14161: SSL Certificatea: fix German translation. Fixed case CPANEL-14214: Improve speed of Cpanel::Ips::fetchipv6list. Fixed case CPANEL-14233: Update askdnsadmin to report errors better and be more resilient. Fixed case CPANEL-14242: Add URL field to EA4 UI’s profile upload feature. Fixed case CPANEL-14242: Create WHM CORS Proxy API call. Fixed case CPANEL-14264: Update Apache Configuration sub-item icons. Fixed case CPANEL-14267: Removed unnecessary CJT script that was not properly updating. Fixed case CPANEL-14310: Display warning for user when incremental backup selected. Fixed case CPANEL-14311: Use standard default SSL protocol list for Exim. Fixed case CPANEL-14311: Use standard default SSL protocol list for Dovecot. Fixed case CPANEL-14311: Set default TLS settings to TLS 1.2 and modern ciphers. Fixed case CPANEL-14311: Use standard default SSL protocol list for cpsrvd and cpdavd. Fixed case CPANEL-14311: Use standard default SSL protocol list for Apache. Fixed case CPANEL-14375: Fix “Error is not a reference” messages in remote backup code. Fixed case CPANEL-14389: Remove unnecessary module in PHP-FPM background tasks. Fixed case CPANEL-14392: Reduce complexity of virtfs cleaning code. Fixed case CPANEL-14419: restartsrv_rsyslog: don’t bring down other syslog daemons. Fixed case CPANEL-14463: Use fast process spawning for cPanel subprocesses. Fixed case CPANEL-14478: Move Google Drive validation to after update table in Backup Config. Fixed case CPANEL-14495: Add FPM package check after changing System PHP version. Fixed case CPANEL-14515: Horde: prevent undefined function error. Fixed case CPANEL-14515: Horde: produce nicer error message on missing database. Fixed case CPANEL-14516: Avoid clobbering a lock file when there is still an flock() on the file. Fixed case CPANEL-14521: Suppress the ‘uninitialized’ warning emitted by the restartsrv system. Fixed case CPANEL-14524: checkmailmanrequests: don’t fail if mailman isn’t installed. Fixed case CPANEL-14531: Optimize IP Parsing. Fixed case CPANEL-14535: Use SafeRun Object for pkgacct admin error reporting. Fixed case CPANEL-14544: Don’t warn when trapping output across a fork. Fixed case CPANEL-14552: accountsummary: display single user’s IPv6 address. Fixed case CPANEL-14569: Fix line wrapping in subprocess output from maintenance. Fixed case CPANEL-14581: Optimize DCV. Fixed case CPANEL-14594: Update the Cpanel::CORE::Dependencies module in etc/rpm.versions. Fixed case CPANEL-14605: Add documentation link into EA4Migration UI. Fixed case CPANEL-14617: Support for AWS V4 signatures in Amazon transport. Fixed case CPANEL-14644: mainipcheck: respect metric when detecting interfaces. Fixed case CPANEL-14666: Update_spamassassin_config: fix typo. Fixed case CPANEL-14676: Backup: fix typo in –help output. Fixed case CPANEL-14682: Refactor _modpkg to allow for new API coming soon. Fixed case CPANEL-14683: findphpversion: exit 0 on success. Fixed case CPANEL-14683: findphpversion: avoid uninitialized value warnings. Fixed case CPANEL-14705: IPv6: fix typo when CIDR cannot be looked up. Fixed case CPANEL-14709: Resolve error listing rpms for install in WHM. Fixed case CPANEL-14749: WHM: Bootstrap the Modify cPanel & WHM News interface. Fixed case CPANEL-14770: Remove 3rdparty filesaver.js library from the product. Fixed case CPANEL-14793: Speed up rpmup. Fixed case CPANEL-14795: Speed up check_cpanel_rpms. Fixed case CPANEL-14797: Speed up bin/update_horde_config. Fixed case CPANEL-14806: Don’t stop other syslog daemons when trying to restart rsyslog. Fixed case CPANEL-14810: Don’t render uninitialized value warnings in the UI. Fixed case CPANEL-14819: Cpanel::SysAccounts: refuse to operate on empty files. Fixed case CPANEL-14823: Add logic to detect / list IPv6 Address Labels through Netlink. Fixed case CPANEL-14829: Speed up updates of scripts/manage_greylisting. Fixed case CPANEL-14835: Avoid warnings from bin/backup_restore_manager. Fixed case CPANEL-14842: Logger: create files with 600 permissions. Fixed case CPANEL-14894: System level PHP directives not shown in cPanel UI. Fixed case CPANEL-14901: Pass system errors due to bad RPM DB to upcp blocker notification. Fixed case CPANEL-14903: Update git to release version 2.13.4. Fixed case CPANEL-14920: Set DBI XS functions only once at first connect. Fixed case CPANEL-14922: Avoid multiple DBI connection when checking schema. Fixed case CPANEL-14927: Selecting ‘common’ as logstyle will alert user. Fixed case CPANEL-14932: More gracefully handle /home/virtfs as a symlink. Fixed case CPANEL-14935: Install an RPM: avoid listing known uninstallable packages. Fixed case CPANEL-14944: Email Accounts: escape API responses properly. Fixed case CPANEL-14951: Add post_max_size to the Basic Directives list. Fixed case CPANEL-14988: File Manager: allow zipping files starting with “-”. Fixed case CPANEL-15007: Correct help output for backup_restore_manager. Fixed case CPANEL-15010: Fix German translation for “Databases”. Fixed case CPANEL-15026: Inform users that quotas need enabled on Virtuozzo Container host nodes. Fixed case CPANEL-15030: Avoid useless copy of localdomains during checkmx. Fixed case CPANEL-15037: Prevent removal of “localhost” entry for MySQL users via API. Fixed case CPANEL-15038: Remove legacy files for help and tickets. Fixed case CPANEL-15045: Fix uninitialized value warning when installing WordPress. Fixed case CPANEL-15048: Remove taskrun module that detects ipchains. Fixed case CPANEL-15051: Put in description in Contact Manager for backup related items. Fixed case CPANEL-15052: Create dispatch handler for WHM binaries. Fixed case CPANEL-15052: whostmgr9: update to use new dispatch layer. Fixed case CPANEL-15053: Improve the load performance of Paper Lantern. Fixed case CPANEL-15061: Remove unused javascript function. Fixed case CPANEL-15062: Prevent nulls from being included in filenames in make_safe_for_path(). Fixed case CPANEL-15065: Remove unused javascript function. Fixed case CPANEL-15070: Show the “php” package more accurately as “php (DSO)” in EA4. Fixed case CPANEL-15076: Restore integration link applications to the paper lantern dropdown. Fixed case CPANEL-15083: Upgrade cPAddons to use the standard password framework. Fixed case CPANEL-15092: Avoid error loading firewall on CentOS 6. Fixed case CPANEL-15108: Add detection for VZ 7 Containers to the same places we check for virtuozzo. Fixed case CPANEL-15109: Update Pristine::Tar to version 1.40. Fixed case CPANEL-15112: Fix javascript warnings in cpaddons related to password inputs. Fixed case CPANEL-15113: Ensure cPanel sqlite3 is installed by default. Fixed case CPANEL-15116: Ensure EDNS not requested with Net::DNS 1.11 when not wanted. Fixed case CPANEL-15124: Update cpanel-git RPM to version 2.14.1-2.cp1162. Fixed case CPANEL-15125: Only install login profiles that exist. Fixed case CPANEL-15125: Add a utility to install and remove login profiles. Fixed case CPANEL-15125: Add login profile to expand user PATH. Fixed case CPANEL-15125: Install the cpanel-user-commands login profile on upgrade. Fixed case CPANEL-15135: Fix Spanish translation using “eliminar” instead of “entregar”. Fixed case CPANEL-15136: Edit DNS Zone: ensure non-English blurred text disappears. Fixed case CPANEL-15137: Update File::Slurp RPM to version 9999.19-2.cp1168. Fixed case CPANEL-15138: Replace File::Slurp (memory heavy) with Cpanel::LoadFile. Fixed case CPANEL-15140: Optimize Carp.pm module. Fixed case CPANEL-15303: Optimize reading AutoSSL log files. Fixed case CPANEL-15304: Hotlink Protection: remove unused JavaScript. Fixed case CPANEL-15305: Avoid exporting SSL storage assets in legacy pre 11.36 format. Fixed case CPANEL-15329: Use scripts/rdate for all rdate usage. Fixed case CPANEL-15331: Remove obsolete passbar html pages and corresponding CSS. Fixed case CPANEL-15332: Fixed issue with Javascript coverage report. Fixed case CPANEL-15340: Do not show resellers in the list of users in “Manage Demo Mode”. Fixed case CPANEL-15345: Pre-optimizations for AutoSSL cPanel APIs. Fixed case CPANEL-15354: Setting uid/gid on new file causes error. Fixed case CPANEL-15361: Handle fractional seconds in LOC records. Fixed case CPANEL-15361: Allow specifying LOC record meter values with m suffix. Fixed case CPANEL-15376: Avoid undefined subroutine setting up legacy WordPress. Fixed case CPANEL-15381: Getting Started Wizard: fix FTP-related capitalization. Fixed case CPANEL-15390: upcp: don’t open log until arguments have been parsed. Implemented case CPANEL-12913: Add new API to add and delete pkg extensions. Implemented case CPANEL-14460: Resellers WHM theme is now stored in their userdata file. Implemented case CPANEL-14520: Speed up verify_api_dist_spec_files by ~7s. Implemented case CPANEL-14528: Optimize DNS zone parser. Implemented case CPANEL-14529: Optimize userdata performance. Implemented case CPANEL-14530: Speed up login process by optimizing hulk client. Implemented case CPANEL-14566: UAPI allowing browsing and restoring file from backup. Implemented case CPANEL-14632: Prevent Cpanel::Init from calling daemon reload when its not needed. Implemented case CPANEL-14636: Reduce dep tree for Cpanel::Net::P0f to avoid locale in SpamAssasin. Implemented case CPANEL-14730: Package descriptions are now searched in EA4wizard. Implemented case CPANEL-14828: Update cplint RPM to version 0.101-1.cp1168. Implemented case CPANEL-14847: Decrease startup time for extract_go_links (cplint speed). Implemented case CPANEL-14848: FastSpawn tests during a smoker run (borrow code from cplint). Implemented case CPANEL-14853: Enable expansion of MultiPHP INI Editor PHP Directives. Implemented case CPANEL-14860: Add ability to create, view, and find version control repositories. Implemented case CPANEL-14861: Build out left navigation cache for resellers. Implemented case CPANEL-14873: Added singleton for current user to prevent double loading of cpuserfile. Implemented case CPANEL-14895: Add notification when maxemailsperhour exceeded. Implemented case CPANEL-14986: Speed up process restarts on update. Implemented case CPANEL-15060: Remove invalid repositories from Cpanel::VersionControl cache. Implemented case CPANEL-15084: Added combined file support to SSL File obj. Implemented case CPANEL-15090: Converted UserDomainList into a cjt2 directive. Implemented case CPANEL-15100: Add userland-accessible DCV problem tracking to AutoSSL. (APIs only). Implemented case CPANEL-15101: Improve email account creation speed on adminbin side. Implemented case CPANEL-15114: Password Modification has been upgrade to use new Angular controls. Implemented case CPANEL-15127: Normalize AutoSSL install routines between provider modules. Implemented case CPANEL-15197: Implement an Edit view within the Version Control and Deployment feature. Implemented case CPANEL-15348: Add feature showcase for new notification.