-
v3.1.0
[REL] 3.1 release. See https://hq.apnscp.com/apnscp-3-1-released/ or docs/RELEASE-3.1.md
-
v3.0.68
[Bootstrapper] update panel code prior to restart in situations that BS may loop indefinitely because of unanticipated third-party changes [apnscp] 3.1 prep work
-
v3.0.67
[apnscpd] improve resumption durability [Bootstrapper] update php/composer role for Composer changes
-
v3.0.66
[Bootstrapper] autodetect proxied/NAT IP4/IP6 [Rampart] prioritize whitelist [DNS Manager] fix AJAX edits [Postfix] smarthost support, prefer opportunistic TLS over explicit unless port is 465 [Error] fix silenced operations may continue to emit log macros
-
v3.0.65
[PostgreSQL] experimental v12 support [cPanel] follow mailbox aliases in non-standard shell imports [Backups] process backups on unlimited quota accounts
-
v3.0.64
[Migrations] migrate suspended cPanel sites [tmpfiles.d] e flag correctly applied in CentOS 7.7. var glob incorrectly referenced as "var" instead of "var/tmp" [apnscp] PID corruption on abrupt shutdown [mysql] permit dash in database prefix
-
v3.0.63
[Scopes] apache.evasive-wordpress-filter sets strict xmlrpc/wp-login POST limits [Opcenter] plans now support partial overrides [Rampart] fail2ban v0.10 compatibility [Scopes] Static file + WordPress filters customizable templates (see docs/admin/Evasive.md) [Bootstrapper] quota build applied incorrectly on / mount instead of /home [Opcenter] improve failed account resiliency. Unhandled exceptions reported on failed creation [Bandwidth] updating bandwidth,threshold properly updates database record [Wordpress] Fortification applies mutual read-write permissions to upgrade/
-
v3.0.62
[PHP] update internationalization build deps [CLI] suspend resumption effectively resolving unpredictable "Session corruption" error [cPanel] handle case where SHELL is without quotes. Soft fail is dnszones/ is missing from backup [fail2ban] decrease database retention duration from 90 days to recidive duration + 5 days [Modules] .pgpass missing provisioning on account creation [Modules] admin:collect() accepts second parameter, filter param e.g. cpcmd admin:collect null "[ssh.enabled:1]"
-
v3.0.61
[SECURITY] xss in gecos in Manage Users, file:reset-path() operates on referent instead of link [Bootstrapper] system/sysctl improperly handles empty values in Ansible 2.8.4 [Quota] disabling disk quota no longer disables inode quota [DNS] changing the primary domain fails ownership check [DNS] email:get-records() renamed to provisioning-records() for consistency with dns:provisioning-records() [apnscpd] backend lockups recover faster
-
v3.0.60
[Laravel] fix "min" Fortification application [Migration] add --delete flag, removes backup on successful import [scripts] expand change_dns.php usage to support arbitrary TTL/prior IP [AJAX] remove "s" session ID setter [helpers] fix condition in which collapsed arrays reported "name.subname.index" in key
-
v3.0.59
[UI] custom times generate warning in Task Scheduler [UI] show matching search meta in Nexus [UI] typo in Code Frameworks, setting global interpreter with goenv/rbenv
-
v3.0.58
[admin] collect() helper function, generate account list of requested service parameters [SSL] include webmail subdomains
-
v3.0.57
[Migration] attempt in-situ extraction using ustar format, fallback to POSIX.1-2001 when file exceeds system memory or ustar restrictions. [Migration] workaround for cPanel server migration or username change in which home field in passwd retains prior homedir marker
-
v3.0.56
[Scopes] system.sshd-pubkey-only sets public-key only authentication [Scopes] fs.tmp-mount sets /tmp properties [Web Apps] learning mode bestows permissions to app root owner on new directories [Migration] use pigz when available [Migration] fix large cPanel imports [Task Scheduler] fix tasks with tabbed time-spec cannot be deleted [DNS] changing providers populates zones on new provider
-
v3.0.55
[Summary] BUGFIX retrieving apps by ID treated as string [PHP] disable opcache_invalidate() usage. Restricted by opcache.restrict_api setting, which generates a warning that may not be correctly handled. [ssh] backport keyboard-interactive toggle (sshd_pubkey_only setting)
-
v3.0.54
[Opcenter] create server affinity record on import [Mail] cleanup majordomo method errors if mail provider not builtin [Passenger] set default app timeout [Summary] apps conditionally linked to based upon availability
-
v3.0.53
[Opcenter] cPanel Migrations [DNS] imported resources determined by target DNS provider RRs [DNS] compatibility with cPanel exported zones which ignore class in AXFR
-
v3.0.52
[Opcenter] always lowercase domain [Opcenter] in-place account wipe/creation reuses previous credentials on first call to aliases:synchronize-changes() [Wordpress] link WP-CLI to /usr/bin/wp-cli [Migration] cPanel migration updates
-
v3.0.51
[Migration] cPanel import facility preview [UI] remove e-mail options when mail driver is null or disabled [DNS] correct addon domain DNS provisioning when dns,enabled=1 toggled [Wordpress] validate wp-cli consistency on update [MySQL] user update ignores .my.cnf update
-
v3.0.50
[security] AP-01-AP-07 vulernability fixes [file] symlink usage disables optimized shadow assertions. Use referent in permission calculations to close symlink attack loophole. [dns] domain_hosted() uses cp-proxy endpoint to perform additional checks in multi-server setups [filesystem] fuser support [backups] backup_dbs.php does not evaluate the state of file prior to processing backup. An attacker can use a symlink attack to gain ownership of sensitive files [SSL Certificates] revert CSR generation