来源:cPanel官网
发布日期:2020-02-11
阅读次数:592
评论:0
更新详情
Fixed case CPANEL-33231: Update DNS-Unbound to 0.20-1.cp1186.Implemented case CPANEL-33816: Teach our DNS::Unbound object to do stub lookups if requested.[security] Fixed case SEC-488: Code execution due to faulty file extension dispatching.[security] Fixed case SEC-557: Package modification restriction bypass.[security] Fixed case SEC-564: Self-XSS vulnerabilities in DNS Zone Manager DNSSEC interfaces.Fixed case CPANEL-23938: Fix usage reporting when the "Use INFORMATION_SCHEMA to acquire MySQL disk usage" tweak setting is disabled.Fixed case CPANEL-31488: Fix links for some ModSecurity vendors.Fixed case CPANEL-32544: Don't attempt to chmod non-existent files/directories during /usr/local/cpanel/scripts/secureit.Fixed case CPANEL-32711: Increase timeliness of PostgreSQL ping check.Fixed case CPANEL-32865: Show pagination in EasyApache 4 when > 10 versions exist in PHP step.Fixed case CPANEL-33154: Update to Roundcube 1.3.13.Implemented case CPANEL-24007: Update rpm.versions for cpanel-wrap 86.0-4.cp1186.[security] Fixed case CPANEL-31659: Update rpm.versions for cpanel-mailman 2.1.33-1.cp1186.Fixed case CPANEL-31859: Allow users to enable automatic updates in WHM.Fixed case CPANEL-32164: Fixed a bug with uapi/cpapi2 commands inside jail shells.Fixed case CPANEL-32472: Reduce the number of concurrent DNS DCVs in AutoSSL.Fixed case CPANEL-32659: Update privacy policy with the current version 04-20-2020.[security] Fixed case CPANEL-32759: Update rpm.versions for exim 4.93-5.cp1186. Fixes CVE-2020-12783.[security] Fixed case CPANEL-32766: Update rpm.versions for dovecot 2.3.10.1-1.cp1186. Fixes CVE-2020-10957, CVE-2020-10958, CVE-2020-10967.[security] Fixed case CPANEL-32839: Update rpm.versions for cpanel-mariadb-connector 3.1.8-1.cp1186. Fixes CVE-2020-13249.[security] Fixed case CPANEL-32942: Fix multiple CVE in Perl 5.30: CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723.[security] Fixed case SEC-485: Remote code execution via Exim filter path handling.[security] Fixed case SEC-491: Bypass of SMTP greylisting restrictions.[security] Fixed case SEC-497: Jailshell breakout via chsh.[security] Fixed case SEC-549: Insecure BIND RNDC credentials used in templated VMs.[security] Fixed case SEC-550: Insecure Dovecot auth policy API key used in templated VMs.[security] Fixed case SEC-551: Insecure Mailman site password used in templated VMs.[security] Fixed case SEC-552: Insecure SRS secret used in templated VMs.[security] Fixed case SEC-554: Insecure chkservd test credentials used in templated VMs.[security] Fixed case SEC-558: World-readable permissions on proxy subdomains log file.[security] Fixed case SEC-561: PowerDNS API keys set to predictable values during upgrades.Fixed case CPANEL-32712: Fix handling of grant quoting introduced by latest MariaDB changes.Fixed case CPANEL-30758: Fix error being logged when processing files > 5GB for Backblaze backups.Fixed case CPANEL-31118: Install BIND if PowerDNS cannot be installed.Fixed case CPANEL-31980: Allow restoring home backups with 'L' type entries in cPanel Backup.Fixed case CPANEL-32054: Update rpm.versions for cpanel-roundcubemail 1.3.8-16.cp1186.Fixed case CPANEL-32480: Update rpm.versions for cpanel-git 2.24.1-2.cp1186.Fixed case CPANEL-32661: Fix securitypolicy.cgi permissions error.Fixed case CPANEL-29661: Resolve CloudLinux installation failures on CentOS 7.7+.Fixed case CPANEL-31565: Expire the PostgreSQL PING cache when the password for user 'postgres' is reset in 'WHM >> SQL Services >> Configure PostgreSQL'.Fixed case CPANEL-31865: Ensure zones owned by 'nobody' are manageable via the zone editor while logged into WHM as a root user.Fixed case CPANEL-32062: Don't report false positive warnings from userdata_update concerning wildcard subdomains.Fixed case CPANEL-32130: Ensure legacy DNS zone editor can process zones owned by 'nobody'.Fixed case CPANEL-30402: Change BoxTrapper queue message list to show server time.Fixed case CPANEL-31480: Update rpm.versions for MySQL56 5.6.47-1.cp1186.[security] Fixed case CPANEL-31802: Update rpm.versions for proftpd 1.3.6c-2.cp1186. Fixes CVE-2020-9273.Fixed case CPANEL-31834: Install yum-python26 on Amazon Linux 2018.03.Fixed case CPANEL-31954: Fix mailman feature check in webmaild.Fixed case CPANEL-31289: Update rpm.versions for cpanel-perl-530-IO-Socket-SSL 2.066-2.cp1186.Fixed case CPANEL-31450: Improve appearance of Change Style page for RTL (right-to-left) users.Fixed case CPANEL-31493: Update rpm.versions for cpanel-pdns 4.1.10-13.cp1186.Fixed case CPANEL-31761: Use main server ip for rdns helo when per domain mail ips are disabled.Fixed case CPANEL-31797: Maximize AutoSSL’s open file descriptor limit.Fixed case CPANEL-31875: Schedule autossl run time based on http/bind restart times.Fixed case CPANEL-31894: Make sure that mandatory container is not included on iframes and popups.Fixed case CPANEL-31900: DNSSEC keys now have the proper key type in a cluster.Fixed case CPANEL-31944: Update rpm.versions for cpanel-php73-Horde-Util 2.5.9-1.cp1186. Fixes CVE-2020-8518.Fixed case CPANEL-31944: Update rpm.versions for cpanel-php73-Horde-Data 2.1.5-1.cp1186. Fixes CVE-2020-8518.[security] Fixed case SEC-505: Bandwidth suspensions can be triggered remote via mail log strings.[security] Fixed case SEC-540: Cpanel account backup leaks access to current working directory.Fixed case CPANEL-31750: Ensure domainuserdata throws an error if a domain does not exist.Fixed case CPANEL-31773: Update rpm.versions for cpanel-roundcubemail 1.3.8-14.cp1186.Fixed case CPANEL-31822: Update B::C to release 5.030003.Fixed case CPANEL-31830: Fix typo of utf8_mailbox in Cpanel::API::Variables.Fixed case CPANEL-31840: Fix roundcube schemas for MyISAM.Fixed case CPANEL-31843: Reset AnyEvent time cache before initial calls.Fixed case CPANEL-31558: Setup Reverse Trust in cluster members in such a way that the clusterstatus page on peers will display its reverse trust relationships rather than hiding them.Fixed case CPANEL-31723: Add cpanel-sqlite-devel to the cpanel-devel rpm.versions target.Fixed case CPANEL-31745: Fix for Let's Encrypt plugin renewing certificates.Fixed case CPANEL-31752: Do not display extended status information in WHM's DNS Cluster page for cluster members which use custom DNSAdmin modules.Fixed case CPANEL-31749: Fix missing dependency in new SyncEximLocalOpts module.Fixed case CPANEL-29184: Add a 15 second timeout to cphulk commands to avoid task buildup.Fixed case CPANEL-31154: Fix CALDAV/CARDDAV mobileconfigs on OSX 10.15+.Fixed case CPANEL-31485: Update rpm.versions for cpanel-pdns 4.1.10-10.cp1186.Fixed case CPANEL-31504: Update rpm.versions for cpanel-roundcubemail 1.3.8-12.cp1186.Fixed case CPANEL-31505: Update rpm.versions for cpanel-pdns 4.1.10-11.cp1186.Fixed case CPANEL-31560: Restore package does not exist error to killpkg API.Fixed case CPANEL-31586: Ensure MX records are created with the specified domain/subdomain in WHM > DNS Zone Manager.Fixed case CPANEL-31602: Add ability to filter deleted and suspended accounts from reseller stats.Fixed case CPANEL-31603: Avoid spurious warning about rdns from helo not being set in exim conf.Fixed case CPANEL-31662: Update rpm.versions for cpanel-pdns 4.1.10-12.cp1186.Fixed case CPANEL-31665: Update rpm.versions for cpanel-roundcubemail 1.3.8-13.cp1186.Fixed case CPANEL-31671: Make custom mail helo take precedence over use rdns for helo.Fixed case CPANEL-31673: Update rpm.versions for exim 4.93-2.cp1186.Fixed case CPANEL-31727: Support ALL & arbitrary combinations in SSLCipherSuite.Implemented case CPANEL-31557: Fix collation on transfer of utf8mb4 DBs created on MySQL 8.Fixed case CPANEL-28750: Ensure WHM > Modify Account form loads when a user's subuser database is corrupt.Fixed case CPANEL-29762: Ensure correct cPanel Search bar placement and styles.Fixed case CPANEL-30005: Ensure correct bandwidth reporting.Fixed case CPANEL-30733: Fix menu spacing in cPanel's Dark style.Fixed case CPANEL-31254: Performance improvement in cPanel & WHM MultiPHP Manager's user domain list.Fixed case CPANEL-31344: Remove EA3 httpd.service file.Fixed case CPANEL-31402: Save and display staging directory correctly in Update Preferences.Fixed case CPANEL-31440: Improve ciphersuite handling.Fixed case CPANEL-31442: Add input validation for target_settings and srpm_versions when update_local_rpm_versions is used to set them.Fixed case CPANEL-31454: Warn and refuse to load target_settings values in rpm.versions.d files when they are unknown. Valid settings will be retained.Fixed case CPANEL-31463: Update perl to always emit SIGABRT instead of SIGIOT.Fixed case CPANEL-31520: Provide IPC::Run3 on customer request as part of the perl530 target.Fixed case CPANEL-31529: Pass version information to GTM.Fixed case CPANEL-30974: Ensure matching expiration dates in Update Preferences.Fixed case CPANEL-31224: Ensure that get/set user_email_forward_destination api calls work for 'cpanel'.Fixed case CPANEL-31395: Update rpm.versions for cpanel-roundcubemail 1.3.8-10.cp1186.Fixed case CPANEL-31406: Handle the switch of the 3rdparty/bin/perl symlink during major perl version upgrade.Fixed case CPANEL-31408: Fix bug where hooks.yaml was still relied upon in scripts/hook and scripts/upcp.Fixed case CPANEL-31416: Prevent htaccess restore from running out of ram with many subdomains.Fixed case CPANEL-31448: Pass errors from refactored subdomain management admin module.Fixed case CPANEL-31451: Update rpm.versions for cpanel-roundcubemail 1.3.8-11.cp1186.Fixed case CPANEL-31464: Updated etc/icontact_templates/Deprecated/API1.html.tmpl.
软件描述
cPanel 是一套在网页寄存业中最享负盛名的商业软件,是基于于 Linux 和 BSD 系统及以 PHP 开发且性质为闭源软件;提供了足够强大和相当完整的主机管理功能,诸如:Webmail 及多种电邮协议、网页化 FTP 管理、SSH 连线、数据库管理系统、DNS 管理等远端网页式主机管理软件功能。
评论