Change Logs

v2.3.1 Stable - Security Release

Dated: 25th April 2022

I am happy to announce that CyberPanel v2.3.1 has been released. This update brings tons of security and bug fixes to CyberPanel.

During this time we’ve also launched our new site and new community forums.

Right now CyberPanel is the only free control panel that is fully audited by RACK911 Labs for any security issues, team from RACK911 Labs is known for fixing security issues in web hosting industry. Apart from that we’ve brought some new features too:

  1. You will now be able to see weather you are on latest commit from Version Management in CyberPanel
  2. Root Level File Manager (Paid Feature)
  3. Google Drive Backups Retention (Paid Feature)
  4. Make Mautic 4.1.2 as default during installation

We’ve worked really hard so that you can use CyberPanel in mult-user environment with peace of mind.

Security Fixes

Please update your CyberPanel to v2.3.1 as soon as possible.

  1. security fix: CP-01: Installation improper permissions
  2. CP-05: Command Line Tools Type Insecure Processes Risk Medium
  3. CP-10: Admin – Websites – Suspend / Unsuspend
  4. CP-11: Admin – Packages – Delete Package
  5. CP-12: Admin – Packages – Modify Package
  6. CP-13: Admin – Back Up – Create Back Up
  7. CP-14: Admin – Back Up – Create Back Up
  8. CP-16: Admin Back Up Start Transfer
  9. security fix: CP-17: Admin – Security – CSF
  10. security fix: CP-18: Users – Create New User
  11. security fix: CP-21: Websites – Create Website
  12. security fix: CP-22: Websites – Modify Website
  13. security fix: CP-24: Manage Website – Domain Alias (Delete)
  14. security fix: CP-26: Manage Website – File Manager – Upload
  15. Security: Prevent leaking load average dat
  16. Security: PyYAML dependency update
  17. Security: Multiple CVE dependency update
  18. resolve CyberPanel 2.1 - Remote Code Execution (RCE) (Authenticated) - Multiple webapps Exploit
  19. securify fix: CP-29: Manage Website – SMTP Hosts – Verify
  20. securityfix: CP-30: Manage Website – Compose
  21. security fix: CP-33: Manage Website – Git
  22. security fix: CP-36: DNS – Add / Delete Records
  23. bug fix: CP-17
  24. CP-19: Additional Domains to Block
  25. CP-21: Additional Security
  26. Fix CVE-2021-32839

Bug Fixes

  1. bug fix: avoid possible removal of directories
  2. install acme.sh before main installation
  3. Update cyberpanel.sh
  4. bug fix: install
  5. bug fix: cronjob
  6. bug fix in backup creation
  7. bug fix: wp staging
  8. bug fix: custom ssl save
  9. bug fix: deploy staging to production
  10. bug fix: create wp staging
  11. security fix: CP-19: Websites – Create Website
  12. bug fix: fetch status
  13. bug fix: file manager
  14. bug fix: dkim manager
  15. Fix architecture detection
  16. add vhost level cache root for openlitespeed
  17. bug fix: continue backups if website is deleted from main CP
  18. bug fix: during website creation
  19. bug fix: backup creation
  20. use website level user for restic backups
  21. bug fix: incremental backups
  22. disable sftp destination for incremental backups for time being
  23. bug fix: delete database during inc backups
  24. bug fix: see git file changes
  25. bug fix: child domain records
  26. fix: file creation user
  27. bug fix: ssl
  28. bug fix: cpanel importer
  29. add confirm before converting to LiteSpeed Enterprise
  30. remove not needed function calls

v2.1.2 Stable - Security Release

Dated: 21st October 2021

This version does not introduce many front-end features. However we got audited by rack911labs and we did many changes to improve the security and make CyberPanel best, free and most secure control panel.

Features

Bug fixes:

v2.1.1 Stable

Dated: 15th April 2021

Features

Bug Fixes

Updates

1 Like

v2.0.3 Stable

Dated: 20 Sep 2020

Features

Bug Fixes

Updates

v2.0.2 Stable

Dated: 22 July 2020

Features

Bug Fixes

Updates

v2.0.1 Stable

Dated: 2 June 2020

Features

Bug Fixes

Updates


v2.0.0 Stable

Dated: 1st April 2020

Note: This is a major upgrade with many bug fixes. CyberPanel users are advised to upgrade as soon as possible.

Features

Bug Fixes

Updates

v1.9.4 Stable

Dated: 5th February 2020

Note: Upgrade to this version as soon as possible, this includes many security fixes, details to be announced in our news section.

Features

Bug Fixes


v1.9.3 Stable

Dated: 3rd January, 2020

Features

Bug Fixes


v1.9.2 Stable

Dated: 12th November, 2019

Features

Bug Fixes

Big thanks to following people for their contributions


v1.9.1 Stable

Dated: 15th October, 2019

Features

Bug Fixes

Big thanks to following people for their contributions


v1.9.0 Stable

Dated: 23th August, 2019

Features

Bug Fixes


v1.8.9 Stable

Dated: 12th August, 2019

Features

  • Added list pages for Users, Packages and Emails.
  • Ability to control these list pages via ACL.
  • Enable/Disable creation of Fully Qualified Domains as child-domains through Packages.
  • Login Page: Press Enter to login.

Bug Fixes

  • Bug fixes to cPanel Importer for detecting email format.
  • Many bug fixes to Backup Engine and Remote Backups.
  • Bug fix to WordPress staging feature.
  • Bug fix to CSF.

v1.8.8 Stable

Dated: 30th July, 2019

Features

Bug Fixes

  • Bug fixes to cPanel Importer.
  • Many bug fixes to Backup Engine and Remote Backups.
  • Fixed CVE-2019-13056 in v1.8.7

v1.8.7 Stable

Dated: 16th July, 2019

In between we also released v1.8.6, it was an emergency security release, thus this change log covers it.

Features

Bug Fixes

  • Bug fixes to cPanel Importer.
  • Other bug fixes that were introduced because of emergency security release v1.8.6

Security Update

v1.8.6 and v1.8.7 have many security enhancements. For all end user operations CyberPanel now use run-as user (the website user) to perform those operations. Special CyberPanel → LSCPD connection is used for security communication for different sort of user elevation and to drop priviliges when necessary. Authentication token is used for communication to prevent un-athorized access to the command socket.

This will be our first security release in our 2-stage security release model. Everyone must update your servers to v1.8.7 as soon as possible.

Special thanks to rack911labs.com, for doing a security audit and help us find/fix the issues.


v1.8.5 Stable

Dated: 3rd July, 2019

Features

Bug Fixes

  • Fixed the API Access Disabled issue with WHMCS, more details here.
  • Fixed the Remote Backup Storage Issue.

v1.8.4 Stable

Dated: 7th June, 2019

Features


v1.8.3 Stable

Dated: 9th May, 2019

Features

Bug Fixes

  • Bug fix to remote backups.
  • Bug fix to File Manager while fixing permissions.
  • Bug fix to ModSecurity.

v1.8.2 Stable (Security Release)

Dated: 2nd April, 2019

Details about the security patch can be found in our news section.

Features

  • Search through websites.
  • Random Password Generator.
  • Rewrite Templates on top of Rewrite Rules Box.
  • Enable/Disable API Access.

Bug Fixes

  • Major bug fixes to Backup Engine (Remote and Scheduled Backups).
  • Bug fix, that now allow git private repos to be attached.

v1.8.1 Stable

Dated: 6th February, 2019

Features

  • Design Overhaul.
  • Volume Mapping in Docker Manager.

Bug Fixes


v1.8.0 Stable

Dated: 25th January, 2019

Features

Bug Fixes

  • Bug fix to AWS S3 Backups.
  • Bug fix to Email Marketing.

v1.7.7 Stable

Dated: 8th January, 2019

Features

Bug Fixes

  • Bug fix for Mod Security Rules Packs.

v1.7.6 Stable

Dated: 26 December, 2018

Features

Bug Fixes

  • Bug fix for large files to AWS S3.
  • Bug fix to CSF.

v1.7.5 Stable

Dated: 14 December, 2018

Features

Bug Fixes

  • Bug fix to Backup Engine.
  • Bug fix to SSH Keys.
  • Improvements to upgrade process.

v1.7.4 Stable

Dated: 23 November, 2018

Features

  • [Beta] CyberPanel for Ubuntu 18.04 and 18.10.
  • Ability to switch from OpenLiteSpeed to LiteSpeed Enterprise Web Server.
  • [Beta] Launch of CyberPanel on Cloud.

Bug Fixes

  • Bug fix to tuning for LiteSpeed Enterprise.
  • Bug fixes to SSL Engine (Drop certbot support).
  • Bug fixes to Email Marketing Tool.
  • Bug fix to Git.

v1.7.3 Stable

Dated: 23 October, 2018

Features

Bug Fixes

  • Bug fix to SSL Engine.

Official Plugin


v1.7.2 Stable

Dated: 1st October, 2018

  • Adjust niceness value for Backup/Restore process.
  • Bug fix in SSL Engine
2 Likes