fbpx

CyberPanel v2.3.1 Released - Security Release

Posted on April 25th, 2022
by Editorial Team

I am happy to announce that CyberPanel v2.3.1 has been released. This update brings tons of security and bug fixes to CyberPanel.

During this time we've also launched our new site and new community forums.

Right now CyberPanel is the only free control panel that is fully audited by RACK911 Labs for any security issues, team from RACK911 Labs is known for fixing security issues in web hosting industry. Apart from that we've brought some new features too:

  1. You will now be able to see weather you are on latest commit from Version Management in CyberPanel
  2. Root Level File Manager (Paid Feature)
  3. Google Drive Backups Retention (Paid Feature)
  4. Make Mautic 4.1.2 as default during installation

We've worked really hard so that you can use CyberPanel in mult-user environment with peace of mind.

Security Fixes

Please update your CyberPanel to v2.3.1 as soon as possible.

  1. security fix: CP-01: Installation improper permissions
  2. CP-05: Command Line Tools Type Insecure Processes Risk Medium
  3. CP-10: Admin – Websites – Suspend / Unsuspend
  4. CP-11: Admin – Packages – Delete Package
  5. CP-12: Admin – Packages – Modify Package
  6. CP-13: Admin – Back Up – Create Back Up
  7. CP-14: Admin – Back Up – Create Back Up
  8. CP-16: Admin Back Up Start Transfer
  9. security fix: CP-17: Admin – Security – CSF
  10. security fix: CP-18: Users – Create New User
  11. security fix: CP-21: Websites – Create Website
  12. security fix: CP-22: Websites – Modify Website
  13. security fix: CP-24: Manage Website – Domain Alias (Delete)
  14. security fix: CP-26: Manage Website – File Manager – Upload
  15. Security: Prevent leaking load average dat
  16. Security: PyYAML dependency update
  17. Security: Multiple CVE dependency update
  18. resolve https://www.exploit-db.com/exploits/50230
  19. securify fix: CP-29: Manage Website – SMTP Hosts – Verify
  20. securityfix: CP-30: Manage Website – Compose
  21. security fix: CP-33: Manage Website – Git
  22. security fix: CP-36: DNS – Add / Delete Records
  23. bug fix: CP-17
  24. CP-19: Additional Domains to Block
  25. CP-21: Additional Security
  26. Fix CVE-2021-32839

Bug Fixes

  1. bug fix: avoid possible removal of directories
  2. install acme.sh before main installation
  3. Update cyberpanel.sh
  4. bug fix: install
  5. bug fix: cronjob
  6. bug fix in backup creation
  7. bug fix: wp staging
  8. bug fix: custom ssl save
  9. bug fix: deploy staging to production
  10. bug fix: create wp staging
  11. security fix: CP-19: Websites – Create Website
  12. bug fix: fetch status
  13. bug fix: file manager
  14. bug fix: dkim manager
  15. Fix architecture detection
  16. add vhost level cache root for openlitespeed
  17. bug fix: continue backups if website is deleted from main CP
  18. bug fix: during website creation
  19. bug fix: backup creation
  20. use website level user for restic backups
  21. bug fix: incremental backups
  22. disable sftp destination for incremental backups for time being
  23. bug fix: delete database during inc backups
  24. bug fix: see git file changes
  25. bug fix: child domain records
  26. fix: file creation user
  27. bug fix: ssl
  28. bug fix: cpanel importer
  29. add confirm before converting to LiteSpeed Enterprise
  30. remove not needed function calls

9 comments on “CyberPanel v2.3.1 Released - Security Release”

  1. This is good to hear. Is there a clear upgrade path? We run our server on aws and there were some extra steps.

    Also is it possible to request oauth logins for wordpress.... Or even the ability to add custom buttons as a cyberpanel admin?

  2. @Usman thank you for all the hard work you put into CyberPanel.

    The community is growing and CyberPanel will be the #1 web host panel in the world!

  3. Thank you very much Usman. I know you put a LOT of time and attention into making Cyberpanel what it is. The best free hosting control system ... on a path of be one of the top panels out there.

Leave a Reply

Your email address will not be published.

chevron-down