v3.2.45 released. Various fixes, including: enhanced Let’s Encrypt debugging, PostgreSQL and timezone usage. Introduces cp.role Scope to assign server role as well as ability to import self-signed into truststore.
New
[Scopes]
cp.role, turnkey setting panel specialization. See INSTALL.md.
[ssl]
trust_endpoint(), import certificate in named uri into pki truststore.
Fixed
[Argos]
systemd-resolved monitoring always deactivated due to trailing markup in conditional expression.
[File Manager]
Recursive chmod ignored.
[Hetzner]
Weak record match generates type error.
[Keyring]
Encrypted value cannot be decoded if it is also a default setting.
[Invoiceninja]
Corrupted install throws unhandled exception on version check.
[Laravel]
Installable version diverts from laravel/laravel versioning in 11.x.
[misc]
flush_cp_version() flushes incorrect cache tier.
[Opcenter]
Improper dependency ordering generates lookup error when pgsql,enabled.
[pgsql]
edit_user() doubly encrypts an encrypted password. Add support for SCRAM.
[pgsql]
import() errors unreported.
[PostgreSQL]
Creating a database explicitly grants USAGE, CREATE on public schema with PostgreSQL v15. These permissions are no longer implicitly granted. Issue is nonreproducible on 16.
[Process]
Device field reported in maps() as unsigned long.
[Rampart]
Reloading firewalld purges fail2ban rules.
[Scopes]
Fatal error setting Maxmind key in auth.geoip-key.
[Timezone]
Select timezones, including Europe/Kyiv, are unsupported prior to ICU 72.
[Timezone]
Timezone changes lost in concurrent writer situation.
Changed
[Bootstrapper]
multiphp_build is automatically set depending upon requested PHP version.
[Bootstrapper]
Reorder installation process to clarify completion.
[Bootstrapper]
Start services after firewall configured.
[ImageMagick]
RPM hook for ImageMagick-libs update that forces a library refresh for resident libMagickCore handles.
[Let's Encrypt]
Enhance debugging diagnostics.
[Let's Encrypt]
Add R10, R11 fingerprints introduced in June.
[Logging]
Filtered messages preserve caller order.
[mapCheck]
Correct group within vfs.
[misc]
release_fsghost() bypasses backend elevation if possible.
[Net]
Report resolver in diagnostics.
[PostgreSQL]
Permitted user extension list extracted to config.ini in [pgsql] => user_extensions.
[Quota]
Soft quota, which triggers grace period flag, set too low at 99% resulting in mailbox disablement if an account straddles this threshold too long. Move soft quota to 1 MB below hard.
[Rampart]
Reload of firewalld with overlapping rules may impair network connectivity. Perform a full restart to ensure network is available.
[Transfer]
Disable peer name verification when target server is numeric. Enables usage if self-signed certificate is in pki truststore (see ssl:trust-endpoint).
[Web Apps]
Deferred callbacks may be cancelled in event of failure.
[Web Apps]
Inexact versions always take latest release.