ApisCP v3.2.45 released

v3.2.45 released. Various fixes, including: enhanced Let’s Encrypt debugging, PostgreSQL and timezone usage. Introduces cp.role Scope to assign server role as well as ability to import self-signed into truststore.

New

[Scopes] cp.role, turnkey setting panel specialization. See INSTALL.md.
[ssl] trust_endpoint(), import certificate in named uri into pki truststore.

Fixed

[Argos] systemd-resolved monitoring always deactivated due to trailing markup in conditional expression.
[File Manager] Recursive chmod ignored.
[Hetzner] Weak record match generates type error.
[Keyring] Encrypted value cannot be decoded if it is also a default setting.
[Invoiceninja] Corrupted install throws unhandled exception on version check.
[Laravel] Installable version diverts from laravel/laravel versioning in 11.x.
[misc] flush_cp_version() flushes incorrect cache tier.
[Opcenter] Improper dependency ordering generates lookup error when pgsql,enabled.
[pgsql] edit_user() doubly encrypts an encrypted password. Add support for SCRAM.
[pgsql] import() errors unreported.
[PostgreSQL] Creating a database explicitly grants USAGE, CREATE on public schema with PostgreSQL v15. These permissions are no longer implicitly granted. Issue is nonreproducible on 16.
[Process] Device field reported in maps() as unsigned long.
[Rampart] Reloading firewalld purges fail2ban rules.
[Scopes] Fatal error setting Maxmind key in auth.geoip-key.
[Timezone] Select timezones, including Europe/Kyiv, are unsupported prior to ICU 72.
[Timezone] Timezone changes lost in concurrent writer situation.

Changed

[Bootstrapper] multiphp_build is automatically set depending upon requested PHP version.
[Bootstrapper] Reorder installation process to clarify completion.
[Bootstrapper] Start services after firewall configured.
[ImageMagick] RPM hook for ImageMagick-libs update that forces a library refresh for resident libMagickCore handles.
[Let's Encrypt] Enhance debugging diagnostics.
[Let's Encrypt] Add R10, R11 fingerprints introduced in June.
[Logging] Filtered messages preserve caller order.
[mapCheck] Correct group within vfs.
[misc] release_fsghost() bypasses backend elevation if possible.
[Net] Report resolver in diagnostics.
[PostgreSQL] Permitted user extension list extracted to config.ini in [pgsql] => user_extensions.
[Quota] Soft quota, which triggers grace period flag, set too low at 99% resulting in mailbox disablement if an account straddles this threshold too long. Move soft quota to 1 MB below hard.
[Rampart] Reload of firewalld with overlapping rules may impair network connectivity. Perform a full restart to ensure network is available.
[Transfer] Disable peer name verification when target server is numeric. Enables usage if self-signed certificate is in pki truststore (see ssl:trust-endpoint).
[Web Apps] Deferred callbacks may be cancelled in event of failure.
[Web Apps] Inexact versions always take latest release.

1 Like