- [security] Fixed case SEC-208: Addon domain conversion did not require a package for resellers.
- [security] Fixed case SEC-217: Self XSS Vulnerability in WHM cPAddons ‘showsecurity’ interface.
- [security] Fixed case SEC-218: Arbitrary file read via WHM /styled/ URLs.
- [security] Fixed case SEC-219: File overwrite when renaming an account.
- [security] Fixed case SEC-220: Arbitrary code execution during account modification.
- [security] Fixed case SEC-221: Arbitrary code execution during automatic SSL installation.
- [security] Fixed case SEC-223: Security policy questions were not transfered during account rename.
- [security] Fixed case SEC-224: CPHulk one day ban bypass when IP based protection enabled.
- [security] Fixed case SEC-225: Code execution as root via overlong document root path settings.
- [security] Fixed case SEC-226: Arbitrary file overwrite via WHM Zone Template editor.
- [security] Fixed case SEC-227: Expand list of reserved usernames.
- [security] Fixed case SEC-228: Adding parked domains to mail config did not respect domain ownership.
- [security] Fixed case SEC-229: URL filtering flaw allowed access to restricted resources.
- [security] Fixed case SEC-232: Demo code execution via Htaccess::setphppreference API.
- [security] Fixed case SEC-233: Arbitrary code execution for demo accounts via NVData_fetchinc API call.
cPanel 22 Mart 2017 tarihinde güvenlik zaafiyeti nedeniyle güncelleme yaptı, bu güncelleme yukarıdaki hataların giderilmesi amacıyla yapıldı, cpanel kullanıcılarının bu güncellemeyi uygulaması güvenlikleri açısından önemlidir.