[admin] collect() can filter on "active" field (true/false) to select accounts that are active or suspended. [Any-version] account admin may now update shims. [Argos] validate relay password. [Bootstrapper] ~2 minute performance bump by refactoring mail/configure-postfix role. [Bootstrapper] tolerate really weird kernel configurations. [Bootstrapper] various idempotency fixes. [ClamAV] remove packages on disablement. [Cloudflare] proxy only permitted records. Improve error message reporting during CF outage. [Dovecot] block learning in stressed environments. [file] reset_path()- when user is empty string, it defaults to current user. "null" still bypasses reset. [FST] remove rm -rf sudo helper. Conflicts with moving essential services, such as PHP-FPM, to /.socket. May be enabled via [ssh] => sudo_support. [helpers.sh] su VIRTUSER accepts all normal arguments. [Letsencrypt] loquacious nameservers may stuff a TXT record beyond what is necessary during ACME challenge resulting in a pause up to the timeout interval. [Letsencrypt] retry IP check for slow DNS servers. [Mail] remove "postfix" user when mail is disabled on an account effectively disabling sendmail usage. [Migrations] Fix condition in which SSL certificates do not activate without second EditDomain post-migration. [Migrations] limit remediation suggestion to 32 characters per system limitation. [Migrations] server-to-server migrations, domain suspension may be postponed with --no-suspend flag. [Monit] scramble default password. [MySQL] users may contain a period in their username. [Nexus] IPv6 addresses with numeric leading hextet are incorrectly parsed as an array index. [Opcenter] add sanity checks to prefix presence before discarding MySQL/PostgreSQL databases. [Opcenter] correct condition in which promoting an alias to primary domain without explicitly removing the domain from aliases,aliases causes duplicate key on address rename. [PHP] migrating from non-jail to jail also migrates directives from .htaccess. Controlled via [httpd] => fpm_migration. [phpMyAdmin, phpPgAdmin] correct condition in which SSO fails if behind CloudFlare. [phpMyAdmin, phpPgAdmin] updating a password may now optionally reset the password to the specified value. [Postfix] /etc/postfix/master.d allows for per-site overrides (see Customizing.md). [Rampart] malware jail, integrates into mod_security/ClamAV filtering. [Rampart] non-essential logs are tailed on startup thus improving startup time. [Storage Tracker] correct rendering as Picasso painting. [Task Scheduler] MAILTO supported. [Telemetry] range() accepts a negative $begin to look behind n seconds. [Telemetry] fix condition in which compressed metrics block deletion of a site. [UI] filters support ESC/ENTER hotkeys. [UI] update default placeholder. [WordPress] db_config()- workaround for segfaults if the output buffer fills during database inquiry. [WordPress] enable debug mode in WP-CLI when ApisCP debugging enabled. [WordPress] fix condition in lower versions with patch are preferred to those without.