NEW: [Scopes] kernel.crashguard, controls crashguard/kexec usage. kernel.panic-asr determines the timeout for an automated reboot in event of a panic. FIXED: [Cgroup] Kernel panic resetting blkio counter on non-root container between kernel 4.18.0-477 and 4.18.0-504 [DNS] Missing NS records yields invalid auto-generation. [file] Incorrect bitwise symlink mask. [Nextcloud] Propagate ENV to occ. [Opcenter] Demoting primary domain loses domainmap lookup. [Rampart] Unwrap nested ban reason. [Scopes] system.monthly-integrity-check, update role reference. [Task Scheduler] Setting CRON_TZ in unordered spool exceeds line boundary due to defect in dba_replace/dba_delete parsing in non-uniform ini file. [Web Apps] Unhandled exception on PHP variant apps when PHP-FPM is disabled. [Wordpress] Fetching a define() constant inhibits reuse on and after retrieved node. CHANGED: [admin] get_meta_from_domain() renamed to get_meta_from_site(). Deprecated, scheduled for removal in v4. [Cgroup] Always create controllers in cgconfig. [Cloudflare] Parse complex arguments if set in [dns] => provider_key. Support for 1000+ domain pagination. [Ghost] Detection now looks for "GhostServer.js". [Let's Encrypt] Staging removes all conflicting _acme-challenge TXT records. [MySQL] Update ping() logic to anticipate mysqli_sql_exception. [Opcenter] Optimize user/group/shadow operations. [PostgreSQL] Previous implementation permitted superuser. Deny all database connections on rename. [Scopes] apache.evasive-whitelist and rampart.fail2ban-whitelist remediate if whitelisted IP is presently banned. [Scripts] mapCheck.php updates admin user within VFS. [Transfer] Permit accounts with different MySQL and PostgreSQL prefixes. [Wordpress] Reimplement theme versioning. Previously suspended due to wp-cli/extension-command#349. [Wordpress] Update WP_SITEURL, WP_HOME during rename. REMOVED: [Opcenter] Expensive fuser check in lock detection.