DirectAdmin 1.701

fln · Tuesday at 5:47 AM

We are happy to announce the release of DirectAdmin 1.701.

A full release change log is here:

DirectAdmin 1.701

The update should be automatically available for all installations subscribed to the current release channel.

We appreciate all the feedback on forums and issues reported in the ticketing system.

Thanks!

deanc · Tuesday at 7:08 AM

big issue after update exim panic none stop exim stop on que -

2026-05-05 09:50:24 1wK9bs-00000000Nl1-2JTl User 0 set for local_delivery transport is on the never_users list2026-05-05 13:27:05 1wKCzZ-00000000PUZ-3eMU User 0 set for local_delivery transport is on the never_users list2026-05-05 13:27:05 1wKCzZ-00000000PUe-3lut User 0 set for local_delivery transport is on the never_users list2026-05-05 13:59:12 1wKDUe-00000000Pl5-2D6K User 0 set for local_delivery transport is on the never_users list2026-05-05 13:59:12 1wKDUe-00000000PlA-2Jb4 User 0 set for local_delivery transport is on the never_users list2026-05-05 15:56:55 SIGSEGV (fault address: (nil))2026-05-05 15:56:55 SEGV_MAPERR2026-05-05 15:56:55 SIGSEGV (null pointer indirection)2026-05-05 15:56:55 SIGSEGV (fresh-exec: 313787 initializing)2026-05-05 15:56:55 backtrace2026-05-05 15:56:55 ---2026-05-05 15:56:55 /usr/sbin/exim(+0x58e84) [0x557bde028e84]2026-05-05 15:56:55 /usr/sbin/exim(+0x59080) [0x557bde029080]2026-05-05 15:56:55 /lib64/libpthread.so.0(+0x12990) [0x7fcfcbb21990]2026-05-05 15:56:55 /usr/sbin/exim(+0x77cf9) [0x557bde047cf9]2026-05-05 15:56:55 /usr/sbin/exim(+0x5bba1) [0x557bde02bba1]2026-05-05 15:56:55 /lib64/libc.so.6(__libc_start_main+0xe5) [0x7fcfcb36b865]2026-05-05 15:56:55 /usr/sbin/exim(+0x326fe) [0x557bde0026fe]2026-05-05 15:56:55 ---2026-05-05 16:01:19 SIGSEGV (fault address: (nil))2026-05-05 16:01:19 SEGV_MAPERR2026-05-05 16:01:19 SIGSEGV (null pointer indirection)2026-05-05 16:01:19 SIGSEGV (fresh-exec: 314279 initializing)2026-05-05 16:01:19 backtrace2026-05-05 16:01:19 ---2026-05-05 16:01:19 /usr/sbin/exim(+0x58e84) [0x5634691d1e84]2026-05-05 16:01:19 /usr/sbin/exim(+0x59080) [0x5634691d2080]2026-05-05 16:01:19 /lib64/libpthread.so.0(+0x12990) [0x7f927c9f6990]2026-05-05 16:01:19 /usr/sbin/exim(+0x77cf9) [0x5634691f0cf9]2026-05-05 16:01:19 /usr/sbin/exim(+0x5bba1) [0x5634691d4ba1]2026-05-05 16:01:19 /lib64/libc.so.6(__libc_start_main+0xe5) [0x7f927c240865]2026-05-05 16:01:19 /usr/sbin/exim(+0x326fe) [0x5634691ab6fe]2026-05-05 16:01:19 ---2026-05-05 16:05:40 SIGSEGV (fault address: (nil))2026-05-05 16:05:40 SEGV_MAPERR2026-05-05 16:05:40 SIGSEGV (null pointer indirection)2026-05-05 16:05:40 SIGSEGV (fresh-exec: 314670 initializing)2026-05-05 16:05:40 backtrace2026-05-05 16:05:40 ---2026-05-05 16:05:40 /usr/sbin/exim(+0x58e84) [0x55e6e4f8ae84]2026-05-05 16:05:40 /usr/sbin/exim(+0x59080) [0x55e6e4f8b080]2026-05-05 16:05:40 /lib64/libpthread.so.0(+0x12990) [0x7f0ad5ef6990]2026-05-05 16:05:40 /usr/sbin/exim(+0x77cf9) [0x55e6e4fa9cf9]2026-05-05 16:05:40 /usr/sbin/exim(+0x5bba1) [0x55e6e4f8dba1]2026-05-05 16:05:40 /lib64/libc.so.6(__libc_start_main+0xe5) [0x7f0ad5740865]2026-05-05 16:05:40 /usr/sbin/exim(+0x326fe) [0x55e6e4f646fe]2026-05-05 16:05:40 ---

fln · Tuesday at 7:27 AM

Thanks @deanc, we are already patching Exim 4.99 and 4.99.1 to fix this issue. We expected it to be fixed in Exim 4.99.2 and no longer apply this patch. However, this bug is still rpesent in Exim 4.99.2 and we missed it

.

This issue is fixed in main Exim repository, but they keep releasing patch releases without backporting this fix.

Thank you for quickly reporting this, a new build is released that makes sure we continue patching Exim 4.99.2 to fix this issue.

Code:

da update
da build exim

ju5t · Tuesday at 8:26 AM

Might be worth it to include in the changelog that the Apache upgrade has priority: https://nvd.nist.gov/vuln/detail/CVE-2026-23918.

fln · Tuesday at 8:27 AM

DA comes with a patch for the double free bug in http2 library (CVE-2026-23918) since DirectAdmin version 1.692. So Apache 2.4.66 built with CustomBuild has this issue fixed already (custombuild/patches/apache/apache-2.4.66-bug-69899-mod_http2-update-to-version-2.0.37.patch).

We pushed out this release with Apache 2.4.67 because of CVE-2026-24072.

sysdev · 2026-05-06T00:33:15-0600

I have a few da servers (at least one with a subscription on rhel9) that still doesn'it show a 1701 patch. Some did yesterday already. Any idea why this happens?

romans · 2026-05-06T01:01:53-0600

sysdev said:
I have a few da servers (at least one with a subscription on rhel9) that still doesn'it show a 1701 patch. Some did yesterday already. Any idea why this happens?

At first I would recommend compare the results of this command on your DA servers (with such DA configuration it works fine in my case):

Code:

[root@server2 ~]# da c | grep -E 'channel|autopatch|autoupdate'
allow_push_autoupdate=1
autopatch=1
autoupdate=1
notify_on_autopatch=0
notify_on_autoupdate=1
update_channel=current
[root@server2 ~]#

sysdev · 2026-05-06T01:21:41-0600

romans said:
At first I would recommend compare the results of this command on your DA servers (with such DA configuration it works fine in my case):

Code:

[root@server2 ~]# da c | grep -E 'channel|autopatch|autoupdate' allow_push_autoupdate=1 autopatch=1 autoupdate=1 notify_on_autopatch=0 notify_on_autoupdate=1 update_channel=current [root@server2 ~]#

Yeah, did that already.

Code:

[root@me ~]# da c | grep -E 'channel|autopatch|autoupdate'
allow_push_autoupdate=1
autopatch=1
autoupdate=1
notify_on_autopatch=0
notify_on_autoupdate=1
update_channel=stable

Code:

[root@me ~]# da version
DirectAdmin 1.700 b66b667a58d836fcf741e7e0eed3c2f8d91b9e58

romans · 2026-05-06T01:52:17-0600

You use "stable" release. That's why you have DA version 1.700. DA version 1.701 is in "current" release. If you want to use "current", you need to update it for "update_channel" DA configuration option.

sysdev · 2026-05-06T02:01:32-0600

Arggghhhhhhhhhhhh, I must be a blind idiot.... Thanks

fln · 2026-05-06T06:54:13-0600

A new build is released. It adds additional security patch for Apache web server. For systems that are already upgraded to Apache 2.4.67 it will show a new update from Apache 2.4.67* to 2.4.67, to make sure web server is recompiled with the new patch.

Active8 · 2026-05-06T10:17:34-0600

After updating Exim, some mail are stucked now in que, resend from DA goes without issues, seen it now on 2 servers (ubuntu 24.4 and AL 9)
Other people has this problem too ?

EDIT build all seems to fix it, weird

fln · 2026-05-06T10:19:57-0600

@Active8, please make sure you have the latest DA 1.701 build and recompile the Exim service with da build exim.

fln said:
Thanks @deanc, we are already patching Exim 4.99 and 4.99.1 to fix this issue. We expected it to be fixed in Exim 4.99.2 and no longer apply this patch. However, this bug is still present in Exim 4.99.2 and we missed it .

This issue is fixed in main Exim repository, but they keep releasing patch releases without backporting this fix.

Thank you for quickly reporting this, a new build is released that makes sure we continue patching Exim 4.99.2 to fix this issue.

toktokcity · 2026-05-06T18:13:19-0600

Well, this was a hard night. After updating the VPS (critical AlmaLinux 9 updates) and running the latest DA update to 1.7.0.1 (3bb84f28b824fb194774aaeb378e0fd0d8ded8a5) the DA install broke down and I needed to do a back-up and repair. Afterwards the customers were back, but the OLS install was defect (broken vhost files), SSL was everywhere deactivated and some certificates were gone.

What a night trying to be safe for external problems :-|

deltaB · 2026-05-06T18:21:55-0600

fln said:
A new build is released. It adds additional security patch for Apache web server. For systems that are already upgraded to Apache 2.4.67 it will show a new update from Apache 2.4.67* to 2.4.67, to make sure web server is recompiled with the new patch.

Thanks for getting this patch out for Apache 2.4.67 so quickly.

Request: if you issues a new build, is there anyway you could give it a new hotfix version number 1.701.1 etc? Trying to manage the rollout from build numbers which aren't in the release notes is quite hard. We also missed this new apache version in the rollout....

toktokcity · 2026-05-06T23:07:23-0600

toktokcity said:
Well, this was a hard night. After updating the VPS (critical AlmaLinux 9 updates) and running the latest DA update to 1.7.0.1 (3bb84f28b824fb194774aaeb378e0fd0d8ded8a5) the DA install broke down and I needed to do a back-up and repair. Afterwards the customers were back, but the OLS install was defect (broken vhost files), SSL was everywhere deactivated and some certificates were gone.

What a night trying to be safe for external problems :-|

Thinking about what happened, I thought, perhaps it is a good idea to add a system restart option to DA with root password, after a kernel update you need to reboot. If used, DA can store all essentials safely before reboot takes place...

DirectAdmin 1.701

fln

Administrator