Middleware Documentation deprecated

Welcome to the documentation about the inner workings of the Java-based middleware platform of OX App Suite. This technical documentation covers articles about different topics and features, grouped by different subtopics on the left.

The latest notable changes of the middleware can be found below.All notable changes to this project will be documented in this file.

8.30.0 - 2024-09-25

Added

  • MW-1068: Improve support for SCHEDULE-AGENT 2fd626d0
  • SCR-1454: New configuration property "com.openexchange.cache.v2.redis.disableHashExpiration" 323c4fa1

Changed

  • IIJMX-530: Don't fail if UNSUBSCRIBE fails for IMAP-backed POP3 folders a13200d0
  • MW-2191: Upgraded to Java v21 baa040d1
  • MW-2309: Use new caches for schema update states and db assignments 0c626dd2
  • MW-2330: Replaced old context cache with the new v2 3c718354
  • MW-2335: Transform "MailAccount" Cache to Redis 13c84cf9
  • MW-2338: Removed "messaging"-related functionality and APIs 8cc8df6f 705f5c82
  • MW-2347: Use new cache for advertisement config caching 60bacf4b
  • MW-2363: Removed legacy SessionD and Hazelcast-backed session storage 39d5b717
  • MW-2368: Disable Hazelcast by Default de5e5633
    • Breaking Change
  • MW-2614: Use BadPassword exception for failed decryption
    • Also, log legacy encryption warning only once per day
  • SCR-1452: Moved Java Data Objects (JDO) API to target platform ec8ad9d1
  • Some refactoring for the code packages in c.o.cache.v2 64cb03b6
  • #17: Reintroduced soap log filter for passwords - appsuite/platform/core#17 92cdfb97

Fixed

  • Avoid duplicate service instance for singleton LeanConfigurationService 66a48fbf
  • Perform synchronous unregistration from Dovecot HTTP Notify plugin using a lowered socket read timeout 6a4f87bb
  • #23: Reverted some checks for pretty old messages that should not occur - appsuite/platform/core#23 9fa35f10
  • #25: Restored enhanced conflict checks during attendee update operation - appsuite/platform/core#25 7114c95f
  • #29: Check mail messages reference retrieved from cache prior iterating - appsuite/platform/core#29 ac674a24
  • #30: Update local file storage account reference after remembering error in metadata - appsuite/platform/core#30 6677a246
  • #31: Prevent NPE during shutdown. Ref. 12413312
  • #32: Added auto-expiration of possible write lock for table filestore2user - appsuite/platform/core#32 46c2abb6 52c202c9 53873901
  • #33: Throw proper error if mail is not found. Ref. 251098c8
  • #36: Properly apply HTTP client config for iCal timezone updater - appsuite/platform/core#36 814c70a8
  • #39: Don't retry login attempt by default (w/ exponential back-off wait policy) when IMAP server signals UNAVAILABLE response code - appsuite/platform/core#39 2b5a3191
  • #40: Keep user-sensitive information for isSubscribed() and getUsedForSync() - /appsuite/platform/core#40 e2ae5bac
  • #43: Unregister user from Dovecot HTTP Notify plugin asynchronously - appsuite/platform/core#43 f00456a1
  • #44: Moved creation of reseller tables to accessing bundles a6cad0b7
  • #48: Retry fetching thread-sorted messages if an inconsistent received date is detected - appsuite/platform/core#48 8270853b 381f39c5
  • #49: Prevent possible NPE when replacing organizer in a calendar event - appsuite/platform/core#49 58fbb18f
  • #54: Added missing org.xml.sax dependency to MANIFEST.MF bbe6bf28
  • #562: Differentiate between deputy feature being 'enabled' and 'available' - appsuite/web-apps/ui#562 83447b85

Removed

8.29.0 - 2024-08-28

Added

  • MW-2319: Token Login Variant for PWA Onboarding 99832baa
    • Breaking Change: The file tokelogin-secrets has been removed. See also:
    • SCR-1405: Renamed parameter in /login?action=redeemToken
    • SCR-1406: Added a client defined expiration time to /token?action=acquireToken
    • SCR-1407: Replaced tokenlogin-secrets file with lean configuration
  • MW-2323: Adjust Helm Charts for Redis 7.4 9ca0b47f
  • MW-2339: Deputy-Management via Provisioning API c2073664
  • MW-2353: Documentation for Redis and Active/Active 3409b456

Changed

Fixed

  • Added checks for pretty old messages that should not occur #23 bbb60b00
  • Consider possible MX records on ISPDB look-up for a possible mail account setup #24 a305df9b
  • Optimized reading schema state (update tasks) #10 8cb20be4 2ecd9d47
  • Defer dependent capability checks 47f8b86d
  • Inject fallback display name for *DAV-based subscriptions if missing #22 a6e0cbe0
  • MWB-2512: Use 'no-reply' account for synthetic push sessions 6a623131
  • MWB-2530: Orderly compile path to a shared folder from target user's point of view 5898d475
  • MWB-2667: Deny writing rules requiring unsupported capabilities 55dfa3ba 8c0c8602
  • MWB-2701: Replace possible space characters in URLs with appropriate URL encoded representation (%20) ec8a08f4
  • MWB-2702: Properly compare user mail aliases with punycode 0f78cb94
  • MWB-2705: Fixed writing JSlob IDs as JSON array to channel f8178b31
  • Orderly track new cache service in IMAP bundle #8 6a991f77

Removed

  • MW-2367: Remove Xing integration 52ec3fa3
  • SCR-1426: Removed "FilteringObjectStreamFactory" Service and parent Bundle "com.openexchange.serialization" 3e051826

8.28.0 - 2024-07-31

Added

Changed

Fixed

Removed

  • SCR-1420: Removed unused xmlbeans library 78d2c577
  • Replaced 'subscription' permission availability with capability checker cdc1836f

8.27.0 - 2024-07-03

Added

  • MW-2325: Multi-Database Support for Redis da3e7525
    • SCR-1383: New Property com.openexchange.redis.resilientDatabase
  • SCR-1402: New Column priority for Database Tables calendar_event and calendar_event_tombstone b235659d
  • SCR-1403: New field priority in Event model of HTTP API 48e3ffef

Changed

  • MW-2309: Transform Next Caches to Redis 58109405
    • Previous regions FileStorageAccount and UserAlias are now backed by Redis cache
  • MW-2328: Additional (configurable) logging for some SOAP API requests 36705091
  • MW-2337: Transform MessagingAccount, c.o.messaging.json.messageCache, LDAPHostname and Reseller-related Caches to Redis 114878b4
  • MW-2340: Transform FolderUserProperty Cache to Redis 9b1e0ff2
  • MW-2651: Use canonical hostname when accessing distributed managed files 3cc5dafd
  • MWB-2641: Enhanced logging when copying a database table row fails during 'movecontextdatabase' ec85db90
  • SCR-1393: Updated Netty libraries from v4.1.106 to v4.1.111 918566ac
  • SCR-1394: Updated lettuce library from v6.3.1 to v6.3.2 97520f3d
  • SCR-1395: Updated Apache Commons IO library from v2.15.1 to v2.16.1 5add29cf
  • SCR-1396: Updated Apache Commons Codec library from v1.16.1 to v1.17.0 7c98d03e
  • SCR-1404: Updated JCTools (Java Concurrency Tools for the JVM) from v4.0.3 to v4.0.5 986656d6
  • SCR-1411: Added an account index to various calendar tables for improved look-up 40aaf3b0
  • Preparations to selectively invalidate caches after changing 2b3be06c
  • Updated integrated timezone definitions to tzdata2023d 256754a3

Fixed

  • MWB-2639: Don't filter w:sdt elements during sanitizing 5cf45632
  • MWB-2644: Added config option to specify whether to use HTML on reply/forward to/of text-only E-Mails if HTML is chosen as preferred message format 1fa4aa99
  • MWB-2649: Avoid NPE db5c060e
  • MWB-2650: Wrong FCM Push documentation 03419906
  • MWB-2657: Consistent value 200 for property AVERAGE_CONTEXT_SIZE dce8905b
  • MWB-2659: Use proper i18n service to use best-fitting translation for a user's locale 06307248
  • MWB-2664: Lowered periodic log message about completion status of a database clean-up job to DEBUG log level 220ef5f9
  • MWB-2666: Added missing import 5ce65bb4
  • MWB-2670: Redirect to configured logout page as fallback if session no longer exists 91dc5373
  • MWB-2676: Drop details (aka MDC) from JSON-formatted log message if DropMDC marker is present in log event 742918c4 8a65fcfc

Removed

8.26.0 - 2024-06-05

Added

Changed

  • MW-2326: Re-implemented put-if-absent for KeyDB; e.g. replaced special SET(GET) command with PX and NX option set ea34eba6
  • MW-2332: Export SimpleMeterRegistry 4724b21f
    • add io.micrometer.core.instrument.simple to the list of exported
    • packages in the bundle com.openexchange.metrics.micrometer, to allow
    • using it in unit tests
  • MWB-2622: Added logging when events w/o recurrence are encountered during 'needs-action' generation ae17204a

Fixed

Removed

8.25.0 - 2024-05-08

Added

Changed

  • MW-2222: DB TLS encryption for k8s fc64b729
  • MW-2263: Introduced Redis-backed cache service having its own cache event framework (based on Redis pub/sub) and refactored existent stand-alone cache invalidation classes to that new service/framework 05ea475b
  • MW-2264: Transform First Caches to Redis b04537ed
  • MW-2266: "Upgrading without Downtimes" in a Kubernetes cluster d032a637
  • MW-2314: Removed dependency from logback-extensions to Apache Commons Lang 2.6 7b007ce4
  • Identify sproxyd clients 95ccd0b4

Deprecated

  • SCR-1373: Deprecation of Apache Commons Lang 2.6

Fixed

  • CP-514: Let authentication plugin signal to ignore the call to it 7f3b0757
  • MWB-1957: Grafana dashboard shows multiple server versions cac3800f
  • MWB-2204: Missing API documentation for oidcLogin and oidcLogout actions of Login module 516239c2
  • MWB-2435: CredstoragePasscrypt not picked up in templates/typeSpecific/secret-envvars.tpl 1d0578df
  • MWB-2530: Added property com.openexchange.imap.assumeUserLocalPartForSharedFolderPath to control if user's local part should be assumed when determining a shared folder path; e.g. assume "jane.doe" instead of "jane.doe@invalid.com" c33caa7e
    • Synchronize all operations on ListLsubCollection objects
    • Removed IgnoreDeprecated methods as they became obsolete with synchronous operations (see Bug#41742)
  • MWB-2552: Decrypt mail prior if needed fdfa0087
  • MWB-2555: Deny scheduling a mail for transport if Guard-protected aa2c61c3
  • MWB-2556: Fixed typo ac08c82f
  • MWB-2562: Avoid issuing unused events for last gone session of a context/user 876e33b3
  • MWB-2563: Ensure JSON data is orderly flushed to output stream c11400a0
  • MWB-2564: Corrected property names in documentation article f8399bd3
  • MWB-2567: Introduced configurable file appender for logback.xml 60e230fb
  • MWB-2571: Use full-fledged HTML parser to locate possible <img> tags inside HTML content 22f36c8e
  • MWB-2577: Com.openexchange.gdpr.dataexport.impl bundle does not start without additional configuration b7e8e048
  • MWB-2582: Do not transform transparent GIF images 4d9afa36

Removed

8.24.0 - 2024-04-03

Added

  • MW-2174: Make com.openexchange.user.contactCollectOnMailAccess and com.openexchange.user.contactCollectOnMailTransport config-cascade aware. 624c22e1
  • MW-2251: Added REST-API and job to create pre-assembled contexts. Expose metrics for currently existing pre-assembled contexts 66712325
  • MW-2261: Optionally Exclude Disabled Contexts in listcontext e48282e1

Changed

Fixed

  • MWB-2525: Fixed wrong imports in commons compress. Will be fixed upstream with 1.27.0 91d657d9
  • MWB-2545: Use correct variable to pass number of contexts to pre-assemble ebd3ee38

Removed

8.23.0 - 2024-03-07

Added

Changed

Fixed

  • MWB-2398: Periodically check and remove orphaned cookies referencing no longer existing sessions from requests 35ec1789
  • MWB-2420: Support parsing address string with multiple opening angles '<'; e.g. "<jane@nowhere.com>" c0c6edcf
  • MWB-2482: Avoid excessive HTML processing w/ Jericho HTML parser 814cb61d
  • MWB-2485: Specify core-mw chart resources limits and maxHeapSize ea29bf46
  • MWB-2496: Mitigate with possible java.io.IOException: Resetting to invalid mark when writing ZIP entries to file storage location. Added possibility to have ZIP archive compiled for a certain module being spooled to a local disk. 6a7d3d67
  • MWB-2497: Ensure schema option is not set for pre-assembled contexts 94b73757
  • MWB-2499: Add archive + schedule to mail/folder paths 89361c4a
    • This is necessary to support the permanent switch to these paths
  • MWB-2502: Add missing archive httpi api docu e6aea42e
  • MWB-2504: Fix personal parts not in quotes in email address e9593fd5
  • MWB-2509: Don't mess-up MIME structure by adding multipart/* parts through attachment API 343cb2f8
  • MWB-2511: Look-up draft mail by cached association if possible fd2421dc
  • MWB-2515: Better handling of aborted attachment upload when composing a mail 92f40134
  • MWB-2516: Track SMS provider implementation as optional service 1c027e50
  • MWB-2517: Upgraded MaxMind GeoIP Libraries (SCR-1349) f1b1f9be
  • MWB-2525: Update Apache Commons Compress library from v1.21 to v1.26.0 27f90d39 478d4606
  • MWB-2528: Release acquired connection as soon as possible (e.g. prior to loading file storage data) 2d6d4663
  • MWB-2531: Filter possible parent folder from subfolder listing 70a9d207 2440686f
  • MWB2503: Unmangle folder id before parsing it to int 9c3e089a

8.22.0 - 2024-02-07

Added

Changed

  • MW-2145: Use cluster map service throughout Middleware code 9bcfd1f9
  • MW-2216: Dropped AJP route and need for JSESSIONID cookie (and HTTP session respectively) 66647c56
  • MW-2226: Remove ignore action for unknown CU 3f1d0227
  • MW-2229: Use pre-assembled contexts on context creation 814bf8ea
    • SCR-1331: Added lean property com.openexchange.admin.usePreAssembledContexts
    • SCR-1332: Added table context_lock to configdb
    • SCR-1339: Added methods in 'com.openexchange.admin.storage.interfaces.OXUserStorageInterface' for using pre-assembled contexts
  • MW-2268: Change copyright headers back to Open-Xchange GmbH 6a15c8d6 c68c8e61 b4b7616f
  • MWB-2430: Don't retry deleting the same events repeatedly when clearing a folder dfaa4dbf
  • MWB-2466: Improved error message in case cryptographic functionalities are requested, but no appropriate features/modules (OX Guard) are installed/available de3b459b
  • OXUIB-2704: Apply requested range when merging results from 808821fa
  • Log some repeatedly occurring messages only once per day 0d141908 a8aea518 9fc93733
  • SCR-1340: Updated Jackson & Fabric8 libraries 11643ffe
  • SCR-1341: Added new lean property to possibly add Open-Xchange server information to HTTP responses 080a0c13
  • SCR-1343: Updated Netty libraries from v4.1.97 to v4.1.106 baa9755a
  • SCR-1344: Updated lettuce library from v6.2.6 to v6.3.1 4a61b713
  • Updated logback-extensions from v2.1.10 to v2.1.11 1c3444db 2807ac93
  • Updated Gotenberg image from v7.9.2 to v8.0.3 to a custom image without MS fonts and chart from v0.6.0 to v1.0.1

Fixed

  • MWB-2250: Send proper notification mail to user in case data export failed due to missing content in selected module(s) 3957b8c0
  • MWB-2311: Include events with unset TRANSP when loading overlapping events from storage 5bcc8210
  • MWB-2401: Send REPLY if comment is removed d8646ca8
  • MWB-2414: Use default object metadata when initializing CopyObjectRequest 3b991f6c
  • MWB-2420: Don't advertise empty address string on corrupt address 0d2475a5
  • MWB-2425: Improved SQL statement and added logging f42fe4d3
  • MWB-2434: Don't empty trash folder in "fire & forget" fashion if processing takes place through (AJAX) job queue. Orderly await completion then. 279bde05
  • MWB-2439: Ensure attendee comment is set on REPLY 50febc36
  • MWB-2444: Support for arbitrary settings in PodSpec is missing bb464b2a
  • MWB-2452: Specify reasonable timeout when checking for possible shared attachment folders or scheduled mail references c755a394
  • MWB-2456: More lenient insert into database on duplicate attempt 014115e3
  • MWB-2458: Properly apply UID conflict strategy d552d3bb
  • MWB-2460: Advertise proper error message to client on exceeded quota 18a5dd56
  • MWB-2461: Updated restricted scopes in "Drive Sync App" example 6a793fc4
  • MWB-2464: Restored "Upgrading Without Downtimes" article 92b32f13
  • MWB-2467: Use context id as fall-back if no context name set d358aead
  • MWB-2470: Adjust 'login2user' table when using preassembled ctx 6aea8bb2
    • SCR-1339: Added methods in 'com.openexchange.admin.storage.interfaces.OXUserStorageInterface' for using pre-assembled contexts
  • MWB-2471: No replacement of illegal Content-Id identifiers 9a70859a
  • MWB-2482: Avoid excessive HTML processing w/ Jericho HTML parser f04860db

8.21.0 - 2024-01-10

Added

  • MW-2118: Implementation: REST Interface for Log Configuration ed20e40d
  • MW-2119: Extend Log Configuration with "includestacktrace" and "socketLogging" 6776d5a2
  • MW-2190: New metrics for provisioning aspects (PluginInterfaces, storage- and API-calls) b0b135a6
  • MW-2226: Send CANCEL Message when Declining Party Crasher fb9fd9e1

Changed

Fixed

8.20.0 - 2023-11-29

Added

  • MW-1994: Introduced scheduled mail feature 318e13b9 40809864 1ca1ede2
  • MW-2056: "Forward" Appointments via Email 0372cb66
  • MW-2088: Additional Analyzers for the App Suite Advanced Routing Stack 4b5d6d31
    • MW-2112: Request Analyzer Implementation for Tokens Login and Drive Jump
    • MW-2135: Request Analyzer for "Advertisement" REST endpoint
    • MW-2133: Request Analyzer for Dovecot Push
    • MW-2136: Request Analyzer for config-related "Preliminary" endpoints
    • MW-2134: Request Analyzer for "Admin" REST endpoints
    • SCR-1302: Added context_id field to TokenLogin json response
    • SCR-1284: Add parameters to drive jump redirect for request analyzing
  • MW-2173: Add logging for writeable database access to non-local segments 6387936e
    • SCR-1309: Added lean property com.openexchange.database.logWritesToNonLocalSegments

Changed

Fixed

  • MWB-1730: Orderly check if organizer event copy is targeted by scheduling messages (2) cfd168d4
  • MWB-2328: Use proper MySQL v8 compatible syntax on user creation a86108c0
  • MWB-2354: Ordlery deal with shared folders from different owners with the same display name 50143d91
  • MWB-2358: Drop PRIMARY KEY prior to modifying column belonging to PK, then re-create PRIMARY KEY 6592349d
  • MWB-2360: Mailfilter module not accessible via OAuth (cherry picked from commit 49f1551cc56bbe06bf422a7a6dbeaabb50d38842) 552a0d3f
  • MWB-2366: Respond with "Search too complex" error if applying a wildcard pattern to a mail search expression takes excessively long 93eeba9b
  • MWB-2367: Use simple glob matching for file/directory exclusions, use guarded matcher for regex patterns sent by legacy clients a8f6643f
  • MWB-2368: Advertise "search_in_folder_name" and "search_by_term" for "infostore" database folders c00a21b0
  • MWB-2370: Propagate master changes only into exception events the user actually attends bafc8cd1
  • MWB-2372: Folder API requests are not working with "Application Specific Passwords" 99a61a51
  • MWB-2374: Orderly handle Unified Mail messages when examining a message for scheduling information e45cabd5
  • MWB-2376: Indicate correct part number in multipart upload to S3 f6e52b17
  • MWB-2380: Generate exception events as needed for unsolicited REPLYs to recurring event instances 0abda2b6
  • MWB-2382: Select proper recipient addresses on reply to own mails a9f10444
  • SAZ-4: Use singleton connection to user database for all write accesses eb0836a5

8.19.0 - 2023-10-24

Added

  • MW-2088: Middleware components for the App Suite Advanced Routing Stack
    • Added new bundles for the request analyzer feature (SCR-1241)
    • New properties for Segmenter Client Service (SCR-1277)
    • Upgraded the gson library from 2.9.0 to 2.10.1 (SCR-1266)
    • New REST endpoint exposed at /request-analysis/v1/analyze to analyze client requests and associate them with segment markers
    • Added first batch of request analyzer implementations covering the most common client requests
    • Introduced request-analyzer service role to deploy and scale conainers independently
    • Implemented segmenter client API to determine active site for a certain segment a2705aa2

Changed

  • MW-2094: Added the 'LastModified' and 'ModifiedBy' metadata to each Sieve rule. 5197be2a
  • MWB-2296: Only allow certain URI schemes for external calendar attachments (SCR-1307) 5277863a
  • MWB-2345: Enhanced logging, added fallback for missing response error code from auth server 3da0018d e2332e6a
  • Removed vulnerable lib sqlite-jdbc and provided needed dependencies by plain snappy-java lib 3d9e92d3
  • Updated core-mw chart dependencies and enabled read-only filesystem for gotenberg 075e07d3
  • Updated vulnerable lib commons-fileupload 1.4 to latest version 1.5 353845aa
  • Updated vulnerable lib jackrabbit-webdav 2.19.1 to version 2.21.19 408e8dd3
  • Updated vulnerable lib net.minidev:json-smart and (its dependency accessors-smart) 2.4.8 to version 2.4.11 3b7dae91
  • Updated vulnerable lib snakeyaml 1.33 to version 2.2. Depending libraries (e. g. jackson-*) required an update too d48c6679
  • Updated vulnerable okio-jvm 2.8.0 lib to latest 3.5.0 and cleaned up dependencies (added okio, updated okhttp + kotlin*, test dependencies) 0aae47f3
  • Removed default values for chart dependencies and link to source 9861882b

Fixed

  • MWB-2220: use existing functionality for secret properties 3e12ce12
  • MWB-2250: No success notification if there are no result files 263f92eb
  • MWB-2283: Don't try to assign a new category when moving to "general" category 10e99977
  • MWB-2296: Check potential UID conflicts for newly added attendees d075d98f
  • MWB-2297: Prefer display name for object permission validation errors 43e8d4b8
  • MWB-2300: Optimized moving folder (and its subtree) to trash 8ef3f975 0b68cc47
  • MWB-2309: Cross-check resource attendees when evaluating 'all others declined' flag in list responses 154ae880
  • MWB-2310: "infostore?action=upload" fails with "EOF" error on Appsuite 8 269accfb c2840ffa
  • MWB-2322: Probe for name of the function for geo conversion (3) 12d7d73f
  • MWB-2333: Sanitize broken/corrupt Content-Type string when parsing multipart content 22a9393b
  • MWB-2336: Aligned naming of settings to the ones used by UI 86bf97bd
  • MWB-2337: Ignore possible "NO [NOPERM]" response when issuing a METADATA command to retrieve deputy information from all IMAP folders 3ce1f58a
  • MWB-2339: Ensure privisioning related log properties are dropped once message has been logged 35022c92
  • MWB-2343: Preferably consider 'X-MICROSOFT-CDO-INTENDEDSTATUS' when parsing event transparency from iTIP 2e04a819
  • MWB-2349: Orderly display plain-text mail w/ alternative text parts baefd0a8 711ea55b
  • MWB-2352: More user-readable error message in case message flags cannot be changed due to insufficient folder permissions 91188e1e
  • Enhanced detection for images with data URIs 997ed5ff
  • MWB-2353: No global lock when initializing in-memory folder map f7fef269

Removed

8.18.0 - 2023-09-27

Added

Changed

Fixed

Removed

Security

8.17.0 - 2023-08-30

Added

  • MW-2016: added deployment role 'businessmobility' for USM/EAS deployments 01bfa6d

Changed

  • MW-2003: Handle Time Transparency of Appointments per User
    • Added transp field to attendee
    • Handle transparencies set via CalDAV clients 12aee31
  • SCR-1270: Updated Google API Client libraries 800dc9f
  • MWB-2259: Added more DEBUG and INFO logging for GDPR data export 39f74ae ab77d3e
  • SCR-1275: Upgraded MySQL Connector for Java from v8.0.29 to v8.0.33 76146ce

Fixed

  • MWB-2266: Extremely long-running requests are not terminated f9e86fc 4bce9cd e434d32 4f05fa1 cc0833b 38fea46 2be0655 d3bd8f2 f85638f d494263
    • Hard timeout of 1h for tracked requests of any kind & hard timeout of 60 seconds for mail compose related communication with primary mail backend
    • Introduced wait time for concurrent operations. If elapsed, the operation is aborted
    • Use Apache FreeMarker template engine with safe configuration
  • MWB-2242: Take over selected filestore id properly during user creation
    • SCR-1264: Update task to insert missing references into 'filestore2user' table 867b465
  • MWB-2249: properly disable context during filestore move 92e1649
  • MW-2094: Backwards compatibility for extra metadata in sieve scripts dfee773
  • MWB-2275: Yield cloned objects from Caching LDAP Contacts Access f4d0b36
  • MWB-2250: Added sanity check for Task Status. 1858544
  • MWB-2272: Explicitly LIST a folder once not contained in LIST "" "*" queried from IMAP server ab95588
  • MWB-2265: Prefer to use config-cascade-wise configured value for com.openexchange.imap.imapSupportsACL c01a70a
  • MWB-2274: Properly encode dynamically inserted part of LDAP folder filters 91fe39e
  • MWB-2277: Changed displayed error messages according to customer's suggestion 7754cad
  • MWB-2242: Corrected invocation for 'list_unassigned' in filestore 08481d7
  • MWB-2280: Reset attendee transparency on rescheduling 2f13573

Security

8.16.0 - 2023-08-01

Added

  • ASP-131: Implemented a MailExportService that converts e-mails to PDFs
    • SCR-1235: Introduced a new action to the 'mail' module for exporting mails as PDFs
    • SCR-1236: Introduced new properties for the MailExportService
    • SCR-1237: Introduced new properties for the CollaboraMailExportConverter
    • SCR-1238: Introduced new properties for the GotenbergMailExportConverter
    • SCR-1239: Introduced new properties for the CollaboraPDFAConverter
    • SCR-1240: Introduced a new capability to activate the PDF MailExportService 4d0de04
  • MW-2036: added contact collector documentation 5441175
  • MW-2073: Log any HTTP header 852548b
  • MWB-2238: allow to configure a purge folder for trash deletion
    • The property com.openexchange.imap.purgeFolder allows to configure a parent folder for renamed trash folder. If one of those folders is configured then the trash is not deleted by the middleware itself. f870dcc
  • Add missing configuration for new packages c8651ec

Changed

  • Improve markdown for core-mw chart 6518c42
  • MW-1862: Upgrade encrypted data dynamically during usage
    • Throw exception if legacy encryption is detected in CryptoService
    • Services/storages detect legacy encryption by this exception and recrypt secrets themselves (by using async task)
    • If shared item protected by secret with legacy encryption is accessed, use LegacyCrypto and log this event (not possible to recrypt here)
    • When users logs in, all items shared by him are collected and checked if secrets needs to be recrypted
  • SCR-1233: Update encryption for passwords of anonymous guest users d5843c4
  • MW-1840: Reworked the CryptoService
    • changed the encrypting algorithm to AES/GCM/NoPadding
    • deprecated the encrypt and decrypt methods with the old mechanisms
    • removed default salting - Now callers are responsible for their salts
    • introduced fallbacks for the old mechanics
    • MW-1894: moved CryptoUtil to c.o.java, replaced all instances of SecureRandom with the centralised version 7a3e3e5
  • MW-1861: Use Implicit Salt in CryptoService
    • Utilise argon2i for password hashing
    • Use the legacy crypto for the Key-based methods
    • Let the callers dictate the byte size for salt and iv
    • Use a 96bit key for IV
    • Re-create secure random after a specified amount of time
    • Use implicit salt and IV in CryptoService 2faf2ca
  • SCR-1252: Updated Netty NIO libraries from v4.1.89 to v4.1.94 8c7eb32
  • SCR-1247: Updated pushy library from v0.15.1 to v0.15.2 8365cff
  • SCR-1245: Updated metadata-extractor from v2.17.0 to v2.18.0 bd4e29c
  • SCR-1253: Updated lettuce library from v6.2.3 to v6.2.5 731ca0b
  • SCR-1246: Updated Google Guava from v31.1 to v32.1.1 1cbe1a4
  • SCR-1231: Updated OSGi target platform bundles 2a0ea4e
  • MWB-2208: Do log possible IMAP protocol errors while trying to acquire a part's content 8867c1b
  • SCR-1255: Updated Apache Tika library from v2.6.0 to v2.8.0 d19b0fc
  • SCR-1256: Upgraded Javassist to 3.29.2-GA 6a6ac84
  • SCR-1244: Updated htmlcleaner from v2.22 to v2.29 ee140df
  • SCR-1243: Updated dnsjava from v3.5.1 to v3.5.2 558227a

Removed

  • SCR-1254: removed support for content_disposition=inline and delivery=view parameter 5d8bfd4

Fixed

  • MWB-2258: Adjust 'credentials' table for enhanced crypto service
  • SCR-1267: Extend password columns in db to store encrypted passwords e6cdc21
  • MWB-2253: removed unused import 804a806
    • to fix not working imageconverter and documentconverter
  • MWB-2252: Keep possible HTML comment markers when examining CSS 62add69
  • MWB-2251: Prefer configured call-back URL regardless of df0ed24
    • applicable dispatcher prefix
  • MWB-2186: The upload of big files gets slower and slower (against MW 8.x) d55359b 0efa733
  • properly load reseller service on demand 3166ed3
  • MWB-2228: Move EventsContactHalo into com.openexchange.halo.chronos bundle 8171cd7
  • MWB-2221: Append additionally available plain text content to existent one 738b68c
  • MWB-2184: Add support for extraStatefulSetProperties and make use of ox-common.pods.podSpec 92f6ce9
  • MWB-2240: Don't output inline images as attachment 8de296c
  • MW-2203: Omit OS version for web clients fca25d2
  • MWB-2228: Move contact halo into com.openxchange.server bundle 691da48
  • MWB-2231: Confirmation buttons not working when inviting a person to a series exception 19f8753
  • MWB-2248: Pass proper range when querying messages from contained sub-accounts if Unified Mail f9c8829
  • MWB-2227: Attendee cannot be re-invited to occurrence of event series 553bb34
  • MWB-2233: Removed ulimit configuration from start script 128ba0b
  • MWB-2241: Lowered log level to DEBUG when moving active/idle sessions to first short-term session container 82938e9
  • MWB-2223: convert all images with CID for the html body c7776e1
  • MWB-2210: Consider virtual folders when getting attachments through chronos module d992d75

8.15.0 - 2023-07-05

Added

  • MW-2045: Introduced separate bundle for parsing a schedule expression and for initiating periodic tasks. Refactored database clean-up framework to have a "maintenance" window, in which execution of general clean-up jobs is permitted. It also accepts custom clean-up jobs having their own schedule. 8b9bb19
  • MW-2020: Dedicated simple HTTP liveness end-point for early access to liveness check & await availability of database during start-up a476d76
  • MW-1084: Added support for segmented updates with OIDC 2277d3a
  • MW-2073: Log any HTTP header6bdd0d5

Changed

  • MWB-2212: Allow specifying deferrer URL with path cab25e7
  • MWB-2200: Output JSON session representation if it becomes too big 118f0db
  • MWB-2059: Improved access to queried message range in case IMAP server does not support SORT capability fffe20c
  • DOCS-4766: Include pdftool from docker image 4d9d0ad
  • Enhance session representation managed in Redis storage by user database schema 3798214
  • Enhance session representation managed in Redis storage by segment marker (that is the target database schema by now) c008e24
  • MWB-2214: Improved error handling in case a javax.mail.FolderNotFoundException occurs eb5a9f1

Fixed

  • MWB-2193: missed to remove deprecated servlet path to admin API.
    • removed servlet path registration for obsolete path
    • removed obvious parts related to AXIS2 017321e
  • MW-2050: Refactored message alarm delivery worker to orderly use database locks c99b0b5
  • MWB-2130: Try to perform hard-delete by delete-through-rename db8afce
  • MWB-2182: Fixed typo "(E|e)xcpetion" in code b054b35
  • MWB-2130: Try to perform hard-delete by delete-through-rename 54ac301
  • MWB-2201: Do translate standard folders of secondary accounts as well b549cf4
  • MWB-2196: Pay respect to order parameter when sorting contacts by special sorting 1db09a3
  • MWB-2168: Support AWS S3 IMAP role using AWS_WEB_IDENTITY_TOKEN_FILE environment variable 2b35ea82d9ad76
  • MWB-2187: Add necessary imports 61dd61e 51eb12f
  • MWB-2181: Fixed possible null dereference 15519ca f059c8d
  • MWB-2187: Assume configured IMAP host for IMAP authentication does not need to be checked against blocked hosts (see com.openexchange.mail.account.blacklist) 0971c88
  • MWB-2189: Orderly close database statements 083f2c3
  • MWB-2199: Mention the affected YAML file if an invalid format is detected 1b4a086
  • MWB-2178: Handle possible null session on account retrieval 357cc79
  • MWB-2045: Omit specific OS version for macOS clients (2) 78a60c1
  • MWB-2194: Fixed typo in property description b71221f
  • MWB-2179: Orderly handle iTip request without method 58fbf02
  • MWB-2180: Check for possible null return value when looking-up a user with invalid user identifier 44c3ede
  • MWB-2185: Use SMTP default settings when changing a user's assigned SMTP server d1c73cb
  • MWB-1764: Don't check against blocked hosts/allowed ports when obtaining status for subscribed mail accounts 2e7f30a
  • MWB-2214: Try to re-open folder in case a javax.mail.FolderNotFoundException occurs (IMAP folder not LISTed, but SELECTable) d60a70c

8.14.0 - 2023-06-06

Added

  • MW-1545: Option to hide own Free/Busy time
    • Users can now configure whether their free/busy data is exposed to others (values all, none, internal-only)
    • Appointments that are visible by other means (shared folder, common participation) continue to be visible
    • Default value of setting is all, configurable and protectable (SCR-1197), and exposed to clients in JSlob (SCR-1198) e5d91c8
  • MW-1981: Added caching to the resource storage ed81544
  • SCR-1213: Introduced event flag 'all_others_declined' to indicate if one might be alone in a meeting ae51f2c

Changed

  • MW-2007: Remove man pages from image 85e335d
  • SCR-1219: Upgraded JSoup library in target platform (con.openexchange.bundles) from v1.15.3 to v1.16.1 4d3cbc5
  • INF-173: Disable open-xchange-dataretention-csv by default 9048c7d

Fixed

  • MWB-2160: Avoid excessive parsing of E-Mail addresses possibly containing CFWS personal names; e.g. &lt;bob@example.com&gt; (Bob Smith) 2fb55a6 2ed855c
  • MWB-2150: Don't expunge messages from POP3 storage that could not be added to backing primary mail storage 6cf89a7
  • MWB-2156: Make DAV UserAgents configurable
    • Also add the new user agent part dataaccessd to properly recognize the Mac Calendar clients
    • Introduced new com.openexchange.dav.useragent.* properties, see also SCR-1220 for details e46c9a6
  • MWB-2158: Allow all folder names for iCAL feeds 94c0f36
  • MWB-2149: Prepare refreshing of subscriptions in a blocking manner to avoid having underlying HTTP being being recycled 1bb9343
  • MWB-2171: Split orphan instances on import 2db7d02
  • MWB-2167: Offered parameter and config option for sanitizing CSV cell content on contact export 8b1d684
  • MWB-2137: Unable to Delete Contacts Account if Implementation Missing 883b9bd
  • Redis Session Storage: Use tags to differentiate between common and brand-specific session metrics 6655f6f
  • MWB-2144: Disabled Hazelcast-based session test since Hazelcast has been replaced by Redis cab9736
  • MWB-2161: Allow relative paths in yaml file names 9dd17f3
  • MWB-2162: Limit number of considered filestore candidates to a reasonable amount when determining the filestore to use for a new context/user eb9e0ca c9b4b4d
  • MWB-2139: Check a session's origin for both - guest and application-specific authentication - prior to validating mail access' authentication data 43229c2
  • MWB-2153: Test for application/x-pkcs7-signature as well as application/pkcs7-signature e99052d
  • MWB-2165: Keep quotes in local part of an E-Mail address when extracted from ENVELOPE fetch item afdece9 57df52f
  • Prevent invalid Resource Names for new CalDAV Collections c7fae63
  • MWB-2143: Accept harddelete parameter to let client instantly delete a previously opened composition space ec80711 8ad2a99
  • MWB-2159: Avoid unnecessary error in case of attempting to remove an already dropped session a9e1914 c4ef016
  • MWB-2138: DAV file upload fails with redis session storage 364df81
  • MWB-2149: Prepare refreshing of subscriptions in a blocking manner to avoid having underlying HTTP being being recycled e5da60b
  • MWB-2164: Use header for authorization instead of query string 4634856
  • MWB-2150: Follow up, reset parameter index before re-using 6370ec6
  • MWB-2145: NumberFormatException on partial file upload 1feeed1

8.13.0 - 2023-05-03

Added

  • MW-1909: iTIP Analysis and Apply actions for Resource Notification Mails
    • Scheduling mails to/from booking delegates of managed resources are sent as iMIP messages
    • Introduced additional header X-OX-ITIP for quick identification of such mails, obeying unique server id (MW-1405)
    • Existing iTIP analysis and apply workflows were extended accordingly
    • Consolidated notifications and scheduling messages and their transport providers
    • Introduced property com.openexchange.calendar.useIMipForInternalUsers to switch to full iMIP messages for internal receivers generally (SCR-1191) 91c0491
  • MW-1908: Send Calendar Notifications to Resource Owners
    • Booking delegates now receive mails upon new, modified, deleted events with the resource
    • Organizers now receive mails upon replies for their booking requests
    • SENT-BY property of originator/recipient as well as mail's From / Sender header are set appropriately c9b28c4
  • MW-1405: Introduced a unique server identifier d891c9d

Changed

  • MW-1913: Changed mail push config to prevent multiple notifications
    • SCR-1158: Added toggle switches for mail push implementations, made existing properties reloadable 6156818

Deprecated

Fixed

Security

8.12.0 - 2023-04-03

Added

Changed

  • MW-1864: lost and found tests
    • fixed, refactored or deleted several tests
    • refactored SoapUserService and linked classes
    • deleted outdated indexedSearch 7f57ae9
  • MW-1516: Use IDBasedContactsAccess for CardDAV
    • SCR-1145: Refactored CardDAV to use IDBasedContactsAccess
    • SCR-1146: External contacts providers are now synced via CardDAV 50a0416
  • Refactored to have gnu.trove as a bundle in target platform 0ebe8ff
  • MW-1947: Updated vulnerable libraries
  • MW-1955: Hand-through possible Redis connectivity/communication errors to client during runtime & probe Redis end-point until available during start-up aae4f1c
  • MW-1955: Disable max. number of sessions by default for Redis session storage 1b65ceb
  • MW-1947: Updated vulnerable libraries cb95cbe
  • MWB-2059: Removed corrupt sort by UID d316136
  • MWB-2059: Fast sorting by IMAP UID in case sort by received date (INTERNALDATE) is requested 776449b
    • Moved JCTools as bundle to traget platform & updated it from v3.3.0 to v4.0.1 06f7328
    • Refactored to have gnu.trove as a bundle in target platform e6bf595

Fixed

  • MWB-1982: Timeouts for external content do not cancel the connection
    • The fix allows to interrupt client connects and InputStream reads by having hardConnectTimeout and hardReadTimeout parameters that are used for external connections
    • Defaults to 0 (disabled)
    • The following services have a defined default of 120000 for 'hardReadTimeout' and 30000 for 'hardConnectTimeout': autoconfig-server, davsub, icalfeed, rssfeed, snippetimg, vcardphoto 63b60eb
  • MWB-2040: Concurrency issue when moving a touched session to first session container. The moved session might not be "visible" for a short time. 52069a4
  • MWB-2061: Organizer URI not preserved when creating Appointment 7b3e574
  • MWB-2094: Yield a modifiable list instance from messages to copy 3aacd7a
  • MWB-2056: Include all overridden instances in scheduling object resource 3bd7550
  • MWB-1975: start report generation in parallel to task generation 72047d7
  • MWB-2101: Unnecessary Data Retrieved from Filestore when Serving d262bd1
  • MWB-2081: Check table existence prior to deletion attempt (and recognize if developer accidentally passed the cause as last argument) 2372064
  • MWB-2054: Auto-delete guests when owner of per-user filestore is deleted (SCR-1193) a296656
  • MWB-1985: delete all tasks in folders owned by deleted user 5f26d66
  • MWB-2055: Skip unrelated events when iterating events needing 98b8140
  • MWB-2086: Potentially malicious SQL injection when using full-text autocomplete 408fcda
  • MWB-2022: Generate a generic error response providing SMTP server response information in case an SMTP error code occurs while attempting to send a message 0d43966
  • MWB-2091: Mark each messages of a multiple mail forward as forwarded 2cde555
  • MWB-2089: Quite old 3rd party library uses weakly accessible sun.nio.ch package. User newer library making use of up-to-date JRE tools instead. 4ff5296
  • Fixed reading alias from settings 840d937
  • MWB-2080: Added details about 'baseDN' setting in LDAP client configuration 7668409
  • MWB-2058: Populate 'uuid' column when registering a new server as 692222c
  • MWB-1982: Timeouts for external content do not cancel the connection 75086ca

Security

8.11.0 - 2023-03-08

Added

  • Generic watcher for input stream read processes 85699c6 fd49709 b8dcbad 129749c
  • Added possibility to filter mail drive files 651999c
  • MWB-1959: added possibility to filter http api metric labels a75d3e0
  • Support hard timeout for processor tasks 8f1b1b9
  • SCR-1190: Added property accepting to define a timeout in milliseconds when reading responses from IMAP server after a command has been issued e2ef0ef 023c13c 6e81751
  • Add missing packages to cloud-plugins helm definition 935005a

Changed

  • Updated shipped VTIMEZONE resources 4fd83de
  • MWB-2049: Ensure no wrong push match has been determined for a certain push notification 307d766 f314ec7 ad17da7 cfc57a8 9564229 5dadcfb 508879f 70efa61
  • MWB-2063: Lenient parsing for DTSTAMP property 6401516
  • MWB-2039: Improved concurrency when loading time zone information 2ac192a
  • MWB-2059: Let /mail?action=all end-point support "allow_enqueue=true" parameter 70cf31d 273c592 c7b656f
  • MWB-2040: Added some logging and introduced a session-list mutator lock c625aef 702e171 845d03c e6938e0
  • MW-1964: optimizations referring to spectral findings a9ba5ed
  • MWB-1845: Ensure a reasonable size for buffers, which will be allocated for writing data to a connection b47f248 679df5a
  • Use only one AtomicLong to generate request number 8f34cbc
  • Uses timestamp to generate a unique name for the pre-update job so the helm chart can be applied multiple times in a row if needed. Also adds a (configurable) ttl to expire the job after 24hrs. cfcb71a
  • MWB-2061: Prepare entity processor decoding for internal organizers 270fe7e
  • Upgraded logback-extension to 2.1.5 eed8bf3
  • MWB-2031: Accept new property to disable black-listing of end-point for which an I/O error or HTTP protocol error was encountered 8efbc56
  • MWB-2039: Set missing log message argument d3fd63a
  • Assume property "logback.threadlocal.put.duplicate" is "false" by default to use concurrent MDC property map 6d84989

Removed

Fixed

  • MWB-2054: Auto-delete guests when owner of per-user filestore is deleted (SCR-1193) eaec0e9
  • MWB-2048: Limit accepted POP3 server response to reasonable length/size 478b986
  • MWB-1877: Avoid DNS rebinding attacks where possible (check against possible block-list on connection establishment) 2bf40e2
  • MWB-2038: Respect possible IPV4-mapped IPv6 addresses when checking if contained in a block-list e4566e4 3a97e40
  • MWB-2047: Limit accepted IMAP server response to reasonable length/size 9033774
  • MWB-2037: Drop FOREIGN KEYs from several Groupware tables 8a5ac87
  • MWB-2057: Add XCLIENT extension support for sieve b5e1320
  • MWB-2046: Limit accepted SMTP server response to reasonable length/size 1f8c5e2
  • MWB-1395: Introduced limitation for number of queued image transformation tasks 9c17e53
  • MWB-2020: only apply sanitizing to certain fields ac8c67c
  • MWB-2019: Sanitize non whitespace control character 5e1bf5d
  • MWB-2025: Fixed avoidable exception on DEBUG logging dd4514a
  • MWB-1967: Don't set i18n name for public IMAP namespace if there are multiple ones configured d26a8a5
  • MWB-2071: Indicate conflicting calendar object resource in different collection via CALDAV:unique-scheduling-object-resource precondition 3e20448
  • MWB-2041: Fixed "file not exists" errors for single shared files c95b330
  • MWB-1790: Orderly complain about missing command-line arguments b0a4cf9
  • MWB-2068: Orderly accept connect parameters when updating a mail account's attributes f78c307
  • MWB-2069: Yield "unsupported" result when analyzing links pointing to own shares 1dbc012
  • MWB-2030: Orderly set session- and share-cookie when resolving share link 212bed8
  • MWB-2044: Only update folder last-modified if permissions are sufficient f14cf42
  • MW-1778: Added missing annotation 7b29de7

8.10.0 - 2023-02-08

Added

  • MW-1910: Extended "needsAction" action to include Delegated Resources
    • Lookup for events needing action is now also done for attendees the user has delegated access to (resources and other users)
    • Introduced new parameter "includeDelegates" for "chronos?action=needsAction" (SCR-1162)
    • Adjusted method signature of "getEventsNeedingAction" throughout chronos stack (SCR-1163) 546c406
  • MW-1898: On-behalf management for Managed Resources
    • Actions 'updateAttendee' and 'update' in module 'chronos' can now be performed on behalf of a resource attendee
    • This can be indicated by targeting the virtual resource folder id
    • Added 'own_privilege' into 'resource' model to reflect the user's scheduling privilege for a certain resource (SCR-1154)
    • Participation status of managed resources will now be 'NEEDS-ACTION' if confirmation is pending
    • Initial hooks for subsequent notification messages are prepared ca32f9c
  • MW-1944: New Action "getRecurrence" in Module "chronos"
    • Clients can now discover whether a change exception is considered as rescheduled or overridden
    • Introduced new action "getRecurrence" in Module "chronos" (SCR-1166)
    • Added corresponding "getRecurrenceInfo" implementation throughout Chronos stack (SCR-1167) 2ff537d
  • MW-1931: Extended provisioning for managed resources
    • SCR-1161: Extended SOAP provisioning interface for managed resources 5af1d63
  • MW-1969: Accept "mail" as original to add attachments to a composition space referring to file attachments of existent mails #2 599a83d
  • SCR-1181: New Properties to Control 'used-for-sync" Behavior of Calendar Folders 821254b
  • INF-80: Activate additional languages in default App uite 8 installations b186a1d
  • MW-1969: Accept "mail" as original to add attachments to a composition space referring to file attachments of existent mails fdbd9d6
  • MW-1888: Upgraded Socket.IO server components to support Engine.IO v4 and Socket.IO v3 512d654 (https://gitlab.open-xchange.com/appsuite/platform/core/commit/0cb2b2f041236ea8c90b1e5863d8bf922f14a442) 57f4869

Changed

  • MWB-2024: Upgraded logback-extension to 2.1.4
  • MW-1912: Allow multiple Password-Change Services 0ad74d8
  • Fixed new warning since Eclipse 2022-06 "Project 'PROJECT_NAME' has no explicit encoding set" 05797c1
  • MW-1957: referring to RFC5455-3.8.5.3, shift start/end date of recurrence master to the first occurrence 1ef8fd9
  • Don't build log message if log level does not fit #2 35ba26f
  • MWB-1970: Use active database connection when loading enhanced entity data for events 5e20d9b
  • MWB-1970: Don't advertise 'count' capability for database-backed folders cdc6973
  • MWB-1970: Maintain cached list of file storage account identifiers per service 9d8a301
  • MWB-1970: Use active database connection when loading enhanced entity data for events (2) 7efa8fc
  • Added special HTTP protocol exception signaling that a certain URI is denied being accessed 0200041
  • Enrich calendar results with contact details for internal organizers if requested via 'extendedEntities=true' e5950b7
  • MW-1830: Generation of mandatory Secret Values through Helm Chart 9dbb102
  • Indicate 'optional' participants in notification mails e1b31f0
  • Fixed logging & some thread visibility issues 8fa7246
  • MWB-1991: upgraded micrometer from 1.5.1 to 1.10.3 63d112c
  • MWB-2001: Added logging for periodic attachment storage cleaner 55cc090
  • Use thread-safe classes b606631
  • MW-1985: Improve DB warning/error logs 9945242
  • Removed unused Apache POI library from JavaMail bundle f42b86d
  • Fixed some issues announced by Eclipse IDE e1b054b
  • Improved logged error message 9417579
  • Removed remnants cb9b85d
  • Resolved warnings 9778c66 ba04ee4 9fea797 5781986 2dbdc9d 06e0f60 2f2a31f 5e6de37 d206ac0 cf2ad17 e48753a
  • Don't build log message if log level does not fit #3 b55c826

Removed

  • MW-1946 - removed org.apache.tika (and com.openexchange.textxtraction). The required functionality is now provided through the new bundle com.openexchange.tika.util f7076fa
  • MW-1930: Removed direct links from notification mail a2e29a9
  • Removed obsolete test 3733b38

Fixed

  • MWB-1983: Limit line length and header count when fetching HTTP headers of an HTTP message + Replaced usage of java.net.HttpURLConnection with Apache HttpClient where necessary 1d12911
  • MWB-2026: Try to handle possible connection loss errors during mail export operation 6ff82b6
  • MW-1840-8x-patch: Encrypt with old engine, try decrypt with new if possible 0f8a3f3
  • MWB-1999: impp type other than work or home is set properly e3f0d3c
  • MWB-2023: Fixes to pre-update job for installations with multiple complex roles c0bf897
  • MWB-2021: Return proper value for "com.openexchange.subscribe.subscriptionFlag" on folder retrieval 0d186b1
  • MWB-2027: Specify missing error message argument on SQL error beb2904
  • OXUIB-2162: wrong translation for calendar change 23ff72e
  • MWB-1997: API access not fully restricted when requiring 2FA bd67a4e
  • MWB-1983: Limit line length and header count when fetching HTTP headers of an HTTP message + Replaced usage of java.net.HttpURLConnection with Apache HttpClient where necessary #2 c0e345b
  • MWB-2005: Fixed retrieving RSS feed fc07069
  • MWB-2028: Fixed look-up of attachments in case IMAP message has TNEF content 5934db4
  • MWB-2008: Don't allow to access snippets/signatures from other users if not shared 00957b4
  • MWB-1991: properly remove metrics in case pool is destroyed 38286d9
  • MWB-2020: added sanitizing to filter rules + improved the sanitizing regex 21ca22e
  • MWB-1981: properly check returned ical size 5bea149
  • MWB-2025: Fixed avoidable exception on DEBUG logging cf950d6
  • MWB-1939: Print exposure time as fraction if possible 8de8cb3
  • MWB-2006: use owc only on feature branches 65b1aa9
  • MWB-2007: Only set "domain" parameter when dropping a cookie if value is considered as valid: Not "localhost". Not an IPv4 identifier. Not an IPv6 identifier 22f9029
  • MWB-1928: Only check usage (space capacity) of destination storage when moving from user-associated file storage to context-associated one since no entity assignment takes place #2 f76537b
  • MWB-2036: Do escape column names when building database statements for context move 89c9a1f
  • MWB-1991: adjusted 3rdPartyLibs.properties 0fa654a
  • MWB-2021: Return proper value for "com.openexchange.subscribe.subscriptionFlag" on folder retrieval (2) a1775e7
  • MWB-2000: Only query fields necessary to construct contact image URI 10856cc
  • MWB-2010: Set correct compression level for data exports fb07ee6
  • Fixed importing and exporting the same package db5cd45
  • MWB-2000: Only query fields necessary to construct contact image URI (2) 96bfe2d

8.9.0 - 2023-01-10

Added

  • SCR-1174: New Property 'com.openexchange.resource.simplePermissionMode' d48c9fc

Changed

  • Refactored context restore for better readability and maintenance 197a237
  • Change for MWB-1962: Upgraded Hazelcast from v5.1.2 to v5.2.1 bfe140b
  • IMAP: Check via ID command if IMAP server appears to be a Dovecot server f639fa4
  • Avoid unnecessary creation of byte array when outputting thumbnail content to client 6777845
  • Avoid unnecessary SELECT statement and use "INSERT ... ON DUPLICATE KEY UPDATE" instead 1b47613 a4f414d
  • Direct initialisation of "AttributeChangers" instances 6c4bf47
  • Use singleton w/ dedicated initialisation/dropping 48accd9
  • Thread-safe collection 48d858c
  • Use proper URL for HttpContext when trying 2nd time 2984c65
  • Use singleton w/ dedicated initialisation/dropping #2 edeff71
  • Removed unnecessary variable 749e77b
  • bump helm chart version
    • This is for the new configurable helm chart deployment type 0cf0eb3
  • Cache as immutable set 0033fd3

Removed

  • removed unnecessary join (to be compatible with guest users) d46976c

Fixed

  • fixed some variables in the translation 26065e5
  • MWB-1947:
    • Introduced map for storing/managing state during authentication flow
    • Added property com.openexchange.oidc.mail.immediateTokenRefreshOnFailedAuth to enable/disable immediate refresh of OIDC OAuth tokens on failed authentication against mail/transport service
    • Implemented immediate refresh of OIDC OAuth tokens in case of failed authentication against mail/transport service 276670e
  • MWB-1966: Use proper error code to advertise resource exceptions to client 0e2e389
  • MWB-1995: Check if distribution list members are accessible prior to adding them #2 8beba6a
  • MWB-1963: More reasonable default value of 2GB (2147483648 bytes) for com.openexchange.servlet.maxBodySize property, which now effectively limits file uploads (no chunked HTTP upload anymore due to omission of Apache Web Server that is replaced by Istio). Moreover, introduced new property "com.openexchange.servlet.maxFormPostSize" with default value of 2MB (2097152 bytes) to have a dedicated property to control max. size for form data sent via POST. bd6fe39
  • MWB-1972: Correctly indicate resource type in principal resources 1ef0a13
  • MWB-1995: Check if distribution list members are accessible prior to adding them 153909b
  • MWB-1936: Revisited transport checks 8542d55
  • MW-1989: Don't let delete operation fail upon malformed change exception data while tracking changes 3d47d7e
  • MWB-1985: properly handle public tasks folder in case no-reassign is set 036afcc
  • MWB-1984: Prefer address from EMAIL parameter when deciding if iMIP mails from iCloud are considered as 'known' sender 543dbcc
  • Change for DOV-4625: Detect missing space character in case of corrupt NIL value for PREVIEW fetch item; e.g. "PREVIEW NILUID 1" d2ca600
  • MWB-1956: Apple Mail flag taken over even though Open-Xchange color flag has been explicitly set to NONE 9f18684
  • MWB-1964: Let guest inherit sharing user's filestore if applicable e82657b
  • MWB-1961: throw proper error in case user is missing d682bf8
  • MWB-1934: Don't allow empty "From" address on mail transport e64de8a
  • MWB-1820: only removes guests in case of real failures 110596f
  • MWB-1971: improved matching of distribution list members 1218c53
  • MWB-1851: Return proper folder identifier when saving draft to POP3 account 05e59fc
  • MWB-1951: Use unicode address to resolve mail recipient 7fb1c8c
  • MWB-1986: Fixed SQL error in SELECT statement (Mixing of GROUP columns (MIN(),MAX(),COUNT(),...) with no GROUP columns is illegal if there is no GROUP BY clause) 91105d0
  • MWB-1978: Prevent changes of object id when generating delta event 7de23e6

8.8.0 - 2022-12-14

Added

  • MW-1857: Option to disable SMTP for 3rd party Mail Accounts a6d5a0b
    • Added a new middleware property com.openexchange.mail.smtp.allowExternal which defaults to true
    • Utilise that property to filter the transport details in the mail account POJOs
    • Introduced a new read-only JSLob entry under io.ox/mail//features/allowExternalSMTP which reflects the middleware's property
    • Forbid sending mail from an external SMTP server as long as the setting is set to false
    • Forbid creating/updating mail accounts with transport information as long as the setting is set to false
    • Added a new warning for preflight/validity checks which reflect this
  • MW-1831: Push configuration for macOS drive client d2a9903
    • SCR-1157: Introduced properties for macOS client push notification configuration
  • SCR-1165: Added options to specify socket read timeout when applying filter to existent messages 53f3023
  • MW-1938: New Templates and Examples section for documentation and adapted jenkins workflow to dynamically point to the correct version of the files 11bbcbc

Changed

  • MAL: Enhanced MSG-1016 error code by actual connect timeout value e194eb1
  • Mail Auto-Config: Let auto-config attempt fail immediately in case login attempt encounters failed authentication due to wrong credentials/authentication data f1fea90 45b68d0
  • MWB-1943: Apply consistent configuration to mail auto-config as used when connecting to the account during runtime 1d682ef
  • Don't build log message if log level does not fit 4b55202
  • MW-1941: Updated and re-structured documentation 373dce4
  • OXUIB-2066: Propagate configured mail fetch limit via JSlob under "io.ox/mail//mailfetchlimit" 895d606
  • Database: Utility method to re-execute DB operation on transaction roll-back error bb47eab
  • MW-1904: Adjust for Reserved Words in MariaDB 10.6 d713340
    • Using back-ticks in SQL statements to handle new reserved words in MariaDB 10.6
    • Only the keyword OFFSET had to be adjusted in SQL statements
  • Don't build log message if log level does not fit #2 37dd1ad
  • JavaMail: Optimized creation of FetchResponse instances through remembering if RFC8970 "PREVIEW" capability is advertised by IMAP server cb17cd5
  • MAL: Enhanced "MSG-1016" error code by actual connect timeout value #2 c108082
  • MWB-1909: Extended information in case an error occurs 470911d

Fixed

  • MWB-1902: Use localized display name for groups towards clients 27f0a50
  • MWB-1857: Incomplete response when requesting /infostore?action=list 0d4ddce
  • Change for OXUIB-2067: Avoid alternative MIME part look-up by Content-Id in case no such part is contained in IMAP message's BODYSTRUCTURE information 49f3b9e
  • MWB-1944: Don't cache user-sensitive non-file-backed properties e7d0385
  • MWB-1904: Properly indicate 'DAV:need-privilege' precondition with HTTP 403 for PUT requests w/o sufficient privileges 65e64e6
  • MWB-1940: Only inject a valid image URI into mail body's HTML part if such an inline image seems to exist in parental mail d70ce12
  • MWB-1887: Delete folders chunk-wise to avoid excessively big database transaction 244847d
  • MWB-1901: Disable usage of XCLIENT SMTP extension by default 4452098
  • MWB-1948: Perform alternative SASL long against SMTP server if initial response exceeds max. line length of 998 90b9477
  • MWB-1899: Accept escaped wild-card characters in search pattern 141e691
  • MWB-1912: aligned checks with documentation 8de34a9
  • USM-36: Re-introduce CUD actions e83189b
  • MWB-1928: Only check usage (space capacity) of destination storage when moving from user-associated file storage to context-associated one since no entity assignment takes place 06f177b
  • MWB-1909: Handle possible NULL result value when querying counts a64eb82
  • MWB-1950: Do not check the user while resolving mail recipients in recipientOnly modus 263a2b5
  • MWB-1929: Remove sessions from remote nodes during backchannel logout synchronously 82d4253
  • Fix connection leak in test clients a415e8e
  • MWB-1931: Don't allow empty passwords d506a00
  • MWB-1944: Don't cache user-sensitive non-file-backed properties eb74ebf
  • MWB-1887: Don't forget to finish Infostore instance f1d4fc4
  • MWB-1923: Avoid premature closing of attachments a9a5174
  • Use proper fall-back for "com.openexchange.imap.folderCacheTimeoutMillis" setting 87d9b67
  • MWB-1941: Deleteuser fails with invalid CU 035a397
  • MWB-1949: fixed wrong option within the documentation of the command line tool 357d263
  • GUARD-391: Split lines only on newline during normalization 8873cfd

Security

8.7.0-8.7.19 - 2022-11-11

Added

  • MW-1877: Permissions for Resources
    • Introduced resource scheduling privileges 'ask_to_book', 'book_directly' and 'delegate'
    • By default, group 0 has 'book_directly' privileges for each resource("unmanaged mode"), unless defined differently ("managed mode")
    • Extended resource model by a corresponding permissions array, storing privileges per entity
    • HTTP API is adjusted accordingly (SCR-1154)
    • New database table resource_permissions to store resource privileges of users/groups (SCR-1153) 4de788f
  • MWB-1871: added possibility to parse images of nested messages
    • Added new lean property com.openexchange.mail.handler.image.parseNested with defaults to true b42dfec
  • MW-1903: introduced CORE_TEST param to Jenkinsfile 6a4a0ba
  • MW-1507: Calendars for Resources
    • Introduced virtual folder identifiers for resource calendars (SCR-1149)
    • Folder ids can be used in typical "chronos?action=all" requests to get the contained events, actions "advancedSearch", "get" and "list" are supported as well
    • Events returned under the perspective of a virtual resource folder will also have this virtual identifier assigned within the folder field
    • The requesting user will either get all details of an event in a resource folder, or only an anonymized version - depending on whether the event is visible for the user in another folder view or not. 6fbc61a
  • MW-1792: Allow changing of "includeSubfolders" flag through link permission entity e326340

Changed

  • Minor changes for mail auto-config 8221066
  • MWB-1901: Do not issue XCLIENT command if no XCLIENT parameter is supported c915650
  • MWB-666: Send "431 - Request Header Fields Too Large" HTTP error response instead of "400 - Bad Request" when HTTP packet header is too large a7cc43c
  • JavaMail: Check appropriate capability "SEARCH=X-MIMEPART" prior to performing a file name search 3cc2ce8
  • OXUIB-2025: Added support for TEXT search term to filter messages that contain a specified string in the header or body of the message f775905
  • OXUIB-2025: Added support for TEXT search term to filter messages that contain a specified string in the header or body of the message #2 910eb69
  • MW-1915: Migrated helm lint/publish and docu build/publish to jenkins 391bc2b
  • MW-1813: New approach for centralized version information cf6d801
  • MWB-1826: Added some logging 49c0b33
  • MWB-1891: Don't validate distribution list member's mail address during user copy e3c0f22
  • MW-1914: Extend Webhook integration for Jitsi Conferences
    • Renamed Switchboard Packages and Bundles (SCR-1151)
    • Adjusted Switchboard Configuration (SCR-1152)
    • Implemented new interceptor for conferences of type "jitsi"
    • Transformed switchboard calendar handler into a handler for a generic webhook target 0593a47
  • INF-30: Use globally configured appRoot 16853d6

Removed

  • Removed c.o.dav.push leftovers 4369c69
  • Removed c.o.mail.authenticity leftovers c753f59
  • Removed c.o.oauth.linkedin leftovers 638988b
  • Removed c.o.halo.linkedin leftovers 121f054
  • Removed c.o.subscribe.linkedin leftovers 01d80d1
  • Removed c.o.mail.authentication leftover 2a846b0
  • Removed no more required folder d57ee8c
  • Removed no more required folder 1a482ee
  • Removed obsolete o-x-test-bundles dd513de
  • Removed c.o.printing leftovers a2f7b3e
  • Removed no more required folder 5ee810f
  • Removed redundant/obsolete folder implementations 102032c

Fixed

  • MWB-1907: Restored previous SOAP behaviour by accepting individual parameters instead of a wrapping parameter object d1c2de4
  • MWB-1876: Check redirect location against blacklisted hosts when creating an iCal subscription. e219389
  • MWB-1911: Do not require deputy service in case user replies to a message residing in a shared mail folder 4377dff
  • JavaMail: Add the ability to the API consumers to load the API implementations by using a different protection domain when the API is used with security manager enabled 12f4647
  • JavaMail: Implement equals() and hashcode() on jakarta.mail.Header (#597) 8294cf2
  • MWB-1908: Keep remembering OIDC -> OX session id mapping in state after auto-login c11a94d
  • JavaMail: j.m.u.FactoryFinder.factoryFromServiceLoader needs PrivilegedAction #621 (#622) 83d9c14
  • MWB-1909: Adjusted queries issued by datamining tool to obey MySQL's ONLY_FULL_GROUP_BY mode a4e293e
  • JavaMail: Fix630 2 (#633) 75b7136
  • MWB-1893: Don't let delete operation fail upon malformed change exception data while tracking changes 78615b9
  • MWB-1887: Fire events with a separate thread avoiding unnecessary occupation of deletion-performing main thread 0cbd10c
  • MWB-1887: Allow /folders?action=clear being performed as enqueuable operation cc226a7
  • MWB-1898: Added documentation examples for mapping context-/user-id properties to LDAP attributes properly 3be7f84
  • MW-1813: bug fixed by which the version was not resolved correctly aa0d040
  • MWB-1889: Drive mail with expiry date / with password can not be send 7b462f4
  • MWB-1892: Don't filter "com.openexchange.grizzly.serverName" property from log event 4d342b8
  • MWB-1878: Handle empty Disposition-Notification-To header on delete cf06c47
  • MWB-1882: Upgraded Apache Commons Text from v1.9 to v1.10.0 7a911be
  • MWB-1890: Do obey folder types restriction when constructing search term for looking up events of user 87ec00e
  • MWB-1874: Remove references to contact in distribution list member when contact's email is cleared db7ef9e
  • MWB-1695: Introduced "requiredCapabilities" for App-specific Password Applications SCR-1155 ec439e9
  • MWB-1865: Use internal resources for image build #2 320b808
  • MWB-1834: Check command line options before accessing the reseller service e94ab2a
  • MWB-1865: Use internal resources for image build a48433d
  • use proper fallback property for exclude file pattern 0eadd7d
  • MWB-1866: Orderly consider public folder mode when userizing event data in result tracker 15274d9
  • MWB-1719: Don't forget to reassign returned Stream instance when applying filter a76a018
  • MWB-1870: Multifactor Webauthn provider throws UnsupportedOperationException 8c8a2b7

8.5.0-8.6.3 - 2022-10-05

Added

  • MW-1785: Introduce pre-upgrade task framework 6396946
  • MW-1815: Attach files from drive to chronos events fabeec5
  • MW-1647: Handle linked attachments for appointments fc5477c
    • Externally hosted attachments can now be stored for appointments, with an URI pointing to the data
    • Introduced new field uri for AttachmentData object (HTTP API), with column id 891
    • Added new field uri for c.o.groupware.attach.AttachmentMetadata DTO as well
    • Adjusted interface c.o.chronos.storage.AttachmentStorage and implementation to reference non-managed attachments properly during deletions
    • Breaking Change Update task com.openexchange.groupware.update.tasks.AttachmentAddUriColumnTask to add column uri in table prg_attachment
  • MW-1817: Integrate upgrade preparation bundle into core-mw helm chart 997fb26
  • MW-1607: Add domain support for push payload e924d1b
    • Drive clients can now subscribe for push notifications using domains 'myFiles', 'sharedFiles' and 'publicFiles'
    • The domain value gets re-inserted into push payload for transport 'apn2'
    • Removed configuration property com.openexchange.drive.events.apn2.ios.pushDomain

Changed

  • MWB-1849: Improved parsing of OAuth provider error message 31933c5
  • MWB-1826: Added useful DEBUG log messages when adding an image to a signature 1f1e8f9
  • MWB-1828: Improved handling of javax.net.ssl.SSLException 5180c7b
  • MWB-1849: Improved parsing of OAuth provider error message #2 c950617
  • MWB-1830: Improved error message in case of denied request e0d3c94
  • MWB-1759: Deny requesting large message chunk in case client queries more than only identifier fields 8e6ddb4
  • MWB-1800: Introduced configuration option 4e95327
    • "com.openexchange.calendar.storage.rangeIndexHint" to allow insertion of index hints into typical database queries of the calendar module
  • MWB-1776: Utility method to clear DNS cache b9c7ff3
  • MWB-1759: Don't query flags if not required 24729be
  • MWB-1716: Added some helpful logging about bundle status 1918165
  • MWB-1716: Added some helpful logging about bundle status #2 d056354
  • MWB-1764: Added DEBUG logging when checking status of a mail account yields an error 2119413
  • MWB-1750: Improved handling of possible javax.net.ssl.SSLException "Unsupported or unrecognized SSL message" 0af276a
  • MWB-1776: Added logging when DNS cache has been cleared fe93ae2
  • MWB-1759: Delay initialization of TLongObjectHashMap bbb6a9f
  • MWB-1759: Nullify intermediate result 103f70f

Removed

Fixed

  • MWB-1842: Prophylactically decode potentially MIME-encoded strings in property values in iCalendar files from MS Exchange 24af8ec
  • MWB-1848: removed fallback value for manifest version field 8b468a8
  • MWB-1839: Use dedicated introductions for forwarded meeting requests the user is not invited to e03a09e
  • MWB-1608: Fixed RuntimeExceptions in calendar stack bd422ac
  • MWB-1808: properly detect reminders with missing permissions bb3f1e6
  • MWB-1813: Added documentation for mail?action=expunge 56bff39
  • MWB-1811: Ensure internal entity is admin, prevent permission 57ca47b 00b7702 1358b10
  • MWB-1838: Yield no result when auto-processing REQUEST with party crasher, let client re-apply iTip independently of message status flag 8ec6208
  • MWB-1840: Return empty ajax respone if no event was found during resolve action 81be74c
  • Add missing com.openexchange.gab import in bundle com.openexchange.admin.plugin.hosting 9749ecb
  • MWB-1805: Use URL-decoded variant of username in Authorization header for macOS Contacts client if applicable 7d805e8
  • MWB-1735: Fixed links in Command Line Tools articles b9ac1ac
  • MWB-1711: Removed obsolete ContextDbLookupPluginInterface d9309b1
  • MWB-1721: Evaluate 'X-Device-User-Agent' and pretty print common EAS devices in active clients overview 7b197c1
  • MWB-1702: Skip premature cache invalidations to prevent race conditions upon folder update 7e643b8
  • MWB-1787: Prefix download URI with current scheme/host if no absolute URI is configured in manifest 5424d16
  • MWB-1737: Removed obsolete ETag check after HTTP 409 errors eac8317
  • MW-1817: Proper yaml in overwrite configmap if no properties are set 7c4f3c8
  • MWB-1760: Properly indicate "share not found" status for invalid targets of anonymous shares 152f332
  • Apply maxHeapSize to init containers 493c5e4
  • MWB-1722: Do not convert aperture value, because we already read the f-number from exif data c5d97dc
  • Disable hz update bundle by default 01c5d7d

Security