App Suite Middleware

8.43.69 - 2025-12-05

Changed

  • Use a description model when performing update to check what shall be changed and what not - /appsuite/platform/core#405

Fixed

  • Drop all deputy-associated permissions from mail folders - /appsuite/platform/core#416

8.43.68 - 2025-12-05

Changed

  • Use a description model when performing update to check what shall be changed and what not - /appsuite/platform/core#405

Fixed

  • Drop all deputy-associated permissions from mail folders - /appsuite/platform/core#416

8.43.67 - 2025-12-04

Fixed

  • Follow-up to also accept URL parameters w/ empty value - /appsuite/platform/core#400
  • Keep valid %XX sequences in path of an URI - /appsuite/platform/core#419

8.43.66 - 2025-12-02

Fixed

  • Lowered log level to DEBUG if exception indicates an invalidly configured no-reply transport - /appsuite/platform/core#417
  • Use "DELETE ... JOIN" statement to drop duplicate entries from "ratelimit" table - /appsuite/platform/core#418

8.43.65 - 2025-12-02

Fixed

  • Lowered log level for annoying log message - /appsuite/platform/core#414

8.43.64 - 2025-11-26

Fixed

  • Drop invalid deputy permissions from result set - /appsuite/platform/core#411

8.43.63 - 2025-11-26

Added

  • SCR-1622: Added new lean property com.openexchange.mail.bodyPartReadThresholdMillis that specifies the threshold in milliseconds for the read duration of body parts from mail storage. If that threshold is exceeded a warn log message is generated - /appsuite/support#931

Fixed

  • Corrected invocation of legacy (PIM) event queue and adjusted its logging behavior - /appsuite/platform/core#408

8.43.62 - 2025-11-23

Fixed

  • Properly recognize guest calendar user in public folder - /appsuite/platform/core#395
    • Fixed: Properly recognize guest calendar user in public folder -
    • Automatic POT generation

8.43.61 - 2025-11-10

Fixed

  • Do not double URL-encode valid %XX sequences - /appsuite/platform/core#400

8.43.60 - 2025-11-07

Fixed

  • Ignore failure to retrieve the metadata for a \NoSelect mailbox - /appsuite/platform/core#399

8.43.59 - 2025-10-29

Fixed

  • Allow a "reject" only or a "reject + stop" combination - /appsuite/support#926
    • Fixed: Allow a "reject" only or a "reject + stop" combination - /appsuite/support#926

8.43.58 - 2025-10-28

Fixed

  • Improved handling for failed transport of a scheduled mail with mail notification - /appsuite/platform/core364
  • Handle IMAP ACLs according to RFC 4314 as recommended: ignore the virtual "d" and "c" rights - /appsuite/platform/core#393

8.43.57 - 2025-10-19

Fixed

  • Restore RFC 1123 compliant formatting of {DAV:}creationdate and {DAV:}getlastmodified - /appsuite/platform/core#389
    • Fixed: Restore RFC 1123 compliant formatting of {DAV:}creationdate and

8.43.56 - 2025-10-10

Fixed

  • Improved handling for failed transport of a scheduled mail with mail notification - /appsuite/platform/core364

8.43.55 - 2025-10-10

Fixed

  • More robust validation of deputy metadata in folder attributes - /appsuite/platform/core388

8.43.53 - 2025-10-06

Fixed

  • Detect harmful content in CSS fragment - /appsuite/platform/core386

8.43.52 - 2025-10-02

Added

  • SCR-1605: New property to limit maximum attendees per conflict check (SCR-1605)
  • SCR-1606: New property 'com.openexchange.caldav.calendarMultigetLimit'
  • SCR-1607: New property 'com.openexchange.calendar.lookupPeerAttendeesEnabled'
  • Support to disable TLS for mariadb-client
  • Introduced options to limit reminder range requests
    • SCR-1608: New Configuration Property 'com.openexchange.reminder.reminderLookbackDays'
    • SCR-1609: New Configuration Property 'com.openexchange.reminder.maxRemindersPerRequest'
    • SCR-1610: Implicitly Delete Alarms when Declining a Task
  • Documentation for 'com.openexchange.undo.enabled'
  • Indicate configured value of 'maxAttendeesPerConflictCheck' via JSlob API

Changed

  • Added no-op mappings for orphaned user properties links/number_of_links (columns 591 and 595)
  • INU-4985: Consolidated parsing/writing of BDAY and ANNIVERSARY without year part in vCards
  • Query attendees chunk-wise
  • SCR-1599: Changed typo in property name and now properly use "com.openexchange.mail.proxyExternalImageUrls" instead of "com.openexchange.mail.proxyExternalImagerUrls"
  • SCR-1604: Updated OSGi target platform bundles
  • SCR-1611: Added possibility to enable round-robin on IP address selection
  • SCR-1612: Updated Spring Framework libraries from v5.3.32 to v5.3.39
  • Updated core-mw chart dependencies
    • Updated Gotenberg image to v8.23.2
    • Updated Collabora image to v25.04.5.3.1
    • Updated Collabora chart to v1.1.49
  • Check number of recipients against configured limit ("com.openexchange.mail.maxToCcBcc") as well as validate recipients' addresses
  • Do not need to explicitly pass mysql args to initconfigdb script
  • Updated integrated timezone definitions to tzdata2025a
  • Delete previously scheduled mail data along with associated message when re-editing as draft
  • Cope with "Domain ends with dot" address parse exception on message transport
  • Only load data for limited amount of attendees during conflict checks

Fixed

  • Also consider <iframe> tag when checking for possible HTML content
  • Drop existent scheduled mail on "Cancel send" and manual deletion from Scheduled folder
  • Fixed typo in table name in com.openexchange.groupware.update.tasks.DropJsonCacheTableTask update task
  • Removed the deprecated clause from property description for "com.openexchange.cache.v2.redis.disableHashExpiration"
  • Minor contact trash oversights
  • Process data chunk-wise during 'movecontextdatabase'
    • SCR-1603: New Configurartion Properties for 'movecontextdatabase'
  • Stick with common routines when resolving CardDAV resources from LDAP
  • Include folder id term when resolving resources by UID
  • More robust parsing of image URIs as well as apply proxy routing to external images on reply/forward
  • Orderly update folder's anonymous guest permission on follow-up mail transport attempt