Aggregated bug-fixes for 7.10.6

Last Update: 2022-10-04

Patch Release 6176 (2022-09-21)

Shipped Components and Versions

Fixed Bugs

MWB-1798 Communications link failure attempting to delete user

Using “SELECT … FOR UPDATE” statements are likely to timeout in distributed/bigger setups.This has been solved by using another (simpler) lock mechanism than using “SELECT … FOR UPDATE” statements that are likely to timeout in distributed/bigger setups.

Patch Release 6173 (2022-09-16)

Shipped Components and Versions

Fixed Bugs

OXUIB-1890 Inserting text into mail body using copy/paste does not work all the time

Event order of TinyMCE is inconsistent which can lead to undefined values.Solution: Be robust when event order is wrong. The scroll position must only be fixed when the order is messed up. That indicates, that the paste-plugin of TinyMCE suffers from the same issue in the 4.x stream and has only been fixed in the 5.x stream.

OXUIB-1830 Sharing/rights menu items also present for users without “Share Links” and “Invite Guests” permissions

Improper checks for rendering (1) condition of context sharing options and (2) sharing dialog content.Solution: (1) Improve checks to show correct context options: Files can always be shared to internal users. Distinguish to name context entry “Permissions” or “Share / Permissions” depending on the dialogs content (only permissions information or sharing options)(2) Improve sharing dialog to only permit internal invites when capabilities invite_guests and share_links are set to true.

OXUIB-1827 Mail not displayed - content is only visible via view source or as forwarded mail

Mail included an element with height of 100%.This has been solved by setting height of root/html tag within iframe to 0 to lever out the 100% height - but only for mails with sender Paypal.

OXUIB-1825 Delete-Key in mail module doesn’t work anymore

Js error because of missing event.This has been solved by checking for missing event to prevent error.

OXUIB-1815 Setting io.ox/core//logoAction doesn’t work for internal Apps

Autostart was used every time instead only if logoaction=autoStart.This has been solved by only using autostart if it is configured like that.

OXUIB-1793 Delete mails using keyboard not working

Js error because of missing event.This has been solved by checking for missing event to prevent error.

OXUIB-1102 Dutch translation for “lost password” not optimal

This has been solved by changing the wrong wording.

MWB-1815 Write node of Galera cluster killed by OOM killer - caused by large delete operations

Inefficient SQL statement to delete Drive items/documents leading to timeout.This has been solved by improving SQL statement to delete Drive items/documents to better utilize existent indexes/primary key.

MWB-1797 Users cannot delete trash when thousands of mails exist

Failed/timed-out look-up of possible references to shared folders abort clearing a mail folder.Solution: Don’t let failed/timed-out look-up of possible references to shared folders abort clearing a mail folder.

MWB-1772 Disable encryption in mail compose window does not trigger auto-save

Security settings were not properly applied with next composition space update.Fixed issue with security settings not being properly updated when signing enabled.

MWB-1769 Autoconfig missing characters

Wrong composing of auto-config URL.Fixed auto-config URL string and correctly specify the protocol.

MWB-1757 OX Drive Access/Permission issue for file owner of shared file

Infostore User-Permissions were checked in case of removed permission.This has been fixed by splitting touched permissions into changed/new and removed permissions. Checking the infostore user -permissions only for changed and new permissions, not removed permissions.

MWB-1701 Constantly growing reference header

Special “References” header might grow infinitely.Ensure that length of “References” header does not exceed 998 characters - aligned to RFC 2822 - Section 2.1.1 - to solve this issue.

MWB-1625 Drivemail draft: view/download/save to drive of attachment does not work

Drive Mail attachments not accessible via mail API.This has been fixed by making Drive Mail attachments accessible via mail API.

Patch Release 6166 (2022-08-31)

Shipped Components and Versions

Fixed Bugs

OXUIB-1811 CSS prefer-color-scheme gets ignored on body tag

Wrapper css class got wrongly applied to body tag.This has been solved by adding exception handling for css rules on body tag.

OXUIB-1790 “Back” in E-Mail List view is draggable

Attribute ‘draggable=“false”’ was missing.This has been solved by adding missing attribute to disable dragging.

OXUIB-1764 Overflow of color picker in calendar on mobile devices

Width of colorpicker was wider than screen width.This has been solved by setting max width to 100% to make all colors visible.

OXUIB-1729 GDPR Export in 1GB packages not possible directly after an export with 512MB package size

Max filesize was reduced to last selected size on redraw.This has been solved by saving the original max filesize.

OXUIB-1717 Mail from sent mail folder is also archived when archiving from INBOX while in conversation view

All mails in a conversation would get archived.Now only not-sent mails will get archived.

OXUIB-1714 Unexpected and inconsistent success message shown when updating external account

When a new account is created, it is classified as “new” until a refresh is executed. Therefore, “Account added successfully” is displayed until the refresh.A newly created account is now only recognized as new when it is created. Afterwards, “Account updated” is used.

OXUIB-1703 Mail compose jumps when inserting link

Something in tinyMCE’s paste plug-in caused the described behavior.This has been solved by updating tinyMCE.

OXUIB-1667 Other Address missing when printing a contact with print layout

This was caused by typos in print.html and print-detail.js.This has been solved by fixing typos in print.html and print-detail.js.

OXUIB-1341 Translation suggestion for Swedish in UI

Several change requests for Swedish.This has been solved by applying some changes and rejecting others.

MWB-1747 Amount of contacts displayed for distribution lists not always correct

Distribution list entries were not correctly identified in case multiple entries had the same email address.This has been fixed by identifying the entries via their entry id.

MWB-1739 Pictures can not be opened for preview if browserwindow size is too big

Client-given maximum width and maximum height of the target image exceed configured max. supported values.This has been fixed by adjusting client-given maximum width and maximum height of the target image to configured max. supported values.

MWB-1733 ReplyTo field not used in case you send a mail to your own account

The reply-to header was ignored in case the mail was sent to one’s own mail address.Don’t ignore the reply-to header to solve this issue.

Patch Release 6161 (2022-08-02)

Shipped Components and Versions

Fixed Bugs

MWB-1720 Images embedded in mails via cid: are not visible

Messed-up file holder reference when checking for possible image transformation.This has been solved by orderly managing file holder reference when checking for possible image transformation.

Patch Release 6156 (2022-08-10)

Shipped Components and Versions

Fixed Vulnerabilities

OXUIB-1785 CVE-2022-37310

CVSS: 4.3

OXUIB-1732 CVE-2022-37309

CVSS: 5.4

OXUIB-1731 CVE-2022-37308

CVSS: 5.4

OXUIB-1678 CVE-2022-37307

CVSS: 5.4

OXUIB-1654 CVE-2022-31469

CVSS: 4.3

MWB-1714 CVE-2022-37311

CVSS: 5.3

MWB-1713 CVE-2022-37312

CVSS: 5.3

MWB-1712 CVE-2022-37313

CVSS: 5.0

Fixed Bugs

OXUIB-1768 Save a sent mail as distribution list - nothing happens

We introduced restrictions on apps that can be launched. This broke some actions with “closable” apps. Namely edit/create distribution list and invite to appointment actions.This has been solved by introducing list of valid edit apps so the actions work again.

OXUIB-1733 Initials in dropdown menu do not update

Initials used outdated rampup data.Do not use rampupdata once userdata was changed (we still use them initially to speed things up).

OXUIB-1709 Deleted attachments not removed when saving a draft

An upload aborted in the UI may be saved in the draft if the upload is already complete but the transfer has not yet been completed.Now allow client to pass “attachments” on final send/save action to drop attachments before sending/saving -> Those attachments not referenced in given “attachments” are removed.

MWB-1720 MW 7.10.6-19: images embedded in mails via cid: are not visible

Messed-up file holder reference when checking for possible image transformation.Now orderly manage file holder reference when checking for possible image transformation to solve this.

MWB-1709 Mail items listed under “Chat History” not consistent

Only 10 most recent messages are considered regardless if sent or received.Now letting Halo’s investigate call return 10 most recently received and 10 most recent sent messages.

MWB-1704 Handling appointments fails with “Comparison method violates its general contract!”

This was caused by wrong implementation of comperator.This has been solved by orderly implementing the comperator and test all restrictions.

MWB-1667 Oxsysreport with the option “–exclude-old-logs” with any number does not seem to work

The tar argument –exclude-from is positional and was not in the correct place, thus rendering that option ineffective.This has been fixed by setting the –exclude-from argument to the correct position in the oxsysreport tool.

DOCS-4377 “Drive” Section missing for external users while “address book” is present

Drive settings were defined as disabled for guests in the past.This has been solved by enabling Drive settings for guests (anon & external guest).


The log message was unclear.In case of a complexity too high error we no longer log the stack trace instead we use this log message: “LoadableDocProcessor: Document could not be loaded because it exceeds the maxWordCount / maxCells limit.”

Patch Release 6150 (2022-07-18)

Shipped Components and Versions

Fixed Bugs

OXUIB-1727 Misleading tooltip on mail compose window

Was caused by static tooltip.This has been solved by using state depending tooltip for closeaction.

OXUIB-1101 Password reset error message on wrong password always in english

String was not recognized as translatable string.This has been fixend by adding gt calls for this.

MWB-1704 Handling appointments fails with “Comparison method violates its general contract!”

Was caused by wrong implementation of comperator.This has been solved by orderly implementing the comperator and test all restrictions.

MWB-1694 Broken email causing high load

IDN to ACE conversion for domain parts that are too long keeps processing thread busy for a while.This has been solved by avoiding IDN to ACE conversion for domain parts that are too long.

MWB-1680 OX Drive Mail: sending a password secured picture will have a preview of the picture in the mail

Now don’t generate preview images if content is password-protected to solve this issue.

MWB-1679 After update to 7.10.6 issue with provisioning server

Generated token might contain characters which got URL-encoded and do confuse token round-trip.This has been fixed by using only url-safe (hex) characters in generated token.

MWB-1670 Active clients: last access time not shown for other protocols than Web UI access

Last-active time stamp not tracked for CalDAV/CardDAV sessions.Now tracking last-active time stamp for CalDAV/CardDAV sessions, too.

MWB-1669 “Consider running the consistency tool” for data export in CloudPro DE1

Possible I/O error when trying to write export data to file storage.This has been solved by retrying on possible I/O error when trying to write export data to file storage.

MWB-1655 Setting INBOX as sent-mail folder results in own mail address in TO: when doing a reply

Whether the “To” addresses shall be used as recipient on a reply to a certain message was determined by the folder in which the originating message resides.This has been handled by prefering “To” as recipient on reply when originating message’s “From” address belongs to composing user.

MWB-1395 OX middleware java thread issue

Excessive reading of mail parts on inline view of video files or when outputting images.This has been solved by avoiding excessive reading of MIME part content.

Patch Release 6148 (2022-07-05)

Shipped Components and Versions

Fixed Bugs

MWB-1687 gdpr: Data export task failed fatally

Infinite traversing of calendar folder during data export.This has been solved by avoiding infinite traversing of calendar folders.

Patch Release 6147 (2022-06-30)

Shipped Components and Versions

Fixed Bugs

DOCS-4537 documentconverter-server does not start after installing latest Patch

This was caused by too old build dependency on buildservice.This has been solved by using latest build dependency on buildservice.

Patch Release 6146 (2022-06-29)

Shipped Components and Versions

Fixed Bugs

OXUIB-1753 Missing buttons in calendar

Toolbar rendering was broken.Now all actions are rendered correctly.

Patch Release 6141 (2022-06-28)

Shipped Components and Versions

Fixed Bugs

OXUIB-1666 Edit Names dialog button says “Edit” where customer expects “Save”

Wrong label was used.This has been solved by using the right label.

OXUIB-1665 Mobile UI. “re:” and “fwd:” removed from Subject in the mail view

Missing parameter to keep “prefix” on mobile also.This has been fixed by adding missing parameter to prevent a “cleanup”.

OXUIB-1659 No avatar pictures in distribution lists displayed after editing

Unnecessary removal of event listener leads to images not being loaded correctly.This has been solved by not removing the event listener to fix image loading.

OXUIB-1642 Edit calendar folders not working on mobiles

Mobile selection variable was used to early.Now properly initialize the mobile selection variable to solve this issue.

OXUIB-1638 Address book icons different between desktop and mobile UI

Safari needs a width to render the initials SVG.This has been fixed by adding CSS for this.

OXUIB-1474 Race condition when toggling mail filter rules

It was possible to set the mail filters in the backend to a different status than in the UI with a quick multiple clicks.This has been fixed by only evaluating the last click.

OXUIB-1384 Drive Mail: Download Button flashing up while browsing through the folder tree

User needs at least read permission to download a folder. System folders cannot be downloaded (even if they have the zippable_folder capability).Solution: Make sure read permission is properly checked. Prevent download of system folders.

MWB-1643 Unwanted behavior (data corruption) on editing distribution lists

Wrong selection when trying to update associated entry in a distribution list.Now orderly select the distribution list member to update.

MWB-1636 Characters added to To: when saving draft

Unexpected byte sequence which does not map to standard rfc822 charset.This has been fixed by applying proper charset when reading line of bytes from message rfc822 source.

MWB-1618 Address book picker empty in mail compose due to MW error

Non-distinct values are collected to a map raising a runtime exception (coding error).This has been solved by ensuring distinct values are collected to a map.

MWB-1611 Specific contact can not be deleted from distribution list

Duplicate entries in distribution list are allowed.Solution: Deduplicate entries in distribution list: - for independent contacts by email -for internal contacts by email field.

MWB-1605 No detailed information for resources using “Find free time” while creating an appointment

Whenever free/busy data for a single attendee was loaded, for some events information was hidden, even though the information is viewable by the user. Main reason for that was, that we loaded too less data from the DB and thus the decision-making to obfuscate event data in free/busy responses went wrong.This has been solved by loading additional data from the DB for correct decision-making.

MWB-1592 Caldav configuration

Root collection path statically set to “com.openexchange.dav.prefixPath”.This has been solved by applying proper internal/external path translation for DAV root collection.

Patch Release 6138 (2022-06-09)

Shipped Components and Versions

Fixed Vulnerabilities

MWB-1602 CVE-2022-31468


MWB-1572 CVE-2022-29853


MWB-1540 CVE-2022-29852


DOCS-4428 CVE-2022-29851


Fixed Bugs

OXUIB-1609 Drive Mail: “using password” can be chosen and mail can be sent even without giving a password at all

There is no control whether a password has been stored when the option “using password” is activated.Now “Using password” can only be used if a password has also been stored.

OXUIB-1587 Reminder can not be set and missing details in shared calendars for users with no access to them

Missing folder data because of insufficient permissions.This has been solved by checking if event is in all public appointments folder. This way we can make some assumptions even without full folder data.

OXUIB-1384 Drive Mail: Download Button flashing up while browsing through the folder tree

User needs at least read permission to download a folder.Solution: Make sure read permission is properly checked.

OXUIB-1296 High-resolution images are deleted when trying to add them to the email body

Failed upload of inline images was no longer propagated to TinyMCE.This has been fixed by propagating and catching failed upload again.

OXUIB-1266 Mail compose is not opened in case of an over quota mailbox

Missing error handling when creating composition spaces.This has been solved by implementing general error handling for creating new composition spaces.

OXUIB-1065 Different order for displayed contact field than in edit mode

Mismatch in order of displayed contact fields.This has been fixed by moving fields to match edit form.

MWB-1623 External mail account resets Seen/Unseen status of mail after updating to 7.10.6

No possibility to circumvent Dovecot issue failing to server “PREVIEW” capability.This has been solved by introducing property “com.openexchange.imap.preferredPreviewMode” for IMAP connector to specify preferred preview mode. See SCR-1087.

MWB-1610 Certificate error shown in case sending a mail from an external added account

Wrong detection of standard SSL protocols.This has been solved by orderly detecting (and using) standard SSL protocols.

MWB-1603 Tons of “INFO … Started alarm delivery worker” messages in the Logs since update to 7.10.6

With introduction of clean-up framework tasks get executed per database schema. Thus the start and end information are unnecessarily printed per database schema.This has been fixed by restoring previous behavior to log those info only once at start and termination of that task for all database schemas.

MWB-1594 open-xchange-gdpr-dataexport does not include contacts from personal address book folders

Wrong folder traversal on data export of contacts.This has been solved by orderly considering subfolders on export.

MWB-1574 Huge amount of uid conflict error messages in log for one end user (~7500 times in ~ 30 mins)

Log level ERROR used for CATEGORY_CONFLICT exceptions.Now using log level DEBUG for CATEGORY_CONFLICT exceptions.

DOCS-4451 Jolokia support in document collaboration

The dependencies must have changed and Jolokia support was not part of the DCS anymore.This has been solved by adding explicit Jolokia support into the DCS build.gradle / pom.xml.

Patch Release 6133 (2022-05-16)

Shipped Components and Versions

Fixed Bugs

OXUIB-919 Huge amount of “Found no such resource in attachment storage for identifier: undefined’ errors after update

Improvement: Do not complain when client tries to delete a non-existing attachment.

OXUIB-889 File storage removed from cache once a (sub)folder gets deleted

File storage account will be accidentally removed locally once a single (sub) folder of an external account gets removed.This has been solved by adding check to remove file account only when root folder get’s deleted.

OXUIB-1406 Pdf write error message not translated

Was caused by a missing gt call.This has been fixed by adding the missing gt call.

OXUIB-1101 Password reset error message on wrong password always in English

String was not recognized as translatable string.This has been fixed by adding gt calls to boot/i18n.

MWB-1560 Huge traffic increase on userdb after updating to 7.10.5 (incl. custom package)

In case client-passed token does not match the one currently associated with requested composition space while trying to perform an update ends in an infinite retry loop.This has been solved by using dedicated error code in case client-passed token does not match the one currently associated with requested composition space.

MWB-1546 CalDAV issue

Missing recurrence identifier in change exception set of stored recurrence master event.Solution: Orderly incorporate intermediate results when handling calendar resource updates, also consider change exception instances when building recurrence set during update.

Patch Release 6121 (2022-04-11)

Shipped Components and Versions

Fixed Bugs

USM-33 Issues with Exchange connection on Android 10

USM combines original mail and forward text into a new mail which is sent in base64 format. This seems to be invalid and is rejected by the backend. ICS attachments are filtered by USM if the mime-header content-type contains application/ics or text/calendar.This has been solved by sending combined mail in text format. Create correct mail with hierarchical multipart. ICS attachments will be filtered only if corresponding calendar objects exist.

OXUIB-1382 Drive Mail: Password can be set even when not enabled and vice versa

This functionality was disabled during a it has been adjusted accordingly.

OXUIB-1095 File attachment multiplies after send

Resizing an email attachment could cause individual attachments to be duplicated.The process has been revised so that resizing an image attachment cannot be interpreted as a new attachment.

MWB-1551 Listuser: double return for (approx. 1300) users

User were listed twice.This has been solved by avoiding listing of duplicate users.

MWB-1527 Typo in documentation for CrossContext related properties - com.openenxchange instead of com.openexchange

There was a typo in bot the documentation as well as in the implementation.Fixed the typo in both places.

MWB-1523 Mail/drivemail attach files: if file being uploaded takes too much all other files will fail with 502503 error

Uploaded attachments were spooled to local temporary file while unnecessarily holding lock on affected composition space. This holds that lock for too long.Solution: Spool attachment to local temporary file w/o acquiring lock. However, actually adding the attachment to the draft mail is required to be performed mutually exclusive.

MWB-1517 Found no such composition space

Cached data providing the draft mail identifier might be outdated.Cached data providing the draft mail identifier might be outdated.Perform look-up of draft mail by composition space identifier in case there is no draft mail for cached information.Unfortunately, based on the information provided, it was not possible to understand why all of a sudden the associated draft mail of a composition space cannot be found based on the information managed in memory. Therefore, in such a case, an attempt is now made to find the associated mail by a look-up per composition space identifier. If that also fails, the draft mail must have actually been deleted.

MWB-1513 Since update to rev39: compose limit reached although no compose window is currently active

Checked local state for possible too many composition spaces which might not be up to date.This has been solved by always checking content of standard drafts folder on mail server to reliably test for too many composition spaces.

MWB-1446 Can’t delete Users / Table ‘oxdatabase_5.generic_use_count’ doesn’t exist

Length of VARCHAR columns in generic_use_count table too big to be used for a PRIMARY KEY or UNIQUE KEY.This has been solved by shrinking VARCHAR columns in generic_use_count table to proper size to be used for a PRIMARY KEY or UNIQUE KEY.

MWB-1298 Arrow symbol disappears after unfolding in File Share Guest UI

Subfolder flag for Shared files folder was always set.This has been solved by adding proper subfolder detection for ‘Shared Files’ folder.

DOCS-4119 Print or export of document loses line spacing

LibreOffice is having a problem with the default property in styles, regardless of the value LO interprets it as default = “true”. There should only be one default paragraph style in a document. LO thinks that there are twice and lets the latter win. So In this case the correct paragraph style “Normal” is overwritten by the paragraph style “ListParagraph”.Solution: We will no longer write the property “default” in styles when its value is “false”, this is also valid. The bugfix only works for newly created documents and documents that are saved again in our editor.

DOCS-3534 Presentation templates inconsistent / needs review

Was caused by glitches in the manual creation of these templates.This has been solved by fixing the Inconsistency.

Patch Release 6112 (2022-03-24)

Shipped Components and Versions

Fixed Bugs

OXUIB-1347 Enterprise / public sector address picker visible also when not configured

Feature toggle was checked to late in code.This has been solved by moving feature check to an earlier point.

OXUIB-1346 eMail address get wrapped at ‘-’ character

Missing max-width and default line/word break behavior.This has been fixed by adding Max width and set proper line break behavior. This makes ellipsis work as intended.

OXUIB-1042 Calendar entry can not be modified (empty popup, UI hangs)

Missing organizer caused js error in UI.This has been solved by making UI more robust so it doesn’t break if an appointment has no organizer.

MWB-1499 Cannot delete contacts in Distribution List

DELETE statement not matching targeted distribution list entry under certain circumstances.This has been fixed by correctly deleting/updating distribution list members by parent contact identifier.

MWB-1489 Conversion Layer getMailHeaderList gets already read mail

Wrong slicing of sorted message set.Solution: Fixed slicing of sorted message set.

MWB-1487 Mail/drivemail attach files: if file being uploaded takes more than 60 seconds exception is thrown

Slow upload leads to timeouts.Solution: Do not let upload time out since not measurable whether there is slow connection bandwidth or poor performing file storage end-point.

MWB-1479 MFA does not disable WebDAV and CalDAV

Dav does not call the session hit that the MW does. As a result, the check for multifactor is missed.This has been solved by adding additional check for multifactor in DAV servlet. Should simply reject if found. There is no way to authenticate multifactor in DAV. Application passwords should be used.

MWB-1478 WebDAV: OX does not implement Range Requests correctly

Content-Length of last chunk wrong in case requested range is greater than actual file length.Solution: Correctly set content-length header if client-requested range is beyond file length.

MWB-1475 Address book / session or folderId is null

Broken folder references in stored distribution list members lead to runtime exception in custom address book plugin.Solution: Unmangle folder id in distribution list members prior passing down to contacts access, skip invalid references when post-processing loaded distribution list members.

MWB-1464 u2f not working in chrome anymore

Chrome removed U2F support.Utilize webauthn U2F mechanisms to support the logins in Chrome.

MWB-1418 Error message very vague for missing permissions on subfolder

Misleading error description for hidden subfolder.This has been solved by returning dedicated errors for the scenario, pointing to the folder causing the error (if visible for the user).

MWB-1209 Failure of JVMs/groupware-nodes, Login not longer possible

Applied regular expression leading to excessive resource consumption. Too heavyweight logic to convert HTML to plain text.This has been fixed by avoiding using regular expression to split HTML content to lines and fixed possible NPE when querying available composition spaces. Improved html-to-text conversion to be faster and use less memory.

DOCS-4172 A user should be able to ignoreWarnings at permission updates (error: FLD-0010)

It’s not yet implemented to share all folders except folders without access rights.Now showing “Ignore Warnings” Dialog to share only folders with access right and send ‘ignoreWarnings=true’ to the MW.

Patch Release 6102 (2022-03-02)

Shipped Components and Versions

Fixed Bugs

OXUIB-1307 Onboarding wizard always displays “sync app” for android, even when not enabled

Was unsupported.Solution: ‘apps’ can now be hidden via jslob setting “io.ox/onboarding//hidden/apps”, syncapp is hidden by default.

OXUIB-1273 OXAppsuite-Frontend iframe app doesn’t send the token in the proper format

There was no need to URL-encode the URL in the previous OX versions because the token was not base64 encoded.When using the io.ox/core/tk/iframe with the option acquireToken, the token is sent without being URL-encoded. Now it will be URL-encoded.

OXUIB-1262 Single quote in mail compose To field handled incorrectly

This wasn´t considered yet.This has been solved by extending the regex.

MWB-1477 After 7.10.6 upgrade, some contexts give error sending as alias

Wrong check if given sender address is possibly associated with an external account.This has been solved by a proper check if given sender address is possibly associated with an external account.

MWB-1448 Compose is moved to trash if “com.openexchange.mail.compose.maxSpacesPerUser” is over

Max. number of composition spaces not orderly considered when opening a new one.This has been solved by Considering max. number of composition spaces when opening a new one.

MWB-1435 Errors on the conversion layer API used by mobile applications

Parse errors if a MIME message contains a corrupt Content-Type string.This has been fixed by sanitizing Content-Type string in case a corrupt one is present in MIME message or one of its parts.

MWB-1423 Context taxonomy not mentioned in cli onlinehelp

Missing help text for dynamic options.This has been fixed by adding a help text for dynamic options.

MWB-1413 Birthday calendar name is changeable via DAV but not in Web UI

Update of DAV:displayname property permitted through CalDAV for default Birthdays calendar.Treat DAV:displayname property as protected for Birthdays calendar, and indicate forbidden property updates via DAV:cannot-modify-protected-property precondition.

MWB-1387 gdpr data export fails reliably

Errors while trying to resume a previously paused data export.Solution: Handle possible connect failure while exporting mails. Avoid pausing running data export tasks. Let started ones complete and avoid unnecessarily stopping data export tasks in case a continuous timeframe is configured, e.g. “com.openexchange.gdpr.dataexport.schedule=Mon-Sun”.

Patch Release 6093 (2022-02-04)

Shipped Components and Versions

Fixed Bugs

MWB-1444 New mails can not be composed when having many external accounts configured

Plain connection established although SSL connection expected.Solution: Orderly signal whether a direct SSL connection should be established or not.

Patch Release 6085 (2022-01-28)

Shipped Components and Versions

Fixed Bugs

MWB-1431 MSG-0008 Categories=ERROR Message=‘An I/O error occurred: Received BYE response from IMAP server: * BYE out-of-sync data before server greeting’

InputStream.available() might not indicate available content.Solution: Probe for next byte instead of relying on InputStream.available().

Patch Release 6080 (2022-01-25)

Shipped Components and Versions

Fixed Bugs

OXUIB-1108 Date header in mail view removes leading zero despite setting suggesting two character date entries

This is a bit of a design problem. The settings dialog suggests only one date format, but UI is using 2 formats. A long (with leading zeros) and a short format (without leading zeros). Since there is only one format to choose from we are always wrong one way or the other.Solution: If a user explicitly sets a specific format (customized locale data) we overwrite both, the long and short format with the chosen format. If the user uses the language specific default we use long and short format as before.

OXUIB-1094 Inconsistent mail draft handling mobile UI <-> Web UI

Wrong action type leads to creating a copy instead of editing the draft.This has been solved by changing the type from ‘copy’ to ‘edit’.

OXUIB-1075 Quick start menu bar configuration for external users incorrect

No sufficient checks for quicklauncher app availability.This has been solved by hiding unavailable apps in quicklauncher and config dialog. Apps that have upsell enabled are considered available. Guests do not have upsell so they will not see upsell enabled apps they lack the capabilities for.

OXUIB-1042 Calendar entry can not be modified (empty popup, UI hangs)

Missing organizer caused js error in UI.Solution: Make UI more robust so it doesn’t break if an appointment has no organizer.

OXUIB-1024 Skewed Images After attaching them during mail compose

Editing an image with the createImageBitmap function within a worker in Chrome Browser version = 77 leads to incorrect results.Solution: For Chrome Browser version = 77, the editing process with createImageBitmap is no longer performed in the worker.

MWB-1394 Drivemail: share expiration is wrong if user timezone is not GMT+0

Client-wise specified expiration date got adjusted by user’s time zone.Now passing client-wise specified expiration date as-is (assume GMT+0) and do not adjust by user’s time zone to solve this issue.

MWB-1392 Calendar share notification is sent off from the main account mail address instead from the default sender address

Different mail address in FROM header and mail text.This has been solved by respecting the property com.openexchange.notification.fromSource and use the default sender address in mail text, too.

MWB-1384 Birthday / Public calendar shows no entries when using czech language settings

This has been solved by fixing a typo in Czech .po file.

Patch Release 6073 (2022-01-12)

Shipped Components and Versions

Fixed Vulnerabilities

DOCS-4106 CVE-2022-23100


Patch Release 6069 (2022-01-11)

Shipped Components and Versions

Fixed Bugs

OXUIB-963 2fa not working with form/token login anymore

The first fix was only for form login.Now this has also been fixed for token login.

MWB-1376 Concurrent Update Exception when uploading multiple Attachments during compose

Retry mechanism circumvented through introduction of client tokens for any reason.This has been solved by re-enabling retry mechanism.

MWB-1352 Update of appointment restricted CAL-4038

Was caused by too strict permission check when processing CANCEL messages.Solution: Require delete permissions for targeted user attendee when applying CANCEL messages.

MWB-1351 GDPR backup feature task doesn’t seem to work all the time

Was caused by sporadicaly timeouts when obtaining a connection to the storage.Solution: Retry establishing a connection to file storage in case caught exception indicates a timeout while connecting to an HTTP server or waiting for an available connection from connection pool.

Release 7.10.6 (2021-12-09)

Shipped Components and Versions

Fixed Vulnerabilities

OXUIB-872 CVE-2021-38374


OXUIB-838 CVE-2021-33495


OXUIB-837 CVE-2021-33494


OXUIB-1092 CVE-2021-44208


MWB-993 CVE-2021-33489


MWB-1322 CVE-2021-44209


MWB-1260 CVE-2021-44210


MWB-1259 CVE-2021-44211


MWB-1219 CVE-2021-44212


MWB-1216 CVE-2021-44213


MWB-1208 CVE-2021-38378


MWB-1185 CVE-2021-38376


MWB-1116 CVE-2021-38377


MWB-1113 CVE-2021-38375


MWB-1094 CVE-2021-33490


MWB-1067 CVE-2021-33493


DOCS-3309 CVE-2021-33491


DOCS-3201 CVE-2021-28095


DOCS-3200 CVE-2021-28094


DOCS-3199 CVE-2021-28093


Fixed Bugs

OXUIB-976 Mobile onboarding wizard - Upsell only available for EAS / CalDAV/CardDAV missing

Unnecessary double capability check, which broke upsell configuration.This has been solved by just checking for one capability for each entry.

OXUIB-973 Calendar entries shorter than 1 hour, which straddle an hour, are truncated when printed

Wrong calculation of end time slot (was not based of endtime, but starttime and length).This has been solved by fixing calculation of endtime slot so the slot that contains the end time is included correctly.

OXUIB-964 Wrong dutch translations

Fixes translation.

OXUIB-963 2fa not working with form/token login anymore

Rampup extensions trying to fetch data without session requiring multifactor.This has been fixed by exiting the rampup stage early if multifactor is required after login.

OXUIB-959 Problems with syncing appointments via CaldDAV and status “Canceled”

UI does not have a way to display cancelled appointments.Mark cancelled appointments by striked through text, grey color and an info message in the detail view.

OXUIB-957 Notifications for mails from external accounts

It was not possible to receive notifications for external mail accounts.This has been solved by implementing check for external inboxes. Note: This is done via periodic requests and not via sockets, since there is no MW support for this. Implemented a feature switch for this so the current behavior does not change for customers that don’t want default is false.

OXUIB-952 Account recover dialog can be opened manually

Was caused by an obsolete ui artefact.This has been fixed by removing whole part on accounts settings pane.

OXUIB-951 External contact should not be found when “invited guest” is disabled

Addressbookpicker parameters were changed to expect an object but UI only sends a boolean.Send full option object so only the global addressbook is shown again.

OXUIB-948 File en_SG.js renamed to en_sg.js in package open-xchange-appsuite

Moment renamed en-SG to en-sg.This has been solved by updating the locale lookup table to new filename.

OXUIB-941 Help files for FR-Canada switches to English

This has been solved by adding specific mapping for fr_CA when loading help.

OXUIB-940 UI window formatting glitch after opening connect your device

CSS selector for steps was too generic.This has been fixed by using id selectors for wizard steps.

OXUIB-939 Unable to “sign out from all clients” feature in settings

Feature handles SSO case not as good as it could be.Moved all relevant parts into extensions.

OXUIB-932 Draft autoload on mobile causes huge amount of “draft changed in another tab” messages

This was caused by immediate loading of drafts on mobile.This has been solved by introducing lazyload for mobile devices.

OXUIB-931 Default rights when sharing a folder to an unnamed user are “Author”

Since the redesign the default was set to author right for folders and viewer rights for files.Solution: Changed it to default to viewer rights in all cases.

OXUIB-929 Unclear error message when adding a note to a new drive file version which exceeds limit

Missing max length attribute in text field, missing meaningfull error message.Add max length of 65535 characters. Add better error message.

OXUIB-920 “locked” view during running GDPR Export is wrong

When redrawing the default configuration was used all the time.This has been fixed by only using default configuration when no download is pending. Show requested modules instead.

OXUIB-917 Several “No such job” error messages for some customers (increasing) after update to 7.10.5

UI did not check for error codes and kept requesting long running jobs.This has been fixed by removing jobs from queue for error code JOB-0002 so they are not requested anymore.

OXUIB-906 Dav sync option shown in address book settings, without dav installed

Was caused by a missing check for capabilites carddav / caldav.This has been fixed by hiding toggle buttons when carddav or caldav is missing.

OXUIB-901 “Internal Sharing of Files and Folders” does not work with HiDrive but is still offered

This was caused by missing check for ‘permissions’ of folders ‘supported_capabilites’ property.This has been solved by adding missing check.

OXUIB-895 Missing “show entire message” button for truncated mails

Class ‘mail-detail-content’ was added to body element while plain text mails still add a wrapping DIV with that class name beneath the body element.This has been fixed by adjusting selector to allow adding ‘Show entire message’ button again.

OXUIB-891 Signatures can duplicate if you hit save multiple times

Was caused by missing differentiation between success and error state.This has been solved by idling dialog only when error was returned.

OXUIB-890 Icon highlights in AM1_prod_reseller

The launcher drop-down moved to the left edge of the top bar and received its own section name in CSS.This has been solved by adding the new section to the others where topbarHover is applied.

OXUIB-888 Closing a (huge) mail draft with a double click results in an error

Multiple clicks on close button were possible.This has been solved by disabling buttons in window header when app is closing.

OXUIB-884 Onboarding Wizard “Connect Your Device” not correctly displayed on small iOS Displays

Flex shrink was behaving strangely for small devices.This has been resolved by removing shrink for some components.

OXUIB-870 “What’s New Popup” does not honor the Customers Configuration

Feature checks were not sufficient.Federated sharing text now also checks if filestorage_xox or filestorage_xctx capabilities are present. Onboarding wizard now checks for capability client-onboarding and if the setting for the new wizard is actually enabled (io.ox/core//onboardingWizard).

OXUIB-854 “Distorted” Error window when restoring a nonexistent draft in a second tab

The error was handled twice although it occurs only once.The double handling of the error is unnecessary. The error is now displayed in the tab only and this can be closed with “close”.

OXUIB-852 What is new in this version Information modal displayed in attachment preview

Missing customization for what’s new feature list.This has been solved by adding extension point to customize this list.

OXUIB-845 Wrong help article referenced in subscribed dialogs

Was caused by wrong references.This has been fixed by using right references.

OXUIB-839 “Setup wizard” partially covered by “Whats New”

Onboarding-hint-popover is shown automatically and visual anchor is hidden behind “whats new”.This has been solved by using Stage instead of Extension to show popover and ensuring popover does not “collide” with other steps visually.

OXUIB-836 CSS for button missing in onboarding menu “Windows” -> “OX-Drive”

Missing style for drive download button.This has been solved by adding correct style to drive download button.

OXUIB-833 Wrong help page mapped for contacts create/edit window

Missing differentiation between user and contact.This has been fixed by differentiating between user and contact mapping.

OXUIB-830 “Connect your device” functions missing/changed/inconsistent

Missing QR code support for eas.This has been solved by adding QR code support and MWB-1179.

OXUIB-829 Safari: display error in “connect your device”

Browser have different focus styles.This has been fixed by adding consistent focus style for all browsers.

OXUIB-828 “Connect your device” - “OX Drive” entry removeable

Was caused by wrong capability check for drive apps.This has been fixed by adding capability check for drive capability to disable drive menu options.

OXUIB-823 Signature in Settings not visible

Timeout was introduced with an old Bugfix.Differentiate between compose and settings-pane as caller. Compose still uses default timeout (15s) when calling snippets getAll. Settings pane does not use any timeout when calling snippets getAll.

OXUIB-822 Missing contacts when adding from address book

Wrong parameter within the translation made the warning hard to read.Fixed parameters within Spanish translations.

OXUIB-820 Signature editor: toolbar cut off

Wrapping of elements were disabled.This has been fixed by simply wrapping actions in toolbar if not enough space is available.

OXUIB-818 Appointments in public folders can not be edited, resulting in endless loading

Appointments were drawn before the ‘injectVirtualCalendarFolder’ was called.Now register change listeners for appointments with incomplete folder data to solve this.

OXUIB-816 Planning view in calendar ignores daylight saving time

Was caused by wrong calculation of offset.This has been fixed by adjusting offset calculation.

OXUIB-813 Wrong dutch translation in mail compose dialog

This has been solved by fixing a typo.

OXUIB-812 Missing alert when mail not saved due to exceeded quota

Warning was not added to baton and therefore not processed.Warning gets added to baton now.

OXUIB-777 Improve “Apply mail filter” action on folders

Wording and button position not clear enough.Moved button “Save and apply rule” to the alternative position. Improved wording.

OXUIB-776 Encoded line break doesn’t work in mailto link

Missing convert of ‘\n’ to ‘br‘ when HTML is preferred mode for mails.This has been solved by adding missing convert of ‘\n’ to ‘br‘.

OXUIB-767 Mail Forward: Size of attachment is given as a negative number

The file attachment sizes was not orderly advertised with the first request for forwarded mails. File attachment sizes was always rendered if a size is returned in the response.Solution: Orderly advertise size of attachments with first request for forwarded mails and only render file sizes that are larger than 0 B, otherwise don’t render them at all.

OXUIB-749 Drive guided tour pauses if sharing is disabled

Capabilities were not used correctly, selectors were no longer valid and tour accidentally opened the chat app.This has been solved by adjusting selectors and capabilities and no longer open the chat app.

OXUIB-747 Sharing calendar with notification mail for invited user leads to an error

Wrong dirty check caused request that was not needed.This has been solved by fixing wrong dirty check.

OXUIB-741 Wrong date in filter rule, previous day

The local time zone was used to render the timestamp in the filter rule.This has been solved by now using UTC for rendering.

OXUIB-739 Week forward button “>” does not do anything when language is dutch, view is werkweek and weekstart is zondag

Wrong selection of day with certain (work)week settings.This has been fixed by removing basic setting dependent .startOf(‘week’) and replace with startOf(‘isoWeek’) in addition to a small adjustment for choosing the correct day.

OXUIB-733 OX Webmail - After some Onclick action focus does not move

Focus was not set to list after action.This has been fixed by setting focus to next list item after action.

OXUIB-694 Mail cut off without warning

Button was drawn but not visible.This has been fixed by triggering ‘complete’ to adjust height again.

OXUIB-688 Sender name not updated in webmail

Settings were not updated and may contain old account name.This has been solved by updating settings correctly.

OXUIB-677 Mail folder not visible after creation

Event listerners were still listening on an old collection.This has been fixed by adjusting event listeners after folder rename.

OXUIB-661 Popup / popout mail view nearly impossible from list-view

Single and double clicks on the same element were competing and led to inconsistent behavior.This has been fixed by treating double clicks as single clicks on list elements in list layouts.

OXUIB-619 Token input not updated after extension point

Timing issue with extension point and DOM events.This has been solved by explicitly updating token field view after all extensions have been executed.

OXUIB-609 “Remove photo” button greyed out after image resolution is too high

Buttons were not enabled after dialog gets idle.This has been solved by setting dialog to idle also when cropped image can’t be loaded.

OXUIB-536 Signatures not above quoted text on forwarded mail

ForwardUnquoted was not recognized by plaintext editor.This has been solved by adding forwardUnquoted detection for plaintext editor.

OXUIB-470 Token login must not perform autologin call

Very old implementation of tokenlogin mech hard wired into autologin code.Refactor tokenlogin to be a dedicated login plugin which is running independend of and before the autologin plugin.

OXUIB-1069 Useless sharing options still available (not greyed out)

Option button was drawn in any cases (not checking any conditions).Remove option completely if user is not allowed to apply changes and remove option completely if user is not allowed to apply changes.

OXUIB-1066 Creating mail results in error messages

When loading the Mail Compose dialog in the mobile view it is possible that the mail quota has not been updated yet and therefore the default value is stored. This leads to the assumption that the mail quota has been reached.The method with which the mail quota is evaluated has been adjusted to solve this issue.

OXUIB-1065 Different order for displayed contact field than in edit mode

Move field telephone_company “up” to match edit form.

OXUIB-1060 Scheduling shows 1h off after time change

In rare cases when adding the start hours for “only working hours” mode can lead to wrong calculations due to different offset values.Mind the offset and add it if necessary to solve this issue.

OXUIB-1054 Windows: anniversary field and Date of birth field trimmed in Google Chrome

Input not wide enough.Decrease spaces between inputs to make them wider.

OXUIB-1052 Settings -> Default App not needed for guest users

Check doesn’t check for number of apps.

OXUIB-1051 GET/POST adding needless question mark when no url params are set

GET/POST generally added a ‘?’ to the requesting URL.This has been solved by removing needless ‘?’ for GET/POST requests when no url params a set.

OXUIB-1050 Invalid fully-qualifying mail folder identifier on mail search using mail main folder

Configured value for special “all messages” folder (through property “com.openexchange.find.basic.mail.allMessagesFolder”) is not a fully-qualified mail folder identifier. UI had a 300ms delay before disabling the select button in the folder picker. This allowed picking invalid folders.Don’t expect fully-qualified mail folder identifiers when performing a mail search. Remove 300ms delay in UI and implement failsave for invalid folders, so invalid folders should no longer be selectable.

OXUIB-1045 Reset password inputs are inconsistent and untranslated

Inconsistencies left over after last refactoring, typo in “Confirm new Password”.This has been solved by cleaning up behavior of labels and placeholders to be consistent with the username field, fixed “Password” -> “password”.

OXUIB-1035 Guest user: email address field not greyed out / changeable or not?

Added missing check for guest folder id (16).

OXUIB-1025 Accessing shared files in a certain order fails

Failed virtual folder “request” caused error and error handler failed as ‘error’ and ‘options’ were undefined.This has been solved by adding fallback for ‘error’ and ‘options’.

OXUIB-1023 Permissions dialog does not support link-only case anymore

Feature were accidentally removed during refactoring.This has been solved by adding feature again.

OXUIB-1013 Sharing tasks only possible with “View” permissions

Rights changed to viewer for guests without notice.Now give a notice to user when rights are changed.

MWB-999 “All Day” appointment display problem after adding iCal by URL

Wrong data from external calendar source taken over as-is.This has been fixed by adjusting bogus all-day dates prior to storing event data from subscriptions.

MWB-994 Inline forwarding of a particular mail results in ‘Missing argument com.openexchange.mail.conversion.fullname’

A broken image link leads to failure of send/transport attempt.Solution: Don’t let failed image URI resolution prevent from sending a mail.

MWB-990 tel: links are removed from signature

Whitespaces and tel schema in URLs aren’t detected and thus URL checks might be bypassed.Remove whitespaces and handle URLs correctly. Add the tel scheme to com.openexchange.html.sanitizer.allowedUrlSchemes.

MWB-987 Suggestions for change: cleanup tasks are started on all nodes of a cluster, but only one is effectively running, “list” tool removes data

Existent data export tasks silently deleted if associated user/context do no more exist.This has been fixed by not deleting such “orphaned” data export tasks when invoking listdataexports command-line tool.

MWB-967 Higher load on parsing sent email

Was caused by possible long-running Matcher.find() invocation.This has been fixed by adding fast plausibility check & introduced a timeout-aware matcher alternative that respects a passed timeout whenever matching the input sequence or finding a certain sub-sequence is requested to avoid possibly long-running matcher invocations.

MWB-958 Not possible to change directly case of context name with changecontext

Context names are checked case-insensitive for equality when attempting to change a context’s name and thus changing to the same context name, but different cases were considered as a no-op.This has been solved by checking case-sensitive for equal context names when attempting to change a context’s name.

MWB-954 Wrong HTTP status code when If-None-Match header is set

No response status distinction for read-only operations in If-None-Match/If-Match checks.This has been solved by using HTTP 304 response during If-Match/If-None-Match checks for GET and HEAD.

MWB-951 Share is not created if mailbox is overquota

Missing special handling for error codes that advertise actual transport succeeded, but append to standard sent folder failed.This has been fixed by adding special handling for error codes that advertise actual transport succeeded, but append to standard sent folder failed.

MWB-934 No default folder could be found in module calendar

Wrong value inserted into guestCreatedBy field of guest users under certain circumstances.Ensure to reassign guestCreatedBy field to context admin during user deletion if no destination user specified.

MWB-930 Appointment invitation: .ics file gets saved as .dat file in drive

Different generation of fallback attachment filename extension.This has been solved by using the common method to yield fall-back name with a reasonable file extension.

MWB-928 CompositionSpaceCleanUpTask seems to trigger UpdateTasks on all schemas after 7.10.4 upgrade automatically

Unexpected trigger of update task for a schema that is currently checked for possible expired composition spaces.Skip clean-up of expired composition spaces for those schemas that are currently updated or need an update to solve this.

MWB-924 Wrong encoding in plain-text sharing-mail-body using umlauts in display name

Sender’s full name for introduction in drive mail notifications escaped twice.This has been fixed by escaping sender’s full name for introduction in drive mail notifications only once.

MWB-903 One user can create stacktraces to JE >36.000 lines

Equal exceptions chained multiple times.This has been solved by avoiding chaining equal exceptions multiple times.

MWB-892 Different words in OX for the same - Beschreibung, Notiz., Anmerkung

Inconsistent translation of ‘notes’.This has been fixed by adjusting translations.

MWB-891 An error occurred: HTTP/1.1 423 Locked

Possible concurrent modification of storage objects is quitted with “HTTP/1.1 423 Locked” status response leading to abortion of request processing.This has been fixed by introducing retry mechanism with exponential back-off in case Sproxyd service quits request with “HTTP/1.1 423 Locked”.

MWB-888 Increased load since 7.10.3

Too many occurrences of low-level HTTP end-point pools for initialized Sproxyd clients.This has been fixed by adding cache for low-level Sproxyd HTTP end-point pools.

MWB-868 Dataexport fails with “No such file or directory” error message

Intermediate clean-up task unexpectedly dropped file storage resources.This has been solved by not running clean-up task when there are currently running data export tasks.

MWB-792 New feature ‘File backup’ is not working

One optimization was done: Resume reading an S3 object’s content when HTTP connection gets unexpectedly closed due to premature EOF (actually read bytes do not match advertised content length)

MWB-745 Old composition space increase

Clean-up task does only work for active users since a session is needed. Those belonging to inactive ones are not considered and might therefore remain.This has been solved by refactoring clean-up task for expired composition spaces to have a global task considering any open composition space.

MWB-667 Mail filter apply does not work for copy

The copy require was missing from the FILEINTO action command, hence the MailFilterService was generating the wrong require directive for the sieve script. The issue lies within the MailFilterService.getFilterRule when the method reconstructs the Rule object from the sieve script, i.e. the copy require is not added as an optional require.This has been solved by including the copy as an optional require for the FILEINTO action command.

MWB-1343 Premature end of Content-Length delimited message body error on Image Preview

Possible premature end of stream when reading a Scality object’s content.Gracefully deal with possible premature end of stream when reading a Scality object’s content.

MWB-1342 Variables being reset in during patching

RPM post installation script do not have information about the version from or to that is currently upgraded during post installation script execution. Therefore we have not been able in the past to write good post installation scripts that run only once. Today we have that and we can easily fix this issue.Run that part of the post installation script only once for each deployment.

MWB-1319 Usercopy does not copy the user all the time;Possible SQL transaction timeout while trying to copy a user from one context to another: “Lock wait timeout exceeded

try restarting transaction”.Follow the suggestion from MySQL server and repeat the user-copy execution in case an SQL transaction timeout is encountered.

MWB-1314 “Connect your Device” iPhone (iOS device) overwrites the first account in case you have 2 on the same system

Used same PayloadIdentifier for different users leading to profiles overwriting each other.Use unique PayloadIdentifier to avoid profiles for different users overwriting each other.

MWB-1313 Since 7.10.5 OX-9999 Categories=ERROR Message=‘Missing attachment identifier in mail part’ error

Possible “Missing attachment identifier in mail part” error when parsing draft mail.This has been fixed by avoiding “Missing attachment identifier in mail part” error.

MWB-1311 Different handling of chronos?action=update when partStat is set to “NEEDS-ACTION”

Reset of participant status behaves differently then removing and adding of the same participant.When participant status is reset also remove hidden flag, so event is displayed for the attendee again (internal attendee). Also, send “invitation” notification (internal attendee) or iTIP (external attendee) mail to attendee with reset status.

MWB-1310 OX Vacation notifier Settings Bug

Domains were applied to the existing rule object instead of the updated one.This has been fixed by applying domain checks to the updated rule.

MWB-1303 After 7.10.5 update: ‘Missing configuration for nextcloud account’ in logs for several users

Extensive logging of error afflicted file-storage accounts when performing a drive search.Adjusted log level of user-specific errors to “debug”.

MWB-1300 Move of contexts fails when using OXContextService > moveContextFileStore

Accessing a file during storage move signals file-not-found error although file list has been retrieved from storage itself.Pass an appropriate file-not-found handler if file listing was retrieved from storage, but accessing a file fails due to absence. This allows to perform checkconsistency to repair that.

MWB-1296 Address book email check does not check for presence of TLD

E-Mail addresses without top-level domain part in address’ host-name part are considered as valid.Added new config option “com.openexchange.mail.checkTopLevelDomainOnAddressValidation” to enable top-level domain validation on E-Mail address validity check. By default that option is disabled to not mess-up existent installations.

MWB-1290 oxsysreport doesn’t catch imageconverter-server configuration

oxsysreport does not consider Image-Converter configuration files.Let oxsysreport also collect Image-Converter configuration files.

MWB-1281 Drive Shares still accessible for guest users after permissions have been removed for owner

Unclear requirement to run ‘deleteinvisible’ after downgrade, problem in database statement during downgrade.Added hint to ‘deleteinvisible’ in changeuser documentation, corrected SQL statement for folder deletions after downgrade.

MWB-1272 Content-Type: message/delivery-status not shown in App Suite

Message’s delivery-status was not displayed.Now display message’s delivery-status.

MWB-1266 Unable to delete calendar appointment series

Missing attendee data raised an exception when collecting deletions for userized result.Missing attendee data raised an exception when collecting deletions for userized result.

MWB-1265 Password reset link not invalidated after setting new password

Password change not forwarded to cross-context database.Align guest reference in cross-context database after setting new password in “reset” dialog to solve this issue.

MWB-1256 Documentation change or removal

The alias is still supported but there was an issue with the implementation. For each soap alias a new servlet was created and registered but only the first one was filled with data.Instead of creating new servlets for each alias I registered the same servlet for each alias.

MWB-1248 Attachment downloads not working when app password used

RestrictedAction.Type was missing from the getAttachmentAction.This has been solved by adding missing action type.

MWB-1247 Subscribed mail account saves drafts to primary account

Final draft messages are not stored in appropriate account’s standard drafts folder.Final draft messages are now orderly stored in appropriate account’s standard drafts folder. Please note that storing intermediate draft messages associated with an alive/intact composition space are intentionally stored in primary account’s standard folder.See also:

MWB-1244 Report client not finishing, Connection) returns an empty abstract list if a schema has no results for contexts (see table context_server2db_pool).This has been solved by returning new ArrayList<> instead of Collections.emptyList().

MWB-1234 Fast filling of heap.hprof file crashing OX service

Problems in the network stack of the underlying Hazelcast framework caused increased memory consumption and GC activities, eventually leading to nodes becoming unresponsive.Upgraded Hazelcast library to v5.0 where these kind of problems are mitigated according to Hazelcast.Introduced a new package open-xchange-hazelcast5-community which could be installed instead of open-xchange-hazelcast-community.

MWB-1232 Increased threads since update

Repeatedly loading of resource files for JavaMail providers and address map.Solution: Cache loaded resource files for JavaMail providers and address map (reset cache on reloadconfiguration).

MWB-1231 Using Russian in Appsuite inserts whitespaces inside the Subject

Multi-mime-encoded header value wasn’t properly decoded.Now properly decode a multi-mime-encoded header value.

MWB-1229 Contact API failing from voice tab

Behaviour of the ApachePostRequestBuilder changed during lib upgrade.Restore old behaviour.

MWB-1224 Slovak text broken within Settings -> Accounts

Broken encoding for standard google account nam ein slovak.This has been solved by using UTF-8 encoding instead if ISO-8859-1 encoding for the display name when creating the callback URL for Google.

MWB-1223 cannot allow uppercase logins (with USE_MULTIPLE=false)

Missing option to automatically convert login info to lower-case.This has been fixed by introducing boolean property “com.openexchange.authentication.imap.autoLowerCase” (default is false) to specify that login info is supposed to be automatically converted to lower-case when attempting to authenticate against IMAP server.

MWB-1222 External mail account folders not translated

Folder of external accounts are not supposed being translated, but external account’s Inbox folder was.Avoid translate name for an external account’s Inbox folder.

MWB-1220 500 internal server error(s) for one dedicated EAS Account

In case a calendar user appears multiple times in the attendee lineup, a folder existence check may fail due to selecting the false one.This has been solved by considering further alternatives when checking if event is rendered in folder or not.

MWB-1213 Invalid Protocol Generated by SAML Plugin

Generated SAML id is a simple UUID with possible digits, but SAML ID must not start with a digit.This has been solved by prepending a single character “a” to the ID.

MWB-1209 Failure of JVMs/groupware-nodes, Login not longer possible

Optimization: Avoid using regular expression to split HTML content to lines and fixed possible NPE when querying available composition spaces.

MWB-1207 Low level Casandra statement error is shown via HTTP API

The exception’s display message was exposing internal Cassandra infrastructure information.Adjusted the exception’s display message to hide that information.

MWB-1179 Missing link endpoint for onboarding EAS provisioning

EAS support was missing.This has been solved by adding EAS support.

MWB-1169 Appointment series exceptions are not shown via CalDAV all the time

Userization of delete exception dates not working properly for event series in public folders.Solution: Don’t userize change- and delete exception dates for events in public folders.

MWB-1167 No / unclear error messages when IMAP folder limit is reached

Possible failed CREATE commands silently swallowed.Orderly advertise possible failed commands to client while considering possible IMAP response codes (like “[LIMIT]“).

MWB-1164 Mail-Authenticity-Feature / Icon UI Documentation missing

Misleading documentation.Added a note to the documentation that explains that the image is not supported in the core UI.

MWB-1162 Change onBoarding Wizards Profile Name, Account Name inside of the Profile and Description of the Account in the Profile for iOS Mailsync

Used always com.openexchange.x as a payload identifier.Use the reversed domain as the payload identifier.

MWB-1159 Email subject not displayed in desktop notifications

Found paths in IMAP-IDLE backed push implementation for which notifications are published w/o providing basic message info (like subject).Always provide basic message info when publishing notification to solve this.

MWB-1153 Different fallback value for empty ‘from’ (all vs. get)

“<>” was not detected as empty address header.Better detection for missing or empty address headers.

MWB-1148 Package referenced in docs (open-xchange-mail-authenticity) does not exist

Wrong package in mail authenticity config documentation.This has been solved by using correct package in mail authenticity config documentation.

MWB-1145 CalDAV: calendar can not be synchronized anymore since upgrade to 7.10.5-ucs2

Missing safety checks prior folder display name template replacements.Solution: Additional safety checks prior folder display name template replacements, added logging if replacements are unavailable.

MWB-1137 Mails not displayed anymore on missing Drafts folder when Mail-Authenticity is enabled

Possible null dereference when dropping a standard mail folder.Fixed possible null dereference when dropping a standard mail folder.

MWB-1132 iCal feed throws “IllegalStateException: can not shift the time zone of an all-day date”

All-day appointments were not considered during recurrence id normalization.This has been solved by considering all-day appointments.

MWB-1130 What permission is needed to change displayname

A very old bug still causes problems, so a security mechanism in the code doesn’t work as expected.Re-enable a self-healing mechanism of fix for bug 19128 and adjusted the code to avoid bug 55703.

MWB-1109 After appsuite 7.10.5 upgrade, Hazelcast gets odd names

Moby naming shipped with v4.x introduces human-friendly names for the Hazelcast instances to be shown in e.g. the Hazelcast Management Center and cluster statistics. It is enabled by default.Disable moby naming when programmatically compiling the Hazelcast configuration.

MWB-1108 Autoconfig does only use Port 80 for probing/connecting to autoconfig.domain

Static build URL used HTTP and not HTTPS.This has been fixed by preferring HTTPS URL and only retry with HTTP if the forceSecure flag is set (over HTTP API). Also, log a warning if HTTP is used.

MWB-1106 No calendar listed - FLD-1001 NPE

Was caused by a NPE while sorting display names.This has been fixed by adding null guard and by preventing null values.

MWB-1083 7.10.3 -> 7.10.5 Update results in Unmet dependencies for update task “com.openexchange.mail.compose.impl.groupware.CompositionSpaceRestoreAttachmentBinaryDataColumn”

Was caused by broken update task dependencies.Has been solved by fixing update task dependencies.

MWB-1077 Changes done to appointment series in O365 lead to error in subscribed calendar in Appsuite

Incompatible timezone identifier gets cached along with overridden instances, which causes problems when re-loading the data from the cache.Normalize recurrence identifiers prior processing events from external iCalendar source to solve this.

MWB-1072 iOS Profile names not clear since 7.10.5

Content-dependent identifier for onboarding profile names were accidentally cropped.This has been fixed by re-adding content-dependent part to profile display name.

MWB-1065 Draft high priority is not kept when saved as draft

Priority not kept when restoring a compose window from formerly saved draft message.This has been solved by keeping priority when editing draft messages.

MWB-1058 Server reports failed SQL database insertion for syncfolders request

Filenames containing dashes confused the fulltext index tokenizer.Solution: OX Drive searches for files with “exact-match”, ignore fulltext index for those requests.

MWB-1052 Database error when searching for something like [-+*%][a-z]

Remaining whitespace in tokenized query after non-word characters have been replaced.This has been solved by trimming pattern after replacing non-word characters in client-supplied token.

MWB-1049 Option “Use Drive Mail” throws an error to user

Wrong sequence number chosen while trying to apply attributes to shared Drive mail attachments.Fixed applying attributes to shared Drive mail attachments.

MWB-1046 Could not acquire lock to start Dovecot listener

Listener could not be registered on a certain since there is already such a listener available in cluster, but registration at Dovecot side might no more be active.This has been solved by ensuring registration is set at Dovecot side when there is already a Dovecot-Push listener available in cluster.

MWB-1043 Adding WebDAV account from fails

Insufficient PROPFIND handling when querying files: Detection of whether the returned resource is a collection or not was done by checking for a trailing “/” character.Added “resourcetype” prop to the PROFIND query which will return whether the resource is a collection or not.

MWB-1040 Calendar does not return conflict warning

Iteration of checked event series begins too late.This has been solved by considering duration when initialize recurrence iterator for conflicting series events in checked period.

MWB-1029 Autodiscover needs a lot of time

Too low settings for HTTP connection pools for both - auto-config server and ISPDB end-point.This has been solved by increasing settings for HTTP connection pool of both - auto-config server and ISPDB end-point - while lowering values for read and connect timeout.

MWB-1024 Connection to database problems / DAV client(s) involved

Generic error returned when vCards exceed the maximum size during bulk import.This has been solved by explicitly handling too large vCard during bulk import requests.

MWB-1023 Connect your device SMTP Settings

SMTP host information advertised as “None” in case SMTP authentication is disabled through configuration.Now do not advertise SMTP host information as “None” in case SMTP authentication is disabled through configuration.

MWB-1017 String index out of range: -1 for error when scrolling in inbox

Possible java.lang.StringIndexOutOfBoundsException when trying to decode subject string obtained from ENVELOPE fetch item.Fixed possible java.lang.StringIndexOutOfBoundsException when trying to decode subject string obtained from ENVELOPE fetch item.

MWB-1014 UI Error When Birthdays Disabled

No fallback access used when collecting pending alarm triggers from disabled accounts.This has been solved by using fallback access when collecting pending alarm triggers from disabled accounts.

MWB-1013 Data export documentation unspecific about hwo it is designed to work

Missing section highlighting that a data export is a background task and should be handled as such.Added a section highlighting that a data export is a background task and should be handled as such.

MWB-1011 Smtp login-rejects (wrong password and similar) are not logged at all

Missing log message for failed authentication attempts against primary mail/transport server.This has been solved by adding logging failed authentication attempts against primary mail/transport server.

MWB-1008 Sproxyd filestore not working anymore after upgrade to 7.10.5-REV7

Premature cancellation of HTTP request leading to HTTP connection shutdown.Avoid premature cancellation of HTTP request leading to HTTP connection shutdown.

MWB-1007 GDPR Exports in state “Pending”

Lock entry not cleansed from database in case temporary database outage/inaccessibility occurs.This has been solved by enhancing acquired lock by a time stamp that gets periodically touched (every minute). Consider lock as expired if not touch for more than 5 minutes.

MWB-1000 DefaultSenderAddress not used when compose new mail

From address determined by examining user’s primary mail account data.Solution: Orderly pre-select user’s default send address when composing new mails.

DOCS-3843 Mentions in text document does not work as external user. Wrong error messages while doing this

Guest user handling was not perfect.This has been solved by improving guest user handling:1. When a guest user inserts a mention into a comment, the follwing text appears in the bottom of the comment: “You added people to this comment. Attention: Due to missing permissions no email will be sent!”2. When the guest user sends the comment, the dialog with the information, that no mail be sent, does not appear anymore.

DOCS-3684 Connection Errors After Installing ImageConverter

Inserting PRIMARY keys more than once during IC server job proccessing gives DB server exceptions in some timing dependent cases. Inserting PRIMARY keys more than once during IC server job proccessing gives DB server exceptions in some timing dependent cases.Solution: Preventing mutliple access to PRIMARY DB keys fixes the problem with IC server DB communication. Replacing the emulated file storage update call (setFileLength(0)/appendToFile) with sequences of createNewFile/updateDB entry in every case within the IC server code base fixes the inconsistent SproxyD adapter behavior.

DOCS-3629 Recommended hardware size for ImageConverter install on dedicated server

Missing sizing information on related Ox provided IC documentation pages.This has been solved by adding sizing section to IC documentation.

DOCS-3611 Welcome Tour is displayed two times for Text, Spreadsheet, Presentation (6 times in total)

Creating the missing settings entry “portal//recents” deletes the existing settings entry “portal//fulltour/shown” causing the tour to start again.Now, when starting a portal app, the missing property “portal//recents” will explicitly be created in frontend code and sent to server.

DOCS-3588 Tall Image Distorted on Zoom

Images with quite unusual width/height aspect rations (3.8 h/w / 0.26 w/h in this case) get too much distorted when scaled into a target rectangle so that e.g. text rendering within the target image gets distorted/unreadable after processing. Checking aspect ratios for source and target images for unusual ratios above 21:9 (2.33) when scale type CONTAIN is requested and w/h aspect ratios of source and target image differ significantly (e.g. source w/h > 1.0, target w/h < 1.0 and vice versa).Prevent scale processing of images completely in those cases so that as much source image information as possible gets transferred to the requester/browser as possible. This significantly improves readability of e.g. text like content in such images delivered to the frontend .

DOCS-3536 DC error logging should be enhanced to show the root cause

After configuring test system appropriately, exception logging (with appropriate description now) could be reproduced when viewing mail attachment documents. Instead of using a different algorithm to determine document URL, the standard file based approach was used that finally led to the exception logging without causing further harm.Solution: 1.) Removing newline within log output to log root cause of exception. 2.) Using different approach for mail attachments to determine document URL to be used in RE rendering stage for e.g. file fields. Schema used in mail attachment case is now: file:///Mail/filename

DOCS-3473 Menubar changed after using “Save As”

Exiting loop for tool bar expansion too early. After unhiding and unshrinking, but before maximizing the groups.This has been solved by not leaving toolbar expansion process always after unshrinking. Only, if this is required.

DOCS-3248 Automatic color in shape shows black, then reverts to white after save

The filter cannot evaluate type ‘auto’ for text colors in shapes (Presentation and Spreadsheet, ooxml).Instead of sending ‘auto’ when the user selects ‘Auto’ as a text color, the best text color is evaluated corresponding to the shape background. This calculated color is sent to the filter.

DOCS-3239 Presentation Template - Scroll issues

When an image is inserted via the buttons in template drawings, the mousedown happens on the content root node, but the mouseup does not. But these events are registered for an optional scrolling. Therefore the scroll position was not correctly adapted, when the user changes the slide using the slide pane and does not click at least once into the document after inserting the image.Now checking the target nodes for mousedown and mouseup events that are required for scrolling.

DOCS-3237 Cell content does not get saved when using ‘save as’ if cell is still “open”

Document was not flushed before the copy was created in Drive. Flushing causes to save all pending changes which, in Spreadsheet, includes to commit the cell edit mode.Flush document before starting to copy the file in Drive for user actions “Save As” and “Save As Template” tto solve this issue.

DOCS-3222 Default templates have wrong review language in places

Templates contained more than 5 different languages on XML level.Fixed on XML level, replaced all (western) lang attrs to be only en-US for EN templates, de-DE for DE templates.

DOCS-3190 My Attachments Shown but Unusable when Opening Documents

The files are not visible because it’s not possible to open the attachements in documents. Hide the attachments folder to not confuse the user

DOCS-3189 Single context mode - “Global template folders” are getting displayed

Global templates are not helpful with com.openexchange.capability.alone = true.With com.openexchange.capability.alone = true, global templates in office settings are not displayed anymore for users and also not for admin user.

DOCS-3144 Viewer: Printing of images is not possible

Print as PDF did only work for Office files and PDF files. Enabled that images can be printed via “Print as PDF” too. Plain .txt files are enabled now, too for “Print as PDF”, which was also not possible before.

DOCS-2709 Document preview loading slow if via direct link

The whole list is loaded for a Viewer deeplink. For such big folders, the data can get very big (for 60k files it can be about 30mb). Even the transfer via a typical DSL connection can take a big amount of time. The next reason is that the viewer creates boilerplates for each item that is passed to the Viewer carousel. This adds a additional slowdown.When using a Drive Viewer deeplink (url pasted in the tab), now the Drive list for this folder is used. Instead of loading the whole file list for that folder with a new request. One further advantage is that the order in the Drive list and the Viewer carousel is the same (below the pagination limit). When the to be viewed file is outside of the pagination limit of the Drive list, this single file is added to the viewer carousel in addition.

DOCS-2619 Readerengine scratch directory fills up

PDFTool does not return at all with some rare, yet unknown PDF documents.Now we introduced a maximum runtime for each call to the PDFTool (similar to watchdog for RE processes), returning an error after the configured jobExecution timeout time and responding to the appropriate request in time.