From 0052d6fc4fce1ff24ba0fea80a6123e085d85a43 Mon Sep 17 00:00:00 2001
From: Pascal Bleser <p.bleser@opencloud.eu>
Date: Tue, 7 Oct 2025 09:35:47 +0200
Subject: [PATCH] groupware: upgrade Stalwart in devtools from 0.13.2 to 0.13.4

 * changes from 0.13.4:
   - JMAP: Protocol layer rewrite for zero-copy deserialization and
     architectural improvements.
   - IMAP: Unbounded memory allocation in request parser
     (CVE-2025-61600)
   - IMAP: Wrong permission checked for GETACL.
   - JMAP: References to previous method fail when there are no results
     (stalwartlabs#1507).
   - JMAP: Enforce quota checks on Blob/copy.
   - JMAP: Mailbox/get fails without accountId argument (stalwartlabs#1936).
   - JMAP: Do not return invalidProperties when email update doesn't
     contain changes (stalwartlabs#1139)
   - iTIP: Include date properties in REPLY (stalwartlabs#2102).
   - OIDC: Do not set username field if it is the same as the email field.
   - Telemetry: Fix calculateMetrics housekeeper task (stalwartlabs#2155).
   - Directory: Always use rsplit to extract the domain part from email
     addresses.

  * changes from 0.13.3:
   - CLI: Health checks
   - WebDAV: Assisted discovery v2
   - iTIP: Do not send a REPLY when deleting an event that was not
     accepted.
   - iTIP: Include event details in REPLY messages (stalwart#2102).
   - iTIP: Add organizer to iMIP replies if missing to deal with MS
     Exchange 2010 bug.
   - OIDC: Do not overwrite locally defined aliases (stalwart#2065).
   - HTTP: Scan ban should only be triggered by HTTP parse errors.
   - HTTP: Skip scanner fail2ban checks when the proxy client IP can't
     be parsed (stalwart#2121).
   - JMAP: Do not allow roles to be removed from system mailboxes
     (stalwart#1977).
   - JMAP WS: Fix panic when using invalid server url.
   - SMTP: Do no send EHLO twice when STARTTLS is unavailable
     (stalwart#2050).
   - IMAP: Allow ENABLE UTF8 in IMAPrev1.
   - IMAP: Include administer permission in ACL responses.
   - IMAP: Add owner rights to ACL get responses.
   - IMAP: Do not auto-train Bayes when moving messages from Junk to
     Trash.
   - IMAP/ManageSieve: Increase maximum quoted argument size
     (stalwart#2039).
   - CalDAV: Limit recurrence expansions in calendar reports
     (CVE-2025-59045).
   - WebDAV: Do not fix percent encoding on WebDAV FS (stalwart#2036).
---
 devtools/deployments/opencloud_full/stalwart.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devtools/deployments/opencloud_full/stalwart.yml b/devtools/deployments/opencloud_full/stalwart.yml
index e4d376894c..6f6ed50664 100644
--- a/devtools/deployments/opencloud_full/stalwart.yml
+++ b/devtools/deployments/opencloud_full/stalwart.yml
@@ -7,7 +7,7 @@ services:
           - ${STALWART_DOMAIN:-stalwart.opencloud.test}
 
   stalwart:
-    image: ghcr.io/stalwartlabs/stalwart:v0.13.2-alpine
+    image: ghcr.io/stalwartlabs/stalwart:v0.13.4-alpine
     hostname: ${STALWART_DOMAIN:-stalwart.opencloud.test}
     networks:
       - opencloud-net