A new SEPPmail Appliance hotfix release has been published that updates OpenSSL to version 3.0.19 and addresses multiple security findings:

• CVE-2025-15467
• CVE-2025-68160
• CVE-2025-69418
• CVE-2025-69419
• CVE-2025-69420
• CVE-2025-69421
• CVE-2026-22795
• CVE-2026-22796

The OpenSSL vulnerability CVE-2025-15467 also partially affects SEPPmail solutions.

Status of vulnerability mitigation SEPPmail Appliance

A patch release is currently in testing and will be released in the coming days. MSPs, partners and customers are advised to apply the update as soon as available.

We want to point out that the previous appliance release contains fixes for other security findings, and we urge MSPs, partners and customers to update as soon as possible.

Status of...

Appliance Release 14.1.2.1 is a hotfix release to prevent a race condition between two tasks that would otherwise terminate each other and thereby prevent the watchdog from running.

For more information and a complete list of changes please take a look into the extended release notes.

Appliance Release 14.1.1.2 is a hotfix release for a regression error in the handling of the keys used to encrypt GINA cache mails (too many LDAP bind requests). Affected customers noticed a slowdown or freeze of the system.

For more information and a complete list of changes please take a look into the extended release notes.

We are currently unable to reach GMX mail servers. Mail is stored in our outbound queue and delivery will be retried regularly. No mail is lost unless the issue remains for several days.

As this affects all our IP ranges and delivery to other mail providers is possible, we assume this is an issue on GMX side.