{"services":[{"id":5630,"name":"Global Services","description":null,"children":[{"id":5487,"name":"Login Page","description":null,"children":[],"current_incident_type":null},{"id":5485,"name":"Cloud REST API","description":null,"children":[],"current_incident_type":null},{"id":10454,"name":"Quarantine Reports","description":null,"children":[],"current_incident_type":null},{"id":11469,"name":"2FA SMS Service Provider","description":"Service Provider to send two-factor authentication via SMS","children":[],"current_incident_type":null},{"id":13415,"name":"Swisssign Certificate Authority","description":null,"children":[],"current_incident_type":null}],"current_incident_type":null},{"id":5631,"name":"CH Instance","description":null,"children":[{"id":5481,"name":"Mailflow CH Instance","description":null,"children":[],"current_incident_type":null},{"id":5488,"name":"GINA Interface","description":null,"children":[],"current_incident_type":null}],"current_incident_type":null},{"id":5632,"name":"EU Instance","description":null,"children":[{"id":5629,"name":"Mailflow EU Instance","description":null,"children":[],"current_incident_type":null}],"current_incident_type":null},{"id":7558,"name":"External Services","description":"Services external to seppmail.cloud for which SEPPmail is not directly responsible. This section is used to notify about incidents involving third-party services which may impact our partners and customers.","children":[{"id":7559,"name":"M365 Mailhosting","description":"Mailflow to or from Microsoft365","children":[],"current_incident_type":null},{"id":7561,"name":"DNS-Providers","description":"DNS-related providers (registrars, hosting of authoritative zones, ISP or independent resolver services)","children":[],"current_incident_type":null},{"id":21254,"name":"Non-SEPPmail-related incidents","description":"We list incidents which are not directly related to SEPPmail, but which may have an impact on customers under this service. Examples include, but are not limited to: new botnets or spam waves, major security threats involving e-mail services, outages of globally or locally relevant major services.","children":[],"current_incident_type":null}],"current_incident_type":null},{"id":27401,"name":"SEPPmail Appliances","description":null,"children":[{"id":27402,"name":"Licence and Update Services","description":null,"children":[],"current_incident_type":null},{"id":27403,"name":"Appliance Release Info","description":null,"children":[],"current_incident_type":null}],"current_incident_type":null},{"id":33271,"name":"Website","description":null,"children":[],"current_incident_type":null}],"status_page":{"name":"SEPPmail","url":"www.seppmail.com","subdomain":"seppmail","time_zone":"Europe/Zurich","current_incident_type":null,"default_lang":"en"},"incidents":[],"info_notices":[{"id":231681,"title":"Swisssign - renewal of S/MIME Silver certificates","updates":[{"id":490768,"type":"info","description":"Swisssign informs that S/MIME certificates generated between July 15 2025 and April 17 2026 have a formal error as viewed by the CA/Browser forum as the regulatory body on certificates. According to Swisssign, the formal errors are not a security risk.\r\n\r\nAffected certificates (of type \"SwissSign Personal S/MIME E-Mail ID Silver\", ie domain validated certificates) will be revoked by Swisssign on April 22 2026 at 15:00 CET.\r\n\r\nThe lifecycle of certificates of customers using SEPPmail appliances (and therefore also seppmail.cloud customers) is fully automated, so the process should be transparent in most situations.\r\n\r\nGiven the scale of the renewal activity it would not come unexpected if some customers would experience performance issues at Swisssign (either on their portal or in our MPKI connector to their servers).\r\n\r\nSEPPmail will closely monitor the situation at Swisssign and use this channel to provide additional updates as and if needed.","inserted_at":"2026-04-18T14:16:35","updated_at":"2026-04-18T14:16:35","posted_at":"2026-04-18T13:51:10","subscribers_notified_at":"2026-04-18T14:16:35","description_html":"<p>\nSwisssign informs that S/MIME certificates generated between July 15 2025 and April 17 2026 have a formal error as viewed by the CA/Browser forum as the regulatory body on certificates. According to Swisssign, the formal errors are not a security risk.</p>\n<p>\nAffected certificates (of type “SwissSign Personal S/MIME E-Mail ID Silver”, ie domain validated certificates) will be revoked by Swisssign on April 22 2026 at 15:00 CET.</p>\n<p>\nThe lifecycle of certificates of customers using SEPPmail appliances (and therefore also seppmail.cloud customers) is fully automated, so the process should be transparent in most situations.</p>\n<p>\nGiven the scale of the renewal activity it would not come unexpected if some customers would experience performance issues at Swisssign (either on their portal or in our MPKI connector to their servers).</p>\n<p>\nSEPPmail will closely monitor the situation at Swisssign and use this channel to provide additional updates as and if needed.</p>\n"}],"url":"https://seppmail.statuspal.eu/info_notices/231681","inserted_at":"2026-04-18T14:16:35","updated_at":"2026-04-18T14:16:35","timezone":null,"service_ids":[5630,13415,27401,27402,27403],"featured_from":"2026-04-18T14:00:00","featured_until":null},{"id":225588,"title":"New Appliance Release 15.0.3 / CVEs added","updates":[{"id":477754,"type":"info","description":"A new SEPPmail Appliance release has been published. \r\nWith this release we closed another batch of the ETH Zurich findings:\r\n* High: S/MIME Signature Additional Certificate [CVE-2026-29140](https://www.cve.org/CVERecord?id=CVE-2026-29140)\r\n* High: Bounded Subject Tag Sanitization [CVE-2026-29141](https://www.cve.org/CVERecord?id=CVE-2026-29141)\r\n* High: Plaintext secure-mail.html [CVE-2026-29142](https://www.cve.org/CVERecord?id=CVE-2026-29142)\r\n* High: S/MIME Decryption Impersonation [CVE-2026-29143](https://www.cve.org/CVERecord?id=CVE-2026-29143)\r\n* High: Unicode Subject Tags [CVE-2026-29144](https://www.cve.org/CVERecord?id=CVE-2026-29144)\r\n* High: GINA State Confusion Account Takeover [CVE-2026-29139](https://www.cve.org/CVERecord?id=CVE-2026-29139)\r\n* Medium: PGP Decryption Recipient LDAP Injection [CVE-2026-29131](https://www.cve.org/CVERecord?id=CVE-2026-29131)\r\n* Low: ESWmail-Verify Bypass [CVE-2026-29132](https://www.cve.org/CVERecord?id=CVE-2026-29132)\r\n* Low: UID Regex Bypass [CVE-2026-29133](https://www.cve.org/CVERecord?id=CVE-2026-29133)\r\n* Low: GINA Domain Switch [CVE-2026-29134](https://www.cve.org/CVERecord?id=CVE-2026-29134)\r\n* Low: Webmail Password Tag Sanitization Bypass [CVE-2026-29135](https://www.cve.org/CVERecord?id=CVE-2026-29135)\r\n* Low: CA Notification HTML Injection [CVE-2026-29136](https://www.cve.org/CVERecord?id=CVE-2026-29136)\r\n* Low: Long Subject Untagging [CVE-2026-29137](https://www.cve.org/CVERecord?id=CVE-2026-29137)\r\n* Low: PGP Decryption Sender LDAP Injection [CVE-2026-29138](https://www.cve.org/CVERecord?id=CVE-2026-29138)\r\nand a possible path traversal found by Infoguard [CVE-2026-2743](https://www.cve.org/CVERecord?id=CVE-2026-2743)\r\n\r\nWe also updated OpenBSD 7.7 to errata 23 and fixed a list of smaller issues.\r\n\r\nPlease see the [revision history](https://docs.seppmail.com/ch/20_revision-history.html) and the [extended release notes](https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html) for further details.\r\n","inserted_at":"2026-03-05T10:08:54","updated_at":"2026-03-06T14:00:19","posted_at":"2026-03-05T09:17:06","subscribers_notified_at":"2026-03-06T14:00:19","description_html":"<p>\nA new SEPPmail Appliance release has been published.  <br />\nWith this release we closed another batch of the ETH Zurich findings:</p>\n<ul>\n  <li>\nHigh: S/MIME Signature Additional Certificate <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29140\">CVE-2026-29140</a>  </li>\n  <li>\nHigh: Bounded Subject Tag Sanitization <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29141\">CVE-2026-29141</a>  </li>\n  <li>\nHigh: Plaintext secure-mail.html <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29142\">CVE-2026-29142</a>  </li>\n  <li>\nHigh: S/MIME Decryption Impersonation <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29143\">CVE-2026-29143</a>  </li>\n  <li>\nHigh: Unicode Subject Tags <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29144\">CVE-2026-29144</a>  </li>\n  <li>\nHigh: GINA State Confusion Account Takeover <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29139\">CVE-2026-29139</a>  </li>\n  <li>\nMedium: PGP Decryption Recipient LDAP Injection <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29131\">CVE-2026-29131</a>  </li>\n  <li>\nLow: ESWmail-Verify Bypass <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29132\">CVE-2026-29132</a>  </li>\n  <li>\nLow: UID Regex Bypass <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29133\">CVE-2026-29133</a>  </li>\n  <li>\nLow: GINA Domain Switch <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29134\">CVE-2026-29134</a>  </li>\n  <li>\nLow: Webmail Password Tag Sanitization Bypass <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29135\">CVE-2026-29135</a>  </li>\n  <li>\nLow: CA Notification HTML Injection <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29136\">CVE-2026-29136</a>  </li>\n  <li>\nLow: Long Subject Untagging <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29137\">CVE-2026-29137</a>  </li>\n  <li>\nLow: PGP Decryption Sender LDAP Injection <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-29138\">CVE-2026-29138</a>    <br />\nand a possible path traversal found by Infoguard <a target=\"_blank\" href=\"https://www.cve.org/CVERecord?id=CVE-2026-2743\">CVE-2026-2743</a>  </li>\n</ul>\n<p>\nWe also updated OpenBSD 7.7 to errata 23 and fixed a list of smaller issues.</p>\n<p>\nPlease see the <a target=\"_blank\" href=\"https://docs.seppmail.com/ch/20_revision-history.html\">revision history</a> and the <a target=\"_blank\" href=\"https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html\">extended release notes</a> for further details.</p>\n"}],"url":"https://seppmail.statuspal.eu/info_notices/225588","inserted_at":"2026-03-05T10:08:54","updated_at":"2026-04-18T14:16:58","timezone":null,"service_ids":[27401,27403],"featured_from":"2026-03-05T09:17:06","featured_until":null},{"id":225333,"title":"Swisssign / seppmail.cloud: Shorter domain validation period","updates":[{"id":477171,"type":"info","description":"Swisssign reduces the period for the domain validation from 365 to 198 days as of March 8th 2026 (and further reduction is planned for March 2027).\r\n\r\nAs a consequence, all previously validated domains where the validation period is more than 198 days ago would become non-validated on March 8th, and thus no new certificates could be issued.\r\n\r\nTo avoid the sudden change, re-validation for domains of customers in seppmail.cloud which have been last (re-) validated more than 180 days ago have been started early. This gives partners and customers some more time to set the new random values in DNS.\r\n\r\nPlease note that (another change) the random values MUST remain in DNS, since the existence of these records will be checked regularly by Swisssign.\r\n\r\nAlso please note that this change was not mandated by Swisssign, but by the CA/Browser forum which sets the rules for all Certificate Authorities.","inserted_at":"2026-03-03T07:38:25","updated_at":"2026-03-03T07:38:25","posted_at":"2026-03-03T07:31:56","subscribers_notified_at":"2026-03-03T07:38:25","description_html":"<p>\nSwisssign reduces the period for the domain validation from 365 to 198 days as of March 8th 2026 (and further reduction is planned for March 2027).</p>\n<p>\nAs a consequence, all previously validated domains where the validation period is more than 198 days ago would become non-validated on March 8th, and thus no new certificates could be issued.</p>\n<p>\nTo avoid the sudden change, re-validation for domains of customers in seppmail.cloud which have been last (re-) validated more than 180 days ago have been started early. This gives partners and customers some more time to set the new random values in DNS.</p>\n<p>\nPlease note that (another change) the random values MUST remain in DNS, since the existence of these records will be checked regularly by Swisssign.</p>\n<p>\nAlso please note that this change was not mandated by Swisssign, but by the CA/Browser forum which sets the rules for all Certificate Authorities.</p>\n"}],"url":"https://seppmail.statuspal.eu/info_notices/225333","inserted_at":"2026-03-03T07:38:25","updated_at":"2026-03-03T07:38:25","timezone":null,"service_ids":[5630,13415,5631,5481,5488,5632,5629],"featured_from":"2026-03-03T07:31:56","featured_until":null}],"maintenances":[],"upcoming_maintenances":[],"current_status_type":null}