IMPORTANT! We are currently carrying out maintenance work. These will be completed by about 22:00.

The vulnerability 

Since 30 March, a security vulnerability in the widely used zlib program library that has existed for 17 years has received increased attention. The vulnerability is a problem that can occur when compressing (not decompressing) specially prepared data. In this case, an attacker must make the affected system compress this data. 

Please note that we are currently not aware of any attacks based on this vulnerability!
Neither on other software nor on regify products.

Are regify products affected? 

Yes, regify products also use the zlib in various places. Below we list the affected products, our assessment of the severity of the issue and further information: 

Product Severity Information
regify provider Medium With the update to regify Provider 5.2.0, the security issue will be resolved (release date is April 2022).
regigate Medium With the update to regigate 5.2.0, the security issue will be resolved (release date is April 2022).
regify Client (Windows, MacOS, Linux) Low Currently there is no high risk and we see no immediate need for action. A risk might exist for senders if they were to send a specially prepared file via regimail (which is very unlikely).
regify Client for mobile Low

Currently there is no high risk and we see no immediate need for action. A risk might exist for senders if they were to send a specially prepared file via regimail (which is very unlikely). 

regibill Desktop, regipay Desktop and regimail Desktop Low Currently there is no high risk and we see no immediate need for action. A risk might exist for senders if they were to send a specially prepared file via regify Desktop (which is very unlikely).
regibox Manager (all OS) No Risk The regibox software does not support compression of user data and is therefore not affected.
regiboxd (all OS) No Risk The regiboxd software does not support compression of user data and is therefore not affected.
regipay Client (all OS) No Risk The regipay client software does not support compression of user data and is therefore not affected.