Release Warnings and Security Announcements

This information is updated periodically as soon as our analyses deliver new findings. Please check back periodically.

Last Update: 22 April 2025, 13:00 CET

 

On these pages, you can find information on current release warnings and security announcements regarding the products from OPTIMAL SYSTEMS GmbH. In the navigation menu on the left, you can find general information as well as announcements regarding individual product lines.

Handling of Security Issues

OPTIMAL SYSTEMS has an established Secure Software Development Lifecycle (SSDL), in which we have defined that we regularly scan our products for security vulnerabilities.

We generally fix all security vulnerabilities that have a score of 9.0+ (Critical Vulnerability) according to the CVSS 3.x Severity and Metrics Score and affect our product components as quickly as possible. The hotfixes are processed with the priority 'preventing operation'.

For all other vulnerabilities with lower scores (Low, Medium, High), a risk analysis is carried out and, if there is no direct risk, they are patched as a precautionary measure in our regular patch cycles in the cumulative service packs.

These regular patch cycles take place for all enaio® versions that are under maintenance. The updated versions are available as usual via our service portal. All required third-party components are updated, including JDKs, SpringBoot, Tomcat, Netty, Jetty, Undertow, OpenSSL etc.

We provide our customers with all important release notes and security information via this portal as well as by email.