As many OpenVPMS customers will be aware,  Idexx Smartflow has been experiencing significant service issues since Friday 5th August and these continue to affect those users who utilise these services.

On the 11th December we became aware of a security vulnerability in the OpenVPMS application that could be exploited to gain access to the server OpenVPMS is running on.

This security vulnerability exists in a library that is part of the OpenVPMS application called Log4j which is responsible for logging messages in OpenVPMS.  The vulnerabilty is called Log4Shell (https://www.abc.net.au/news/2021-12-11/log4shell-techs-race-to-fix-software-flaw/100692876).

We are seeking interested parties who wish to be involved in a working group to specify and/or help develop an Investigation module for OpenVPMS. OpenVPMS already allows the storing of various investigation results but we believe it needs a more integrated approach to investigation management.