Hey everyone, Been flagged by my VPS provider that our Koha instance may be affected by this vulnerability. It seems rabbitmq-server has some OTP dependencies, though not the erlang-ssh package. Here is the official advisory: https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 On my koha instance these erlang packages are installed: erlang-asn1 erlang-base erlang-crypto erlang-eldap erlang-ftp erlang-inets erlang-mnesia erlang-os-mon erlang-parsetools erlang-public-key erlang-runtime-tools erlang-snmp erlang-ssl erlang-syntax-tools erlang-tftp erlang-tools erlang-xmerl So to me it looks like this flag is a false positive, but thought best to reach out here. Thanks in advance, Justin Dowswell (he/him) Technology Coordinator Tenants' Union of NSW 02 8117 3721 -- *The Tenants’ Union of NSW recognises that Aboriginal and Torres Strait Islander peoples are the First Peoples of Australia. Our office is on the lands of the Gadigal of the Eora Nation. We are committed to respecting Aboriginal and Torres Strait Islander peoples, cultures, lands, and histories as we battle for tenants’ rights in NSW. Read our full Acknowledgement of Country <https://www.tenants.org.au/tu/acknowledgement-country>* *.* <https://www.tenants.org.au/> <https://rentingfair.org.au/> <https://www.facebook.com/TUNSW/> <https://twitter.com/TUNSW> <https://www.youtube.com/channel/UCEkW8D86OVVAV0QedKFhl9w> tenants.org.au <https://www.tenants.org.au/> This email transmission is intended only for the addressee and may contain confidential or privileged information. Confidentiality and privilege are not waived if you are not the intended recipient of the email, nor may you use, review, disclose, disseminate or copy any information contained or attached to it. If you received this email in error please delete it and any attachments and notify us immediately by return email. Tenants' Union of NSW can only provide information and advice in the New South Wales and Commonwealth jurisdictions. If you are enquiring from another state or territory please contact your local community legal centre.