Text only | Text with Images

OPNsense Forum

Archive => 22.1 Legacy Series => Topic started by: aimdev on March 02, 2022, 04:02:03 PM

Title: Audits post latest update
Post by: aimdev on March 02, 2022, 04:02:03 PM

Health Audit
>>> Check for missing package dependencies
Checking all packages: .......... done
py37-markupsafe has a missing dependency: python37
py37-markupsafe has a missing dependency: py37-setuptools
py37-markupsafe is missing a required shared library: libpython3.7m.so.1.0
py37-pymongo has a missing dependency: python37
py37-pymongo has a missing dependency: py37-setuptools
py37-pymongo is missing a required shared library: libpython3.7m.so.1.0
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 65 dependencies to check.
Checking packages: ................................................................... done
***DONE***

Security Audit
vulnxml file up-to-date
cyrus-sasl-2.1.27_2 is vulnerable:
  cyrus-sasl -- Fix off by one error
  CVE: CVE-2019-19906
  WWW: https://vuxml.FreeBSD.org/freebsd/a80c6273-988c-11ec-83ac-080027415d17.html

1 problem(s) in 1 installed package(s) found.
Title: Re: Audits post latest update
Post by: Vesalius on March 02, 2022, 04:41:55 PM
Try a forum search as below:

py37-markupsafe forum search (https://forum.opnsense.org/index.php?action=search2;params=eJwtjsuOwjAQBP-Fy14KyTPjvL4mMo5X7BJI5AQQUj4eB3GrLqnVHYZHuMU0bD-b2w7bKe9kiCA1ikdaCntqWirEaBCHKFJShzpUUEUN9WiFll6DtmiHOUwwxQzzWIXVWIO1WId3eCmjy3l69nG6zmNaU5nf1f30n-LaT7fx9TVTXgvlNKbP46_qh79c9JCWuJsUcjyXPL-sOV5DvtznJfymN25MRNU.)
Title: Re: Audits post latest update
Post by: aimdev on March 02, 2022, 05:02:33 PM
Thanks, fixed the markup bit.
I suspect pymongo may be associated with the mongodb used in Zenarmour, though I am using elasticsearch.
Title: Re: Audits post latest update
Post by: 5k7m4n on March 02, 2022, 06:19:13 PM
for those that don't want to search... not sure why it was so hard to post.

Code Select
pkg remove py37-markupsafe

Not sure why this was left around on the community build but I am sure lots of people will have this issue.

Still left with the "cyrus-sasl-2.1.27_2 is vulnerable:" error on the latest community build.
Title: Re: Audits post latest update
Post by: Vesalius on March 03, 2022, 10:56:30 PM
 
Quote from: 5k7m4n on March 02, 2022, 06:19:13 PM
for those that don't want to search... not sure why it was so hard to post.
From the search link I posted it should be pretty obvious this is a recently recurring question. I did not remember the answer offhand, so I posted a link to my search for the answer. Sorry if clicking that link was onerous.
Text only | Text with Images