Audits post latest update

[aimdev]

Health Audit
>>> Check for missing package dependencies
Checking all packages: .......... done
py37-markupsafe has a missing dependency: python37
py37-markupsafe has a missing dependency: py37-setuptools
py37-markupsafe is missing a required shared library: libpython3.7m.so.1.0
py37-pymongo has a missing dependency: python37
py37-pymongo has a missing dependency: py37-setuptools
py37-pymongo is missing a required shared library: libpython3.7m.so.1.0
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" has 65 dependencies to check.
Checking packages: ................................................................... done
***DONE***

Security Audit
vulnxml file up-to-date
cyrus-sasl-2.1.27_2 is vulnerable:
  cyrus-sasl -- Fix off by one error
  CVE: CVE-2019-19906
  WWW: https://vuxml.freebsd.org/freebsd/a80c6273-988c-11ec-83ac-080027415d17.html

1 problem(s) in 1 installed package(s) found.

[Vesalius]

Try a forum search as below:

py37-markupsafe forum search

[aimdev]

Thanks, fixed the markup bit.
I suspect pymongo may be associated with the mongodb used in Zenarmour, though I am using elasticsearch.

[5k7m4n]

for those that don't want to search... not sure why it was so hard to post.

Code Select Expand

pkg remove py37-markupsafe

Not sure why this was left around on the community build but I am sure lots of people will have this issue.

Still left with the "cyrus-sasl-2.1.27_2 is vulnerable:" error on the latest community build.

[Vesalius]

 

for those that don't want to search... not sure why it was so hard to post.

From the search link I posted it should be pretty obvious this is a recently recurring question. I did not remember the answer offhand, so I posted a link to my search for the answer. Sorry if clicking that link was onerous.