https://github.com/osquery/osquery logo
Join Slack
Powered by
Heya is it meant to not remove the old vulnerable ...
# fleet
m
Heya is it meant to not remove the old vulnerable entry when I update????
t
could it be that both versions are still available?
m
Not at all, just v3.4.8 is installed which is not even showing in that list at all, but when I list python packaes it is there I will show you the list of python packages. Also it is doing it with httplib2
Here is output of installed packages from pip (I updated to 3.3 and then 3.4.8 those days ago and still it doesn't say 3.4.8 is installed and lists the two vulnerable versions that are not)
At least it shows the current version of httplib2 as well
This is the dir that the packages get installed to.
On a completely different host, it sees the 3.4.8 version but still lists the non existant 2.8 vulnerable version
t
could you tell me what the result of this osquery query is:
Copy code
SELECT name AS name, version AS version, 'Package (Python)' AS type, 'python_packages' AS source FROM python_packages
?
m
I'll check now
@Tomas Touceda the output of that command shows only the old, no longer installed version of the python package.
t
ah you uninstalled that version and only have the newer one? that's odd, wonder why osquery is returning that still
m
On a second host, it doesn't show even the old httplib2, it shows none at all! And still shows the old cryptography 2.8
And it is definitely installed (pip list)
t
might be something interesting to ask in #general
Open in Slack
PreviousNext
Powered by