Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
m
Mystery Incorporated
09/04/2021, 6:57 PMHeya is it meant to not remove the old vulnerable entry when I update????
t
Tomas Touceda
09/06/2021, 5:52 PMcould it be that both versions are still available?
m
Mystery Incorporated
09/07/2021, 3:12 PMNot at all, just v3.4.8 is installed which is not even showing in that list at all, but when I list python packaes it is there I will show you the list of python packages. Also it is doing it with httplib2
Here is output of installed packages from pip (I updated to 3.3 and then 3.4.8 those days ago and still it doesn't say 3.4.8 is installed and lists the two vulnerable versions that are not)
At least it shows the current version of httplib2 as well
This is the dir that the packages get installed to.
On a completely different host, it sees the 3.4.8 version but still lists the non existant 2.8 vulnerable version
t
Tomas Touceda
09/07/2021, 4:32 PMgotcha, could you please file a bug report https://github.com/fleetdm/fleet/issues/new?assignees=&labels=bug%2C%3Areproduce&template=bug-report.md&title= ? I'll look into it
could you tell me what the result of this osquery query is:
SELECT name AS name, version AS version, 'Package (Python)' AS type, 'python_packages' AS source FROM python_packagesm
Mystery Incorporated
09/09/2021, 4:03 PMI'll check now
@Tomas Touceda the output of that command shows only the old, no longer installed version of the python package.
t
Tomas Touceda
09/09/2021, 4:09 PMah you uninstalled that version and only have the newer one? that's odd, wonder why osquery is returning that still
m
Mystery Incorporated
09/09/2021, 4:12 PMOn a second host, it doesn't show even the old httplib2, it shows none at all! And still shows the old cryptography 2.8
And it is definitely installed (pip list)
t
Tomas Touceda
09/09/2021, 4:17 PMmight be something interesting to ask in #general