From 5fa945956e12d1ef0a8b4cb99f63b0f1292c4936 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 1 Mar 2023 10:09:19 -0500
Subject: [PATCH 1/6] Update HOTFIX

---
 HOTFIX | 1 +
 1 file changed, 1 insertion(+)

diff --git a/HOTFIX b/HOTFIX
index e69de29bb..e63769900 100644
--- a/HOTFIX
+++ b/HOTFIX
@@ -0,0 +1 @@
+20230301

From 6e0891e586247c16fe9c6690bdf1a64fd92ae46f Mon Sep 17 00:00:00 2001
From: Wes <wlambertts@gmail.com>
Date: Wed, 1 Mar 2023 15:16:52 +0000
Subject: [PATCH 2/6] Update Curator configuration to align with requirements
 for Curator 8.0.x

---
 salt/curator/files/curator.yml | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/salt/curator/files/curator.yml b/salt/curator/files/curator.yml
index 2f9b44dbc..86fd4a3aa 100644
--- a/salt/curator/files/curator.yml
+++ b/salt/curator/files/curator.yml
@@ -14,22 +14,25 @@
 ---
 # Remember, leave a key empty if there is no value.  None will be a string,
 # not a Python "NoneType"
-client:
-  hosts:
-    - {{elasticsearch}}
-  port: 9200
+elasticsearch:
+  client:
+    hosts:
+      - https://{{elasticsearch}}:9200
+    cloud_id:
+    ca_certs:
+    client_cert:
+    client_key:
+    verify_certs: False
+    request_timeout: 30
+  other_settings:
+    api_key:
+      id:
+      api_key:
+    master_only: False
 {%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
-  username: "{{ ES_USER }}"
-  password: "{{ ES_PASS }}"
+    username: "{{ ES_USER }}"
+    password: "{{ ES_PASS }}"
 {%- endif %}
-  url_prefix:
-  use_ssl: True
-  certificate:
-  client_cert:
-  client_key:
-  ssl_no_validate: True
-  timeout: 30
-  master_only: False
 
 logging:
   loglevel: INFO

From 063c6599d82cdb84e95c0fdaeea703a266af2134 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 1 Mar 2023 14:17:22 -0500
Subject: [PATCH 3/6] Hotfix for 2.3.220

---
 VERIFY_ISO.md                               |  22 ++++++++++----------
 sigs/securityonion-2.3.220-20230301.iso.sig | Bin 0 -> 543 bytes
 2 files changed, 11 insertions(+), 11 deletions(-)
 create mode 100644 sigs/securityonion-2.3.220-20230301.iso.sig

diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index d52a2354f..9509cc9c5 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.220-20230224 ISO image built on 2023/02/24
+### 2.3.220-20230301 ISO image built on 2023/02/24
 
 
 
 ### Download and Verify
 
-2.3.220-20230224 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230224.iso
+2.3.220-20230301 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230301.iso
 
-MD5: 74CDCE07BC5787567E07C1CAC64DC381  
-SHA1: 8DA0E8541C46CBDCFA0FB9B60F3C95D027D4BB37  
-SHA256: E5EDB011693AC33C40CAB483400F72FAF9615053867FD9C80DDD1AACAD9100B3 
+MD5: A3965CF8E6D9B0658862D0254829720D  
+SHA1: A09E8BE863A109CE556792B968A139600E71D89E  
+SHA256: B663B69ACF82EAF5820081039104EEDDE80E3D08F094A0DB3A18C7BCCFE8C162 
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230224.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230301.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230224.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230301.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230224.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230301.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.220-20230224.iso.sig securityonion-2.3.220-20230224.iso
+gpg --verify securityonion-2.3.220-20230301.iso.sig securityonion-2.3.220-20230301.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Fri 24 Feb 2023 02:32:08 PM EST using RSA key ID FE507013
+gpg: Signature made Wed 01 Mar 2023 11:08:31 AM EST using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/sigs/securityonion-2.3.220-20230301.iso.sig b/sigs/securityonion-2.3.220-20230301.iso.sig
new file mode 100644
index 0000000000000000000000000000000000000000..a229eb10c265f6c9e3b82fa9f4245e2474230d4f
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p;ILcz*y22@re`V7LBIa1#`e5CF4df|%BZ34}V7qpp91
zJB10Ow`L#P^hA2Ut?9H2x2&lIN&iv8Jwv6-mmSUNmU+8YarQ&AYtVz<?bmy23<)6k
z2|c4$-{X*T0u;{Z&!+~&{D_e;$F2gRGPB6z`rk69i_(1qK;kf!JS0)P=_BxX17Uz@
zD|p?cdCh0up<TD07_&wJ)=csx%&$^{K^}D}-@)z?5y54uO&Op7N-!ik`7Ucova0p)
z1VAoG%&@QX);NU5KKNSxS)oK;3C?3)ofrJMD+Gs9n48D0m?zW=&-^MDr@Zioo_wrD
zAx=reOYZV1M<hSFS|0yEgCA1uOo8NKOY;R6#R(T*{p^`J<3^!y*P?<kcqt?V_a|JL
zKhf$ScLh2h@0kp#CE``*b<bbJ$4n&r^Po(_!H8T3cl@d@(5_XwKDEZCrRaT4H;cpD
zEVyOdG~uL~d}|j}M)bnEwS5hlq>FRQ2&Vr3RFcIn{U&hHdZVMEyg`fqymDlSyT!*o
z6{}1RFuAg9sAJEtR~Kr`CkLP(*T(lv5|6xBV2H`&!68^6KCf!K^QdDtC&e=K|LhWj
zzg_c(=DjeKT&5A$!TNWT26k#aU$msjtDV|Fg&N+jvv>}}naC<rpQjLHA|el{5x8iM
he5ZKS_)NBkubU~+A@28FTKDP;_(hsNR4Pr5Xa8l&4p#sG

literal 0
HcmV?d00001


From 13a566a9a2a7a947e9df03c4e6b91d48e5be20cd Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 1 Mar 2023 14:19:04 -0500
Subject: [PATCH 4/6] Hotfix for 2.3.220

---
 VERIFY_ISO.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index 9509cc9c5..fa0acc9d8 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,4 +1,4 @@
-### 2.3.220-20230301 ISO image built on 2023/02/24
+### 2.3.220-20230301 ISO image built on 2023/03/01
 
 
 

From d5e48a7eca6493fdbb04e39918db962ecb6ddf37 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 1 Mar 2023 14:50:55 -0500
Subject: [PATCH 5/6] Update init.sls

---
 salt/curator/init.sls | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/salt/curator/init.sls b/salt/curator/init.sls
index a01a8a292..45c639273 100644
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -139,6 +139,8 @@ so-curator:
       - file: actionconfs
       - file: curconf
       - file: curlogdir
+    - watch:
+      - file: curconf
   {% else %}
     - force: True
   {% endif %}

From 924009afb839de88fe1ee089dccd03d9b7bb3427 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 1 Mar 2023 16:11:38 -0500
Subject: [PATCH 6/6] Hotfix for 2.3.220

---
 VERIFY_ISO.md                               |   8 ++++----
 sigs/securityonion-2.3.220-20230301.iso.sig | Bin 543 -> 543 bytes
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index fa0acc9d8..633b1513c 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -7,9 +7,9 @@
 2.3.220-20230301 ISO image:  
 https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230301.iso
 
-MD5: A3965CF8E6D9B0658862D0254829720D  
-SHA1: A09E8BE863A109CE556792B968A139600E71D89E  
-SHA256: B663B69ACF82EAF5820081039104EEDDE80E3D08F094A0DB3A18C7BCCFE8C162 
+MD5: 76870CF09FF27893574FC104F9AC6642  
+SHA1: CBF5B407C5982CA40C7660FE5CD9E3C6C551D280  
+SHA256: 0719D441DF8B77266CE16F5FA182BF0680567BE7AD0AE36979D4FE8E0953F094 
 
 Signature for ISO image:  
 https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230301.iso.sig
@@ -41,7 +41,7 @@ gpg --verify securityonion-2.3.220-20230301.iso.sig securityonion-2.3.220-202303
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Wed 01 Mar 2023 11:08:31 AM EST using RSA key ID FE507013
+gpg: Signature made Wed 01 Mar 2023 03:50:25 PM EST using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/sigs/securityonion-2.3.220-20230301.iso.sig b/sigs/securityonion-2.3.220-20230301.iso.sig
index a229eb10c265f6c9e3b82fa9f4245e2474230d4f..0d11bc949d2e32b60967821e4f7259e5274ded97 100644
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p;ILx{&}12@re`V7LBIa1-7v5Bmg`5Mf4r)JUky>wQkN
z!r&=qh&~1oXkbvYlj^q(Brmw5<#(WjB?}b*ap=TNiL)I^=Ba?Ex?3`y;_5SA)k%5Y
z<U49~I5<&-w~x1kf%4+2l{rxLe0srwLU`M&)$^89f3V=dqO3CNr2aC#1?$5^p4&QH
z!9n%^HvDu8^k$^7j5hXQAf!2!EF*&)bD##_kGeN{%R9mfaXaV+I}cz&bwQg`kbtVm
zO3p}MR7uTRLfp&w5WnW_$}PGP_7bmrb9U01w;!$AwaROz*gkR3FhC(`8YcL4qomK>
zbvuXvMv3)vWD;75r{<*f@q56UbLJ~reIi#A8Vg-?5uPp41XL4a?%SDwnK$Sa%L&YS
zMR#E<<JM5N9FYl!0ERRP=h+>R%=&95>8*k!iedhK?zcfSW}V$pg4p{$np2tB3&Gh5
zn5woeLz<kED*;_Xu_M@}t09YaBKi-S(Qg}{RDxF}w;7q>m1u;qCS-zBRF}OfHGR#M
ztxL102-*~M6qtK)VuPf))hx1kYCP5#SQ924)8peB?I4tXy<MHHI?edi?tK!92&cWC
z-YKr}Th#RmZK>nW{?>8H<o9$&Zt}UcgtX^cn>iV!qPOW1vVak7uicSGgzW9v(1lCK
hnEZA$@#2S0JSdSfok6D}ipby&dG1>zS-@EWAYfiO4RHVf

literal 543
zcmV+)0^t3L0vrSY0RjL91p;ILcz*y22@re`V7LBIa1#`e5CF4df|%BZ34}V7qpp91
zJB10Ow`L#P^hA2Ut?9H2x2&lIN&iv8Jwv6-mmSUNmU+8YarQ&AYtVz<?bmy23<)6k
z2|c4$-{X*T0u;{Z&!+~&{D_e;$F2gRGPB6z`rk69i_(1qK;kf!JS0)P=_BxX17Uz@
zD|p?cdCh0up<TD07_&wJ)=csx%&$^{K^}D}-@)z?5y54uO&Op7N-!ik`7Ucova0p)
z1VAoG%&@QX);NU5KKNSxS)oK;3C?3)ofrJMD+Gs9n48D0m?zW=&-^MDr@Zioo_wrD
zAx=reOYZV1M<hSFS|0yEgCA1uOo8NKOY;R6#R(T*{p^`J<3^!y*P?<kcqt?V_a|JL
zKhf$ScLh2h@0kp#CE``*b<bbJ$4n&r^Po(_!H8T3cl@d@(5_XwKDEZCrRaT4H;cpD
zEVyOdG~uL~d}|j}M)bnEwS5hlq>FRQ2&Vr3RFcIn{U&hHdZVMEyg`fqymDlSyT!*o
z6{}1RFuAg9sAJEtR~Kr`CkLP(*T(lv5|6xBV2H`&!68^6KCf!K^QdDtC&e=K|LhWj
zzg_c(=DjeKT&5A$!TNWT26k#aU$msjtDV|Fg&N+jvv>}}naC<rpQjLHA|el{5x8iM
he5ZKS_)NBkubU~+A@28FTKDP;_(hsNR4Pr5Xa8l&4p#sG