CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7741 from Security-Onion-Solutions/hotfix/2.3.110

Browse Source 
Hotfix/2.3.110 20220407
This commit is contained in:
Mike Reeves
2022-04-07 16:30:50 -04:00
committed by GitHub
parent fbd417b09e 6d88a5b541
commit 0bc3d5d757
5 changed files with 34 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
HOTFIX
View File

@@ -1 +1 @@
04012022 04052022 04012022 04052022 04072022

22
VERIFY_ISO.md
View File

@@ -1,18 +1,18 @@
### 2.3.110-20220405 ISO image built on 2022/04/05 ### 2.3.110-20220407 ISO image built on 2022/04/07
### Download and Verify ### Download and Verify
2.3.110-20220405 ISO image: 2.3.110-20220407 ISO image:
https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220405.iso https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220407.iso
MD5: 9CE982FE45DC2957A3A6D376E6DCC048 MD5: 928D589709731EFE9942CA134A6F4C6B
SHA1: 10E3FF28A69F9617D4CCD2F5061AA2DC062B8F94 SHA1: CA588A684586CC0D5BDE5E0E41C935FFB939B6C7
SHA256: 0C178A422ABF7B61C08728E32CE20A9F9C1EC65807EB67D06F1C23F7D1EA51A7 SHA256: CBF8743838AF2C7323E629FB6B28D5DD00AE6658B0E29E4D0916411D2D526BD2
Signature for ISO image: Signature for ISO image:
https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220405.iso.sig https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220407.iso.sig
Signing key: Signing key:
https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
Download the signature file for the ISO: Download the signature file for the ISO:
``` ```
wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220405.iso.sig wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220407.iso.sig
``` ```
Download the ISO image: Download the ISO image:
``` ```
wget https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220405.iso wget https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220407.iso
``` ```
Verify the downloaded ISO image using the signature file: Verify the downloaded ISO image using the signature file:
``` ```
gpg --verify securityonion-2.3.110-20220405.iso.sig securityonion-2.3.110-20220405.iso gpg --verify securityonion-2.3.110-20220407.iso.sig securityonion-2.3.110-20220407.iso
``` ```
The output should show "Good signature" and the Primary key fingerprint should match what's shown below: The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
``` ```
gpg: Signature made Tue 05 Apr 2022 06:37:40 PM EDT using RSA key ID FE507013 gpg: Signature made Thu 07 Apr 2022 03:30:03 PM EDT using RSA key ID FE507013
gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>" gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
gpg: WARNING: This key is not certified with a trusted signature! gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. gpg: There is no indication that the signature belongs to the owner.

10
salt/common/tools/sbin/soup
View File

@@ -946,6 +946,7 @@ update_repo() {
exit 1 exit 1
fi fi
rm -f /etc/apt/sources.list.d/salt.list
echo "deb https://repo.securityonion.net/file/securityonion-repo/ubuntu/$ubuntu_version/amd64/salt $OSVER main" > /etc/apt/sources.list.d/saltstack.list echo "deb https://repo.securityonion.net/file/securityonion-repo/ubuntu/$ubuntu_version/amd64/salt $OSVER main" > /etc/apt/sources.list.d/saltstack.list
apt-get update apt-get update
fi fi
@@ -1094,6 +1095,12 @@ main() {
upgrade_check_salt upgrade_check_salt
set -e set -e
if [[ $is_airgap -eq 0 ]]; then
update_centos_repo
yum clean all
check_os_updates
fi
if [ "$is_hotfix" == "true" ]; then if [ "$is_hotfix" == "true" ]; then
echo "Applying $HOTFIXVERSION hotfix" echo "Applying $HOTFIXVERSION hotfix"
copy_new_files copy_new_files
@@ -1115,9 +1122,6 @@ main() {
echo "Updating dockers to $NEWVERSION." echo "Updating dockers to $NEWVERSION."
if [[ $is_airgap -eq 0 ]]; then if [[ $is_airgap -eq 0 ]]; then
airgap_update_dockers airgap_update_dockers
update_centos_repo
yum clean all
check_os_updates
# if not airgap but -f was used # if not airgap but -f was used
elif [[ ! -z "$ISOLOC" ]]; then elif [[ ! -z "$ISOLOC" ]]; then
airgap_update_dockers airgap_update_dockers

15
salt/repo/client/ubuntu.sls
View File

@@ -1,5 +1,20 @@
# this removes the repo file left by bootstrap-salt.sh without -r
remove_salt.list:
file.absent:
- name: /etc/apt/sources.list.d/salt.list
saltstack.list: saltstack.list:
file.managed: file.managed:
- name: /etc/apt/sources.list.d/saltstack.list - name: /etc/apt/sources.list.d/saltstack.list
- contents: - contents:
- deb https://repo.securityonion.net/file/securityonion-repo/ubuntu/{{grains.osrelease}}/amd64/salt/ {{grains.oscodename}} main - deb https://repo.securityonion.net/file/securityonion-repo/ubuntu/{{grains.osrelease}}/amd64/salt/ {{grains.oscodename}} main
apt_update:
cmd.run:
- name: apt-get update
- onchanges:
- file: saltstack.list
- timeout: 30
- retry:
attempts: 5
interval: 30

BIN
sigs/securityonion-2.3.110-20220407.iso.sig Normal file
View File

Binary file not shown.