From ea26e402c85ba51ab282d39451915ce9ed494bd4 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 10:17:49 -0500 Subject: [PATCH 01/13] Update log4j2.properties --- salt/elasticsearch/files/log4j2.properties | 3 +++ 1 file changed, 3 insertions(+) diff --git a/salt/elasticsearch/files/log4j2.properties b/salt/elasticsearch/files/log4j2.properties index 85cf5d8fb..75c09ee39 100644 --- a/salt/elasticsearch/files/log4j2.properties +++ b/salt/elasticsearch/files/log4j2.properties @@ -18,3 +18,6 @@ appender.rolling.policies.time.interval = 1 appender.rolling.policies.time.modulate = true rootLogger.level = info rootLogger.appenderRef.rolling.ref = rolling +log4j2.formatMsgNoLookups = true + + From 4561e138718490e82a92482fe9f2c4264dd2d6dc Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 10:19:58 -0500 Subject: [PATCH 02/13] Update log4j2.properties --- salt/thehive/etc/es/log4j2.properties | 2 ++ 1 file changed, 2 insertions(+) diff --git a/salt/thehive/etc/es/log4j2.properties b/salt/thehive/etc/es/log4j2.properties index 85cf5d8fb..3000eefec 100644 --- a/salt/thehive/etc/es/log4j2.properties +++ b/salt/thehive/etc/es/log4j2.properties @@ -18,3 +18,5 @@ appender.rolling.policies.time.interval = 1 appender.rolling.policies.time.modulate = true rootLogger.level = info rootLogger.appenderRef.rolling.ref = rolling +log4j2.formatMsgNoLookups = true + From 11f1fe7ab15ce271d7e3898b2272a26f1fe7b100 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 10:21:50 -0500 Subject: [PATCH 03/13] Update HOTFIX --- HOTFIX | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/HOTFIX b/HOTFIX index c8afc65ee..8152b3425 100644 --- a/HOTFIX +++ b/HOTFIX @@ -1 +1 @@ -WAZUH AIRGAPFIX 20211206 +WAZUH AIRGAPFIX 20211206 20211210 From 8dcb64d87c7b3fb70fa92df4c2d40c125ef51002 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 11:56:33 -0500 Subject: [PATCH 04/13] Update init.sls --- salt/elasticsearch/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls index 84ce545b8..b5d61a6a5 100644 --- a/salt/elasticsearch/init.sls +++ b/salt/elasticsearch/init.sls @@ -258,7 +258,7 @@ so-elasticsearch: {% if TRUECLUSTER is sameas false or (TRUECLUSTER is sameas true and not salt['pillar.get']('nodestab', {})) %} - discovery.type=single-node {% endif %} - - ES_JAVA_OPTS=-Xms{{ esheap }} -Xmx{{ esheap }} -Des.transport.cname_in_publish_address=true + - ES_JAVA_OPTS=-Xms{{ esheap }} -Xmx{{ esheap }} -Des.transport.cname_in_publish_address=true -Dlog4j2.formatMsgNoLookups=true ulimits: - memlock=-1:-1 - nofile=65536:65536 From 66c8cc6e86e0e2a09becd071d61d5bf216c8b77f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 11:59:12 -0500 Subject: [PATCH 05/13] Update init.sls --- salt/thehive/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/thehive/init.sls b/salt/thehive/init.sls index d7050e226..7cbe34c90 100644 --- a/salt/thehive/init.sls +++ b/salt/thehive/init.sls @@ -95,7 +95,7 @@ so-thehive-es: - /opt/so/conf/thehive/etc/es/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro - /opt/so/log/thehive:/var/log/elasticsearch:rw - environment: - - ES_JAVA_OPTS=-Xms512m -Xmx512m + - ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true - port_bindings: - 0.0.0.0:9400:9400 - 0.0.0.0:9500:9500 From e48de1848055aa9d1600ae200d7fa68b16c02a9f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 12:00:12 -0500 Subject: [PATCH 06/13] Update init.sls --- salt/logstash/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls index 069b2f7bd..37a298237 100644 --- a/salt/logstash/init.sls +++ b/salt/logstash/init.sls @@ -156,7 +156,7 @@ so-logstash: - extra_hosts: - {{ EXTRAHOSTHOSTNAME }}:{{ EXTRAHOSTIP }} - environment: - - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }} + - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }} -Dlog4j2.formatMsgNoLookups=true - port_bindings: {% for BINDING in DOCKER_OPTIONS.port_bindings %} - {{ BINDING }} From 45346b6318b3ac90b7d844347ca89d67b2c4c8c1 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 12:01:39 -0500 Subject: [PATCH 07/13] Update log4j2.properties --- salt/logstash/etc/log4j2.properties | 1 + 1 file changed, 1 insertion(+) diff --git a/salt/logstash/etc/log4j2.properties b/salt/logstash/etc/log4j2.properties index 73a646b8d..66bb65cbc 100644 --- a/salt/logstash/etc/log4j2.properties +++ b/salt/logstash/etc/log4j2.properties @@ -34,3 +34,4 @@ rootLogger.level = info rootLogger.appenderRef.rolling.ref = rolling #rootLogger.level = ${sys:ls.log.level} #rootLogger.appenderRef.console.ref = ${sys:ls.log.format}_console +log4j2.formatMsgNoLookups = true From 73ec595baaf0a2c21eb736630b7801d72ef24e8d Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 14:10:05 -0500 Subject: [PATCH 08/13] Update init.sls --- salt/logstash/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls index 37a298237..069b2f7bd 100644 --- a/salt/logstash/init.sls +++ b/salt/logstash/init.sls @@ -156,7 +156,7 @@ so-logstash: - extra_hosts: - {{ EXTRAHOSTHOSTNAME }}:{{ EXTRAHOSTIP }} - environment: - - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }} -Dlog4j2.formatMsgNoLookups=true + - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }} - port_bindings: {% for BINDING in DOCKER_OPTIONS.port_bindings %} - {{ BINDING }} From c81ce48bff8524a6b1e5d3fab93a26e6da48e909 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 14:10:35 -0500 Subject: [PATCH 09/13] Update log4j2.properties --- salt/logstash/etc/log4j2.properties | 1 - 1 file changed, 1 deletion(-) diff --git a/salt/logstash/etc/log4j2.properties b/salt/logstash/etc/log4j2.properties index 66bb65cbc..73a646b8d 100644 --- a/salt/logstash/etc/log4j2.properties +++ b/salt/logstash/etc/log4j2.properties @@ -34,4 +34,3 @@ rootLogger.level = info rootLogger.appenderRef.rolling.ref = rolling #rootLogger.level = ${sys:ls.log.level} #rootLogger.appenderRef.console.ref = ${sys:ls.log.format}_console -log4j2.formatMsgNoLookups = true From 09253b637edf3c60ec13a98264d178e1c7c0c80e Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 14:12:43 -0500 Subject: [PATCH 10/13] Create jvm.options --- salt/logstash/etc/jvm.options | 1 + 1 file changed, 1 insertion(+) create mode 100644 salt/logstash/etc/jvm.options diff --git a/salt/logstash/etc/jvm.options b/salt/logstash/etc/jvm.options new file mode 100644 index 000000000..5af9281fc --- /dev/null +++ b/salt/logstash/etc/jvm.options @@ -0,0 +1 @@ +-Dlog4j2.formatMsgNoLookups=true From 3d7b963912823c984b8b21db41a8c9a89ef8ac41 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 14:16:16 -0500 Subject: [PATCH 11/13] Update log4j2.properties --- salt/elasticsearch/files/log4j2.properties | 3 --- 1 file changed, 3 deletions(-) diff --git a/salt/elasticsearch/files/log4j2.properties b/salt/elasticsearch/files/log4j2.properties index 75c09ee39..85cf5d8fb 100644 --- a/salt/elasticsearch/files/log4j2.properties +++ b/salt/elasticsearch/files/log4j2.properties @@ -18,6 +18,3 @@ appender.rolling.policies.time.interval = 1 appender.rolling.policies.time.modulate = true rootLogger.level = info rootLogger.appenderRef.rolling.ref = rolling -log4j2.formatMsgNoLookups = true - - From dcd56de890c38f2755675b4efdab37fc3d157228 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 14:23:38 -0500 Subject: [PATCH 12/13] Update log4j2.properties --- salt/thehive/etc/es/log4j2.properties | 2 -- 1 file changed, 2 deletions(-) diff --git a/salt/thehive/etc/es/log4j2.properties b/salt/thehive/etc/es/log4j2.properties index 3000eefec..85cf5d8fb 100644 --- a/salt/thehive/etc/es/log4j2.properties +++ b/salt/thehive/etc/es/log4j2.properties @@ -18,5 +18,3 @@ appender.rolling.policies.time.interval = 1 appender.rolling.policies.time.modulate = true rootLogger.level = info rootLogger.appenderRef.rolling.ref = rolling -log4j2.formatMsgNoLookups = true - From c9a14788ed3d50c67b47285cd16aef8c0dd9be40 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 10 Dec 2021 15:42:53 -0500 Subject: [PATCH 13/13] 2.3.90-20211210 Hotfix --- README.md | 4 ++-- VERIFY_ISO.md | 22 ++++++++++----------- sigs/securityonion-2.3.90-20211210.iso.sig | Bin 0 -> 543 bytes 3 files changed, 13 insertions(+), 13 deletions(-) create mode 100644 sigs/securityonion-2.3.90-20211210.iso.sig diff --git a/README.md b/README.md index 0739efec5..1e13a35ed 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -## Security Onion 2.3.90-20211206 +## Security Onion 2.3.90-20211210 -Security Onion 2.3.90-20211206 is here! +Security Onion 2.3.90-20211210 is here! ## Screenshots diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 7dfb372cf..524d468d3 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,18 +1,18 @@ -### 2.3.90-20211206 ISO image built on 2021/12/06 +### 2.3.90-20211210 ISO image built on 2021/12/10 ### Download and Verify -2.3.90-20211206 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211206.iso +2.3.90-20211210 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211210.iso -MD5: 8A5FDF731D548E27D123E5B711890AEC -SHA1: B4AF33FE1D64592D46C780AF0C5E7FBD21A22BDE -SHA256: 091DA2D06C82447639D324EE32DBC385AE407078B3A55F4E0704B22DB6B29A7E +MD5: 512C13089060EE17BC3FA275D62152DC +SHA1: A70D3A3C4B74AD2EE9B1353BDE7E5DD327248511 +SHA256: 271DA7617FBA3549B1E496C60E9AD743B13CC8D0468DF3F7AC9A76B6D496D212 Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211206.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211210.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS @@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211206.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211210.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211206.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211210.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.3.90-20211206.iso.sig securityonion-2.3.90-20211206.iso +gpg --verify securityonion-2.3.90-20211210.iso.sig securityonion-2.3.90-20211210.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Mon 06 Dec 2021 10:14:29 AM EST using RSA key ID FE507013 +gpg: Signature made Fri 10 Dec 2021 02:52:08 PM EST using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/sigs/securityonion-2.3.90-20211210.iso.sig b/sigs/securityonion-2.3.90-20211210.iso.sig new file mode 100644 index 0000000000000000000000000000000000000000..4fb061626df03cf9302a6bb803d07685ad4390f6 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;BSujl{@2@re`V7LBIa1$i%5C3D^~ zj!QV#z?zx;buu>cJ5MAAhh+m{|0zHAAoisyH@uBK(6G}UXkL;>V7Br;_4*RjHPydB z*Gza9<+Y>cbx$PISKMxKvX00CbH)3Q7Nkq=2zyv8q~f9n)|pn!14Z~w#}#&`-|81% zYl?*oP|D!*Ia7r?$R%XRnO@oK!7ia z&!dQzj9U6Ez6GWuOdG#zz%W6hDnj>4eXr+K5?LQ> zg4AGrYl)C8GNS1ZoMms>=;hP!%+jUOX}nL7?~ToEl1CjD5-3w@i^V{zrz6XV|?#Y|0D~`FhmL(of0mSXGJ+*mbvwBc4Sl@FR%mR&qr?U h7l7ECG&x$N)mu;C<`R!LT4YpNm@2c+9BKrCcJ5h<3sC?7 literal 0 HcmV?d00001