From 30fa9872f95f38dc0aca73908e6dbcbb25f33132 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 10:38:26 -0400 Subject: [PATCH 01/16] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d3f7ac829..a0c5a8c05 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -## Security Onion 2.0.0.rc1 +## Security Onion 2.0.1.rc1 -Security Onion 2.0.0 RC1 is here! This version requires a fresh install, but there is good news - we have brought back soup! From now on, you should be able to run soup on the manager to upgrade your environment to RC2 and beyond! +Security Onion 2.0.1 RC1 is here! This version requires a fresh install, but there is good news - we have brought back soup! From now on, you should be able to run soup on the manager to upgrade your environment to RC2 and beyond! ### Warnings and Disclaimers From 75477fe9bf22aa68efc11f8dec42ad94ab3b61e7 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 11:56:14 -0400 Subject: [PATCH 02/16] Update changes.json --- salt/soc/files/soc/changes.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json index 517816fcd..1fd10c7ac 100644 --- a/salt/soc/files/soc/changes.json +++ b/salt/soc/files/soc/changes.json @@ -1,6 +1,11 @@ { - "title": "Security Onion 2.0.0 RC1 is here!", + "title": "Security Onion 2.0.1 RC1 is here!", "changes": [ + { "summary": "Security Fix: variables.txt from ISO install stays on disk for 10 days." }, + { "summary": "Security Fix: Remove user values from static.sls." }, + { "summary": "Fix distributed deployment sensor interval issue allowing PCAP." }, + { "summary": "Support for passwords that start with special characters." }, + { "summary": "Minor soup updates." }, { "summary": "Re-branded 2.0 to give it a fresh look." }, { "summary": "All documentation has moved to https://docs.securityonion.net/en/2.0" }, { "summary": "soup is alive! Note: This tool only updates Security Onion components. Please use the built-in OS update process to keep the OS and other components up to date." }, From 4b127010ee3d80be2f12f5d60bd0b62be74d26b3 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 11:59:20 -0400 Subject: [PATCH 03/16] Update changes.json --- salt/soc/files/soc/changes.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json index 1fd10c7ac..c8f116c4a 100644 --- a/salt/soc/files/soc/changes.json +++ b/salt/soc/files/soc/changes.json @@ -1,10 +1,10 @@ { "title": "Security Onion 2.0.1 RC1 is here!", "changes": [ - { "summary": "Security Fix: variables.txt from ISO install stays on disk for 10 days." }, - { "summary": "Security Fix: Remove user values from static.sls." }, - { "summary": "Fix distributed deployment sensor interval issue allowing PCAP." }, - { "summary": "Support for passwords that start with special characters." }, + { "summary": "Security Fix 1067: variables.txt from ISO install stays on disk for 10 days." }, + { "summary": "Security Fix 1068: Remove user values from static.sls." }, + { "summary": "Issue 1059: Fix distributed deployment sensor interval issue allowing PCAP." }, + { "summary": "Issue 1058: Support for passwords that start with special characters." }, { "summary": "Minor soup updates." }, { "summary": "Re-branded 2.0 to give it a fresh look." }, { "summary": "All documentation has moved to https://docs.securityonion.net/en/2.0" }, From 3dd8e1998d487c8337e12a9a77c314fa5e0d65eb Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 13:33:12 -0400 Subject: [PATCH 04/16] Update Signature and Download Links --- VERIFY_ISO.md | 20 ++++++++++---------- sigs/securityonion-2.0.0-rc1.iso.sig | Bin 543 -> 0 bytes sigs/securityonion-2.0.1-rc1.iso.sig | Bin 0 -> 543 bytes 3 files changed, 10 insertions(+), 10 deletions(-) delete mode 100644 sigs/securityonion-2.0.0-rc1.iso.sig create mode 100644 sigs/securityonion-2.0.1-rc1.iso.sig diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index abefebfc6..139751091 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,16 +1,16 @@ -### 2.0.0-rc1 ISO image built on 2020/07/20 +### 2.0.1-rc1 ISO image built on 2020/07/23 ### Download and Verify -2.0.0-rc1 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.0.0-rc1.iso +2.0.1-rc1 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.0.1-rc1.iso -MD5: 788570E839439C23956581C6145B8689 -SHA1: A87CAF016C989D4DB4D4ED619DF072B708BA28FE -SHA256: C5AC6419AF40CB98E93C53CE4101E7DE5F51AEE76DB46734191D783503649210 +MD5: 6A6FB965E6470EC7CA3D0030F041C687 +SHA1: B1EA5198CF73653F3D33E64A45B56D4327F1B0AB +SHA256: EB9913BB0EB2692DBF28BF2AB7D691BB2EED5F7751D8A8A42D9B86D3F983FAEB Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.0-rc1.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.1-rc1.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS @@ -24,17 +24,17 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.0-rc1.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.1-rc1.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.0.0-rc1.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.0.1-rc1.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.0.0-rc1.iso.sig securityonion-2.0.0-rc1.iso +gpg --verify securityonion-2.0.0-rc1.iso.sig securityonion-2.0.1-rc1.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: diff --git a/sigs/securityonion-2.0.0-rc1.iso.sig b/sigs/securityonion-2.0.0-rc1.iso.sig deleted file mode 100644 index c3504de4c6849aee7d94761e67bfb393b7414a0e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;3c>Hh!<2@re`V7LBIa1+bo5B(BQH`)!6wdCiS?etDG z$7z6>%)&}{^-5LV{Y6sAw)$Yg%`TO(NpFKf#lWfB?;+RxB1Y#!fQ?}^8)>8AC5@+G z(BEIT;=FW&>Ml+raoEsl-!dN?U>F)MFBCDqCjPwwsSr*=$~q8sSDmv&`fT!&aPO;h z{koU~=)dI94n~R5JC}oo`wjR%WzP#2rvAeMW3kyd8IU1Kn)< zT`6(u(npsNrN<$}g_VbHd(s$sZoG%|9bSTJ?#H3%!0xe&%1y6;USX4=)__9d_$1Q* zkkv8^(zf{|LkfLw#=$#tco)+ieS?a35dfOuA4)<~i2i2k0Me7d+VFl+u4byA+&Q6Z zJT659*nxc72gRBskK#H>zP5!$J8}Ww$T=h5v9)q=;Ry@agywV8Q@gV92L6`DS~BpL!-u0wP#wYvC;7 zB!~_Fai+ejx43ihGj|9VMECX0**&VI6K*`8D+T-LrRz8`&g@#!J(LFdhcZGZ239U-lY@?c$fa1VKPpOrLd hNQi-TnCEU%1Za5fyc7xo&sN#>7zjgPK!*J>>`Xuu4E+EA diff --git a/sigs/securityonion-2.0.1-rc1.iso.sig b/sigs/securityonion-2.0.1-rc1.iso.sig new file mode 100644 index 0000000000000000000000000000000000000000..1510bf3b62c777fb35cfaff97f06eb047e7a4c64 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;3gyDR_-2@re`V7LBIa1-6{5CE{w`OJf5s)Ugt4NL&# z`JGMxKTQ-H%{-U9RLnhItf^sJ#7l$vv#I;iPv_Efv&W=YDI_7^`)Cn~Qs!{hwdyFZ z#5OVq`oC@}U!~oAjK~x)UX~F|k@M5f?whiPp{m}_K7DPH%U@|0{mq{nO!HnZQ8mpZaVJKOEX8uck7?Fm0r`*b=^E>*Ey8>QUV|DA>uN=K{7YFq2!yv2yPZ z#3$lzy-i1NVKXVzYzgUR8k7L}kNx3%o8DEhXHZtW4MxD65Wu?yU|_bX9j*HVD2=F2;e5XaRZi-Q@qXgXnR)+A;hT+|Ntx1nGB+JWhJ#Pqxs zEbmXo4|oSc0(m_;hx?$4bV7=-e-|N!-S`Q|tgdJTw3Uby(|NZb3*2DqzA3V5nb8Xt zJtt~O?(=IlIns+lv)PN;nS^>ruXgu5DUnGWO_|$Ng!-<7nH$F{i*G`1>vH(Wp7f9Z zzq?dcqWzDIVH}#(kMoeeG>pr2p^t@$1It^lDC7+f+afbrw_H#@TN{llEzg;eph$Sx z<4JS3kW;wFRE%+q5JZRTihR;XI1v=W+S4E`evL^fG*ZrG$%8~n>=G?+zYHhJ83Vt| h07+PeqCK7R=H6P5hbM?v3(w3*1@C1&SVY`h?fE282=o8| literal 0 HcmV?d00001 From 4d84b840e47911ebbc89826506e1e3bdd3d0af96 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 15:16:39 -0400 Subject: [PATCH 05/16] Update Signature and hashes --- sigs/securityonion-2.0.1-rc1.iso.sig | Bin 543 -> 543 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/sigs/securityonion-2.0.1-rc1.iso.sig b/sigs/securityonion-2.0.1-rc1.iso.sig index 1510bf3b62c777fb35cfaff97f06eb047e7a4c64..9b425ada19b36d4ea00f4427f925bf3e857c6bb6 100644 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;3g-0J`e2@re`V7LBIa1(eG5C3kgvn4_|BqkcaLp#Ug z4&UtC2(Z*ZWnXzmNK`qCMAjh4Z#$E~cecv#Ba_=A3v9iW zL?hmX$;`QQvO07`BO=%MDQr#17NbgB7{`c{&6a=Ed~ai>+MIOF?^?hYW-AQ>+s{QQ zv@P~0@G7BLC2H9Ji&`?&u-4RMd?N7sEq@^ox6}FcPF}g%`phY)N1lL zi;$ySfWks{6g4*|HC;G-%4EZ5f)th;@MT2jgXi}-n2Q)Tsrp1?B2OL4YQ71z?P%C3 zJKtkM@=Fx(Rp!z%{r_E?qo41pwJ|2D=)w68e&Ge3umS++NjjG8LArK7{Nj<&N z7xK$Crl@UC37Z{5ypB)_iV^hOM&s^-nQjZmSKu zTy-BtyE|KC4I=bI2zKuRFh}agToypNPcPub7*INaG%93P5@5ce;7oNOj+qKNP$3^m zRTJ?cXNzk5Om_+tzAnjnrd&%g2@Ot`#2nV1T6pn literal 543 zcmV+)0^t3L0vrSY0RjL91p;3gyDR_-2@re`V7LBIa1-6{5CE{w`OJf5s)Ugt4NL&# z`JGMxKTQ-H%{-U9RLnhItf^sJ#7l$vv#I;iPv_Efv&W=YDI_7^`)Cn~Qs!{hwdyFZ z#5OVq`oC@}U!~oAjK~x)UX~F|k@M5f?whiPp{m}_K7DPH%U@|0{mq{nO!HnZQ8mpZaVJKOEX8uck7?Fm0r`*b=^E>*Ey8>QUV|DA>uN=K{7YFq2!yv2yPZ z#3$lzy-i1NVKXVzYzgUR8k7L}kNx3%o8DEhXHZtW4MxD65Wu?yU|_bX9j*HVD2=F2;e5XaRZi-Q@qXgXnR)+A;hT+|Ntx1nGB+JWhJ#Pqxs zEbmXo4|oSc0(m_;hx?$4bV7=-e-|N!-S`Q|tgdJTw3Uby(|NZb3*2DqzA3V5nb8Xt zJtt~O?(=IlIns+lv)PN;nS^>ruXgu5DUnGWO_|$Ng!-<7nH$F{i*G`1>vH(Wp7f9Z zzq?dcqWzDIVH}#(kMoeeG>pr2p^t@$1It^lDC7+f+afbrw_H#@TN{llEzg;eph$Sx z<4JS3kW;wFRE%+q5JZRTihR;XI1v=W+S4E`evL^fG*ZrG$%8~n>=G?+zYHhJ83Vt| h07+PeqCK7R=H6P5hbM?v3(w3*1@C1&SVY`h?fE282=o8| From acf20bf2e87274e3d6cacf82916607a53b3ec272 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 15:20:22 -0400 Subject: [PATCH 06/16] Update Signature and hashes --- VERIFY_ISO.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 139751091..2a1498d55 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -5,9 +5,9 @@ 2.0.1-rc1 ISO image: https://download.securityonion.net/file/securityonion/securityonion-2.0.1-rc1.iso -MD5: 6A6FB965E6470EC7CA3D0030F041C687 -SHA1: B1EA5198CF73653F3D33E64A45B56D4327F1B0AB -SHA256: EB9913BB0EB2692DBF28BF2AB7D691BB2EED5F7751D8A8A42D9B86D3F983FAEB +MD5: C850E971F7AFC82B61FB74EE4ECC8662 +SHA1: EA3A0C7E059A32EE4A00910FEF342A714316E4F3 +SHA256: 82CD8996F8C40F4B6B23E1232A282610252A8D03F8FF80AB66A74D5E5FD4176E Signature for ISO image: https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.1-rc1.iso.sig From 11932366cdc176920a9a75c6486d460e511b8e27 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 15:25:53 -0400 Subject: [PATCH 07/16] Update VERIFY_ISO.md --- VERIFY_ISO.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 2a1498d55..cb17bd36b 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -6,7 +6,7 @@ https://download.securityonion.net/file/securityonion/securityonion-2.0.1-rc1.iso MD5: C850E971F7AFC82B61FB74EE4ECC8662 -SHA1: EA3A0C7E059A32EE4A00910FEF342A714316E4F3 +SHA1: EA3A0C7E059A32EE4A00910FEF342A714316E4F3 SHA256: 82CD8996F8C40F4B6B23E1232A282610252A8D03F8FF80AB66A74D5E5FD4176E Signature for ISO image: @@ -39,7 +39,7 @@ gpg --verify securityonion-2.0.0-rc1.iso.sig securityonion-2.0.1-rc1.iso The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Mon 20 Jul 2020 03:01:19 PM EDT using RSA key ID FE507013 +gpg: Signature made Thu 23 Jul 2020 02:54:35 PM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. From 261310ce92f0e86f7d6c6e0263769ad19047a094 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 15:28:37 -0400 Subject: [PATCH 08/16] Update VERIFY_ISO.md --- VERIFY_ISO.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index cb17bd36b..91a2f3f18 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -34,7 +34,7 @@ wget https://download.securityonion.net/file/securityonion/securityonion-2.0.1-r Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.0.0-rc1.iso.sig securityonion-2.0.1-rc1.iso +gpg --verify securityonion-2.0.1-rc1.iso.sig securityonion-2.0.1-rc1.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: From 39426afffda52b3634a4a8d5bd2baf930a525a12 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 23 Jul 2020 21:00:10 -0400 Subject: [PATCH 09/16] Ensure SENSOR_CHECKIN_INTERVAL_MS var is non-null before saving static pillar --- setup/so-functions | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 26681b864..1f868ae98 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -926,13 +926,6 @@ manager_pillar() { local pillar_file=$temp_install_dir/pillar/minions/$MINION_ID.sls - if [ -z "$SENSOR_CHECKIN_INTERVAL_MS" ]; then - SENSOR_CHECKIN_INTERVAL_MS=10000 - if [ "$install_type" = 'EVAL' ] || [ "$install_type" = 'STANDALONE' ]; then - SENSOR_CHECKIN_INTERVAL_MS=1000 - fi - fi - # Create the manager pillar printf '%s\n'\ "manager:"\ @@ -1003,6 +996,13 @@ manager_pillar() { manager_static() { local static_pillar="$local_salt_dir/pillar/static.sls" + if [ -z "$SENSOR_CHECKIN_INTERVAL_MS" ]; then + SENSOR_CHECKIN_INTERVAL_MS=10000 + if [ "$install_type" = 'EVAL' ] || [ "$install_type" = 'STANDALONE' ]; then + SENSOR_CHECKIN_INTERVAL_MS=1000 + fi + fi + # Create a static file for global values printf '%s\n'\ "static:"\ From ec09c064d0ca9b6b55dbf8dba580d2cd00beb5f5 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 23 Jul 2020 21:19:45 -0400 Subject: [PATCH 10/16] If SENSOR_CHECKIN_INTERVAL_MS is still not set when using in a template, fallback to 10s --- salt/pcap/files/sensoroni.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/pcap/files/sensoroni.json b/salt/pcap/files/sensoroni.json index e379d5003..ab99c175c 100644 --- a/salt/pcap/files/sensoroni.json +++ b/salt/pcap/files/sensoroni.json @@ -5,7 +5,7 @@ "logFilename": "/opt/sensoroni/logs/sensoroni.log", "logLevel":"debug", "agent": { - "pollIntervalMs": {{ CHECKININTERVALMS }}, + "pollIntervalMs": {{ CHECKININTERVALMS if CHECKININTERVALMS else 10000 }}, "serverUrl": "https://{{ MANAGER }}/sensoroniagents", "verifyCert": false, "modules": { From 95bb1147ca5225904709b5ea37413ef174e50ef2 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 22:08:23 -0400 Subject: [PATCH 11/16] Update VERSION --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 0637814cd..61cbf99af 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.0.1-rc.1 \ No newline at end of file +2.0.2-rc.1 From 650c983a2e3f338b93b3c12e53b880dbf1f7102b Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 22:09:05 -0400 Subject: [PATCH 12/16] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a0c5a8c05..912ac745a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -## Security Onion 2.0.1.rc1 +## Security Onion 2.0.2.rc1 -Security Onion 2.0.1 RC1 is here! This version requires a fresh install, but there is good news - we have brought back soup! From now on, you should be able to run soup on the manager to upgrade your environment to RC2 and beyond! +Security Onion 2.0.2 RC1 is here! This version requires a fresh install, but there is good news - we have brought back soup! From now on, you should be able to run soup on the manager to upgrade your environment to RC2 and beyond! ### Warnings and Disclaimers From 31daad1e5b28870d3ed3114b838b8630c7d60ea4 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 22:11:22 -0400 Subject: [PATCH 13/16] Update VERIFY_ISO.md still needs MD5s etc --- VERIFY_ISO.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 91a2f3f18..0657c5cfe 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -3,14 +3,14 @@ ### Download and Verify 2.0.1-rc1 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.0.1-rc1.iso +https://download.securityonion.net/file/securityonion/securityonion-2.0.2-rc1.iso MD5: C850E971F7AFC82B61FB74EE4ECC8662 SHA1: EA3A0C7E059A32EE4A00910FEF342A714316E4F3 SHA256: 82CD8996F8C40F4B6B23E1232A282610252A8D03F8FF80AB66A74D5E5FD4176E Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.1-rc1.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.2-rc1.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS @@ -24,17 +24,17 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.1-rc1.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.2-rc1.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.0.1-rc1.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.0.2-rc1.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.0.1-rc1.iso.sig securityonion-2.0.1-rc1.iso +gpg --verify securityonion-2.0.2-rc1.iso.sig securityonion-2.0.2-rc1.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: From 79c45156c20c3204502d159fb7fb83c1d15d692c Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 23 Jul 2020 22:13:02 -0400 Subject: [PATCH 14/16] Update changes.json --- salt/soc/files/soc/changes.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json index c8f116c4a..dc3e4118f 100644 --- a/salt/soc/files/soc/changes.json +++ b/salt/soc/files/soc/changes.json @@ -1,6 +1,7 @@ { - "title": "Security Onion 2.0.1 RC1 is here!", + "title": "Security Onion 2.0.2 RC1 is here!", "changes": [ + { "summary": "Fixed standalone pcap interval issue." }, { "summary": "Security Fix 1067: variables.txt from ISO install stays on disk for 10 days." }, { "summary": "Security Fix 1068: Remove user values from static.sls." }, { "summary": "Issue 1059: Fix distributed deployment sensor interval issue allowing PCAP." }, From 91e7a474d534b495b10dca9dd07e3284ac436500 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 24 Jul 2020 10:18:09 -0400 Subject: [PATCH 15/16] Update VERIFY_ISO.md --- VERIFY_ISO.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 0657c5cfe..7ff0536b9 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,13 +1,13 @@ -### 2.0.1-rc1 ISO image built on 2020/07/23 +### 2.0.2-rc1 ISO image built on 2020/07/23 ### Download and Verify -2.0.1-rc1 ISO image: +2.0.2-rc1 ISO image: https://download.securityonion.net/file/securityonion/securityonion-2.0.2-rc1.iso -MD5: C850E971F7AFC82B61FB74EE4ECC8662 -SHA1: EA3A0C7E059A32EE4A00910FEF342A714316E4F3 -SHA256: 82CD8996F8C40F4B6B23E1232A282610252A8D03F8FF80AB66A74D5E5FD4176E +MD5: DC991385818DB7A4242F4BF7045D1250 +SHA1: 0BD458F01F10B324DF90F95201CC33B9DEBEAFA3 +SHA256: BE851E5FB1952942A9C10F6563DF6EF93381D734FDFD7E05FFAC77A5064F781A Signature for ISO image: https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.0.2-rc1.iso.sig @@ -39,7 +39,7 @@ gpg --verify securityonion-2.0.2-rc1.iso.sig securityonion-2.0.2-rc1.iso The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Thu 23 Jul 2020 02:54:35 PM EDT using RSA key ID FE507013 +gpg: Signature made Thu 23 Jul 2020 10:38:04 PM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. From 2cabcd4239f668b2097a9c56d047241b9efbe38a Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 24 Jul 2020 10:19:38 -0400 Subject: [PATCH 16/16] Update sig file and hashes --- sigs/securityonion-2.0.1-rc1.iso.sig | Bin 543 -> 0 bytes sigs/securityonion-2.0.2-rc1.iso.sig | Bin 0 -> 543 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 sigs/securityonion-2.0.1-rc1.iso.sig create mode 100644 sigs/securityonion-2.0.2-rc1.iso.sig diff --git a/sigs/securityonion-2.0.1-rc1.iso.sig b/sigs/securityonion-2.0.1-rc1.iso.sig deleted file mode 100644 index 9b425ada19b36d4ea00f4427f925bf3e857c6bb6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 543 zcmV+)0^t3L0vrSY0RjL91p;3g-0J`e2@re`V7LBIa1(eG5C3kgvn4_|BqkcaLp#Ug z4&UtC2(Z*ZWnXzmNK`qCMAjh4Z#$E~cecv#Ba_=A3v9iW zL?hmX$;`QQvO07`BO=%MDQr#17NbgB7{`c{&6a=Ed~ai>+MIOF?^?hYW-AQ>+s{QQ zv@P~0@G7BLC2H9Ji&`?&u-4RMd?N7sEq@^ox6}FcPF}g%`phY)N1lL zi;$ySfWks{6g4*|HC;G-%4EZ5f)th;@MT2jgXi}-n2Q)Tsrp1?B2OL4YQ71z?P%C3 zJKtkM@=Fx(Rp!z%{r_E?qo41pwJ|2D=)w68e&Ge3umS++NjjG8LArK7{Nj<&N z7xK$Crl@UC37Z{5ypB)_iV^hOM&s^-nQjZmSKu zTy-BtyE|KC4I=bI2zKuRFh}agToypNPcPub7*INaG%93P5@5ce;7oNOj+qKNP$3^m zRTJ?cXNzk5Om_+tzAnjnrd&%g2@Ot`#2nV1T6pn diff --git a/sigs/securityonion-2.0.2-rc1.iso.sig b/sigs/securityonion-2.0.2-rc1.iso.sig new file mode 100644 index 0000000000000000000000000000000000000000..c51d7e1e44b5da295088d99b7f9827d9f7d22085 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;3hNsIsr2@re`V7LBIa1&1Q5B@er8aj}!^-1Sn^+8Z4 zpjro zaBQ255?uEdXs6#Lk>0;>f15Jfwb#*O${S?pe6I4LDad&Pn0)2@3wGX#ILr@Ug~b8@ zGIykapWTV_*M6g*s6jZMI8mC7JHb2YN@2H!A9OpH31YXjrO4unT-nntHtdbt=`9^g zfTv+cjA_Of`-tu$i-?!~A-tYSlz~^j(Vdo-iZTVAw1%V?5Oc^zl76&wq|j) z8}Q$WK#kWLs=Qc(|1v()uD48lIa2TDZCrGO8uEDLz0^_#38P^!ywKOyKJ&sKd+Ys< zK5ZCao9m+0kEYHr1a)VPGPRYc@->y~v~(^>_KKdXns?I$`B~|);R;CQC_>q2$oZKZ0Zfp1$qDg literal 0 HcmV?d00001