CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-11 19:52:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/2.4/dev' into issue/13808

Browse Source
This commit is contained in:
m0duspwnens
2024-10-15 13:14:18 -04:00
parent c2e46932ee 7a1edb3833
commit ce6c7c3b91
8 changed files with 34 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/DISCUSSION_TEMPLATE/2-4.yml vendored
View File

@@ -22,6 +22,7 @@ body:
- 2.4.90 - 2.4.90
- 2.4.100 - 2.4.100
- 2.4.110 - 2.4.110
- 2.4.120
- Other (please provide detail below) - Other (please provide detail below)
validations: validations:
required: true required: true

22
DOWNLOAD_AND_VERIFY_ISO.md
View File

@@ -1,17 +1,17 @@
### 2.4.100-20240903 ISO image released on 2024/09/03 ### 2.4.110-20241010 ISO image released on 2024/10/10
### Download and Verify ### Download and Verify
2.4.100-20240903 ISO image: 2.4.110-20241010 ISO image:
https://download.securityonion.net/file/securityonion/securityonion-2.4.100-20240903.iso https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241010.iso
MD5: 856BBB4F0764C0A479D8949725FC096B MD5: A8003DEBC4510D538F06238D9DBB86C0
SHA1: B3FCFB8F1031EB8AA833A90C6C5BB61328A73842 SHA1: 441DE90A192C8FE8BEBAB9ACE1A3CC18F71A2B1F
SHA256: 0103EB9D78970396BB47CBD18DA1FFE64524F5C1C559487A1B2D293E1882B265 SHA256: B087A0D12FC2CA3CCD02BD52E52421F4F60DC09BF826337A057E05A04D114CCE
Signature for ISO image: Signature for ISO image:
https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.100-20240903.iso.sig https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241010.iso.sig
Signing key: Signing key:
https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS
@@ -25,22 +25,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.
Download the signature file for the ISO: Download the signature file for the ISO:
``` ```
wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.100-20240903.iso.sig wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241010.iso.sig
``` ```
Download the ISO image: Download the ISO image:
``` ```
wget https://download.securityonion.net/file/securityonion/securityonion-2.4.100-20240903.iso wget https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241010.iso
``` ```
Verify the downloaded ISO image using the signature file: Verify the downloaded ISO image using the signature file:
``` ```
gpg --verify securityonion-2.4.100-20240903.iso.sig securityonion-2.4.100-20240903.iso gpg --verify securityonion-2.4.110-20241010.iso.sig securityonion-2.4.110-20241010.iso
``` ```
The output should show "Good signature" and the Primary key fingerprint should match what's shown below: The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
``` ```
gpg: Signature made Sat 31 Aug 2024 05:05:05 PM EDT using RSA key ID FE507013 gpg: Signature made Thu 10 Oct 2024 07:05:30 AM EDT using RSA key ID FE507013
gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>" gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
gpg: WARNING: This key is not certified with a trusted signature! gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. gpg: There is no indication that the signature belongs to the owner.

2
VERSION
View File

@@ -1 +1 @@
2.4.110 2.4.120

8
salt/elasticfleet/tools/sbin/so-elastic-fleet-common
View File

@@ -102,6 +102,14 @@ elastic_fleet_package_is_installed() {
curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET -H 'kbn-xsrf: true' "localhost:5601/api/fleet/epm/packages/$PACKAGE" | jq -r '.item.status' curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET -H 'kbn-xsrf: true' "localhost:5601/api/fleet/epm/packages/$PACKAGE" | jq -r '.item.status'
} }
elastic_fleet_agent_policy_ids() {
curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].id
if [ $? -ne 0 ]; then
echo "Error: Failed to retrieve agent policies."
exit 1
fi
}
elastic_fleet_agent_policy_names() { elastic_fleet_agent_policy_names() {
curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].name curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].name
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then

2
salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade
View File

@@ -13,7 +13,7 @@ if [ $? -ne 0 ]; then
fi fi
IFS=$'\n' IFS=$'\n'
agent_policies=$(elastic_fleet_agent_policy_names) agent_policies=$(elastic_fleet_agent_policy_ids)
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error: Failed to retrieve agent policies." echo "Error: Failed to retrieve agent policies."
exit 1 exit 1

12
salt/manager/tools/sbin/soup
View File

@@ -403,6 +403,7 @@ preupgrade_changes() {
[[ "$INSTALLEDVERSION" == 2.4.70 ]] && up_to_2.4.80 [[ "$INSTALLEDVERSION" == 2.4.70 ]] && up_to_2.4.80
[[ "$INSTALLEDVERSION" == 2.4.80 ]] && up_to_2.4.90 [[ "$INSTALLEDVERSION" == 2.4.80 ]] && up_to_2.4.90
[[ "$INSTALLEDVERSION" == 2.4.90 ]] && up_to_2.4.100 [[ "$INSTALLEDVERSION" == 2.4.90 ]] && up_to_2.4.100
[[ "$INSTALLEDVERSION" == 2.4.100 ]] && up_to_2.4.110
true true
} }
@@ -423,6 +424,7 @@ postupgrade_changes() {
[[ "$POSTVERSION" == 2.4.70 ]] && post_to_2.4.80 [[ "$POSTVERSION" == 2.4.70 ]] && post_to_2.4.80
[[ "$POSTVERSION" == 2.4.80 ]] && post_to_2.4.90 [[ "$POSTVERSION" == 2.4.80 ]] && post_to_2.4.90
[[ "$POSTVERSION" == 2.4.90 ]] && post_to_2.4.100 [[ "$POSTVERSION" == 2.4.90 ]] && post_to_2.4.100
[[ "$POSTVERSION" == 2.4.100 ]] && post_to_2.4.110
true true
} }
@@ -510,6 +512,11 @@ post_to_2.4.100() {
POSTVERSION=2.4.100 POSTVERSION=2.4.100
} }
post_to_2.4.110() {
echo "Nothing to apply"
POSTVERSION=2.4.110
}
repo_sync() { repo_sync() {
echo "Sync the local repo." echo "Sync the local repo."
su socore -c '/usr/sbin/so-repo-sync' || fail "Unable to complete so-repo-sync." su socore -c '/usr/sbin/so-repo-sync' || fail "Unable to complete so-repo-sync."
@@ -692,6 +699,11 @@ up_to_2.4.100() {
determine_elastic_agent_upgrade determine_elastic_agent_upgrade
INSTALLEDVERSION=2.4.100 INSTALLEDVERSION=2.4.100
} }
up_to_2.4.110() {
echo "Nothing to do for 2.4.110"
INSTALLEDVERSION=2.4.110
}
add_detection_test_pillars() { add_detection_test_pillars() {
if [[ -n "$SOUP_INTERNAL_TESTING" ]]; then if [[ -n "$SOUP_INTERNAL_TESTING" ]]; then

BIN
sigs/securityonion-2.4.110-20241004.iso.sig Normal file
View File

Binary file not shown.

BIN
sigs/securityonion-2.4.110-20241010.iso.sig Normal file
View File

Binary file not shown.