From 11cb843fb4d13409c15348e3d44d8f7ae1ed3d6e Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 22 Mar 2021 09:59:48 -0400 Subject: [PATCH 1/2] Verify ISO and update gpg --- VERIFY_ISO.md | 22 +++++++++++----------- sigs/securityonion-2.3.40.iso.sig | Bin 0 -> 543 bytes 2 files changed, 11 insertions(+), 11 deletions(-) create mode 100644 sigs/securityonion-2.3.40.iso.sig diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index bc8793798..33491e176 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,16 +1,16 @@ -### 2.3.30 ISO image built on 2021/03/01 +### 2.3.40 ISO image built on 2021/03/01 ### Download and Verify -2.3.30 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.3.30.iso +2.3.40 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.3.40.iso -MD5: 65202BA0F7661A5E27087F097B8E571E -SHA1: 14E842E39EDBB55A104263281CF25BF88A2E9D67 -SHA256: 210B37B9E3DFC827AFE2940E2C87B175ADA968EDD04298A5926F63D9269847B7 +MD5: FB72C0675F262A714B287BB33CE82504 +SHA1: E8F5A9AA23990DF794611F9A178D88414F5DA81C +SHA256: DB125D6E770F75C3FD35ABE3F8A8B21454B7A7618C2B446D11B6AC8574601070 Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.30.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.40.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS @@ -24,22 +24,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.30.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.40.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.3.30.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.3.40.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.3.30.iso.sig securityonion-2.3.30.iso +gpg --verify securityonion-2.3.40.iso.sig securityonion-2.3.40.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Mon 01 Mar 2021 02:15:28 PM EST using RSA key ID FE507013 +gpg: Signature made Mon 22 Mar 2021 09:35:50 AM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/sigs/securityonion-2.3.40.iso.sig b/sigs/securityonion-2.3.40.iso.sig new file mode 100644 index 0000000000000000000000000000000000000000..ea7c04fb2b127430e908f4a706d461b16eea5abb GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;7Loi+dp2@re`V7LBIa1&0G5C3outT9R&$*mG+xsbX; zzrG>`D2f$rnE4)Vv*4&$8$q^>_G|qb`)E&?`c(!}!(yp^_jWXN}%O z`DcaUk`!=9b9ANCcxD!Qdeg0T;({(F@y^bM8adOaTtegZh@wH%8&jdN2-~oq(K7+)MkQf&dMWkG% zE`rZ-t0%;Xn+1)P*n=yul&DO=5*a{KThZp$wY1b^p;vvoN;kk5OD`KYVl4Qb zD24iI}aZi-+E3KWI>QWi@bGEzMgQ$bw5@9 zmD!?Tiufw>gIg6H<@xa9Q@TcaTMyxc9a3V`H!-e*c`bp?qN83;2ob8civ{56uXlSI zLhYB;I&~SX1^^5@zHevTB5Y*f1RkEQKhMM&>4XD85);gmOjgSZDI~tm(E4U8fg-Kx zz}psfO6v|P&|;@O`#KbY;(VtMSD*v&Wru`hw3h=_JIflkfJ(Hpu*^u!r)QR@q5HFt zwh%Q&a-e;3Y-bi4PMWy=e|}`OE`5GrV&7imeW^xI;}ssVyv;GNj^C|l>GyeUBD{Ct h1s*75K*KGzz=y-D^Zf9vT`)En2AsEu_~~&eq1c=40d)WX literal 0 HcmV?d00001 From ea5624b4bfcc05481054fec743646ce4e47107fc Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 22 Mar 2021 10:02:04 -0400 Subject: [PATCH 2/2] Update date --- VERIFY_ISO.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 33491e176..774116411 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,4 +1,4 @@ -### 2.3.40 ISO image built on 2021/03/01 +### 2.3.40 ISO image built on 2021/03/22 ### Download and Verify