Merge pull request #7741 from Security-Onion-Solutions/hotfix/2.3.110

Hotfix/2.3.110 20220407
Merge pull request #7740 from Security-Onion-Solutions/hfix0407
2026-01-23 16:33:29 +01:00 · 2022-04-07 16:30:50 -04:00 · 2022-04-07 16:11:58 -04:00 · 2022-04-07 16:03:13 -04:00 · 2022-04-07 14:46:20 -04:00 · 2022-04-07 14:40:54 -04:00
5 changed files with 34 additions and 15 deletions
--- a/2
+++ b/2
@@ -1 +1 @@
-04012022 04052022
+04012022 04052022 04072022
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.110-20220405 ISO image built on 2022/04/05
+### 2.3.110-20220407 ISO image built on 2022/04/07



 ### Download and Verify

-2.3.110-20220405 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220405.iso
+2.3.110-20220407 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220407.iso

-MD5: 9CE982FE45DC2957A3A6D376E6DCC048  
-SHA1: 10E3FF28A69F9617D4CCD2F5061AA2DC062B8F94  
-SHA256: 0C178A422ABF7B61C08728E32CE20A9F9C1EC65807EB67D06F1C23F7D1EA51A7 
+MD5: 928D589709731EFE9942CA134A6F4C6B  
+SHA1: CA588A684586CC0D5BDE5E0E41C935FFB939B6C7  
+SHA256: CBF8743838AF2C7323E629FB6B28D5DD00AE6658B0E29E4D0916411D2D526BD2 

 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220405.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220407.iso.sig

 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma

 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220405.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.110-20220407.iso.sig
 ```

 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220405.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.110-20220407.iso
 ```

 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.110-20220405.iso.sig securityonion-2.3.110-20220405.iso
+gpg --verify securityonion-2.3.110-20220407.iso.sig securityonion-2.3.110-20220407.iso
 ```

 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Tue 05 Apr 2022 06:37:40 PM EDT using RSA key ID FE507013
+gpg: Signature made Thu 07 Apr 2022 03:30:03 PM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -946,6 +946,7 @@ update_repo() {
      exit 1
    fi

+    rm -f /etc/apt/sources.list.d/salt.list
    echo "deb https://repo.securityonion.net/file/securityonion-repo/ubuntu/$ubuntu_version/amd64/salt $OSVER main" > /etc/apt/sources.list.d/saltstack.list
    apt-get update
  fi
@@ -1094,6 +1095,12 @@ main() {
  upgrade_check_salt
  set -e

+  if [[ $is_airgap -eq 0 ]]; then
+    update_centos_repo
+    yum clean all
+    check_os_updates
+  fi
+
  if [ "$is_hotfix" == "true" ]; then
    echo "Applying $HOTFIXVERSION hotfix"
    copy_new_files
@@ -1115,9 +1122,6 @@ main() {
    echo "Updating dockers to $NEWVERSION."
    if [[ $is_airgap -eq 0 ]]; then
      airgap_update_dockers
-      update_centos_repo
-      yum clean all
-      check_os_updates
    # if not airgap but -f was used
    elif [[ ! -z "$ISOLOC" ]]; then
      airgap_update_dockers
--- a/salt/repo/client/ubuntu.sls
+++ b/salt/repo/client/ubuntu.sls
@@ -1,5 +1,20 @@
+# this removes the repo file left by bootstrap-salt.sh without -r
+remove_salt.list:
+  file.absent:
+    - name: /etc/apt/sources.list.d/salt.list
+
 saltstack.list:
  file.managed:
    - name: /etc/apt/sources.list.d/saltstack.list
    - contents:
      - deb https://repo.securityonion.net/file/securityonion-repo/ubuntu/{{grains.osrelease}}/amd64/salt/ {{grains.oscodename}} main
+
+apt_update:
+  cmd.run:
+    - name: apt-get update
+    - onchanges:
+      - file: saltstack.list
+    - timeout: 30
+    - retry:
+        attempts: 5
+        interval: 30
--- a/sigs/securityonion-2.3.110-20220407.iso.sig
+++ b/sigs/securityonion-2.3.110-20220407.iso.sig
Author	SHA1	Message	Date
Mike Reeves	0bc3d5d757	Merge pull request #7741 from Security-Onion-Solutions/hotfix/2.3.110 Hotfix/2.3.110 20220407	2022-04-07 16:30:50 -04:00
Mike Reeves	6d88a5b541	Merge pull request #7740 from Security-Onion-Solutions/hfix0407 2.3.110 hotfix 0407	2022-04-07 16:11:58 -04:00
Mike Reeves	6a28e752f0	2.3.110 hotfix 0407	2022-04-07 16:03:13 -04:00
Mike Reeves	2ad3f63cb5	Merge pull request #7739 from Security-Onion-Solutions/TOoSmOotH-patch-2 Update HOTFIX	2022-04-07 14:46:20 -04:00
Mike Reeves	93e04850c4	Update HOTFIX	2022-04-07 14:40:54 -04:00
Josh Patterson	09e7b5a8bf	Merge pull request #7733 from Security-Onion-Solutions/m0duspwnens-salt-3004.1 remove saltstack repo created by bootstrap-salt for ubuntu	2022-04-07 09:05:51 -04:00
m0duspwnens	8fbd16f75d	ensure salt.list is absent	2022-04-07 09:03:51 -04:00
m0duspwnens	722b200e16	add retry to apt_update incase running in background	2022-04-07 08:58:07 -04:00
m0duspwnens	b2a98af18b	proper formatting	2022-04-07 08:55:30 -04:00
m0duspwnens	be3769fd7c	run apt-get update if saltstack.list changes	2022-04-07 08:53:44 -04:00
m0duspwnens	08ac696f14	remove saltstack repo created by bootstrap-salt for ubuntu	2022-04-06 17:38:06 -04:00
Josh Patterson	0c1ac729e1	Merge pull request #7731 from Security-Onion-Solutions/m0duspwnens-salt-3004.1 update the centos repo for airgap prior to applying hotfix	2022-04-06 17:00:09 -04:00
m0duspwnens	833106775f	update the centos repo for airgap prior to applying hotfix or standard soup run	2022-04-06 16:53:55 -04:00