Merge pull request #4989 from Security-Onion-Solutions/hotfix/2.3.61

Hotfix/2.3.61
Merge pull request #4988 from Security-Onion-Solutions/mkr2361
2026-01-13 11:41:22 +01:00 · 2021-07-29 14:58:25 -04:00 · 2021-07-29 11:10:41 -04:00 · 2021-07-29 11:09:54 -04:00 · 2021-07-29 11:09:27 -04:00 · 2021-07-29 11:08:03 -04:00
8 changed files with 30 additions and 17 deletions
--- a/2
+++ b/2
@@ -1 +1 @@
-
+STENODOCKER MSEARCH
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.61 ISO image built on 2021/07/22
+### 2.3.61-MSEARCH ISO image built on 2021/07/28



 ### Download and Verify

-2.3.61 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.61.iso
+2.3.61-MSEARCH ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.61-MSEARCH.iso

-MD5: 538F29F3AB57087FC879108FFC81447C  
-SHA1: C2239206572CBEB697CFA2A4850A16A54BF5FB0D  
-SHA256: F5035361B63D1EE8D87CE7B0D8333E521A44453274785B62630CAC76C1BEA929 
+MD5: D38450A6609A1DFF0E19482517B24275  
+SHA1: DBCBD8F035FD875DC56307982A2480A62BCAB96D  
+SHA256: D7767AA10FE5D655E8502BDC9B8F963C5584DF8F72F26A5A997C1F2277D4F07E 

 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-MSEARCH.iso.sig

 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma

 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-MSEARCH.iso.sig
 ```

 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.61.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.61-MSEARCH.iso
 ```

 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.61.iso.sig securityonion-2.3.61.iso
+gpg --verify securityonion-2.3.61-MSEARCH.iso.sig securityonion-2.3.61-MSEARCH.iso
 ```

 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Thu 22 Jul 2021 10:28:58 AM EDT using RSA key ID FE507013
+gpg: Signature made Wed 28 Jul 2021 05:27:35 PM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
--- a/salt/elasticsearch/files/elasticsearch.yml
+++ b/salt/elasticsearch/files/elasticsearch.yml
@@ -49,6 +49,16 @@ discovery.seed_hosts:
   - {{ SN.split('_')|first }}
      {%- endfor %}
    {%- endif %}
+  {%- elif grains.role == 'so-managersearch' %}
+      {%- if salt['pillar.get']('nodestab', {}) %}
+node.roles: [ master, data, remote_cluster_client ]
+discovery.seed_hosts:
+   - {{ grains.master }}
+      {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %}
+   - {{ SN.split('_')|first }}
+      {%- endfor %}
+    {%- endif %}
+node.attr.box_type: {{ NODE_ROUTE_TYPE }}
  {%- else %}
 node.roles: {{ NODE_ROLES }}
 node.attr.box_type: {{ NODE_ROUTE_TYPE }}
--- a/salt/nginx/etc/nginx.conf
+++ b/salt/nginx/etc/nginx.conf
@@ -149,7 +149,7 @@ http {
 		root         /opt/socore/html;
 		index        index.html;

-		add_header 	Content-Security-Policy     "default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; frame-ancestors 'self'";
+		add_header 	Content-Security-Policy     "default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob: wss:; frame-ancestors 'self'";
 		add_header 	X-Frame-Options             SAMEORIGIN;
 		add_header 	X-XSS-Protection            "1; mode=block";
 		add_header 	X-Content-Type-Options      nosniff;
--- a/salt/pcap/init.sls
+++ b/salt/pcap/init.sls
@@ -111,6 +111,7 @@ stenolog:

 so-steno:
  docker_container.{{ STENOOPTIONS.status }}:
+  {% if STENOOPTIONS.status == 'running' %}
    - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-steno:{{ VERSION }}
    - start: {{ STENOOPTIONS.start }}
    - network_mode: host
@@ -126,6 +127,9 @@ so-steno:
      - /opt/so/log/stenographer:/var/log/stenographer:rw
    - watch:
      - file: /opt/so/conf/steno/config
+  {% else %} {# if stenographer isn't enabled, then stop and remove the container #}
+    - force: True
+  {% endif %}

 append_so-steno_so-status.conf:
  file.append:
@@ -133,7 +137,6 @@ append_so-steno_so-status.conf:
    - text: so-steno
    - unless: grep -q so-steno /opt/so/conf/so-status/so-status.conf

-
  {% if not STENOOPTIONS.start %}
 so-steno_so-status.disabled:
  file.comment:
@@ -152,4 +155,4 @@ delete_so-steno_so-status.disabled:
  test.fail_without_changes:
    - name: {{sls}}_state_not_allowed

-{% endif %}
+{% endif %}
--- a/salt/pcap/map.jinja
+++ b/salt/pcap/map.jinja
@@ -9,7 +9,7 @@
 {% endif %}

 {% if ENABLED is sameas false %}
-  {% do STENOOPTIONS.update({'status': 'stopped'}) %}
+  {% do STENOOPTIONS.update({'status': 'absent'}) %}
 {% else %}
  {% do STENOOPTIONS.update({'status': 'running'}) %}
-{% endif %}
+{% endif %}
--- a/sigs/securityonion-2.3.61-MSEARCH.iso.sig
+++ b/sigs/securityonion-2.3.61-MSEARCH.iso.sig
--- a/sigs/securityonion-2.3.61-STENODOCKER.iso.sig
+++ b/sigs/securityonion-2.3.61-STENODOCKER.iso.sig
Author	SHA1	Message	Date
Mike Reeves	837c0402a0	Merge pull request #4989 from Security-Onion-Solutions/hotfix/2.3.61 Hotfix/2.3.61	2021-07-29 14:58:25 -04:00
Jason Ertel	c524b54af1	Merge pull request #4988 from Security-Onion-Solutions/mkr2361 2.3.61-MSEARCH	2021-07-29 11:10:41 -04:00
Mike Reeves	7591bb115e	2.3.61-MSEARCH	2021-07-29 11:09:54 -04:00
Mike Reeves	3d2da303c8	2.3.61-MSEARCH	2021-07-29 11:09:27 -04:00
Mike Reeves	f585eb6e62	2.3.61-MSEARCH	2021-07-29 11:08:03 -04:00
Mike Reeves	4b3db0c4d2	Merge pull request #4972 from Security-Onion-Solutions/mkr2361 Fix Manager Search	2021-07-28 17:08:40 -04:00
Mike Reeves	d4a177949a	Fix Manager Search	2021-07-28 17:05:16 -04:00
Mike Reeves	a42d8c9229	Fix Manager Search	2021-07-28 17:03:14 -04:00
Mike Reeves	1caa361e22	Merge pull request #4955 from Security-Onion-Solutions/hotfix/2.3.61 Hotfix/2.3.61	2021-07-27 14:33:31 -04:00
Mike Reeves	da20790238	Merge pull request #4954 from Security-Onion-Solutions/mkr2361 Steno ISO Details	2021-07-27 11:11:22 -04:00
Mike Reeves	f359dd0cd4	Steno ISO Details	2021-07-27 11:09:25 -04:00
Mike Reeves	d35e4bea01	Merge pull request #4932 from Security-Onion-Solutions/issue/4922 Issue/4922	2021-07-26 16:18:22 -04:00
Jason Ertel	26741bdb53	Add wss: to CSP for browsers that enforce wss distinctly from other protocols	2021-07-26 10:55:30 -04:00
m0duspwnens	7aa5e857ed	update hotfix file	2021-07-26 10:46:52 -04:00
m0duspwnens	2e277bf487	change container to abesent of pcap is disabled	2021-07-26 10:08:59 -04:00