Merge pull request #15858 from Security-Onion-Solutions/security-fix

Fix unsafe PyYAML load in filecheck
2026-05-10 05:12:54 +02:00 · 2026-05-04 16:16:40 -04:00 · 2026-05-04 12:09:35 -04:00 · 2026-05-04 11:05:23 -05:00 · 2026-05-04 10:52:37 -05:00
2 changed files with 11 additions and 1 deletions
@@ -51,6 +51,16 @@ so-elastic-fleet-package-registry:
      - {{ ULIMIT.name }}={{ ULIMIT.soft }}:{{ ULIMIT.hard }}
    {%   endfor %}
    {% endif %}
+
+wait_for_so-elastic-fleet-package-registry:
+  http.wait_for_successful_query:
+    - name: "http://localhost:8080/health"
+    - status: 200
+    - wait_for: 300
+    - request_interval: 15
+    - require:
+      - docker_container: so-elastic-fleet-package-registry
+
 delete_so-elastic-fleet-package-registry_so-status.disabled:
  file.uncomment:
    - name: /opt/so/conf/so-status/so-status.conf
@@ -15,7 +15,7 @@ from watchdog.observers import Observer
 from watchdog.events import FileSystemEventHandler

 with open("/opt/so/conf/strelka/filecheck.yaml", "r") as ymlfile:
-    cfg = yaml.load(ymlfile, Loader=yaml.Loader)
+    cfg = yaml.safe_load(ymlfile)

 extract_path = cfg["filecheck"]["extract_path"]
 historypath = cfg["filecheck"]["historypath"]
Author	SHA1	Message	Date
Mike Reeves	5bca81d833	Merge pull request #15858 from Security-Onion-Solutions/security-fix Fix unsafe PyYAML load in filecheck	2026-05-04 16:16:40 -04:00
Mike Reeves	b701664e04	Fix unsafe PyYAML load in filecheck	2026-05-04 12:09:35 -04:00
Jorge Reyes	bc64f1431d	Merge pull request #15857 from Security-Onion-Solutions/reyesj2/package-registry-health fleet package registry health check	2026-05-04 11:05:23 -05:00
reyesj2	2203037ce7	fleet package registry health check	2026-05-04 10:52:37 -05:00