From 69857b6b5c6ea662ea8086c5911f37d8264b41a0 Mon Sep 17 00:00:00 2001 From: weslambert Date: Tue, 8 Oct 2024 10:54:54 -0400 Subject: [PATCH 1/5] Use ID instead of name --- salt/elasticfleet/tools/sbin/so-elastic-fleet-common | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-common b/salt/elasticfleet/tools/sbin/so-elastic-fleet-common index fadf18b5f6..296e578fc1 100644 --- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-common +++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-common @@ -102,6 +102,14 @@ elastic_fleet_package_is_installed() { curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET -H 'kbn-xsrf: true' "localhost:5601/api/fleet/epm/packages/$PACKAGE" | jq -r '.item.status' } +elastic_fleet_agent_policy_ids() { + curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].id + if [ $? -ne 0 ]; then + echo "Error: Failed to retrieve agent policies." + exit 1 + fi +} + elastic_fleet_agent_policy_names() { curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].name if [ $? -ne 0 ]; then From c58ed45cf034e5db2c6f7c1afbc13790efba2a22 Mon Sep 17 00:00:00 2001 From: weslambert Date: Tue, 8 Oct 2024 10:55:16 -0400 Subject: [PATCH 2/5] Use ID instead of name --- .../tools/sbin/so-elastic-fleet-integration-upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade index bdf93bad3d..baad389eb6 100644 --- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade +++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade @@ -13,7 +13,7 @@ if [ $? -ne 0 ]; then fi IFS=$'\n' -agent_policies=$(elastic_fleet_agent_policy_names) +agent_policies=$(elastic_fleet_agent_policy_ids) if [ $? -ne 0 ]; then echo "Error: Failed to retrieve agent policies." exit 1 From e2da31c2b708b0181e9ea0b0b6a082c9d345b000 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 9 Oct 2024 14:15:43 -0400 Subject: [PATCH 3/5] Update soup --- salt/manager/tools/sbin/soup | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup index 091e471d41..5e3deff152 100755 --- a/salt/manager/tools/sbin/soup +++ b/salt/manager/tools/sbin/soup @@ -402,6 +402,7 @@ preupgrade_changes() { [[ "$INSTALLEDVERSION" == 2.4.70 ]] && up_to_2.4.80 [[ "$INSTALLEDVERSION" == 2.4.80 ]] && up_to_2.4.90 [[ "$INSTALLEDVERSION" == 2.4.90 ]] && up_to_2.4.100 + [[ "$INSTALLEDVERSION" == 2.4.100 ]] && up_to_2.4.110 true } @@ -422,6 +423,7 @@ postupgrade_changes() { [[ "$POSTVERSION" == 2.4.70 ]] && post_to_2.4.80 [[ "$POSTVERSION" == 2.4.80 ]] && post_to_2.4.90 [[ "$POSTVERSION" == 2.4.90 ]] && post_to_2.4.100 + [[ "$POSTVERSION" == 2.4.100 ]] && post_to_2.4.110 true } @@ -509,6 +511,11 @@ post_to_2.4.100() { POSTVERSION=2.4.100 } +post_to_2.4.110() { + echo "Nothing to apply" + POSTVERSION=2.4.110 +} + repo_sync() { echo "Sync the local repo." su socore -c '/usr/sbin/so-repo-sync' || fail "Unable to complete so-repo-sync." @@ -691,6 +698,11 @@ up_to_2.4.100() { determine_elastic_agent_upgrade INSTALLEDVERSION=2.4.100 } +up_to_2.4.110() { + echo "Nothing to do for 2.4.110" + + INSTALLEDVERSION=2.4.110 +} add_detection_test_pillars() { if [[ -n "$SOUP_INTERNAL_TESTING" ]]; then From 787336725c0616b5142fc6099b4290966f586ef8 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 10 Oct 2024 06:25:59 -0400 Subject: [PATCH 4/5] 2.4.110 hotfix --- HOTFIX | 1 + 1 file changed, 1 insertion(+) diff --git a/HOTFIX b/HOTFIX index e69de29bb2..7f0f80c643 100644 --- a/HOTFIX +++ b/HOTFIX @@ -0,0 +1 @@ +20241010 From 404f9a4eb3be4d06f810a99be5eca37618744715 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 10 Oct 2024 10:37:12 -0400 Subject: [PATCH 5/5] 2.4.110 Hotfix --- DOWNLOAD_AND_VERIFY_ISO.md | 22 ++++++++++---------- sigs/securityonion-2.4.110-20241010.iso.sig | Bin 0 -> 566 bytes 2 files changed, 11 insertions(+), 11 deletions(-) create mode 100644 sigs/securityonion-2.4.110-20241010.iso.sig diff --git a/DOWNLOAD_AND_VERIFY_ISO.md b/DOWNLOAD_AND_VERIFY_ISO.md index bb4dfd6728..18a38a91c2 100644 --- a/DOWNLOAD_AND_VERIFY_ISO.md +++ b/DOWNLOAD_AND_VERIFY_ISO.md @@ -1,17 +1,17 @@ -### 2.4.110-20241004 ISO image released on 2024/10/07 +### 2.4.110-20241010 ISO image released on 2024/10/10 ### Download and Verify -2.4.110-20241004 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241004.iso +2.4.110-20241010 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241010.iso -MD5: 1641E4AFD65DB1C218BFAD22E33909C6 -SHA1: 131E1115F7CA76302F72625CD80A212B91608114 -SHA256: 8598EB03E52B332EF5445520445AD205C68A99BC030F8497F6EBDE1249B8B576 +MD5: A8003DEBC4510D538F06238D9DBB86C0 +SHA1: 441DE90A192C8FE8BEBAB9ACE1A3CC18F71A2B1F +SHA256: B087A0D12FC2CA3CCD02BD52E52421F4F60DC09BF826337A057E05A04D114CCE Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241004.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241010.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS @@ -25,22 +25,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2. Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241004.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241010.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241004.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241010.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.4.110-20241004.iso.sig securityonion-2.4.110-20241004.iso +gpg --verify securityonion-2.4.110-20241010.iso.sig securityonion-2.4.110-20241010.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Sat 05 Oct 2024 09:31:57 AM EDT using RSA key ID FE507013 +gpg: Signature made Thu 10 Oct 2024 07:05:30 AM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/sigs/securityonion-2.4.110-20241010.iso.sig b/sigs/securityonion-2.4.110-20241010.iso.sig new file mode 100644 index 0000000000000000000000000000000000000000..90849a7b68afe29d504e56b29870860d6f9d77ee GIT binary patch literal 566 zcmV-60?GY}0y6{v0SEvc79j-41gSkXz6^6dp_W8^5Ma0dP;e6k0%r%b`TzV@U5+K}={y6*!?hr$z^nk87TJ4t@3mNI92_L5`?A{~nVnLX(j z`J`G)Zw|U2QckI`J{*LBa*$2NokO9Jaie4mLDi7keu|Qm$oc($9B%W2g~RsV-P?Y& zn5hJs-Q8@5=UC4v)Df|qQb|sm%<57z80titJ|6^*0EbeSny^o1HqilJUb?KrPQ-{K zPxW^)XeY=vD26+E>`FQX`WJ<|!H4s)MoLn$IKV^%^oI77nsH0|tKiIUft66#@ zhgIFcg)Y@?`c42F+qVEfp>62H(7ESy+8R?VZBS>p#@*V?(|8XIGRiOP#>a@7i1T-} z+1Tn7E5f@Ib!^xQbweVO?JR?zWtq!=nd|4&+*+wt71 z&VKYzXAgLKGwmrH09Mvm5MvU1e_PuODW(2_2#GL)g*$Ud#kz}Uo{DW;^jCYa)L!T9 z_im^`*MlW*eh8_uD}BlYD;!rAw)g1iO(M+N4pW)KOV literal 0 HcmV?d00001