From 4f6ead79643dc13a9a59883bc34c5808d810bb2e Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 16 Dec 2024 09:49:04 -0500 Subject: [PATCH 1/4] update release notes for 2.4.111 --- release-notes.rst | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/release-notes.rst b/release-notes.rst index 0b9d2e06..0224e1ee 100644 --- a/release-notes.rst +++ b/release-notes.rst @@ -6,6 +6,18 @@ Release Notes Known Issues ~~~~~~~~~~~~ +Salt Repo Location Changed +-------------------------- + +Salt is an external project used by Security Onion. After 2.4.100 was released the maintainers of Salt changed the package repository URL, which prevents Security Onion from installing on unsupported operating systems. + +While we are looking to update Security Onion to use the new URL in the next major release of Security Onion, this issue persists with the 2.4.111 patch. We recommend only installing Security Onion on the supported operating system, and suggest using the ISO image to avoid network installation complications. + +However, if you choose to continue installing on an unsupport operating system you can look into applying the fix manually, as shown in this [PR](https://github.com/Security-Onion-Solutions/securityonion/pull/13900): https://github.com/Security-Onion-Solutions/securityonion/pull/13900. + + +IP Address Data Type Conflict +----------------------------- If you had previously updated to version 2.4.100 and had indices with conflicting data types for fields like source IP address, then you may need to delete affected indices. Field conflicts typically occur when a field is indexed using a different set of mappings than other indices. This can occur if a component template or index template changes and a data stream rolls over to create a new backing index, causing issues with field value aggregation and data tables not being rendered as expected. Field conflicts can be identified by navigating to ``Kibana -> Management -> Data Views -> logs-*``. They are typically noted via a yellow banner on the data view page, or they can be found by filtering by a field type of ``conflict``. For each affected field, clicking the yellow ``Conflict`` icon in the ``Type`` column will display the conflicting field types and indices. @@ -44,6 +56,14 @@ Then, delete the previous index for each of the affected data streams: Finally, check the ``logs-*`` data view to see if the field conflict is now resloved. +Release History +~~~~~~~~~~~~~~~ + +2.4.111 Patch [20241217] Changes +-------------------------------- + +- UPGRADE: Suricata 7.0.8 `#14024 `_ + 2.4.110 Hotfix [20241010] Changes --------------------------------- From 7d2dd18f610060f6a2e871f98d4bd03c9efbb146 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 16 Dec 2024 09:52:17 -0500 Subject: [PATCH 2/4] update release notes for 2.4.111 --- release-notes.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/release-notes.rst b/release-notes.rst index 0224e1ee..9615ddc2 100644 --- a/release-notes.rst +++ b/release-notes.rst @@ -11,9 +11,9 @@ Salt Repo Location Changed Salt is an external project used by Security Onion. After 2.4.100 was released the maintainers of Salt changed the package repository URL, which prevents Security Onion from installing on unsupported operating systems. -While we are looking to update Security Onion to use the new URL in the next major release of Security Onion, this issue persists with the 2.4.111 patch. We recommend only installing Security Onion on the supported operating system, and suggest using the ISO image to avoid network installation complications. +While we are looking to update Security Onion to use the new URL in the next minor release of Security Onion, this issue persists with the 2.4.111 patch. We recommend installing Security Onion using the ISO image to avoid these network installation and unsupported operating system complications. -However, if you choose to continue installing on an unsupport operating system you can look into applying the fix manually, as shown in this [PR](https://github.com/Security-Onion-Solutions/securityonion/pull/13900): https://github.com/Security-Onion-Solutions/securityonion/pull/13900. +If you choose to continue installing via the network you can consider applying the fix manually, as shown in this [PR](https://github.com/Security-Onion-Solutions/securityonion/pull/13900): https://github.com/Security-Onion-Solutions/securityonion/pull/13900. IP Address Data Type Conflict From d1d433f553e3b5e9aec340ca5e4dc2070c3da9bb Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 16 Dec 2024 09:55:25 -0500 Subject: [PATCH 3/4] update release notes for 2.4.111 --- release-notes.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes.rst b/release-notes.rst index 9615ddc2..318608d2 100644 --- a/release-notes.rst +++ b/release-notes.rst @@ -13,7 +13,7 @@ Salt is an external project used by Security Onion. After 2.4.100 was released t While we are looking to update Security Onion to use the new URL in the next minor release of Security Onion, this issue persists with the 2.4.111 patch. We recommend installing Security Onion using the ISO image to avoid these network installation and unsupported operating system complications. -If you choose to continue installing via the network you can consider applying the fix manually, as shown in this [PR](https://github.com/Security-Onion-Solutions/securityonion/pull/13900): https://github.com/Security-Onion-Solutions/securityonion/pull/13900. +If you choose to continue installing on an unsupported operating system you can consider applying the fix manually, as shown in this [PR](https://github.com/Security-Onion-Solutions/securityonion/pull/13900): https://github.com/Security-Onion-Solutions/securityonion/pull/13900. IP Address Data Type Conflict From 9e7a021791dae32217560472596ebcf44f0b50c7 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 16 Dec 2024 15:41:34 -0500 Subject: [PATCH 4/4] remove markdown syntax --- release-notes.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes.rst b/release-notes.rst index 318608d2..c3e34ae2 100644 --- a/release-notes.rst +++ b/release-notes.rst @@ -13,7 +13,7 @@ Salt is an external project used by Security Onion. After 2.4.100 was released t While we are looking to update Security Onion to use the new URL in the next minor release of Security Onion, this issue persists with the 2.4.111 patch. We recommend installing Security Onion using the ISO image to avoid these network installation and unsupported operating system complications. -If you choose to continue installing on an unsupported operating system you can consider applying the fix manually, as shown in this [PR](https://github.com/Security-Onion-Solutions/securityonion/pull/13900): https://github.com/Security-Onion-Solutions/securityonion/pull/13900. +If you choose to continue installing on an unsupported operating system you can consider applying the fix manually, as shown in this PR: https://github.com/Security-Onion-Solutions/securityonion/pull/13900 IP Address Data Type Conflict