Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update release notes for 2.4.111 #124

Merged
merged 4 commits into from
Dec 18, 2024
Merged

update release notes for 2.4.111 #124

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4f6ead7
update release notes for 2.4.111
jertel Dec 16, 2024
7d2dd18
update release notes for 2.4.111
jertel Dec 16, 2024
d1d433f
update release notes for 2.4.111
jertel Dec 16, 2024
9e7a021
remove markdown syntax
jertel Dec 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions release-notes.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,18 @@ Release Notes
Known Issues
~~~~~~~~~~~~

Salt Repo Location Changed
--------------------------

Salt is an external project used by Security Onion. After 2.4.100 was released the maintainers of Salt changed the package repository URL, which prevents Security Onion from installing on unsupported operating systems.

While we are looking to update Security Onion to use the new URL in the next minor release of Security Onion, this issue persists with the 2.4.111 patch. We recommend installing Security Onion using the ISO image to avoid these network installation and unsupported operating system complications.

If you choose to continue installing on an unsupported operating system you can consider applying the fix manually, as shown in this PR: https://github.com/Security-Onion-Solutions/securityonion/pull/13900


IP Address Data Type Conflict
-----------------------------
If you had previously updated to version 2.4.100 and had indices with conflicting data types for fields like source IP address, then you may need to delete affected indices. Field conflicts typically occur when a field is indexed using a different set of mappings than other indices. This can occur if a component template or index template changes and a data stream rolls over to create a new backing index, causing issues with field value aggregation and data tables not being rendered as expected.

Field conflicts can be identified by navigating to ``Kibana -> Management -> Data Views -> logs-*``. They are typically noted via a yellow banner on the data view page, or they can be found by filtering by a field type of ``conflict``. For each affected field, clicking the yellow ``Conflict`` icon in the ``Type`` column will display the conflicting field types and indices.
Expand Down Expand Up @@ -44,6 +56,14 @@ Then, delete the previous index for each of the affected data streams:

Finally, check the ``logs-*`` data view to see if the field conflict is now resloved.

Release History
~~~~~~~~~~~~~~~

2.4.111 Patch [20241217] Changes
--------------------------------

- UPGRADE: Suricata 7.0.8 `#14024 <https://github.com/Security-Onion-Solutions/securityonion/issues/14024>`_

2.4.110 Hotfix [20241010] Changes
---------------------------------

Expand Down
Loading