SaltStack released an update today:
https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/
Security Onion currently uses SaltStack 3004.1. However, we don't use PAM authentication from within Salt so this security issue should not affect our installations.
We do have plans to update to Salt 3004.2 in the upcoming 2.3.140 release:
https://github.com/Security-Onion-Solutions/securityonion/issues/8166
We recently released Security Onion 2.3.110 and a couple of hotfixes:
https://blog.securityonion.net/2022/03/security-onion-23110-now-available.html
https://blog.securityonion.net/2022/04/security-onion-23110-20220401-hotfix.html
https://blog.securityonion.net/2022/04/security-onion-23110-20220405-hotfix.html
Today, we are releasing a third hotfix:
https://docs.securityonion.net/en/2.3/release-notes.html#hotfix-20220407-changes
If you haven't updated recently, then you should review all links above so that you are aware of all recent changes.
If you had a previous failed soup please ensure that the salt-master service is running before you run soup again.
New Installations
If you want to perform a new installation, please review the documentation and then you can find instructions here:
https://docs.securityonion.net/en/2.3/download.html
Existing 2.3 Installations
If you have an existing 2.3 installation that you want to update, please see:
https://docs.securityonion.net/en/2.3/soup.html
Security Onion 16.04
If you are still running Security Onion 16.04, please note that it is past End Of Life. Please take this opportunity to upgrade to Security Onion 2:
https://docs.securityonion.net/en/2.3/appendix.html
Questions or Problems
If you have questions or problems, please see our community support forum guidelines:
https://docs.securityonion.net/en/2.3/community-support.html
You can then find the community support forum at:
https://securityonion.net/discuss
We recently released Security Onion 2.3.110:
https://blog.securityonion.net/2022/03/security-onion-23110-now-available.html
Today, we are releasing a hotfix to update to SaltStack version 3004.1:
https://docs.securityonion.net/en/2.3/release-notes.html#hotfix-20220401-changes
If you haven't updated recently, then you should review all links above so that you are aware of all recent changes.
New Installations
If you want to perform a new installation, please review the documentation and then you can find instructions here:
https://docs.securityonion.net/en/2.3/download.html
Existing 2.3 Installations
If you have an existing 2.3 installation that you want to update, please see:
https://docs.securityonion.net/en/2.3/soup.html
Security Onion 16.04
If you are still running Security Onion 16.04, please note that it is past End Of Life. Please take this opportunity to upgrade to Security Onion 2:
https://docs.securityonion.net/en/2.3/appendix.html
Questions or Problems
If you have questions or problems, please see our community support forum guidelines:
https://docs.securityonion.net/en/2.3/community-support.html
You can then find the community support forum at:
https://securityonion.net/discuss
SaltStack has released version 3004.1:
https://docs.saltproject.io/en/latest/topics/releases/3004.1.html
SaltStack also removed version 3004 which is causing new installations of Security Onion to fail on Ubuntu. For CentOS, we host our own packages so those installations are still working properly.
We are working on a Security Onion hotfix to include SaltStack version 3004.1. We hope to release this hotfix next week.
UPDATE 2022/04/04
We've released our hotfix:
https://blog.securityonion.net/2022/04/security-onion-23110-20220401-hotfix.html
