Merge pull request #966 from wazuh/18542-vdt-bookworm-support

Add Debian Bookworm to VDT default configuration

.env

@@ -1,3 +1,3 @@
-WAZUH_VERSION=4.5.0
-WAZUH_IMAGE_VERSION=4.5.0
+WAZUH_VERSION=4.6.0
+WAZUH_IMAGE_VERSION=4.6.0
 WAZUH_TAG_REVISION=1

.github/.goss.yaml

@@ -56,7 +56,7 @@ package:
   wazuh-manager:
     installed: true
     versions:
-    - 4.5.0-1
+    - 4.6.0-1
 port:
   tcp:1514:
     listening: true

CHANGELOG.md

@@ -1,6 +1,21 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## Wazuh Docker v4.6.0
+### Added
+
+- Update Wazuh to version [4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)
+
+## Wazuh Docker v4.5.2
+### Added
+
+- Update Wazuh to version [4.5.2](https://github.com/wazuh/wazuh/blob/v4.5.2/CHANGELOG.md#v452)
+
+## Wazuh Docker v4.5.1
+### Added
+
+- Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
+
 ## Wazuh Docker v4.5.0
 ### Added
 

README.md

@@ -195,6 +195,9 @@ WAZUH_MONITORING_REPLICAS=0         ##
 
 | Wazuh version | ODFE    | XPACK  |
 |---------------|---------|--------|
+| v4.6.0        |         |        |
+| v4.5.2        |         |        |
+| v4.5.1        |         |        |
 | v4.5.0        |         |        |
 | v4.4.5        |         |        |
 | v4.4.4        |         |        |

VERSION

@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="4.5.0"
-REVISION="40500"
+WAZUH-DOCKER_VERSION="4.6.0"
+REVISION="40600"

build-docker-images/build-images.sh

@@ -1,14 +1,8 @@
-WAZUH_IMAGE_VERSION=4.5.0
+WAZUH_IMAGE_VERSION=4.6.0
 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
 WAZUH_TAG_REVISION=1
 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
-
-## If wazuh manager exists in apt dev repository, change variables, if not, exit 1
-if [ "$WAZUH_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
-  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
-else
-  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
-fi
+IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
 
 echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
 echo WAZUH_IMAGE_VERSION=$IMAGE_VERSION >> .env

build-docker-images/wazuh-dashboard/config/config.sh

@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
 
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.5/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
+PACKAGES_URL=https://packages.wazuh.com/4.6/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.6/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

build-docker-images/wazuh-indexer/config/config.sh

@@ -53,8 +53,8 @@ tar -xf ${INDEXER_FILE}
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.5/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
+PACKAGES_URL=https://packages.wazuh.com/4.6/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.6/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

build-docker-images/wazuh-manager/Dockerfile

@@ -5,7 +5,7 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh
 
 ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
-ARG TEMPLATE_VERSION=4.5
+ARG TEMPLATE_VERSION=4.6
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"

indexer-certs-creator/config/entrypoint.sh

@@ -8,8 +8,8 @@
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.5/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
+PACKAGES_URL=https://packages.wazuh.com/4.6/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.6/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

multi-node/config/wazuh_cluster/wazuh_manager.conf

@@ -108,15 +108,16 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
+      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
-      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
+      <os>bookworm</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -127,6 +128,7 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
+      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -138,6 +140,18 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
@@ -150,6 +164,14 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
@@ -353,4 +375,4 @@
     <location>/var/log/dpkg.log</location>
   </localfile>
 
-</ossec_config>
+</ossec_config>

multi-node/config/wazuh_cluster/wazuh_worker.conf

@@ -108,15 +108,16 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
+      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
-      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
+      <os>bookworm</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -127,6 +128,7 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
+      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -138,12 +140,32 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Windows OS vulnerabilities -->
     <provider name="msu">
       <enabled>yes</enabled>
@@ -353,4 +375,4 @@
     <location>/var/log/dpkg.log</location>
   </localfile>
 
-</ossec_config>
+</ossec_config>

multi-node/docker-compose.yml

@@ -3,7 +3,7 @@ version: '3.7'
 
 services:
   wazuh.master:
-    image: wazuh/wazuh-manager:4.5.0
+    image: wazuh/wazuh-manager:4.6.0
     hostname: wazuh.master
     restart: always
     ulimits:
@@ -45,7 +45,7 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.worker:
-    image: wazuh/wazuh-manager:4.5.0
+    image: wazuh/wazuh-manager:4.6.0
     hostname: wazuh.worker
     restart: always
     ulimits:
@@ -81,7 +81,7 @@ services:
       - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh1.indexer:
-    image: wazuh/wazuh-indexer:4.5.0
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh1.indexer
     restart: always
     ports:
@@ -107,7 +107,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh2.indexer:
-    image: wazuh/wazuh-indexer:4.5.0
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh2.indexer
     restart: always
     environment:
@@ -129,7 +129,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh3.indexer:
-    image: wazuh/wazuh-indexer:4.5.0
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh3.indexer
     restart: always
     environment:
@@ -151,7 +151,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.5.0
+    image: wazuh/wazuh-dashboard:4.6.0
     hostname: wazuh.dashboard
     restart: always
     ports:

single-node/config/wazuh_cluster/wazuh_manager.conf

@@ -108,15 +108,16 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
+      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
-      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
+      <os>bookworm</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -127,6 +128,7 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
+      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -138,12 +140,32 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Windows OS vulnerabilities -->
     <provider name="msu">
       <enabled>yes</enabled>

single-node/docker-compose.yml

@@ -3,7 +3,7 @@ version: '3.7'
 
 services:
   wazuh.manager:
-    image: wazuh/wazuh-manager:4.5.0
+    image: wazuh/wazuh-manager:4.6.0
     hostname: wazuh.manager
     restart: always
     ulimits:
@@ -46,7 +46,7 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.indexer:
-    image: wazuh/wazuh-indexer:4.5.0
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh.indexer
     restart: always
     ports:
@@ -71,7 +71,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.5.0
+    image: wazuh/wazuh-dashboard:4.6.0
     hostname: wazuh.dashboard
     restart: always
     ports: