Merge pull request #966 from wazuh/18542-vdt-bookworm-support

Add Debian Bookworm to VDT default configuration
Add Debian Bookworm VDT support
2025-11-03 05:23:14 +00:00 · 2023-08-25 13:17:17 -03:00 · 2023-08-25 12:24:01 -03:00 · 2023-08-24 13:10:01 -03:00 · 2023-08-24 12:45:02 -03:00 · 2023-08-24 12:31:06 -03:00
9 changed files with 112 additions and 22 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,16 @@ All notable changes to this project will be documented in this file.

 - Update Wazuh to version [4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)

+## Wazuh Docker v4.5.2
+### Added
+
+- Update Wazuh to version [4.5.2](https://github.com/wazuh/wazuh/blob/v4.5.2/CHANGELOG.md#v452)
+
+## Wazuh Docker v4.5.1
+### Added
+
+- Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
+
 ## Wazuh Docker v4.5.0
 ### Added

--- a/README.md
+++ b/README.md
@@ -196,6 +196,8 @@ WAZUH_MONITORING_REPLICAS=0         ##
 | Wazuh version | ODFE    | XPACK  |
 |---------------|---------|--------|
 | v4.6.0        |         |        |
+| v4.5.2        |         |        |
+| v4.5.1        |         |        |
 | v4.5.0        |         |        |
 | v4.4.5        |         |        |
 | v4.4.4        |         |        |
--- a/build-docker-images/build-images.sh
+++ b/build-docker-images/build-images.sh
@@ -2,13 +2,7 @@ WAZUH_IMAGE_VERSION=4.6.0
 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
 WAZUH_TAG_REVISION=1
 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
-
-## If wazuh manager exists in apt dev repository, change variables, if not, exit 1
-if [ "$WAZUH_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
-  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
-else
-  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
-fi
+IMAGE_VERSION=${WAZUH_IMAGE_VERSION}

 echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
 echo WAZUH_IMAGE_VERSION=$IMAGE_VERSION >> .env
--- a/indexer-certs-creator/config/entrypoint.sh
+++ b/indexer-certs-creator/config/entrypoint.sh
@@ -17,13 +17,13 @@ CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E

 ## If cert tool exists in some bucket, download it, if not exit 1
 if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL
-  echo "Cert tool exists in Packages bucket"
+  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
+  echo "The tool to create the certificates exists in the in Packages bucket"
 elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL
-  echo "Cert tool exists in Packages-dev bucket"
+  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
+  echo "The tool to create the certificates exists in Packages-dev bucket"
 else
-  echo "Cert tool does not exist in any bucket"
+  echo "The tool to create the certificates does not exist in any bucket"
  echo "ERROR: certificates were not created"
  exit 1
 fi
@@ -41,9 +41,9 @@ source /$CERT_TOOL -A
 nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' )
 node_names=($nodes_server)

-echo "Moving created certificates to destination directory"
+echo "Moving created certificates to the destination directory"
 cp /wazuh-certificates/* /certificates/
-echo "changing certificate permissions"
+echo "Changing certificate permissions"
 chmod -R 500 /certificates
 chmod -R 400 /certificates/*
 echo "Setting UID indexer and dashboard"
--- a/multi-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf
@@ -108,15 +108,16 @@
      <os>xenial</os>
      <os>bionic</os>
      <os>focal</os>
+      <os>jammy</os>
      <update_interval>1h</update_interval>
    </provider>

    <!-- Debian OS vulnerabilities -->
    <provider name="debian">
      <enabled>no</enabled>
-      <os>stretch</os>
      <os>buster</os>
      <os>bullseye</os>
+      <os>bookworm</os>
      <update_interval>1h</update_interval>
    </provider>

@@ -127,6 +128,7 @@
      <os>6</os>
      <os>7</os>
      <os>8</os>
+      <os>9</os>
      <update_interval>1h</update_interval>
    </provider>

@@ -138,6 +140,18 @@
      <update_interval>1h</update_interval>
    </provider>

+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
    <!-- Arch OS vulnerabilities -->
    <provider name="arch">
      <enabled>no</enabled>
@@ -150,10 +164,17 @@
      <update_interval>1h</update_interval>
    </provider>

+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
    <!-- Aggregate vulnerabilities -->
    <provider name="nvd">
      <enabled>yes</enabled>
-      <update_from_year>2010</update_from_year>
      <update_interval>1h</update_interval>
    </provider>

@@ -354,4 +375,4 @@
    <location>/var/log/dpkg.log</location>
  </localfile>

-</ossec_config>
+</ossec_config>
--- a/multi-node/config/wazuh_cluster/wazuh_worker.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf
@@ -108,15 +108,16 @@
      <os>xenial</os>
      <os>bionic</os>
      <os>focal</os>
+      <os>jammy</os>
      <update_interval>1h</update_interval>
    </provider>

    <!-- Debian OS vulnerabilities -->
    <provider name="debian">
      <enabled>no</enabled>
-      <os>stretch</os>
      <os>buster</os>
      <os>bullseye</os>
+      <os>bookworm</os>
      <update_interval>1h</update_interval>
    </provider>

@@ -127,6 +128,7 @@
      <os>6</os>
      <os>7</os>
      <os>8</os>
+      <os>9</os>
      <update_interval>1h</update_interval>
    </provider>

@@ -138,12 +140,32 @@
      <update_interval>1h</update_interval>
    </provider>

+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
    <!-- Arch OS vulnerabilities -->
    <provider name="arch">
      <enabled>no</enabled>
      <update_interval>1h</update_interval>
    </provider>

+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
    <!-- Windows OS vulnerabilities -->
    <provider name="msu">
      <enabled>yes</enabled>
@@ -153,7 +175,6 @@
    <!-- Aggregate vulnerabilities -->
    <provider name="nvd">
      <enabled>yes</enabled>
-      <update_from_year>2010</update_from_year>
      <update_interval>1h</update_interval>
    </provider>

@@ -354,4 +375,4 @@
    <location>/var/log/dpkg.log</location>
  </localfile>

-</ossec_config>
+</ossec_config>
--- a/multi-node/docker-compose.yml
+++ b/multi-node/docker-compose.yml
@@ -6,6 +6,13 @@ services:
    image: wazuh/wazuh-manager:4.6.0
    hostname: wazuh.master
    restart: always
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 655360
+        hard: 655360
    ports:
      - "1515:1515"
      - "514:514/udp"
@@ -41,6 +48,13 @@ services:
    image: wazuh/wazuh-manager:4.6.0
    hostname: wazuh.worker
    restart: always
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 655360
+        hard: 655360
    environment:
      - INDEXER_URL=https://wazuh1.indexer:9200
      - INDEXER_USERNAME=admin
--- a/single-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/single-node/config/wazuh_cluster/wazuh_manager.conf
@@ -108,15 +108,16 @@
      <os>xenial</os>
      <os>bionic</os>
      <os>focal</os>
+      <os>jammy</os>
      <update_interval>1h</update_interval>
    </provider>

    <!-- Debian OS vulnerabilities -->
    <provider name="debian">
      <enabled>no</enabled>
-      <os>stretch</os>
      <os>buster</os>
      <os>bullseye</os>
+      <os>bookworm</os>
      <update_interval>1h</update_interval>
    </provider>

@@ -127,6 +128,7 @@
      <os>6</os>
      <os>7</os>
      <os>8</os>
+      <os>9</os>
      <update_interval>1h</update_interval>
    </provider>

@@ -138,12 +140,32 @@
      <update_interval>1h</update_interval>
    </provider>

+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
    <!-- Arch OS vulnerabilities -->
    <provider name="arch">
      <enabled>no</enabled>
      <update_interval>1h</update_interval>
    </provider>

+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
    <!-- Windows OS vulnerabilities -->
    <provider name="msu">
      <enabled>yes</enabled>
@@ -153,7 +175,6 @@
    <!-- Aggregate vulnerabilities -->
    <provider name="nvd">
      <enabled>yes</enabled>
-      <update_from_year>2010</update_from_year>
      <update_interval>1h</update_interval>
    </provider>

--- a/single-node/docker-compose.yml
+++ b/single-node/docker-compose.yml
@@ -6,6 +6,13 @@ services:
    image: wazuh/wazuh-manager:4.6.0
    hostname: wazuh.manager
    restart: always
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 655360
+        hard: 655360
    ports:
      - "1514:1514"
      - "1515:1515"
Author	SHA1	Message	Date
Gonzalo Acuña	b377a0f6eb	Merge pull request #966 from wazuh/18542-vdt-bookworm-support Add Debian Bookworm to VDT default configuration	2023-08-25 13:17:17 -03:00
Mateo Cervilla	44e9bebed0	Add Debian Bookworm VDT support	2023-08-25 12:24:01 -03:00
Gonzalo Acuña	760fc8ccbf	Merge pull request #961 from wazuh/merge-4.5.2-into-4.6.0 Merge 4.5.2 into 4.6.0	2023-08-24 13:10:01 -03:00
vcerenu	44303d3701	resolving conflicts	2023-08-24 12:45:02 -03:00
Gonzalo Acuña	c0d97893a4	Merge pull request #960 from wazuh/merge-4.5.1-into-4.5.2 Merge 4.5.1 into 4.5.2	2023-08-24 12:31:06 -03:00
vcerenu	0826f2c176	change revision	2023-08-24 12:23:15 -03:00
vcerenu	d531b8dd72	Resolving conflicts	2023-08-24 12:06:35 -03:00
Gonzalo Acuña	41267d4ddf	Merge pull request #946 from wazuh/944-bump-revision-2 Revision update	2023-08-17 12:20:42 -03:00
Gonzalo Acuña	67f34fb8fe	Revision update	2023-08-17 12:17:12 -03:00
Gonzalo Acuña	865f7625f4	Merge pull request #945 from wazuh/944-bump-revision Revision update	2023-08-17 09:02:13 -03:00
Gonzalo Acuña	c56952eaa0	Revision update	2023-08-17 08:56:16 -03:00
Gonzalo Acuña	cb7d8785c6	Merge pull request #930 from wazuh/926-update-the-vulnerability-detector-default-configuration-block-with-missing-providers Update the vulnerability detector default configuration block with missing providers	2023-08-14 15:19:54 -03:00
vcerenu	f1001c2f25	add jammy version into VD	2023-08-11 15:45:26 -03:00
David Correa Rodríguez	6c91bac96d	Merge pull request #936 from wazuh/merge-4.5.2-into-4.6.0 Merge `4.5.2` into `4.6.0`	2023-08-11 12:39:39 +02:00
David Correa Rodríguez	216b5a6818	Merge pull request #935 from wazuh/merge-4.5.1-into-4.5.2 Merge `4.5.1` into `4.5.2`	2023-08-11 12:25:04 +02:00
David Correa Rodríguez	e19fa14013	Merge pull request #934 from wazuh/merge-4.5-into-4.5.1 Merge `4.5` into `4.5.1`	2023-08-11 11:58:49 +02:00
vcerenu	57c7eaa5af	remove stretch and add rhel 9 into VD	2023-08-10 16:46:21 -03:00
vcerenu	fbe073612c	add suse vd options	2023-08-10 09:19:59 -03:00
Gonzalo Acuña	1dec665a97	Merge pull request #925 from wazuh/10774-alma-support Updating vulnerability detector default configuration with AlmaLinux support	2023-08-09 09:46:28 -03:00
pereyra-m	757e5dbf05	Updating ossec.conf file with the AlmaLinux support in the vulnerability detector section	2023-08-07 17:32:03 -03:00
Gonzalo Acuña	32b1d88e36	Merge pull request #919 from wazuh/917-fix-conditional-block-in-build-imagesh-script Fixed conditional block in images building	2023-08-03 10:02:24 -03:00
David Correa Rodríguez	94be842afc	Restored `IMAGE_VERSION` variable	2023-08-03 11:51:01 +02:00
David Correa Rodríguez	d20bbe247c	Fixed conditional block in images building	2023-08-03 11:45:56 +02:00
Gonzalo Acuña	e01d39e138	Merge pull request #915 from wazuh/911-typos-in-the-script Typos in the script in charge of create Wazuh indexer's certificates	2023-08-01 13:50:24 -03:00
vcerenu	1eeca6267b	fix typos in cert generator image	2023-08-01 13:07:04 -03:00
Gonzalo Acuña	d755ffbac8	Merge pull request #914 from wazuh/6282-add-notes-about Modify ulimit	2023-08-01 12:01:13 -03:00
vcerenu	221c3ccd24	add ulimit parameter to wazuh manager deploy	2023-07-31 13:19:13 -03:00
vcerenu	1ff589ccaf	add ulimit parameter to wazuh manager deploy	2023-07-31 13:16:15 -03:00
Victor Ereñú	d4c98491fc	Merge pull request #910 from wazuh/909-deprecate-update_from_year-to-use-nvd-api-20-feeds Delete update_from_year parameter	2023-07-26 13:55:52 -03:00
vcerenu	673c28b637	delete update_from_year parameter	2023-07-26 13:40:54 -03:00
Gonzalo Acuña	3953986652	Merge pull request #898 from wazuh/merge-4.5.2-into-4.6.0 Merge `4.5.2` into `4.6.0`	2023-07-21 08:27:24 -03:00
Gonzalo Acuña	f2dab81387	Merge branch '4.6.0' into merge-4.5.2-into-4.6.0	2023-07-21 08:15:57 -03:00
Gonzalo Acuña	da82008a75	Merge pull request #894 from wazuh/bump-4.5.2 Bump to 4.5.2	2023-07-19 08:55:24 -03:00
vcerenu	54975ab099	Bump to 4.5.2	2023-07-19 08:43:17 -03:00
Carlos Bordon	b27d991f0c	Merge pull request #886 from wazuh/merge-4.5.1-into-4.6.0 Merge 4.5.1 into 4.6.0	2023-07-11 12:04:34 -03:00
vcerenu	4d0aa57ed2	resolving merge conflicts	2023-07-11 11:49:32 -03:00
Carlos Bordon	1a75d4eb77	Merge pull request #885 from wazuh/merge-4.5.0-into-4.5.1 Merge 4.5.0 into 4.5.1	2023-07-11 11:34:52 -03:00
vcerenu	247555b1b6	resolving merge conflicts	2023-07-11 11:21:00 -03:00
Carlos Bordon	442d457933	Merge pull request #884 from wazuh/merge-4.4-into-4.5.0 Merge 4.4 into 4.5.0	2023-07-11 10:42:52 -03:00
vcerenu	0f65448718	resolving merge conflicts	2023-07-11 09:41:16 -03:00
Victor Ereñú	a9533264d6	Merge pull request #883 from wazuh/merge-4.4.5-into-4.4 Merge 4.4.5 into 4.4	2023-07-11 09:26:12 -03:00
Carlos Bordon	ce8dd29425	Merge pull request #879 from wazuh/4.4.5-bump-revision Bump revision	2023-07-10 09:00:24 -03:00
vcerenu	a433989865	bump revision	2023-07-10 08:42:14 -03:00
Gonzalo Acuña	ff1e5f991a	Merge pull request #878 from wazuh/bump-4.4.5 Bump to 4.4.5	2023-07-07 08:48:54 -03:00
Gonzalo Acuña	55ee49aff5	Bumped to 4.4.5	2023-07-07 08:39:57 -03:00
Gonzalo Acuña	75f92308a1	Merge pull request #877 from wazuh/merge-4.4.4-into-4.4 Merge `4.4.4` into `4.4`	2023-07-07 08:32:11 -03:00
Victor Ereñú	61c37a78de	Merge pull request #874 from wazuh/bump-4-5-1 Bump version 4.5.1	2023-06-26 14:07:42 -03:00
vcerenu	39208c513c	bump version 4.5.1	2023-06-26 13:35:29 -03:00
vcerenu	3650feeb0e	bump version 4.5.0	2023-06-26 09:40:14 -03:00
Gonzalo Acuña	4e7c2cf72a	Revision bump	2023-06-12 09:38:35 -03:00