Merge pull request #842 from wazuh/bump-4-4-2

Bump `4.4` to `4.4.2`

.env

@@ -1,3 +1,3 @@
-WAZUH_VERSION=4.5.2
-WAZUH_IMAGE_VERSION=4.5.2
+WAZUH_VERSION=4.4.2
+WAZUH_IMAGE_VERSION=4.4.2
 WAZUH_TAG_REVISION=1

.github/.goss.yaml

@@ -56,7 +56,7 @@ package:
   wazuh-manager:
     installed: true
     versions:
-    - 4.5.2-1
+    - 4.4.2-1
 port:
   tcp:1514:
     listening: true

CHANGELOG.md

@@ -1,36 +1,6 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
-## Wazuh Docker v4.5.2
-### Added
-
-- Update Wazuh to version [4.5.2](https://github.com/wazuh/wazuh/blob/v4.5.2/CHANGELOG.md#v452)
-
-## Wazuh Docker v4.5.1
-### Added
-
-- Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
-
-## Wazuh Docker v4.5.0
-### Added
-
-- Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
-
-## Wazuh Docker v4.4.5
-### Added
-
-- Update Wazuh to version [4.4.5](https://github.com/wazuh/wazuh/blob/v4.4.5/CHANGELOG.md#v445)
-
-## Wazuh Docker v4.4.4
-### Added
-
-- Update Wazuh to version [4.4.4](https://github.com/wazuh/wazuh/blob/v4.4.4/CHANGELOG.md#v444)
-
-## Wazuh Docker v4.4.3
-### Added
-
-- Update Wazuh to version [4.4.3](https://github.com/wazuh/wazuh/blob/v4.4.3/CHANGELOG.md#v443)
-
 ## Wazuh Docker v4.4.2
 ### Added
 

README.md

@@ -195,12 +195,6 @@ WAZUH_MONITORING_REPLICAS=0         ##
 
 | Wazuh version | ODFE    | XPACK  |
 |---------------|---------|--------|
-| v4.5.2        |         |        |
-| v4.5.1        |         |        |
-| v4.5.0        |         |        |
-| v4.4.5        |         |        |
-| v4.4.4        |         |        |
-| v4.4.3        |         |        |
 | v4.4.2        |         |        |
 | v4.4.1        |         |        |
 | v4.4.0        |         |        |

VERSION

@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="4.5.2"
-REVISION="40505"
+WAZUH-DOCKER_VERSION="4.4.2"
+REVISION="40408"

build-docker-images/build-images.sh

@@ -1,8 +1,14 @@
-WAZUH_IMAGE_VERSION=4.5.2
+WAZUH_IMAGE_VERSION=4.4.2
 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
 WAZUH_TAG_REVISION=1
 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
-IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
+
+## If wazuh manager exists in apt dev repository, change variables, if not, exit 1
+if [ "$WAZUH_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
+  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
+else
+  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
+fi
 
 echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
 echo WAZUH_IMAGE_VERSION=$IMAGE_VERSION >> .env

build-docker-images/wazuh-dashboard/config/config.sh

@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
 
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.5/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
+PACKAGES_URL=https://packages.wazuh.com/4.4/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

build-docker-images/wazuh-indexer/config/config.sh

@@ -53,8 +53,8 @@ tar -xf ${INDEXER_FILE}
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.5/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
+PACKAGES_URL=https://packages.wazuh.com/4.4/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

build-docker-images/wazuh-manager/Dockerfile

@@ -5,7 +5,7 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh
 
 ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
-ARG TEMPLATE_VERSION=4.5
+ARG TEMPLATE_VERSION=4.4
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"

indexer-certs-creator/config/entrypoint.sh

@@ -8,8 +8,8 @@
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.5/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
+PACKAGES_URL=https://packages.wazuh.com/4.4/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
@@ -17,13 +17,13 @@ CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E
 
 ## If cert tool exists in some bucket, download it, if not exit 1
 if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
-  echo "The tool to create the certificates exists in the in Packages bucket"
+  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL
+  echo "Cert tool exists in Packages bucket"
 elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
-  echo "The tool to create the certificates exists in Packages-dev bucket"
+  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL
+  echo "Cert tool exists in Packages-dev bucket"
 else
-  echo "The tool to create the certificates does not exist in any bucket"
+  echo "Cert tool does not exist in any bucket"
   echo "ERROR: certificates were not created"
   exit 1
 fi
@@ -41,9 +41,9 @@ source /$CERT_TOOL -A
 nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' )
 node_names=($nodes_server)
 
-echo "Moving created certificates to the destination directory"
+echo "Moving created certificates to destination directory"
 cp /wazuh-certificates/* /certificates/
-echo "Changing certificate permissions"
+echo "changing certificate permissions"
 chmod -R 500 /certificates
 chmod -R 400 /certificates/*
 echo "Setting UID indexer and dashboard"

multi-node/config/wazuh_cluster/wazuh_manager.conf

@@ -108,13 +108,13 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
-      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
+      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
       <update_interval>1h</update_interval>
@@ -127,7 +127,6 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
-      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -139,18 +138,6 @@
       <update_interval>1h</update_interval>
     </provider>
 
-    <!-- SUSE Linux Enterprise OS vulnerabilities -->
-    <provider name="suse">
-      <enabled>no</enabled>
-      <os>11-server</os>
-      <os>11-desktop</os>
-      <os>12-server</os>
-      <os>12-desktop</os>
-      <os>15-server</os>
-      <os>15-desktop</os>
-      <update_interval>1h</update_interval>
-    </provider>
-
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
@@ -166,6 +153,7 @@
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
+      <update_from_year>2010</update_from_year>
       <update_interval>1h</update_interval>
     </provider>
 

multi-node/config/wazuh_cluster/wazuh_worker.conf

@@ -108,13 +108,13 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
-      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
+      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
       <update_interval>1h</update_interval>
@@ -127,7 +127,6 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
-      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -139,18 +138,6 @@
       <update_interval>1h</update_interval>
     </provider>
 
-    <!-- SUSE Linux Enterprise OS vulnerabilities -->
-    <provider name="suse">
-      <enabled>no</enabled>
-      <os>11-server</os>
-      <os>11-desktop</os>
-      <os>12-server</os>
-      <os>12-desktop</os>
-      <os>15-server</os>
-      <os>15-desktop</os>
-      <update_interval>1h</update_interval>
-    </provider>
-
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
@@ -166,6 +153,7 @@
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
+      <update_from_year>2010</update_from_year>
       <update_interval>1h</update_interval>
     </provider>
 

multi-node/docker-compose.yml

@@ -3,16 +3,9 @@ version: '3.7'
 
 services:
   wazuh.master:
-    image: wazuh/wazuh-manager:4.5.2
+    image: wazuh/wazuh-manager:4.4.2
     hostname: wazuh.master
     restart: always
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 655360
-        hard: 655360
     ports:
       - "1515:1515"
       - "514:514/udp"
@@ -45,16 +38,9 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.worker:
-    image: wazuh/wazuh-manager:4.5.2
+    image: wazuh/wazuh-manager:4.4.2
     hostname: wazuh.worker
     restart: always
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 655360
-        hard: 655360
     environment:
       - INDEXER_URL=https://wazuh1.indexer:9200
       - INDEXER_USERNAME=admin
@@ -81,7 +67,7 @@ services:
       - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh1.indexer:
-    image: wazuh/wazuh-indexer:4.5.2
+    image: wazuh/wazuh-indexer:4.4.2
     hostname: wazuh1.indexer
     restart: always
     ports:
@@ -107,7 +93,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh2.indexer:
-    image: wazuh/wazuh-indexer:4.5.2
+    image: wazuh/wazuh-indexer:4.4.2
     hostname: wazuh2.indexer
     restart: always
     environment:
@@ -129,7 +115,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh3.indexer:
-    image: wazuh/wazuh-indexer:4.5.2
+    image: wazuh/wazuh-indexer:4.4.2
     hostname: wazuh3.indexer
     restart: always
     environment:
@@ -151,7 +137,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.5.2
+    image: wazuh/wazuh-dashboard:4.4.2
     hostname: wazuh.dashboard
     restart: always
     ports:

single-node/config/wazuh_cluster/wazuh_manager.conf

@@ -108,13 +108,13 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
-      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
+      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
       <update_interval>1h</update_interval>
@@ -127,7 +127,6 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
-      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -139,18 +138,6 @@
       <update_interval>1h</update_interval>
     </provider>
 
-    <!-- SUSE Linux Enterprise OS vulnerabilities -->
-    <provider name="suse">
-      <enabled>no</enabled>
-      <os>11-server</os>
-      <os>11-desktop</os>
-      <os>12-server</os>
-      <os>12-desktop</os>
-      <os>15-server</os>
-      <os>15-desktop</os>
-      <update_interval>1h</update_interval>
-    </provider>
-
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
@@ -166,6 +153,7 @@
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
+      <update_from_year>2010</update_from_year>
       <update_interval>1h</update_interval>
     </provider>
 

single-node/docker-compose.yml

@@ -3,16 +3,9 @@ version: '3.7'
 
 services:
   wazuh.manager:
-    image: wazuh/wazuh-manager:4.5.2
+    image: wazuh/wazuh-manager:4.4.2
     hostname: wazuh.manager
     restart: always
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 655360
-        hard: 655360
     ports:
       - "1514:1514"
       - "1515:1515"
@@ -46,7 +39,7 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.indexer:
-    image: wazuh/wazuh-indexer:4.5.2
+    image: wazuh/wazuh-indexer:4.4.2
     hostname: wazuh.indexer
     restart: always
     ports:
@@ -71,7 +64,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.5.2
+    image: wazuh/wazuh-dashboard:4.4.2
     hostname: wazuh.dashboard
     restart: always
     ports: