Version:

Version:

Version:

Version:


Table of Contents

Download PDF
Copy Link

FortiSOAR™ OS Update Process and Security Fixes

FortiSOAR™ OS Update Process

The FortiSOAR™ 7.0.2 Security Patch delivers updated OS packages for the 7.0.2 release. This document provides you with the information you need about how you can get these updates without the need to upgrade FortiSOAR™.

FortiSOAR™ OS update process includes the following:

FortiSOAR™ CentOS 7 update server

Whenever CentOS publishes an important OS update for CentOS, an announcement is made using the CentOS-announce mailing list. The FortiSOAR™ engineering team is subscribed to this mailing list. Once a new update is available, FortiSOAR™ Engineering first tests these updates on a FortiSOAR™ Virtual Appliance by performing vulnerability scan using Nessus™. If no reported vulnerabilities are seen sanity testing is done for stability and regression. After confirming that the update is safe, updates are pushed to the FortiSOAR™ CentOS 7 update server (update.cybersponse.com).

FortiSOAR™ OS updates

Before release, FortiSOAR™ is updated with the latest updates from the CentOS mirror servers. A FortiSOAR™ customer automatically receives an OS update when they upgrade to the latest FortiSOAR™.

If a customer needs to update CentOS 7 without upgrading the FortiSOAR™ product itself, they can do the following:

  1. Ensure that update.cybersponse.com is reachable from your VM.
    If you connect using a proxy, ensure that you set the proxy in the /etc/wgetrc, /etc/profile, and yum.conf files. This is required to download the OS updates file.
  2. SSH to your FortiSOAR™ 7.0.2 VM and log in as a root user.
  3. Download the OS update file (security-update-fortisoar-7.0.2.bin) for 7.0.2 by running the following command:
    # wget https://update.cybersponse.com/7.0.2/security-update-fortisoar-7.0.2.bin
    Note: If your instance can connect to update.cybersponse.com only using a proxy, then ensure that the proxy is set in the /etc/wgetrc file.
    For example:
    use_proxy=yes
    http_proxy=<proxy_server_ip:port>
    https_proxy=<proxy_server_ip:port>
  4. Run the security-update-fortisoar-7.0.2.bin file to apply the security patch on your 7.0.2 system:
    # sh security-update-fortisoar-7.0.2.bin
  5. Reboot your host post-upgrade, if directed by the script.
Note

From FortiSOAR™ 7.0.2 Security Patch 3 (SP3) release onwards, the CentOS and Epel package updates are also applicable to FortiSOAR™ Secure Message Exchange (SME), i.e., these updates are applicable to both FortiSOAR™ Enterprise and SME.

Security Fixes

The following security fixes are included with this security patch:

  • Fixed the log4j security vulnerability.
  • Updated the version of Elasticsearch to 7.17.0 for fixing the log4j security vulnerability.

FortiSOAR™ OS Update Process and Security Fixes

FortiSOAR™ OS Update Process

The FortiSOAR™ 7.0.2 Security Patch delivers updated OS packages for the 7.0.2 release. This document provides you with the information you need about how you can get these updates without the need to upgrade FortiSOAR™.

FortiSOAR™ OS update process includes the following:

FortiSOAR™ CentOS 7 update server

Whenever CentOS publishes an important OS update for CentOS, an announcement is made using the CentOS-announce mailing list. The FortiSOAR™ engineering team is subscribed to this mailing list. Once a new update is available, FortiSOAR™ Engineering first tests these updates on a FortiSOAR™ Virtual Appliance by performing vulnerability scan using Nessus™. If no reported vulnerabilities are seen sanity testing is done for stability and regression. After confirming that the update is safe, updates are pushed to the FortiSOAR™ CentOS 7 update server (update.cybersponse.com).

FortiSOAR™ OS updates

Before release, FortiSOAR™ is updated with the latest updates from the CentOS mirror servers. A FortiSOAR™ customer automatically receives an OS update when they upgrade to the latest FortiSOAR™.

If a customer needs to update CentOS 7 without upgrading the FortiSOAR™ product itself, they can do the following:

  1. Ensure that update.cybersponse.com is reachable from your VM.
    If you connect using a proxy, ensure that you set the proxy in the /etc/wgetrc, /etc/profile, and yum.conf files. This is required to download the OS updates file.
  2. SSH to your FortiSOAR™ 7.0.2 VM and log in as a root user.
  3. Download the OS update file (security-update-fortisoar-7.0.2.bin) for 7.0.2 by running the following command:
    # wget https://update.cybersponse.com/7.0.2/security-update-fortisoar-7.0.2.bin
    Note: If your instance can connect to update.cybersponse.com only using a proxy, then ensure that the proxy is set in the /etc/wgetrc file.
    For example:
    use_proxy=yes
    http_proxy=<proxy_server_ip:port>
    https_proxy=<proxy_server_ip:port>
  4. Run the security-update-fortisoar-7.0.2.bin file to apply the security patch on your 7.0.2 system:
    # sh security-update-fortisoar-7.0.2.bin
  5. Reboot your host post-upgrade, if directed by the script.
Note

From FortiSOAR™ 7.0.2 Security Patch 3 (SP3) release onwards, the CentOS and Epel package updates are also applicable to FortiSOAR™ Secure Message Exchange (SME), i.e., these updates are applicable to both FortiSOAR™ Enterprise and SME.

Security Fixes

The following security fixes are included with this security patch:

  • Fixed the log4j security vulnerability.
  • Updated the version of Elasticsearch to 7.17.0 for fixing the log4j security vulnerability.