Slips v1.1.14

.github/workflows/install-slips-dependencies.yml

@@ -47,7 +47,7 @@ jobs:
         key: apt-cache
 
     - name: Set up Python with caching enabled
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@v6
       with:
         python-version: ${{ inputs.python-version }}
         cache: 'pip'

.github/workflows/unit-tests.yml

@@ -96,7 +96,7 @@ jobs:
         fetch-depth: 0
 
     - name: Set up Python
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@v6
       with:
         python-version: 3.10.12
 

CHANGELOG.md

@@ -1,3 +1,6 @@
+1.1.14 (Oct 14th, 2025)
+- Security Patch for CVE-2025-49844: Force use of Redis version 8.2.2
+
 1.1.13 (Sep 1st, 2025)
 - Add detection for DNS answers of malicious DNS queries.
 - Support using Zeek v8.0.0.

README.md

@@ -1,5 +1,5 @@
 <h1 align="center">
-Slips v1.1.13
+Slips v1.1.14
 </h1>
 
 

VERSION

@@ -1 +1 @@
-1.1.13
+1.1.14

docker/Dockerfile

@@ -78,12 +78,13 @@ RUN apt update && apt install -y --no-install-recommends \
 # to support running slips on the rpi (arm64). the rpi uses jemmalloc by default, which expects a different page size
 # than the default on x86_64
 RUN pip3 install --no-cache-dir --upgrade pip \
-    && git clone https://github.com/redis/redis \
-    && cd redis \
+    && curl -O https://download.redis.io/redis-stable.tar.gz \
+    && tar xzf redis-stable.tar.gz \
+    && cd redis-stable \
     && make distclean \
     && make MALLOC=libc
 
-ENV PATH="$PATH:/redis/src"
+ENV PATH="$PATH:/redis-stable/src"
 
 
 # Switch to Slips installation dir on login.

docker/light/Dockerfile

@@ -10,67 +10,57 @@ ENV SLIPS_DIR=/StratosphereLinuxIPS
 SHELL ["/bin/bash", "-c"]
 
 # Install wget and add Zeek and redis repositories to our sources.
-RUN apt update && apt install -y --no-install-recommends \
-    wget \
-    ca-certificates \
-    git \
-    curl \
-    gnupg \
-    lsb-release \
-    software-properties-common \
-    build-essential \
-    file \
-    lsof \
-    iproute2 \
-    tshark \
-    whois \
-    yara \
-    net-tools \
-    less \
-    unzip \
-    python3-certifi \
-    python3-dev \
-    python3-tzlocal \
-    python3-pip \
-    && echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_22.04/ /' |  tee /etc/apt/sources.list.d/security:zeek.list \
-    && curl -fsSL https://download.opensuse.org/repositories/security:zeek/xUbuntu_22.04/Release.key | gpg --dearmor |  tee /etc/apt/trusted.gpg.d/security_zeek.gpg > /dev/null \
-    && curl -fsSL https://packages.redis.io/gpg |  gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg \
-    && echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" > /etc/apt/sources.list.d/redis.list \
-    && apt update \
-    && apt install -y --no-install-recommends --fix-missing \
-    zeek \
-    redis \
+# set -eux for safer builds (stop on error, show commands)
+RUN set -eux; \
+    apt-get update && apt-get install -y --no-install-recommends \
+        ca-certificates gnupg wget curl \
+    && apt-get update && apt-get install -y --no-install-recommends \
+        git lsb-release software-properties-common \
+        build-essential file lsof iproute2 tshark whois yara net-tools less unzip \
+        python3-certifi python3-dev python3-tzlocal python3-pip \
+    && curl -O https://download.redis.io/redis-stable.tar.gz \
+    && tar xzf redis-stable.tar.gz \
+    && cd redis-stable \
+    && make distclean && make MALLOC=libc \
+    && cd .. && rm -rf redis-stable.tar.gz \
+    && echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_22.04/ /' \
+        | tee /etc/apt/sources.list.d/security:zeek.list \
+    && curl -fsSL https://download.opensuse.org/repositories/security:zeek/xUbuntu_22.04/Release.key \
+        | gpg --dearmor | tee /etc/apt/trusted.gpg.d/security_zeek.gpg > /dev/null \
+    && apt-get update && apt-get install -y --no-install-recommends --fix-missing zeek \
     && ln -s /opt/zeek/bin/zeek /usr/local/bin/bro \
-    && apt clean \
+    && apt-get clean \
     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
+ENV PATH="$PATH:/redis-stable/src"
+
 COPY . ${SLIPS_DIR}
 
 WORKDIR ${SLIPS_DIR}
 
 RUN cd modules \
-&& rm -rf \
-	rnn_cc_detection/ \
-	timeline/ \
-	kalipso/ \
-	p2ptrust/ \
-	flowmldetection/ \
-	cyst/ \
-	cesnet/ \
-	exporting_alerts/ \
-	riskiq/ \
-	template/ \
-	blocking/ \
-	virustotal/ \
-&& cd .. \
-&& rm -rf dataset/ docs/  tests/ \
-&& rm kalipso.sh \
-  package.json \
-  pytest.ini \
-  webinterface.sh \
-  CITATION.cff \
-  CHANGELOG.md \
-  conftest.py
+    && rm -rf \
+        rnn_cc_detection/ \
+        timeline/ \
+        kalipso/ \
+        p2ptrust/ \
+        flowmldetection/ \
+        cyst/ \
+        cesnet/ \
+        exporting_alerts/ \
+        riskiq/ \
+        template/ \
+        blocking/ \
+        virustotal/ \
+    && cd .. \
+    && rm -rf dataset/ docs/  tests/ \
+    && rm kalipso.sh \
+      package.json \
+      pytest.ini \
+      webinterface.sh \
+      CITATION.cff \
+      CHANGELOG.md \
+      conftest.py
 
 RUN pip3 install --no-cache-dir --upgrade pip  \
     && grep -v -f docker/light/excluded_libs.txt install/requirements.txt | xargs -n 1 pip install \

docs/immune/Immune.md

@@ -1,6 +1,9 @@
 # Slips Immune
 
+This is the main guide to the documentation related to the changes done to Slips as part of incorporating the immunology ideas
 
+
+- [Main Architecture of Slips Immune](https://stratospherelinuxips.readthedocs.io/en/develop/immune/immune_architecture.html)
 - [Research RPI Limitations](https://stratospherelinuxips.readthedocs.io/en/develop/immune/research_rpi_limitations_and_define_acceptable_performance_benchmarks.html)
 - [Slips Compatibility In The RPI](https://stratospherelinuxips.readthedocs.io/en/develop/immune/reimplement_slips_features_incompatible_with_the_rpi.html)
 - [Installing Slips On the RPI](https://stratospherelinuxips.readthedocs.io/en/develop/immune/installing_slips_in_the_rpi.html)