diff --git a/static/Changelog b/static/Changelog index 26646af..82178c8 100644 --- a/static/Changelog +++ b/static/Changelog @@ -2,7 +2,652 @@ Changelog ========= -v2.4.193 (2024-06-06) +%%version%% (unreleased) +------------------------ + +Fix +~~~ +- [Warninglists] make it API friendly. [iglocska] + + +v2.4.198 (2024-09-13) +--------------------- + +New +~~~ +- [attribute type] `dom-hash` is a structural fingerprint of HTML's + Document Object Model. [Alexandre Dulaunoy] + + `dom-hash` is a structural fingerprint of the HTML's Document Object + Model (DOM) originaly developed by CERT.PL + + The fingerprint is calculated by extracting all the tag names (ignoring + the content and attribute of the HTML Page). The tag names are + concatenated with a pipe value `|`, hash with the SHA-256 algorithm + and truncated with the first 32 characters. + + Software like LookyLoo[1] implemented the algorithm which can be used + in MISP to share and correlate information about similar web pages (e.g. + phishing pages). + + [1] https://github.com/Lookyloo/lookyloo/commit/466a3c56148f2ddb911620fd24e4f0c9d602a6a3 + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [PyMISP] Bump. [Raphaël Vinot] +- [internal] Simplify cake.php and load dispatcher from absolute path. + [Jakub Onderka] +- [internal] Server sync debug message when pushing events. [Jakub + Onderka] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [ui] Better description for server setting. [Jakub Onderka] + +Fix +~~~ +- [event-report:edit] Take first Attribute value from an object if + unable to get the priority value. [Sami Mokaddem] +- [event-report:edit] Take first Attribute value from an object if + unable to get the priority value. [Sami Mokaddem] +- [security] Ensure proper sanitization of sensitive fields in user- + login-profiles. [Sami Mokaddem] + + Prevent other org-admins (from the same org) to view sensitive fields of + other org-admins when they confirmed their login session + + - As reported by Sharad Kumar Dahal of Green Tick Nepal Pvt. Ltd +- [users:view_login_history] Column not found error while not being a + site-admin. [Sami Mokaddem] + + By ensuring the user's Role is included in the result +- [users:index] Redact autkey visibility to other org-admin in the same + organisation. [Sami Mokaddem] + + - Since by design, org admins can already change the password of other + org-admins (from the same org), this is considered as a fix. +- [security] ACL ignored on GUI attribute search. [iglocska] + + - as reported by KZ-CERT, the National CERT Team of Kazakhstan +- [attribute search] fixes for invalid returns on deleted = [0,1], fixes + #9866. [iglocska] + + - object level deleted field check would block the inclusion of non object attributes +- [feed] old path replaced with official misp-website path. [Alexandre + Dulaunoy] +- [baseurl] preference changed to MISP.baseurl, fixes #9895. [iglocska] + + - external_baseurl no longer used as a prefered source + - meant to be informational only for sharing groups +- [internal] Throw exception in GpgTool if GnuPG.homedir is empty. + [Jakub Onderka] +- [internal] Throw exception in EncryptedValue invalid state. [Jakub + Onderka] + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch 'fix/authkey-visibility' into develop. [Sami Mokaddem] +- Merge pull request #9903 from JakubOnderka/shell-dispatcher. [Jakub + Onderka] + + chg: [internal] Simplify cake.php and load dispatcher from absolute path +- Merge branch '2.4' into develop. [iglocska] +- Merge pull request #9685 from JakubOnderka/push-server-sync-debug. + [Jakub Onderka] + + chg: [internal] Server sync debug message when pushing events +- Merge branch '2.4' into develop. [iglocska] +- Merge pull request #9890 from JakubOnderka/log-unpublished. [Jakub + Onderka] + + chg: [ui] Better description for server setting +- Merge pull request #9896 from JakubOnderka/encrypt-exception. [Jakub + Onderka] + + Encrypt exception +- Merge pull request #9897 from MISP/2.4. [Jakub Onderka] + + Merge 2.4 into develop + + +v2.4.197 (2024-09-02) +--------------------- + +New +~~~ +- Add config option user_org_uuid_in_response_header, allowing to + include a response header with the requesting user's org UUID. [Jeroen + Pinoy] +- [build] Show required STIX dependencies versions. [Jakub Onderka] + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [warning-list] updated. [Alexandre Dulaunoy] +- [taxonomies] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated. [Alexandre Dulaunoy] +- [PyMISP] Bump. [Raphaël Vinot] +- [internal] Log when event will not be published. [Jakub Onderka] +- [global_menu:bookmark] Added comment field as dropdown element's + title. [Sami Mokaddem] +- [db:bookmark] Added DB upgrade to support bookmarks' comment. [Sami + Mokaddem] +- [bookmark:view] Added missing comma for new comment function. [Jan Z.] + + Added a missing comma for the new comment function +- [bookmark:View] Added field for Comment. [Jan Z.] + + Added a field for comments for bookmarks +- [bookmark:index] Added a field for Comment. [Jan Z.] + + Added a field to display comment to the Bookmarks +- [bookmark:add] Added a comment field. [Jan Z.] + + Added a field to add and edit comments for bookmarks. +- [misp-object] updated to the latest version. [Alexandre Dulaunoy] + +Fix +~~~ +- [UI/footer] Avoid confusion for some users. [Alexandre Dulaunoy] + + Verse 1 + I was sittin' at my desk, feeling mighty fine, + Encryption's my jam, yeah, it’s my time to shine. + But then I hit a wall, a digital brick, + I mixed up my keys, oh what a trick! + + Pre-Chorus + Sent my own key to the server’s side, + Now my secrets ain’t safe, and I wanna hide. + What a mix-up, what a shame, + Who’s to blame in this encryption game? + + Chorus + Oh, PGP, don’t play tricks on me, + Keep my secrets locked, let my mind be free. + I sent my own key, oh what a fuss, + When I needed the server’s, now I’m outta luck! + + Verse 2 + I tried to decrypt, but nothing would show, + I thought it was the server, but now I know. + My own key’s sittin' there, feelin' so right, + But it’s not the one I need to lock up tight. + + Pre-Chorus + Sent my secrets into the cloud, + But they bounced right back, I ain’t so proud. + What a mix-up, what a twist, + In the encryption dance, I must persist! + + Chorus + Oh, PGP, don’t play tricks on me, + Keep my secrets locked, let my mind be free. + I sent my own key, oh what a fuss, + When I needed the server’s, now I’m outta luck! + + Bridge + Next time I’ll check, I’ll double-click twice, + Make sure the right key’s rollin’ the dice. + No more confusion, no more regret, + I’ll get this encryption thing down just yet! + + Chorus + Oh, PGP, don’t play tricks on me, + Keep my secrets locked, let my mind be free. + I sent my own key, oh what a fuss, + When I needed the server’s, now I’m outta luck! + + Outro + So here’s my lesson, loud and clear, + In the world of keys, gotta steer clear. + Of mix-ups and mess-ups, it’s a tricky ride, + But I’ll master this PGP with pride! +- [ioc import] Check if provided XML is valid. [Jakub Onderka] +- [schema] Schema version. [Jakub Onderka] +- [ui] Returned data are already parsed for tag popover. [Jakub Onderka] +- [bookmarks:add] Lower-cased comment field. [Sami Mokaddem] +- [sighting] Correctly pull sightings per requested event. [Tom King] +- [bookmarks] fix an issue with overly verbose returns from bookmarks + when shared with the org. [iglocska] + + - as reported by Sharad Kumar Dahal of Green Tick Nepal Pvt. Ltd. +- [feed] Feed pull, check events against rules if rules specified. + [Benni0] + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into pr-9893. [Sami Mokaddem] +- Merge branch 'develop' into pr-9885. [Sami Mokaddem] +- Merge pull request #9889 from JakubOnderka/log-unpublished. [Jakub + Onderka] + + chg: [internal] Log when event will not be published +- Merge pull request #9888 from JakubOnderka/tag-popover-fix. [Jakub + Onderka] + + fix: [ui] Returned data are already parsed for tag popover +- Merge branch 'pr-9841' into develop. [Sami Mokaddem] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9876 from tomking2/bug/sighting_rest_search. + [Andras Iklody] + + Fixes performance of sightings restSearch when performing MISP sync +- Merge pull request #9875 from JakubOnderka/stixtest-build. [Jakub + Onderka] + + new: [build] Show required STIX dependencies versions +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge pull request #9881 from andrewdhicks/fix-sightings-rest-search- + org. [Andras Iklody] + + Fix sightings rest search by org uuid +- Merge branch 'MISP:2.4' into fix-sightings-rest-search-org. [Andrew + Hicks] +- Fix negation of org id for sightings restSearch. [Andrew Hicks] + + +v2.4.196 (2024-08-21) +--------------------- + +New +~~~ +- [decaying model] Add a DecayingModel based on true positive and false + positive sightings. [Marcel Slotema] +- [log search] added optional hh:mm:ss accuracy. [iglocska] + + - also some refactoring to deal with the boat-load of copy-pasta + + ░░░░░░░░░░░░ ░░ ░░░░ ░░░░ + ░░░░░░░░░░ ░░▒▒▓▓██████░░ ░░▒▒██████░░ ░░ + ░░░░░░░░░░ ░░████ ██░░░░░░██ ██░░ + ░░░░░░░░░░░░ ▒▒████ ████░░░░▒▒██ ████░░ + ░░░░░░░░░░ ▒▒██▓▓ ██░░░░▒▒██ ██░░ + ░░░░░░░░ ▒▒████████░░ ▒▒████████▒▒ + ░░░░ ░░ ░░ ░░ ▒▒▒▒██░░██████░░▒▒██░░▓▓▓▓░░ + ░░░░ ░░ ░░▒▒████████████░░░░██████ ▓▓██████▒▒ + ░░░░░░░░ ▒▒████▒▒░░ ░░░░██░░██░░░░░░████▒▒ ▒▒▓▓ + ░░░░░░ ░░▒▒██░░██▒▒▓▓████░░░░██░░░░██░░██▒▒ ▒▒██▓▓░░██ + ░░░░ ░░░░▒▒██▒▒██░░ ▓▓██▒▒██ ░░████░░██░░ ▒▒▓▓▒▒▓▓████░░░░▒▒░░ + ░░ ░░▒▒██████░░░░ ▓▓▓▓▒▒▒▒▒▒██░░░░░░░░██████▓▓▒▒▒▒▒▒▓▓██▒▒▓▓██████ + ▒▒██░░▓▓████████▓▓▒▒▒▒▒▒▒▒██████████░░██▓▓▒▒▒▒▒▒▒▒▒▒██████░░░░██ + ░░▒▒▓▓▒▒░░▓▓██▒▒██▓▓▒▒▒▒▒▒▒▒▒▒██░░░░░░██░░▓▓▓▓▒▒▒▒▒▒▒▒▒▒██ ░░████ + ░░▒▒██░░▓▓▓▓██░░▒▒██▓▓████████░░░░██████░░░░▒▒██▒▒▒▒▒▒██░░░░██ + ░░▒▒██░░██░░▒▒██░░░░██▒▒ ░░░░██████▒▒ ██▓▓▒▒████████░░████░░ + ░░▒▒██▒▒██▒▒▒▒██████░░▓▓████░░░░██░░██░░██▓▓ ░░██▒▒████░░ + ░░▒▒██████████░░▒▒▒▒██████░░██░░░░████░░ ░░██░░ ██░░ + ░░░░▒▒▓▓██▒▒░░░░████░░░░░░██░░██░░██▓▓██░░░░████ ██▒▒░░ + ░░░░▒▒██░░██████▓▓▒▒██████▒▒░░██░░██▓▓██ ░░████░░ ██░░ + ░░░░▒▒██▓▓▒▒▒▒▒▒▒▒██░░░░░░░░██░░░░██▓▓████ ██▓▓██ ██░░ + ░░░░░░▒▒▒▒ ░░▒▒██▒▒░░▓▓██████ ██▓▓▒▒████ ██▓▓██░░▓▓▓▓ + ░░░░░░░░░░░░░░▒▒██░░████████░░██▒▒▒▒████▒▒██▓▓▒▒██░░██▓▓ + ░░░░░░░░ ▒▒████░░░░▓▓▓▓▓▓████░░▒▒▒▒██▒▒▒▒██▓▓██░░▓▓▓▓ + ░░░░░░░░▒▒▒▒████░░ ██▓▓▒▒██▓▓░░░░▒▒██▒▒▒▒██▒▒██░░▒▒▓▓ + ░░░░░░░░▒▒██░░░░▒▒██▓▓░░░░░░░░░░░░ ████▓▓▒▒▒▒██░░▓▓▓▓ + ░░░░░░░░▒▒████████░░░░ ░░░░░░░░░░ ░░██████░░ +- [review user logs] made the button useful. [iglocska] + + - was linking to the log index without any filters before + - now links to any changes affecting the user (model = User, model_id = user_id) + - is aware of the use of the new audit log system, linking to the most useful logs + - future improvements: add a secondary button for searches on the user email address in the logs by creation + +Changes +~~~~~~~ +- [PyMISP] Bump. [Raphaël Vinot] +- [version] bump. [iglocska] +- [decaying-model-formulas] Catches undefined indexes. [Sami Mokaddem] +- [decaying tool] Update sliders when a textbox is changed. [Marcel + Slotema] +- [attributes:restSearch] Added X-Skipped-Elements-Count Header. + [Benni0] + + Added the X-Skipped-Elements-Count header, which should indicate how many items are skipped due to postprocessing. + With this header, the client should be able to do proper pagination and can stop iteration when the amount of items, + including the skipped items, is lower than the limit +- [internal] Include in logged message subject and e-mail address when + sending e-mail. [Jakub Onderka] +- [misp-stix] Bumped latest tagged version. [Christian Studer] +- [baseurl handling] fixed for reverse proxies. [iglocska] + + - no more weird redirects that drop ports / externally requested baseurls from redirect links + - Thanks to @github-germ (Mitch Germansky) for the long, in-depth debug session and testing all the hacky attempts at fixing it +- [warning-list] updated to the latest version. [Alexandre Dulaunoy] +- [misp-object] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated. [Alexandre Dulaunoy] +- [misp-stix] Bumped latest submodule version. [Christian Studer] +- [misp-stix] Bumped latest submodule version including some fixes. + [Christian Studer] +- [Attributes restSearch] added sort support for publish_timestamp. + [Benni0] + +Fix +~~~ +- [misp-stix] Bumped fixed version. [Christian Studer] +- [stix2 import] Updated STIX 2 parsers usage following recent changes + on misp-stix. [Christian Studer] +- [priority order in beforefilter] move the baseurl view var setting + further up in the chain. [iglocska] + + - redis errors with benchmarking enabled could throw a notice error about the baseurl not being set for the views otherwise +- [image helper] allow for variable width org logos without overlapping + the text. [iglocska] +- [misp-stix] Bumped latest version including recent fixes. [Christian + Studer] +- [workflow:getEnabledModules] Make sure to return the correct type if + redis fails to load. [Sami Mokaddem] +- [cli setting change] in the previous commit fixed. [iglocska] + + - Thanks @ostefano for noticing my fuckup +- [workflow:getEnabledModules] Make sure to return the correct type if + redis fails to load. [Sami Mokaddem] +- [settings] multiple fixes to changing settings on the instance. + [iglocska] + + - fix an issue with simplebackgroundjobs setting changes barfing + - add a proper CLI check rather than that puzzling fileOnly shit we've had before +- [attribute search ordering fix] [iglocska] +- [attribute search] id based sliding window reverted. [iglocska] + + - sadly the ordering is more expensive than the gain it looks like... + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch 'env_dependencies' into develop. [iglocska] +- Merge branch 'develop' into env_dependencies. [iglocska] +- Merge branch 'attributeRestsearchOrder' into develop. [iglocska] +- Merge branch 'develop' into attributeRestsearchOrder. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'pr-9849' into develop. [Sami Mokaddem] +- Merge branch 'x-skipped-elements-count' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge pull request #9865 from JakubOnderka/log-exception-email. + [Andras Iklody] + + chg: [internal] Include in logged message subject and e-mail address … +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch 'dependencies' into develop. [iglocska] +- Default to env dependencies, and fallback to submodules' [Stefano + Ortolani] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Alexandre Dulaunoy] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9862 from kdrypr/patch-3. [Alexandre Dulaunoy] + + Update defaults.json +- Update defaults.json. [Kadir YAPAR] + + changed company and community +- Merge pull request #9859 from ostefano/openapi. [Andras Iklody] + + Fix openapi specification +- Fix openapi specification. [Stefano Ortolani] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- [chg] Modified Attributes to support mutlicolumn and + Model.publish_timestamp sorting. [Benni0] +- [chg:AppModel] Modified findOrder to support multicolumn sorting. + [Benni0] + + +v2.4.195 (2024-07-26) +--------------------- + +New +~~~ +- [legacy attribute search] internals added for some edge cases. + [iglocska] + + - new setting allows an admin to flip the search strategy to one that mimics the old behaviour + - refrains from using subqueries +- [attribute search and correlation] improvements. [iglocska] + + - added correlationRules system + - create rules for non correlating events (such as events from the same org, events with a certain string in the event info field, or just manually chosen event IDs) + - should help combat recurring data in certain feeds / providers causing slowdowns + - rework of the attribute pagination + - use the memory limit based bucketing also when limits are set + - better handling of offsets (ordering + using lowest IDs for the next batch instead of mysql offsets) +- [logging] Added more data to logging entry and new option to log used + authkeys in clear-text. [Sami Mokaddem] + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [warning-list] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] fix issue with buggy template. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] +- [db schema] bumped. [iglocska] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [workflow:webhook] Correctly send JSON data if content_type is set to + application/json. [Sami Mokaddem] +- [docs] add an example of S/MIME self-signed key for your MISP. + [Alexandre Dulaunoy] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] + + - let's see if this fixes the tests +- [PyMISP] Test search & publish. [Raphaël Vinot] +- [logos] added CCB's logo as per request to the defaults. [iglocska] + + - also fixed a gitignore snafu +- [PyMISP] Bump changelog. [Raphaël Vinot] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] + +Fix +~~~ +- Unify event create/update response. [Luciano Righetti] +- Openapi path parameters are required. [Luciano Righetti] +- Wrong parameter id in taxonomy endpoints. [Luciano Righetti] +- Analyst data openapi spec. [Luciano Righetti] +- [restClient:queryBuilder] Stop prefixing the scope for the fields in + restSearch context. [Sami Mokaddem] +- [index hint] using mysql extended may be wrong. [iglocska] + + - if attributes.deleted isn't indexed it would barf before + - added a check for the existence of the index +- [publishing] if the publish timestamp can't be updated, throw an error + during the in-line publishing. [iglocska] +- [fetchEvent] defaulting out conditions to null rather than false. + [iglocska] + + - enabled the false behaviour that false would simply be ignored + - this caused published = false via the API to default to the published flag not being set at all + - new behaviour works same as 0/1 values for booleans +- [Bookmark view] typo fixed. [Alexandre Dulaunoy] +- [internal] more fixes to the deleted flag. [iglocska] + + - this sure wouldn't be such a clusterfuck if the office had an AC and we weren't sitting in 28.3C +- [deleted filter] fix for the previous commit. [iglocska] + + - modify a local variable rather than the passed-by-reference params array +- [event] Making sure we attach Analyst Data to Event Reports when + fetching Events. [Christian Studer] +- [internal filtering] handle deleted cases better across the various + search endpoints. [iglocska] + + - object restSearch() was not correcty adhering to the deleted:1 parameter among others +- Unify event create/update response. [Luciano Righetti] +- Openapi path parameters are required. [Luciano Righetti] +- Wrong parameter id in taxonomy endpoints. [Luciano Righetti] +- Analyst data openapi spec. [Luciano Righetti] +- [ACL] user add always accessible to site admins. [Andras Iklody] +- [issue] Update config.yml. [Alexandre Dulaunoy] + + Removal of the discussion which is a source of issues. + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'correlation_rules' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'pr-9744' into develop. [Sami Mokaddem] +- Merge branch 'develop' into pr-9744. [Sami Mokaddem] +- Merge branch 'feature/cleartext-logging' into develop. [Sami Mokaddem] +- Merge branch 'develop' into feature/cleartext-logging. [Sami Mokaddem] +- Merge remote-tracking branch 'refs/remotes/origin/develop' into + develop. [Sami Mokaddem] +- Merge pull request #9826 from righel/fix-openapi-spec-params. [Luciano + Righetti] + + Fix openapi spec params +- Fix OpenAPI spec. [Stefano Ortolani] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Update class properties. [Vincenzo Caputo] +- Update module description. [Vincenzo Caputo] +- Add attach decay score module. [Vincenzo Caputo] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9805 from ostefano/openapi. [Luciano Righetti] + + Fix OpenAPI spec +- Fix OpenAPI spec. [Stefano Ortolani] +- Merge pull request #9792 from cudeso/2.4. [Alexandre Dulaunoy] + + Adding Threatview.io MISP feeds +- Adding Threatview.io MISP feeds. [Koen Van Impe] + + +v2.4.194 (2024-06-21) +--------------------- + +New +~~~ +- [bookmark] Added bookmark functionality. [Sami Mokaddem] + + - Allow any user to create a bookmark + - Bookmarks can be shared to all users belonging to the bookmark organisation +- [heartbeat] added. [iglocska] + + - new endpoint, /users/heartbeat + - accessible unauthed, simply returns a 200 response if the instance is operational + - No checks are done on live status, version, etc. The idea is to simply see if the instance is up + - Skips most of beforefilter() altogether, making it very fast. +- [skip otp requirement] role permission added to exclude certain roles + from the otp requirement. [iglocska] + + - handy for filtered, local service accounts +- [users api] added new boolean field to the output indicating whether + totp is set for the user. [iglocska] + + - A simple boolean field to show whether totp has been set up for the given account + - works for /users/view, /admin/users/view, /admin/users/index + +Changes +~~~~~~~ +- [misp-stix] Bumped latest version. [Christian Studer] +- [schema] bump. [iglocska] +- [version] bump. [iglocska] +- [PyMISP] Bump version. [Raphaël Vinot] +- [warning-lists] updated. [Alexandre Dulaunoy] +- [misp-galaxy] updated. [Alexandre Dulaunoy] +- [misp-objects] updated. [Alexandre Dulaunoy] +- [bookmark:index] Added title acting as doc for exposed_to_org field. + [Sami Mokaddem] +- [bookmarks:index] Improved support of quick search. [Sami Mokaddem] +- [warning-lists] updated. [Alexandre Dulaunoy] +- [ACL] added heartbeat to the ACL component. [iglocska] +- [schema and mysql.sql] updated. [iglocska] + + - it's been long overdue + +Fix +~~~ +- [default roles] delegation permission added to sync user and + publisher. [iglocska] +- [default role] readded. [iglocska] +- [PyMISP] Mistake in tests. [Raphaël Vinot] +- [roles] defaults fixed. [iglocska] +- [event report markdown editor] not displaying tags, fixes #9774. + [iglocska] + + - garbage response type bites us in the arse again +- [feed ingestion] include a user agent to circumvent issues with feeds + requiring it, fixes #9773. [iglocska] +- [galaxycluster blocklist] editing missing view, fixes #9766. + [iglocska] +- [missing org logo] in decaying model readded, fixes #9768. [iglocska] + + - went fubar after the move to base64 encoded org images +- [decaying tool] JSON response fixes, fixes #9769. [iglocska] + + - AJAX queries shouldn't receive the responses back as text/html when we're dealing with JSON responses +- [object references links] fixed, fixes #9787. [iglocska] + + - Clicking on a referenced object didn't refocus the view as it does for attributes + - moved to using data fields for referencing the correct object + + - The code handling this was an eldritch nightmare that only worked when enough sheep have been sacirificed to the wicked javascript deity on the last full moon +- [server edit] view - notice error fixed. [iglocska] + + - url_params in the pull rules may not exist on old server objects +- [bookmark:index] Fixed typo in description. [Sami Mokaddem] +- [mysql.sql] default role settings fixed. [iglocska] + + memory_limit / max_execution_time should be NULL not 0 +- [openapi] local flag in EventTags should be boolean. [iglocska] +- [doc] correct filenames in rhel background worker migration guide + steps. [Jeroen Pinoy] +- [sighting sync] raised tiny chunk size to improve performance. + [iglocska] + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch 'bookmarks' into develop. [iglocska] +- Merge branch 'develop' into bookmarks. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Update README.md. [Andras Iklody] +- Merge pull request #9782 from mdhirt/mdhirt-fix-#9781. [Andras Iklody] + + Update eventattributetoolbar.ctp +- Update eventattributetoolbar.ctp. [Mike] + + Fixed invalid object _( on lines 266 and 274 +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge pull request #9771 from Wachizungu/fix-rhel-background-workers- + migration-guide. [Alexandre Dulaunoy] + + fix: [doc] correct filenames in rhel background worker migration guid… + + +v2.4.193 (2024-06-11) --------------------- New @@ -38,6 +683,11 @@ New Changes ~~~~~~~ +- [recorrelation] added new functionality to set the recorrelation chunk + size. [iglocska] + + - recorrelate in configurable chunk sizes (rather than the old hard coded value of 500) + - immediately execute the saving of correlations after each chunk (should drastically reduce memory usage for massive events) - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [misp-stix] Bumped latest version. [Christian Studer] @@ -136,6 +786,7 @@ Fix Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9764 from Wachizungu/add-mysqlobserverextended- diff --git a/static/Changelog-PyMISP.txt b/static/Changelog-PyMISP.txt index 71282fb..1bcfe0b 100644 --- a/static/Changelog-PyMISP.txt +++ b/static/Changelog-PyMISP.txt @@ -2,8 +2,115 @@ Changelog ========= -%%version%% (unreleased) ------------------------- +v2.5.2 (2024-11-18) +------------------- + +New +~~~ +- Publish to PyPi on release. [Raphaël Vinot] + +Changes +~~~~~~~ +- Bump changelog. [Raphaël Vinot] +- Skip PyMISP version check. [Raphaël Vinot] +- Bump deps, version. [Raphaël Vinot] +- Bump deps, version. [Raphaël Vinot] +- Bump version, deps, templates. [Raphaël Vinot] +- Bump version, test for GH action release. [Raphaël Vinot] +- Drop python 3.8, add python 3.13. [Raphaël Vinot] +- Bump templates. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Remove fonts from submodules, on-demand download if needed. [Raphaël + Vinot] + +Fix +~~~ +- Avoid exception on dev releases. [Raphaël Vinot] +- Template versions in tests. [Raphaël Vinot] +- [AnalystData] A quick and simple typing fix. [Christian Studer] + +Other +~~~~~ +- Build(deps): bump codecov/codecov-action from 4 to 5. + [dependabot[bot]] + + Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4 to 5. + - [Release notes](https://github.com/codecov/codecov-action/releases) + - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) + - [Commits](https://github.com/codecov/codecov-action/compare/v4...v5) + + --- + updated-dependencies: + - dependency-name: codecov/codecov-action + dependency-type: direct:production + update-type: version-update:semver-major + ... +- Update pytest.yml for python 3.13. [Raphaël Vinot] + + +v2.5.1 (2024-10-17) +------------------- + +New +~~~ +- Onion-address type. [Raphaël Vinot] + +Changes +~~~~~~~ +- Re-bump changelog. [Raphaël Vinot] +- Bump changelog. [Raphaël Vinot] +- Bump objects. [Raphaël Vinot] +- Bump version. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] + +Fix +~~~ +- Skip trying to install doc in python 3.9. [Raphaël Vinot] + + +v2.5.0 (2024-10-04) +------------------- + +Changes +~~~~~~~ +- Bump changelog. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- [tests] misp_instance_version_master now uses the 2.5 branch. + [iglocska] + +Fix +~~~ +- Make mypy happy. [Raphaël Vinot] + + +v2.4.198 (2024-09-13) +--------------------- + +Changes +~~~~~~~ +- Re-Bump changelog. [Raphaël Vinot] +- Bump changelog. [Raphaël Vinot] +- Bump deps, version. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Only include the changelog in the sdist package. [Raphaël Vinot] + + Related #1295 +- [data] describeTypes.json updated. [Alexandre Dulaunoy] + +Other +~~~~~ +- Openioc.py is not a script, but had exec bit. [Sebastian Wagner] + + the file openioc can only be used as module and as part of a package, + has no instructions for direct execution and is therefor not a script + for direct execution + + this removes the executable bit from the file + + +v2.4.197 (2024-09-02) +--------------------- Changes ~~~~~~~ diff --git a/static/Changelog-misp-galaxy.txt b/static/Changelog-misp-galaxy.txt index 2f05692..b5660b7 100644 --- a/static/Changelog-misp-galaxy.txt +++ b/static/Changelog-misp-galaxy.txt @@ -1,6 +1,295 @@ # Changelog +## %%version%% (unreleased) + +### Changes + +* [README] updated. [Alexandre Dulaunoy] + +* [README] updated. [Alexandre Dulaunoy] + +* [ransomware] group updated. [Alexandre Dulaunoy] + +* [sigma] updated. [Alexandre Dulaunoy] + +* [readme] updated. [Alexandre Dulaunoy] + +* [tidal] updated. [Alexandre Dulaunoy] + +* [README] updated. [Alexandre Dulaunoy] + +* [cluster] updated. [Alexandre Dulaunoy] + +* [ransomware] updated to the latest version. [Alexandre Dulaunoy] + +* [doc] README updated. [Alexandre Dulaunoy] + +* [ransomware] updated. [Alexandre Dulaunoy] + +* [doc] README updated. [Alexandre Dulaunoy] + +* [producer] updated. [Alexandre Dulaunoy] + +* [producer] added Recorded Future, Cyble, Cyfirma, SentinelOne, Fortinet, Zscaler, Splunk and Huntress. [rectifyq] + +* [threat-actor] version updated. [Alexandre Dulaunoy] + +* [tidal] updated to the latest version. [Alexandre Dulaunoy] + +* [sigma] updated to the latest version. [Alexandre Dulaunoy] + +* [ransomware] updated. [Alexandre Dulaunoy] + +* [threat-actor] added a relationship between `Earth Estries` and `GhostEmperor` [Rony] + +* [threat-actor] `GhostEmperor` updated. [Rony] + +* [ransomware] updated. [Alexandre Dulaunoy] + +* [threat-actor] SloppyLemming added. [Alexandre Dulaunoy] + +* [producer] updated with cloudflare and one description fixed. [Alexandre Dulaunoy] + +* [doc] README updated. [Rony] + +* [threat-actor] fix typo. [Rony] + +* [threat-actor] add earth baxia. [Rony] + +* [doc] README updated. [Alexandre Dulaunoy] + +* [ransomware] updated to the latest version. [Alexandre Dulaunoy] + +* [doc] updated. [Alexandre Dulaunoy] + +* [doc] updated. [Alexandre Dulaunoy] + +* [producer] added some security companies. [Tom] + +### Fix + +* [producer] must be an array. [Alexandre Dulaunoy] + +* [producer] refs are arrays. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #1033 from Mathieu4141/threat-actors/fa9e8f7c-83a4-4b9d-bfba-b8d52f1db99f. [Alexandre Dulaunoy] + + [threat actors] Add 10 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add APT73. [Mathieu4141] + +* [threat-actors] Add WageMole. [Mathieu4141] + +* [threat-actors] Add Tstark. [Mathieu4141] + +* [threat-actors] Add FrostyNeighbor. [Mathieu4141] + +* [threat-actors] Add Nam3L3ss. [Mathieu4141] + +* [threat-actors] Add SpaceBears. [Mathieu4141] + +* [threat-actors] Add SYLHET GANG-SG. [Mathieu4141] + +* [threat-actors] Add TOXCAR CYBER TEAM. [Mathieu4141] + +* [threat-actors] Add Evilbyte. [Mathieu4141] + +* [threat-actors] Add EvilWeb. [Mathieu4141] + +* Merge pull request #1032 from sbjzn/main. [Alexandre Dulaunoy] + +* Fix 'Alternative Label' on C - Manufacturing. [Simon] + +* Merge branch 'Delta-Sierra-main' [Alexandre Dulaunoy] + +* Merge branch 'main' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-main. [Alexandre Dulaunoy] + +* M. [Delta-Sierra] + +* Merge. [Delta-Sierra] + +* Add Operation Cobalt Whisper. [Delta-Sierra] + +* Merge pull request #1030 from Mathieu4141/threat-actors/13658ee8-66d7-4bd7-91a0-d10d71411900. [Alexandre Dulaunoy] + + [threat actors] Add 12 new actors and 4 aliases + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add Blackmeta. [Mathieu4141] + +* [threat-actors] Add DarkRaaS. [Mathieu4141] + +* [threat-actors] Add APT10 aliases. [Mathieu4141] + +* [threat-actors] Add AridViper aliases. [Mathieu4141] + +* [threat-actors] Add RomCom aliases. [Mathieu4141] + +* [threat-actors] Add OilRig aliases. [Mathieu4141] + +* [threat-actors] Add IcePeony. [Mathieu4141] + +* [threat-actors] Add UAC-0215. [Mathieu4141] + +* [threat-actors] Add Water Makara. [Mathieu4141] + +* [threat-actors] Add UNC5820. [Mathieu4141] + +* [threat-actors] Add OverFlame. [Mathieu4141] + +* [threat-actors] Add LulzSec Black. [Mathieu4141] + +* [threat-actors] Add RipperSec. [Mathieu4141] + +* [threat-actors] Add Shahid Hemmat. [Mathieu4141] + +* [threat-actors] Add Asnarök. [Mathieu4141] + +* [threat-actors] Add Anonymous64. [Mathieu4141] + +* Merge pull request #1029 from danielplohmann/patch-42. [Alexandre Dulaunoy] + + add APT37 alias used by AhnLab (TA-RedAnt) + +* Add APT37 alias used by AhnLab (TA-RedAnt) [Daniel Plohmann] + +* Merge pull request #1027 from danielplohmann/patch-40. [Alexandre Dulaunoy] + + added Unit42 name for Kimsuky (Sparkling Pisces) + +* Added Unit42 name for Kimsuky (Sparkling Pisces) [Daniel Plohmann] + +* Merge branch 'rectifyq-main' [Alexandre Dulaunoy] + +* Merge pull request #1025 from Mathieu4141/threat-actors/29621e26-b458-432e-bbb5-aaa8fba3a449. [Alexandre Dulaunoy] + + [threat actors] Add 5 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add TaskMasters. [Mathieu4141] + +* [threat-actors] Add SongXY. [Mathieu4141] + +* [threat-actors] Add CeranaKeeper. [Mathieu4141] + +* [threat-actors] Add Awaken Likho. [Mathieu4141] + +* [threat-actors] Add SkidSec. [Mathieu4141] + +* Merge pull request #1024 from Mathieu4141/threat-actors/d848c04e-d8f4-4b71-bf82-f8d841bda778. [Alexandre Dulaunoy] + + [threat actors] Add 8 actors and 1 alias + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add UNC1860. [Mathieu4141] + +* [threat-actors] Add Storm-1567 aliases. [Mathieu4141] + +* [threat-actors] Add CosmicBeetle. [Mathieu4141] + +* [threat-actors] Add Storm-0501. [Mathieu4141] + +* [threat-actors] Add Handala. [Mathieu4141] + +* [threat-actors] Add AzzaSec. [Mathieu4141] + +* [threat-actors] Add VICE SPIDER. [Mathieu4141] + +* [threat-actors] Add DragonRank. [Mathieu4141] + +* [threat-actors] Add Storm-0494. [Mathieu4141] + +* Merge pull request #1022 from Delta-Sierra/main. [Alexandre Dulaunoy] + + SloppyLemming relationsships + +* Update README.md. [Delta-Sierra] + +* Merge https://github.com/MISP/misp-galaxy. [Delta-Sierra] + +* Merge pull request #1021 from r0ny123/🧂🌀 [Alexandre Dulaunoy] + + Updates regarding Salt Typhoon + +* SloppyLemming relationsships. [Delta-Sierra] + +* Merge pull request #1020 from r0ny123/Earth-Baxia. [Alexandre Dulaunoy] + + Add Earth Baxia + +* Merge branch 'main' of github.com:MISP/misp-galaxy. [Alexandre Dulaunoy] + +* Merge pull request #1018 from Mathieu4141/threat-actors/e2b7cc51-95a5-4a68-b405-a747d3240b17. [Alexandre Dulaunoy] + + [threat actors] Adding 16 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add HikkI-Chan. [Mathieu4141] + +* [threat-actors] Add UTG-Q-010. [Mathieu4141] + +* [threat-actors] Add Fail0verflow. [Mathieu4141] + +* [threat-actors] Add Storm-1679. [Mathieu4141] + +* [threat-actors] Add UAT-5394. [Mathieu4141] + +* [threat-actors] Add RaHDit. [Mathieu4141] + +* [threat-actors] Add IRLeaks. [Mathieu4141] + +* [threat-actors] Add UAC-0154. [Mathieu4141] + +* [threat-actors] Add UNC4536. [Mathieu4141] + +* [threat-actors] Add SILKFIN AGENCY. [Mathieu4141] + +* [threat-actors] Add UNC2970. [Mathieu4141] + +* [threat-actors] Add ZeroSevenGroup. [Mathieu4141] + +* [threat-actors] Add Actor240524. [Mathieu4141] + +* [threat-actors] Add TIDRONE. [Mathieu4141] + +* [threat-actors] Add UNC4540. [Mathieu4141] + +* [threat-actors] Add CL-STA-0043 aliases. [Mathieu4141] + +* Merge branch 'nyx0-main' [Alexandre Dulaunoy] + +* Merge pull request #1017 from MISP/dependabot/pip/tools/mkdocs/cryptography-43.0.1. [Alexandre Dulaunoy] + + build(deps): bump cryptography from 42.0.4 to 43.0.1 in /tools/mkdocs + +* Build(deps): bump cryptography from 42.0.4 to 43.0.1 in /tools/mkdocs. [dependabot[bot]] + + Bumps [cryptography](https://github.com/pyca/cryptography) from 42.0.4 to 43.0.1. + - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) + - [Commits](https://github.com/pyca/cryptography/compare/42.0.4...43.0.1) + + --- + updated-dependencies: + - dependency-name: cryptography + dependency-type: direct:production + ... + +* Merge pull request #1016 from gallypette/main. [Alexandre Dulaunoy] + + chg: [first-csirt] keep the best script + +* Add: [first-csirt] keep the best script. [Jean-Louis Huynen] + + ## v2.4.197 (2024-09-02) ### Changes diff --git a/static/Changelog-misp-modules.txt b/static/Changelog-misp-modules.txt index 0a85a74..f6c5556 100644 --- a/static/Changelog-misp-modules.txt +++ b/static/Changelog-misp-modules.txt @@ -1,6 +1,106 @@ # Changelog +## %%version%% (unreleased) + +### New + +* [expansion:convert_markdown_to_pdf] Added module to render a markdown (under GFM) into PDF. [Sami Mokaddem] + +* [expansion] Added skeleton module for the misp_standard format. [Sami Mokaddem] + +### Changes + +* [workflow] Python 3.8 is now officially EoL. [Alexandre Dulaunoy] + +* [poetry.lock] Bumped. [Sami Mokaddem] + +### Fix + +* [mmdb_lookup] moduleinfo new format updated. [Alexandre Dulaunoy] + +* [launch] check conf file. [David Cruciani] + +* [pyproject] Added missing pandoc requirement. [Sami Mokaddem] + +* [expansion:init] Added new module `convert_markdown_to_pdf` for loading. [Sami Mokaddem] + +### Other + +* Merge branch 'cudeso-main' [Alexandre Dulaunoy] + +* Merge branch 'main' of https://github.com/cudeso/misp-modules into cudeso-main. [Alexandre Dulaunoy] + +* Be more consistent with max_country_qt / max_country_info_qt. [Koen Van Impe] + +* Extend MMDB with max_country_qt. [Koen Van Impe] + + When querying MMDB there are sometimes multiple country_info objects returned, mostly due to the different db_source. Sometimes customers are not interested in the db_source, and only the geo-info. + This change adds max_country_qt. When + - Set to None or 0, has no effect + - Set to a value higher than 0, the number of country_info entries is limited to max_country_qt + +* Merge pull request #700 from MISP/dependabot/pip/website/werkzeug-3.0.6. [Alexandre Dulaunoy] + + build(deps): bump werkzeug from 3.0.3 to 3.0.6 in /website + +* Build(deps): bump werkzeug from 3.0.3 to 3.0.6 in /website. [dependabot[bot]] + + Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.3 to 3.0.6. + - [Release notes](https://github.com/pallets/werkzeug/releases) + - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) + - [Commits](https://github.com/pallets/werkzeug/compare/3.0.3...3.0.6) + + --- + updated-dependencies: + - dependency-name: werkzeug + dependency-type: direct:production + ... + +* Merge remote-tracking branch 'origin/main' [Sami Mokaddem] + + +## v2.4.198 (2024-10-08) + +### Changes + +* [circl_passivedns] Using `time_first` & `time_last` as `first_seen` and `last_seen` fields on the `passive-dns` objects. [Christian Studer] + + - Should fix #692 + +* [website] launch and migrate python script. [David Cruciani] + +### Fix + +* [website.migrations] try-except. [David Cruciani] + +* [expansion:virus_total] Capture `ForbiddenError` from vr.APIError correctly. [Sami Mokaddem] + +### Other + +* Merge pull request #696 from MISP/fix-poetry. [Stefano Ortolani] + + add fix as reported here https://github.com/MISP/misp-docker/issues/167 + +* Add fix as reported here https://github.com/MISP/misp-docker/issues/167. [Stefano Ortolani] + +* Merge pull request #693 from cudeso/main. [Alexandre Dulaunoy] + + Update dns.py + +* Update dns.py. [Koen Van Impe] + + Get rid of 'jj' in DNS module description field + +* Merge branch 'main' of github.com:MISP/misp-modules. [Christian Studer] + +* Merge remote-tracking branch 'origin/main' [Sami Mokaddem] + +* Merge branch 'main' of github.com:MISP/misp-modules. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-modules. [Christian Studer] + + ## v2.4.197 (2024-09-02) ### Changes diff --git a/static/Changelog-misp-objects.txt b/static/Changelog-misp-objects.txt index 554c999..02517d1 100644 --- a/static/Changelog-misp-objects.txt +++ b/static/Changelog-misp-objects.txt @@ -1,6 +1,113 @@ # Changelog +## %%version%% (unreleased) + +### New + +* [object] dom-hash object added. [Alexandre Dulaunoy] + +* [misp-object] New ctf-challenge object. [rectifyq] + +* [attacker-infra] added for the MISP-LEA project. [Alexandre Dulaunoy] + +* [user-action] new user-action object added. [Alexandre Dulaunoy] + +### Changes + +* [file/url] `dom-hash` added to file and url object templates. [Alexandre Dulaunoy] + +* [dom-hash] added a `ref` field to reference to one or more analysis. [Alexandre Dulaunoy] + +* [relationships] updated. [Alexandre Dulaunoy] + +* [relationship] add a releasable-to relationship. [Alexandre Dulaunoy] + +* [schema] `onion-address` type added. [Alexandre Dulaunoy] + +* [victim] jq and version updated. [Alexandre Dulaunoy] + +* [fix] schema fixed. [Alexandre Dulaunoy] + +* [schema] updated with the new dom-hash attribute type. [Alexandre Dulaunoy] + +* [tor-hiddenservice] Updated template to match the onion lookup API format. [Christian Studer] + + - Using new attribute type `onion-address` to + describe the onion address + - Added `language` and `title` to the template + +* [diameter-attack] jq all the things. [Alexandre Dulaunoy] + +* [doc] updated. [Alexandre Dulaunoy] + +* [shadowserver-scan-http-proxy] new template for MISP-LEA project. [Alexandre Dulaunoy] + +* [user-action] fixed. [Alexandre Dulaunoy] + +### Fix + +* [opentide] JQed the JSON file. [Alexandre Dulaunoy] + +* [schema] JQed. [Alexandre Dulaunoy] + +* [dom-hash] category fixed. [Alexandre Dulaunoy] + +* [ctf-challenge] JSON jqed. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #445 from mdavis332/patch-1. [Alexandre Dulaunoy] + + include `ip-src` in Person + +* Add files via upload. [Michael Davis] + +* Bump version. [Michael Davis] + +* Jq fix. [Michael Davis] + +* Include `ip-src` in Person. [Michael Davis] + + update Person object template to include any src IP addresses + +* Merge branch 'prose-leviathan-introduce-new-opentide-object' [Alexandre Dulaunoy] + +* Merge branch 'introduce-new-opentide-object' of https://github.com/prose-leviathan/misp-objects into prose-leviathan-introduce-new-opentide-object. [Alexandre Dulaunoy] + +* Update definition.json. [Leviathan] + +* Update definition.json. [Leviathan] + +* Update definition.json. [Leviathan] + +* Update definition.json. [Leviathan] + +* Create definition.json. [Leviathan] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + +* Merge branch 'mFaou-main' [Alexandre Dulaunoy] + +* Merge branch 'main' of https://github.com/mFaou/misp-objects into mFaou-main. [Alexandre Dulaunoy] + +* Added 6 sectors to the victim object. [Matthieu Faou] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + +* Merge branch 'yodresh-master' [Alexandre Dulaunoy] + +* Merge pull request #1 from yodresh/misp-object-diameter-add-fields. [Alexandre De Oliveira] + + Update definition.json - Diameter Object + +* Update definition.json - Diameter Object. [Alexandre De Oliveira] + + Updating Diameter object with new fields to match SS7 object + +* Merge branch 'rectifyq-ctf-challenge' [Alexandre Dulaunoy] + + ## v2.4.197 (2024-09-02) ### Changes diff --git a/static/Changelog-misp-taxonomies.txt b/static/Changelog-misp-taxonomies.txt index b387ef5..a7b20eb 100644 --- a/static/Changelog-misp-taxonomies.txt +++ b/static/Changelog-misp-taxonomies.txt @@ -1,6 +1,83 @@ # Changelog +## %%version%% (unreleased) + +### New + +* [detection-engineering] new taxonomy to describe detection-engineering pattern. [Alexandre Dulaunoy] + +### Changes + +* [vulnerability] sighting predicate added as described on https://vulnerability.circl.lu/ [Alexandre Dulaunoy] + +* [exercise] add generic red-teaming exercise. [Alexandre Dulaunoy] + +* [MANIFEST] updated. [Alexandre Dulaunoy] + +* [infoleak] version updated. [Alexandre Dulaunoy] + +* [infoleak] add barcode. [terrtia] + +* [MANIFEST] updated. [Alexandre Dulaunoy] + +* [doc] README updated. [Alexandre Dulaunoy] + +* [doc] manifest updated. [Alexandre Dulaunoy] + +* [infoleak] add qrcode tag. [terrtia] + +### Fix + +* [vulnerability] sighting added. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #286 from Terrtia/main. [Alexandre Dulaunoy] + + chg: [infoleak] add barcode + +* Merge pull request #284 from th3r3d/main. [Alexandre Dulaunoy] + + Created Engage - Updated GrayZone + +* Updated GrayZone to right version. [Jan Pohl] + +* Merge branch 'MISP:main' into main. [th3r3d] + +* Delete Engage directory. [th3r3d] + +* Update machinetag.json. [th3r3d] + + Fixed typo and Org Name + +* Fixed errors in taxonomy. [th3r3d] + + Errors in taxonomy. + +* Update GrayZone to version 3.1. [th3r3d] + + Update GrayZone to version 3.1 + +* Created taxo for MITRE Engage. [th3r3d] + + Created taxo for MITRE Engage + +* Add: [acs-marking] New taxonomy based on the ACS marking definition. [Christian Studer] + + - Includes some enumerations and vocabularies to + extend the use of a Custom Galaxy Cluster + describing the complete ACS marking definition + +* Merge branch 'main' of github.com:misp/misp-taxonomies. [Christian Studer] + +* Merge pull request #285 from Terrtia/main. [Alexandre Dulaunoy] + + chg: [infoleak] add qrcode tag + +* Merge branch 'main' of github.com:misp/misp-taxonomies. [Christian Studer] + + ## v2.4.197 (2024-09-02) ### New diff --git a/static/Changelog-misp-warninglists.txt b/static/Changelog-misp-warninglists.txt index d4b1338..1176362 100644 --- a/static/Changelog-misp-warninglists.txt +++ b/static/Changelog-misp-warninglists.txt @@ -1,6 +1,65 @@ # Changelog +## %%version%% (unreleased) + +### Changes + +* [zscaler] add the missing script for zscaler source generation. [Alexandre Dulaunoy] + +* [update] updated. [Alexandre Dulaunoy] + +* [lists] updated. [Alexandre Dulaunoy] + +* [warning-lists] updated. [Alexandre Dulaunoy] + +### Other + +* Merge branch 'main' of github.com:MISP/misp-warninglists. [Alexandre Dulaunoy] + +* Merge pull request #289 from Showfom/patch-1. [Alexandre Dulaunoy] + + Update Apple IP ranges + +* Update list.json. [Xiufeng Guo] + +* Update Apple IP ranges. [Xiufeng Guo] + + Update from ARIN allocation for Apple + +* Merge branch 'goodlandsecurity-living-off-trusted-sites' [Alexandre Dulaunoy] + +* Merge branch 'living-off-trusted-sites' of https://github.com/goodlandsecurity/misp-warninglists into goodlandsecurity-living-off-trusted-sites. [Alexandre Dulaunoy] + +* Include LOTS project source. [goodlandsecurity] + +* Add living off trusted sites project domains. [goodlandsecurity] + +* Merge pull request #287 from karenyousefi/main. [Alexandre Dulaunoy] + + Update + +* Update to V7. [Karen Yousefi] + +* Update to V19. [Karen Yousefi] + +* Merge pull request #286 from Th4nat0s/ymenfautplus. [Alexandre Dulaunoy] + + make some updates to link of blogpost + +* Make some updates to link of blogpost. [Thanat0s] + +* Merge pull request #284 from karenyousefi/main. [Alexandre Dulaunoy] + + update + +* Merge branch 'MISP:main' into main. [Karen Yousefi] + +* Update to V6. [Karen Yousefi] + +* Update to V18. [Karen Yousefi] + + ## v2.4.197 (2024-09-02) ### Changes diff --git a/static/Changelog.txt b/static/Changelog.txt index 983b1df..d6becce 100755 --- a/static/Changelog.txt +++ b/static/Changelog.txt @@ -2,11 +2,848 @@ Changelog ========= -%%version%% (unreleased) ------------------------- +v2.4.200 (2024-11-19) +--------------------- + +New +~~~ +- [event-report:paste-image] Added preview of pasted image. [Sami + Mokaddem] + + - Also, forces only one picture to be uploaded at a time +- [event-report:editor] Allow pasting pictures and aliasing the ones not + saved as Attribute. [Sami Mokaddem] +- [event:view] Improved UI for exendedBy and extends fields in event + meta. [Sami Mokaddem] +- [event:view] Added button to go to extending view. [Sami Mokaddem] + + - Extending view allows is the same feature as the extended view but instead of + merging the data of all children (extending events) to the parent event, it merges + the data from the parent event into the child +- [galaxies:index] Warining for unknown clusters added. [Sami Mokaddem] +- [events:add_misp_export] Added new setting + `MISP.allow_users_override_locked_field_when_importing_events` [Sami + Mokaddem] + + - Allows users to override the state of the `locked` field when importing an event + - Once the setting is enabled, a checkbox will be offered to decide if the locked state of + of the imported event should be preserved or not. +- [event-report:download-PDF] Added download PDF via misp-module + feature. [Sami Mokaddem] + + - Uses the module `convert_markdown_to_pdf` that convert the passed markdown into PDF + - This module uses pandoc and wkhtmltopdf +- [event-report:template-variables] Added support of template variable. + [Sami Mokaddem] + + - User can define template variable in their user-settings + - These variables can then be replaced in the event-report + - The syntax to use the variable is the handlebars-style notation `{{var_name}}` + - Also added support of hints when editing and UI to specify the template vars +- [galaxy:galaxy-matrix] Enabled visualization for other galaxy matrix + in the event view. [Sami Mokaddem] +- [event:view] New setting to remove unknown galaxy/cluster if they are + unknown. [Sami Mokaddem] + + - Added new setting `MISP.hide_unkown_cluster` set to TRUE by default + - If enabled (default), all unknown clusters will be removed from the list of tags + - This will be enforced for all user but the ones having the perm_sync flag +- [galaxy:ACL] Added ACL on Galaxy. [Sami Mokaddem] + + - Enabled the creation/edition of Custom Galaxies + - Default Galaxies cannot be edited + - Added ownership and distribution level on Galaxies +- [ui:global_menu] Added Event-report index in the top navigation bar. + [Sami Mokaddem] +- [event-report:tags] Added proper support of tag-relationship. [Sami + Mokaddem] +- [event-report:tags] Added support of tags on event-reports - WiP. + [Sami Mokaddem] +- [workflow:adhoc] Added Ad-Hoc Workflow functionality. [Sami Mokaddem] + + - Allows the creation of triggerless workflows to be run manually or to be scheduled + - Allow running workflows from other workflows through the new `run_workflow` module + + Thanks to hack.lu attendees and especially @cudeso for all the feedback +- [workflow-modules:send_to_cti_extractor] Added new module. [Sami + Mokaddem] +- [server:settings] Added default distribution setting for eventreports + and objects. [Sami Mokaddem] + + - As *heavily requested* by @Wachizungu +- [workflow-modules:attribute-operation] Added new action module. [Sami + Mokaddem] + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [pymisp] version bump to match 2.5.x. [iglocska] +- [schema] updated. [iglocska] +- [README] first update of the MISP feature list. [Alexandre Dulaunoy] +- [event-report:managed-imported-pictures] Allow to manually delete + pictures. [Sami Mokaddem] +- [tools:MISPElementHTMLFormatterTool] Reduced font-size of MISP + element. [Sami Mokaddem] +- [queryVersion] Bumped value. [Sami Mokaddem] +- [event-report:download-as-pdf] Greatly improved the feature. [Sami + Mokaddem] + + - Support replacement of template variables + - Pictures (from attribute/imported) + - Convert custom MD syntax +- [event-reports:download-as-pdf] Added more feedback in the UI. [Sami + Mokaddem] +- [ui:view-galaxy-matrix] Smarter display of matrix picker. [Sami + Mokaddem] +- [workflow:adhoc] Changed title to show the Ad-Hoc context. [Sami + Mokaddem] +- [workflow:run_workflow] Added more detailed in the run adhoc workflow + in event view. [Sami Mokaddem] +- [taxonomies] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [warning-lists] updated to the latest version. [Alexandre Dulaunoy] +- [event-report:convertToPDF] Added support of + `convert_markdown_to_pdf`'s config. [Sami Mokaddem] +- [eventreports:downloadAsPDF] Added a bit of error catching. [Sami + Mokaddem] +- [event:processModulesResultsData] Allow tagging the Attribute being + enriched. [Sami Mokaddem] +- [misp-galaxy] updated to the latest release. [Alexandre Dulaunoy] +- [galaxy-matrix:attack-pattern] Added fake unfiltered tab `attack- + enterprise` containing all clusters. [Sami Mokaddem] + + - This will make @cvandeplas happy! :) +- [galaxy:default] Ensure clusters are correctly set to default or not. + [Sami Mokaddem] +- [appmodel:acl-on-galaxy-update] Put all clusters under distribution 3. + [Sami Mokaddem] +- [galaxy_cluster:add] Fixed authors list allowing comma-separated + values. [Sami Mokaddem] + + - Reflected what is already in /edit +- [galaxy:view] UI improvement for creation/modification time. [Sami + Mokaddem] +- [event-report:index] Added tag column in the event-report index. [Sami + Mokaddem] +- [event-report:send-to-llm] Added new options. [Sami Mokaddem] +- [feeds] download event from disabled feed, fixes #10003. [Andras + Iklody] + + Allow pulling in individual events from disabled feeds +- [warninglist:edit] Support entries under the `WarninglistEntry` key. + [Sami Mokaddem] + + - As heavily reqested by @Wachizungu +- [workflow-module:enrich-event] Usage of reloadRoamingData. [Sami + Mokaddem] +- [Attribute:attachTagAndTouch] Renamed fonction to properly reflect + what it does. [Sami Mokaddem] + +Fix +~~~ +- [misp-js:screenshotPopup] Correctly take the extension of the + (potential) path. [Sami Mokaddem] +- [doc] align README. [Alexandre Dulaunoy] +- [event-reports:isDownloadModuleAvailable] Typo in usage of + Module->canUse. [Sami Mokaddem] +- [events-report:js-pasteImg] Gracefully handle if no picture are + pasted. [Sami Mokaddem] +- [event-report:replaceWithTemplateVars] Gracefully handle if no user + variable. [Sami Mokaddem] +- [event-report] Renamed MispAttribute into Attribute. [Sami Mokaddem] +- [event-reports:download-as-gfm] Correctly replace Attribute picture + syntax. [Sami Mokaddem] +- [event-report] Renamed MispAttribute into Attribute. [Sami Mokaddem] +- [Sync] Remove deleted tags when server sync is set. [www-data] +- Add Tag and Galaxy to attributes. [Stefano Ortolani] +- [hacky fix] for some pagination issues. [iglocska] +- Show results when attribute search has no filters set. [Luciano + Righetti] +- [galaxy:attacjExtendFromInfo] Removed ambiguous column clause for + UUID. [Sami Mokaddem] +- [statistics:galaxy-matrix] Default to unfiltered view for Mitre ATT&CK + matrix. [Sami Mokaddem] +- [objects:createFromFreetext] Make sure all the event fields are + available before saving. [Sami Mokaddem] +- [galaxy:view] Keep API response format as in v2.4. [Sami Mokaddem] +- [galaxy-cluster-relation:edit_relation] Fixed ambiguous column name. + [Sami Mokaddem] +- [galaxy:load_galaxies] Force distribution to be 3 for default + galaxies. [Sami Mokaddem] +- [galaxy:load_galaxies] Force org_id to be 0 for default galaxies. + [Sami Mokaddem] +- [galaxy:galaxy_matrix] Fixed overflow issue and matrix type picking in + static context. [Sami Mokaddem] +- [galaxy:validation] Allow creating galaxy without kill_chain. [Sami + Mokaddem] +- [event-reports:tags] Fixed missing ACL entries. [Sami Mokaddem] +- [galaxies:setDistribution] Renamed function to something private to + avoid tripping queryACL. [Sami Mokaddem] +- [ui:markown-editor] Correctly support var with spaces around braces. + [Sami Mokaddem] +- [event-report:download-as] Fixed Download as GFM to remove custom MISP + syntax. [Sami Mokaddem] + + - The replacement correctly set the values of referenced elements +- [event-reports:hints] Correctly show hints related to MISP elements. + [Sami Mokaddem] +- [php7] resque workers not loading polyfills after updating. [Luciano + Righetti] +- [workflows] return empty array if null. [Stefano Ortolani] +- [event-report:galaxy-matrix] Allow displaying more than one galaxy + matrix. [Sami Mokaddem] +- [ui:view_galaxy_matrix] Correctly hide picker when in non-interractive + mode. [Sami Mokaddem] +- [events:row_object] Fixed typo. [Sami Mokaddem] +- [attribute search] fixed on the 2.4 branch. [iglocska] +- [object restsearch] fixed invalid conditions. [iglocska] + + - Thanks to @github-germ for all the support on figuring this out + + @@@ + @@@ + @@@ H A P P Y + @@@ + @@@@@@@@@@@@@@@@@@@@@@ H A L L O W E E N + @@@@@@@@@@@@@@@@@@@@@@@@@@ + @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ + @@@@@@@@ @@@@@@@@@@@@@@@@ @@@@@@@@ + @@@@@@@@@ @@@@@@@@@@@@@@ @@@@@@@@@ + @@@@@@@@@@ @@@@@@@@@@@@ @@@@@@@@@@ + @@@@@@@@@@ @@@@ @@@@ @@@@@@@@@@ + @@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@ + @@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@ + @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ + @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ + @@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@ + @@@@@@@@ @@ @@ @@ @@ @@ @@ @@ @ @@@@@@@@ + @@@@@@@ @@@@@@@ + @@@@@@ @@ @@ @@ @@ @@ @@ @ @@@@@@ + @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ + @@@@@@@@@@@@@@@@@@@@@@@@@@ + @@@@@@@@@@@@@@@@@@@@@@ +- [userShell:expire_authkeys_without_ip_allowlist] Prevent purging + unique IPs. [Sami Mokaddem] +- [attribute-validation:onion-address] Fixed typo in validation regex. + [Sami Mokaddem] +- [workflow-editor] Improved error handling in path picker for custom + json. [Sami Mokaddem] + +Other +~~~~~ +- Merge branch '2.4-develop' into 2.4. [iglocska] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [iglocska] +- Update README.md. [Andras Iklody] +- Merge branch '2.4' into 2.4-develop. [iglocska] +- Merge branch '2.4-develop' into 2.4. [iglocska] +- Update README.md. [Andras Iklody] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [Alexandre Dulaunoy] +- Merge pull request #9993 from tomking2/bug/sync_tags. [Andras Iklody] + + fix: [Sync] Remove deleted tags when cleanup tags server setting is enabled +- Fix(connection test): check not working for minor version upgrade. + [Andreas B. Berg] +- Update Server.php. [Lino Pacheco] +- Sharing Group list Order by ID in event Distribution. [Lino Pacheco] +- Update SharingGroupsController.php. [Lino Pacheco] +- Add 'active' and 'local' flags to edit via api. [Lino Pacheco] +- Update Server.php. [Lino Pacheco] +- Update Server.php. [Lino Pacheco] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [iglocska] +- Merge pull request #10043 from ostefano/2.4-develop. [Andras Iklody] + + fix: add Tag and Galaxy to attributes +- Send registered headers as the external plugin will not use the + controller to send the response. Refers to: + https://github.com/MISP/misp-docker/issues/185. [Guilherme Capilé] +- Update LdapAuth doc. [Luciano Righetti] +- [LdapAuth] apply changes from PR #10038. [Luciano Righetti] +- Merge pull request #10030 from MISP/add-enrich-endpoints-openapi. + [Luciano Righetti] + + add: openapi spec for enrich endpoints, fix enrich event rest response +- Add: openapi spec for enrich endpoints, fix enrich event rest + response. [Luciano Righetti] +- Merge remote-tracking branch 'origin/2.4-develop' into 2.4-develop. + [Sami Mokaddem] +- Merge branch 'feature/adhoc-workflows' into 2.4-develop. [Sami + Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into feature/adhoc- + workflows. [Sami Mokaddem] +- Merge branch 'feature/tags-on-eventreport' into 2.4-develop. [Sami + Mokaddem] +- Merge branch 'feature/tags-on-eventreport' into 2.4-develop. [Sami + Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into feature/tags- + on-eventreport. [Sami Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into feature/acl-on- + galaxy. [Sami Mokaddem] +- Merge branch 'feature/variables-in-reports' into 2.4-develop. [Sami + Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into + feature/variables-in-reports. [Sami Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into pr-9898. [Sami + Mokaddem] +- Merge branch '2.4' into 2.4-develop. [Luciano Righetti] +- Merge remote-tracking branch 'origin/2.4-develop' into feature/acl-on- + galaxy. [Sami Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into feature/tags- + on-eventreport. [Sami Mokaddem] +- Merge remote-tracking branch 'origin/2.4-develop' into feature/adhoc- + workflows. [Sami Mokaddem] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [iglocska] +- Merge branch '2.4' into 2.4-develop. [iglocska] +- Merge remote-tracking branch 'origin/2.4-develop' into 2.4-develop. + [Sami Mokaddem] + + +v2.5.1 (2024-10-18) +------------------- + +Changes +~~~~~~~ +- [internal] Use methods from PHP8. [Jakub Onderka] +- [internal] Benchmark code cleanup. [Jakub Onderka] + +Fix +~~~ +- [INSTALL.ubuntu2404.sh] potential fix for #9967. [Andras Iklody] + + Weird that it works on most systems though... +- [attribute->mispattribute] broken fix reverted. [iglocska] +- [event:freeTextImport] Repair feature due to class name change. [Sami + Mokaddem] +- [freetext import] alternate fix to the mispAttribute move. [iglocska] +- [event:freeTextImport] Repair feature due to class name change. [Sami + Mokaddem] + +Other +~~~~~ +- Merge pull request #9981 from cudeso/patch-2. [Alexandre Dulaunoy] + + Update defaults.json +- Update defaults.json. [Koen Van Impe] + + Enable delta merge on URLHaus feed to prevent the event from growing indefinite +- Merge branch '2.5' of github.com:MISP/MISP into 2.5. [iglocska] +- Merge branch 'develop' into 2.5. [iglocska] +- Merge branch '2.5' into develop. [iglocska] +- Merge branch 'develop' into 2.5. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge pull request #9953 from JakubOnderka/update-functions-php8. + [Jakub Onderka] + + chg: [internal] Use methods from PHP8 +- Merge pull request #9691 from JakubOnderka/benchmark-cleanup. [Jakub + Onderka] + + chg: [internal] Benchmark code cleanup +- Merge branch '2.4-develop' into develop. [iglocska] +- Merge branch '2.5' into develop. [iglocska] +- Merge branch '2.5' into develop. [iglocska] +- Update README.md. [Andras Iklody] +- Update README.md. [Andras Iklody] + + +v2.4.199 (2024-10-18) +--------------------- + +New +~~~ +- [version check] updated to support multiple branches. [iglocska] + + - still not perfect, but for now it should do +- [export] Kunai export 0.1 added. [iglocska] +- [workflow-module:reload_full_event] Added new module that reloads an + Event into the current roaming data. [Sami Mokaddem] + + - This can be useful when the workflow doesn't get all the data + - or if some operations change the data and we need a fresh version +- [workflow-trigger:tag_attached] Added new trigger. [Sami Mokaddem] + + - Updated editor to support parameters in trigger nodes + - Updated execution logic to support conidtional workflow execution +- [workflow-modules:proposal_action] Added Module_proposal_action to + accept/discard proposals. [Sami Mokaddem] + + - Also moved accept/discard code from Controller to Model + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-warninglists] updated to the latest version. [Alexandre + Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [taxonomies] updated to the latest version. [Alexandre Dulaunoy] +- [kunai export] slight tuning for the initial hard coded severity + values. [iglocska] +- [CI] Enable tests for 2.4-develop branch. [Jakub Onderka] +- [internal] Add polyfill for PHP8 methods. [Jakub Onderka] +- [internal] Use methods from PHP8. [Jakub Onderka] Fix ~~~ +- [cleanup] Just a quick indent fix. [Christian Studer] +- [attribute:fetchAttribute] Propagate tag locality. [Sami Mokaddem] +- [kunai export] exposed for attributes and events. [iglocska] +- [attribute] Removed duplicate for `azure-application-id` type in the + definition of categories. [Christian Studer] +- [event:enrichment] Set attribute's distribution to default value if + not defined. [Sami Mokaddem] +- [eventreports:index] Added missing assets for analyst-data. [Sami + Mokaddem] +- [analyst-data:add] Improve dropdown picker for relationship type. + [Sami Mokaddem] +- [logging fix] invalid if branch blocking certain logging. [iglocska] +- [attribute search] query failure resolved when using mysql extended, + fixes #9964. [iglocska] + + - in cases where the deleted field wasn't indexed, it shouldn't try to force ignore the filter +- [workflow-trigger:proposal-after-save] Made trigger not blocking. + [Sami Mokaddem] + +Other +~~~~~ +- Merge branch '2.4-develop' into 2.4. [iglocska] +- Merge branch 'email_regex_fix' into 2.4-develop. [iglocska] +- Fix email refang regex. [goodlandsecurity] +- Merge branch '2.4-develop' into 2.4. [iglocska] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [Christian Studer] +- Merge remote-tracking branch 'origin/2.4-develop' into 2.4-develop. + [Sami Mokaddem] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [Alexandre Dulaunoy] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [iglocska] +- Merge branch '2.4-develop' of github.com:MISP/MISP into 2.4-develop. + [iglocska] +- Allow site admin to see authkey from other admins. [JSCU-CNI] + + Improves the fix from 8577790e75b50d57b71a5c82d2e4611b130983f7 by explicitly checking if the current user is not a site admin before redacting the authkey. +- Merge remote-tracking branch 'origin/2.4-develop' into 2.4-develop. + [Sami Mokaddem] +- Add: [attribute] New Attribute type `onion-address` [Christian Studer] +- Merge pull request #9969 from JakubOnderka/php8. [Jakub Onderka] + + 2.4: Add polyfill for PHP8 methods +- Merge branch '2.4' into 2.4-develop. [iglocska] +- Update defaults.json. [Koen Van Impe] + + Enable delta merge on URLHaus feed to prevent the event from growing indefinite + + +v2.5.0 (2024-10-04) +------------------- + +New +~~~ +- [workflow-trigger:proposal_after_save] Added new trigger. [Sami + Mokaddem] +- [workflow-trigger:event_report_after_save] Added new trigger. [Sami + Mokaddem] +- [galaxy_clusters:export_for_misp_galaxy] Added UI to quickly transform + a cluster into the misp-galaxy format. [Sami Mokaddem] +- [oidc] Add scopes to OIDC client. [Jakub Onderka] +- [wip] first iteration of the upgrade script. [iglocska] +- [wip] simple installer script. [iglocska] +- [mysql] preload db with fixed values for the testing. [iglocska] + + - should be much faster +- [browscap] added redis logging. [iglocska] +- [browscap caching] moved from doctrine cache to scrapbook via + flysystem. [iglocska] + + - doctrine cache is no longer included in doctrine 2.x + +Changes +~~~~~~~ +- [README] update. [iglocska] +- [PyMISP] Bump. [Raphaël Vinot] +- [pymisp] bump. [iglocska] +- [workflow:editor] Made textareas in nodes span 3 rows instead of 1. + [Sami Mokaddem] +- [internal] Try to reduce memory usage. [Jakub Onderka] +- [workflow:editor] Made textareas in nodes span 3 rows instead of 1. + [Sami Mokaddem] +- [README.md] removed section on php 7. [Andras Iklody] +- [execute] added to install script permissions. [iglocska] +- [install guides cleaned up] only having the 2.5 compatibles one in for + now. [iglocska] +- [galaxy_clusters:export_for_misp_galaxy] Added notice message about + versioning. [Sami Mokaddem] +- Use virtual field. [Luciano Righetti] +- [internal] Raise exception if invalid data received from module. + [Jakub Onderka] +- [default database] updated. [iglocska] +- [upgrade script] stop being a Plappermaul. [iglocska] + + - removed some output that shouldn't be there +- [upgrade] made the db upgrade optional. [iglocska] + + - if we come from an older ubuntu (such as 20.04) - php 7.x might already be purged, so we can't run the db upgrade. All is well, MISP 2.5 will run it itself. +- [2.5] move to branch. [iglocska] +- [wip] upgrade script. [iglocska] +- [upgrade] script now updates to the last 2.4 version first. [iglocska] +- [installation] minor typo. [iglocska] + + - I CAN'T MATH GOOD. +- [installation] cleanup. [iglocska] +- [installation] supervisor settings forced. [iglocska] +- [installation] some cleanup. [iglocska] +- [installation script] we want to have the random_string function + first. [iglocska] +- [installer] rdkafka not installed by default. [iglocska] +- [installer] changes for some defaults. [iglocska] +- [php version] requirements adjusted. [iglocska] +- [installer] show credentials at the end. [iglocska] +- Use virtual field. [Luciano Righetti] +- [new installer] set proper password for admin user. [iglocska] +- [wip] looking good. [iglocska] +- [wip] added more error checking. [iglocska] +- [wip] php 8 installer. [iglocska] +- [wip] another attempt... [iglocska] +- [wip] new installer. [iglocska] +- [composer] allow for php 8.1. [iglocska] + + - why not +- [wip] installer. [iglocska] +- [composer] trial and error FTW. [iglocska] +- [composer] added supervisor requirements back. [iglocska] +- [php version requirement] lowered slightly. [iglocska] + + - after long negotiatians of the MISP steering committee +- [composer] moved a bunch of optional dependencies into required. + [iglocska] + + - time to default to better options + - preparing grounds for making supervisor the default +- [wip] further work on the new installer. [iglocska] +- [pymisp] follow main again. [iglocska] +- [pymisp] had the wrong version all along. [iglocska] + + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⣤⠤⠴⠶⠖⠛⠛⠒⠒⠒⣒⠚⠛⣷⣿⣾⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣤⣤⣤⣤⣶⣿⣭⣥⣄⣀⣀⣀⡀⠀⠀⠀⢀⣾⣫⣤⣾⡿⠋⠀⠙⠛⢦⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⣾⡿⠛⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠛⠓⠲⣾⣯⣿⣿⣭⡶⠷⠀⠀⠀⠀⠙⢷⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣴⣿⠟⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⡆⠀⣾⢸⣿⣿⣿⠏⠉⠀⠀⠀⠀⠀⠀⠀⠀⢻⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡶⣻⣿⠋⠁⠀⠀⠀⠀⠀⠞⢁⣠⠄⠀⠀⠀⠀⠀⣿⣧⣸⢷⣿⣯⣿⡏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢿⣧⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠴⣫⣿⠟⠀⠀⠀⠀⠀⠀⠀⠀⠚⠋⢀⣤⣀⡤⠞⠃⢠⣿⣿⣿⣿⣿⠏⣿⠃⠀⠀⣠⣠⣀⣀⣀⣀⠀⠀⠀⠀⠹⣿⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⢀⣀⣀⣘⣻⣿⣿⣁⡀⠀⠀⠀⠀⠀⠀⠀⣀⡤⠶⠋⠉⠉⠀⠀⠀⣾⣿⣿⣿⣿⣿⢸⠟⠀⢀⡴⠛⠁⠀⠀⢈⣙⣶⣄⡀⠀⠀⠙⣷⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⢀⣾⡿⠋⠉⠛⠿⣿⣿⣷⣦⣤⣄⠀⠉⠁⠀⠀⠀⠀⠀⡀⢸⣿⣿⣿⣿⣿⡏⠈⠀⣴⠋⠀⠀⠀⠀⠀⢸⠉⠁⠙⢿⣆⠀⠀⠸⣿⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⢀⣠⣾⡿⠋⠀⠀⠀⠀⠀⠀⠈⠙⠛⢯⣿⣿⣤⠀⠀⠀⠀⠀⠀⢳⡀⠉⣿⣿⣿⠸⠇⢠⡾⠃⠀⠀⠀⠀⠀⠀⢸⠀⠀⠀⠈⢻⣷⡀⠀⠸⣯⠻⣆⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⢠⣿⡿⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠹⣿⣄⠀⠸⡇⠀⢦⠀⠀⢳⡀⢻⣷⡟⠀⢰⡟⠀⠀⠀⠀⠀⠀⠀⠀⠸⣷⣄⣀⣠⡼⠃⠻⣆⠀⢹⣇⠘⢧⠀⠀⠀⠀⠀⠀ + ⠀⠀⢀⣾⡿⠀⠀⠀⠀⠀⠀⠀⠀⢀⣤⡤⠤⠤⠤⢤⣌⢿⣷⣄⠹⡆⠈⢷⠀⠘⢧⠀⣿⡇⠀⢸⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠹⣆⠀⠻⣄⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠚⣹⡇⠀⠀⠀⠀⠀⠀⣤⠞⠋⠀⠀⠀⠀⠀⠀⠘⢿⡻⣿⣆⠀⠀⠀⢷⡀⠀⠀⠹⠇⠀⢸⡆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠹⡇⠀⢻⣷⡄⠀⠀⠀⠀⠀ + ⠀⠀⢠⣿⠁⠀⠀⠀⠀⣴⠾⠷⠶⣦⠀⠀⠀⠀⠀⠀⠀⠀⠻⣄⡙⠻⣶⠀⠈⠁⠀⠀⠀⠀⠀⠈⢿⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣧⠀⠀⢻⡽⣆⠀⠀⠀⠀ + ⣴⠀⣼⠟⠀⠀⠀⠀⣼⠃⠀⠀⠀⠹⣆⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⠉⠙⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠻⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⡿⠀⠀⠈⣷⡙⣆⠀⠀⠀ + ⣿⣼⡟⠀⠀⠀⠀⠀⢿⡀⠀⠀⠀⢠⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣼⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠳⣤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⠟⠁⠀⠀⠀⠘⣧⣹⡀⠀⠀ + ⣿⣿⠃⠀⠀⠀⠀⠀⢸⡧⠤⠤⠶⠛⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣸⠋⠀⣀⣤⠶⠋⠉⠉⠉⠙⣿⠟⠛⠳⢶⣍⠻⠶⠶⣶⠶⣒⣒⣲⣖⣚⣋⡀⠀⠀⠀⠀⠀⠀⠘⣿⡇⠀⠀ + ⣿⡟⠀⠀⠀⠀⠀⠀⢹⡆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⡾⠁⣠⣾⠟⢷⣄⠀⠀⠀⠀⠀⣿⠀⠀⠀⠀⣩⠟⠶⣤⣌⡁⠀⠀⠉⠓⠲⠦⣀⠀⠀⠀⠀⠀⠀⠘⣿⡇⠀⠀ + ⣿⠁⠀⠀⠀⠀⠀⠀⠈⢷⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⠋⢀⣼⠟⠁⠀⠀⢽⣦⣄⡀⠀⠀⣿⠓⢦⣤⣼⠋⠀⠀⠀⠈⠙⠶⣾⠲⢦⣤⡀⠈⠳⣤⡀⠀⠀⠀⠀⠹⣿⠀⠀ + ⣿⠀⡿⠀⠀⠀⠀⢀⠀⠈⠻⣦⡀⠀⠀⠀⠀⠀⠀⣀⡴⠟⠁⢠⡟⡇⠀⠀⠀⠀⠀⢻⡀⠙⠳⢤⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢦⡀⠀⠙⠶⠀⠀⠀⠀⢹⣧⠀ + ⣿⣿⡇⠀⠀⠀⠀⠈⠳⣄⡀⠈⠙⠷⠶⠶⠶⠶⠞⠋⠀⠀⠀⣸⡷⢧⣄⡀⠀⠀⠀⢠⡇⠀⠀⠀⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠻⣆⠀⠀⠀⠀⠀⠀⠀⣿⠀ + ⣿⣿⡇⠀⠀⠀⠀⠀⠀⠈⠙⠛⠒⢦⣤⣀⠀⠀⠀⣠⠀⠀⠀⣿⠀⠀⠙⣯⠉⠉⠉⠙⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠹⣦⠀⠀⠀⠀⠀⠀⣿⠀ + ⣿⣿⣧⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣰⠃⠀⠀⠀⣿⣠⠴⠶⠾⠇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⠶⣄⡀⠀⠀⠀⠀⠀⠀⠀⠈⣧⠀⠀⠀⠀⠀⣿⠀ + ⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠐⠃⠀⠀⠀⠀⣿⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⠶⠋⠁⠀⠈⣷⠀⠀⠀⠀⠀⠀⠀⠀⠸⡇⠀⠀⠀⠀⣿⠀ + ⠸⣿⣿⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠀⠀⠀⠀⠀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⠾⠋⠙⠲⠶⠋⠁⠀⠀⠀⠀⠀⣿⠀⠀⡾⠛⠳⣤⡀⠀⢰⡇⠀⠀⠀⠀⣿⠀ + ⠀⣿⣿⣧⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⠀⠀⠀⠀⢀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⣰⠟⠁⠀⠀⠀⠀⠀⠀⠀⠀⣀⡠⠶⣶⡿⢦⡀⡇⠀⠀⠀⠙⣦⣸⠇⠀⠀⠀⠀⣿⠀ + ⠀⠸⣿⣹⡆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⠀⠀⠀⠀⣼⠃⠀⠀⠀⠀⠀⠀⠀⠀⣼⠃⠀⠀⠀⠲⠶⠶⢶⣶⣶⣾⠉⢁⣴⠋⠀⠀⠹⣿⡀⠀⠀⠀⣀⡿⠀⠀⠀⠀⠀⣿⠀ + ⠀⠀⢻⣷⣿⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⡟⠀⠀⠀⣰⠏⠀⠀⠀⠀⠀⠀⠀⠀⣾⠏⠀⠀⠀⠀⠀⢀⣴⠏⠁⠀⠸⣶⡏⢁⣠⣤⣤⣤⣾⣿⣿⣤⣴⠟⠁⠀⠀⠀⠀⠀⣿⠀ + ⠀⠀⠈⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⢿⠁⠀⠀⢠⡟⠀⠀⠀⠀⠀⠀⠀⠀⢠⡏⠀⠀⠀⡀⠀⢀⡼⠃⠀⠀⢀⣤⠾⠛⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⡞ + ⠀⠀⠀⢿⣻⣿⠀⠀⠀⠀⠀⠀⠀⠀⠐⡾⠺⠀⠀⢠⡾⠀⠀⠀⠀⠀⠀⠀⠀⠀⠸⣇⡴⠛⠉⢻⣆⡾⠁⢠⡴⠖⠋⢁⣀⣀⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⠁ + ⠀⠀⠀⠈⢿⣿⣧⠀⠀⠀⠀⠀⠀⠀⢰⡇⠀⠀⠀⡾⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⠏⠀⠀⠀⠀⣩⡴⠞⠉⠀⣠⠞⠉⢉⡽⠋⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣶⣿⣇⠀ + ⠀⠀⠀⠀⠈⢻⣿⣦⡀⠀⠀⠀⠀⠀⠈⠣⡄⠀⠀⡇⠀⢀⣤⠶⠛⢧⣀⠀⠀⣸⠋⠀⠀⠀⣠⠞⠋⠀⠀⣠⠞⠁⢠⠔⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⣷⣿⠋⠀ + ⠀⠀⠀⠀⢀⡈⣿⡙⢿⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢷⣏⣁⠀⠀⠀⢉⣙⢾⣁⣀⣀⣴⠞⠁⠀⠀⠀⣸⠇⠀⠰⠋⠀⠀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⡿⠋⠀⠀ + ⠀⠀⠀⠀⠀⠙⢻⣿⢿⣿⣷⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠙⠛⠲⢶⣭⣤⣤⡤⠟⠛⠁⠀⠀⠀⠀⣠⠇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣼⣿⠇⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⢿⣆⠀⠙⠿⣷⣤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⣿⠉⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠘⣿⡀⠀⠀⠀⠉⠻⣿⣶⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣴⣿⠃⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠉⠁⠀⠀⠀⠀⠀⠀⠉⠛⠷⣦⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⣴⡾⠛⠁⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⢷⣤⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⣠⣤⣤⣤⣤⣤⣤⡤⠴⠖⠛⠋⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠉⠛⠛⠿⠶⢦⣤⣤⣤⣤⣤⠤⠴⠿⡿⡛⠉⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ +- [pymisp] disable zmq - hunch that it is blocking the publishing. + [iglocska] +- [testing] [iglocska] +- [PyMISP] bump. [iglocska] +- [testing] testing the output of the job index. [iglocska] +- [PyMISP] testing bump. [iglocska] +- [revert] the ingestion of the json structures. [iglocska] +- [testing] pymisp bump. [iglocska] +- [PyMISP] switch to testing branch. [iglocska] +- [workflow] - removed manual fetching of the php8 compatible cakephp. + [iglocska] + + - simply switched to the right branch via submodules +- [switch to the correct branch] [iglocska] +- [CI] gotta go fast. [iglocska] + + - only load a small part of the JSON structures + + ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⣀⣤⣴⣶⣿⣿⣿⣿⣿⣿⣿⣷⣶⣤⣄⡀⠀⠀⠀⠀⠀⠀⠀⠀ + ⠀⠀⢀⣴⣾⣿⣿⣿⣿⣿⣿⡿⠁⣈⠙⠻⢿⣿⣿⣿⣿⣷⣤⡀⠀⠀⠀⠀⠀ + ⠀⠀⠈⠉⠙⠛⠿⣿⣿⣿⣿⡇⢸⣿⣿⣦⣼⣿⣿⣿⣿⣿⣿⣿⣦⣀⣀⣀⡀ + ⠀⠀⠀⠀⠀⠀⠀⠈⢻⣿⣿⣧⣈⣿⣿⣿⡿⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡟ + ⠀⠀⠀⠀⢀⣤⣾⣿⣿⣿⣿⣿⣿⣿⣿⠃⠀⠀⠈⢻⣿⣿⣿⣿⣿⣿⣿⣿⠃ + ⠀⠀⢀⣴⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⠀⢀⣴⠀⠀⣿⣿⣿⣿⣿⠉⠙⣷⠀ + ⠀⢠⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⠀⢸⡿⠀⠀⣿⣿⣿⣿⣿⠀⠀⣿⠂ + ⢀⣾⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣧⠀⠈⠁⠀⠀⠈⠻⠛⠙⠋⠀⣠⣿⡀ + ⠘⠛⠋⠉⠀⠀⠀⢨⣿⣿⣿⣿⡟⠉⠛⠛⠷⣶⣤⣤⣤⣤⣤⣶⠶⣿⣿⣿⠇ + ⠀⠀⠀⠀⠀⠀⢰⣿⣿⣿⣿⣿⣷⠀⠰⣦⣀⠀⠀⠀⠉⠉⠀⠀⠀⢸⡿⠀⠀ + ⠀⠀⠀⠀⠀⢀⣿⣿⣿⣿⣿⣿⣿⣷⣄⡈⠙⠻⠿⠖⠀⠀⠀⣀⣴⡿⠁⠀⠀ + ⠀⠀⠀⠀⠀⢸⣿⣿⣿⡿⠿⠛⠛⠛⠛⠛⠿⢶⣶⣶⣶⠶⠟⠛⠉⠀⠀⠀⠀ + ⠀⠀⠀⠀⠀⢸⡿⠋⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ +- [php8] change db config to auto stringify integers. [iglocska] + + - because that's how it worked before + - and how it worked before is how it shall remain forever + - in 2000 years, we'll still live with this fucked up behaviour +- [php8] workflow update. [Christophe Vandeplas] + +Fix +~~~ +- [version comparisons fixed] to allow 2.4 <-> 2.5 sync. [iglocska] +- [expansion:popover] Pass correct ID type for attributes. Fix #9919. + [Jeroen Pinoy] +- [workflow-modules:webhook] Only try to decode provided payload if + there is one. [Sami Mokaddem] +- [workflow-modules:webhook] Only try to decode provided payload if + there is one. [Sami Mokaddem] +- [ui:generic_picker] Fixed incorrect string to number comparison. [Sami + Mokaddem] +- Wrong replace. [Luciano Righetti] +- [typo] fixed in the upgrade script. [iglocska] + + - brain damaged monkey can't bash +- [installer] do a version check for 24.04 before executing the script. + [iglocska] +- [php] version requirements lowered. [iglocska] +- [gh workflows] run on 2.5 too. [iglocska] +- [Export] Allow proposal blocking in Bro/Zeek exports. [Liviu Valsan] +- [server settings] some settings were showing the error message despite + there being no actual error. [iglocska] + + - fixes #5394 + - an issue from back when we thought it wouldn't get worse than 2021 + - Roads?! Where we're going we don't need roads! +- [dashboard-widget:barChart] Forces the display of value 1 in log + settings. [Sami Mokaddem] + + - This is a Friday fix. Thanks for @terrtia for the debugging! +- [internal] Notice as event missing fields. [Jakub Onderka] +- [internal] Fix dom-hash validation. [Jakub Onderka] +- [installer] hardcoded path fixed. [iglocska] +- [installer] don't go afk while typing. [iglocska] + + - left @ostefano's name hanging in the air + - time to commit sudoku +- [schema] fixes. [iglocska] + + - also changed the bookmark table's comment field to mb4 +- [Warninglists] make it API friendly. [iglocska] +- [diagnostics] fixes for 2.5. [iglocska] +- [warning] removed for php 8. [iglocska] +- [wip] installation and new settings. [iglocska] +- [composer] [iglocska] + + I'm a monkey +- [php8] fix ApcuCacheTool compatibilty. [Christophe Vandeplas] +- [test] fixed. [iglocska] + + - it will remain our little secret ;-) +- [api controller] added requesthandler component. [iglocska] + + - why did the pass for this test before?... +- [restresponse] fix for the mispattribute change. [iglocska] +- [restsearch] fixing the stupidity of the previous commit. [iglocska] +- [restsearch] issue introduced for objects/restsearch fixed. [iglocska] +- [json] JsonTool::convertIntegersToStrings() for backwards + compatibility magic. [Christophe Vandeplas] +- [statistics] strval all values to remain compatible with old model. + [Christophe Vandeplas] +- [attribute] fix attribute statistics json format. [Christophe + Vandeplas] +- [restsearch] fixed for MispAttributes. [iglocska] +- [composer] fixes. [iglocska] +- [CI] removed fast mode. [iglocska] + + - it was fast + - it also didn't work +- [update json] fast mode fix. [iglocska] +- [attribute rename] fixed dynamic named calls to model functions. + [iglocska] +- [attribute renaming] enforced in relationships WiP. [iglocska] +- [Attribute] renaming enforced through controllers where loadModel was + used. [iglocska] +- [attribute_mispattribute] change enforced in classregistry::init() + calls. [iglocska] +- [proposals] fixed calls to Attribute model when MispAttribute is + loaded. [iglocska] +- [json converter tool] statically called function wasn't declared as + static. [iglocska] +- [attribute validation] FILTER_FLAG_SCHEME_REQUIRED removed. [iglocska] + + - deprecated since 7.3, removed in 8.0 +- [implode] call fixed. [iglocska] + + - what the actual fuck, how did this work? +- [composer.json] update. [iglocska] +- [CLI] move to using MispAttribute. [iglocska] +- [composer] one more version change. [Christophe Vandeplas] +- [composer] test with newer versions. [Christophe Vandeplas] +- [php8] fix parenthesis clarification. [Christophe Vandeplas] + +Other +~~~~~ +- Merge branch '2.4' into 2.5. [iglocska] +- Merge branch 'develop' into 2.5. [iglocska] +- Merge branch '2.5' into develop. [iglocska] +- Merge branch 'develop' into 2.5. [iglocska] +- Merge remote-tracking branch 'origin/develop' into develop. [Sami + Mokaddem] +- Merge pull request #9939 from JakubOnderka/try-reduce-memory. [Jakub + Onderka] + + chg: [internal] Try to reduce memory usage +- Merge pull request #9924 from Wachizungu/fix-popover-hover-enrichment- + for-attributes. [Andras Iklody] + + fix: [expansion:popover] Pass correct ID type for attributes. Fix #9919 +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [iglocska] +- Update README.md. [Andras Iklody] + + simplified to only contain the new installer +- Merge branch '2.5' of github.com:MISP/MISP into 2.5. [iglocska] +- Merge branch '2.4' into 2.5. [iglocska] +- Merge pull request #9929 from liviuvalsan/fix-zeek-export-allow- + proposal-blocking. [Andras Iklody] + + fix: [Export] Allow proposal blocking in Bro/Zeek exports +- Merge remote-tracking branch 'origin/develop' into develop. [Sami + Mokaddem] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9911 from JakubOnderka/fix-warning-template- + populate. [Jakub Onderka] + + fix: [internal] Notice as event missing fields +- Merge pull request #9912 from JakubOnderka/oidc-scopes. [Jakub + Onderka] + + new: [oidc] Add scopes to OIDC client +- Merge pull request #9913 from JakubOnderka/enrichment-checks. [Jakub + Onderka] + + chg: [internal] Raise exception if invalid data received from module +- Merge pull request #9925 from JakubOnderka/dom-hash-validation. [Jakub + Onderka] + + fix: [internal] Fix dom-hash validation +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into feature/2.4_php8. [iglocska] +- Merge pull request #9928 from cqueern/patch-1. [Alexandre Dulaunoy] + + Update README.md +- Update README.md. [Caleb Queern] + + replaced the word 'derratives' with 'derivatives'. +- Merge pull request #9923 from jaegeral/2024-09-20_spelling. [Alexandre + Dulaunoy] + + spelling check of docs directory +- Spelling check of docs directory. [Alexander Jaeger] +- Revert "chg: [composer] moved a bunch of optional dependencies into + required" [iglocska] + + This reverts commit 71784413c1530eff7bf66c272772485bc4b78104. +- Merge branch 'feature/2.4_php8' of github.com:MISP/MISP into + feature/2.4_php8. [iglocska] +- Merge remote-tracking branch 'origin/develop' into feature/2.4_php8. + [Christophe Vandeplas] +- Merge branch 'develop' into feature/2.4_php8. [Christophe Vandeplas] +- Merge branch 'feature/2.4_php8' of github.com:MISP/MISP into + feature/2.4_php8. [iglocska] +- Wip: [Model] AttributesController. [Christophe Vandeplas] +- Wip: [Model] more Attribute to MispAttribute. [Christophe Vandeplas] +- Wip: [Model] renamed Attribute to MispAttribute - first steps. + [Christophe Vandeplas] + + +v2.4.198 (2024-09-13) +--------------------- + +New +~~~ +- [attribute type] `dom-hash` is a structural fingerprint of HTML's + Document Object Model. [Alexandre Dulaunoy] + + `dom-hash` is a structural fingerprint of the HTML's Document Object + Model (DOM) originaly developed by CERT.PL + + The fingerprint is calculated by extracting all the tag names (ignoring + the content and attribute of the HTML Page). The tag names are + concatenated with a pipe value `|`, hash with the SHA-256 algorithm + and truncated with the first 32 characters. + + Software like LookyLoo[1] implemented the algorithm which can be used + in MISP to share and correlate information about similar web pages (e.g. + phishing pages). + + [1] https://github.com/Lookyloo/lookyloo/commit/466a3c56148f2ddb911620fd24e4f0c9d602a6a3 + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [PyMISP] Bump. [Raphaël Vinot] +- [internal] Simplify cake.php and load dispatcher from absolute path. + [Jakub Onderka] +- [internal] Server sync debug message when pushing events. [Jakub + Onderka] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [ui] Better description for server setting. [Jakub Onderka] + +Fix +~~~ +- [event-report:edit] Take first Attribute value from an object if + unable to get the priority value. [Sami Mokaddem] +- [event-report:edit] Take first Attribute value from an object if + unable to get the priority value. [Sami Mokaddem] +- [security] Ensure proper sanitization of sensitive fields in user- + login-profiles. [Sami Mokaddem] + + Prevent other org-admins (from the same org) to view sensitive fields of + other org-admins when they confirmed their login session + + - As reported by Sharad Kumar Dahal of Green Tick Nepal Pvt. Ltd +- [users:view_login_history] Column not found error while not being a + site-admin. [Sami Mokaddem] + + By ensuring the user's Role is included in the result +- [users:index] Redact autkey visibility to other org-admin in the same + organisation. [Sami Mokaddem] + + - Since by design, org admins can already change the password of other + org-admins (from the same org), this is considered as a fix. +- [security] ACL ignored on GUI attribute search. [iglocska] + + - as reported by KZ-CERT, the National CERT Team of Kazakhstan +- [attribute search] fixes for invalid returns on deleted = [0,1], fixes + #9866. [iglocska] + + - object level deleted field check would block the inclusion of non object attributes +- [feed] old path replaced with official misp-website path. [Alexandre + Dulaunoy] +- [baseurl] preference changed to MISP.baseurl, fixes #9895. [iglocska] + + - external_baseurl no longer used as a prefered source + - meant to be informational only for sharing groups - [internal] Throw exception in GpgTool if GnuPG.homedir is empty. [Jakub Onderka] - [internal] Throw exception in EncryptedValue invalid state. [Jakub @@ -14,6 +851,25 @@ Fix Other ~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch 'fix/authkey-visibility' into develop. [Sami Mokaddem] +- Merge pull request #9903 from JakubOnderka/shell-dispatcher. [Jakub + Onderka] + + chg: [internal] Simplify cake.php and load dispatcher from absolute path +- Merge branch '2.4' into develop. [iglocska] +- Merge pull request #9685 from JakubOnderka/push-server-sync-debug. + [Jakub Onderka] + + chg: [internal] Server sync debug message when pushing events +- Merge branch '2.4' into develop. [iglocska] +- Merge pull request #9890 from JakubOnderka/log-unpublished. [Jakub + Onderka] + + chg: [ui] Better description for server setting - Merge pull request #9896 from JakubOnderka/encrypt-exception. [Jakub Onderka]