From 8da680c60ac12ea245a68a6c2865468d5fccc714 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Mon, 3 Aug 2020 12:37:42 +0200 Subject: [PATCH 0001/1366] chg: [db_schema] Add constraint on UUID for Attribute, Object and Event tables --- app/Controller/AppController.php | 54 +---------- app/Model/AppModel.php | 151 ++++++++++++++++++++++++++++++- 2 files changed, 152 insertions(+), 53 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 21b5dbc38..5607f737a 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -929,26 +929,7 @@ class AppController extends Controller if (!$this->_isSiteAdmin() || !$this->request->is('post')) { throw new MethodNotAllowedException(); } - $this->loadModel('Attribute'); - $duplicates = $this->Attribute->find('all', array( - 'fields' => array('Attribute.uuid', 'count(*) as occurance'), - 'recursive' => -1, - 'group' => array('Attribute.uuid HAVING COUNT(*) > 1'), - )); - $counter = 0; - foreach ($duplicates as $duplicate) { - $attributes = $this->Attribute->find('all', array( - 'recursive' => -1, - 'conditions' => array('uuid' => $duplicate['Attribute']['uuid']) - )); - foreach ($attributes as $k => $attribute) { - if ($k > 0) { - $this->Attribute->delete($attribute['Attribute']['id']); - $counter++; - } - } - } - $this->Server->updateDatabase('makeAttributeUUIDsUnique'); + $counter = $this->Server->removeDuplicateAttributeUUIDs(); $this->Flash->success('Done. Deleted ' . $counter . ' duplicate attribute(s).'); $this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration')); } @@ -958,38 +939,7 @@ class AppController extends Controller if (!$this->_isSiteAdmin() || !$this->request->is('post')) { throw new MethodNotAllowedException(); } - $this->loadModel('Event'); - $duplicates = $this->Event->find('all', array( - 'fields' => array('Event.uuid', 'count(*) as occurance'), - 'recursive' => -1, - 'group' => array('Event.uuid HAVING COUNT(*) > 1'), - )); - $counter = 0; - - // load this so we can remove the blacklist item that will be created, this is the one case when we do not want it. - if (Configure::read('MISP.enableEventBlacklisting') !== false) { - $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); - } - - foreach ($duplicates as $duplicate) { - $events = $this->Event->find('all', array( - 'recursive' => -1, - 'conditions' => array('uuid' => $duplicate['Event']['uuid']) - )); - foreach ($events as $k => $event) { - if ($k > 0) { - $uuid = $event['Event']['uuid']; - $this->Event->delete($event['Event']['id']); - $counter++; - // remove the blacklist entry that we just created with the event deletion, if the feature is enabled - // We do not want to block the UUID, since we just deleted a copy - if (Configure::read('MISP.enableEventBlacklisting') !== false) { - $this->EventBlacklist->deleteAll(array('EventBlacklist.event_uuid' => $uuid)); - } - } - } - } - $this->Server->updateDatabase('makeEventUUIDsUnique'); + $counter = $this->Server->removeDuplicateEventUUIDs(); $this->Flash->success('Done. Removed ' . $counter . ' duplicate events.'); $this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration')); } diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index fc4a129f4..e0e4e7007 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -81,7 +81,7 @@ class AppModel extends Model 33 => false, 34 => false, 35 => false, 36 => false, 37 => false, 38 => false, 39 => false, 40 => false, 41 => false, 42 => false, 43 => false, 44 => false, 45 => false, 46 => false, 47 => false, 48 => false, 49 => false, 50 => false, - 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, + 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false, ); public $advanced_updates_description = array( @@ -244,6 +244,9 @@ class AppModel extends Model case 48: $dbUpdateSuccess = $this->__generateCorrelations(); break; + case 56: + $dbUpdateSuccess = $this->removeDuplicatedUUIDs(); + break; default: $dbUpdateSuccess = $this->updateDatabase($command); break; @@ -340,6 +343,14 @@ class AppModel extends Model $this->__dropIndex('events', 'uuid'); $sqlArray[] = 'ALTER TABLE `events` ADD UNIQUE (uuid);'; break; + case 'makeObjectUUIDsUnique': + $this->__dropIndex('objects', 'uuid'); + $sqlArray[] = 'ALTER TABLE `objects` ADD UNIQUE (uuid);'; + break; + case 'makeClusterUUIDsUnique': + $this->__dropIndex('galaxy_clusters', 'uuid'); + $sqlArray[] = 'ALTER TABLE `galaxy_clusters` ADD UNIQUE (uuid);'; + break; case 'cleanSessionTable': $sqlArray[] = 'DELETE FROM cake_sessions WHERE expires < ' . time() . ';'; $clean = false; @@ -1471,6 +1482,11 @@ class AppModel extends Model $indexArray[] = array('shadow_attributes', 'first_seen'); $indexArray[] = array('shadow_attributes', 'last_seen'); break; + case 'createUUIDsConstraints': + $sqlArray[] = "ALTER TABLE events ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $sqlArray[] = "ALTER TABLE attributes ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $sqlArray[] = "ALTER TABLE objects ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + break; default: return false; break; @@ -2234,6 +2250,139 @@ class AppModel extends Model return true; } + public function removeDuplicatedUUIDs() + { + $removedResults = array( + 'Event' => $this->removeDuplicateEventUUIDs(), + 'Attribute' => $this->removeDuplicateAttributeUUIDs(), + 'Object' => $this->removeDuplicateObjectUUIDs(), + // 'GalaxyCluster' => $this->removeDuplicateClusterUUIDs(), + ); + $res = $this->updateDatabase('createUUIDsConstraints'); + } + + public function removeDuplicateAttributeUUIDs() + { + $this->Attribute = ClassRegistry::init('Attribute'); + $this->Log = ClassRegistry::init('Log'); + $duplicates = $this->Attribute->find('all', array( + 'fields' => array('Attribute.uuid', 'count(*) as occurance'), + 'recursive' => -1, + 'group' => array('Attribute.uuid HAVING COUNT(*) > 1'), + )); + $counter = 0; + foreach ($duplicates as $duplicate) { + $attributes = $this->Attribute->find('all', array( + 'recursive' => -1, + 'conditions' => array('uuid' => $duplicate['Attribute']['uuid']) + )); + foreach ($attributes as $k => $attribute) { + if ($k > 0) { + $this->Attribute->delete($attribute['Attribute']['id']); + $this->Log->createLogEntry('SYSTEM', 'delete', 'Attribute', $attribute['Attribute']['id'], __('Removed attribute (%s)', $attribute['Attribute']['id']), __('Attribute\'s UUID duplicated (%s)', $attribute['Attribute']['uuid'])); + $counter++; + } + } + } + $this->updateDatabase('makeAttributeUUIDsUnique'); + return $counter; + } + + public function removeDuplicateEventUUIDs() + { + $this->Event = ClassRegistry::init('Event'); + $this->Log = ClassRegistry::init('Log'); + $duplicates = $this->Event->find('all', array( + 'fields' => array('Event.uuid', 'count(*) as occurance'), + 'recursive' => -1, + 'group' => array('Event.uuid HAVING COUNT(*) > 1'), + )); + $counter = 0; + + // load this so we can remove the blacklist item that will be created, this is the one case when we do not want it. + if (Configure::read('MISP.enableEventBlacklisting') !== false) { + $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); + } + + foreach ($duplicates as $duplicate) { + $events = $this->Event->find('all', array( + 'recursive' => -1, + 'conditions' => array('uuid' => $duplicate['Event']['uuid']) + )); + foreach ($events as $k => $event) { + if ($k > 0) { + $uuid = $event['Event']['uuid']; + $this->Event->delete($event['Event']['id']); + $this->Log->createLogEntry('SYSTEM', 'delete', 'Event', $event['Event']['id'], __('Removed event (%s)', $event['Event']['id']), __('Event\'s UUID duplicated (%s)', $event['Event']['uuid'])); + $counter++; + // remove the blacklist entry that we just created with the event deletion, if the feature is enabled + // We do not want to block the UUID, since we just deleted a copy + if (Configure::read('MISP.enableEventBlacklisting') !== false) { + $this->EventBlacklist->deleteAll(array('EventBlacklist.event_uuid' => $uuid)); + } + } + } + } + $this->updateDatabase('makeEventUUIDsUnique'); + return $counter; + } + + public function removeDuplicateObjectUUIDs() + { + $this->MispObject = ClassRegistry::init('MispObject'); + $this->Log = ClassRegistry::init('Log'); + $duplicates = $this->MispObject->find('all', array( + 'fields' => array('Object.uuid', 'count(*) as occurance'), + 'recursive' => -1, + 'group' => array('Object.uuid HAVING COUNT(*) > 1'), + )); + $counter = 0; + foreach ($duplicates as $duplicate) { + $objects = $this->MispObject->find('all', array( + 'recursive' => -1, + 'conditions' => array('uuid' => $duplicate['Object']['uuid']) + )); + foreach ($objects as $k => $object) { + if ($k > 0) { + $this->MispObject->delete($object['Object']['id']); + $this->Log->createLogEntry('SYSTEM', 'delete', 'MispObject', $object['Object']['id'], __('Removed object (%s)', $object['Object']['id']), __('Object\'s UUID duplicated (%s)', $object['Object']['uuid'])); + $counter++; + } + } + } + $this->updateDatabase('makeObjectUUIDsUnique'); + return $counter; + } + + public function removeDuplicateClusterUUIDs() + { + // Mitre clusters have lots of duplicates. Better find another solution + return; + $this->GalaxyCluster = ClassRegistry::init('GalaxyCluster'); + $this->Log = ClassRegistry::init('Log'); + $duplicates = $this->GalaxyCluster->find('all', array( + 'fields' => array('GalaxyCluster.uuid', 'count(*) as occurance'), + 'recursive' => -1, + 'group' => array('GalaxyCluster.uuid HAVING COUNT(*) > 1'), + )); + $counter = 0; + foreach ($duplicates as $duplicate) { + $clusters = $this->GalaxyCluster->find('all', array( + 'recursive' => -1, + 'conditions' => array('uuid' => $duplicate['GalaxyCluster']['uuid']) + )); + foreach ($clusters as $k => $cluster) { + if ($k > 0) { + $this->GalaxyCluster->delete($cluster['GalaxyCluster']['id']); + $this->Log->createLogEntry('SYSTEM', 'delete', 'GalaxyCluster', $cluster['GalaxyCluster']['id'], __('Removed cluster (%s)', $cluster['GalaxyCluster']['id']), __('Cluster\'s UUID duplicated (%s)', $cluster['GalaxyCluster']['uuid'])); + $counter++; + } + } + } + $this->updateDatabase('makeClusterUUIDsUnique'); + return $counter; + } + public function populateNotifications($user, $mode = 'full') { $notifications = array(); From 6f092dfeb4763246d83561f15a0b687ef05b7978 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Thu, 3 Sep 2020 10:55:14 +0200 Subject: [PATCH 0002/1366] chg: [appModel] Optimized deduplication, log removed elements and regenerate unique indexes on update --- app/Model/AppModel.php | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 783e06a87..6103bf5b9 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -86,6 +86,7 @@ class AppModel extends Model 39 => false, 40 => false, 41 => false, 42 => false, 43 => false, 44 => false, 45 => false, 46 => false, 47 => false, 48 => false, 49 => false, 50 => false, 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false, + 57 => false ); public $advanced_updates_description = array( @@ -248,7 +249,7 @@ class AppModel extends Model case 48: $dbUpdateSuccess = $this->__generateCorrelations(); break; - case 56: + case 57: $dbUpdateSuccess = $this->removeDuplicatedUUIDs(); break; default: @@ -2268,7 +2269,8 @@ class AppModel extends Model 'Object' => $this->removeDuplicateObjectUUIDs(), // 'GalaxyCluster' => $this->removeDuplicateClusterUUIDs(), ); - $res = $this->updateDatabase('createUUIDsConstraints'); + $this->Log->createLogEntry('SYSTEM', 'update_database', 'Server', 0, __('Removed duplicated UUIDs'), __('Event: %s, Attribute: %s, Object: %s', h($removedResults['Event']), h($removedResults['Attribute']), h($removedResults['Object']))); + return $this->updateDatabase('createUUIDsConstraints'); } public function removeDuplicateAttributeUUIDs() @@ -2276,20 +2278,26 @@ class AppModel extends Model $this->Attribute = ClassRegistry::init('Attribute'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->Attribute->find('all', array( - 'fields' => array('Attribute.uuid', 'count(*) as occurance'), + 'fields' => array('Attribute.uuid', 'count(Attribute.uuid) as occurence'), 'recursive' => -1, - 'group' => array('Attribute.uuid HAVING COUNT(*) > 1'), + 'group' => array('Attribute.uuid HAVING COUNT(Attribute.uuid) > 1'), )); $counter = 0; foreach ($duplicates as $duplicate) { $attributes = $this->Attribute->find('all', array( 'recursive' => -1, - 'conditions' => array('uuid' => $duplicate['Attribute']['uuid']) + 'conditions' => array('uuid' => $duplicate['Attribute']['uuid']), + 'contain' => array( + 'AttributeTag' => array( + 'fields' => array('tag_id') + ) + ) )); foreach ($attributes as $k => $attribute) { if ($k > 0) { + $tagIDs = Hash::extract($attribute['AttributeTag'], '{n}.tag_id'); $this->Attribute->delete($attribute['Attribute']['id']); - $this->Log->createLogEntry('SYSTEM', 'delete', 'Attribute', $attribute['Attribute']['id'], __('Removed attribute (%s)', $attribute['Attribute']['id']), __('Attribute\'s UUID duplicated (%s)', $attribute['Attribute']['uuid'])); + $this->Log->createLogEntry('SYSTEM', 'delete', 'Attribute', $attribute['Attribute']['id'], __('Removed attribute (%s)', $attribute['Attribute']['id']), __('Attribute\'s UUID duplicated (%s) tag ID attached [%s]', $attribute['Attribute']['uuid'], implode($tagIDs))); $counter++; } } @@ -2303,9 +2311,9 @@ class AppModel extends Model $this->Event = ClassRegistry::init('Event'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->Event->find('all', array( - 'fields' => array('Event.uuid', 'count(*) as occurance'), + 'fields' => array('Event.uuid', 'count(Event.uuid) as occurence'), 'recursive' => -1, - 'group' => array('Event.uuid HAVING COUNT(*) > 1'), + 'group' => array('Event.uuid HAVING COUNT(Event.uuid) > 1'), )); $counter = 0; @@ -2342,9 +2350,9 @@ class AppModel extends Model $this->MispObject = ClassRegistry::init('MispObject'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->MispObject->find('all', array( - 'fields' => array('Object.uuid', 'count(*) as occurance'), + 'fields' => array('Object.uuid', 'count(Object.uuid) as occurence'), 'recursive' => -1, - 'group' => array('Object.uuid HAVING COUNT(*) > 1'), + 'group' => array('Object.uuid HAVING COUNT(Object.uuid) > 1'), )); $counter = 0; foreach ($duplicates as $duplicate) { @@ -2371,9 +2379,9 @@ class AppModel extends Model $this->GalaxyCluster = ClassRegistry::init('GalaxyCluster'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->GalaxyCluster->find('all', array( - 'fields' => array('GalaxyCluster.uuid', 'count(*) as occurance'), + 'fields' => array('GalaxyCluster.uuid', 'count(GalaxyCluster.uuid) as occurence'), 'recursive' => -1, - 'group' => array('GalaxyCluster.uuid HAVING COUNT(*) > 1'), + 'group' => array('GalaxyCluster.uuid HAVING COUNT(GalaxyCluster.uuid) > 1'), )); $counter = 0; foreach ($duplicates as $duplicate) { From c6f7779f3ed0946be5a8458f8012416eed4edbea Mon Sep 17 00:00:00 2001 From: mokaddem Date: Thu, 3 Sep 2020 11:39:55 +0200 Subject: [PATCH 0003/1366] chg: [db_schema] Attribute and object UUID should have unique index --- db_schema.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/db_schema.json b/db_schema.json index fe9b191bc..320578c07 100644 --- a/db_schema.json +++ b/db_schema.json @@ -6783,7 +6783,7 @@ }, "attributes": { "id": true, - "uuid": false, + "uuid": true, "event_id": false, "sharing_group_id": false, "type": false, @@ -6955,7 +6955,7 @@ "template_version": false, "meta-category": false, "event_id": false, - "uuid": false, + "uuid": true, "timestamp": false, "distribution": false, "sharing_group_id": false, From b374e67a154358b4f21f32ac3961187827d8a381 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Thu, 3 Sep 2020 13:15:24 +0200 Subject: [PATCH 0004/1366] chg: [appModel] Delete duplicated sightings uuid --- app/Model/AppModel.php | 38 +++++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 6103bf5b9..866dcae44 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -2267,9 +2267,10 @@ class AppModel extends Model 'Event' => $this->removeDuplicateEventUUIDs(), 'Attribute' => $this->removeDuplicateAttributeUUIDs(), 'Object' => $this->removeDuplicateObjectUUIDs(), + 'Sighting' => $this->removeDuplicateSightingUUIDs(), // 'GalaxyCluster' => $this->removeDuplicateClusterUUIDs(), ); - $this->Log->createLogEntry('SYSTEM', 'update_database', 'Server', 0, __('Removed duplicated UUIDs'), __('Event: %s, Attribute: %s, Object: %s', h($removedResults['Event']), h($removedResults['Attribute']), h($removedResults['Object']))); + $this->Log->createLogEntry('SYSTEM', 'update_database', 'Server', 0, __('Removed duplicated UUIDs'), __('Event: %s, Attribute: %s, Object: %s, Sighting: %s', h($removedResults['Event']), h($removedResults['Attribute']), h($removedResults['Object']), h($removedResults['Sighting']))); return $this->updateDatabase('createUUIDsConstraints'); } @@ -2278,7 +2279,7 @@ class AppModel extends Model $this->Attribute = ClassRegistry::init('Attribute'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->Attribute->find('all', array( - 'fields' => array('Attribute.uuid', 'count(Attribute.uuid) as occurence'), + 'fields' => array('Attribute.uuid', 'count(Attribute.uuid) as occurrence'), 'recursive' => -1, 'group' => array('Attribute.uuid HAVING COUNT(Attribute.uuid) > 1'), )); @@ -2311,7 +2312,7 @@ class AppModel extends Model $this->Event = ClassRegistry::init('Event'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->Event->find('all', array( - 'fields' => array('Event.uuid', 'count(Event.uuid) as occurence'), + 'fields' => array('Event.uuid', 'count(Event.uuid) as occurrence'), 'recursive' => -1, 'group' => array('Event.uuid HAVING COUNT(Event.uuid) > 1'), )); @@ -2350,7 +2351,7 @@ class AppModel extends Model $this->MispObject = ClassRegistry::init('MispObject'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->MispObject->find('all', array( - 'fields' => array('Object.uuid', 'count(Object.uuid) as occurence'), + 'fields' => array('Object.uuid', 'count(Object.uuid) as occurrence'), 'recursive' => -1, 'group' => array('Object.uuid HAVING COUNT(Object.uuid) > 1'), )); @@ -2379,7 +2380,7 @@ class AppModel extends Model $this->GalaxyCluster = ClassRegistry::init('GalaxyCluster'); $this->Log = ClassRegistry::init('Log'); $duplicates = $this->GalaxyCluster->find('all', array( - 'fields' => array('GalaxyCluster.uuid', 'count(GalaxyCluster.uuid) as occurence'), + 'fields' => array('GalaxyCluster.uuid', 'count(GalaxyCluster.uuid) as occurrence'), 'recursive' => -1, 'group' => array('GalaxyCluster.uuid HAVING COUNT(GalaxyCluster.uuid) > 1'), )); @@ -2401,6 +2402,33 @@ class AppModel extends Model return $counter; } + public function removeDuplicateSightingUUIDs() + { + $this->Sighting = ClassRegistry::init('Sighting'); + $this->Log = ClassRegistry::init('Log'); + $duplicates = $this->Sighting->find('all', array( + 'fields' => array('Sighting.uuid', 'count(Sighting.uuid) as occurrence'), + 'recursive' => -1, + 'group' => array('Sighting.uuid HAVING COUNT(Sighting.uuid) > 1'), + )); + $counter = 0; + foreach ($duplicates as $duplicate) { + $attributes = $this->Sighting->find('all', array( + 'recursive' => -1, + 'conditions' => array('uuid' => $duplicate['Sighting']['uuid']), + )); + foreach ($sightings as $k => $sighting) { + if ($k > 0) { + $this->Sighting->delete($sighting['Sighting']['id']); + $this->Log->createLogEntry('SYSTEM', 'delete', 'Sighting', $sighting['Sighting']['id'], __('Removed sighting (%s)', $sighting['Sighting']['id']), __('Sighting\'s UUID duplicated (%s)', $sighting['Sighting']['uuid'])); + $counter++; + } + } + } + $this->updateDatabase('makeSightingUUIDsUnique'); + return $counter; + } + public function populateNotifications($user, $mode = 'full') { $notifications = array(); From fb5c26997a13ae418564b6075c817ab496a28f03 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Thu, 3 Sep 2020 13:29:54 +0200 Subject: [PATCH 0005/1366] chg: [appModel] Create UUID unique index for other tables --- app/Model/AppModel.php | 22 +++++++++++++++------- db_schema.json | 10 +++++----- 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 866dcae44..b4997937e 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -1494,9 +1494,22 @@ class AppModel extends Model $indexArray[] = array('shadow_attributes', 'last_seen'); break; case 'createUUIDsConstraints': + $this->__dropIndex('events', 'uuid'); $sqlArray[] = "ALTER TABLE events ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('attributes', 'uuid'); $sqlArray[] = "ALTER TABLE attributes ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('objects', 'uuid'); $sqlArray[] = "ALTER TABLE objects ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('sightings', 'uuid'); + $sqlArray[] = "ALTER TABLE sightings ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('dashboards', 'uuid'); + $sqlArray[] = "ALTER TABLE dashboards ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('inbox', 'uuid'); + $sqlArray[] = "ALTER TABLE inbox ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('organisations', 'uuid'); + $sqlArray[] = "ALTER TABLE organisations ADD CONSTRAINT `uuid` UNIQUE (uuid);"; + $this->__dropIndex('tag_collections', 'uuid'); + $sqlArray[] = "ALTER TABLE tag_collections ADD CONSTRAINT `uuid` UNIQUE (uuid);"; break; default: return false; @@ -2303,7 +2316,6 @@ class AppModel extends Model } } } - $this->updateDatabase('makeAttributeUUIDsUnique'); return $counter; } @@ -2342,7 +2354,6 @@ class AppModel extends Model } } } - $this->updateDatabase('makeEventUUIDsUnique'); return $counter; } @@ -2369,7 +2380,6 @@ class AppModel extends Model } } } - $this->updateDatabase('makeObjectUUIDsUnique'); return $counter; } @@ -2398,7 +2408,6 @@ class AppModel extends Model } } } - $this->updateDatabase('makeClusterUUIDsUnique'); return $counter; } @@ -2413,19 +2422,18 @@ class AppModel extends Model )); $counter = 0; foreach ($duplicates as $duplicate) { - $attributes = $this->Sighting->find('all', array( + $sightings = $this->Sighting->find('all', array( 'recursive' => -1, 'conditions' => array('uuid' => $duplicate['Sighting']['uuid']), )); foreach ($sightings as $k => $sighting) { if ($k > 0) { $this->Sighting->delete($sighting['Sighting']['id']); - $this->Log->createLogEntry('SYSTEM', 'delete', 'Sighting', $sighting['Sighting']['id'], __('Removed sighting (%s)', $sighting['Sighting']['id']), __('Sighting\'s UUID duplicated (%s)', $sighting['Sighting']['uuid'])); + // $this->Log->createLogEntry('SYSTEM', 'delete', 'Sighting', $sighting['Sighting']['id'], __('Removed sighting (%s)', $sighting['Sighting']['id']), __('Sighting\'s UUID duplicated (%s)', $sighting['Sighting']['uuid'])); $counter++; } } } - $this->updateDatabase('makeSightingUUIDsUnique'); return $counter; } diff --git a/db_schema.json b/db_schema.json index 320578c07..3c7a76199 100644 --- a/db_schema.json +++ b/db_schema.json @@ -6817,7 +6817,7 @@ "dashboards": { "id": true, "name": false, - "uuid": false, + "uuid": true, "user_id": false, "restrict_to_org_id": false, "restrict_to_permission_flag": false @@ -6920,7 +6920,7 @@ "id": true, "title": false, "type": false, - "uuid": false, + "uuid": true, "user_agent_sha256": false, "ip": false, "timestamp": false @@ -6990,7 +6990,7 @@ }, "organisations": { "id": true, - "uuid": false, + "uuid": true, "name": false }, "org_blocklists": { @@ -7077,7 +7077,7 @@ "attribute_id": false, "event_id": false, "org_id": false, - "uuid": false, + "uuid": true, "source": false, "type": false }, @@ -7090,7 +7090,7 @@ }, "tag_collections": { "id": true, - "uuid": false, + "uuid": true, "user_id": false, "org_id": false }, From 873882cc09c22669f69736bffd22d91b1d09a310 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Thu, 3 Sep 2020 13:31:36 +0200 Subject: [PATCH 0006/1366] chg: [db_schema] Bumped db_version --- db_schema.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db_schema.json b/db_schema.json index 3c7a76199..de31387b1 100644 --- a/db_schema.json +++ b/db_schema.json @@ -7166,5 +7166,5 @@ "id": true } }, - "db_version": "56" + "db_version": "57" } \ No newline at end of file From b5e2163556fe199668bfbd7b36fb4b436f2ab7cb Mon Sep 17 00:00:00 2001 From: Tom King Date: Fri, 11 Jun 2021 17:14:29 +0100 Subject: [PATCH 0007/1366] new: [sync] Allow option to delete tags on event sync prior to soft-delete tag implementation --- app/Controller/ServersController.php | 5 +++-- app/Model/AppModel.php | 5 ++++- app/Model/Attribute.php | 8 +++++--- app/Model/Event.php | 3 ++- app/View/Servers/edit.ctp | 11 ++++++++--- db_schema.json | 13 ++++++++++++- 6 files changed, 34 insertions(+), 11 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index f53977c0c..b3fa2a53b 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -308,7 +308,8 @@ class ServersController extends AppController 'json' => '[]', 'push_rules' => '[]', 'pull_rules' => '[]', - 'self_signed' => 0 + 'self_signed' => 0, + 'remove_missing_tags' => 0 ); foreach ($defaults as $default => $dvalue) { if (!isset($this->request->data['Server'][$default])) { @@ -492,7 +493,7 @@ class ServersController extends AppController } if (!$fail) { // say what fields are to be updated - $fieldList = array('id', 'url', 'push', 'pull', 'push_sightings', 'push_galaxy_clusters', 'pull_galaxy_clusters', 'caching_enabled', 'unpublish_event', 'publish_without_email', 'remote_org_id', 'name' ,'self_signed', 'cert_file', 'client_cert_file', 'push_rules', 'pull_rules', 'internal', 'skip_proxy'); + $fieldList = array('id', 'url', 'push', 'pull', 'push_sightings', 'push_galaxy_clusters', 'pull_galaxy_clusters', 'caching_enabled', 'unpublish_event', 'publish_without_email', 'remote_org_id', 'name' ,'self_signed', 'remove_missing_tags', 'cert_file', 'client_cert_file', 'push_rules', 'pull_rules', 'internal', 'skip_proxy'); $this->request->data['Server']['id'] = $id; if (isset($this->request->data['Server']['authkey']) && "" != $this->request->data['Server']['authkey']) { $fieldList[] = 'authkey'; diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 2a1738f27..71dafaf07 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -90,7 +90,7 @@ class AppModel extends Model 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false, 57 => false, 58 => false, 59 => false, 60 => false, 61 => false, 62 => false, 63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false, - 69 => false, 70 => false, + 69 => false, 70 => false, 71 => false ); public $advanced_updates_description = array( @@ -1603,6 +1603,9 @@ class AppModel extends Model case 70: $sqlArray[] = "ALTER TABLE `galaxies` ADD `enabled` tinyint(1) NOT NULL DEFAULT 1 AFTER `namespace`;"; break; + case 71: + $sqlArray[] = "ALTER TABLE `servers` ADD `remove_missing_tags` tinyint(1) NOT NULL DEFAULT 0 AFTER `skip_proxy`;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index c3798e51e..5504a0d14 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -3685,7 +3685,7 @@ class Attribute extends AppModel return $attribute; } - public function editAttribute($attribute, $eventId, $user, $objectId, $log = false, $force = false, &$nothingToChange = false) + public function editAttribute($attribute, $eventId, $user, $objectId, $log = false, $force = false, &$nothingToChange = false, $server = null) { $attribute['event_id'] = $eventId; $attribute['object_id'] = $objectId; @@ -3805,11 +3805,13 @@ class Attribute extends AppModel } if ($user['Role']['perm_tagger']) { /* - We should uncomment the line below in the future once we have tag soft-delete + We should unwrap the line below and remove the server option in the future once we have tag soft-delete A solution to still keep the behavior for previous instance could be to not soft-delete the Tag if the remote instance has a version below x */ - // $this->AttributeTag->pruneOutdatedAttributeTagsFromSync(isset($attribute['Tag']) ? $attribute['Tag'] : array(), $existingAttribute['AttributeTag']); + if (isset($server) && $server['Server']['remove_missing_tags']) { + $this->AttributeTag->pruneOutdatedAttributeTagsFromSync(isset($attribute['Tag']) ? $attribute['Tag'] : array(), $existingAttribute['AttributeTag']); + } if (isset($attribute['Tag'])) { foreach ($attribute['Tag'] as $tag) { $tag_id = $this->AttributeTag->Tag->captureTag($tag, $user); diff --git a/app/Model/Event.php b/app/Model/Event.php index 112bdb73e..507780cc2 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -4031,6 +4031,7 @@ class Event extends AppModel 'Server.unpublish_event', 'Server.publish_without_email', 'Server.internal', + 'Server.remove_missing_tags' ) )); } else { @@ -4129,7 +4130,7 @@ class Event extends AppModel $data['Event']['Attribute'] = array_values($data['Event']['Attribute']); foreach ($data['Event']['Attribute'] as $k => $attribute) { $nothingToChange = false; - $result = $this->Attribute->editAttribute($attribute, $this->id, $user, 0, $this->Log, $force, $nothingToChange); + $result = $this->Attribute->editAttribute($attribute, $this->id, $user, 0, $this->Log, $force, $nothingToChange, $server); if ($result !== true) { $validationErrors['Attribute'][] = $result; } diff --git a/app/View/Servers/edit.ctp b/app/View/Servers/edit.ctp index fd32d727d..7c7f6c504 100644 --- a/app/View/Servers/edit.ctp +++ b/app/View/Servers/edit.ctp @@ -103,6 +103,10 @@ )); echo '
'; echo $this->Form->input('skip_proxy', array('type' => 'checkbox', 'label' => 'Skip proxy (if applicable)')); + echo '
'; + echo $this->Form->input('remove_missing_tags', array( + 'type' => 'checkbox', + )); ?>

@@ -236,7 +240,8 @@ var formInfoValues = { 'ServerPublishWithoutEmail' : '', 'ServerSubmittedCert' : "", 'ServerSubmittedClientCert' : "", - 'ServerSelfSigned' : "" + 'ServerSelfSigned' : "", + 'ServerRemoveMissingTags': "" }; var rules = { @@ -264,11 +269,11 @@ $(document).ready(function() { serverOrgTypeChange(); }); - $("#ServerUrl, #ServerOrganization, #ServerName, #ServerAuthkey, #ServerPush, #ServerPull, #ServerUnpublishEvent, #ServerPublishWithoutEmail, #ServerSubmittedCert, #ServerSubmittedClientCert, #ServerSelfSigned").on('mouseleave', function(e) { + $("#ServerUrl, #ServerOrganization, #ServerName, #ServerAuthkey, #ServerPush, #ServerPull, #ServerUnpublishEvent, #ServerPublishWithoutEmail, #ServerSubmittedCert, #ServerSubmittedClientCert, #ServerSelfSigned, #ServerRemoveMissingTags").on('mouseleave', function(e) { $('#'+e.currentTarget.id).popover('destroy'); }); - $("#ServerUrl, #ServerOrganization, #ServerName, #ServerAuthkey, #ServerPush, #ServerPull, #ServerUnpublishEvent, #ServerPublishWithoutEmail, #ServerSubmittedCert, #ServerSubmittedClientCert, #ServerSelfSigned").on('mouseover', function(e) { + $("#ServerUrl, #ServerOrganization, #ServerName, #ServerAuthkey, #ServerPush, #ServerPull, #ServerUnpublishEvent, #ServerPublishWithoutEmail, #ServerSubmittedCert, #ServerSubmittedClientCert, #ServerSelfSigned, #ServerRemoveMissingTags").on('mouseover', function(e) { var $e = $(e.target); $('#'+e.currentTarget.id).popover('destroy'); $('#'+e.currentTarget.id).popover({ diff --git a/db_schema.json b/db_schema.json index f9888d44d..17c484c17 100644 --- a/db_schema.json +++ b/db_schema.json @@ -5225,6 +5225,17 @@ "column_default": null, "extra": "" }, + { + "column_name": "remove_missing_tags", + "is_nullable": "NO", + "data_type": "tinyint", + "character_maximum_length": null, + "numeric_precision": "3", + "collation_name": null, + "column_type": "tinyint(1)", + "column_default": "0", + "extra": "" + }, { "column_name": "pull_rules", "is_nullable": "NO", @@ -8169,5 +8180,5 @@ "id": true } }, - "db_version": "70" + "db_version": "71" } From 3e88fe35d70ae80b4aaf8521e04fd7fac2eaf3b7 Mon Sep 17 00:00:00 2001 From: Marco Caselli Date: Tue, 22 Jun 2021 08:18:56 +0200 Subject: [PATCH 0008/1366] new: update to handle network connection objects --- app/Lib/Export/NidsExport.php | 235 +++++++++++++++++++++++++--------- 1 file changed, 172 insertions(+), 63 deletions(-) diff --git a/app/Lib/Export/NidsExport.php b/app/Lib/Export/NidsExport.php index 2b691314d..dd881693f 100644 --- a/app/Lib/Export/NidsExport.php +++ b/app/Lib/Export/NidsExport.php @@ -16,11 +16,14 @@ class NidsExport 'fields' => array('threat_level_id') ) ), - 'flatten' => 1 + #'flatten' => 1 ); public function handler($data, $options = array()) { + + //NOTES: Here the scope "Object" should be probably checked + $continue = empty($format); $this->checkWhitelist = false; if ($options['scope'] === 'Attribute') { @@ -38,15 +41,16 @@ class NidsExport $this->__convertFromEventFormat($data['Attribute'], $data, $options, $continue); } if (!empty($data['Object'])) { - foreach ($data['Object'] as $object) { - $this->__convertFromEventFormat($object['Attribute'], $data, $options, $continue); - } + #foreach ($data['Object'] as $object) { + $this->__convertFromEventFormatObject($data['Object'], $data, $options, $continue); + #} } } return ''; } private function __convertFromEventFormat($attributes, $event, $options = array(), $continue = false) { + $rearranged = array(); foreach ($attributes as $attribute) { $attributeTag = array(); @@ -69,6 +73,44 @@ class NidsExport return true; } + + private function __convertFromEventFormatObject($objects, $event, $options = array(), $continue = false) { + + #CakeLog::debug("ConvertFromEventFormatObject"); + #CakeLog::debug(json_encode($event)); + + $rearranged = array(); + foreach ($objects as $object) { + + $objectTag = array(); + + foreach($object['Attribute'] as $attribute) { + + if (!empty($attribute['AttributeTag'])) { + $objectTag = array_merge($objectTag, $attribute['AttributeTag']); + unset($attribute['AttributeTag']); + } + + } + + $rearranged[] = array( + 'Attribute' => $object, //NOTES: Using 'Attribute' instead of 'Object' to comply with function export + 'AttributeTag' => $objectTag, //NOTES: Using 'AttributeTag' instead of 'ObjectTag' to comply with function export + 'Event' => $event['Event'] + ); + + } + + $this->export( + $rearranged, + $options['user']['nids_sid'], + $options['returnFormat'], + $continue + + ); + return true; + + } public function header($options = array()) { @@ -142,68 +184,135 @@ class NidsExport $sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type $sid++; - switch ($item['Attribute']['type']) { - // LATER nids - test all the snort attributes - // LATER nids - add the tag keyword in the rules to capture network traffic - // LATER nids - sanitize every $attribute['value'] to not conflict with snort - case 'ip-dst': - $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-src': - $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-dst|port': - $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-src|port': - $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email': - $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); - $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-src': - $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-dst': - $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-subject': - $this->emailSubjectRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-attachment': - $this->emailAttachmentRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'domain': - $this->domainRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'domain|ip': - $this->domainIpRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'hostname': - $this->hostnameRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'url': - $this->urlRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'user-agent': - $this->userAgentRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ja3-fingerprint-md5': - $this->ja3Rule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ja3s-fingerprint-md5': // Atribute type doesn't exists yet (2020-12-10) but ready when created. - $this->ja3sRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'snort': - $this->snortRule($ruleFormat, $item['Attribute'], $sid, $ruleFormatMsg, $ruleFormatReference); - // no break - default: - break; - } + + if(!empty($item['Attribute']['type'])) { //NOTES: Item is an 'Attribute' + + switch ($item['Attribute']['type']) { + // LATER nids - test all the snort attributes + // LATER nids - add the tag keyword in the rules to capture network traffic + // LATER nids - sanitize every $attribute['value'] to not conflict with snort + case 'ip-dst': + $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-src': + $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-dst|port': + $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-src|port': + $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email': + $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); + $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-src': + $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-dst': + $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-subject': + $this->emailSubjectRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-attachment': + $this->emailAttachmentRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'domain': + $this->domainRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'domain|ip': + $this->domainIpRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'hostname': + $this->hostnameRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'url': + $this->urlRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'user-agent': + $this->userAgentRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ja3-fingerprint-md5': + $this->ja3Rule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ja3s-fingerprint-md5': // Atribute type doesn't exists yet (2020-12-10) but ready when created. + $this->ja3sRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'snort': + $this->snortRule($ruleFormat, $item['Attribute'], $sid, $ruleFormatMsg, $ruleFormatReference); + // no break + default: + break; + } + + } else if(!empty($item['Attribute']['name'])) { //NOTES: Item is an 'Object' + + switch ($item['Attribute']['name']) { + case 'network-connection': + $this->networkConnectionRule($ruleFormat, $item['Attribute'], $sid); + break; + default: + break; + } + + } + } return $this->rules; } + + public function networkConnectionRule($ruleFormat, $object, &$sid) + { + + $attributes = NidsExport::getObjectAttributes($object); + + if(!array_key_exists('layer4-protocol', $attributes)){ + $attributes['layer4-protocol'] = 'IP'; // If layer-4 protocol is unknown, we roll-back to layer-3 ('IP') + } + if(!array_key_exists('ip-src', $attributes)){ + $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET + } + if(!array_key_exists('ip-dst', $attributes)){ + $attributes['ip-dst'] = '$HOME_NET'; // If ip-dst is unknown, we roll-back to $HOME_NET + } + if(!array_key_exists('src-port', $attributes)){ + $attributes['src-port'] = 'any'; // If src-port is unknown, we roll-back to 'any' + } + if(!array_key_exists('dst-port', $attributes)){ + $attributes['dst-port'] = 'any'; // If dst-port is unknown, we roll-back to 'any' + } + + $this->rules[] = sprintf( + $ruleFormat, + false, + $attributes['layer4-protocol'], // proto + $attributes['ip-src'], // src_ip + $attributes['src-port'], // src_port + '->', // direction + $attributes['ip-dst'], // dst_ip + $attributes['dst-port'], // dst_port + 'Network connection between ' . $attributes['ip-src'] . ' and ' . $attributes['ip-dst'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev + ); + + } + + public static function getObjectAttributes($object) + { + + $attributes = array(); + + foreach ($object['Attribute'] as $attribute) { + $attributes[$attribute['object_relation']] = $attribute['value']; + } + + return $attributes; + } public function domainIpRule($ruleFormat, $attribute, &$sid) { From 1b44f1257dd67052e48518f993fb9d4f833ba7ec Mon Sep 17 00:00:00 2001 From: Tom King Date: Wed, 11 Aug 2021 11:03:20 +0100 Subject: [PATCH 0009/1366] chg: Update new tag deletion sync setting to be more explicit --- app/View/Servers/edit.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Servers/edit.ctp b/app/View/Servers/edit.ctp index fc6c26b12..e88e152cb 100644 --- a/app/View/Servers/edit.ctp +++ b/app/View/Servers/edit.ctp @@ -241,7 +241,7 @@ var formInfoValues = { 'ServerSubmittedCert' : "", 'ServerSubmittedClientCert' : "", 'ServerSelfSigned' : "", - 'ServerRemoveMissingTags': "" + 'ServerRemoveMissingTags': "" }; var rules = { From e71e46c11845f62c73f7cb0d79c2fdf77dae7522 Mon Sep 17 00:00:00 2001 From: Marco Caselli Date: Wed, 15 Sep 2021 12:34:26 +0200 Subject: [PATCH 0010/1366] fixes + ddos object handling --- app/Lib/Export/NidsExport.php | 80 +++++++++++++++++++++++++++++------ 1 file changed, 67 insertions(+), 13 deletions(-) diff --git a/app/Lib/Export/NidsExport.php b/app/Lib/Export/NidsExport.php index dd881693f..20dcff784 100644 --- a/app/Lib/Export/NidsExport.php +++ b/app/Lib/Export/NidsExport.php @@ -7,6 +7,8 @@ class NidsExport public $classtype = 'trojan-activity'; public $format = ""; // suricata (default), snort + + public $supportedObjects = array('network-connection', 'ddos'); public $checkWhitelist = true; @@ -82,22 +84,32 @@ class NidsExport $rearranged = array(); foreach ($objects as $object) { - $objectTag = array(); + #CakeLog::debug("Checking Object"); - foreach($object['Attribute'] as $attribute) { + if(in_array($object['name'], $this->supportedObjects)){ //NOTES: Checking if this is an object supported for the custom export - if (!empty($attribute['AttributeTag'])) { - $objectTag = array_merge($objectTag, $attribute['AttributeTag']); - unset($attribute['AttributeTag']); + $objectTag = array(); + + foreach($object['Attribute'] as $attribute) { + + if (!empty($attribute['AttributeTag'])) { + $objectTag = array_merge($objectTag, $attribute['AttributeTag']); + unset($attribute['AttributeTag']); + } + } - } + $rearranged[] = array( + 'Attribute' => $object, //NOTES: Using 'Attribute' instead of 'Object' to comply with function export + 'AttributeTag' => $objectTag, //NOTES: Using 'AttributeTag' instead of 'ObjectTag' to comply with function export + 'Event' => $event['Event'] + ); + + } else { //NOTES: In case the object is not supported for the custom export, the approach falls back to the attribute case - $rearranged[] = array( - 'Attribute' => $object, //NOTES: Using 'Attribute' instead of 'Object' to comply with function export - 'AttributeTag' => $objectTag, //NOTES: Using 'AttributeTag' instead of 'ObjectTag' to comply with function export - 'Event' => $event['Event'] - ); + $this->__convertFromEventFormat($object['Attribute'], $data, $options, $continue); + + } } @@ -253,6 +265,9 @@ class NidsExport case 'network-connection': $this->networkConnectionRule($ruleFormat, $item['Attribute'], $sid); break; + case 'ddos': + $this->ddosRule($ruleFormat, $item['Attribute'], $sid); + break; default: break; } @@ -269,7 +284,7 @@ class NidsExport $attributes = NidsExport::getObjectAttributes($object); if(!array_key_exists('layer4-protocol', $attributes)){ - $attributes['layer4-protocol'] = 'IP'; // If layer-4 protocol is unknown, we roll-back to layer-3 ('IP') + $attributes['layer4-protocol'] = 'ip'; // If layer-4 protocol is unknown, we roll-back to layer-3 ('ip') } if(!array_key_exists('ip-src', $attributes)){ $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET @@ -302,6 +317,45 @@ class NidsExport } + public function ddosRule($ruleFormat, $object, &$sid) + { + + $attributes = NidsExport::getObjectAttributes($object); + + if(!array_key_exists('protocol', $attributes)){ + $attributes['protocol'] = 'ip'; // If protocol is unknown, we roll-back to 'ip' + } + if(!array_key_exists('ip-src', $attributes)){ + $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET + } + if(!array_key_exists('ip-dst', $attributes)){ + $attributes['ip-dst'] = '$HOME_NET'; // If ip-dst is unknown, we roll-back to $HOME_NET + } + if(!array_key_exists('src-port', $attributes)){ + $attributes['src-port'] = 'any'; // If src-port is unknown, we roll-back to 'any' + } + if(!array_key_exists('dst-port', $attributes)){ + $attributes['dst-port'] = 'any'; // If dst-port is unknown, we roll-back to 'any' + } + + $this->rules[] = sprintf( + $ruleFormat, + false, + $attributes['protocol'], // proto + $attributes['ip-src'], // src_ip + $attributes['src-port'], // src_port + '->', // direction + $attributes['ip-dst'], // dst_ip + $attributes['dst-port'], // dst_port + 'DDOS attack detected between ' . $attributes['ip-src'] . ' and ' . $attributes['ip-dst'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev + ); + + } + public static function getObjectAttributes($object) { @@ -826,4 +880,4 @@ class NidsExport } return $ipport; } -} +} \ No newline at end of file From a04694a5b4db552cb2a8e65ce88a3ec148f3aede Mon Sep 17 00:00:00 2001 From: Marco Caselli Date: Wed, 15 Sep 2021 12:59:19 +0200 Subject: [PATCH 0011/1366] Code polishing --- app/Lib/Export/NidsExport.php | 841 +++++++++++++++++----------------- 1 file changed, 414 insertions(+), 427 deletions(-) diff --git a/app/Lib/Export/NidsExport.php b/app/Lib/Export/NidsExport.php index 20dcff784..05d448109 100644 --- a/app/Lib/Export/NidsExport.php +++ b/app/Lib/Export/NidsExport.php @@ -10,135 +10,122 @@ class NidsExport public $supportedObjects = array('network-connection', 'ddos'); - public $checkWhitelist = true; + public $checkWhitelist = true; - public $additional_params = array( - 'contain' => array( - 'Event' => array( - 'fields' => array('threat_level_id') - ) - ), - #'flatten' => 1 - ); + public $additional_params = array( + 'contain' => array( + 'Event' => array( + 'fields' => array('threat_level_id') + ) + ), - public function handler($data, $options = array()) - { - - //NOTES: Here the scope "Object" should be probably checked - - $continue = empty($format); - $this->checkWhitelist = false; - if ($options['scope'] === 'Attribute') { - $this->export( - array($data), - $options['user']['nids_sid'], - $options['returnFormat'], - $continue - ); - } else if ($options['scope'] === 'Event') { - if (!empty($data['EventTag'])) { - $data['Event']['EventTag'] = $data['EventTag']; - } - if (!empty($data['Attribute'])) { - $this->__convertFromEventFormat($data['Attribute'], $data, $options, $continue); - } - if (!empty($data['Object'])) { - #foreach ($data['Object'] as $object) { - $this->__convertFromEventFormatObject($data['Object'], $data, $options, $continue); - #} - } - } - return ''; - } + ); - private function __convertFromEventFormat($attributes, $event, $options = array(), $continue = false) { - - $rearranged = array(); - foreach ($attributes as $attribute) { - $attributeTag = array(); - if (!empty($attribute['AttributeTag'])) { - $attributeTag = $attribute['AttributeTag']; - unset($attribute['AttributeTag']); - } - $rearranged[] = array( - 'Attribute' => $attribute, - 'AttributeTag' => $attributeTag, - 'Event' => $event['Event'] - ); - } - $this->export( - $rearranged, - $options['user']['nids_sid'], - $options['returnFormat'], - $continue - ); - return true; + public function handler($data, $options = array()) + { + $continue = empty($format); + $this->checkWhitelist = false; + if ($options['scope'] === 'Attribute') { + $this->export( + array($data), + $options['user']['nids_sid'], + $options['returnFormat'], + $continue + ); + } else if ($options['scope'] === 'Event') { + if (!empty($data['EventTag'])) { + $data['Event']['EventTag'] = $data['EventTag']; + } + if (!empty($data['Attribute'])) { + $this->__convertFromEventFormat($data['Attribute'], $data, $options, $continue); + } + if (!empty($data['Object'])) { + $this->__convertFromEventFormatObject($data['Object'], $data, $options, $continue); + } + } + return ''; + } - } - - private function __convertFromEventFormatObject($objects, $event, $options = array(), $continue = false) { - - #CakeLog::debug("ConvertFromEventFormatObject"); - #CakeLog::debug(json_encode($event)); - - $rearranged = array(); - foreach ($objects as $object) { - - #CakeLog::debug("Checking Object"); - - if(in_array($object['name'], $this->supportedObjects)){ //NOTES: Checking if this is an object supported for the custom export - - $objectTag = array(); - - foreach($object['Attribute'] as $attribute) { - - if (!empty($attribute['AttributeTag'])) { - $objectTag = array_merge($objectTag, $attribute['AttributeTag']); - unset($attribute['AttributeTag']); - } - - } - - $rearranged[] = array( - 'Attribute' => $object, //NOTES: Using 'Attribute' instead of 'Object' to comply with function export - 'AttributeTag' => $objectTag, //NOTES: Using 'AttributeTag' instead of 'ObjectTag' to comply with function export - 'Event' => $event['Event'] - ); - - } else { //NOTES: In case the object is not supported for the custom export, the approach falls back to the attribute case - - $this->__convertFromEventFormat($object['Attribute'], $data, $options, $continue); - - } - - } - - $this->export( - $rearranged, - $options['user']['nids_sid'], - $options['returnFormat'], - $continue - - ); - return true; + private function __convertFromEventFormat($attributes, $event, $options = array(), $continue = false) { - } + $rearranged = array(); + foreach ($attributes as $attribute) { + $attributeTag = array(); + if (!empty($attribute['AttributeTag'])) { + $attributeTag = $attribute['AttributeTag']; + unset($attribute['AttributeTag']); + } + $rearranged[] = array( + 'Attribute' => $attribute, + 'AttributeTag' => $attributeTag, + 'Event' => $event['Event'] + ); + } + $this->export( + $rearranged, + $options['user']['nids_sid'], + $options['returnFormat'], + $continue + ); + return true; - public function header($options = array()) - { - $this->explain(); - return ''; - } + } - public function footer() - { - return implode ("\n", $this->rules); - } + private function __convertFromEventFormatObject($objects, $event, $options = array(), $continue = false) { - public function separator() - { - return ''; - } + $rearranged = array(); + foreach ($objects as $object) { + + if(in_array($object['name'], $this->supportedObjects)){ + + $objectTag = array(); + + foreach($object['Attribute'] as $attribute) { + + if (!empty($attribute['AttributeTag'])) { + $objectTag = array_merge($objectTag, $attribute['AttributeTag']); + unset($attribute['AttributeTag']); + } + + } + + $rearranged[] = array( + 'Attribute' => $object, // Using 'Attribute' instead of 'Object' to comply with function export + 'AttributeTag' => $objectTag, // Using 'AttributeTag' instead of 'ObjectTag' to comply with function export + 'Event' => $event['Event'] + ); + + } else { // In case no custom export exists for the object, the approach falls back to the attribute case + $this->__convertFromEventFormat($object['Attribute'], $data, $options, $continue); + } + + } + + $this->export( + $rearranged, + $options['user']['nids_sid'], + $options['returnFormat'], + $continue + ); + return true; + + } + + public function header($options = array()) + { + $this->explain(); + return ''; + } + + public function footer() + { + return implode ("\n", $this->rules); + } + + public function separator() + { + return ''; + } public function explain() { @@ -147,7 +134,7 @@ class NidsExport $this->rules[] = '# These NIDS rules contain some variables that need to exist in your configuration.'; $this->rules[] = '# Make sure you have set:'; $this->rules[] = '#'; - $this->rules[] = '# $HOME_NET - Your internal network range'; + $this->rules[] = '# $HOME_NET - Your internal network range'; $this->rules[] = '# $EXTERNAL_NET - The network considered as outside'; $this->rules[] = '# $SMTP_SERVERS - All your internal SMTP servers'; $this->rules[] = '# $HTTP_PORTS - The ports used to contain HTTP traffic (not required with suricata export)'; @@ -160,10 +147,10 @@ class NidsExport public function export($items, $startSid, $format="suricata", $continue = false) { $this->format = $format; - if ($this->checkWhitelist && !isset($this->Whitelist)) { - $this->Whitelist = ClassRegistry::init('Whitelist'); - $this->whitelist = $this->Whitelist->getBlockedValues(); - } + if ($this->checkWhitelist && !isset($this->Whitelist)) { + $this->Whitelist = ClassRegistry::init('Whitelist'); + $this->whitelist = $this->Whitelist->getBlockedValues(); + } // output a short explanation if (!$continue) { @@ -173,20 +160,20 @@ class NidsExport foreach ($items as $item) { // retrieve all tags for this item to add them to the msg $tagsArray = []; - if (!empty($item['AttributeTag'])) { - foreach ($item['AttributeTag'] as $tag_attr) { - if (array_key_exists('name', $tag_attr['Tag'])) { - array_push($tagsArray, $tag_attr['Tag']['name']); - } - } - } - if (!empty($item['Event']['EventTag'])) { - foreach ($item['Event']['EventTag'] as $tag_event) { - if (array_key_exists('name', $tag_event['Tag'])) { - array_push($tagsArray, $tag_event['Tag']['name']); - } - } - } + if (!empty($item['AttributeTag'])) { + foreach ($item['AttributeTag'] as $tag_attr) { + if (array_key_exists('name', $tag_attr['Tag'])) { + array_push($tagsArray, $tag_attr['Tag']['name']); + } + } + } + if (!empty($item['Event']['EventTag'])) { + foreach ($item['Event']['EventTag'] as $tag_event) { + if (array_key_exists('name', $tag_event['Tag'])) { + array_push($tagsArray, $tag_event['Tag']['name']); + } + } + } $ruleFormatMsgTags = implode(",", $tagsArray); # proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev @@ -197,122 +184,122 @@ class NidsExport $sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type $sid++; - if(!empty($item['Attribute']['type'])) { //NOTES: Item is an 'Attribute' + if(!empty($item['Attribute']['type'])) { // item is an 'Attribute' - switch ($item['Attribute']['type']) { - // LATER nids - test all the snort attributes - // LATER nids - add the tag keyword in the rules to capture network traffic - // LATER nids - sanitize every $attribute['value'] to not conflict with snort - case 'ip-dst': - $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-src': - $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-dst|port': - $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-src|port': - $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email': - $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); - $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-src': - $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-dst': - $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-subject': - $this->emailSubjectRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-attachment': - $this->emailAttachmentRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'domain': - $this->domainRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'domain|ip': - $this->domainIpRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'hostname': - $this->hostnameRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'url': - $this->urlRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'user-agent': - $this->userAgentRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ja3-fingerprint-md5': - $this->ja3Rule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ja3s-fingerprint-md5': // Atribute type doesn't exists yet (2020-12-10) but ready when created. - $this->ja3sRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'snort': - $this->snortRule($ruleFormat, $item['Attribute'], $sid, $ruleFormatMsg, $ruleFormatReference); - // no break - default: - break; - } - - } else if(!empty($item['Attribute']['name'])) { //NOTES: Item is an 'Object' - - switch ($item['Attribute']['name']) { - case 'network-connection': - $this->networkConnectionRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ddos': - $this->ddosRule($ruleFormat, $item['Attribute'], $sid); - break; - default: - break; - } - - } - + switch ($item['Attribute']['type']) { + // LATER nids - test all the snort attributes + // LATER nids - add the tag keyword in the rules to capture network traffic + // LATER nids - sanitize every $attribute['value'] to not conflict with snort + case 'ip-dst': + $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-src': + $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-dst|port': + $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-src|port': + $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email': + $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); + $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-src': + $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-dst': + $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-subject': + $this->emailSubjectRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-attachment': + $this->emailAttachmentRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'domain': + $this->domainRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'domain|ip': + $this->domainIpRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'hostname': + $this->hostnameRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'url': + $this->urlRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'user-agent': + $this->userAgentRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ja3-fingerprint-md5': + $this->ja3Rule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ja3s-fingerprint-md5': // Atribute type doesn't exists yet (2020-12-10) but ready when created. + $this->ja3sRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'snort': + $this->snortRule($ruleFormat, $item['Attribute'], $sid, $ruleFormatMsg, $ruleFormatReference); + // no break + default: + break; + } + + } else if(!empty($item['Attribute']['name'])) { // Item is an 'Object' + + switch ($item['Attribute']['name']) { + case 'network-connection': + $this->networkConnectionRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ddos': + $this->ddosRule($ruleFormat, $item['Attribute'], $sid); + break; + default: + break; + } + + } + } return $this->rules; } - + public function networkConnectionRule($ruleFormat, $object, &$sid) { - $attributes = NidsExport::getObjectAttributes($object); + $attributes = NidsExport::getObjectAttributes($object); if(!array_key_exists('layer4-protocol', $attributes)){ - $attributes['layer4-protocol'] = 'ip'; // If layer-4 protocol is unknown, we roll-back to layer-3 ('ip') + $attributes['layer4-protocol'] = 'ip'; // If layer-4 protocol is unknown, we roll-back to layer-3 ('ip') } if(!array_key_exists('ip-src', $attributes)){ - $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET + $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET } if(!array_key_exists('ip-dst', $attributes)){ - $attributes['ip-dst'] = '$HOME_NET'; // If ip-dst is unknown, we roll-back to $HOME_NET + $attributes['ip-dst'] = '$HOME_NET'; // If ip-dst is unknown, we roll-back to $HOME_NET } if(!array_key_exists('src-port', $attributes)){ - $attributes['src-port'] = 'any'; // If src-port is unknown, we roll-back to 'any' + $attributes['src-port'] = 'any'; // If src-port is unknown, we roll-back to 'any' } if(!array_key_exists('dst-port', $attributes)){ - $attributes['dst-port'] = 'any'; // If dst-port is unknown, we roll-back to 'any' + $attributes['dst-port'] = 'any'; // If dst-port is unknown, we roll-back to 'any' } - $this->rules[] = sprintf( + $this->rules[] = sprintf( $ruleFormat, false, - $attributes['layer4-protocol'], // proto - $attributes['ip-src'], // src_ip - $attributes['src-port'], // src_port - '->', // direction - $attributes['ip-dst'], // dst_ip - $attributes['dst-port'], // dst_port - 'Network connection between ' . $attributes['ip-src'] . ' and ' . $attributes['ip-dst'], // msg - '', // rule_content - '', // tag - $sid, // sid - 1 // rev + $attributes['layer4-protocol'], // proto + $attributes['ip-src'], // src_ip + $attributes['src-port'], // src_port + '->', // direction + $attributes['ip-dst'], // dst_ip + $attributes['dst-port'], // dst_port + 'Network connection between ' . $attributes['ip-src'] . ' and ' . $attributes['ip-dst'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev ); } @@ -320,49 +307,49 @@ class NidsExport public function ddosRule($ruleFormat, $object, &$sid) { - $attributes = NidsExport::getObjectAttributes($object); + $attributes = NidsExport::getObjectAttributes($object); if(!array_key_exists('protocol', $attributes)){ - $attributes['protocol'] = 'ip'; // If protocol is unknown, we roll-back to 'ip' + $attributes['protocol'] = 'ip'; // If protocol is unknown, we roll-back to 'ip' } if(!array_key_exists('ip-src', $attributes)){ - $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET + $attributes['ip-src'] = '$HOME_NET'; // If ip-src is unknown, we roll-back to $HOME_NET } if(!array_key_exists('ip-dst', $attributes)){ - $attributes['ip-dst'] = '$HOME_NET'; // If ip-dst is unknown, we roll-back to $HOME_NET + $attributes['ip-dst'] = '$HOME_NET'; // If ip-dst is unknown, we roll-back to $HOME_NET } if(!array_key_exists('src-port', $attributes)){ - $attributes['src-port'] = 'any'; // If src-port is unknown, we roll-back to 'any' + $attributes['src-port'] = 'any'; // If src-port is unknown, we roll-back to 'any' } if(!array_key_exists('dst-port', $attributes)){ - $attributes['dst-port'] = 'any'; // If dst-port is unknown, we roll-back to 'any' + $attributes['dst-port'] = 'any'; // If dst-port is unknown, we roll-back to 'any' } - $this->rules[] = sprintf( + $this->rules[] = sprintf( $ruleFormat, false, - $attributes['protocol'], // proto - $attributes['ip-src'], // src_ip - $attributes['src-port'], // src_port - '->', // direction - $attributes['ip-dst'], // dst_ip - $attributes['dst-port'], // dst_port - 'DDOS attack detected between ' . $attributes['ip-src'] . ' and ' . $attributes['ip-dst'], // msg - '', // rule_content - '', // tag - $sid, // sid - 1 // rev + $attributes['protocol'], // proto + $attributes['ip-src'], // src_ip + $attributes['src-port'], // src_port + '->', // direction + $attributes['ip-dst'], // dst_ip + $attributes['dst-port'], // dst_port + 'DDOS attack detected between ' . $attributes['ip-src'] . ' and ' . $attributes['ip-dst'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev ); } public static function getObjectAttributes($object) { - - $attributes = array(); + + $attributes = array(); foreach ($object['Attribute'] as $attribute) { - $attributes[$attribute['object_relation']] = $attribute['value']; + $attributes[$attribute['object_relation']] = $attribute['value']; } return $attributes; @@ -388,17 +375,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'ip', // proto - '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction - $ipport[0], // dst_ip - $ipport[1], // dst_port - 'Outgoing To IP: ' . $attribute['value'], // msg - '', // rule_content - '', // tag - $sid, // sid - 1 // rev + 'ip', // proto + '$HOME_NET', // src_ip + 'any', // src_port + '->', // direction + $ipport[0], // dst_ip + $ipport[1], // dst_port + 'Outgoing To IP: ' . $attribute['value'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev ); } @@ -409,17 +396,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'ip', // proto - $ipport[0], // src_ip - $ipport[1], // src_port - '->', // direction - '$HOME_NET', // dst_ip - 'any', // dst_port - 'Incoming From IP: ' . $attribute['value'], // msg - '', // rule_content - '', // tag - $sid, // sid - 1 // rev + 'ip', // proto + $ipport[0], // src_ip + $ipport[1], // src_port + '->', // direction + '$HOME_NET', // dst_ip + 'any', // dst_port + 'Incoming From IP: ' . $attribute['value'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev ); } @@ -431,17 +418,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$EXTERNAL_NET', // src_ip - 'any', // src_port - '->', // direction - '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Source Email Address: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$EXTERNAL_NET', // src_ip + 'any', // src_port + '->', // direction + '$SMTP_SERVERS', // dst_ip + '25', // dst_port + 'Source Email Address: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -453,17 +440,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$EXTERNAL_NET', // src_ip - 'any', // src_port - '->', // direction - '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Destination Email Address: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$EXTERNAL_NET', // src_ip + 'any', // src_port + '->', // direction + '$SMTP_SERVERS', // dst_ip + '25', // dst_port + 'Destination Email Address: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -476,17 +463,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$EXTERNAL_NET', // src_ip - 'any', // src_port - '->', // direction - '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Bad Email Subject', // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$EXTERNAL_NET', // src_ip + 'any', // src_port + '->', // direction + '$SMTP_SERVERS', // dst_ip + '25', // dst_port + 'Bad Email Subject', // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -499,17 +486,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$EXTERNAL_NET', // src_ip - 'any', // src_port - '->', // direction - '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Bad Email Attachment', // msg - $content, // rule_content // LATER nids - test and finetune this snort rule https://secure.wikimedia.org/wikipedia/en/wiki/MIME#Content-Disposition - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$EXTERNAL_NET', // src_ip + 'any', // src_port + '->', // direction + '$SMTP_SERVERS', // dst_ip + '25', // dst_port + 'Bad Email Attachment', // msg + $content, // rule_content // LATER nids - test and finetune this snort rule https://secure.wikimedia.org/wikipedia/en/wiki/MIME#Content-Disposition + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -521,33 +508,33 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'udp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Hostname: ' . $attribute['value'], // msg - $content, // rule_content - '', // tag - $sid, // sid - 1 // rev + 'udp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Hostname: ' . $attribute['value'], // msg + $content, // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Hostname: ' . $attribute['value'], // msg - $content. ' flow:established;', // rule_content - '', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Hostname: ' . $attribute['value'], // msg + $content. ' flow:established;', // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; // also do http requests @@ -555,17 +542,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction - '$EXTERNAL_NET', // dst_ip - '$HTTP_PORTS', // dst_port - 'Outgoing HTTP Hostname: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$HOME_NET', // src_ip + 'any', // src_port + '->', // direction + '$EXTERNAL_NET', // dst_ip + '$HTTP_PORTS', // dst_port + 'Outgoing HTTP Hostname: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -577,33 +564,33 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'udp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Domain: ' . $attribute['value'], // msg - $content, // rule_content - '', // tag - $sid, // sid - 1 // rev + 'udp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Domain: ' . $attribute['value'], // msg + $content, // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Domain: ' . $attribute['value'], // msg - $content. ' flow:established;', // rule_content - '', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Domain: ' . $attribute['value'], // msg + $content. ' flow:established;', // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; // also do http requests, @@ -611,17 +598,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction - '$EXTERNAL_NET', // dst_ip - '$HTTP_PORTS', // dst_port - 'Outgoing HTTP Domain: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$HOME_NET', // src_ip + 'any', // src_port + '->', // direction + '$EXTERNAL_NET', // dst_ip + '$HTTP_PORTS', // dst_port + 'Outgoing HTTP Domain: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -636,17 +623,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction - '$EXTERNAL_NET', // dst_ip - '$HTTP_PORTS', // dst_port - 'Outgoing HTTP URL: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$HOME_NET', // src_ip + 'any', // src_port + '->', // direction + '$EXTERNAL_NET', // dst_ip + '$HTTP_PORTS', // dst_port + 'Outgoing HTTP URL: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -658,17 +645,17 @@ class NidsExport $this->rules[] = sprintf( $ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction - '$EXTERNAL_NET', // dst_ip - '$HTTP_PORTS', // dst_port - 'Outgoing User-Agent: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + '$HOME_NET', // src_ip + 'any', // src_port + '->', // direction + '$EXTERNAL_NET', // dst_ip + '$HTTP_PORTS', // dst_port + 'Outgoing User-Agent: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -690,37 +677,37 @@ class NidsExport $tmpRule = str_replace(array("\r","\n"), " ", $attribute['value']); // rebuild the rule by overwriting the different keywords using preg_replace() - // sid - '/sid\s*:\s*[0-9]+\s*;/' - // rev - '/rev\s*:\s*[0-9]+\s*;/' + // sid - '/sid\s*:\s*[0-9]+\s*;/' + // rev - '/rev\s*:\s*[0-9]+\s*;/' // classtype - '/classtype:[a-zA-Z_-]+;/' - // msg - '/msg\s*:\s*".*?"\s*;/' + // msg - '/msg\s*:\s*".*?"\s*;/' // reference - '/reference\s*:\s*.+?;/' - // tag - '/tag\s*:\s*.+?;/' + // tag - '/tag\s*:\s*.+?;/' $replaceCount = array(); $tmpRule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:' . $sid . ';', $tmpRule, -1, $replaceCount['sid']); if (null == $tmpRule) { return false; - } // don't output the rule on error with the regex + } // don't output the rule on error with the regex $tmpRule = preg_replace('/rev\s*:\s*[0-9]+\s*;/', 'rev:1;', $tmpRule, -1, $replaceCount['rev']); if (null == $tmpRule) { return false; - } // don't output the rule on error with the regex + } // don't output the rule on error with the regex $tmpRule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:' . $this->classtype . ';', $tmpRule, -1, $replaceCount['classtype']); if (null == $tmpRule) { return false; - } // don't output the rule on error with the regex + } // don't output the rule on error with the regex $tmpRule = preg_replace('/msg\s*:\s*"(.*?)"\s*;/', sprintf($ruleFormatMsg, 'snort-rule | $1') . ';', $tmpRule, -1, $replaceCount['msg']); if (null == $tmpRule) { return false; - } // don't output the rule on error with the regex + } // don't output the rule on error with the regex $tmpRule = preg_replace('/reference\s*:\s*.+?;/', $ruleFormatReference . ';', $tmpRule, -1, $replaceCount['reference']); if (null == $tmpRule) { return false; - } // don't output the rule on error with the regex + } // don't output the rule on error with the regex $tmpRule = preg_replace('/reference\s*:\s*.+?;/', $ruleFormatReference . ';', $tmpRule, -1, $replaceCount['reference']); if (null == $tmpRule) { return false; - } // don't output the rule on error with the regex + } // don't output the rule on error with the regex // FIXME nids - implement priority overwriting // some values were not replaced, so we need to add them ourselves, and insert them in the rule @@ -830,13 +817,13 @@ class NidsExport public function checkWhitelist($value) { - if ($this->checkWhitelist && is_array($this->whitelist)) { - foreach ($this->whitelist as $wlitem) { - if (preg_match($wlitem, $value)) { - return true; - } - } - } + if ($this->checkWhitelist && is_array($this->whitelist)) { + foreach ($this->whitelist as $wlitem) { + if (preg_match($wlitem, $value)) { + return true; + } + } + } return false; } From 0180da6b576f81d70db90aa9083e7d07b3e1319b Mon Sep 17 00:00:00 2001 From: Marco Caselli Date: Fri, 1 Oct 2021 11:17:02 +0200 Subject: [PATCH 0012/1366] Fixing mistake ("data" -> "event") --- app/Lib/Export/NidsExport.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Lib/Export/NidsExport.php b/app/Lib/Export/NidsExport.php index 05d448109..c8cabe89b 100644 --- a/app/Lib/Export/NidsExport.php +++ b/app/Lib/Export/NidsExport.php @@ -96,7 +96,7 @@ class NidsExport ); } else { // In case no custom export exists for the object, the approach falls back to the attribute case - $this->__convertFromEventFormat($object['Attribute'], $data, $options, $continue); + $this->__convertFromEventFormat($object['Attribute'], $event, $options, $continue); } } From 653fe1c9016bd89971140ec04376c1ca26fa21b4 Mon Sep 17 00:00:00 2001 From: Marco Caselli Date: Fri, 1 Oct 2021 11:21:49 +0200 Subject: [PATCH 0013/1366] Fixed indentation --- app/Lib/Export/NidsExport.php | 147 +++++++++++++++++----------------- 1 file changed, 74 insertions(+), 73 deletions(-) diff --git a/app/Lib/Export/NidsExport.php b/app/Lib/Export/NidsExport.php index c8cabe89b..a381556ab 100644 --- a/app/Lib/Export/NidsExport.php +++ b/app/Lib/Export/NidsExport.php @@ -186,82 +186,83 @@ class NidsExport if(!empty($item['Attribute']['type'])) { // item is an 'Attribute' - switch ($item['Attribute']['type']) { - // LATER nids - test all the snort attributes - // LATER nids - add the tag keyword in the rules to capture network traffic - // LATER nids - sanitize every $attribute['value'] to not conflict with snort - case 'ip-dst': - $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-src': - $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-dst|port': - $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ip-src|port': - $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email': - $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); - $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-src': - $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-dst': - $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-subject': - $this->emailSubjectRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'email-attachment': - $this->emailAttachmentRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'domain': - $this->domainRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'domain|ip': - $this->domainIpRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'hostname': - $this->hostnameRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'url': - $this->urlRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'user-agent': - $this->userAgentRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ja3-fingerprint-md5': - $this->ja3Rule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ja3s-fingerprint-md5': // Atribute type doesn't exists yet (2020-12-10) but ready when created. - $this->ja3sRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'snort': - $this->snortRule($ruleFormat, $item['Attribute'], $sid, $ruleFormatMsg, $ruleFormatReference); - // no break - default: - break; + switch ($item['Attribute']['type']) { + // LATER nids - test all the snort attributes + // LATER nids - add the tag keyword in the rules to capture network traffic + // LATER nids - sanitize every $attribute['value'] to not conflict with snort + case 'ip-dst': + $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-src': + $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-dst|port': + $this->ipDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ip-src|port': + $this->ipSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email': + $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); + $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-src': + $this->emailSrcRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-dst': + $this->emailDstRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-subject': + $this->emailSubjectRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'email-attachment': + $this->emailAttachmentRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'domain': + $this->domainRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'domain|ip': + $this->domainIpRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'hostname': + $this->hostnameRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'url': + $this->urlRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'user-agent': + $this->userAgentRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ja3-fingerprint-md5': + $this->ja3Rule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ja3s-fingerprint-md5': // Atribute type doesn't exists yet (2020-12-10) but ready when created. + $this->ja3sRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'snort': + $this->snortRule($ruleFormat, $item['Attribute'], $sid, $ruleFormatMsg, $ruleFormatReference); + // no break + default: + break; + } + + } else if(!empty($item['Attribute']['name'])) { // Item is an 'Object' + + switch ($item['Attribute']['name']) { + case 'network-connection': + $this->networkConnectionRule($ruleFormat, $item['Attribute'], $sid); + break; + case 'ddos': + $this->ddosRule($ruleFormat, $item['Attribute'], $sid); + break; + default: + break; + } + } - } else if(!empty($item['Attribute']['name'])) { // Item is an 'Object' - - switch ($item['Attribute']['name']) { - case 'network-connection': - $this->networkConnectionRule($ruleFormat, $item['Attribute'], $sid); - break; - case 'ddos': - $this->ddosRule($ruleFormat, $item['Attribute'], $sid); - break; - default: - break; - } - - } - } + return $this->rules; } From c93a501ef1a70268a852f9e7c4ab5c884fa9d34a Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 11 Feb 2022 18:51:03 +0100 Subject: [PATCH 0014/1366] chg: [taxonomies] updated to the latest version --- app/files/taxonomies | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/taxonomies b/app/files/taxonomies index ce3470073..6da2a75fc 160000 --- a/app/files/taxonomies +++ b/app/files/taxonomies @@ -1 +1 @@ -Subproject commit ce3470073a740f7da9c89d9efde3128ea31f1b26 +Subproject commit 6da2a75fc41afb401d5c16635dfcd48d43372a88 From 8d07debaabe67eabbd2c1a5961ba6124639839f3 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 11 Feb 2022 19:05:35 +0100 Subject: [PATCH 0015/1366] fix: [ACL] added events/populate --- app/Controller/Component/ACLComponent.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index b3f460ee6..eedce9c4f 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -232,6 +232,7 @@ class ACLComponent extends Component 'massDelete' => array(), 'merge' => array('perm_modify'), 'nids' => array('*'), + 'populate' => array('perm_add'), 'proposalEventIndex' => array('*'), 'publish' => array('perm_publish'), 'publishSightings' => array('perm_sighting'), From b08f7cf2d84948f540801586bed35fd024a4cc60 Mon Sep 17 00:00:00 2001 From: Frank Olbricht Date: Sat, 12 Feb 2022 14:41:35 -0700 Subject: [PATCH 0016/1366] Preserve Session.* configuration in serverSettingsSaveValue --- app/Model/Server.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 9963384ae..a411a1d6c 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -2308,10 +2308,9 @@ class Server extends AppModel $settingsToSave = array( 'debug', 'MISP', 'GnuPG', 'SMIME', 'Proxy', 'SecureAuth', - 'Security', 'Session.defaults', 'Session.timeout', 'Session.cookieTimeout', - 'Session.autoRegenerate', 'Session.checkAgent', 'site_admin_debug', - 'Plugin', 'CertAuth', 'ApacheShibbAuth', 'ApacheSecureAuth', 'OidcAuth', - 'AadAuth', 'SimpleBackgroundJobs', 'LinOTPAuth' + 'Security', 'Session', 'site_admin_debug', 'Plugin', 'CertAuth', + 'ApacheShibbAuth', 'ApacheSecureAuth', 'OidcAuth', 'AadAuth', + 'SimpleBackgroundJobs', 'LinOTPAuth' ); $settingsArray = array(); foreach ($settingsToSave as $setting) { From 07d78810b5dfc5b7d415656d682141b15426c77e Mon Sep 17 00:00:00 2001 From: chrisr3d Date: Mon, 14 Feb 2022 14:15:13 +0100 Subject: [PATCH 0017/1366] fix: [stix2 import] Fixed description fields from STIX objects parsing as comment field for external STIX data --- app/files/scripts/stix2/stix2misp.py | 35 ++++++++++++++-------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/app/files/scripts/stix2/stix2misp.py b/app/files/scripts/stix2/stix2misp.py index 0e92aed1c..b71038bdb 100644 --- a/app/files/scripts/stix2/stix2misp.py +++ b/app/files/scripts/stix2/stix2misp.py @@ -1933,29 +1933,28 @@ class ExternalStixParser(StixParser): def add_attributes_from_indicator(self, indicator, attribute_type, separator): patterns = self._handle_pattern(indicator.pattern).split(separator) + attribute = { + 'type': attribute_type, + 'to_ids': True + } + attribute.update(self.parse_timeline(indicator)) + if hasattr(indicator, 'description') and indicator.description: + attribute['comment'] = indicator.description if len(patterns) == 1: _, value = self.get_type_and_value_from_pattern(patterns[0]) - attribute = MISPAttribute() - attribute.from_dict(**{ - 'uuid': indicator.id.split('--')[1], - 'type': attribute_type, - 'value': value, - 'to_ids': True - }) - attribute.update(self.parse_timeline(indicator)) + attribute.update( + { + 'uuid': indicator.id.split('--')[1], + 'value': value, + } + ) self.misp_event.add_attribute(**attribute) else: - tmp_attribute = self.parse_timeline(indicator) for pattern in patterns: _, value = self.get_type_and_value_from_pattern(pattern) - attribute = MISPAttribute() - attribute.from_dict(**{ - 'type': attribute_type, - 'value': value, - 'to_ids': True - }) - attribute.update(tmp_attribute) - self.misp_event.add_attribute(**attribute) + misp_attribute = {'value': value} + misp_attribute.update(attribute) + self.misp_event.add_attribute(**misp_attribute) def add_attributes_from_observable(self, observable, attribute_type, feature): if len(observable.objects) == 1: @@ -2026,6 +2025,8 @@ class ExternalStixParser(StixParser): attribute['to_ids'] = True if hasattr(stix_object, 'object_marking_refs'): self.update_marking_refs(attribute['uuid'], stix_object.object_marking_refs) + if hasattr(stix_object, 'description') and stix_object.description: + attribute['comment'] = stix_object.description self.misp_event.add_attribute(**attribute) except IndexError: object_type = 'indicator' if isinstance(stix_object, stix2.Indicator) else 'observable objects' From 07b29a6865b93cf6bd9866eb7af647a8d3159326 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Feb 2022 14:45:57 +0100 Subject: [PATCH 0018/1366] chg: [proposal alert] emails now include the event uuid - for easier lookup on your own instance, rather than the remote. --- app/Model/ShadowAttribute.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Model/ShadowAttribute.php b/app/Model/ShadowAttribute.php index 5f55a05cb..f2a7d42cb 100644 --- a/app/Model/ShadowAttribute.php +++ b/app/Model/ShadowAttribute.php @@ -561,7 +561,7 @@ class ShadowAttribute extends AppModel $body = "Hello, \n\n"; $body .= "A user of another organisation has proposed a change to an event created by you or your organisation. \n\n"; $body .= 'To view the event in question, follow this link: ' . Configure::read('MISP.baseurl') . '/events/view/' . $id . "\n"; - $subject = "[" . Configure::read('MISP.org') . " MISP] Proposal to event #" . $id; + $subject = "[" . Configure::read('MISP.org') . " MISP] Proposal to event #" . $id . ' (uuid: ' . $event['Event']['uuid'] . ')'; $result = false; foreach ($orgMembers as $user) { $result = $this->User->sendEmail($user, $body, $body, $subject) or $result; From 6ab34c5b34aa3aa40c9962cf437288622b269670 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Feb 2022 15:23:03 +0100 Subject: [PATCH 0019/1366] fix: [sync] fixed several issues with the sync attribute filters causing issues - if no negative sync filters defined, errors thrown due to check against null --- app/Model/Server.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 9963384ae..b86db437b 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -272,7 +272,11 @@ class Server extends AppModel if (isset($event['Event']['Attribute'])) { $originalCount = count($event['Event']['Attribute']); foreach ($event['Event']['Attribute'] as $key => $attribute) { - if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && in_array($attribute['type'], $pullRules['type_attributes']['NOT'])) { + if ( + !empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && + !empty($pullRules['type_attributes']['NOT']) && + in_array($attribute['type'], $pullRules['type_attributes']['NOT']) + ) { unset($event['Event']['Attribute'][$key]); continue; } @@ -300,7 +304,11 @@ class Server extends AppModel if (isset($event['Event']['Object'])) { $originalObjectCount = count($event['Event']['Object']); foreach ($event['Event']['Object'] as $i => $object) { - if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && in_array($object['template_uuid'], $pullRules['type_objects']['NOT'])) { + if ( + !empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && + !empty($pullRules['type_objects']['NOT']) && + in_array($object['template_uuid'], $pullRules['type_objects']['NOT']) + ) { unset($event['Event']['Object'][$i]); continue; } @@ -315,7 +323,11 @@ class Server extends AppModel if (isset($object['Attribute'])) { $originalAttributeCount = count($object['Attribute']); foreach ($object['Attribute'] as $j => $a) { - if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && in_array($a['type'], $pullRules['type_attributes']['NOT'])) { + if ( + !empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && + !empty($pullRules['type_attributes']['NOT']) && + in_array($a['type'], $pullRules['type_attributes']['NOT']) + ) { unset($event['Event']['Object'][$i]['Attribute'][$j]); continue; } From 22ea43fea25ffc373779f39a32aa701383d59e91 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 11 Feb 2022 19:05:35 +0100 Subject: [PATCH 0020/1366] fix: [ACL] added events/populate --- app/Controller/Component/ACLComponent.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index b3f460ee6..eedce9c4f 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -232,6 +232,7 @@ class ACLComponent extends Component 'massDelete' => array(), 'merge' => array('perm_modify'), 'nids' => array('*'), + 'populate' => array('perm_add'), 'proposalEventIndex' => array('*'), 'publish' => array('perm_publish'), 'publishSightings' => array('perm_sighting'), From 7f27b1869e9cb6a6e05a384b76d53bb4f3ced758 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Feb 2022 09:23:11 +0100 Subject: [PATCH 0021/1366] new: [behaviour] event warning behaviour added - inspects an event in MISP's internal raw format for discrepencies - creates a list of warnings --- app/Model/Behavior/EventWarningBehavior.php | 60 +++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 app/Model/Behavior/EventWarningBehavior.php diff --git a/app/Model/Behavior/EventWarningBehavior.php b/app/Model/Behavior/EventWarningBehavior.php new file mode 100644 index 000000000..98f9bc61b --- /dev/null +++ b/app/Model/Behavior/EventWarningBehavior.php @@ -0,0 +1,60 @@ +__tlpDistributionCheck($event); + $this->__contextCheck($event); + $this-> __emptyEventCheck($event); + return $this->__warnings; + } + + private function __emptyEventCheck($event) + { + if (empty($event['Attribute']) && empty($event['objects'])) { + $this->__warnings[__('Content')][] = __('Your event has neither attributes nor objects, whilst this can have legitimate reasons (such as purely creating an event with an event report or galaxy clusters), in most cases it\'s a sign that the event has yet to be fleshed out.'); + } + } + + private function __contextCheck($event) + { + if (empty($event['Galaxy']) && empty($event['EventTag'])) { + $this->__warnings[__('Contextualisation')][] = __('Your event has neither tags nor galaxy clusters attached - generally adding context to an event allows for quicker decision making and more accurate filtering, it is highly recommended that you label your events to the best of your ability.'); + } + } + + private function __tlpDistributionCheck($event) + { + if (!empty($event['EventTag'])) { + foreach ($event['EventTag'] as $eT) { + $this->__tlpTaxonomyCheck($eT, $this->__warnings); + if ($eT['Tag']['name'] === 'tlp:white' && $event['Event']['distribution'] !== 3) { + $this->__warnings[__('Distribution')][] = __('The event is tagged as tlp:white, yet the distribution is not set to all. Change the distribution setting to something more lax if you wish for the event to propagate further.'); + } else if ($eT['Tag']['name'] === 'tlp:green' && !in_array($event['Event']['distribution'], [1, 2, 3])) { + $this->__warnings[__('Distribution')][] = __('The event is tagged as tlp:green, yet the distribution is not set to community, connected communities or all. tlp:green assumes sharing with your entire community - make sure that the selected distribution setting covers that.'); + } else if (in_array($eT['Tag']['name'], ['tlp:amber', 'tlp:red']) && $event['Event']['distribution'] !== 4) { + $this->__warnings[__('Distribution')][] = __('The event is tagged as %s, yet the distribution is set to all, be aware of potential information leakage.', $eT['Tag']['name']); + } + } + } + } + + private function __tlpTaxonomyCheck($eventTag) + { + $lowerTagName = trim(strtolower($eventTag['Tag']['name'])); + if (substr($lowerTagName, 0, 4) === 'tlp:') { + if (!in_array($lowerTagName, ['tlp:white', 'tlp:green', 'tlp:amber', 'tlp:red', 'tlp:ex:chr'])) { + $this->__warnings['TLP'][] = __('Unknown TLP tag, please refer to the TLP taxonomy as to what is valid, otherwise filtering rules created by your partners may miss your intent.'); + } else if ($lowerTagName !== $eventTag['Tag']['name']) { + $this->__warnings['TLP'][] = __('TLP tag with invalid formating: Make sure that you only use TLP tags from the taxonomy. Custom tags with invalid capitalisation, white spaces or other artifacts will break synchronisation and filtering rules intended for the correct taxonomy derived tags.'); + } + } + } +} From f8a0feb59ca6e47e184a846a5f638c1e149cf4de Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Feb 2022 09:24:12 +0100 Subject: [PATCH 0022/1366] chg: [event warnings] load the new behaviour and set the view variable with the contents --- app/Controller/EventsController.php | 1 + app/Model/Event.php | 1 + 2 files changed, 2 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 674313719..aee9f4c8f 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1602,6 +1602,7 @@ class EventsController extends AppController $this->set('title_for_layout', __('Event #%s', $event['Event']['id'])); $this->set('attribute_count', $attributeCount); $this->set('object_count', $objectCount); + $this->set('warnings', $this->Event->generateWarnings($event)); $this->__eventViewCommon($user); } diff --git a/app/Model/Event.php b/app/Model/Event.php index facdaf451..8247801d4 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -28,6 +28,7 @@ class Event extends AppModel 'change' => 'full'), 'Trim', 'Containable', + 'EventWarning' ); public $displayField = 'id'; From 384d517a1194d63940626b20d106d1edb652be0e Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Feb 2022 09:24:43 +0100 Subject: [PATCH 0023/1366] new: [event warnings] include them in the event view --- app/View/Events/view.ctp | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index ea2db9b55..07f0f55c4 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -178,6 +178,27 @@ ) ) ); + if (!empty($warnings) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin']))) { + $warningsHtml = ''; + $class = 'published'; + $tempWarnings = []; + foreach ($warnings as $key => $values) { + $values = is_array($values) ? $values : [$values]; + foreach ($values as $value) { + $warningsHtml .= sprintf( + '%s:

%s

', + h($key), + h($value) + ); + } + } + $table_data[] = array( + 'key' => __('Warnings'), + 'class' => !empty($warnings) ? 'background-red bold' : '', + 'class_value' => ($event['Event']['published'] == 0) ? '' : 'green', + 'html' => $warningsHtml + ); + } $table_data[] = array( 'key' => __('Info'), 'value' => $event['Event']['info'] From 20c4ca798590881f78bf164ef26a3068b87f2ab7 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 11:16:03 +0100 Subject: [PATCH 0024/1366] chg: [cli] Use more entropy when generating new encryption key --- app/Console/Command/AdminShell.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/app/Console/Command/AdminShell.php b/app/Console/Command/AdminShell.php index e38b26e3f..e009eded8 100644 --- a/app/Console/Command/AdminShell.php +++ b/app/Console/Command/AdminShell.php @@ -936,7 +936,7 @@ class AdminShell extends AppShell $new = $this->params['new'] ?? null; if ($new !== null && strlen($new) < 32) { - $this->error('New key must be at least 32 char long.'); + $this->error('New key must be at least 32 chars long.'); } if ($old === null) { @@ -945,8 +945,7 @@ class AdminShell extends AppShell if ($new === null) { // Generate random new key - $randomTool = new RandomTool(); - $new = $randomTool->random_str(); + $new = rtrim(base64_encode(random_bytes(32)), "="); } $this->Server->getDataSource()->begin(); From e1774abe807a8cef13a406e2b9e8ef196cc764f0 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 16 Feb 2022 17:08:31 +0100 Subject: [PATCH 0025/1366] new: [oidc] Check user validity --- app/Console/Command/UserShell.php | 24 ++++ app/Controller/AppController.php | 2 +- app/Model/User.php | 31 ++++- .../Component/Auth/OidcAuthenticate.php | 131 +++++++++++++++++- app/Plugin/OidcAuth/README.md | 8 +- 5 files changed, 188 insertions(+), 8 deletions(-) diff --git a/app/Console/Command/UserShell.php b/app/Console/Command/UserShell.php index 3336a3751..2be14fa76 100644 --- a/app/Console/Command/UserShell.php +++ b/app/Console/Command/UserShell.php @@ -46,6 +46,14 @@ class UserShell extends AppShell ], ], ]); + $parser->addSubcommand('check_validity', [ + 'help' => __('Check users validity from external identity provider and block not valid user.'), + 'parser' => [ + 'options' => [ + 'block_invalid' => ['help' => __('Block user that are considered invalid.'), 'boolean' => true], + ], + ] + ]); $parser->addSubcommand('change_pw', [ 'help' => __('Change user password.'), 'parser' => [ @@ -237,6 +245,22 @@ class UserShell extends AppShell $this->out("User $userId unblocked."); } + public function check_validity() + { + $users = $this->User->find('all', [ + 'recursive' => -1, + 'contain' => ['UserSetting'], + 'conditions' => ['disabled' => false], // fetch just not disabled users + ]); + $blockInvalid = $this->params['block_invalid']; + + foreach ($users as $user) { + $user['User']['UserSetting'] = $user['UserSetting']; + $result = $this->User->checkIfUserIsValid($user['User'], $blockInvalid, true); + $this->out("{$user['User']['email']}: " . ($result ? 'valid' : 'INVALID')); + } + } + public function change_pw() { list($userId, $newPassword) = $this->args; diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index c93573674..06c53bf28 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -541,7 +541,7 @@ class AppController extends Controller return false; } - if ($user['disabled']) { + if ($user['disabled'] || (isset($user['logged_by_authkey']) && $user['logged_by_authkey']) && !$this->User->checkIfUserIsValid($user)) { if ($this->_shouldLog('disabled:' . $user['id'])) { $this->Log = ClassRegistry::init('Log'); $this->Log->createLogEntry($user, 'auth_fail', 'User', $user['id'], 'Login attempt by disabled user.'); diff --git a/app/Model/User.php b/app/Model/User.php index 1fafc13cd..c054b3a17 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -733,6 +733,9 @@ class User extends AppModel $user['User']['Role'] = $user['Role']; $user['User']['Organisation'] = $user['Organisation']; $user['User']['Server'] = $user['Server']; + if (isset($user['UserSetting'])) { + $user['User']['UserSetting'] = $user['UserSetting']; + } return $user['User']; } @@ -820,7 +823,7 @@ class User extends AppModel */ public function sendEmail(array $user, $body, $bodyNoEnc = false, $subject, $replyToUser = false) { - if ($user['User']['disabled']) { + if ($user['User']['disabled'] || !$this->checkIfUserIsValid($user['User'])) { return true; } @@ -1406,6 +1409,32 @@ class User extends AppModel } } + /** + * Check if user still valid at identity provider. + * @param array $user + * @param bool $blockInvalid Block invalid user + * @param bool $ignoreValidityTime Block invalid user + * @return bool + * @throws Exception + */ + public function checkIfUserIsValid(array $user, $blockInvalid = false, $ignoreValidityTime = false) + { + $auth = Configure::read('Security.auth'); + if (!$auth) { + return true; + } + if (!is_array($auth)) { + throw new Exception("`Security.auth` config value must be array."); + } + if (!in_array('OidcAuth.Oidc', $auth, true)) { + return true; // this method currently makes sense just for OIDC auth provider + } + App::uses('OidcAuthenticate', 'OidcAuth.Controller/Component/Auth'); + App::uses('ComponentCollection', 'Controller'); + $oidc = new OidcAuthenticate(new ComponentCollection(), []); + return $oidc->isUserValid($user, $blockInvalid, $ignoreValidityTime); + } + /** * Initialize GPG. Returns `null` if initialization failed. * diff --git a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php index 84daeba74..1ed1ce06b 100644 --- a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php +++ b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php @@ -12,13 +12,18 @@ App::uses('BaseAuthenticate', 'Controller/Component/Auth'); * - OidcAuth.organisation_property (default: `organization`) * - OidcAuth.roles_property (default: `roles`) * - OidcAuth.default_org - * - OidcAuth.unblock + * - OidcAuth.unblock (boolean, default: false) + * - OidcAuth.offline_access (boolean, default: false) + * - OidcAuth.check_user_validity (integer, default `0`) */ class OidcAuthenticate extends BaseAuthenticate { /** @var User|null */ private $userModel; + /** @var \JakubOnderka\OpenIDConnectClient|\Jumbojett\OpenIDConnectClient */ + private $oidc; + /** * @param CakeRequest $request * @param CakeResponse $response @@ -70,12 +75,18 @@ class OidcAuthenticate extends BaseAuthenticate $organisationId = $this->checkOrganization($organisationName, $user, $mispUsername); if (!$organisationId) { + if ($user) { + $this->block($user); + } return false; } $roleId = $this->getUserRole($roles, $mispUsername); if ($roleId === null) { $this->log($mispUsername, 'No role was assigned.'); + if ($user) { + $this->block($user); + } return false; } @@ -111,7 +122,10 @@ class OidcAuthenticate extends BaseAuthenticate $this->log($mispUsername, "Unblocking user."); $user['disabled'] = false; } - $this->storeMetadata($user['id'], $verifiedClaims); + + $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; + $this->storeMetadata($user['id'], $verifiedClaims, $refreshToken); + $this->log($mispUsername, 'Logged in.'); return $user; } @@ -132,19 +146,91 @@ class OidcAuthenticate extends BaseAuthenticate throw new RuntimeException("Could not save user `$mispUsername` to database."); } - $this->storeMetadata($this->userModel()->id, $verifiedClaims); + $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; + $this->storeMetadata($this->userModel()->id, $verifiedClaims, $refreshToken); $this->log($mispUsername, "Saved in database with ID {$this->userModel()->id}"); $this->log($mispUsername, 'Logged in.'); return $this->_findUser($mispUsername); } + /** + * @param array $user + * @param bool $blockInvalid Block invalid user + * @param bool $ignoreValidityTime Ignore `check_user_validity` setting and always check if user is valid + * @return bool + * @throws Exception + */ + public function isUserValid(array $user, $blockInvalid = false, $ignoreValidityTime = false) + { + if (!$this->getConfig('offline_access', false)) { + return true; // offline access is not enabled, so it is not possible to verify user + } + + if (!$ignoreValidityTime) { + $checkUserValidityEvery = $this->getConfig('check_user_validity', 0); + if ($checkUserValidityEvery === 0) { + return true; // validity checking is disabled + } + } + + if (empty($user['sub'])) { + return true; // user is not OIDC managed user + } + + $userInfo = $this->findUserInfo($user); + if (!isset($userInfo['refresh_token'])) { + if ($blockInvalid) { + $this->block($user); + } + $this->log($user['email'], "User don't have refresh token, considering user is not valid"); + return false; + } + + if (!$ignoreValidityTime && $userInfo['validity_check_timestamp'] > time() - $checkUserValidityEvery) { + return true; // user was checked in last `check_user_validity`, do not check again + } + + $oidc = $this->prepareClient(); + + try { + $oidc->refreshToken($userInfo['refresh_token']); + } catch (JakubOnderka\ErrorResponse $e) { + if ($e->getError() === 'invalid_grant') { + if ($blockInvalid) { + $this->block($user); + } + $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is not valid"); + return false; + } else { + $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is still valid"); + return true; + } + } catch (Exception $e) { + $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is still valid"); + return true; + } + + // Update refresh token if new token provided + if ($oidc->getRefreshToken()) { + $userInfo['validity_check_timestamp'] = time(); + $userInfo['refresh_token'] = $oidc->getRefreshToken(); + $this->userModel()->UserSetting->setSettingInternal($user['id'], 'oidc', $userInfo); + } + + return true; + } + /** * @return \JakubOnderka\OpenIDConnectClient|\Jumbojett\OpenIDConnectClient * @throws Exception */ private function prepareClient() { + if ($this->oidc) { + return $this->oidc; + } + $providerUrl = $this->getConfig('provider_url'); if (!filter_var($providerUrl, FILTER_VALIDATE_URL)) { throw new RuntimeException("Config option `OidcAuth.provider_url` must be valid URL."); @@ -180,7 +266,12 @@ class OidcAuthenticate extends BaseAuthenticate $oidc->setCodeChallengeMethod($ccm); } + if ($this->getConfig('offline_access', false)) { + $oidc->addScope('offline_access'); + } + $oidc->setRedirectURL(Configure::read('MISP.baseurl') . '/users/login'); + $this->oidc = $oidc; return $oidc; } @@ -276,13 +367,30 @@ class OidcAuthenticate extends BaseAuthenticate return $value; } + /** + * @param array $user + * @return array + */ + private function findUserInfo(array $user) + { + if (isset($user['UserSetting'])) { + foreach ($user['UserSetting'] as $userSetting) { + if ($userSetting['setting'] === 'oidc') { + return $userSetting['value']; + } + } + } + return $this->userModel()->UserSetting->getValueForUser($user['id'], 'oidc'); + } + /** * @param int $userId * @param stdClass $verifiedClaims + * @param string|null $refreshToken * @return array|bool|mixed|null * @throws Exception */ - private function storeMetadata($userId, \stdClass $verifiedClaims) + private function storeMetadata($userId, \stdClass $verifiedClaims, $refreshToken = null) { // OIDC session ID if (isset($verifiedClaims->sid)) { @@ -295,10 +403,25 @@ class OidcAuthenticate extends BaseAuthenticate $value[$field] = $verifiedClaims->{$field}; } } + if ($refreshToken) { + $value['validity_check_timestamp'] = time(); + $value['refresh_token'] = $refreshToken; + } return $this->userModel()->UserSetting->setSettingInternal($userId, 'oidc', $value); } + /** + * @param array $user + * @return void + * @throws Exception + */ + private function block(array $user) + { + $this->userModel()->updateField($user, 'disabled', true); + $this->log($user['email'], "User blocked by OIDC"); + } + /** * @param string $username * @param string $message diff --git a/app/Plugin/OidcAuth/README.md b/app/Plugin/OidcAuth/README.md index 7a1534b97..e736dfb9c 100644 --- a/app/Plugin/OidcAuth/README.md +++ b/app/Plugin/OidcAuth/README.md @@ -1,7 +1,7 @@ # MISP OpenID Connect Authentication This plugin provides ability to use OpenID as Single sign-on for login users to MISP. -When plugin is enabled, users are direcly redirected to SSO provider and it is not possible +When plugin is enabled, users are directly redirected to SSO provider and it is not possible to login with passwords stored in MISP. ## Usage @@ -45,5 +45,9 @@ $config = array( ## Caveats -* When user is blocked in SSO (IdM), he/she will be not blocked in MISP. He could not log in, but users authentication keys will still work and also he/she will still receive all emails. +When user is blocked in SSO (IdM), he/she will be not blocked in MISP. He could not log in, but users authentication keys will still work and also he/she will still receive all emails. +To solve this problem: +1) set `OidcAuth.offline_access` to `true` - with that, IdP will be requested to provide offline access token +2) set `OidcAuth.check_user_validity` to number of seconds, after which user will be revalidated if he is still active in IdP. Zero means that this functionality is disabled. Recommended value is `300`. +3) because offline tokens will expire when not used, you can run `cake user check_user_validity` to check all user in one call From 9c357bec9c66dd1fe2de003ceee53fcaf0e0aab1 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 18 Feb 2022 12:17:32 +0100 Subject: [PATCH 0026/1366] chg: [internal] Speedup when no events found --- app/Controller/EventsController.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index aee9f4c8f..6c3673c15 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -991,6 +991,10 @@ class EventsController extends AppController private function __attachInfoToEvents(array $columns, array $events) { + if (empty($events)) { + return []; + } + $user = $this->Auth->user(); if (in_array('tags', $columns, true) || in_array('clusters', $columns, true)) { From 6cb30515e702592b8e68b6c26c43205a5f7876fe Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 18 Feb 2022 15:51:00 +0100 Subject: [PATCH 0027/1366] chg: [oidc] Check user role when checking if user is valid --- .../Component/Auth/OidcAuthenticate.php | 62 +++++++++++++------ 1 file changed, 42 insertions(+), 20 deletions(-) diff --git a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php index 1ed1ce06b..ca50e1d3f 100644 --- a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php +++ b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php @@ -38,27 +38,14 @@ class OidcAuthenticate extends BaseAuthenticate throw new Exception("OIDC authentication was not successful."); } - $verifiedClaims = $oidc->getVerifiedClaims(); + $claims = $oidc->getVerifiedClaims(); - $mispUsername = isset($verifiedClaims->email) ? $verifiedClaims->email : $oidc->requestUserInfo('email'); + $mispUsername = $claims->email ?? $oidc->requestUserInfo('email'); $this->log($mispUsername, "Trying login."); - $sub = $verifiedClaims->sub; + $sub = $claims->sub; // sub is required $organisationProperty = $this->getConfig('organisation_property', 'organization'); - if (property_exists($verifiedClaims, $organisationProperty)) { - $organisationName = $verifiedClaims->{$organisationProperty}; - } else { - $organisationName = $this->getConfig('default_org'); - } - - $roles = []; - $roleProperty = $this->getConfig('roles_property', 'roles'); - if (property_exists($verifiedClaims, $roleProperty)) { - $roles = $verifiedClaims->{$roleProperty}; - } - if (empty($roles)) { - $roles = $oidc->requestUserInfo($roleProperty); - } + $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); // Try to find user by `sub` field, that is unique $this->settings['fields'] = ['username' => 'sub']; @@ -81,6 +68,15 @@ class OidcAuthenticate extends BaseAuthenticate return false; } + $roles = []; + $roleProperty = $this->getConfig('roles_property', 'roles'); + if (property_exists($claims, $roleProperty)) { + $roles = $claims->{$roleProperty}; + } + if (empty($roles)) { + $roles = $oidc->requestUserInfo($roleProperty); + } + $roleId = $this->getUserRole($roles, $mispUsername); if ($roleId === null) { $this->log($mispUsername, 'No role was assigned.'); @@ -124,7 +120,7 @@ class OidcAuthenticate extends BaseAuthenticate } $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; - $this->storeMetadata($user['id'], $verifiedClaims, $refreshToken); + $this->storeMetadata($user['id'], $claims, $refreshToken); $this->log($mispUsername, 'Logged in.'); return $user; @@ -147,7 +143,7 @@ class OidcAuthenticate extends BaseAuthenticate } $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; - $this->storeMetadata($this->userModel()->id, $verifiedClaims, $refreshToken); + $this->storeMetadata($this->userModel()->id, $claims, $refreshToken); $this->log($mispUsername, "Saved in database with ID {$this->userModel()->id}"); $this->log($mispUsername, 'Logged in.'); @@ -158,10 +154,11 @@ class OidcAuthenticate extends BaseAuthenticate * @param array $user * @param bool $blockInvalid Block invalid user * @param bool $ignoreValidityTime Ignore `check_user_validity` setting and always check if user is valid + * @param bool $update * @return bool * @throws Exception */ - public function isUserValid(array $user, $blockInvalid = false, $ignoreValidityTime = false) + public function isUserValid(array $user, $blockInvalid = false, $ignoreValidityTime = false, $update = false) { if (!$this->getConfig('offline_access', false)) { return true; // offline access is not enabled, so it is not possible to verify user @@ -211,6 +208,31 @@ class OidcAuthenticate extends BaseAuthenticate return true; } + // Check user role + $roles = []; + $claims = $oidc->getVerifiedClaims(); + $roleProperty = $this->getConfig('roles_property', 'roles'); + if (property_exists($claims, $roleProperty)) { + $roles = $claims->{$roleProperty}; + } + if (empty($roles)) { + $roles = $oidc->requestUserInfo($roleProperty); + } + + $roleId = $this->getUserRole($roles, $user['email']); + if ($roleId === null) { + $this->log($user['email'], 'No role was assigned.'); + if ($blockInvalid) { + $this->block($user); + } + return false; + } + + if ($update && $user['role_id'] != $roleId) { + $this->userModel()->updateField($user, 'role_id', $roleId); + $this->log($user['email'], "User role changed from {$user['role_id']} to $roleId."); + } + // Update refresh token if new token provided if ($oidc->getRefreshToken()) { $userInfo['validity_check_timestamp'] = time(); From 316b6a9b9a256dca42ce92d973e8186a22f762b3 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 18 Feb 2022 15:53:14 +0100 Subject: [PATCH 0028/1366] chg: [oidc] Remove support for Jumbojett\OpenIDConnectClient --- .../Component/Auth/OidcAuthenticate.php | 20 +++---------------- 1 file changed, 3 insertions(+), 17 deletions(-) diff --git a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php index ca50e1d3f..0ca85277b 100644 --- a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php +++ b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php @@ -21,7 +21,7 @@ class OidcAuthenticate extends BaseAuthenticate /** @var User|null */ private $userModel; - /** @var \JakubOnderka\OpenIDConnectClient|\Jumbojett\OpenIDConnectClient */ + /** @var \JakubOnderka\OpenIDConnectClient */ private $oidc; /** @@ -244,7 +244,7 @@ class OidcAuthenticate extends BaseAuthenticate } /** - * @return \JakubOnderka\OpenIDConnectClient|\Jumbojett\OpenIDConnectClient + * @return \JakubOnderka\OpenIDConnectClient * @throws Exception */ private function prepareClient() @@ -254,10 +254,6 @@ class OidcAuthenticate extends BaseAuthenticate } $providerUrl = $this->getConfig('provider_url'); - if (!filter_var($providerUrl, FILTER_VALIDATE_URL)) { - throw new RuntimeException("Config option `OidcAuth.provider_url` must be valid URL."); - } - $clientId = $this->getConfig('client_id'); $clientSecret = $this->getConfig('client_secret'); $authenticationMethod = $this->getConfig('authentication_method', false); @@ -268,17 +264,7 @@ class OidcAuthenticate extends BaseAuthenticate $oidc->setAuthenticationMethod($authenticationMethod); } } else if (class_exists("\Jumbojett\OpenIDConnectClient")) { - // OpenIDConnectClient will append well-know path, so if well-know path is already part of the url, remove it - // This is required just for Jumbojett, not for JakubOnderka - $wellKnownPosition = strpos($providerUrl, '/.well-known/'); - if ($wellKnownPosition !== false) { - $providerUrl = substr($providerUrl, 0, $wellKnownPosition); - } - - $oidc = new \Jumbojett\OpenIDConnectClient($providerUrl, $clientId, $clientSecret); - if ($authenticationMethod !== false && $authenticationMethod !== null) { - throw new Exception("Jumbojett OIDC implementation do not support changing authentication method, please use JakubOnderka's client"); - } + throw new Exception("Jumbojett OIDC implementation is not supported anymore, please use JakubOnderka's client"); } else { throw new Exception("OpenID connect client is not installed."); } From f5e32123c59f0bb3dab8a5b83099b01deb45f72d Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 18 Feb 2022 18:52:13 +0100 Subject: [PATCH 0029/1366] chg: [oidc] Check user org when checking if user is valid --- app/Console/Command/UserShell.php | 6 +- app/Model/User.php | 11 ++- .../Component/Auth/OidcAuthenticate.php | 92 +++++++++++-------- 3 files changed, 67 insertions(+), 42 deletions(-) diff --git a/app/Console/Command/UserShell.php b/app/Console/Command/UserShell.php index 2be14fa76..70ad7b3b6 100644 --- a/app/Console/Command/UserShell.php +++ b/app/Console/Command/UserShell.php @@ -51,6 +51,7 @@ class UserShell extends AppShell 'parser' => [ 'options' => [ 'block_invalid' => ['help' => __('Block user that are considered invalid.'), 'boolean' => true], + 'update' => ['help' => __('Update user role or organisation.'), 'boolean' => true], ], ] ]); @@ -253,11 +254,12 @@ class UserShell extends AppShell 'conditions' => ['disabled' => false], // fetch just not disabled users ]); $blockInvalid = $this->params['block_invalid']; + $update = $this->params['update']; foreach ($users as $user) { $user['User']['UserSetting'] = $user['UserSetting']; - $result = $this->User->checkIfUserIsValid($user['User'], $blockInvalid, true); - $this->out("{$user['User']['email']}: " . ($result ? 'valid' : 'INVALID')); + $result = $this->User->checkIfUserIsValid($user['User'], $blockInvalid, true, $update); + $this->out("{$user['User']['email']}: " . ($result ? 'valid' : 'invalid')); } } diff --git a/app/Model/User.php b/app/Model/User.php index c054b3a17..c93e7603a 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -1413,11 +1413,12 @@ class User extends AppModel * Check if user still valid at identity provider. * @param array $user * @param bool $blockInvalid Block invalid user - * @param bool $ignoreValidityTime Block invalid user + * @param bool $ignoreValidityTime + * @param bool $update Update user role or organisation from identity provider * @return bool * @throws Exception */ - public function checkIfUserIsValid(array $user, $blockInvalid = false, $ignoreValidityTime = false) + public function checkIfUserIsValid(array $user, $blockInvalid = false, $ignoreValidityTime = false, $update = false) { $auth = Configure::read('Security.auth'); if (!$auth) { @@ -1432,7 +1433,11 @@ class User extends AppModel App::uses('OidcAuthenticate', 'OidcAuth.Controller/Component/Auth'); App::uses('ComponentCollection', 'Controller'); $oidc = new OidcAuthenticate(new ComponentCollection(), []); - return $oidc->isUserValid($user, $blockInvalid, $ignoreValidityTime); + if ($blockInvalid) { + return $oidc->blockInvalidUser($user, $ignoreValidityTime, $update); + } else { + return $oidc->isUserValid($user, $ignoreValidityTime, $update); + } } /** diff --git a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php index 0ca85277b..b77c72e83 100644 --- a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php +++ b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php @@ -44,8 +44,6 @@ class OidcAuthenticate extends BaseAuthenticate $this->log($mispUsername, "Trying login."); $sub = $claims->sub; // sub is required - $organisationProperty = $this->getConfig('organisation_property', 'organization'); - $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); // Try to find user by `sub` field, that is unique $this->settings['fields'] = ['username' => 'sub']; @@ -60,6 +58,8 @@ class OidcAuthenticate extends BaseAuthenticate } } + $organisationProperty = $this->getConfig('organisation_property', 'organization'); + $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); $organisationId = $this->checkOrganization($organisationName, $user, $mispUsername); if (!$organisationId) { if ($user) { @@ -68,13 +68,11 @@ class OidcAuthenticate extends BaseAuthenticate return false; } - $roles = []; $roleProperty = $this->getConfig('roles_property', 'roles'); - if (property_exists($claims, $roleProperty)) { - $roles = $claims->{$roleProperty}; - } - if (empty($roles)) { - $roles = $oidc->requestUserInfo($roleProperty); + $roles = $claims->{$roleProperty} ?? $oidc->requestUserInfo($roleProperty); + if ($roles === null) { + $this->log($user['email'], "Role property `$roleProperty` is missing in claims."); + return false; } $roleId = $this->getUserRole($roles, $mispUsername); @@ -152,13 +150,12 @@ class OidcAuthenticate extends BaseAuthenticate /** * @param array $user - * @param bool $blockInvalid Block invalid user * @param bool $ignoreValidityTime Ignore `check_user_validity` setting and always check if user is valid - * @param bool $update - * @return bool + * @param bool $update Update user role or organisation from OIDC + * @return bool True if user is still valid, false if not * @throws Exception */ - public function isUserValid(array $user, $blockInvalid = false, $ignoreValidityTime = false, $update = false) + public function isUserValid(array $user, $ignoreValidityTime = false, $update = false) { if (!$this->getConfig('offline_access', false)) { return true; // offline access is not enabled, so it is not possible to verify user @@ -177,9 +174,6 @@ class OidcAuthenticate extends BaseAuthenticate $userInfo = $this->findUserInfo($user); if (!isset($userInfo['refresh_token'])) { - if ($blockInvalid) { - $this->block($user); - } $this->log($user['email'], "User don't have refresh token, considering user is not valid"); return false; } @@ -194,9 +188,6 @@ class OidcAuthenticate extends BaseAuthenticate $oidc->refreshToken($userInfo['refresh_token']); } catch (JakubOnderka\ErrorResponse $e) { if ($e->getError() === 'invalid_grant') { - if ($blockInvalid) { - $this->block($user); - } $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is not valid"); return false; } else { @@ -208,23 +199,22 @@ class OidcAuthenticate extends BaseAuthenticate return true; } - // Check user role - $roles = []; $claims = $oidc->getVerifiedClaims(); - $roleProperty = $this->getConfig('roles_property', 'roles'); - if (property_exists($claims, $roleProperty)) { - $roles = $claims->{$roleProperty}; + if ($user['sub'] !== $claims->sub) { + throw new Exception("User {$user['email']} sub doesn't match ({$user['sub']} != $claims->sub)"); } - if (empty($roles)) { - $roles = $oidc->requestUserInfo($roleProperty); + + // Check user role + $roleProperty = $this->getConfig('roles_property', 'roles'); + $roles = $claims->{$roleProperty} ?? $oidc->requestUserInfo($roleProperty); + if ($roles === null) { + $this->log($user['email'], "Role property `$roleProperty` is missing in claims."); + return false; } $roleId = $this->getUserRole($roles, $user['email']); if ($roleId === null) { $this->log($user['email'], 'No role was assigned.'); - if ($blockInvalid) { - $this->block($user); - } return false; } @@ -233,16 +223,43 @@ class OidcAuthenticate extends BaseAuthenticate $this->log($user['email'], "User role changed from {$user['role_id']} to $roleId."); } + // Check user org + $organisationProperty = $this->getConfig('organisation_property', 'organization'); + $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); + $organisationId = $this->checkOrganization($organisationName, $user, $user['email']); + if (!$organisationId) { + return false; + } + + if ($update && $user['org_id'] != $organisationId) { + $this->userModel()->updateField($user, 'org_id', $organisationId); + $this->log($user['email'], "User organisation changed from {$user['org_id']} to $organisationId."); + } + // Update refresh token if new token provided if ($oidc->getRefreshToken()) { - $userInfo['validity_check_timestamp'] = time(); - $userInfo['refresh_token'] = $oidc->getRefreshToken(); - $this->userModel()->UserSetting->setSettingInternal($user['id'], 'oidc', $userInfo); + $this->storeMetadata($user['id'], $claims, $oidc->getRefreshToken()); } return true; } + /** + * @param array $user + * @param bool $ignoreValidityTime + * @param bool $update Update user role or organisation + * @return bool True if user was blocked, false if not + * @throws Exception + */ + public function blockInvalidUser(array $user, $ignoreValidityTime = false, $update = false) + { + $isValid = $this->isUserValid($user, $ignoreValidityTime, $update); + if (!$isValid) { + $this->block($user); + } + return $isValid; + } + /** * @return \JakubOnderka\OpenIDConnectClient * @throws Exception @@ -256,17 +273,18 @@ class OidcAuthenticate extends BaseAuthenticate $providerUrl = $this->getConfig('provider_url'); $clientId = $this->getConfig('client_id'); $clientSecret = $this->getConfig('client_secret'); - $authenticationMethod = $this->getConfig('authentication_method', false); if (class_exists("\JakubOnderka\OpenIDConnectClient")) { $oidc = new \JakubOnderka\OpenIDConnectClient($providerUrl, $clientId, $clientSecret); - if ($authenticationMethod !== false && $authenticationMethod !== null) { - $oidc->setAuthenticationMethod($authenticationMethod); - } } else if (class_exists("\Jumbojett\OpenIDConnectClient")) { throw new Exception("Jumbojett OIDC implementation is not supported anymore, please use JakubOnderka's client"); } else { - throw new Exception("OpenID connect client is not installed."); + throw new Exception("OpenID Connect client is not installed."); + } + + $authenticationMethod = $this->getConfig('authentication_method', false); + if ($authenticationMethod !== false && $authenticationMethod !== null) { + $oidc->setAuthenticationMethod($authenticationMethod); } $ccm = $this->getConfig('code_challenge_method', false); @@ -301,7 +319,7 @@ class OidcAuthenticate extends BaseAuthenticate $orgAux = $this->userModel()->Organisation->find('first', [ 'fields' => ['Organisation.id'], - 'conditions' => $orgIsUuid ? ['uuid' => mb_strtolower($org)] : ['name' => $org], + 'conditions' => $orgIsUuid ? ['uuid' => strtolower($org)] : ['name' => $org], ]); if (empty($orgAux)) { if ($orgIsUuid) { From 8409a1871e2e0f4dbb78ab29131ac49315b1676d Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 12:27:51 +0100 Subject: [PATCH 0030/1366] chg: [oidc] Move OIDC to different class --- app/Console/Command/UserShell.php | 25 +- app/Model/User.php | 16 +- .../Component/Auth/OidcAuthenticate.php | 446 +---------------- app/Plugin/OidcAuth/Lib/Oidc.php | 472 ++++++++++++++++++ 4 files changed, 503 insertions(+), 456 deletions(-) create mode 100644 app/Plugin/OidcAuth/Lib/Oidc.php diff --git a/app/Console/Command/UserShell.php b/app/Console/Command/UserShell.php index 70ad7b3b6..55c213148 100644 --- a/app/Console/Command/UserShell.php +++ b/app/Console/Command/UserShell.php @@ -248,6 +248,20 @@ class UserShell extends AppShell public function check_validity() { + $auth = Configure::read('Security.auth'); + if (!$auth) { + $this->error('External authentication is not enabled'); + } + if (!is_array($auth)) { + throw new Exception("`Security.auth` config value must be array."); + } + if (!in_array('OidcAuth.Oidc', $auth, true)) { + $this->error('This method is currently supported just by OIDC auth provider'); + } + + App::uses('Oidc', 'OidcAuth.Lib'); + $oidc = new Oidc($this->User); + $users = $this->User->find('all', [ 'recursive' => -1, 'contain' => ['UserSetting'], @@ -258,8 +272,15 @@ class UserShell extends AppShell foreach ($users as $user) { $user['User']['UserSetting'] = $user['UserSetting']; - $result = $this->User->checkIfUserIsValid($user['User'], $blockInvalid, true, $update); - $this->out("{$user['User']['email']}: " . ($result ? 'valid' : 'invalid')); + $user = $user['User']; + + if ($blockInvalid) { + $result = $oidc->blockInvalidUser($user, true, $update); + } else { + $result = $oidc->isUserValid($user, true, $update); + } + + $this->out("{$user['email']}: " . ($result ? 'valid' : 'invalid')); } } diff --git a/app/Model/User.php b/app/Model/User.php index c93e7603a..36098453d 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -1412,13 +1412,10 @@ class User extends AppModel /** * Check if user still valid at identity provider. * @param array $user - * @param bool $blockInvalid Block invalid user - * @param bool $ignoreValidityTime - * @param bool $update Update user role or organisation from identity provider * @return bool * @throws Exception */ - public function checkIfUserIsValid(array $user, $blockInvalid = false, $ignoreValidityTime = false, $update = false) + public function checkIfUserIsValid(array $user) { $auth = Configure::read('Security.auth'); if (!$auth) { @@ -1430,14 +1427,9 @@ class User extends AppModel if (!in_array('OidcAuth.Oidc', $auth, true)) { return true; // this method currently makes sense just for OIDC auth provider } - App::uses('OidcAuthenticate', 'OidcAuth.Controller/Component/Auth'); - App::uses('ComponentCollection', 'Controller'); - $oidc = new OidcAuthenticate(new ComponentCollection(), []); - if ($blockInvalid) { - return $oidc->blockInvalidUser($user, $ignoreValidityTime, $update); - } else { - return $oidc->isUserValid($user, $ignoreValidityTime, $update); - } + App::uses('Oidc', 'OidcAuth.Lib'); + $oidc = new Oidc($this); + return $oidc->isUserValid($user); } /** diff --git a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php index b77c72e83..6e3b67358 100644 --- a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php +++ b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php @@ -1,5 +1,6 @@ prepareClient(); - - if (!$oidc->authenticate()) { - throw new Exception("OIDC authentication was not successful."); - } - - $claims = $oidc->getVerifiedClaims(); - - $mispUsername = $claims->email ?? $oidc->requestUserInfo('email'); - $this->log($mispUsername, "Trying login."); - - $sub = $claims->sub; // sub is required - - // Try to find user by `sub` field, that is unique - $this->settings['fields'] = ['username' => 'sub']; - $user = $this->_findUser($sub); - - if (!$user) { // User by sub not found, try to find by email - $this->settings['fields'] = ['username' => 'email']; - $user = $this->_findUser($mispUsername); - if ($user && $user['sub'] !== null && $user['sub'] !== $sub) { - $this->log($mispUsername, "User sub doesn't match ({$user['sub']} != $sub), could not login."); - return false; - } - } - - $organisationProperty = $this->getConfig('organisation_property', 'organization'); - $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); - $organisationId = $this->checkOrganization($organisationName, $user, $mispUsername); - if (!$organisationId) { - if ($user) { - $this->block($user); - } - return false; - } - - $roleProperty = $this->getConfig('roles_property', 'roles'); - $roles = $claims->{$roleProperty} ?? $oidc->requestUserInfo($roleProperty); - if ($roles === null) { - $this->log($user['email'], "Role property `$roleProperty` is missing in claims."); - return false; - } - - $roleId = $this->getUserRole($roles, $mispUsername); - if ($roleId === null) { - $this->log($mispUsername, 'No role was assigned.'); - if ($user) { - $this->block($user); - } - return false; - } - - if ($user) { - $this->log($mispUsername, "Found in database with ID {$user['id']}."); - - if ($user['sub'] === null) { - $this->userModel()->updateField($user, 'sub', $sub); - $this->log($mispUsername, "User sub changed from NULL to $sub."); - $user['sub'] = $sub; - } - - if ($user['email'] !== $mispUsername) { - $this->userModel()->updateField($user, 'email', $mispUsername); - $this->log($mispUsername, "User e-mail changed from {$user['email']} to $mispUsername."); - $user['email'] = $mispUsername; - } - - if ($user['org_id'] != $organisationId) { - $this->userModel()->updateField($user, 'org_id', $organisationId); - $this->log($mispUsername, "User organisation changed from {$user['org_id']} to $organisationId."); - $user['org_id'] = $organisationId; - } - - if ($user['role_id'] != $roleId) { - $this->userModel()->updateField($user, 'role_id', $roleId); - $this->log($mispUsername, "User role changed from {$user['role_id']} to $roleId."); - $user['role_id'] = $roleId; - } - - if ($user['disabled'] && $this->getConfig('unblock', false)) { - $this->userModel()->updateField($user, 'disabled', false); - $this->log($mispUsername, "Unblocking user."); - $user['disabled'] = false; - } - - $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; - $this->storeMetadata($user['id'], $claims, $refreshToken); - - $this->log($mispUsername, 'Logged in.'); - return $user; - } - - $this->log($mispUsername, 'Not found in database.'); - - $userData = [ - 'email' => $mispUsername, - 'org_id' => $organisationId, - 'newsread' => time(), - 'role_id' => $roleId, - 'change_pw' => 0, - 'date_created' => time(), - 'sub' => $sub, - ]; - - if (!$this->userModel()->save($userData)) { - throw new RuntimeException("Could not save user `$mispUsername` to database."); - } - - $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; - $this->storeMetadata($this->userModel()->id, $claims, $refreshToken); - - $this->log($mispUsername, "Saved in database with ID {$this->userModel()->id}"); - $this->log($mispUsername, 'Logged in.'); - return $this->_findUser($mispUsername); - } - - /** - * @param array $user - * @param bool $ignoreValidityTime Ignore `check_user_validity` setting and always check if user is valid - * @param bool $update Update user role or organisation from OIDC - * @return bool True if user is still valid, false if not - * @throws Exception - */ - public function isUserValid(array $user, $ignoreValidityTime = false, $update = false) - { - if (!$this->getConfig('offline_access', false)) { - return true; // offline access is not enabled, so it is not possible to verify user - } - - if (!$ignoreValidityTime) { - $checkUserValidityEvery = $this->getConfig('check_user_validity', 0); - if ($checkUserValidityEvery === 0) { - return true; // validity checking is disabled - } - } - - if (empty($user['sub'])) { - return true; // user is not OIDC managed user - } - - $userInfo = $this->findUserInfo($user); - if (!isset($userInfo['refresh_token'])) { - $this->log($user['email'], "User don't have refresh token, considering user is not valid"); - return false; - } - - if (!$ignoreValidityTime && $userInfo['validity_check_timestamp'] > time() - $checkUserValidityEvery) { - return true; // user was checked in last `check_user_validity`, do not check again - } - - $oidc = $this->prepareClient(); - - try { - $oidc->refreshToken($userInfo['refresh_token']); - } catch (JakubOnderka\ErrorResponse $e) { - if ($e->getError() === 'invalid_grant') { - $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is not valid"); - return false; - } else { - $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is still valid"); - return true; - } - } catch (Exception $e) { - $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is still valid"); - return true; - } - - $claims = $oidc->getVerifiedClaims(); - if ($user['sub'] !== $claims->sub) { - throw new Exception("User {$user['email']} sub doesn't match ({$user['sub']} != $claims->sub)"); - } - - // Check user role - $roleProperty = $this->getConfig('roles_property', 'roles'); - $roles = $claims->{$roleProperty} ?? $oidc->requestUserInfo($roleProperty); - if ($roles === null) { - $this->log($user['email'], "Role property `$roleProperty` is missing in claims."); - return false; - } - - $roleId = $this->getUserRole($roles, $user['email']); - if ($roleId === null) { - $this->log($user['email'], 'No role was assigned.'); - return false; - } - - if ($update && $user['role_id'] != $roleId) { - $this->userModel()->updateField($user, 'role_id', $roleId); - $this->log($user['email'], "User role changed from {$user['role_id']} to $roleId."); - } - - // Check user org - $organisationProperty = $this->getConfig('organisation_property', 'organization'); - $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); - $organisationId = $this->checkOrganization($organisationName, $user, $user['email']); - if (!$organisationId) { - return false; - } - - if ($update && $user['org_id'] != $organisationId) { - $this->userModel()->updateField($user, 'org_id', $organisationId); - $this->log($user['email'], "User organisation changed from {$user['org_id']} to $organisationId."); - } - - // Update refresh token if new token provided - if ($oidc->getRefreshToken()) { - $this->storeMetadata($user['id'], $claims, $oidc->getRefreshToken()); - } - - return true; - } - - /** - * @param array $user - * @param bool $ignoreValidityTime - * @param bool $update Update user role or organisation - * @return bool True if user was blocked, false if not - * @throws Exception - */ - public function blockInvalidUser(array $user, $ignoreValidityTime = false, $update = false) - { - $isValid = $this->isUserValid($user, $ignoreValidityTime, $update); - if (!$isValid) { - $this->block($user); - } - return $isValid; - } - - /** - * @return \JakubOnderka\OpenIDConnectClient - * @throws Exception - */ - private function prepareClient() - { - if ($this->oidc) { - return $this->oidc; - } - - $providerUrl = $this->getConfig('provider_url'); - $clientId = $this->getConfig('client_id'); - $clientSecret = $this->getConfig('client_secret'); - - if (class_exists("\JakubOnderka\OpenIDConnectClient")) { - $oidc = new \JakubOnderka\OpenIDConnectClient($providerUrl, $clientId, $clientSecret); - } else if (class_exists("\Jumbojett\OpenIDConnectClient")) { - throw new Exception("Jumbojett OIDC implementation is not supported anymore, please use JakubOnderka's client"); - } else { - throw new Exception("OpenID Connect client is not installed."); - } - - $authenticationMethod = $this->getConfig('authentication_method', false); - if ($authenticationMethod !== false && $authenticationMethod !== null) { - $oidc->setAuthenticationMethod($authenticationMethod); - } - - $ccm = $this->getConfig('code_challenge_method', false); - if ($ccm) { - $oidc->setCodeChallengeMethod($ccm); - } - - if ($this->getConfig('offline_access', false)) { - $oidc->addScope('offline_access'); - } - - $oidc->setRedirectURL(Configure::read('MISP.baseurl') . '/users/login'); - $this->oidc = $oidc; - return $oidc; - } - - /** - * @param string $org - * @param array|null $user - * @param string $mispUsername - * @return int - * @throws Exception - */ - private function checkOrganization($org, $user, $mispUsername) - { - if (empty($org)) { - $this->log($mispUsername, "Organisation name not provided."); - return false; - } - - $orgIsUuid = Validation::uuid($org); - - $orgAux = $this->userModel()->Organisation->find('first', [ - 'fields' => ['Organisation.id'], - 'conditions' => $orgIsUuid ? ['uuid' => strtolower($org)] : ['name' => $org], - ]); - if (empty($orgAux)) { - if ($orgIsUuid) { - $this->log($mispUsername, "Could not found organisation with UUID `$org`."); - return false; - } - - $orgUserId = 1; // By default created by the admin - if ($user) { - $orgUserId = $user['id']; - } - $orgId = $this->userModel()->Organisation->createOrgFromName($org, $orgUserId, true); - $this->log($mispUsername, "User organisation `$org` created with ID $orgId."); - } else { - $orgId = $orgAux['Organisation']['id']; - $this->log($mispUsername, "User organisation `$org` found with ID $orgId."); - } - return $orgId; - } - - /** - * @param array $roles Role list provided by OIDC - * @param string $mispUsername - * @return int|null Role ID or null if no role matches - */ - private function getUserRole(array $roles, $mispUsername) - { - $this->log($mispUsername, 'Provided roles: ' . implode(', ', $roles)); - $roleMapper = $this->getConfig('role_mapper'); - if (!is_array($roleMapper)) { - throw new RuntimeException("Config option `OidcAuth.role_mapper` must be array."); - } - - $roleNameToId = $this->userModel()->Role->find('list', [ - 'fields' => ['Role.name', 'Role.id'], - ]); - $roleNameToId = array_change_key_case($roleNameToId); // normalize role names to lowercase - - foreach ($roleMapper as $oidcRole => $mispRole) { - if (in_array($oidcRole, $roles, true)) { - if (!is_numeric($mispRole)) { - $mispRole = mb_strtolower($mispRole); - if (isset($roleNameToId[$mispRole])) { - $mispRole = $roleNameToId[$mispRole]; - } else { - $this->log($mispUsername, "MISP Role with name `$mispRole` not found, skipping."); - continue; - } - } - return $mispRole; // first match wins - } - } - - return null; - } - - /** - * @param string $config - * @param mixed|null $default - * @return mixed - */ - private function getConfig($config, $default = null) - { - $value = Configure::read("OidcAuth.$config"); - if (empty($value)) { - if ($default === null) { - throw new RuntimeException("Config option `OidcAuth.$config` is not set."); - } - return $default; - } - return $value; - } - - /** - * @param array $user - * @return array - */ - private function findUserInfo(array $user) - { - if (isset($user['UserSetting'])) { - foreach ($user['UserSetting'] as $userSetting) { - if ($userSetting['setting'] === 'oidc') { - return $userSetting['value']; - } - } - } - return $this->userModel()->UserSetting->getValueForUser($user['id'], 'oidc'); - } - - /** - * @param int $userId - * @param stdClass $verifiedClaims - * @param string|null $refreshToken - * @return array|bool|mixed|null - * @throws Exception - */ - private function storeMetadata($userId, \stdClass $verifiedClaims, $refreshToken = null) - { - // OIDC session ID - if (isset($verifiedClaims->sid)) { - CakeSession::write('oidc_sid', $verifiedClaims->sid); - } - - $value = []; - foreach (['preferred_username', 'given_name', 'family_name'] as $field) { - if (property_exists($verifiedClaims, $field)) { - $value[$field] = $verifiedClaims->{$field}; - } - } - if ($refreshToken) { - $value['validity_check_timestamp'] = time(); - $value['refresh_token'] = $refreshToken; - } - - return $this->userModel()->UserSetting->setSettingInternal($userId, 'oidc', $value); - } - - /** - * @param array $user - * @return void - * @throws Exception - */ - private function block(array $user) - { - $this->userModel()->updateField($user, 'disabled', true); - $this->log($user['email'], "User blocked by OIDC"); - } - - /** - * @param string $username - * @param string $message - */ - private function log($username, $message) - { - CakeLog::info("OIDC: User `$username` – $message"); - } - - /** - * @return User - */ - private function userModel() - { - if (isset($this->userModel)) { - return $this->userModel; - } - - $this->userModel = ClassRegistry::init($this->settings['userModel']); - return $this->userModel; + $userModel = ClassRegistry::init($this->settings['userModel']); + $oidc = new Oidc($userModel); + return $oidc->authenticate($this->settings); } } diff --git a/app/Plugin/OidcAuth/Lib/Oidc.php b/app/Plugin/OidcAuth/Lib/Oidc.php new file mode 100644 index 000000000..aeb188a11 --- /dev/null +++ b/app/Plugin/OidcAuth/Lib/Oidc.php @@ -0,0 +1,472 @@ +User = $user; + } + + /** + * @return array|false + * @throws Exception + */ + public function authenticate(array $settings) + { + $oidc = $this->prepareClient(); + + if (!$oidc->authenticate()) { + throw new Exception("OIDC authentication was not successful."); + } + + $claims = $oidc->getVerifiedClaims(); + + $mispUsername = $claims->email ?? $oidc->requestUserInfo('email'); + $this->log($mispUsername, "Trying login."); + + $sub = $claims->sub; // sub is required + + // Try to find user by `sub` field, that is unique + $user = $this->_findUser($settings, ['sub' => $sub]); + + if (!$user) { // User by sub not found, try to find by email + $user = $this->_findUser($settings, ['email' => $mispUsername]); + if ($user && $user['sub'] !== null && $user['sub'] !== $sub) { + $this->log($mispUsername, "User sub doesn't match ({$user['sub']} != $sub), could not login."); + return false; + } + } + + $organisationProperty = $this->getConfig('organisation_property', 'organization'); + $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); + $organisationId = $this->checkOrganization($organisationName, $user, $mispUsername); + if (!$organisationId) { + if ($user) { + $this->block($user); + } + return false; + } + + $roleProperty = $this->getConfig('roles_property', 'roles'); + $roles = $claims->{$roleProperty} ?? $oidc->requestUserInfo($roleProperty); + if ($roles === null) { + $this->log($user['email'], "Role property `$roleProperty` is missing in claims."); + return false; + } + + $roleId = $this->getUserRole($roles, $mispUsername); + if ($roleId === null) { + $this->log($mispUsername, 'No role was assigned.'); + if ($user) { + $this->block($user); + } + return false; + } + + if ($user) { + $this->log($mispUsername, "Found in database with ID {$user['id']}."); + + if ($user['sub'] === null) { + $this->User->updateField($user, 'sub', $sub); + $this->log($mispUsername, "User sub changed from NULL to $sub."); + $user['sub'] = $sub; + } + + if ($user['email'] !== $mispUsername) { + $this->User->updateField($user, 'email', $mispUsername); + $this->log($mispUsername, "User e-mail changed from {$user['email']} to $mispUsername."); + $user['email'] = $mispUsername; + } + + if ($user['org_id'] != $organisationId) { + $this->User->updateField($user, 'org_id', $organisationId); + $this->log($mispUsername, "User organisation changed from {$user['org_id']} to $organisationId."); + $user['org_id'] = $organisationId; + } + + if ($user['role_id'] != $roleId) { + $this->User->updateField($user, 'role_id', $roleId); + $this->log($mispUsername, "User role changed from {$user['role_id']} to $roleId."); + $user['role_id'] = $roleId; + } + + if ($user['disabled'] && $this->getConfig('unblock', false)) { + $this->User->updateField($user, 'disabled', false); + $this->log($mispUsername, "Unblocking user."); + $user['disabled'] = false; + } + + $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; + $this->storeMetadata($user['id'], $claims, $refreshToken); + + $this->log($mispUsername, 'Logged in.'); + return $user; + } + + $this->log($mispUsername, 'Not found in database.'); + + $userData = [ + 'email' => $mispUsername, + 'org_id' => $organisationId, + 'newsread' => time(), + 'role_id' => $roleId, + 'change_pw' => 0, + 'date_created' => time(), + 'sub' => $sub, + ]; + + if (!$this->User->save($userData)) { + throw new RuntimeException("Could not save user `$mispUsername` to database."); + } + + $refreshToken = $this->getConfig('offline_access', false) ? $oidc->getRefreshToken() : null; + $this->storeMetadata($this->User->id, $claims, $refreshToken); + + $this->log($mispUsername, "Saved in database with ID {$this->User->id}"); + $this->log($mispUsername, 'Logged in.'); + $user = $this->_findUser($settings, ['id' => $this->User->id]); + + if ($user['User']['sub'] !== $sub) { // just to be sure that we have the correct user + throw new Exception("User {$user['email']} sub doesn't match ({$user['sub']} != $sub)"); + } + return $user; + } + + /** + * @param array $user + * @param bool $ignoreValidityTime Ignore `check_user_validity` setting and always check if user is valid + * @param bool $update Update user role or organisation from OIDC + * @return bool True if user is still valid, false if not + * @throws Exception + */ + public function isUserValid(array $user, $ignoreValidityTime = false, $update = false) + { + if (!$this->getConfig('offline_access', false)) { + return true; // offline access is not enabled, so it is not possible to verify user + } + + if (!$ignoreValidityTime) { + $checkUserValidityEvery = $this->getConfig('check_user_validity', 0); + if ($checkUserValidityEvery === 0) { + return true; // validity checking is disabled + } + } + + if (empty($user['id'])) { + throw new InvalidArgumentException("Invalid user model provided."); + } + + if (empty($user['sub'])) { + return true; // user is not OIDC managed user + } + + $userInfo = $this->findUserInfo($user); + if (!isset($userInfo['refresh_token'])) { + $this->log($user['email'], "User don't have refresh token, considering user is not valid"); + return false; + } + + if (!$ignoreValidityTime && $userInfo['validity_check_timestamp'] > time() - $checkUserValidityEvery) { + return true; // user was checked in last `check_user_validity`, do not check again + } + + $oidc = $this->prepareClient(); + + try { + $oidc->refreshToken($userInfo['refresh_token']); + } catch (JakubOnderka\ErrorResponse $e) { + if ($e->getError() === 'invalid_grant') { + $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is not valid"); + return false; + } else { + $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is still valid"); + return true; + } + } catch (Exception $e) { + $this->log($user['email'], "Refreshing token is not possible because of `{$e->getMessage()}`, considering user is still valid"); + return true; + } + + $claims = $oidc->getVerifiedClaims(); + if ($user['sub'] !== $claims->sub) { + throw new Exception("User {$user['email']} sub doesn't match ({$user['sub']} != $claims->sub)"); + } + + // Check user role + $roleProperty = $this->getConfig('roles_property', 'roles'); + $roles = $claims->{$roleProperty} ?? $oidc->requestUserInfo($roleProperty); + if ($roles === null) { + $this->log($user['email'], "Role property `$roleProperty` is missing in claims."); + return false; + } + + $roleId = $this->getUserRole($roles, $user['email']); + if ($roleId === null) { + $this->log($user['email'], 'No role was assigned.'); + return false; + } + + if ($update && $user['role_id'] != $roleId) { + $this->User->updateField($user, 'role_id', $roleId); + $this->log($user['email'], "User role changed from {$user['role_id']} to $roleId."); + } + + // Check user org + $organisationProperty = $this->getConfig('organisation_property', 'organization'); + $organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org'); + $organisationId = $this->checkOrganization($organisationName, $user, $user['email']); + if (!$organisationId) { + return false; + } + + if ($update && $user['org_id'] != $organisationId) { + $this->User->updateField($user, 'org_id', $organisationId); + $this->log($user['email'], "User organisation changed from {$user['org_id']} to $organisationId."); + } + + // Update refresh token if new token provided + if ($oidc->getRefreshToken()) { + $this->storeMetadata($user['id'], $claims, $oidc->getRefreshToken()); + } + + return true; + } + + /** + * @param array $user + * @param bool $ignoreValidityTime + * @param bool $update Update user role or organisation + * @return bool True if user was blocked, false if not + * @throws Exception + */ + public function blockInvalidUser(array $user, $ignoreValidityTime = false, $update = false) + { + $isValid = $this->isUserValid($user, $ignoreValidityTime, $update); + if (!$isValid) { + $this->block($user); + } + return $isValid; + } + + /** + * @return \JakubOnderka\OpenIDConnectClient + * @throws Exception + */ + private function prepareClient() + { + if ($this->oidcClient) { + return $this->oidcClient; + } + + $providerUrl = $this->getConfig('provider_url'); + $clientId = $this->getConfig('client_id'); + $clientSecret = $this->getConfig('client_secret'); + + if (class_exists("\JakubOnderka\OpenIDConnectClient")) { + $oidc = new \JakubOnderka\OpenIDConnectClient($providerUrl, $clientId, $clientSecret); + } else if (class_exists("\Jumbojett\OpenIDConnectClient")) { + throw new Exception("Jumbojett OIDC implementation is not supported anymore, please use JakubOnderka's client"); + } else { + throw new Exception("OpenID Connect client is not installed."); + } + + $authenticationMethod = $this->getConfig('authentication_method', false); + if ($authenticationMethod !== false && $authenticationMethod !== null) { + $oidc->setAuthenticationMethod($authenticationMethod); + } + + $ccm = $this->getConfig('code_challenge_method', false); + if ($ccm) { + $oidc->setCodeChallengeMethod($ccm); + } + + if ($this->getConfig('offline_access', false)) { + $oidc->addScope('offline_access'); + } + + $oidc->setRedirectURL(Configure::read('MISP.baseurl') . '/users/login'); + $this->oidcClient = $oidc; + return $oidc; + } + + /** + * @param string $org + * @param array|null $user + * @param string $mispUsername + * @return int + * @throws Exception + */ + private function checkOrganization($org, $user, $mispUsername) + { + if (empty($org)) { + $this->log($mispUsername, "Organisation name not provided."); + return false; + } + + $orgIsUuid = Validation::uuid($org); + + $orgAux = $this->User->Organisation->find('first', [ + 'fields' => ['Organisation.id'], + 'conditions' => $orgIsUuid ? ['uuid' => strtolower($org)] : ['name' => $org], + ]); + if (empty($orgAux)) { + if ($orgIsUuid) { + $this->log($mispUsername, "Could not found organisation with UUID `$org`."); + return false; + } + + $orgUserId = 1; // By default created by the admin + if ($user) { + $orgUserId = $user['id']; + } + $orgId = $this->User->Organisation->createOrgFromName($org, $orgUserId, true); + $this->log($mispUsername, "User organisation `$org` created with ID $orgId."); + } else { + $orgId = $orgAux['Organisation']['id']; + $this->log($mispUsername, "User organisation `$org` found with ID $orgId."); + } + return $orgId; + } + + /** + * @param array $roles Role list provided by OIDC + * @param string $mispUsername + * @return int|null Role ID or null if no role matches + */ + private function getUserRole(array $roles, $mispUsername) + { + $this->log($mispUsername, 'Provided roles: ' . implode(', ', $roles)); + $roleMapper = $this->getConfig('role_mapper'); + if (!is_array($roleMapper)) { + throw new RuntimeException("Config option `OidcAuth.role_mapper` must be array."); + } + + $roleNameToId = $this->User->Role->find('list', [ + 'fields' => ['Role.name', 'Role.id'], + ]); + $roleNameToId = array_change_key_case($roleNameToId); // normalize role names to lowercase + + foreach ($roleMapper as $oidcRole => $mispRole) { + if (in_array($oidcRole, $roles, true)) { + if (!is_numeric($mispRole)) { + $mispRole = mb_strtolower($mispRole); + if (isset($roleNameToId[$mispRole])) { + $mispRole = $roleNameToId[$mispRole]; + } else { + $this->log($mispUsername, "MISP Role with name `$mispRole` not found, skipping."); + continue; + } + } + return $mispRole; // first match wins + } + } + + return null; + } + + /** + * @param array $settings + * @param array $conditions + * @return array|null + */ + private function _findUser(array $settings, array $conditions) + { + $result = $this->User->find('first', [ + 'conditions' => $conditions, + 'recursive' => $settings['recursive'], + 'fields' => $settings['userFields'], + 'contain' => $settings['contain'], + ]); + if ($result) { + $user = $result['User']; + unset($result['User']); + return array_merge($user, $result); + } + return null; + } + + /** + * @param string $config + * @param mixed|null $default + * @return mixed + */ + private function getConfig($config, $default = null) + { + $value = Configure::read("OidcAuth.$config"); + if (empty($value)) { + if ($default === null) { + throw new RuntimeException("Config option `OidcAuth.$config` is not set."); + } + return $default; + } + return $value; + } + + /** + * @param array $user + * @return array + */ + private function findUserInfo(array $user) + { + if (isset($user['UserSetting'])) { + foreach ($user['UserSetting'] as $userSetting) { + if ($userSetting['setting'] === 'oidc') { + return $userSetting['value']; + } + } + } + return $this->User->UserSetting->getValueForUser($user['id'], 'oidc'); + } + + /** + * @param int $userId + * @param stdClass $verifiedClaims + * @param string|null $refreshToken + * @return array|bool|mixed|null + * @throws Exception + */ + private function storeMetadata($userId, \stdClass $verifiedClaims, $refreshToken = null) + { + // OIDC session ID + if (isset($verifiedClaims->sid)) { + CakeSession::write('oidc_sid', $verifiedClaims->sid); + } + + $value = []; + foreach (['preferred_username', 'given_name', 'family_name'] as $field) { + if (property_exists($verifiedClaims, $field)) { + $value[$field] = $verifiedClaims->{$field}; + } + } + if ($refreshToken) { + $value['validity_check_timestamp'] = time(); + $value['refresh_token'] = $refreshToken; + } + + return $this->User->UserSetting->setSettingInternal($userId, 'oidc', $value); + } + + /** + * @param array $user + * @return void + * @throws Exception + */ + private function block(array $user) + { + $this->User->updateField($user, 'disabled', true); + $this->log($user['email'], "User blocked by OIDC"); + } + + /** + * @param string $username + * @param string $message + */ + private function log($username, $message) + { + CakeLog::info("OIDC: User `$username` – $message"); + } +} From fa716c1be6a2779d0df7f86c71e92ced501bb61f Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 13:37:10 +0100 Subject: [PATCH 0031/1366] fix: [UI] User setting view is not implemented --- app/Controller/UserSettingsController.php | 13 ++++++------- app/View/UserSettings/view.ctp | 0 2 files changed, 6 insertions(+), 7 deletions(-) delete mode 100644 app/View/UserSettings/view.ctp diff --git a/app/Controller/UserSettingsController.php b/app/Controller/UserSettingsController.php index 32788bfb6..810527c4b 100644 --- a/app/Controller/UserSettingsController.php +++ b/app/Controller/UserSettingsController.php @@ -127,9 +127,12 @@ class UserSettingsController extends AppController public function view($id) { + if (!$this->_isRest()) { + throw new BadRequestException("This endpoint is accessible just by REST requests."); + } // check if the ID is valid and whether a user setting with the given ID exists if (empty($id) || !is_numeric($id)) { - throw new InvalidArgumentException(__('Invalid ID passed.')); + throw new BadRequestException(__('Invalid ID passed.')); } $userSetting = $this->UserSetting->find('first', array( 'recursive' => -1, @@ -145,12 +148,8 @@ class UserSettingsController extends AppController if (!$checkAccess) { throw new NotFoundException(__('Invalid user setting.')); } - if ($this->_isRest()) { - unset($userSetting['User']); - return $this->RestResponse->viewData($userSetting, $this->response->type()); - } else { - $this->set($data, $userSetting); - } + unset($userSetting['User']); + return $this->RestResponse->viewData($userSetting, $this->response->type()); } public function setSetting($user_id = false, $setting = false) diff --git a/app/View/UserSettings/view.ctp b/app/View/UserSettings/view.ctp deleted file mode 100644 index e69de29bb..000000000 From 01afb38bec245b1628ecbf8dec0b0524db393a6a Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 13:39:47 +0100 Subject: [PATCH 0032/1366] fix: [internal] Do not convert to JSON --- app/Controller/UserSettingsController.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/app/Controller/UserSettingsController.php b/app/Controller/UserSettingsController.php index 810527c4b..3b2b4f787 100644 --- a/app/Controller/UserSettingsController.php +++ b/app/Controller/UserSettingsController.php @@ -364,7 +364,7 @@ class UserSettingsController extends AppController 'UserSetting' => array( 'user_id' => $this->Auth->user('id'), 'setting' => 'homepage', - 'value' => json_encode(array('path' => $this->request->data['path'])) + 'value' => ['path' => $this->request->data['path']], ) ); $result = $this->UserSetting->setSetting($this->Auth->user(), $setting); @@ -392,13 +392,13 @@ class UserSettingsController extends AppController $hideColumns[] = $columnName; } - $setting = array( - 'UserSetting' => array( + $setting = [ + 'UserSetting' => [ 'user_id' => $this->Auth->user()['id'], 'setting' => 'event_index_hide_columns', - 'value' => json_encode($hideColumns) - ) - ); + 'value' => $hideColumns, + ] + ]; $this->UserSetting->setSetting($this->Auth->user(), $setting); return $this->RestResponse->saveSuccessResponse('UserSettings', 'eventIndexColumnToggle', false, 'json', 'Column visibility switched'); } From 98f2a43739e75229c3435ed98082ea0eed662080 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 13:40:19 +0100 Subject: [PATCH 0033/1366] chg: [user_setting] Switch OIDC to internal setting --- app/Controller/UserSettingsController.php | 13 +++---- app/Model/UserSetting.php | 43 +++++++++++++++++++++-- 2 files changed, 47 insertions(+), 9 deletions(-) diff --git a/app/Controller/UserSettingsController.php b/app/Controller/UserSettingsController.php index 3b2b4f787..abd0b61c0 100644 --- a/app/Controller/UserSettingsController.php +++ b/app/Controller/UserSettingsController.php @@ -97,6 +97,11 @@ class UserSettingsController extends AppController ); } } + // Do not show internal settings + if (!$this->_isSiteAdmin()) { + $conditions['AND'][] = ['NOT' => ['UserSetting.setting' => $this->UserSetting->getInternalSettingNames()]]; + } + if ($this->_isRest()) { $params = array( 'conditions' => $conditions @@ -155,7 +160,7 @@ class UserSettingsController extends AppController public function setSetting($user_id = false, $setting = false) { if (!empty($setting)) { - if (!$this->UserSetting->checkSettingValidity($setting)) { + if (!$this->UserSetting->checkSettingValidity($setting) || $this->UserSetting->isInternal($setting)) { throw new MethodNotAllowedException(__('Invalid setting.')); } $settingPermCheck = $this->UserSetting->checkSettingAccess($this->Auth->user(), $setting); @@ -176,10 +181,6 @@ class UserSettingsController extends AppController if (!empty($setting)) { $this->request->data['UserSetting']['setting'] = $setting; } - // force our user's ID as the user ID in all cases - $userSetting = array( - 'user_id' => $this->Auth->user('id') - ); $result = $this->UserSetting->setSetting($this->Auth->user(), $this->request->data); if ($result) { // if we've managed to save our setting @@ -251,7 +252,7 @@ class UserSettingsController extends AppController } } - if (!$this->UserSetting->checkSettingValidity($setting)) { + if (!$this->UserSetting->checkSettingValidity($setting) || $this->UserSetting->isInternal($setting)) { throw new NotFoundException(__('Invalid setting.')); } diff --git a/app/Model/UserSetting.php b/app/Model/UserSetting.php index 131f37942..0a5cbb18c 100644 --- a/app/Model/UserSetting.php +++ b/app/Model/UserSetting.php @@ -98,7 +98,7 @@ class UserSetting extends AppModel 'placeholder' => ['clusters'], ], 'oidc' => [ // Data saved by OIDC plugin - 'restricted' => 'perm_site_admin', + 'internal' => true, ], ); @@ -134,11 +134,38 @@ class UserSetting extends AppModel return $results; } + /** + * @param string $setting + * @return bool + */ public function checkSettingValidity($setting) { return isset(self::VALID_SETTINGS[$setting]); } + /** + * @param string $setting + * @return bool + */ + public function isInternal($setting) + { + if (!isset(self::VALID_SETTINGS[$setting]['internal'])) { + return false; + } + return self::VALID_SETTINGS[$setting]['internal']; + } + + public function getInternalSettingNames() + { + $internal = []; + foreach (self::VALID_SETTINGS as $setting => $config) { + if (isset($config['internal']) && $config['internal']) { + $internal[] = $setting; + } + } + return $internal; + } + /** * @param array $user * @param string $setting @@ -146,6 +173,9 @@ class UserSetting extends AppModel */ public function checkSettingAccess(array $user, $setting) { + if ($this->isInternal($setting)) { + return 'site_admin'; + } if (!empty(self::VALID_SETTINGS[$setting]['restricted'])) { $roleCheck = self::VALID_SETTINGS[$setting]['restricted']; if (!is_array($roleCheck)) { @@ -164,18 +194,25 @@ class UserSetting extends AppModel return true; } - /* + /** * canModify expects an auth user object or a user ID and a loaded setting as input parameters * check if the user can modify/remove the given entry * returns true for site admins * returns true for org admins if setting["User"]["org_id"] === $user["org_id"] * returns true for any user if setting["user_id"] === $user["id"] + * @param array|int $user Current user + * @param array $setting + * @param int $user_id + * @return bool */ - public function checkAccess($user, $setting, $user_id = false) + public function checkAccess($user, array $setting, $user_id = false) { if (is_numeric($user)) { $user = $this->User->getAuthUser($user); } + if ($this->isInternal($setting['UserSetting']['setting']) && !$user['Role']['perm_site_admin']) { + return false; + } if (empty($setting) && !empty($user_id) && is_numeric($user_id)) { $userToCheck = $this->User->find('first', array( 'conditions' => array('User.id' => $user_id), From a7ca58895a09b1e96d65329f5d0ad74eeac013ae Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 14:55:45 +0100 Subject: [PATCH 0034/1366] chg: [UI] Fix setting placeholder for user setting --- app/Controller/UserSettingsController.php | 4 +--- app/Model/UserSetting.php | 19 +++++++++++++++++-- app/View/UserSettings/set_setting.ctp | 12 ++++++------ 3 files changed, 24 insertions(+), 11 deletions(-) diff --git a/app/Controller/UserSettingsController.php b/app/Controller/UserSettingsController.php index abd0b61c0..f589706ff 100644 --- a/app/Controller/UserSettingsController.php +++ b/app/Controller/UserSettingsController.php @@ -217,12 +217,10 @@ class UserSettingsController extends AppController // load the valid settings from the model if ($this->_isSiteAdmin()) { $users = $this->UserSetting->User->find('list', array( - 'recursive' => -1, 'fields' => array('User.id', 'User.email') )); } else if ($this->_isAdmin()) { $users = $this->UserSetting->User->find('list', array( - 'recursive' => -1, 'conditions' => array('User.org_id' => $this->Auth->user('org_id')), 'fields' => array('User.id', 'User.email') )); @@ -234,7 +232,7 @@ class UserSettingsController extends AppController } $this->set('setting', $setting); $this->set('users', $users); - $this->set('validSettings', UserSetting::VALID_SETTINGS); + $this->set('validSettings', $this->UserSetting->settingPlaceholders($this->Auth->user())); } } diff --git a/app/Model/UserSetting.php b/app/Model/UserSetting.php index 0a5cbb18c..150b42805 100644 --- a/app/Model/UserSetting.php +++ b/app/Model/UserSetting.php @@ -68,7 +68,7 @@ class UserSetting extends AppModel ) ), 'homepage' => array( - 'path' => '/events/index' + 'placeholder' => ['path' => '/events/index'], ), 'default_restsearch_parameters' => array( 'placeholder' => array( @@ -155,6 +155,21 @@ class UserSetting extends AppModel return self::VALID_SETTINGS[$setting]['internal']; } + /** + * @param array $user + * @return array + */ + public function settingPlaceholders(array $user) + { + $output = []; + foreach (self::VALID_SETTINGS as $setting => $config) { + if ($this->checkSettingAccess($user, $setting) === true) { + $output[$setting] = $config['placeholder']; + } + } + return $output; + } + public function getInternalSettingNames() { $internal = []; @@ -430,7 +445,7 @@ class UserSetting extends AppModel if (empty($userSetting['user_id'])) { $userSetting['user_id'] = $user['id']; } - if (empty($data['UserSetting']['setting']) || !isset($data['UserSetting']['setting'])) { + if (empty($data['UserSetting']['setting'])) { throw new MethodNotAllowedException(__('This endpoint expects both a setting and a value to be set.')); } if (!$this->checkSettingValidity($data['UserSetting']['setting'])) { diff --git a/app/View/UserSettings/set_setting.ctp b/app/View/UserSettings/set_setting.ctp index dffa2fd8f..3031b18e7 100644 --- a/app/View/UserSettings/set_setting.ctp +++ b/app/View/UserSettings/set_setting.ctp @@ -39,8 +39,8 @@ echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'globalActions', 'menuItem' => 'user_settings_set')); ?> From fddbb98c7c08c2ee87c4e541f12b80d741dda27e Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Feb 2022 15:09:23 +0100 Subject: [PATCH 0035/1366] fix: [UI] Homepage icon link --- app/webroot/js/misp.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index 03341a8c4..5f77693dd 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -4587,7 +4587,7 @@ function checkNoticeList(type) { } -$(document).ready(function() { +$(function() { // Show popover for disabled input that contains `data-disabled-reason`. $('input:disabled[data-disabled-reason]').popover("destroy").popover({ placement: 'right', @@ -4642,7 +4642,7 @@ $(document).ready(function() { var url = $(this).data('checkbox-url'); }); - $('#setHomePage').click(function(event) { + $('#setHomePage').parent().click(function(event) { event.preventDefault(); setHomePage(); }); @@ -5209,7 +5209,7 @@ function setHomePage() { $.ajax({ type: 'GET', url: baseurl + '/userSettings/setHomePage', - success:function (data) { + success: function (data) { $('#ajax_hidden_container').html(data); var currentPage = $('#setHomePage').data('current-page'); $('#UserSettingPath').val(currentPage); From 924f28c9e10698a1687d4a8336cead2bae2ca7e9 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 18 Feb 2022 16:00:32 +0100 Subject: [PATCH 0036/1366] fix: [UI] Event warning - distribution can be string --- app/Model/Behavior/EventWarningBehavior.php | 39 ++++++++++------- app/Model/Event.php | 47 ++++++++++++++++----- 2 files changed, 60 insertions(+), 26 deletions(-) diff --git a/app/Model/Behavior/EventWarningBehavior.php b/app/Model/Behavior/EventWarningBehavior.php index 98f9bc61b..8846bf628 100644 --- a/app/Model/Behavior/EventWarningBehavior.php +++ b/app/Model/Behavior/EventWarningBehavior.php @@ -2,13 +2,17 @@ /** * Set warnings based on a set of fixed checks - * */ class EventWarningBehavior extends ModelBehavior { private $__warnings = []; - public function generateWarnings(Model $Model, $event) + /** + * @param Model $Model + * @param array $event + * @return array + */ + public function generateWarnings(Model $Model, array $event) { $this->__tlpDistributionCheck($event); $this->__contextCheck($event); @@ -16,44 +20,49 @@ class EventWarningBehavior extends ModelBehavior return $this->__warnings; } - private function __emptyEventCheck($event) + private function __emptyEventCheck(array $event) { if (empty($event['Attribute']) && empty($event['objects'])) { $this->__warnings[__('Content')][] = __('Your event has neither attributes nor objects, whilst this can have legitimate reasons (such as purely creating an event with an event report or galaxy clusters), in most cases it\'s a sign that the event has yet to be fleshed out.'); } } - private function __contextCheck($event) + private function __contextCheck(array $event) { if (empty($event['Galaxy']) && empty($event['EventTag'])) { $this->__warnings[__('Contextualisation')][] = __('Your event has neither tags nor galaxy clusters attached - generally adding context to an event allows for quicker decision making and more accurate filtering, it is highly recommended that you label your events to the best of your ability.'); } } - private function __tlpDistributionCheck($event) + private function __tlpDistributionCheck(array $event) { if (!empty($event['EventTag'])) { foreach ($event['EventTag'] as $eT) { - $this->__tlpTaxonomyCheck($eT, $this->__warnings); - if ($eT['Tag']['name'] === 'tlp:white' && $event['Event']['distribution'] !== 3) { + $tagName = $eT['Tag']['name']; + $this->__tlpTaxonomyCheck($tagName); + if ($tagName === 'tlp:white' && $event['Event']['distribution'] != Event::DISTRIBUTION_ALL) { $this->__warnings[__('Distribution')][] = __('The event is tagged as tlp:white, yet the distribution is not set to all. Change the distribution setting to something more lax if you wish for the event to propagate further.'); - } else if ($eT['Tag']['name'] === 'tlp:green' && !in_array($event['Event']['distribution'], [1, 2, 3])) { + } else if ($tagName === 'tlp:green' && !in_array($event['Event']['distribution'], [Event::DISTRIBUTION_COMMUNITY, Event::DISTRIBUTION_CONNECTED, Event::DISTRIBUTION_ALL])) { $this->__warnings[__('Distribution')][] = __('The event is tagged as tlp:green, yet the distribution is not set to community, connected communities or all. tlp:green assumes sharing with your entire community - make sure that the selected distribution setting covers that.'); - } else if (in_array($eT['Tag']['name'], ['tlp:amber', 'tlp:red']) && $event['Event']['distribution'] !== 4) { - $this->__warnings[__('Distribution')][] = __('The event is tagged as %s, yet the distribution is set to all, be aware of potential information leakage.', $eT['Tag']['name']); + } else if (in_array($tagName, ['tlp:amber', 'tlp:red'], true) && $event['Event']['distribution'] == Event::DISTRIBUTION_ALL) { + $this->__warnings[__('Distribution')][] = __('The event is tagged as %s, yet the distribution is set to all, be aware of potential information leakage.', $tagName); } } } } - private function __tlpTaxonomyCheck($eventTag) + /** + * @param string $tagName + * @return void + */ + private function __tlpTaxonomyCheck($tagName) { - $lowerTagName = trim(strtolower($eventTag['Tag']['name'])); + $lowerTagName = trim(strtolower($tagName)); if (substr($lowerTagName, 0, 4) === 'tlp:') { - if (!in_array($lowerTagName, ['tlp:white', 'tlp:green', 'tlp:amber', 'tlp:red', 'tlp:ex:chr'])) { + if (!in_array($lowerTagName, ['tlp:white', 'tlp:green', 'tlp:amber', 'tlp:red', 'tlp:ex:chr'], true)) { $this->__warnings['TLP'][] = __('Unknown TLP tag, please refer to the TLP taxonomy as to what is valid, otherwise filtering rules created by your partners may miss your intent.'); - } else if ($lowerTagName !== $eventTag['Tag']['name']) { - $this->__warnings['TLP'][] = __('TLP tag with invalid formating: Make sure that you only use TLP tags from the taxonomy. Custom tags with invalid capitalisation, white spaces or other artifacts will break synchronisation and filtering rules intended for the correct taxonomy derived tags.'); + } else if ($lowerTagName !== $tagName) { + $this->__warnings['TLP'][] = __('TLP tag with invalid formatting: Make sure that you only use TLP tags from the taxonomy. Custom tags with invalid capitalisation, white spaces or other artifacts will break synchronisation and filtering rules intended for the correct taxonomy derived tags.'); } } } diff --git a/app/Model/Event.php b/app/Model/Event.php index 8247801d4..9f6c7f9f0 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -20,6 +20,13 @@ App::uses('ProcessTool', 'Tools'); */ class Event extends AppModel { + // Event distribution constants + const DISTRIBUTION_ORGANISATION = 0, + DISTRIBUTION_COMMUNITY = 1, + DISTRIBUTION_CONNECTED = 2, + DISTRIBUTION_ALL = 3, + DISTRIBUTION_SHARING_GROUP = 4; + public $actsAs = array( 'AuditLog', 'SysLogLogable.SysLogLogable' => array( @@ -49,23 +56,41 @@ class Event extends AppModel 2 => array('desc' => '*Complete* means that the event\'s creation is complete', 'formdesc' => 'The event creator considers the analysis complete') ); - public $distributionDescriptions = array( - 0 => array('desc' => 'This field determines the current distribution of the event', 'formdesc' => "This setting will only allow members of your organisation on this server to see it."), - 1 => array('desc' => 'This field determines the current distribution of the event', 'formdesc' => "Organisations that are part of this MISP community will be able to see the event."), - 2 => array('desc' => 'This field determines the current distribution of the event', 'formdesc' => "Organisations that are either part of this MISP community or part of a directly connected MISP community will be able to see the event."), - 3 => array('desc' => 'This field determines the current distribution of the event', 'formdesc' => "This will share the event with all MISP communities, allowing the event to be freely propagated from one server to the next."), - 4 => array('desc' => 'This field determines the current distribution of the event', 'formdesc' => "This distribution of this event will be handled by the selected sharing group."), + public $distributionDescriptions = [ + self::DISTRIBUTION_ORGANISATION => [ + 'desc' => 'This field determines the current distribution of the event', + 'formdesc' => "This setting will only allow members of your organisation on this server to see it.", + ], + self::DISTRIBUTION_COMMUNITY => [ + 'desc' => 'This field determines the current distribution of the event', + 'formdesc' => "Organisations that are part of this MISP community will be able to see the event.", + ], + self::DISTRIBUTION_CONNECTED => [ + 'desc' => 'This field determines the current distribution of the event', + 'formdesc' => "Organisations that are either part of this MISP community or part of a directly connected MISP community will be able to see the event.", + ], + self::DISTRIBUTION_ALL => [ + 'desc' => 'This field determines the current distribution of the event', + 'formdesc' => "This will share the event with all MISP communities, allowing the event to be freely propagated from one server to the next.", + ], + self::DISTRIBUTION_SHARING_GROUP => [ + 'desc' => 'This field determines the current distribution of the event', + 'formdesc' => "This distribution of this event will be handled by the selected sharing group.", + ], + ]; - ); + public $distributionLevels = [ + self::DISTRIBUTION_ORGANISATION => 'Your organisation only', + self::DISTRIBUTION_COMMUNITY => 'This community only', + self::DISTRIBUTION_CONNECTED => 'Connected communities', + self::DISTRIBUTION_ALL => 'All communities', + self::DISTRIBUTION_SHARING_GROUP => 'Sharing group', + ]; public $analysisLevels = array( 0 => 'Initial', 1 => 'Ongoing', 2 => 'Completed' ); - public $distributionLevels = array( - 0 => 'Your organisation only', 1 => 'This community only', 2 => 'Connected communities', 3 => 'All communities', 4 => 'Sharing group' - ); - public $shortDist = array(0 => 'Organisation', 1 => 'Community', 2 => 'Connected', 3 => 'All', 4 => ' sharing Group'); public $export_types = []; From 330aa1231312f8f2b692552ef55463776171e700 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 20 Feb 2022 13:56:13 +0100 Subject: [PATCH 0037/1366] chg: [sync] Use ServerSyncTool for pushing events --- app/Lib/Tools/ServerSyncTool.php | 70 ++++++++++++++++++++- app/Model/Event.php | 102 ++++++------------------------- 2 files changed, 84 insertions(+), 88 deletions(-) diff --git a/app/Lib/Tools/ServerSyncTool.php b/app/Lib/Tools/ServerSyncTool.php index 1e2de4bf0..4bde444d6 100644 --- a/app/Lib/Tools/ServerSyncTool.php +++ b/app/Lib/Tools/ServerSyncTool.php @@ -42,7 +42,7 @@ class ServerSyncTool } /** - * Check if event exists on remote server. + * Check if event exists on remote server by event UUID. * @param array $event * @return bool * @throws Exception @@ -85,6 +85,70 @@ class ServerSyncTool return $this->get($url); } + /** + * @param array $event + * @return HttpSocketResponseExtended + * @throws HttpSocketHttpException + * @throws HttpSocketJsonException + */ + public function pushEvent(array $event) + { + try { + // Check if event exists on remote server to use proper endpoint + $exists = $this->eventExists($event); + } catch (Exception $e) { + // In case of failure consider that event doesn't exists + $exists = false; + } + + try { + return $exists ? $this->updateEvent($event) : $this->createEvent($event); + } catch (HttpSocketHttpException $e) { + if ($e->getCode() === 404) { + // Maybe the check if event exists was not correct, try to create a new event + if ($exists) { + return $this->createEvent($event); + + // There is bug in MISP API, that returns response code 404 with Location if event already exists + } else if ($e->getResponse()->getHeader('Location')) { + $urlPath = $e->getResponse()->getHeader('Location'); + $pieces = explode('/', $urlPath); + $lastPart = end($pieces); + return $this->updateEvent($event, $lastPart); + } + } + throw $e; + } + } + + /** + * @param array $event + * @return HttpSocketResponseExtended + * @throws HttpSocketHttpException + * @throws HttpSocketJsonException + */ + public function createEvent(array $event) + { + $logMessage = "Pushing Event #{$event['Event']['id']} to Server #{$this->serverId()}"; + return $this->post("/events/add/metadata:1", $event, $logMessage); + } + + /** + * @param array $event + * @param int|string|null Event ID or UUID that should be updated. If not provieded, UUID from $event will be used + * @return HttpSocketResponseExtended + * @throws HttpSocketHttpException + * @throws HttpSocketJsonException + */ + public function updateEvent(array $event, $eventId = null) + { + if ($eventId === null) { + $eventId = $event['Event']['uuid']; + } + $logMessage = "Pushing Event #{$event['Event']['id']} to Server #{$this->serverId()}"; + return $this->post("/events/edit/$eventId/metadata:1", $event, $logMessage); + } + /** * @param array $rules * @return HttpSocketResponseExtended @@ -140,7 +204,7 @@ class ServerSyncTool } } - $logMessage = "Pushing Sightings for Event #{$eventUuid} to Server #{$this->server['Server']['id']}"; + $logMessage = "Pushing Sightings for Event #{$eventUuid} to Server #{$this->serverId()}"; $this->post('/sightings/bulkSaveSightings/' . $eventUuid, $sightings, $logMessage); } @@ -310,7 +374,7 @@ class ServerSyncTool $logMessage, $data ); - file_put_contents(APP . 'files/scripts/tmp/debug_server_' . $this->server['Server']['id'] . '.log', $pushLogEntry, FILE_APPEND | LOCK_EX); + file_put_contents(APP . 'files/scripts/tmp/debug_server_' . $this->serverId() . '.log', $pushLogEntry, FILE_APPEND | LOCK_EX); } $request = $this->request; diff --git a/app/Model/Event.php b/app/Model/Event.php index 8247801d4..4b4514d1a 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -917,10 +917,12 @@ class Event extends AppModel /** * @param array $event * @param array $server - * @param HttpSocket $HttpSocket * @return false|string + * @throws HttpSocketJsonException + * @throws JsonException + * @throws Exception */ - public function uploadEventToServer(array $event, array $server, HttpSocket $HttpSocket) + public function uploadEventToServer(array $event, array $server) { $this->Server = ClassRegistry::init('Server'); @@ -931,7 +933,9 @@ class Event extends AppModel return 'The distribution level of this event blocks it from being pushed.'; } - $push = $this->Server->checkVersionCompatibility($server, false); + $serverSync = new ServerSyncTool($server, $this->setupSyncRequest($server)); + + $push = $this->Server->checkVersionCompatibility($server, false, $serverSync); if (empty($push['canPush'])) { return 'The remote user is not a sync user - the upload of the event has been blocked.'; } @@ -941,12 +945,18 @@ class Event extends AppModel } try { - $this->restfulEventToServer($event, $server, $HttpSocket); + // TODO: Replace by __updateEventForSync method in future + $event = $this->__prepareForPushToServer($event, $server); + if (is_numeric($event)) { + throw new Exception("This should never happen."); + } + + $serverSync->pushEvent($event)->json(); } catch (Exception $e) { $errorMessage = $e->getMessage(); - if ($e instanceof HttpException && $e->getCode() == 403) { + if ($e instanceof HttpSocketHttpException && $e->getCode() === 403) { // Do not log errors that are expected - $errorJson = json_decode($errorMessage, true); + $errorJson = $e->getResponse()->json(); if (isset($errorJson['errors'])) { $errorMessage = $errorJson['errors']; if ($errorMessage === 'Event could not be saved: Event in the request not newer than the local copy.') { @@ -1008,84 +1018,6 @@ class Event extends AppModel return $event; } - private function __getLastUrlPathComponent($urlPath) - { - if (!empty($urlPath)) { - $pieces = explode('/', $urlPath); - return '/' . end($pieces); - } - return ''; - } - - /** - * Uploads the event and the associated Attributes to another Server. - * @param array $event - * @param array $server - * @param HttpSocket $HttpSocket - * @return array - * @throws JsonException - */ - private function restfulEventToServer(array $event, array $server, HttpSocket $HttpSocket) - { - // TODO: Replace by __updateEventForSync method in future - $event = $this->__prepareForPushToServer($event, $server); - if (is_numeric($event)) { - throw new Exception("This should never happen."); - } - $request = $this->setupSyncRequest($server); - $serverUrl = $server['Server']['url']; - - $exists = false; - try { - // Check if event exists on remote server to use proper endpoint - $response = $HttpSocket->head("$serverUrl/events/view/{$event['Event']['uuid']}", [], $request); - if ($response->code == '200') { - $exists = true; - } - } catch (Exception $e) { - $this->logException("Could not check if event {$event['Event']['uuid']} exists on remote server {$server['Server']['id']}", $e, LOG_NOTICE); - } - - $data = json_encode($event); - if (!empty(Configure::read('Security.sync_audit'))) { - $pushLogEntry = sprintf( - "==============================================================\n\n[%s] Pushing Event #%d to Server #%d:\n\n%s\n\n", - date("Y-m-d H:i:s"), - $event['Event']['id'], - $server['Server']['id'], - $data - ); - file_put_contents(APP . 'files/scripts/tmp/debug_server_' . $server['Server']['id'] . '.log', $pushLogEntry, FILE_APPEND); - } - - if ($exists) { - $url = "$serverUrl/events/edit/{$event['Event']['uuid']}/metadata:1"; - } else { - $url = "$serverUrl/events/add/metadata:1"; - } - - $response = $HttpSocket->post($url, $data, $request); - - // Maybe the check if event exists was not correct, try to create a new event - if ($exists && $response->code == '404') { - $url = "$serverUrl/events/add/metadata:1"; - $response = $HttpSocket->post($url, $data, $request); - } - - // There is bug in MISP API, that returns response code 404 with Location if event already exists - else if (!$exists && $response->code == '404' && $response->getHeader('Location')) { - $lastPart = $this->__getLastUrlPathComponent($response->getHeader('Location')); - $url = "$serverUrl/events/edit/$lastPart/metadata:1"; - $response = $HttpSocket->post($url, $data, $request); - } - - if (!$response->isOk()) { - throw new HttpException($response->body, $response->code); - } - - return $this->jsonDecode($response->body); - } - private function __rearrangeEventStructureForSync($event) { // rearrange things to be compatible with the Xml::fromArray() @@ -4511,7 +4443,7 @@ class Event extends AppModel ) ); $this->Server->syncGalaxyClusters($HttpSocket, $server, $fakeSyncUser, $technique=$event['Event']['id'], $event=$event); - $thisUploaded = $this->uploadEventToServer($event, $server, $HttpSocket); + $thisUploaded = $this->uploadEventToServer($event, $server); if ($thisUploaded === 'Success') { try { $this->pushSightingsToServer($server, $event); // push sighting by method that check for duplicates From e57c32404a80a1a6be4e5ebed69e413be8131e8c Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 20 Feb 2022 17:21:51 +0100 Subject: [PATCH 0038/1366] chg: [menu] added the MISP event JSON population to the populate from... menu --- app/Controller/EventsController.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index aee9f4c8f..f8d1e8db9 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -4209,6 +4209,11 @@ class EventsController extends AppController throw new NotFoundException(__('Event not found or you are not authorised to view it.')); } $imports = array( + 'MISP JSON' => array( + 'url' => $this->baseurl . '/events/populate/'.$id, + 'text' => __('Populate using a JSON file containing MISP event content data'), + 'ajax' => false + ), 'freetext' => array( 'url' => $this->baseurl . '/events/freeTextImport/' . $id, 'text' => __('Freetext Import'), From 69553f6edb227b2367ae497cfde06dbd140e4210 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 20 Feb 2022 17:21:51 +0100 Subject: [PATCH 0039/1366] chg: [menu] added the MISP event JSON population to the populate from... menu --- app/Controller/EventsController.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 674313719..429ae1b8c 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -4208,6 +4208,11 @@ class EventsController extends AppController throw new NotFoundException(__('Event not found or you are not authorised to view it.')); } $imports = array( + 'MISP JSON' => array( + 'url' => $this->baseurl . '/events/populate/'.$id, + 'text' => __('Populate using a JSON file containing MISP event content data'), + 'ajax' => false + ), 'freetext' => array( 'url' => $this->baseurl . '/events/freeTextImport/' . $id, 'text' => __('Freetext Import'), From 9fd51929d14bb1993794d7d4c88a4733ce184180 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Sun, 20 Feb 2022 17:44:45 +0100 Subject: [PATCH 0040/1366] chg: [warninglists] updated to the latest version --- app/files/warninglists | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/warninglists b/app/files/warninglists index 697aec282..5155ebf39 160000 --- a/app/files/warninglists +++ b/app/files/warninglists @@ -1 +1 @@ -Subproject commit 697aec2821ab1f9ffff9b78d5e8fcd82f6eb3578 +Subproject commit 5155ebf397d0003224bdb00a881bab88786dc216 From 8424b2637f8192cb59654834d10c08afb831bfd5 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 21 Feb 2022 20:45:28 +0100 Subject: [PATCH 0041/1366] chg: [changelog] replaced with the official one --- docs/Changelog.md | 2960 +++++++++++++++++++++++++++++++-------------- 1 file changed, 2075 insertions(+), 885 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 307b5378e..1d2dbd43f 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -1,30 +1,327 @@ Changelog ========= -v2.4 aka 2.4 for ever (current changelog) ------------------------- + +v2.4.153 (2022-02-04) +--------------------- + +New +~~~ +- [UI] Show TLS version for server test. [Jakub Onderka] +- [security] Check TLSv1.3 connection. [Jakub Onderka] +- [oidc] Add new option: OidcAuth.authentication_method. [Jakub Onderka] +- [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork. + [Jakub Onderka] +- [CLI] admin configLint. [Jakub Onderka] +- [security] Allow to specify min_tls_version. [Jakub Onderka] +- [security] securityAuditTls. [Jakub Onderka] +- [CLI] Security audit. [Jakub Onderka] +- [form factory] added a div field type. [iglocska] + + - allows to create parametrised divs for additional placeholders + - parameters are id, class, style, to be extended when needed +- [test] New audit. [Jakub Onderka] Changes -------- +~~~~~~~ +- [version] bump. [iglocska] +- Fix findoriginaluuid typo. [Jeroen Pinoy] +- [oidc] Store user sid in session. [Jakub Onderka] +- [misp-objects] updated. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [internal] Add debugging for problematic push. [Jakub Onderka] +- [tools] communities.md generator works with new website. [Christophe + Vandeplas] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [setting] Check if value is from options. [Jakub Onderka] +- [UI] Use number input for numeric setting. [Jakub Onderka] +- [internal] Do not call __evaluateLeaf for branch. [Jakub Onderka] +- [internal] Recommend to install pydeep2. [Jakub Onderka] +- [connection] Allow to define onConnect callback. [Jakub Onderka] +- [js:markdown-it] Update markdown-it library from version 11.0.0 to + version 12.3.2. [Sami Mokaddem] +- [test] Use new link to install poetry. [Jakub Onderka] +- [test] Remove libfuzzy-dev package. [Jakub Onderka] +- [internal] Bump PyMISP to use pydeep2. [Jakub Onderka] +- [internal] Use pydeep2. [Jakub Onderka] +- [internal] Event report name is required. [Jakub Onderka] +- [security] Warn about unsupported OS. [Jakub Onderka] +- [internal] Fix session closing for dashboard widget. [Jakub Onderka] +- [internal] Remove useless session closing. [Jakub Onderka] +- [security] Avoid timing attacks for post validating. [Jakub Onderka] +- [internal] Remove random_compat. [Jakub Onderka] +- [internal] Do not modify session when not necessary. [Jakub Onderka] +- [cli] Deprecate `cake baseurl` command. [Jakub Onderka] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [CI] fixed installation. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [i18n] Updated Thai (21%) [Steve Clement] +- [doc] Added php-curl to speed up composer. [Steve Clement] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [i18n] default.pot update. [Steve Clement] +- [i18n] Renamed Thai directory. [Steve Clement] +- [i18n] Added Thai, updated active language files. [Steve Clement] +- [i18n] Update pot files. [Steve Clement] +- [warning-lists] updated to the latest version. [Alexandre Dulaunoy] +- [installer] Updated to latest, considering rhel8.4/8.5. [Steve + Clement] - [doc] Remove centos ref. [Steve Clement] - [doc] Added rhel8.4 and rhel8.5. [Steve Clement] - [installer] Latest installer to reflect doc changes. [Steve Clement] +- [installer] Latest installer to reflect doc changes. [Steve Clement] - [doc] Removed CentOS ref. [Steve Clement] - [doc] Updated docs and removed obsolete refs. [Steve Clement] - [doc] Various CentOS9 references. [Steve Clement] +Fix +~~~ +- [language] fix (exception text) [iglocska] +- [internal] Array to string conversion. [Jakub Onderka] +- [misp-stix] Same errors handling for STIX1 as it recently has been + pushed for STIX2. [chrisr3d] +- [API key] shown on automation page when using classic keys. [iglocska] +- [misp-stix] Bumped latest version with enhanced parsing of objects + which encountered parsing errors. [chrisr3d] + + - Instead of simply storing the error message, we + also convert those objects as STIX Custom objects +- [misp-stix] Bumped latest version with a better exceptions handling + for file, pe & pe-section objects converted to STIX2 file objects with + a pebinary extension. [chrisr3d] +- [stix export] Fixed wrong indentation causing variable name errors. + [chrisr3d] +- [misp-stix] Bumped latest version with a quick fix on Tags handling as + STIX2 markings. [chrisr3d] +- [misp-stix] Bumped latest version with some fixes on the tags parsing. + [chrisr3d] +- [internal] testForCABundle should return true. [Jakub Onderka] +- [stix] STIX test. [Jakub Onderka] +- [internal] Syntax error in PHP 7.2. [Jakub Onderka] +- [test] Do not force libpcre2 installation. [Jakub Onderka] +- [setting] Default value for MISP.require_password_confirmation is + false. [Jakub Onderka] +- [appController:loginByAuthkey] Skip authentication with basic + authorization. [Sami Mokaddem] + + Fix #7576. + Basic Auth might happen for some setup where the authentication is performed by another component such as LDAP. + For these cases, the Authorization header is present and contains the Basic Auth data used by the authentication plugin. Before this patch, MISP failed to resolve the API key to a user and threw a 403. This was because MISP detected the presence of the Authorization header which triggered an authentication by Authkey that would always fail as the content is not a valid API key. +- [event add] resolved notice error when viewing the event add form. + [iglocska] + + - converted the html div added as a field to a proper factory field +- [audit] Send IP address to ZMQ in full form. [Jakub Onderka] +- Supervisord_status showing as a worker when its not. [Luciano + Righetti] +- [CLI] Authkey valid - reconnect in case of failure. [Jakub Onderka] +- Fix: add flag to update deps as suggested by @hlijan. [Luciano + Righetti] +- Bug defaulting source_format instead of fixed_event on /feeds/add + endpoint. [Luciano Righetti] +- [UI] Fix authkey field type. [Jakub Onderka] +- [internal] Closing session for statistics. [Jakub Onderka] +- Fix: unix timestamps should have a @ prefix. [Luciano Righetti] +- Make SimpleBackgroundJobs work on RHEL 7 with + supervisorphp/supervisor:^3.0. [Richard van den Berg] +- Change simple bg jobs settings to critical, fix notice in server + shell. [Luciano Righetti] +- [stix1 export] Removed unused imports. [chrisr3d] +- [stix2 import] Fixed wrong variable name. [chrisr3d] +- [misp-stix] Bumped latest fixed version of the library. [chrisr3d] + + - Includes fixes on the usage of orgnames during + a STIX 1 export: + - The orgname used to define the information + source and the reporter identity remains + the same + - The orgname used to define every STIX object + id is sanitized to comply with the STIX + validation process +- [CI] libpcre2 issue. [Alexandre Dulaunoy] +- Error later on when json enconding a binary repr ipv6. [Luciano + Righetti] +- [i18n] Typo. [Steve Clement] +- [typo] check - not chech. [Steve Clement] +- [galaxyclusters] view by uuid fixed. [iglocska] +- [typo] tagID. [Steve Clement] +- Fix: unix timestamps should have a @ prefix. [Luciano Righetti] + Other ------ +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge pull request #8129 from Wachizungu/fix-findoriginaluuid-typo. + [Alexandre Dulaunoy] + + chg: fix findoriginaluuid typo +- Merge pull request #8118 from JakubOnderka/new-oidc. [Jakub Onderka] + + chg: [oidc] Store user sid in session +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8123 from JakubOnderka/event-push-debug. [Jakub + Onderka] + + fix: [internal] Array to string conversion +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch 'develop' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. + [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. + [chrisr3d] +- Merge pull request #8120 from JakubOnderka/event-push-debug. [Jakub + Onderka] + + chg: [internal] Add debugging for problematic push +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. + [chrisr3d] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8109 from JakubOnderka/tls-debug. [Jakub Onderka] + + TLS connection debug +- Merge pull request #8117 from JakubOnderka/new-oidc. [Jakub Onderka] + + new: [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch 'develop' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [chrisr3d] +- Merge pull request #8107 from JakubOnderka/settings-lint. [Jakub + Onderka] + + Settings lint +- Merge pull request #8106 from JakubOnderka/stix-test. [Jakub Onderka] + + Stix test +- Merge pull request #8105 from JakubOnderka/min_tls_version. [Jakub + Onderka] + + new: [security] Allow to specify min_tls_version +- Merge pull request #8089 from JakubOnderka/security-audit-cli. [Jakub + Onderka] + + new: [CLI] Security audit +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8100 from JakubOnderka/pydeep2. [Jakub Onderka] + + chg: [internal] Bump PyMISP to use pydeep2 +- Merge pull request #8098 from JakubOnderka/zmq-audit-ip-address. + [Jakub Onderka] + + fix: [audit] Send IP address to ZMQ in full form +- Merge pull request #8099 from JakubOnderka/pydeep2. [Jakub Onderka] + + chg: [internal] Use pydeep2 +- Merge branch '2.4' into develop. [Luciano Righetti] +- Merge pull request #8065 from fandigunawan/2.4. [Jakub Onderka] + + fix: Removes debug print in AWS S3 Client +- Removes debug print. [Fandi Gunawan] +- Merge pull request #8067 from righel/issue-8064. [Andras Iklody] + + fix: supervisord_status showing as a worker when its not +- Merge pull request #8086 from JakubOnderka/event-report-name-required. + [Jakub Onderka] + + chg: [internal] Event report name is required +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Steve Clement] +- Merge pull request #8072 from JakubOnderka/fix-authkeys-valid. [Jakub + Onderka] + + fix: [CLI] Authkey valid - reconnect in case of failure +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8069 from JakubOnderka/security-audit-old-os. + [Jakub Onderka] + + chg: [security] Warn about unsupported OS +- Merge pull request #8061 from JakubOnderka/authkey-input. [Jakub + Onderka] + + fix: [UI] Fix authkey field type +- Merge pull request #7986 from JakubOnderka/better-security. [Jakub + Onderka] + + chg: [internal] Do not modify session when not necessary +- Merge branch '2.4' into develop. [Steve Clement] +- Merge pull request #8052 from RichieB2B/ncsc-nl/supervisor. [Luciano + Righetti] + + Make supervisor connector work with supervisorphp/supervisor 3 +- Merge pull request #8053 from righel/improve-simple-bg-jobs-settings. + [Luciano Righetti] + + Improve SimpleBackgroundJobs settings +- Add: add migration guide to docs. [Luciano Righetti] +- Merge pull request #8039 from JakubOnderka/cake-baseurl-deprecated. + [Jakub Onderka] + + chg: [cli] Deprecate `cake baseurl` command +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge pull request #8092 from DCSO/fix/linotp-throw2. [Alexandre + Dulaunoy] + + LinOTP minor fixes +- [chg] LinOTP default baseURL. [Hendrik Baecker] +- [chg] Make LinOTP configurable via webui and cli. [Hendrik Baecker] +- [chg] Add link to LinOTP selfservice. [Hendrik Baecker] +- [chg] Improved LinOTP error handling. [Hendrik Baecker] + + Matches if ssl verify fails for example +- Merge pull request #8096 from righel/fix-issue-8093. [Luciano + Righetti] + + fix: error later on when json enconding a binary repr ipv6 +- Merge pull request #8091 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8084 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8083 from SteveClement/guides. [Steve Clement] +- Merge remote-tracking branch 'origin' into guides. [Steve Clement] +- Merge branch 'MISP:2.4' into 2.4. [Steve Clement] +- Merge branch 'MISP:2.4' into 2.4. [Steve Clement] +- Merge pull request #5 from SteveClement/guides. [Steve Clement] +- Merge pull request #8082 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8080 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8079 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8075 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8074 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8068 from StefanKelm/2.4. [Luciano Righetti] + + fix wording +- Update Server.php. [StefanKelm] + + fix wording - Merge pull request #8059 from SteveClement/guides. [Steve Clement] - Merge pull request #8058 from SteveClement/guides. [Steve Clement] - Merge pull request #8056 from SteveClement/guides. [Steve Clement] - Add: add migration guide to docs. [Luciano Righetti] + v2.4.152 (2021-12-22) --------------------- New ---- +~~~ - [CLI] user authkey_valid command. [Jakub Onderka] - [tag] Generate predictable tag color. [Jakub Onderka] - [server:synchronisation] Type filtering during PULL synchronisation. @@ -38,7 +335,7 @@ New - [internal] Use pubToZmq to check if publish to ZMQ. [Jakub Onderka] Changes -------- +~~~~~~~ - [misp-stix] Bumped latest version of the library. [chrisr3d] - [security audit] fixed failures on kernel compilation time. [iglocska] @@ -146,7 +443,7 @@ Changes [chrisr3d] Fix ---- +~~~ - [stix1 export] Ordering object types to avoid validation issues. [chrisr3d] @@ -204,7 +501,7 @@ Fix - [test] Ignore beforeRender function. [Jakub Onderka] - [internal] Deleting events. [Jakub Onderka] - [internal] Old style view class. [Jakub Onderka] -- :lock: Disable caching of images. [Jakub Onderka] +- [security] Disable caching of images. [Jakub Onderka] - [CLI] Show error when calling methods for managing workers when SimpleBackgroundJobs are enabled. [Jakub Onderka] - [internal] Fix checking if system is Linux. [Jakub Onderka] @@ -273,11 +570,13 @@ Fix going to be used when exporting event galaxies Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'misp-stix' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. @@ -380,6 +679,7 @@ Other chg: [internal] Log when attribute was dropped - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #7975 from JakubOnderka/process-tool-selftest. [Jakub Onderka] @@ -444,19 +744,20 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [stix export] Adding stix various formats in the list of valid +- Wip: [stix export] Adding stix various formats in the list of valid formats for attributes restSearch. [chrisr3d] -- :construction: [stix export] First implementation of an attributes restSearch +- Wip: [stix export] First implementation of an attributes restSearch export as STIX 1 & 2. [chrisr3d] - More testing, and changes on other parts of the process to come as well + v2.4.151 (2021-11-23) --------------------- New ---- +~~~ - [internal] Faster caching. [Jakub Onderka] - [user] Add sub field for user. [Jakub Onderka] - [CLI] For redisMemoryUsage show also server cache size. [Jakub @@ -467,7 +768,7 @@ New Righetti] - [CLI] Redis memory usage diagnostics. [Jakub Onderka] - [CLI] admin reencrypt command. [Jakub Onderka] -- :lock: Store authkeys for servers encrypted. [Jakub Onderka] +- [security] Store authkeys for servers encrypted. [Jakub Onderka] - [UI] Define custom right menu link. [Jakub Onderka] - [CLI] Allow to set setting value to `null` [Jakub Onderka] - [internal] Save to config file just what was in file. [Jakub Onderka] @@ -499,7 +800,7 @@ New - [test] test_search_index_by_all. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] @@ -560,8 +861,10 @@ Changes redis client. [Luciano Righetti] - Move initTool() logic to constructor. [Luciano Righetti] - Merge develop, fix conflicts. [Luciano Righetti] +- Merge develop, fix conflicts. [Luciano Righetti] - Rename settings. [Luciano Righetti] - Rename conf name. [Luciano Righetti] +- Rename conf name. [Luciano Righetti] - Call supervisor xml-rpc api, add supervisor app required packages. [Luciano Righetti] - Add db update. [Luciano Righetti] @@ -827,7 +1130,7 @@ Changes Onderka] Fix ---- +~~~ - [tools:backgroundjob] Support of legacy systems (3) [Sami Mokaddem] - [tools:backgroundjob] Support of legacy systems (2) [Sami Mokaddem] - [backgroundjob] Support of legacy system. [Sami Mokaddem] @@ -856,6 +1159,7 @@ Fix - [internal] Remove unused MISP.cached_attachments setting. [Jakub Onderka] - Wrong default. [Luciano Righetti] +- Wrong default. [Luciano Righetti] - Allow start worker by queue type. [Luciano Righetti] - Issues when worker is stopped, allow null pid and user in worker class. [Luciano Righetti] @@ -918,6 +1222,7 @@ Fix - [internal] Simplify Attribute code. [Jakub Onderka] - [API] Simplify some validations. [Jakub Onderka] - [cti-python-stix2] Correctly bumped latest version... [chrisr3d] +- [cti-python-stix2] Correctly bumped latest version... [chrisr3d] - [database] upgrade script using mb4 defaulted to 255 key length. [iglocska] @@ -966,7 +1271,7 @@ Fix MISP/PyMISP#799. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] @@ -974,6 +1279,7 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7971 from JakubOnderka/apcu. [Jakub Onderka] @@ -1032,6 +1338,7 @@ Other new: [CLI] Redis memory usage diagnostics - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #7944 from SteveClement/guides. [Steve Clement] @@ -1208,6 +1515,7 @@ Other Attribute validation tool fix - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7894 from JakubOnderka/attribute-code-style. [Jakub Onderka] @@ -1409,15 +1717,16 @@ Other chg: [internal] Use FileAccessTool for publishing sightings + v2.4.150 (2021-10-12) --------------------- New ---- +~~~ - [test] Build test. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Add missing action buttons. [Luciano Righetti] - Add tags and galaxies col. [Luciano Righetti] @@ -1491,7 +1800,7 @@ Changes - [MISP/cakephp] updated - to get latest CA bundle. [Alexandre Dulaunoy] Fix ---- +~~~ - [attribute index] fixed attribute tag widget. [iglocska] - notice errors due to missing variables in the closure @@ -1520,7 +1829,7 @@ Fix - [stix1 export] Removed unnecessary write. [chrisr3d] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'attribute_index' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. @@ -1613,11 +1922,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.149 (2021-10-09) --------------------- New ---- +~~~ - [internal] Store MISP live status also in Redis. [Jakub Onderka] - [internal] OrgBlocklist::removeBlockedEvents. [Jakub Onderka] - [internal] Method Job::createJob. [Jakub Onderka] @@ -1636,7 +1946,7 @@ New - [CLI] User shell. [Jakub Onderka] - [oidc] Allow to automatically unblock user after successful login. [Jakub Onderka] -- :lock: Disable browser autocomplete for authkeys field. [Jakub +- [security] Disable browser autocomplete for authkeys field. [Jakub Onderka] - [export:host] RestSearch export for blackholing via host file. [mokaddem] @@ -1651,7 +1961,7 @@ New - [test] Sync. [Jakub Onderka] Changes -------- +~~~~~~~ - [stix2 export] Using a specific filter to specify the STIX version. [chrisr3d] @@ -1717,6 +2027,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - Detail attribute categories in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] +- Detail attribute types in openapi doc. [Luciano Righetti] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [internal] Refactor FileAccessTool. [Jakub Onderka] - [internal] Simplified EventsController::view code. [Jakub Onderka] @@ -1749,6 +2060,7 @@ Changes - Migrate org_blocklists/index view to factory. [Luciano Righetti] - Detail attribute categories in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] +- Detail attribute types in openapi doc. [Luciano Righetti] - [internal] Code cleanup. [Jakub Onderka] - [UI] Better error messages when uploading MISP file. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] @@ -1779,6 +2091,7 @@ Changes - [misp-wipe] wipe auth_keys tables. [Richard van den Berg] - Add openapi docs for [POST]/admin/logs. [Luciano Righetti] - [PyMISP] Bump. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] - Skip dev dependencies when installing via INSTALL.sh script. [Luciano Righetti] - [alert] Deprecate `publish_alerts_summary_only`, this option just @@ -1815,12 +2128,12 @@ Changes - Should fix diagnostic issues with version mentioned in #7054 - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [internal] Server controller cleanup. [Jakub Onderka] -- :lock: Use const hasher also for login. [Jakub Onderka] +- [security] Use const hasher also for login. [Jakub Onderka] - [sync] Use server sync to get available sync filtering rules. [Jakub Onderka] - [sync] Simplify server post test code. [Jakub Onderka] - [sync] Use server sync tool for connection test. [Jakub Onderka] -- :lock: Mitigate timing attacks when comparing advanced auth keys +- [security] Mitigate timing attacks when comparing advanced auth keys hashes. [Jakub Onderka] - [restResponseComponent] Added doc for new sighting/add filters parameter. [Sami Mokaddem] @@ -1885,7 +2198,7 @@ Changes - [ui] Various improvements in factories. [mokaddem] Fix ---- +~~~ - [misp-stix] updated to the latest version (incorrect submodule) [Alexandre Dulaunoy] @@ -1978,7 +2291,7 @@ Fix - [sync] Pushing sightings. [Jakub Onderka] - [ACL] queryAvailableSyncFilteringRules is required just for site admins. [Jakub Onderka] -- :lock: Check permission when viewing shadow attribute picture. +- [security] Check permission when viewing shadow attribute picture. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [API] Deprecation header. [Jakub Onderka] @@ -2002,7 +2315,7 @@ Fix - [acl] Bumped ACL. [mokaddem] Other ------ +~~~~~ - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of https://github.com/MISP/MISP into misp-stix. @@ -2011,6 +2324,7 @@ Other [chrisr3d] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'misp-stix' into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] @@ -2018,7 +2332,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [misp-stix] Bumped latest version. [chrisr3d] +- Wip: [misp-stix] Bumped latest version. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. @@ -2031,16 +2345,16 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [stix2 export] Args parsing to better handle parameters & Support +- Wip: [stix2 export] Args parsing to better handle parameters & Support for STIX 2.1. [chrisr3d] -- :construction: [stix export, framing] Reworked misp_framing. [chrisr3d] +- Wip: [stix export, framing] Reworked misp_framing. [chrisr3d] - Made it cleaner - Made it support the STIX framing provided by misp-stix converter library - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [stix2 export] Testing MISP-STIX python library with the included +- Wip: [stix2 export] Testing MISP-STIX python library with the included changes on the Export Lib and on the misp2stix2.py script. [chrisr3d] - Add: [submodules, stix] Added MISP-STIX converter library as submodule. [chrisr3d] @@ -2073,6 +2387,7 @@ Other # app/Console/Command/EventShell.php # app/Model/Server.php - Merge branch 'MISP:2.4' into 2.4. [Matjaz Rihtar] +- Merge branch 'MISP:2.4' into 2.4. [Matjaz Rihtar] - Merge pull request #1 from MISP/2.4. [Matjaz Rihtar] Sync fork with original MISP/MISP @@ -2325,7 +2640,7 @@ Other - Merge pull request #7692 from JakubOnderka/const-hasher-password. [Jakub Onderka] - chg: :lock: Use const hasher also for login + chg: [security] Use const hasher also for login - Merge pull request #7693 from JakubOnderka/oidc_auth_unblock. [Jakub Onderka] @@ -2363,11 +2678,11 @@ Other - Merge pull request #7677 from JakubOnderka/mitigate-timing-attacks. [Jakub Onderka] - chg: :lock: Mitigate timing attacks + chg: [security] Mitigate timing attacks - Merge pull request #7675 from JakubOnderka/authkeys-autocompelte-off. [Jakub Onderka] - new: :lock: Disable browser autocomplete for authkeys field + new: [security] Disable browser autocomplete for authkeys field - Merge branch 'develop' of github.com:MISP/MISP into develop. [Luciano Righetti] - Merge pull request #7649 from JakubOnderka/pull-sightings. [Jakub @@ -2502,17 +2817,19 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into migration- taxonomy. [mokaddem] + v2.4.148 (2021-08-05) --------------------- New ---- +~~~ - [test] Check schema diagnostics in CI. [Jakub Onderka] - [citation-cff] added. [Alexandre Dulaunoy] +- [citation-cff] added. [Alexandre Dulaunoy] - [test] Security test for publishing events. [Jakub Onderka] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump recommended version. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] @@ -2535,6 +2852,7 @@ Changes modifications). [Liviu Valsan] - [API] Refactor event publishing. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] +- [internal] Convert array to const. [Jakub Onderka] - [internal] Simplified Attribute::deleteAttribute method. [Jakub Onderka] - [internal] Removed unused variables. [Jakub Onderka] @@ -2553,7 +2871,7 @@ Changes - update your PHP version though Fix ---- +~~~ - [js] Show correct error message for get remote version. [Jakub Onderka] - [UI] Show correct error message for get remote user. [Jakub Onderka] @@ -2568,15 +2886,15 @@ Fix - this caused the CLI setting change to error out - [stix2misp] Use describeTypes from PyMISP. [Jakub Onderka] -- :lock: Stored XSS when viewing galaxy cluster relationships - As +- [security] Stored XSS when viewing galaxy cluster relationships - As reported by Dawid Czarnecki. [mokaddem] -- :lock: Stored XSS when viewing galaxy cluster elements in JSON +- [security] Stored XSS when viewing galaxy cluster elements in JSON format. [mokaddem] - [compatibility] several scoped constants reverted. [iglocska] - [proposal alert email] function call fixed. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7624 from JakubOnderka/get-remote-user-fixes. [Jakub Onderka] @@ -2632,6 +2950,7 @@ Other chg: [shibbauth] added option to block organisation changes at login - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7539 from JakubOnderka/publishing-refactoring. [Jakub Onderka] @@ -2647,11 +2966,12 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] + v2.4.147 (2021-07-27) --------------------- New ---- +~~~ - [sync] When saving sightings, push just new sightings. [Jakub Onderka] - [sync] When pushing event, upload sightings by another call. [Jakub Onderka] @@ -2662,7 +2982,7 @@ New - [misp2stix2] Return traceback for error. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] bump. [iglocska] - [security audit] Check config.php.bk file permission. [Jakub Onderka] @@ -2672,6 +2992,7 @@ Changes [Jakub Onderka] - [test] Move PHP tests to different task. [Jakub Onderka] - [PyMISP] bump. [iglocska] +- [PyMISP] bump. [iglocska] - [UI] Use time element for event published timestamp. [Jakub Onderka] - [UI] Raise font size of local org description. [Jakub Onderka] - [UI] After creating new org, redirect to org details. [Jakub Onderka] @@ -2737,11 +3058,12 @@ Changes getVersion. [Jakub Onderka] - [mispObject:breakOnDuplicate] Provide more feedback. [mokaddem] - [installer] Update to latest version. [Steve Clement] +- [installer] Update to latest version. [Steve Clement] - [doc] Guides now compatible with Fedora WS/Server 34. [Steve Clement] - [warning-list] updated. [Alexandre Dulaunoy] Fix ---- +~~~ - [test] Set expected config for security tests. [Jakub Onderka] - [test] Check if user is logged. [Jakub Onderka] - [config defaults] unset the default python bin path. [iglocska] @@ -2750,7 +3072,7 @@ Fix - [config] Fixed indentation. [mokaddem] - [test] Redis password can be empty. [Jakub Onderka] - [test] After CLI setSetting change. [Jakub Onderka] -- :lock: Stored XSS when forking a galaxy cluster As reported by +- [security] Stored XSS when forking a galaxy cluster As reported by Giuseppe Diego Gianni. [mokaddem] - [posts] add org field to email job. [iglocska] - Add missing newline. [Luciano Righetti] @@ -2827,7 +3149,8 @@ Fix - [galaxies:add] Missing entry in sidebar Fix #7499. [mokaddem] Other ------ +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7603 from JakubOnderka/fix-tests-vol2. [Jakub Onderka] @@ -2986,28 +3309,29 @@ Other Righetti] - Add crud component noticelists index. [Luciano Righetti] + v2.4.146 (2021-06-30) --------------------- New ---- +~~~ - [API] Read only authkeys. [Jakub Onderka] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [log] Remove ObjectRelationship from audit log. [Jakub Onderka] - [internal] Simplify generating some JSON responses. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [UI] Loading non exists library in Audit log index. [Jakub Onderka] - [event:add] Typo in accessing sharing group roaming information. [mokaddem] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7533 from JakubOnderka/audit-log-ui-fix. [Jakub Onderka] @@ -3031,11 +3355,12 @@ Other - Security: fix stored xss in sharing groups view as reported by Nicolas Vidal from TEHTRIS. [Luciano Righetti] + v2.4.145 (2021-06-28) --------------------- New ---- +~~~ - [API] Import warninglist. [Jakub Onderka] - [internal] Support Cake installation by composer. [Jakub Onderka] - [ZMQ] Send warninglist changes to ZMQ. [Jakub Onderka] @@ -3048,7 +3373,7 @@ New - exclude attributes/objects, so the e-mail will only include a summary Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [doc:authentication_diagrams] Included session and cookie handling. [mokaddem] @@ -3075,7 +3400,7 @@ Changes - [composer] Crypt_GPG updated to 1.6.5. [Alexandre Dulaunoy] Fix ---- +~~~ - [rest client] Handle state when body is too big to save into rest client history. [Jakub Onderka] - [server caching] only push data to redis / logs if there's something @@ -3120,9 +3445,10 @@ Fix 😅 Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7495 from JakubOnderka/warninglist-import. [Jakub @@ -3148,6 +3474,12 @@ Other chg: [user] Relaxed email validation rule - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. @@ -3202,11 +3534,12 @@ Other fix: typo + v2.4.144 (2021-06-07) --------------------- New ---- +~~~ - Add initial version of openapi spec, add ReDoc js files. [Luciano Righetti] - [doc:sync] Added notes and diagrams about synchornisation logics. @@ -3221,7 +3554,7 @@ New - [doc:auth-diagram] Added authentication diagram. [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [logo] reverted to the non-birthday version. [iglocska] @@ -3255,6 +3588,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated fix #7445. [Alexandre Dulaunoy] - [config] default config now uses RFC2606 example.com domain. @@ -3262,7 +3596,7 @@ Changes - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [PyMISP] Bump pipenv. [Raphaël Vinot] - /feeds/add endpoint returns empty 'name' error via api call. [Luciano Righetti] @@ -3289,7 +3623,7 @@ Fix sharing group. [mokaddem] - [dashboard:update_settings] Added missing view. [mokaddem] - [dashbpard:updateSetting] Usage of CSRF token. [mokaddem] -- :lock: Always capture attribute sharing groups. [iglocska] +- [security] Always capture attribute sharing groups. [iglocska] - via object edits it was omitted, leading to a possible misassociation of sharing groups by using the local ID of a referenced SG @@ -3327,7 +3661,7 @@ Fix [Anders Einar Hilden] Restore the notice_message div that vanished in commit 0d4df7c98b0fc67618b1c3c298e64efb668fc4fe. -- :lock: disable email uniqueness validation for the self +- [security] disable email uniqueness validation for the self registration. [iglocska] - [OTP] identifier tag fixed. [iglocska] @@ -3337,7 +3671,7 @@ Fix - [group by] error fixed in diagnostics, fixes #7411. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] @@ -3390,6 +3724,7 @@ Other [mokaddem] - Merge branch 'doc-sync' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] @@ -3414,11 +3749,13 @@ Other fails. [Luciano Righetti] - Return api error when feed is not enabled. [Luciano Righetti] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7432 from JakubOnderka/perm_flags_translatable. [Jakub Onderka] Perm flags translatable - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'airbus-cert-synchronisation_servers_cache_features' into develop. [Alexandre Dulaunoy] - Add cacheServerAll documentation. [Amaury Leroy] @@ -3440,11 +3777,12 @@ Other fix: [UI] Restore notice list warnings when adding or editing attribute - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] + v2.4.143 (2021-05-14) --------------------- New ---- +~~~ - [internal] View event as different user. [Jakub Onderka] - [event index] add report count. [iglocska] - [users:index] Batch toggleable fields. [mokaddem] @@ -3467,7 +3805,7 @@ New - should also be a fair bit faster Changes -------- +~~~~~~~ - [version] bumped. [iglocska] - [birthday] logo added. [iglocska] @@ -3486,7 +3824,7 @@ Changes - [organisations:add] Migrated view to factory. [mokaddem] - [organisations:index] Migrated view to factory. [mokaddem] - [elements:indexGenericField] Allow passing implode's glue. [mokaddem] -- [warninglists:index] Moved views to factory - :construction:. [mokaddem] +- [warninglists:index] Moved views to factory - WiP. [mokaddem] - [UsageData] fix active proposal count, exclude deleted entries. [Jeroen Pinoy] - Bumped queryversion. [mokaddem] @@ -3537,7 +3875,7 @@ Changes Fixed JS error throwing undefined variable in top correlations Fix ---- +~~~ - [jobs view] Typo with $baseurl variable name. [chrisr3d] - [module results] References between objects returned with module results and the original object attribute are now pointing to the @@ -3650,7 +3988,7 @@ Fix In some cases, galaxy clusters might not have targeting clusters Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7377 from 86x/pi-support. [Andras Iklody] @@ -3762,6 +4100,7 @@ Other chg: [UI] Link to proposal limited view from proposal event index - Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] @@ -3793,12 +4132,16 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] + v2.4.142 (2021-04-27) --------------------- New ---- +~~~ - [correlation exclusions] now have an optional comment field. [iglocska] @@ -3870,7 +4213,7 @@ New - just pass "ago": 1 as a parameter to the field Changes -------- +~~~~~~~ - [elements:indexPostlink] Added possibility to add confirm messages. [mokaddem] @@ -3918,7 +4261,7 @@ Changes feeds. [mokaddem] - [elements:serverRuleElements] Inject existing rules into widget. [mokaddem] -- [elements:serverRuleElements] Support of previous rule states - :construction:. +- [elements:serverRuleElements] Support of previous rule states - WiP. [mokaddem] - [elements:serverRuleElements] Added preventive sanitizations. [mokaddem] @@ -3983,6 +4326,7 @@ Changes - [UI] Correctly handle progress for jobs. [Jakub Onderka] - [UI] Make possible to filter jobs by prio queue. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [attributes/restSearch] add clarifying comments. [Jeroen Pinoy] - [restResponseComponent] Get scoped available endpoints. [mokaddem] - Bump PyMISP. [Raphaël Vinot] @@ -4003,7 +4347,7 @@ Changes - [doc] Added details on MISPvars. [Steve Clement] Fix ---- +~~~ - [attribute search] Don't use form tampering protection for searches. [iglocska] - [top correlations] Divide the count by 2. [iglocska] @@ -4074,7 +4418,7 @@ Fix - Fix remove attribute tag showing text/html content-type. [Luciano Righetti] - [CSRF] issues resolved for the dashboards controller. [iglocska] -- :lock: Sharing group misassociation on sync. [iglocska] +- [security] Sharing group misassociation on sync. [iglocska] - when an object has a sharing group associated on an event edit, the sharing group object is ignored and instead the passed local ID is reused - as reported by Jeroen Pinoy @@ -4112,12 +4456,13 @@ Fix - causes issues under certain PHP versions as it's a reserved keyword Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7369 from MISP/fix-link. [Alexandre Dulaunoy] Fix link @@ -4200,6 +4545,7 @@ Other - Update STYLE.md. [E. Cleopatra] - Update GITWORKFLOW.md. [E. Cleopatra] - Update CONTRIBUTING.md. [E. Cleopatra] +- Update CONTRIBUTING.md. [E. Cleopatra] - Write coding style guidelines. [E. Cleopatra] - Merge pull request #7342 from Wachizungu/fix-checkForDuplicateObjects- typo. [Andras Iklody] @@ -4391,11 +4737,12 @@ Other - Add AadAuth module as saved settings. [Eva Yang] - Merge branch '2.4' into develop. [iglocska] + v2.4.141 (2021-03-29) --------------------- New ---- +~~~ - [cli] enable all tags for a taxonomy. [Jeroen Pinoy] - [eventgraph:viewPicture] Allow access to saved picture from the eventgraph history. [mokaddem] @@ -4420,7 +4767,7 @@ New - [UI] Render galaxy cluster description as markdown. [Jakub Onderka] Changes -------- +~~~~~~~ - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [doc] when enabling remi 7.4 by default, paths change. [Steve Clement] @@ -4436,6 +4783,7 @@ Changes - [UI] fix debugon for debug = 1. fix #7131. [Jeroen Pinoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] +- [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [doc] more fine tuning to RHEL8. [Steve Clement] - [doc] Balanced RHEL 8 and 7 Docs. [Steve Clement] - [doc] Move away from expect. [Steve Clement] @@ -4527,7 +4875,7 @@ Changes - [optimise] Faster loading galaxy cluster index. [Jakub Onderka] Fix ---- +~~~ - [attribute:restSearch] `includeCorrelations` Do not longer returns soft-deleted attributes. [mokaddem] - [sharinggroup:captureSG] Correctly capture the roaming state. @@ -4636,10 +4984,11 @@ Fix - [internal] Undefined index when importing from module. [Jakub Onderka] Other ------ +~~~~~ - Chg; [version] bump. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #7261 from SteveClement/guides. [Steve Clement] chg: [doc] when enabling remi 7.4 by default, paths change @@ -4785,6 +5134,8 @@ Other fix: [merge] Local tags should stay local - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'eventgraph-node-coloring' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into eventgraph-node- @@ -4913,18 +5264,19 @@ Other chg: [optimise] Faster loading galaxy cluster index - Merge branch '2.4' into develop. [iglocska] + v2.4.140 (2021-03-03) --------------------- New ---- +~~~ - [test] Password change. [Jakub Onderka] - [server shell] list servers, fixes #7115. [iglocska] - simple human readable listing - kept the old weird JSON producing listServers intact - [oidc] Readme. [Jakub Onderka] -- :lock: Content-Security-Policy support. [Jakub Onderka] +- [security] Content-Security-Policy support. [Jakub Onderka] - [CLI] check if updates are done yet or not. [iglocska] usage: @@ -4944,7 +5296,7 @@ New Onderka] - [UI] Show tag info in taxonomy view. [Jakub Onderka] - [sync] Compressed requests support. [Jakub Onderka] -- :lock: Security audit. [Jakub Onderka] +- [security] Security audit. [Jakub Onderka] - [oidc] OpenID Connect authentication. [Jakub Onderka] - [devshell] added a new shell for developer related tasks. [iglocska] @@ -4953,7 +5305,7 @@ New - [object] Allows updating from an unknown object templates. [mokaddem] Changes -------- +~~~~~~~ - [csp] Add Security.csp_enforce to server setting. [Jakub Onderka] - [csp] Report only by default. [Jakub Onderka] - [PyMISP] Bump version. [Raphaël Vinot] @@ -5020,7 +5372,7 @@ Changes - [internal] Faster updating taxonomies. [Jakub Onderka] Fix ---- +~~~ - [csp] Incorrect variable name. [Jakub Onderka] - [csp] Custom policies. [Jakub Onderka] - [Sharing groups] capturing a sharing group correctly ignores the @@ -5037,7 +5389,7 @@ Fix - however, show a clear message that this is the case - in-line with the rest of the ACL -- :lock: sharing group all org flag too lax. [iglocska] +- [security] sharing group all org flag too lax. [iglocska] - the all org flag was used as a trigger to make the sharing group obejct itself viewable to all local organisations - even if the all org flag was set for an instance other than the local one @@ -5152,7 +5504,7 @@ Fix proper message. [Tom King] Other ------ +~~~~~ - Merge pull request #7149 from JakubOnderka/csp-setting. [Jakub Onderka] @@ -5251,7 +5603,7 @@ Other fix: [internal] Empty object when getting event info for event report - Merge pull request #7097 from JakubOnderka/csp. [Jakub Onderka] - new: :lock: Content-Security-Policy support + new: [security] Content-Security-Policy support - Merge pull request #7102 from JakubOnderka/disable-sync-xhr. [Jakub Onderka] @@ -5372,6 +5724,7 @@ Other Galaxy view mini - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7029 from JakubOnderka/galaxy-cluster-description. @@ -5419,7 +5772,7 @@ Other - Merge pull request #6741 from JakubOnderka/security-diagnostics. [Jakub Onderka] - new: :lock: Security diagnostics + new: [security] Security diagnostics - Merge pull request #6938 from tomking2/feature/attribute_sightings. [Jakub Onderka] @@ -5480,11 +5833,12 @@ Other - Merge remote-tracking branch 'upstream/2.4' into bug/galaxy_cluster. [Tom King] + v2.4.139 (2021-02-16) --------------------- New ---- +~~~ - [widget] Eventstream widget and index widget UI added. [iglocska] - EventStream @@ -5501,7 +5855,7 @@ New Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [array lookup index field] updatd to work correctly. [iglocska] - [event model] fetchEvent() now accepts page/limit/order as parameters. @@ -5541,7 +5895,7 @@ Changes - Added a clarification that they can still pull Fix ---- +~~~ - [dashboard] removed training example left in the code. [iglocska] - restricted new module to only 3 user IDs @@ -5600,7 +5954,7 @@ Fix - invalid group by statement removed Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] @@ -5657,6 +6011,7 @@ Other fix: [internal] GalaxyCluster::getCluster also accepts ID - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #6993 from JakubOnderka/warninglist-index. [Jakub @@ -5716,6 +6071,8 @@ Other fix: [internal] idTranslator could show invalid results - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -5725,11 +6082,12 @@ Other fix: Elasticsearch complains when an IP is an empty string + v2.4.138 (2021-02-08) --------------------- New ---- +~~~ - [settings] Allow to use ThreatLevel.name for alert filter. [Jakub Onderka] - [test] Update github actions build to Ubuntu 20.04. [Jakub Onderka] @@ -5741,7 +6099,7 @@ New - 8.0 is not supported, let users know in a more obvious way Changes -------- +~~~~~~~ - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] @@ -5796,7 +6154,7 @@ Changes - Bumped queryversion. [mokaddem] Fix ---- +~~~ - [zmq/kafka] attribute edits should include non exportable attributes. [iglocska] - [UI] notice resolved on the feed index. [iglocska] @@ -5896,7 +6254,7 @@ Fix - [diagnostics] complain about PHP >= 8.0. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #6939 from JakubOnderka/warnings-fix. [Jakub Onderka] @@ -5937,6 +6295,8 @@ Other fix: [internal] First check if attribute value is valid composite - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Steve Clement] @@ -5990,6 +6350,7 @@ Other [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #6889 from JakubOnderka/log-org-filter. [Jakub Onderka] @@ -6052,11 +6413,12 @@ Other fix: [UI] Allow to sort feeds by name + v2.4.137 (2021-01-21) --------------------- New ---- +~~~ - [UI] Show event count in server popover for comparison. [Jakub Onderka] - [object add] make add event / edit event breakOnDuplicate aware. @@ -6100,23 +6462,23 @@ New sightings. [Jakub Onderka] - [UI] Show tag description if tag belongs to taxonomy. [Jakub Onderka] - [internal] New model method find('column') [Jakub Onderka] -- :lock: Check org list when accessing distribution graph. [Jakub +- [security] Check org list when accessing distribution graph. [Jakub Onderka] -- :lock: Test for hide_organisations_in_sharing_groups setting. +- [security] Test for hide_organisations_in_sharing_groups setting. [Jakub Onderka] -- :lock: Setting to hide orgs form sharing group view. [Jakub +- [security] Setting to hide orgs form sharing group view. [Jakub Onderka] - [internal] Allow to output directly TmpFileTool. [Jakub Onderka] - [UI] Show number of unique IPs for key usage. [Jakub Onderka] - [UI] Show last key usage in index table. [Jakub Onderka] - [UI] Show information about key expiration in server list. [Jakub Onderka] -- :lock: Cancel API session right after auth key is deleted. [Jakub +- [security] Cancel API session right after auth key is deleted. [Jakub Onderka] -- :lock: Put information about key expiration into response header. +- [security] Put information about key expiration into response header. [Jakub Onderka] -- :lock: Allow to set key validity. [Jakub Onderka] -- :lock: New setting Security.username_in_response_header. [Jakub +- [security] Allow to set key validity. [Jakub Onderka] +- [security] New setting Security.username_in_response_header. [Jakub Onderka] - [test] Check when `MISP.authkey_keep_session` is true. [Jakub Onderka] - [internal] Show auth key usage in key view page. [Jakub Onderka] @@ -6133,7 +6495,7 @@ New - run it via /var/www/MISP/app/Console/cake Statistics rommelfs Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - Bump PyMISP version. [Raphaël Vinot] - [pgp] default pgp key server updated to openpgp.circl.lu. [Alexandre @@ -6198,6 +6560,8 @@ Changes - [sync] Convert connection timeout to exception. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [optimisation] Faster Tag::fetchSimpleEventsForTag method. [Jakub Onderka] @@ -6262,6 +6626,7 @@ Changes - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] +- [PyMISP] updated. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [doc] From Travis to GH action. [Alexandre Dulaunoy] @@ -6275,7 +6640,7 @@ Changes - [doc] Added new default flags. [Steve Clement] Fix ---- +~~~ - [helper:genericPicker] Adding object from pill selector - Prevents double encoding of the passed data. [mokaddem] - [login] Correctly convert old password hash to blowfish. [Jakub @@ -6283,24 +6648,24 @@ Fix - [login] Convert old password hash to blowfish. [Jakub Onderka] - [update] fixed due to issues introduced with the branch flag. [iglocska] -- :lock: Reflective XSS in the RestClient. [mokaddem] -- :lock: XSS in the user homepage favourite button. [iglocska] +- [security] Reflective XSS in the RestClient. [mokaddem] +- [security] XSS in the user homepage favourite button. [iglocska] - navigating to a url in MISP with the URL containing a javascript payload would cause the execution of reflected xss - automatically sanitised by modern browsers, but still confirmed via raw curl fetches -- :lock: XSS via galaxy cluster element values for reference types +- [security] XSS via galaxy cluster element values for reference types could contain javascript links. [iglocska] - ref type elements are automatically converted to links. A user would have to click a javascript: link for it to trigger, it's still too risky to keep as is - only urls starting with http:// and https:// are converted from here on - As reported by Patrik Kontura from ESET -- :lock: Stored XSS in the galaxy cluster view. [iglocska] +- [security] Stored XSS in the galaxy cluster view. [iglocska] - Galaxy cluster names were vulnerable to XSS injection - As reported by Patrik Kontura of ESET -- :lock: Require password confirmations by default. [iglocska] +- [security] Require password confirmations by default. [iglocska] - the setting is optional, but the default should be that it's required unless disabled @@ -6356,12 +6721,12 @@ Fix - [UI] Enable quick filter for auth keys. [Jakub Onderka] - [UI] Auth Key index and view changes and fixes. [Jakub Onderka] - [UI] Days to expire count. [Jakub Onderka] -- :lock: Do not return hashed authentication key after creation. +- [security] Do not return hashed authentication key after creation. [Jakub Onderka] - [internal] Check if setting value is scalar. [Jakub Onderka] -- :lock: Auth key must be always random generated at server side. +- [security] Auth key must be always random generated at server side. [Jakub Onderka] -- :lock: Do not allow to use API key authenticated session to do non +- [security] Do not allow to use API key authenticated session to do non API calls. [Jakub Onderka] - [internal] Remove unused variables. [Jakub Onderka] - [internal] Remove unused $user siteadmin variable. [Jakub Onderka] @@ -6402,7 +6767,7 @@ Fix - [delegation] invalid user call. [iglocska] Other ------ +~~~~~ - Merge pull request #6896 from JakubOnderka/fix-old-password-convert. [Jakub Onderka] @@ -6410,6 +6775,7 @@ Other - Merge branch 'old-hash-transfer' into 2.4. [Christophe Vandeplas] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. @@ -6419,11 +6785,13 @@ Other new: [UI] Show event count in server popover for comparison - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #6879 from JakubOnderka/first-seen-input-format. [Jakub Onderka] @@ -6460,6 +6828,7 @@ Other chg: [UI] Optimise fetching tags for picker - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #6865 from SteveClement/guides. [Andras Iklody] @@ -6614,6 +6983,7 @@ Other Optimisations vol2 - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #6797 from JakubOnderka/optimisations. [Jakub @@ -6662,6 +7032,7 @@ Other chg: [internal] Move user checks to one place - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #6782 from JakubOnderka/taxonomies-view. [Jakub Onderka] @@ -6783,11 +7154,12 @@ Other Best regards, Kamil + v2.4.136 (2020-12-16) --------------------- New ---- +~~~ - [CLI] Import events with compressed file support. [Jakub Onderka] Useful for importing big files @@ -6797,7 +7169,7 @@ New - [UI] Show number of events for sharing group. [Jakub Onderka] - [test] View org page. [Jakub Onderka] - [UI] Allow to search in sharing group list. [Jakub Onderka] -- :lock: Test if user can see sharing groups. [Jakub Onderka] +- [security] Test if user can see sharing groups. [Jakub Onderka] - [factories] generic confirmation UI factory added. [iglocska] - [Cerebrates] added Cerebrate sync functionality. [iglocska] @@ -6832,20 +7204,20 @@ New Onderka] - [test] Test for ApacheShibbAuth. [Jakub Onderka] - [test] Security test suite. [Jakub Onderka] -- :lock: New setting to check `Sec-Fetch-Site` header. [Jakub +- [security] New setting to check `Sec-Fetch-Site` header. [Jakub Onderka] -- :lock: Add new `Security.disable_browser_cache` option to disable +- [security] Add new `Security.disable_browser_cache` option to disable saving data to browser cache. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [UI] Nicer galaxy cluster view. [Jakub Onderka] - [UI] Nicer icon for discussion reply. [Jakub Onderka] - [UI] Move org UUID after ID to match other page style. [Jakub Onderka] - [UI] Add cancel for sharing group search. [Jakub Onderka] - [UI] Nicer title when creating event report. [Jakub Onderka] -- :lock: For `hide_organisation_index_from_users` hide orgs that +- [security] For `hide_organisation_index_from_users` hide orgs that make contribution that user cannot see. [Jakub Onderka] - [composer] Add ext-rdkafka as suggested dependency. [Jakub Onderka] - [UI] Use PGP instead of GnuGP, GnuPG is implementation. [Jakub @@ -6935,7 +7307,7 @@ Changes future Fix ---- +~~~ - [UI] Contact form text. [Jakub Onderka] - [distribution graph] Graph doesn't work for non sync users when event is shared to sharing group. [Jakub Onderka] @@ -6968,7 +7340,7 @@ Fix Onderka] - [internal] Undefined variable me. [Jakub Onderka] - [UI] Better error message for permission denied. [Jakub Onderka] -- :lock: Do not leak org names when +- [security] Do not leak org names when hide_organisation_index_from_users enabled. [Jakub Onderka] - [UI] Nicer error message for CSRF. [Jakub Onderka] - [internal] User should be able to see his org. [Jakub Onderka] @@ -7014,10 +7386,10 @@ Fix - [custompagination tool] hardcoded modelname fixed. [iglocska] - [doc] Location typo fixed. [Alexandre Dulaunoy] - [pgp] Key info for older GPG versions. [Jakub Onderka] -- :lock: XSS in authkey comment field. [Jakub Onderka] +- [security] XSS in authkey comment field. [Jakub Onderka] - [sightings] Support mysql in sql_mode=only_full_group_by. [Jakub Onderka] -- :lock: Remove hashed advanced keys from response. [Jakub Onderka] +- [security] Remove hashed advanced keys from response. [Jakub Onderka] - [bindmodel] added reset = false to the linking of users to authkeys. [Andras Iklody] @@ -7043,7 +7415,7 @@ Fix S/MIME label misaligned Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #6754 from JakubOnderka/fix-contact-ui. [Jakub Onderka] @@ -7083,7 +7455,7 @@ Other - Merge pull request #6738 from JakubOnderka/hide-orgs-dont-leak. [Jakub Onderka] - fix: :lock: Do not leak org names + fix: [security] Do not leak org names - Merge pull request #6735 from JakubOnderka/error-message. [Jakub Onderka] @@ -7099,7 +7471,7 @@ Other - Merge pull request #6721 from JakubOnderka/org-can-see. [Jakub Onderka] - chg: :lock: For `hide_organisation_index_from_users` hide more orgs + chg: [security] For `hide_organisation_index_from_users` hide more orgs - Merge pull request #6725 from JakubOnderka/object-delete-ui. [Jakub Onderka] @@ -7159,7 +7531,7 @@ Other - Merge pull request #6701 from JakubOnderka/security-sg-view. [Jakub Onderka] - new: :lock: Test if user can see sharing groups + new: [security] Test if user can see sharing groups - Merge pull request #6662 from JakubOnderka/php-test. [Jakub Onderka] Disable PHP 8 support @@ -7179,7 +7551,7 @@ Other [Alexandre Dulaunoy] Create JA3 Hash Suricata Rules -- \#6355 Create JA3 Hash Suricata Rules. [Alex Resnick] +- #6355 Create JA3 Hash Suricata Rules. [Alex Resnick] - Merge pull request #6697 from JakubOnderka/gpg-key-import-fix. [Jakub Onderka] @@ -7187,7 +7559,7 @@ Other - Merge pull request #6690 from JakubOnderka/xss-authkey-fix. [Jakub Onderka] - fix: :lock: XSS in authkey comment field + fix: [security] XSS in authkey comment field - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6675 from SteveClement/guides. [Steve Clement] @@ -7217,7 +7589,7 @@ Other - Merge pull request #6665 from JakubOnderka/remove-hashed-keys. [Jakub Onderka] - fix: :lock: Remove hashed advanced keys from response + fix: [security] Remove hashed advanced keys from response - Merge pull request #6664 from SteveClement/guides. [Steve Clement] chg: [fmt] Make it look better @@ -7254,7 +7626,7 @@ Other - Merge pull request #6081 from JakubOnderka/security_disable_browser_cache. [Jakub Onderka] - new: :lock: HTTP headers hardening + new: [security] HTTP headers hardening - Merge pull request #6646 from JakubOnderka/gpg-key-validation. [Jakub Onderka] @@ -7269,11 +7641,12 @@ Other chg: [internal] Optimise attribute search in UI + v2.4.135 (2020-11-24) --------------------- New ---- +~~~ - [datamodels] added jarm-fingerprint type. [Kory Kyzar] - [galaxyCluster:index] Added badge showing number of custom clusters. [mokaddem] @@ -7346,15 +7719,16 @@ New cluster's elements to his parent. [mokaddem] - [galaxyClusters:add] Added UI to create/edit GalaxyClusterElements. [mokaddem] -- [galaxyCluster] Initial import of Galaxy2.0 codebase - :construction:. [mokaddem] +- [galaxyCluster] Initial import of Galaxy2.0 codebase - WiP. [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [attribute] new process-state type. [Alexandre Dulaunoy] - Add optional dep (email) [Raphaël Vinot] +- Add optional dep (email) [Raphaël Vinot] - [PyMISP] updated for jarm-fingerprint type. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [installer] Update to latest version. [Steve Clement] @@ -7478,9 +7852,9 @@ Changes in fact MISP Objects - [galaxy:export] Improved misp-galaxy format export and added notice. [mokaddem] -- [galaxy:export] Started conversion tool to misp-galaxy format - :construction:. +- [galaxy:export] Started conversion tool to misp-galaxy format - WiP. [mokaddem] -- [galaxies:export] Added form entry to specify the export format - :construction:. +- [galaxies:export] Added form entry to specify the export format - WiP. [mokaddem] - Bumped queryversion. [mokaddem] - [rest] Faster attributes restSearch. [Jakub Onderka] @@ -7628,7 +8002,7 @@ Changes - [galaxyCluster] Centralized permission checks and code refactoring. [mokaddem] - [galaxyCluster] Replaced `galaxyCluster->find` by its ACL-aware - counterpart where applicable - :construction:. [mokaddem] + counterpart where applicable - WiP. [mokaddem] - [clusterRelation] Unpublish source cluster when altering a relation. [mokaddem] - [servers:getVersion] Return `perm_galaxy_editor` status. [mokaddem] @@ -7765,7 +8139,7 @@ Changes - [galaxyClusters:view] Added forked version number. [mokaddem] - [galaxy:fork_tree] Version's rectangle with is now dynamically computed. [mokaddem] -- [galaxy:fork_tree] Added version node - :construction:. [mokaddem] +- [galaxy:fork_tree] Added version node - WiP. [mokaddem] - [galaxy:fork_tree] Added more information in the tooltip. [mokaddem] - [galaxyClusters] Added column `extends_version` [mokaddem] - [galaxy:fork_tree] Adapth root node size. [mokaddem] @@ -7779,7 +8153,7 @@ Changes - [galaxy:fork_tree] Moved generation in the model. [mokaddem] - [galaxy:fork_tree] Doubleclick redirects to the cliked element. [mokaddem] -- [galaxy:fork_tree] Added fork tree visualisation - :construction:. [mokaddem] +- [galaxy:fork_tree] Added fork tree visualisation - WiP. [mokaddem] - [genericForm:extend] Adde `extended_generic` that support both `extended_by` and `extended_from` [mokaddem] - [galaxyCluster:sidebar] Reorganised the sidebar a bit. [mokaddem] @@ -7796,8 +8170,8 @@ Changes - [galaxyCluster:fetchClusters] Added function. [mokaddem] Fix ---- -- :lock: Make cluster's elements adhere to ACL. [mokaddem] +~~~ +- [security] Make cluster's elements adhere to ACL. [mokaddem] - Missing dep in actions. [Raphaël Vinot] - [installer] Added missing checkout. [Steve Clement] - [galaxy update] tag capture fixed. [iglocska] @@ -7826,14 +8200,14 @@ Fix [mokaddem] - [galaxy:update] Correctly delete clusters when performing a force update. [mokaddem] -- :lock: XSS in the template element index view - As reported by +- [security] XSS in the template element index view - As reported by Rubin Azad. [mokaddem] - [object] Send all required arguments. [mokaddem] - [authkey] default value incorrect. [iglocska] - [galaxy:update] Make sure the fake user has the perm_sync right. [mokaddem] - [UI] Correct path to user profile from authkey view. [Jakub Onderka] -- :lock: Proper check who can view new authkeys. [Jakub Onderka] +- [security] Proper check who can view new authkeys. [Jakub Onderka] - [test] Do not pull PyMISP. [Jakub Onderka] - [internal] MISP update without branch. [Jakub Onderka] - [test] Run updates. [Jakub Onderka] @@ -7857,7 +8231,7 @@ Fix key. [iglocska] - [tag:search] Correctly pass user data. [mokaddem] - [UI] Put back requesting API access to user page. [Jakub Onderka] -- :lock: Properly validate new auth key. [Jakub Onderka] +- [security] Properly validate new auth key. [Jakub Onderka] - [UI] Cerebrate -> MISP. [Jakub Onderka] - [MYSQL.sql] added first/last seen. [iglocska] - [MYSQL.sql] removed duplicate entry. [iglocska] @@ -8136,7 +8510,7 @@ Fix [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] @@ -8296,6 +8670,8 @@ Other [mokaddem] - Merge branch 'CRUD' into 2.4. [iglocska] - Merge branch '2.4' into CRUD. [iglocska] +- Merge branch '2.4' into CRUD. [iglocska] +- Merge branch '2.4' into CRUD. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6560 from JakubOnderka/rest-client-handle- @@ -8398,11 +8774,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] + v2.4.134 (2020-11-02) --------------------- New ---- +~~~ - [tag index] simple/advanced view. [iglocska] - simple view excludes eventtags / attributetags / sightings @@ -8432,7 +8809,7 @@ New [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-taxonomies] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] @@ -8520,12 +8897,12 @@ Changes replacements. [mokaddem] Fix ---- +~~~ - [stix import] Avoiding issue with test_mechanisms with no rule value. [chrisr3d] - [internal] Remove warning when modules are not reachable. [Jakub Onderka] -- :lock: SSRF fixed in the rest client. [iglocska] +- [security] SSRF fixed in the rest client. [iglocska] - by using the full path parameter in the rest client, users could issue queries to any server - this becomes especially problematic when the MISP server is able to query other internal servers, @@ -8553,7 +8930,7 @@ Fix - [UI] Show error if multiSelectAction fails. [Jakub Onderka] - [eventReport] Correctly tag event if requested + undefined variable. [mokaddem] -- \#6354. [Nick] +- #6354. [Nick] fix: #6354 @@ -8586,10 +8963,11 @@ Fix [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #6535 from JakubOnderka/module-warning-fix. [Jakub Onderka] @@ -8775,11 +9153,12 @@ Other chg: [UI] Fixes for user profile admin view + v2.4.133 (2020-10-16) --------------------- New ---- +~~~ - [UI] Use flag icons from Twemoji. [Jakub Onderka] - [UI] Show organisation nationality flag. [Jakub Onderka] - [attribute type] cpe Common Platform Enumeration attribute type added. @@ -8834,7 +9213,7 @@ New [mokaddem] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] @@ -9101,9 +9480,9 @@ Changes - [eventReport] Added comments. [mokaddem] - [eventReports] Prevent fields override. [mokaddem] - [eventReport] Moved event unpublishing to model. [mokaddem] -- [eventReport] Started refactoring model - :construction:. [mokaddem] +- [eventReport] Started refactoring model - WiP. [mokaddem] - [eventReports] Refactored indexes. [mokaddem] -- [eventReports] Major refactoring - :construction:. [mokaddem] +- [eventReports] Major refactoring - WiP. [mokaddem] - [eventReport] Improved authorization error reporting. [mokaddem] - [eventReports] Added event unpublishing. [mokaddem] - [eventReports] Few UI improvements. [mokaddem] @@ -9136,7 +9515,7 @@ Changes - [eventReports] Deleted unused file. [mokaddem] - [eventReport] Improved UI and added support of soft/hard deletion. [mokaddem] -- [eventReport] Started rework on CRUD operations - :construction:. [mokaddem] +- [eventReport] Started rework on CRUD operations - WiP. [mokaddem] - [markdownEditor] Increased debounced render timer. [mokaddem] - [markdownEditor] highlight unsaved changes. [mokaddem] - [markdownEditor] Support of lastmodified and UI improvements when @@ -9202,11 +9581,11 @@ Changes - [markdownView] Improved layout. [mokaddem] - [eventReport] Improved models and markdown editor. [mokaddem] - [eventReport] Added markdown-it dependency and started integration - - :construction:. [mokaddem] -- [eventReport] Continuation of implementation - :construction:. [mokaddem] + WiP. [mokaddem] +- [eventReport] Continuation of implementation - WiP. [mokaddem] Fix ---- +~~~ - [server] caching notice fixed. [iglocska] - [UI] Do not show quick edit for deleted attributes and when user don't have permission. [Jakub Onderka] @@ -9435,7 +9814,7 @@ Fix - no longer hides tags that should be included in the export Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'tagfix' into 2.4. [iglocska] @@ -9781,11 +10160,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into feature-event-report. [mokaddem] + v2.4.132 (2020-09-15) --------------------- Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [queryversion] Bumped. [mokaddem] - [bootstrap-datepicker] Updated to version 1.9.0. [mokaddem] @@ -9805,7 +10185,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [users] Avoid POSTing forms not linked to the login page resulting in unwanted actions. [mokaddem] @@ -9816,6 +10196,7 @@ Fix - [Server] only push events/sightings when selected. [Richard van den Berg] - [cleanup] [iglocska] +- [cleanup] [iglocska] - [string concat] fix. [iglocska] - [cleanup] debug. [iglocska] - [internal] Correctly handle positive tag filters for non site admins. @@ -9825,7 +10206,7 @@ Fix - [internal] Nonsense index names. [Jakub Onderka] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Bumped db_schema. [Sami Mokaddem] - Merge branch 'fix-login' into 2.4. [mokaddem] @@ -9846,11 +10227,12 @@ Other - Merge pull request #6272 from JakubOnderka/uuid-validation. [Jakub Onderka] + v2.4.131 (2020-09-08) --------------------- New ---- +~~~ - [types] pgp-public-key/pgp-private-key added. [iglocska] - [internal] filter "type" added for the internal fetcher. [iglocska] @@ -9866,7 +10248,7 @@ New - also added a new special permission for the ACL system host_org_user - which will evaluate whether the user is in the org configured in the MISP.host_org_id directive Changes -------- +~~~~~~~ - Bumped MISP objects latest version. [chrisr3d] - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] @@ -9914,6 +10296,7 @@ Changes - [internal] Use faster fetcher for viewing sightings. [Jakub Onderka] - [JS libraries] Updated to latest version. [mokaddem] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [internal] Using Allowedlist instead of Whitelist. [Golbark] - [internal] Using blocklist instead of blacklist. [Golbark] - [internal] Removed unused variables. [Jakub Onderka] @@ -9952,7 +10335,7 @@ Changes eventblacklists controller. [iglocska] Fix ---- +~~~ - [widgets] Adding images by default on the repository (#6298) [Loïc Fortemps] - [validation] relaxed first/last/middle name validation. [iglocska] @@ -10023,7 +10406,8 @@ Fix - [internal] Remove unused compositeTypes variable. [Jakub Onderka] Other ------ +~~~~~ +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #6297 from JakubOnderka/fix-merging-events. [Jakub @@ -10158,6 +10542,7 @@ Other * Additionnal protection against XSS, the response type defaults to html while it should be JSON. * new: widget: Achievements widget * Update AchievementsWidget.php + * Update AchievementsWidget.php * Visual adjustments, new badges * i18n * indentation to MISP convention @@ -10191,11 +10576,12 @@ Other titles for actions in the admin user index table, - Added a few missing aria labels in the global menu. [Olivier BERT] + v2.4.130 (2020-08-20) --------------------- New ---- +~~~ - [internal] cache tags instead of loading them over and over via the event fetcher, fixes #6201. [iglocska] @@ -10223,7 +10609,7 @@ New Fixes #4908 and #4805 Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump tag. [Raphaël Vinot] @@ -10362,15 +10748,15 @@ Changes - [diagnostic] Updated required stix2 library version. [chrisr3d] Fix ---- +~~~ - [internal] Syntax error in bootstrap.default.php. [Jakub Onderka] - [invalid element reference] element filepath was incorrectly treated as a url. [iglocska] - [UI] Show correct options in menu. [Jakub Onderka] - [internal] Notice when adding tag to collection. [Jakub Onderka] -- :lock: Check tag restriction for collection tags. [Jakub Onderka] -- :lock: Check tag restriction for attribute tags. [Jakub Onderka] -- :lock: Check tag restriction for event tags. [Jakub Onderka] +- [security] Check tag restriction for collection tags. [Jakub Onderka] +- [security] Check tag restriction for attribute tags. [Jakub Onderka] +- [security] Check tag restriction for event tags. [Jakub Onderka] - [attachment] Do not fetch attachment when accepting deletion proposal. [Jakub Onderka] - [UI] Showing image thumbnail. [Jakub Onderka] @@ -10395,30 +10781,30 @@ Fix - [events:queryEnrichment] Recovers tag colour. [mokaddem] - Fix #6186 -- :lock: Check if user can access sharing group when uploading +- [security] Check if user can access sharing group when uploading attachment. [Jakub Onderka] - [UI] Bad merge for mass edit form. [Jakub Onderka] - [proposals] Downloading proposal attachment. [Jakub Onderka] - [ACL] Allow proposal author to discard it. [Jakub Onderka] -- :lock: Respect ACL for freetext import. [Jakub Onderka] -- :lock: Throw exception if invalid data provided. [Jakub Onderka] +- [security] Respect ACL for freetext import. [Jakub Onderka] +- [security] Throw exception if invalid data provided. [Jakub Onderka] - [ACL] Use common methods for ACL when editing object reference. [Jakub Onderka] - [ACL] Unpublished private for object do not apply for site admin. [Jakub Onderka] -- :lock: Sharing groups for objects respect permissions. [Jakub +- [security] Sharing groups for objects respect permissions. [Jakub Onderka] - [tags] Show just tags that user can really use. [Jakub Onderka] -- :lock: Respect ACL for proposals. [Jakub Onderka] +- [security] Respect ACL for proposals. [Jakub Onderka] - [proposals] Respect unpublished private event when loading proposals. [Jakub Onderka] - [internal] Check `allow_disabling_correlation` before correlation toggle. [Jakub Onderka] -- :lock: ACL check when loading ajax tags. [Jakub Onderka] -- :lock: ACL check when adding or removing tags. [Jakub Onderka] -- :lock: ACL check when editing multiple event attributes. [Jakub +- [security] ACL check when loading ajax tags. [Jakub Onderka] +- [security] ACL check when adding or removing tags. [Jakub Onderka] +- [security] ACL check when editing multiple event attributes. [Jakub Onderka] -- :lock: Respect ACL when event edit. [Jakub Onderka] +- [security] Respect ACL when event edit. [Jakub Onderka] - [stix import] Better TTPs parsing for external STIX. [chrisr3d] - [stix import] Fixed parameter determining if a ttp should be handled as attribute/object or as galaxy. [chrisr3d] @@ -10577,7 +10963,7 @@ Fix - [internal] Reduce number of regexp in refang table. [Jakub Onderka] - [freetext] Handle IPv6 and punycode domains when import. [Jakub Onderka] -- :lock: xss fix missing part of solution. [iglocska] +- [security] xss fix missing part of solution. [iglocska] - the previous fix to the xss in the homepage setter was lacking the controller changes due to a partial commit (#bf4610c947c7dc372c4078f363d2dff6ae0703a8) @@ -10587,33 +10973,43 @@ Fix empty. [chrisr3d] Other ------ +~~~~~ - Merge pull request #6204 from JakubOnderka/2.4. [Jakub Onderka] fix: [internal] Syntax error in bootstrap.default.php - Merge branch 'baseurl' into 2.4. [iglocska] - Syntax check and fix. [Vito Piserchia] - Recover from upstream version missing bits. [Vito Piserchia] +- Recover from upstream version missing bits. [Vito Piserchia] - Merge remote-tracking branch 'upstream/2.4' into baseurl-patch. [Vito Piserchia] - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix genericPopup. [johndoe] - Use this here. [johndoe] +- Use this here. [johndoe] - Rebase continue. [Vito Piserchia] - Fix rebase. [johndoe] +- Fix rebase. [johndoe] +- Fix rebase. [johndoe] +- Fix rebase. [johndoe] +- Fix rebase. [johndoe] - Fixed Codacy warnings. [Léarch] - Corrected redirections. [Léarch] See the following for an explanation: https://stackoverflow.com/questions/6836990/how-to-get-complete-current-url-for-cakephp#comment11184149_6875310 - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix rebase. [johndoe] - Rebase continue. [Vito Piserchia] - Added missed variable declaration. [Vito Piserchia] - Improve code quality. [Vito Piserchia] - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix genericPopup. [Vito Piserchia] - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix baseurl use to view organizations. [Léarch] - Fixed Codacy warnings. [Léarch] - Corrected redirections. [Léarch] @@ -10621,6 +11017,7 @@ Other See the following for an explanation: https://stackoverflow.com/questions/6836990/how-to-get-complete-current-url-for-cakephp#comment11184149_6875310 - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - More merge fixes. [Vito Piserchia] - Resolve merge. [Vito Piserchia] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -10670,7 +11067,7 @@ Other - Merge pull request #6181 from JakubOnderka/checek-sg-perm. [Jakub Onderka] - fix: :lock: Check if user can access sharing group when uploading… + fix: [security] Check if user can access sharing group when uploading… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6178 from JakubOnderka/fix-mass-edit. [Jakub Onderka] @@ -10683,11 +11080,11 @@ Other - Merge pull request #6172 from JakubOnderka/freetext-import-acl2. [Jakub Onderka] - fix: :lock: Respect ACL for freetext import + fix: [security] Respect ACL for freetext import - Merge pull request #6136 from JakubOnderka/acl-can-modify-chekcs. [Jakub Onderka] - fix: :lock: Respect ACL when event edit + fix: [security] Respect ACL when event edit - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] @@ -10875,11 +11272,12 @@ Other fix: [freetext] Handle IPv6 and punycode domains when import + v2.4.129 (2020-07-13) --------------------- New ---- +~~~ - [diag] Check if ZIP extension is installed. [Jakub Onderka] - [merge] functionality reworked. [iglocska] @@ -10898,7 +11296,7 @@ New - to be extended with other similar tasks Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [stix2 library] Bumped latest version. [chrisr3d] - [UI] Add attribute fixes. [Jakub Onderka] @@ -10928,7 +11326,7 @@ Changes - [statistics shell] added total commit count. [iglocska] Fix ---- +~~~ - [installer] Update to latest. [Steve Clement] - [StixExport] suppress unlink warnings. [Richard van den Berg] - [stix export] log stack trace on error, support 'AMBER NATO ALLIANCE' @@ -10961,7 +11359,7 @@ Fix - Duplication can happen when the result of the import process is an event that already exists -- :lock: setting a favourite homepage was not CSRF protected. +- [security] setting a favourite homepage was not CSRF protected. [iglocska] - a user could be lured into setting a MISP home-page outside of the MISP baseurl @@ -10979,11 +11377,11 @@ Fix Do not send that GPG or Public key are sent as attachment, when user don't have them - [proposals] re-edded the edit view for propsoals. [iglocska] -- :lock: Remove ShadowAttributesController::{getProposalsByUuid,getP +- [security] Remove ShadowAttributesController::{getProposalsByUuid,getP roposalsByUuidList} [Jakub Onderka] These methods are not used, but they let sync users to access proposals for any event. -- :lock: Remove +- [security] Remove ShadowAttributesController::{fetchEditForm,editField} [Jakub Onderka] These methods are not used, but they allow to access attribute data without proper ACL checks. @@ -11002,19 +11400,19 @@ Fix - When capturing, roaming mode was always defaulted to false - The logs could not be written due to non-initialized class - [acl] Added event block rule. [iglocska] -- :lock: Check event ACL before allowing user to send event contact +- [security] Check event ACL before allowing user to send event contact form. [Jakub Onderka] - [stix2 export] Fixed first_seen/last_seen field parsing. [chrisr3d] - [returnAttributes] remap small cleanup. [iglocska] - no need to set xml as returnformat, it's the default based on the injected params -- :lock: deprecated function with lacking ACL removed. [iglocska] +- [security] deprecated function with lacking ACL removed. [iglocska] - replaced deprecated, sharing group unaware, broken function with one that follows the documentation of the deprecated endpoint - keeping it alive until we purge the deprecated ones in the move to MISP 3/next whatever - Thanks to Jakub Onderka for reporting it! -- :lock: Insufficient ACL checks in the attachment downloader fixed +- [security] Insufficient ACL checks in the attachment downloader fixed - Thanks to Jakub Onderka for reporting it. [mokaddem] - [tag:checkForOverride] Catch if tag didn't have a numerical value before the override. [mokaddem] @@ -11053,7 +11451,7 @@ Fix - [internal] HTML code fix. [Jakub Onderka] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6110 from RichieB2B/ncsc-nl/unlink. [Andras Iklody] @@ -11120,11 +11518,11 @@ Other - Merge pull request #6095 from JakubOnderka/shadow-attribute-unused- vol2. [Andras Iklody] - fix: :lock: Remove ShadowAttributesController::{getProposalsByUuid,getProposalsByUuidList} + fix: [security] Remove ShadowAttributesController::{getProposalsByUuid,getProposalsByUuidList} - Merge pull request #6093 from JakubOnderka/shadow-attribute-unused. [Andras Iklody] - fix: :lock: Remove ShadowAttributesController::{fetchEditForm,editField} + fix: [security] Remove ShadowAttributesController::{fetchEditForm,editField} - Merge pull request #6094 from RichieB2B/ncsc-nl/stop-loop. [Andras Iklody] @@ -11151,7 +11549,7 @@ Other - Merge pull request #6077 from JakubOnderka/contact-acl. [Andras Iklody] - fix: :lock: Check event ACL before allowing user to send event contact form + fix: [security] Check event ACL before allowing user to send event contact form - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -11198,16 +11596,17 @@ Other fix: [internal] HTML code fix + v2.4.128 (2020-06-22) --------------------- New ---- +~~~ - [correlations] Enable CIDR correlations for ip-src|port and ip- dst|port types. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [stix2 import] Parsing external pattern made with 'OR' separators the @@ -11291,7 +11690,7 @@ Changes tag names about galaxies Fix ---- +~~~ - [stix2 import] Quick issues fixing. [chrisr3d] - Fixed issue that could happen sometimes during @@ -11622,14 +12021,14 @@ Fix correlations. [iglocska] - Thanks to Jakub Onderka for reporting and providing a fix to this! -- :lock: missing ACL lookup on attribute correlations. [iglocska] +- [security] missing ACL lookup on attribute correlations. [iglocska] - attribute correlation ACL checks are skipped when querying the attribute restsearch API revealing metadata about a correlating but unreachable attribute. - Thanks to Jakub Onderka for his tireless work and for reporting this! Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'rework_stix' into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. @@ -11656,17 +12055,17 @@ Other add [widget] Authentication failure widget - Add [widget] Authentication failure widget. [Jean-Louis Huynen] -- :construction: [stix2 import] More complete external patterns mapping. +- Wip: [stix2 import] More complete external patterns mapping. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external domain, ip & network traffic +- Wip: [stix2 import] Importing external domain, ip & network traffic patterns. [chrisr3d] -- :construction: [stix2 import] Importing external network traffic patterns. +- Wip: [stix2 import] Importing external network traffic patterns. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external email patterns. [chrisr3d] +- Wip: [stix2 import] Importing external email patterns. [chrisr3d] - Parsing function to split attachments fields from all the other fields already implemented, @@ -11674,16 +12073,16 @@ Other attributes handling at the end - Also slight fixes on the from, to and cc refs following the last fix on the export side -- :construction: [stix2 import] Handling import case for indicators of which we +- Wip: [stix2 import] Handling import case for indicators of which we already parsed the pattern. [chrisr3d] -- :construction: [stix2 import] Importing external process indicators. [chrisr3d] -- :construction: [stix2 import] Importing external url indicator based on the +- Wip: [stix2 import] Importing external process indicators. [chrisr3d] +- Wip: [stix2 import] Importing external url indicator based on the pattern mapping already implemented. [chrisr3d] - tl;dr: We just took the parsed attributes and callled the appropriate function to handle the import case (attribute or object) -- :construction: [stix2 import] Importing external user-account indicators. +- Wip: [stix2 import] Importing external user-account indicators. [chrisr3d] - Also fixed some user-account and credential @@ -11694,18 +12093,18 @@ Other documents generated with MISP. [chrisr3d] - Little typo and copy-paste issue -- :construction: [stix2 import] Parsing external process observable objects. +- Wip: [stix2 import] Parsing external process observable objects. [chrisr3d] - Also changed parsing of process observable objects from STIX documents generated with MISP to apply the same logic to both use cases -- :construction: [stix2 import] Parsing external user_account observable objects. +- Wip: [stix2 import] Parsing external user_account observable objects. [chrisr3d] - Mapping into credential or user-account MISP objects depending on the case -- :construction: [stix2 import] Finally parsing properly external network traffic +- Wip: [stix2 import] Finally parsing properly external network traffic observable objects with their references and potential extensions. [chrisr3d] @@ -11725,32 +12124,32 @@ Other common point afterwards - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Network traffic references parsing function for +- Wip: [stix2 import] Network traffic references parsing function for further reuse. [chrisr3d] -- :construction: [stix2 import] Importing external autonomous system observable +- Wip: [stix2 import] Importing external autonomous system observable objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external x509 observable objects. +- Wip: [stix2 import] Importing external x509 observable objects. [chrisr3d] -- :construction: [stix2 import] Importing mac-address external observable objects. +- Wip: [stix2 import] Importing mac-address external observable objects. [chrisr3d] - Also changed the recently changed mutex import to reuse a function to parse all observable objects of an observed-data object at once to import single attributes -- :construction: [stix2 import] Importing external mutex observable objects. +- Wip: [stix2 import] Importing external mutex observable objects. [chrisr3d] - Also change on a function name for more clarity and to differenciate more easily functions for observable objects and patterns -- :construction: [stix2 import] Importing external registry-key observable +- Wip: [stix2 import] Importing external registry-key observable objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Updated external observable mapping: files with +- Wip: [stix2 import] Updated external observable mapping: files with artifact & directory references. [chrisr3d] - The parsing logic is already there since files @@ -11759,13 +12158,13 @@ Other the mapping dictionary - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external url observable objects. +- Wip: [stix2 import] Importing external url observable objects. [chrisr3d] -- :construction: [stix2 import] Added warning message if not all the observable +- Wip: [stix2 import] Added warning message if not all the observable objects are referenced by an email-message object. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Import of external email message & address +- Wip: [stix2 import] Import of external email message & address observable objects. [chrisr3d] - Reuse of some parsing functions for external and @@ -11774,18 +12173,18 @@ Other parsing email addresses, body & content refs references by email message objects - Fixed another indentation issue -- :construction: [stix2 import] Import of domain and ip observable objects. +- Wip: [stix2 import] Import of domain and ip observable objects. [chrisr3d] - Also quick indentation fix - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Import of network-traffic and ip external +- Wip: [stix2 import] Import of network-traffic and ip external observable objects. [chrisr3d] - Ongoing rework for external observable objects and patterns in progress -- :construction: [stix2 import] Import of external file observable objects. +- Wip: [stix2 import] Import of external file observable objects. [chrisr3d] - Support of PE extension to create PE object(s) @@ -11797,7 +12196,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Starting parsing external observable objects. +- Wip: [stix2 import] Starting parsing external observable objects. [chrisr3d] - Started with file observables @@ -11806,9 +12205,9 @@ Other object type we want and all the references - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Struggling with the files and payloads import. +- Wip: [stix2 import] Struggling with the files and payloads import. [chrisr3d] -- :construction: [stix2 import] Removed unused mapping dict + moved constant to +- Wip: [stix2 import] Removed unused mapping dict + moved constant to the mapping script. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] @@ -11816,7 +12215,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 export] Moved dictionaries in the mapping file & using the +- Wip: [stix2 export] Moved dictionaries in the mapping file & using the complete import path instead of import * from the mapping file. [chrisr3d] @@ -11828,7 +12227,7 @@ Other the main script - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Moving small parsing functions to the main script. +- Wip: [stix2 import] Moving small parsing functions to the main script. [chrisr3d] - Also passing the function names only instead of @@ -11853,11 +12252,11 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Parsing single external IP v4 or v6 address. +- Wip: [stix2 import] Parsing single external IP v4 or v6 address. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Parsing external relationships, galaxies, tags & +- Wip: [stix2 import] Parsing external relationships, galaxies, tags & reports. [chrisr3d] (+ Quick fix on internal tags handling) @@ -11869,7 +12268,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Handling File objects with PE extension & +- Wip: [stix2 import] Handling File objects with PE extension & sections. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] @@ -11893,17 +12292,17 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Separating file extensions to be parsed later. +- Wip: [stix2 import] Separating file extensions to be parsed later. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Better attack-pattern external references parsing +- Wip: [stix2 import] Better attack-pattern external references parsing + parsing external galaxies. [chrisr3d] -- :construction: [stix2 import] Parsing attack-pattern, course-of-action and +- Wip: [stix2 import] Parsing attack-pattern, course-of-action and vulnerability objects from external stix files. [chrisr3d] -- :construction: [stix2 import] Making difference between external and from MISP +- Wip: [stix2 import] Making difference between external and from MISP for some STIX object types. [chrisr3d] - Including Attack Pattern, Course of Action and @@ -11911,17 +12310,17 @@ Other - Also better file pattern parsing - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Better parsing for more external patterns. +- Wip: [stix2 import] Better parsing for more external patterns. [chrisr3d] -- :construction: [stix2 import] Some more external pattern mapped. [chrisr3d] +- Wip: [stix2 import] Some more external pattern mapped. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Starting parsing external patterns. [chrisr3d] -- :construction: [stix2 import] Some quick clean-up. [chrisr3d] +- Wip: [stix2 import] Starting parsing external patterns. [chrisr3d] +- Wip: [stix2 import] Some quick clean-up. [chrisr3d] - Preparing for the future 2.1 import - Removing mapping variables no longer used @@ -11935,53 +12334,53 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing reports external references as links. +- Wip: [stix2 import] Importing reports external references as links. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Proper parsing of galaxies, and tags. [chrisr3d] +- Wip: [stix2 import] Proper parsing of galaxies, and tags. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Loading relationships in a dictionary. [chrisr3d] +- Wip: [stix2 import] Loading relationships in a dictionary. [chrisr3d] - Thus we can parse them afterwards depending on the type of objects they put into relationship -- :construction: [stix2 import] Properly loading galaxies as tags. [chrisr3d] -- :construction: [stix2 import] Import of CourseOfAction, AttackPattern and +- Wip: [stix2 import] Properly loading galaxies as tags. [chrisr3d] +- Wip: [stix2 import] Import of CourseOfAction, AttackPattern and Vulnerability as objects reworked. [chrisr3d] -- :construction: [stix2 export] Defining relationships between observed-data and +- Wip: [stix2 export] Defining relationships between observed-data and galaxy objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] -- :construction: [stix2 import] Updated mapping library + removed +- Wip: [stix2 import] Updated mapping library + removed disable_correlation flags. [chrisr3d] - Since we use the object templates directly for the objects creation, we do not need to have the flag here. -- :construction: [stix2 import] Observable import rework completed. [chrisr3d] -- :construction: [stix2 import] Process observables import reworked. [chrisr3d] -- :construction: [stix2 import] More observable objects reworked. [chrisr3d] +- Wip: [stix2 import] Observable import rework completed. [chrisr3d] +- Wip: [stix2 import] Process observables import reworked. [chrisr3d] +- Wip: [stix2 import] More observable objects reworked. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] -- :construction: [stix2 import] User Account objects import reworked. [chrisr3d] -- :construction: [stix2 import] ASN observable import reworked + functions +- Wip: [stix2 import] User Account objects import reworked. [chrisr3d] +- Wip: [stix2 import] ASN observable import reworked + functions ordered. [chrisr3d] -- :construction: [stix2 import] Credential observable import + standard observable +- Wip: [stix2 import] Credential observable import + standard observable parsing function reworked. [chrisr3d] -- :construction: [stix2 import] Network socket import reworked. [chrisr3d] -- :construction: [stix2 import] Import of network connection objects from +- Wip: [stix2 import] Network socket import reworked. [chrisr3d] +- Wip: [stix2 import] Import of network connection objects from observable. [chrisr3d] -- :construction: [stix2 import] Started reworking observable objects import. +- Wip: [stix2 import] Started reworking observable objects import. [chrisr3d] -- :construction: [stix2 import] All known MISP objects mapped with STIX patterning +- Wip: [stix2 import] All known MISP objects mapped with STIX patterning are now reworked. [chrisr3d] -- :construction: [stix2 import] Email pattern import. [chrisr3d] -- :construction: [stix2 import] File patterns import reworked. [chrisr3d] -- :construction: [stix2 import] Cleaner pattern import into objects. [chrisr3d] +- Wip: [stix2 import] Email pattern import. [chrisr3d] +- Wip: [stix2 import] File patterns import reworked. [chrisr3d] +- Wip: [stix2 import] Cleaner pattern import into objects. [chrisr3d] - Add: [stix2 export] Exporting process image attribute in observable objects. [chrisr3d] -- :construction: [stix2 import] Reworking stix2 import. [chrisr3d] +- Wip: [stix2 import] Reworking stix2 import. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -11995,11 +12394,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.127 (2020-06-16) --------------------- New ---- +~~~ - [cli] Command for pulling from all remote servers. [Jakub Onderka] - [Tag] Allow Tag's numerical_values to be overriden by userSettings. [mokaddem] @@ -12013,7 +12413,7 @@ New With more tabs, navigation between tabs with different events can be pain, when all of them has the same title. Changes -------- +~~~~~~~ - [PyMISP] Bump. [Raphaël Vinot] - [version] bump. [iglocska] - [internal] Log exception if exception is thrown during event @@ -12080,7 +12480,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [UI] Double Discussion header when sending comment. [Jakub Onderka] - [internal] object level restsearch issues resolved when querying via filters on the attribute scope, fixes #6016. [iglocska] @@ -12127,7 +12527,7 @@ Fix - [whitelist] Correclty refresh the cached values. Fix #3772. [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #5992 from JakubOnderka/download-event-log- @@ -12271,11 +12671,12 @@ Other - Merge branch 'pr-5256' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5256. [mokaddem] + v2.4.126 (2020-05-18) --------------------- New ---- +~~~ - [internal] Do not log auhtkeys. [Jakub Onderka] - [tool] Generates communities webpage. [Christophe Vandeplas] - [pubsub] Show info about processed messages. [Jakub Onderka] @@ -12302,12 +12703,13 @@ New - [statistics] added contributing org count. [iglocska] Changes -------- +~~~~~~~ - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [ui] Simplified code for OrgImgHelper. [Jakub Onderka] - [installer] Version bump. [Steve Clement] +- [installer] Version bump. [Steve Clement] - [installer] Update after Kali Linux fix. [Steve Clement] - [kali] More fixes, perhaps installing cake is useful?! 200QI. [Steve Clement] @@ -12360,14 +12762,15 @@ Changes - [roles] allow the creation site admin enabled roles without auth access. [iglocska] - [i18n] Updated: zh-s. [Applenice] +- [i18n] Updated: zh-s. [Applenice] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Bump version. [Steve Clement] - [doc] Make misp-modules work again. [Steve Clement] - [installer] Version Bump. [Steve Clement] Fix ---- -- :lock: xss in the resolved attributes view. [iglocska] +~~~ +- [security] xss in the resolved attributes view. [iglocska] - thanks to Jakub Onderka for reporting it - [UI] Always use capital UUID. [Jakub Onderka] @@ -12485,7 +12888,7 @@ Fix - [installer] Embarassing typo no1, 7.3!=7.4. [Steve Clement] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'pr-5917' into 2.4. [mokaddem] @@ -12500,6 +12903,7 @@ Other - Merge branch '2.4' into pr-5862. [mokaddem] - Merge branch 'pr-5856' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5856. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into pr-5856. [mokaddem] - Clean up errors when trying to update warning lists. [Jason Kendall] - Merge remote-tracking branch 'MISP/2.4' into 2.4. [Christophe Vandeplas] @@ -12578,6 +12982,7 @@ Other - Add: [restSearch] Added opendata to the valid formats. [chrisr3d] - Add: [opendata] Submoduling misp-opendata. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5861 from JakubOnderka/capital-uuid. [Alexandre Dulaunoy] @@ -12630,14 +13035,15 @@ Other - Merge remote-tracking branch 'upstream/2.4' into tools. [Steve Clement] + v2.4.125 (2020-04-30) --------------------- New ---- +~~~ - [feed] Support for compressed feeds. [Jakub Onderka] - Implementation of email-based OTP. [Golbark] -- :lock: added policy for github. [iglocska] +- [security] added policy for github. [iglocska] - [doc] Initial copy for Ubuntu 20.04. [Steve Clement] - [installer] updated template to prepare grounds for 20.04 (php7.4) [Steve Clement] @@ -12670,6 +13076,7 @@ New - helps the index factory fields retrieve data from the currently processed object based on a set of paths - [tool] MISP to Slack messaging using ZMQ. [Christophe Vandeplas] +- [tool] MISP to Slack messaging using ZMQ. [Christophe Vandeplas] - [database] New MySQL data source added for debugging. [iglocska] - MySQLObserver datasource added - prepends all queries with the requested controller/action and user ID for better debugging @@ -12694,7 +13101,7 @@ New - quick user creation if the user asks for an org that doesn't exist yet Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [pymisp] bump. [iglocska] - [new] Added QEMU support. [Steve Clement] @@ -12811,7 +13218,7 @@ Changes the user receives the e-mail. [iglocska] Fix ---- +~~~ - [internal] Just site admin can force when saving freetext. [Jakub Onderka] - [installer] Bug where the wrong php deps would get installed. [Steve @@ -12969,7 +13376,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge pull request #5207 from JakubOnderka/patch-33. [Steve Clement] fix: [internal] Just site admin can force when saving freetext @@ -13053,6 +13460,7 @@ Other - Merge branch '5819' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'JakubOnderka-redis-delete-multiple' into 2.4. [mokaddem] - Merge branch '2.4' into JakubOnderka-redis-delete-multiple. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -13124,10 +13532,16 @@ Other chg: [i18n] Updated: de, dk, fr, it, jp, no, ru, zh-s - Merge branch 'i18n' of github.com:MISP/MISP into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge remote-tracking branch 'origin/2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -13170,6 +13584,11 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5672 from patriziotufarolo/2.4. [Andras Iklody] @@ -13187,6 +13606,7 @@ Other Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5727 from stricaud/debian. [Alexandre Dulaunoy] - Various improvements: * Do not push a string for VERSION.json but use @@ -13201,11 +13621,12 @@ Other - Fixed bugs with PostgreSQL in bruteforce and feed models. [Bechkalo Evgeny] + v2.4.124 (2020-03-30) --------------------- New ---- +~~~ - [attributes:massEdit] Possibility to create proposals instead of edit. [mokaddem] - Add support for RHEL in the install script. [Golbark] @@ -13221,10 +13642,10 @@ New - [dashboard] multi line chart UI added. [iglocska] Changes -------- +~~~~~~~ - [server:dbSchemaDiagnostic] UI Improvement to hide tables containing only non-critical entries. [mokaddem] -- :lock: Added setting to restrict the encoding of local feeds. +- [security] Added setting to restrict the encoding of local feeds. [iglocska] - By adding local feeds, a malicious administrator could point MISP to ingest configuration files that the apache user has access to @@ -13246,6 +13667,7 @@ Changes - [widgets:multiline] Added possibility to pick datapoint and see the deltas. [mokaddem] - [warninglist] bump. [iglocska] +- [warninglist] bump. [iglocska] - [genericElement:indexTable-links] Allow to craft an URL with custom data_path. [mokaddem] - [genericElement:IndexTable] Allow to pass pagination options to @@ -13264,7 +13686,7 @@ Changes - [widgets:multiline] Adapt left margin for big numbers. [mokaddem] - [widgets:multiline] Added more Options, datapoints and total serie. [mokaddem] -- [widgets:multiline] Layout, UI and interactivity improvements - :construction:. +- [widgets:multiline] Layout, UI and interactivity improvements - WiP. [mokaddem] - [galaxy:view] Commented `altered galaxy` for now. [mokaddem] - [galaxyCluster:index] Migrated to use the genericElement factory + @@ -13291,7 +13713,7 @@ Changes - [travis] cat exec errors file. [Raphaël Vinot] Fix ---- +~~~ - [sync] Added function to handle older MISP instances despite the new way of passing org filter options. [iglocska] - [event:view] Show correct number of related events to be shown - Fix @@ -13339,13 +13761,15 @@ Fix - [stix export] Fixed cybox object import. [chrisr3d] Other ------ +~~~~~ +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5643 from Kortho/patch-3. [Steve Clement] @@ -13402,6 +13826,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into feature-widgets- scoped-css. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5697 from MISP/chrisr3d_patch. [Andras Iklody] Fix link to the dashboard from the statistics page @@ -13409,11 +13834,12 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.123 (2020-03-10) --------------------- New ---- +~~~ - [dashboard] added template delete functionality. [iglocska] - [dashboard] persistence package. [iglocska] @@ -13466,10 +13892,10 @@ New - various other fixes - [API] object level restSearch added. [iglocska] - still :construction: + still WiP Changes -------- +~~~~~~~ - [stix2] Bumped latest stix2 python library version. [chrisr3d] - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] @@ -13519,7 +13945,7 @@ Changes - [i18n] Updated pot files. [Steve Clement] Fix ---- +~~~ - [travis] ANTLR 4.8 works again. [Raphaël Vinot] - [ACL] added deleteTemplate. [iglocska] - [dashboards:edit] Prevent overriding the edited template with data @@ -13544,7 +13970,7 @@ Fix - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [user:edit] Correctly re-insert form data wipping password information. [mokaddem] -- :lock: Fixed presistent xss in the sighting popover tool. +- [security] Fixed presistent xss in the sighting popover tool. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) @@ -13552,7 +13978,7 @@ Fix [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) -- :lock: Fix reflected xss via unsanitized URL parameters. +- [security] Fix reflected xss via unsanitized URL parameters. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) @@ -13586,7 +14012,7 @@ Fix - [i18n] Various edits and small __('') addeage. [Steve Clement] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Bumped db_version. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -13600,6 +14026,7 @@ Other chg: [widget:worldmap] Various JS and UI Improvements - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -13616,11 +14043,12 @@ Other fix: [i18n] Various edits and small __('') addeage. + v2.4.122 (2020-02-26) --------------------- New ---- +~~~ - [logging] Log user IPs on login. [iglocska] - feature is optional and needs to be enabled in the server settings @@ -13633,7 +14061,7 @@ New system. [iglocska] Changes -------- +~~~~~~~ - [pymisp] bump. [iglocska] - Use poetry in travis. [Raphaël Vinot] - [version] bump. [iglocska] @@ -13652,7 +14080,7 @@ Changes - [version] bump. [jcarter] Fix ---- +~~~ - Run python tests from python. [Raphaël Vinot] - [CLI] allow for calling the update via the CLI without passing a process ID. [iglocska] @@ -13691,7 +14119,7 @@ Fix - [internal] Remove unused function. [Jakub Onderka] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -13773,11 +14201,12 @@ Other -- STR + v2.4.121 (2020-02-10) --------------------- New ---- +~~~ - [config load task] Added a task that will reload the settings on any console shell execution, fixes #5498. [iglocska] @@ -13803,7 +14232,7 @@ New - uses the same format as the index filters Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [internal] mispzmqtest.py. [Jakub Onderka] @@ -13821,8 +14250,10 @@ Changes - [UI] Check if ssdeep PHP extension is installed. [Jakub Onderka] - Bump expected PyMISP version. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [user] GPG key fetching by server. [Jakub Onderka] @@ -13856,8 +14287,8 @@ Changes - [console:server] Stop execution if user does not exists. [mokaddem] Fix ---- -- :lock: Correctly sanitize search string in Galaxy view. [mokaddem] +~~~ +- [security] Correctly sanitize search string in Galaxy view. [mokaddem] - As reported by Dawid Czarnecki - [object] object deduplication fixed. [iglocska] @@ -13866,15 +14297,15 @@ Fix To prevent saving it into browser cache - [internal] Remove unused line. [Jakub Onderka] - [indexes] Added SQL index for tag numerical_value. [mokaddem] -- :lock: Further fixes to the bruteforce handling. [iglocska] +- [security] Further fixes to the bruteforce handling. [iglocska] - resolved a potential failure of the subsystem when the MySQL and the webserver time settings are diverged - as reported by Dawid Czarnecki - several tightenings of the checks to avoid potential foul play -- :lock: discussion thread ACL issues fixed. [iglocska] +- [security] discussion thread ACL issues fixed. [iglocska] - as reported by Dawid Czarnecki -- :lock: brutefoce protection rules tightened. [iglocska] +- [security] brutefoce protection rules tightened. [iglocska] - as reported by Dawid Czarnecki - [API] make param tag alias of tags for /events/restSearch. [Jeroen @@ -13930,7 +14361,7 @@ Fix indexing change nad pretty-printed it. [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5615 from JakubOnderka/patch-85. [Andras Iklody] @@ -14059,11 +14490,12 @@ Other fix: [UI] Add space after ':' in error text + v2.4.120 (2020-01-21) --------------------- New ---- +~~~ - [shadowAttribute] first_seen and last_seen on shadowAttributes. [mokaddem] - [timeline/*-seen] Initial import of the timeline code from the @@ -14083,7 +14515,7 @@ New - [UI] first implementation of the modal forms. [iglocska] Changes -------- +~~~~~~~ - [PyMISP] update to the latest version. [Alexandre Dulaunoy] - [attributes] new attribute type 'chrome-extension-id' [Alexandre Dulaunoy] @@ -14144,7 +14576,7 @@ Changes - [update] Usage of `indexArray` instead of raw sql. [mokaddem] - [object:delta] No deletion of ObjectAttribute when sync. with Object's FS/LS. [mokaddem] -- [timeline] Improved controller name parsing (used in form) - :construction:. +- [timeline] Improved controller name parsing (used in form) - WiP. [mokaddem] - [object:quickAttributeAdd] Replace popover selection by the generic picker. [mokaddem] @@ -14223,7 +14655,7 @@ Changes - Bumped queryversion. [mokaddem] Fix ---- +~~~ - [install] Update .sfv. [Steve Clement] - [stix2] Fix stix2 for the Docs and Installer (#5526) [Steve Clement] @@ -14420,7 +14852,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] @@ -14500,10 +14932,17 @@ Other Wrong hash composer-setup.php - Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] - Merge pull request #1 from MISP/2.4. [devnull-] Update fork - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #5459 from mokaddem/schemaDiagnosticImprovement. @@ -14530,6 +14969,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5208 from JakubOnderka/patch-34. [Andras Iklody] Simplify user profile logging @@ -14567,11 +15007,12 @@ Other fix: Remove unusued config option - Add: [stix import] Importing LinkObjects as link attribute. [chrisr3d] + v2.4.119 (2019-12-02) --------------------- New ---- +~~~ - [server:fixDBSchema] Preliminary work to fix database schema. [mokaddem] - [refactor] Massive internal refactor and cleanup of deprecated APIs. @@ -14634,7 +15075,7 @@ New - allows for the easier debugging of for example search queries Changes -------- +~~~~~~~ - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] @@ -14724,7 +15165,7 @@ Changes - reduces the number of queries greatly making debugging easier Fix ---- +~~~ - [diagnostic:DBSchema] Aligned schema to a clean non-tampered instance. [mokaddem] - [internal] When capturing an object, avoid throwig notice errors if no @@ -14770,7 +15211,7 @@ Fix index. [iglocska] - [tag] do not show actions column for non-admins. [Christophe Vandeplas] -- :lock: tightened checks for restricting users from tagging data +- [security] tightened checks for restricting users from tagging data they shouldn't be allowed to tag. [iglocska] As reported by Christophe Vandeplas @@ -14853,12 +15294,13 @@ Fix - returns puzzling error messages Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'db_fix' into 2.4. [iglocska] +- Merge branch 'db_fix' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into feature-fix-db- inconsistencies. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -14900,6 +15342,7 @@ Other Added more Organisation statistics - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5400 from SteveClement/REST_Client_python. [Andras Iklody] @@ -14925,9 +15368,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Revert "Revert "Merge pull request #5304 from JakubOnderka/version- @@ -14949,11 +15395,12 @@ Other fix: [internal] Load MISP version just once in AppController - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] + v2.4.118 (2019-11-08) --------------------- New ---- +~~~ - [attribute:restSearch] Support of Orgc and GalaxyElement meta searches. [mokaddem] - [event:restSearch] Support of Orgc meta searches. [mokaddem] @@ -14973,10 +15420,10 @@ New [mokaddem] - [cli] server connectivity test. [Jan Skalny] - [servers:DBDiagnostic] Improved indexTable and added new DB schema - diagnostic (:construction:) [mokaddem] + diagnostic (WiP) [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [diagnostic] Exposed dbSchemaDiagnostic to the API. [mokaddem] - [restSearch] Improved meta-search code - Correctly returns nothing if @@ -15026,6 +15473,7 @@ Changes - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Enable mailing in travis. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated installer to support latest Kali Linux chg: [doc] Amended Centos7 mirror foo. [Steve Clement] @@ -15073,7 +15521,7 @@ Changes - [updateProgress] Added threshold preventing animations. [mokaddem] - [updateProgress] Redraw the switch if it gets overriden. [mokaddem] - [updateProgress] Pooling task now use the taskScheduler. [mokaddem] -- [updateProgress] Started taking into account stack of updates - :construction:. +- [updateProgress] Started taking into account stack of updates - WiP. [mokaddem] - [diagnostic] Exposed mysql and redis diagnostic on the API. [mokaddem] - [dbSchemaDiagnostic] UI improvements. [mokaddem] @@ -15085,27 +15533,27 @@ Changes - [dbSchemaDiagnostic] show remaining time before update unlock and columns that should not be there. [mokaddem] - [update] Added new worker type `update` to perform updates. [mokaddem] -- [update] Correctly terminate parallels workers doing updates - :construction:. +- [update] Correctly terminate parallels workers doing updates - WiP. [mokaddem] - [update] Moved locking system from `updateDatase` to `runUpdates` - - :construction:. [mokaddem] + WiP. [mokaddem] So that `updateMISP` is also locked and workers benefits of more context -- [update] Keep track of update number in job - :construction:. [mokaddem] +- [update] Keep track of update number in job - WiP. [mokaddem] - [dbSchemaDiagnostic] Improved wording. [mokaddem] - [dbSchemaDiagnostic] Improved code quality. [mokaddem] - [dbSchemaDiagnostic] Adapt label color. [mokaddem] - [dbSchemaDiagnostic] Catches errors and display them in the UI. [mokaddem] - [dbSchemaDiagnostic] Added support of db_version. [mokaddem] -- [dbSchemaDiagnostic] Improved parsing and UI - :construction:. [mokaddem] -- [dbSchemaDiagnostic] changing diagnostic - :construction:. [mokaddem] +- [dbSchemaDiagnostic] Improved parsing and UI - WiP. [mokaddem] +- [dbSchemaDiagnostic] changing diagnostic - WiP. [mokaddem] - [update] Update function name are more explicit. [mokaddem] - [update] `updateDatabase` returns the result of the update (duplicated column are nbot counted as an error) [mokaddem] Fix ---- +~~~ - [attributes:restSearch] Fixed typo. [mokaddem] - [UI] Automatic logout. [Jakub Onderka] - [UI] Server diagnostics download link. [Jakub Onderka] @@ -15147,6 +15595,7 @@ Fix present in the bundle. [chrisr3d] - [stix2 import] Removed unused variable in dictionary loop. [chrisr3d] - [live:notice UI] Fixed baseurl variable. [mokaddem] +- [live:notice UI] Fixed baseurl variable. [mokaddem] - [updateProgress] Fixed return message to better handle translation. [mokaddem] - [update] Apply restriction of only 1 running process for only the @@ -15163,7 +15612,8 @@ Fix [mokaddem] Other ------ +~~~~~ +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5311 from JakubOnderka/patch-63. [Andras Iklody] @@ -15344,11 +15794,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into workerForDBUpdate. [mokaddem] + v2.4.117 (2019-10-10) --------------------- New ---- +~~~ - [user settings] Added restrictions for certain settings. [iglocska] - based on role permissions @@ -15382,7 +15833,7 @@ New - [API] Netfilter added as new export format. [iglocska] Changes -------- +~~~~~~~ - Bump recommended PYMISP version. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [sync] Code cleanup. [Jakub Onderka] @@ -15391,6 +15842,7 @@ Changes - Version bump. [iglocska] - Bumped queryversion. [mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [eventGraph] Renamed `rotation key` to `pivot key` and do not collaspe when adding/removing edges. Fix #3683. [mokaddem] - [event:view] Displays sighting popover if button has been hovered for @@ -15407,6 +15859,7 @@ Changes context. [mokaddem] - [UI] Collapse S/MIME or GPG key. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [tool] gen_misp_types_categories uses jq. [Christophe Vandeplas] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [feed] Use new AppModel::logException method. [Jakub Onderka] @@ -15475,7 +15928,7 @@ Changes - [stix2 export] Better vulnerability object parsing. [chrisr3d] Fix ---- +~~~ - [PyMISP] Travis tests. [Raphaël Vinot] - [internal] missing org object for users/view. [iglocska] - [internal] Remove closing PHP tag. [Jakub Onderka] @@ -15634,7 +16087,7 @@ Fix type (indicator, observable or vulnerability) Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5263 from JakubOnderka/patch-51. [Andras Iklody] @@ -15846,14 +16299,16 @@ Other Refactor app controller - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.116 (2019-09-16) --------------------- New ---- +~~~ - [sync] Added sync priority system to prioritise the order of instances to push to. [iglocska] - [CLI] Added cleanup tool to purge all events related to a feed. @@ -15869,7 +16324,7 @@ New - [API] verbose output for /servers/update. [iglocska] - [event:view] Added support of decay score. [mokaddem] - [decaying:rest] Filtering out of decayed attributes. [mokaddem] -- [decaying] Partial API support - :construction:. [mokaddem] +- [decaying] Partial API support - WiP. [mokaddem] - [restResponse] Added entries in Attribute/RestSearch for decaying model support. [mokaddem] - [decaying] Added models import and export feature. [mokaddem] @@ -15886,7 +16341,7 @@ New entries to 1 / hour / key. [iglocska] Changes -------- +~~~~~~~ - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest one. [Alexandre Dulaunoy] @@ -15909,26 +16364,26 @@ Changes attributeTag. [mokaddem] - [decaying:simulation] Swapped round to floor when rounding sightings timestamp. [mokaddem] -- [decaying:model] Seventh batch of fix from the PR review - :construction: (not +- [decaying:model] Seventh batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Sixth batch of fix from the PR review - :construction: (not +- [decaying:model] Sixth batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Fith batch of fix from the PR review - :construction: (not +- [decaying:model] Fith batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Fourth batch of fix from the PR review - :construction: (not +- [decaying:model] Fourth batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Third batch of fix from the PR review - :construction: (not +- [decaying:model] Third batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Second batch of fix from the PR review - :construction: (not +- [decaying:model] Second batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] First batch of fix from the PR review - :construction: (not +- [decaying:model] First batch of fix from the PR review - WiP (not tested) [mokaddem] - [database] Added indexes to decaying models and related tables. [mokaddem] - [event] applying few PSR2 rules. [mokaddem] - [decaying:simulation] restSearch comments added to be fixed in next decaying version. [mokaddem] -- [decaying] First batch of fix from the PR review - :construction: (not tested) +- [decaying] First batch of fix from the PR review - WiP (not tested) [mokaddem] - Added CR/LF. [mokaddem] - [sql] align initial perm with sightings. [mokaddem] @@ -15960,7 +16415,7 @@ Changes - [decaying:base_score_config] Simulation at predicate level in the user interface. [mokaddem] - [decaying:base_score_config] Improved UI responsiveness. [mokaddem] -- [decaying:base_score_config] Consider predicate weight UI only - :construction:. +- [decaying:base_score_config] Consider predicate weight UI only - WiP. [mokaddem] - [decaying:base_score_config] Added reason of taxonomy exclusion. [mokaddem] @@ -16014,7 +16469,7 @@ Changes - [decaying] `FetchAllowedModels` now supports `all_orgs` [mokaddem] - [decaying] Renamed function and started true implemention of ACL for models. [mokaddem] -- [decaying] Added restricted edition and `all_orgs`` flag - :construction:. +- [decaying] Added restricted edition and `all_orgs`` flag - WiP. [mokaddem] - [globalmenu] Added link to `/decayingModel/index` [mokaddem] - [decaying:view] Added logo to distinguish between custom and default @@ -16026,7 +16481,7 @@ Changes - [decaying] Allow for model parameteres override. [mokaddem] - [decaying] Usage of classname instead of const, support of `retention` taxonomy and small fix. [mokaddem] -- [decaying] Added list of available formulas and model settings - :construction:. +- [decaying] Added list of available formulas and model settings - WiP. [mokaddem] - [decaying] Changed default formula name to polynomial. [mokaddem] - [sidemenu:decayingModel] Added dividers. [mokaddem] @@ -16075,12 +16530,12 @@ Changes [mokaddem] - [decaying:simulation] Support of sightings in the decaying simulation. [mokaddem] -- [decaying:simulation] Draft 2 of simulation chart line - :construction:. +- [decaying:simulation] Draft 2 of simulation chart line - WiP. [mokaddem] -- [decaying:simulation] Draft of simulation chart line - :construction:. [mokaddem] +- [decaying:simulation] Draft of simulation chart line - WiP. [mokaddem] - [decaying:simulation] Support of row clicking. [mokaddem] - [decaying:simulation] Attribute searches. [mokaddem] -- [decaying:simulation] Started simulation view - :construction:. [mokaddem] +- [decaying:simulation] Started simulation view - WiP. [mokaddem] - [decaying:tool] Object categories are treated as an array. [mokaddem] - [decaying] Improved UI and limit number of digit in parameters. [mokaddem] @@ -16094,31 +16549,31 @@ Changes [mokaddem] - [decaying:tool] Show available tags in the taxonomy. [mokaddem] - [decaying:tool] Added example table with automatic tags picking and - pass config to the model - :construction:. [mokaddem] + pass config to the model - WiP. [mokaddem] - [decaying:tool] Started implementation of tag support and examples in the `adjust base_score` [mokaddem] - [decaying:tool] Filter taxonomies not having numerical score. [mokaddem] - [decaying] UI tweaking on the galaxy tree map. [mokaddem] - [css] Increase z-index of popover. [mokaddem] -- [decaying] Improved UI - :construction:. [mokaddem] -- [decaying] slight UI Improvement - :construction:. [mokaddem] -- [decaying] Improved UI - :construction:. [mokaddem] -- [decaying] Started support of taxonomies (base_score) - :construction:. +- [decaying] Improved UI - WiP. [mokaddem] +- [decaying] slight UI Improvement - WiP. [mokaddem] +- [decaying] Improved UI - WiP. [mokaddem] +- [decaying] Started support of taxonomies (base_score) - WiP. [mokaddem] -- [decaying] Started taxonomies integretion - :construction:. [mokaddem] +- [decaying] Started taxonomies integretion - WiP. [mokaddem] - [decayingTool] Added missing class. [mokaddem] - [decayingTool] Added number of type assigned to a model. [mokaddem] - [decayingTool] Added selection history and selection restoration. [mokaddem] -- [decayingTool] Improved UI - :construction:. [mokaddem] -- [decaying] fixed bug (array_values) and improved layout - :construction:. +- [decayingTool] Improved UI - WiP. [mokaddem] +- [decaying] fixed bug (array_values) and improved layout - WiP. [mokaddem] -- [decaying] Improved getAssociatedModels - :construction:. [mokaddem] -- [decaying] Clean-up - :construction:. [mokaddem] +- [decaying] Improved getAssociatedModels - WiP. [mokaddem] +- [decaying] Clean-up - WiP. [mokaddem] - [Decaying] Improved mapping reset and started integration with the interface. [mokaddem] -- [decayingTool] Improved related type retreival and improved UI - :construction:. +- [decayingTool] Improved related type retreival and improved UI - WiP. [mokaddem] - [DecayingTool] Added more fields. [mokaddem] - [decayingModel] Added update mechanism from local files and started @@ -16127,12 +16582,12 @@ Changes - [decayingTool] Added filtering/search on the Attribute type table. [mokaddem] - [decayingTool] Switched to JQuery plugin instead of raw JS. [mokaddem] -- [decayingTool] Improved bounding rect - :construction:. [mokaddem] +- [decayingTool] Improved bounding rect - WiP. [mokaddem] - [decayingTool] removed comments. [mokaddem] -- [decayingTool] UI improvement - :construction:. [mokaddem] -- [decayingTool] Majority has been moved to d3. Still :construction:. [mokaddem] -- [devayingTool] UI improvement - :construction:. [mokaddem] -- [DecayingTool] Playing around with d3 - :construction:. [mokaddem] +- [decayingTool] UI improvement - WiP. [mokaddem] +- [decayingTool] Majority has been moved to d3. Still WiP. [mokaddem] +- [devayingTool] UI improvement - WiP. [mokaddem] +- [DecayingTool] Playing around with d3 - WiP. [mokaddem] - [decayingTool] Moving from chart.js to d3.js. [mokaddem] - [DecayingTool] Added list of available Object Attribute. [mokaddem] - [decaying] Improved selection performance. [mokaddem] @@ -16140,17 +16595,17 @@ Changes and non-ToIDS Attributes. [mokaddem] - [decayingTool] Moved JS in its own file + added table checkbox. [mokaddem] -- [decayingModel] Improved UI (selectable behavior) - :construction:. [mokaddem] +- [decayingModel] Improved UI (selectable behavior) - WiP. [mokaddem] - [decayingModel] Added Col org and splitted json into input fields. [mokaddem] -- [decaying] Model and UI improvement - :construction:. [mokaddem] +- [decaying] Model and UI improvement - WiP. [mokaddem] - [decayingTool] Added model and controller. [mokaddem] -- [decayingTool] More info on Attribute types and model loading - :construction:. +- [decayingTool] More info on Attribute types and model loading - WiP. [mokaddem] - [decayingTool] More info and help text. [mokaddem] -- [deacyingTool] Improved UI - :construction:. [mokaddem] +- [deacyingTool] Improved UI - WiP. [mokaddem] - [decayingTool] Added var. [mokaddem] -- [decaying] UI skeleton - :construction:. [mokaddem] +- [decaying] UI skeleton - WiP. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Set composer vendor dir right in composer.json. [Jakub Onderka] - Put require PHP version and extension into composer.json. [Jakub @@ -16164,7 +16619,7 @@ Changes expected part. [iglocska] Fix ---- +~~~ - [stix2] Fixed custom objects parsing when an attribute is multiple. [chrisr3d] @@ -16238,7 +16693,7 @@ Fix - [appModel] SQL query syntax fixed. [mokaddem] - [decaying] UI - Interface errors and sanitization. [mokaddem] - [decaying:base_score_config] basescore computation steps works again - - :construction:. [mokaddem] + WiP. [mokaddem] - [appmodel] Added db_change number for the decaying update. [mokaddem] - [Sightings] Plugin.Sightings_policy=Event Owner now shows sightings that belong to the creating org. [mokaddem] @@ -16327,7 +16782,7 @@ Fix - [stix import] Fixed some typos. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] @@ -16361,9 +16816,18 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] -- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] @@ -16402,7 +16866,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Add: [stix import] Importing attack pattern galaxies. [chrisr3d] -- :construction: [stix import] Functions to import attack pattern, vulnerability & +- Wip: [stix import] Functions to import attack pattern, vulnerability & weakness objects. [chrisr3d] - Functions to parse galaxies to come soon @@ -16415,11 +16879,12 @@ Other not related that will be imported as attributes or objects + v2.4.115 (2019-09-09) --------------------- Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Install crypt_gpg by composer. [Jakub Onderka] - Allow to load Crypt_GPG from composer. [Jakub Onderka] @@ -16455,7 +16920,7 @@ Changes - [stix2] Bumped latest STIX2 python library changes. [chrisr3d] Fix ---- +~~~ - [UI] Removed duplicate button title in userIndexTable.ctp. [Jakub Onderka] - Throw exception when GnuGP homedir is not set. [Jakub Onderka] @@ -16465,7 +16930,7 @@ Fix This error was introduced in 600e54051694ca4d479a9e2c82db45fe19a46a6c - [stix2 import] Fixed hash patterns import for external STIX files. [chrisr3d] -- :lock: Fix to a vulnerability related to the server index. +- [security] Fix to a vulnerability related to the server index. [iglocska] - along with various support tools @@ -16500,7 +16965,7 @@ Fix fixes #3871. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5119 from JakubOnderka/patch-24. [Sami Mokaddem] @@ -16552,11 +17017,12 @@ Other Fix Declaration of RestResponseComponent warning - Fix Declaration of RestResponseComponent warning. [Richie B2B] + v2.4.114 (2019-08-30) --------------------- New ---- +~~~ - [API] Added event delegations to the list of API enabled functions. [iglocska] @@ -16601,7 +17067,7 @@ New - increased recommended memory size additionally Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump for release, take 2. [Raphaël Vinot] - [PyMISP] Bump for release. [Raphaël Vinot] @@ -16680,7 +17146,7 @@ Changes This exception is thrown when not logged access `users/checkIfLoggedIn.json` Fix ---- +~~~ - [API] Messages fixed for event delegations. [iglocska] - [API] event delegation inverted invalid IF branch. [iglocska] - [internal] return true from the external email sender if no mocking is @@ -16770,9 +17236,10 @@ Fix fixes #5022. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -16784,6 +17251,7 @@ Other fix: [ui] Missing space and dot at export page - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5083 from 4ekin/fix-postgresql-issues. [Andras Iklody] @@ -16923,11 +17391,12 @@ Other chg: Do not log ForbiddenException by default + v2.4.113 (2019-08-16) --------------------- New ---- +~~~ - [API] get a single server setting via /servers/getSetting/[setting_name], fixes #4964. [iglocska] - [API] Allow posting freetext data for ingestion via the event uuid @@ -16956,7 +17425,7 @@ New - very primitives, simply concatenates events to be pushed into a file - Reminder to run gen_misp_types_categories when model changes. [Christophe Vandeplas] -- [API] Attribute add rework - :construction:. [iglocska] +- [API] Attribute add rework - WIP. [iglocska] - handle attribute creation in a unified manner via captureAttributes - [internal] Default field list added for attributes. [iglocska] @@ -16964,7 +17433,7 @@ New - let's try to standardised on things we output instead of doing it manually. It's a first step Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [Travis] Use default python3 version on the image (3.6+), fix perms @@ -17026,7 +17495,7 @@ Changes posted JSON object. [iglocska] Fix ---- +~~~ - [PyMISP] Bump, missing change. [Raphaël Vinot] - [internal] Feed lookup by UUID removed as feeds don't actually have UUIDs, fixes #4998. [iglocska] @@ -17143,7 +17612,7 @@ Fix - [internal] testBoolFalse logic error fixed. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Revert "chg: [warning-list] Filter CIDR warning list before eval" [iglocska] @@ -17222,11 +17691,13 @@ Other - Add: [stix export] Exporting attack-pattern, vulnerability & weakness objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'feature/attribute_add_rework' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -17234,15 +17705,17 @@ Other [chrisr3d] - Add: [stix2 export] Exporting Attack Pattern objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4955 from JakubOnderka/patch-3. [Andras Iklody] fix: [UI] Row description in View Warninglists + v2.4.112 (2019-08-02) --------------------- New ---- +~~~ - [sync] Event index cleaned up, total count of listd events added as X-Result-Count header. [iglocska] - [sync] Previewing a remote instance now passes pagination rules in the @@ -17272,7 +17745,7 @@ New alternative to the timestamp, fixes #4937. [iglocska] Changes -------- +~~~~~~~ - [pymisp] bumped. [iglocska] - [version] bump. [iglocska] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] @@ -17311,6 +17784,8 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [Submodules] Bump Taxonomies and objects. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] - [travis] Cleanup pymisp install. [Raphaël Vinot] - [pymisp] Bump it. [Raphaël Vinot] - [travis] Start workers. [Raphaël Vinot] @@ -17326,7 +17801,7 @@ Changes stripped label. [mokaddem] Fix ---- +~~~ - [pymisp / querystring] versions bumped. [iglocska] - [enrichment] Getting objects description from the view. [chrisr3d] - [enrichment view] Passing description & template information about @@ -17428,7 +17903,7 @@ Fix - [servers] Adding a server now requires the name to be set, partially fixes #4889. [iglocska] - [API] Server deletion now responds correctly via the API. [iglocska] -- :lock: Fix to stored XSS. [mokaddem] +- [security] Fix to stored XSS. [mokaddem] - as reported by David Heise - Removed unnecessary uuid rewriting in objects. [chrisr3d] @@ -17515,7 +17990,7 @@ Fix - [debug] Remove debug call. [Raphaël Vinot] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] @@ -17523,6 +17998,8 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4951 from JakubOnderka/patch-2. [Andras Iklody] chg: Use faster algorithm for Warninglist::__ipv6InCidr @@ -17541,6 +18018,7 @@ Other - Describing links linking to the provided CWE lookup - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix import] Importing user account object. [chrisr3d] @@ -17570,6 +18048,7 @@ Other slightly modified logroate config which rotates all logs in MISP/app/… - Update misp.logrotate. [Steve Clement] +- Update misp.logrotate. [Steve Clement] - Slightly modified logroate config which rotates all logs in MISP/app/tmp/logs when they reach a 50MB limit, with maximum log size set to 500M. rotation is checked every hour. [michael] @@ -17612,25 +18091,26 @@ Other Allow SSL verification to be disabled with config. If I understand this right this will need to be scheduled with a cronjob if the expiration framework is wanted? + v2.4.111 (2019-07-14) --------------------- New ---- +~~~ - [attribute-type] community-id added. [Alexandre Dulaunoy] Community-id is a new attribute type to describe a flow hashing algorithm allowing the consumers of output from multiple traffic monitors to link each system's flow records more easily. - [API] Proposal sync rework done. [iglocska] -- [proposal sync rework] :construction:. [iglocska] +- [proposal sync rework] WIP. [iglocska] - [doc] "Hidden" NetBSD install (core works) (#4847) [Steve Clement] new: [doc] "Hidden" NetBSD install (core works) - [doc] Hidden NetBSD install (core works) [Steve Clement] Changes -------- +~~~~~~~ - [version] bump version 2.4.111. [Alexandre Dulaunoy] - [version] align PyMISP version with core. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] @@ -17647,7 +18127,7 @@ Changes [mokaddem] Fix ---- +~~~ - [internal] Explicit conditions to avoid ambiguous lookups. [iglocska] - [UI] Fixed galaxy add buttons on event index. [iglocska] - [bug] RestClient notice error fixed. [iglocska] @@ -17682,7 +18162,7 @@ Fix - [sync] Fixed a bug breaking the sync. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'hotfix/sync_rework' into 2.4. [iglocska] - Merge branch '2.4' into hotfix/sync_rework. [iglocska] @@ -17690,6 +18170,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix2 import] Importing external User Account objects. [chrisr3d] @@ -17701,11 +18182,12 @@ Other - External STIX documents support of User Account object to come very soon + v2.4.110 (2019-07-08) --------------------- New ---- +~~~ - [tags] Local tags feature added. [iglocska] - Create tags locally if you are a host org user that allows in-place tagging for sync / export filtering @@ -17718,20 +18200,77 @@ New - [correlation graph] Toggle physics on/off. [iglocska] .,/#&&@@@@@@@@&%(*. + #@@@@%*..,..,.,,.,,.,.,.,,,,..,*#@@@@( .&@@%,,.,,.,,,*#%&&&%#(/**,,**/(%&&&%(/,.......(@@@, + %@@(,,,,,,(&&%*.......... ...*,*..,.........../&,....,%@@, &@&,,,,,*&&(.... .*....*..//.../../(...*.*(...%..........#&(....*@@/ + ,@@,,,.,#......#..#*..(#..(*./,..,...*(...*.,.*..........#/#.....%&,..,/@@. + /@%,,,,(&(.....#/,...#../.(#...,/.,,../,..*(...*...%,.........,*...#./....#&,.,,@@. + .@&,.,,%&....,,....(*,.../.(,..(...,..,..*#..,,..,..,...*,....../#...,..(//.....,&/..,&@. + %@,,,,#&...,,/./**....(,,..(,.//..,*..............................,.....././(.,..*...,&/,,,@& + @%,,.(&,../(*..(#../#....(*. /....................................../,..*.*..//,,..,/.....,&...%@ + .@(..,&&,......%,,/..../(..(................................................/(..(.,.*.....**....%#,,*@, + @(,,*&%*.........*((....*#.......................................................(*.,,.......*,#...*&..,@* @#,,/&%,.(*..........#,/.............................................................../...*..*(.......*&.,*@, + #@,.,&&*.#&/(.,...............................................................................,...(...,.,,.*%..*@ @*,,%@/......#*(................................................................................./. (./.#.....#%..%@ + &@,,/..........#,../................................................................................,.#.........&*,,@* @/,,&@,............/(..................................................................................#............*&../@ @*,/&&.................................................................................................................&,..@ (@,,(&(...................................................................................................................%%..@( + (&,,#&*.....................................................................................................................,%../% #@,,%&........................................................*/,...../(*......................................................&..*@ + /&,,%&...................................................., **..................................................&..,@ + *@,,%&.................................................., . . .. . . *,................................................&..*@ @*,#%,................................................* .. (................................................&.,*% + @/,*#*...............................................*%/,,,***,...,,. ..............,&..............................................,&..&( + %&,,%@...............................................%**,..,,,,,,,......,. ........ ,,%#............................................./(,.@ @*,(%................................................*,..*(*.*,,...*,/..*,.. ... .,.*... ...............................................&*..@ + &(,,#,...............................(/**,,,.,,(.*/,%&&%#*/#(....,* .,...... */. ..,/**/(##% *,,.,,.( . .(..............................&..## + @*,%#................................*.... .(/..... %,,.,,*.,**.,,,,,,*((*,..... .(. . . .. ,.,,,..,. .....,..............................#(..@ + ,,/,................................*. ...........#,*.,/*.,,,,,,,,,,,...,*....... .(. . * %...............................&..*# + @/,##.................#*..,*,,,,..(/,,,*.,***/,,,,/*/*.,,,,,,,,,,,//***,,,**...... .. ./.%.,*.(*,,,..,.,/,..,***/*#...*%(...............%(..@ + .@*.#*..........,,,,,*,%....,/,**/...,//(/...*/((,.,/&%((/***/*//**///////********,,,,......./%(.......... . .,,,,.....#*.. ...,.........%..%/ + #(*//..........%,.,,,,.%........... . ...............*/****,*,,,,**,,,,,,,,,,,,,..,,.........(,,,,,*,,,*,,,......... ....( ...../.........&.,.@ + @/,(/........%%,.,,*,(%/*/*...,.,,*,..............,,.,/%%%###%%##%####(#%####%%(/((###(//(%((.................., . ....,%%((((//(&.......#/..@ + @/,((..........%......#*...........,..............,.../,//****/***/**,,*/,,/(*,*,,........**.(.,.................*...........& .*.........,%..@ + @/,#/..........(,,.,,,(*.........../..............,.../,/*/((((//*//*,*#***,./,/,,,........*./...................*...........%....../..........%..%. + @/,#*..........#......*/...........*..................*.**/,.,*(//**/,..,..,...*,,,..,*,...*.(...................*...........% .../..........&..(, + .@(*#,..........%......//...........,.,......,,*,**....*./**(,##,(//*/,/%&&&%%&//,,,..,//,.,*.(...../,,,,.........*.,.,.,.....& .. ../..........&../, + @(*#,..........#...(,,&/.....,%##(,*.......,,/*,(.,..,*./*/(*/**(/*,/,///***,.*/,,,..,../.,*./.....*/..(........./,*,*#......&,../..*..........&..(, + @(*#/..........#..*...%/...,.*,..#,,.......,,,..#,,.,,*./*/(*//*(//,(**//,,,,.*/,.,.,*../../,/...../(..(.........(.,..(.,....#. ..*.,,.........%..% + @/*/*..........#..,...%*...,.*,..#.,.......,*,..(.,,..*,**(#*((/(//,/********,*/*,,,.*..*.,/,(.,...*(..(.........(.,..(......#... *.*,.........%..@ + &//*,..........%..*...&,...../...(,,......,,*...(.,,,,,.///(*/////(*(,/*/***,,*/*.,.,*..*.,*./.,...*(../.........#,,..(......#. /./..........#..@ + *%/,#..........%..,...%,...........,.......,*...#.,,,./.**((*//*(//*(,/*/**,*,//*,,..,..*.,/,(...,.*#../,........#. .,......./. /.*.........**..@ + @/,(,.........%.. %....,..,....,,......,*...(,,,,/.,/,./*/(,(((/%#*,(///*//((,...*..*.,*,,#.,,,// ,.........#...........#. . ,.........&..%/ + @(/,/....,.........,*..,.........,,.....,.,.,,*,,,*//***,,,,,,**,***,****//(((##%%#######(#(#(..,.***,,,........#............./... ..,*...%..@ + ,@/,#,...,..,.,**,,,..,,,.,,.....,.,.,...,,/***/,,//(/////////**///(////**,,,,,,**,,,,......./.*,,**,,,,........#.............*,,,*,,,..**..#*.,% + @/**/...............................,,,,,,,,,,,*&&%%%###%%%%%%%%%&&&&&&%%##((/////***,*,,,,*/#%(&%###%%%%%&&&&&&%########((//**,...........%..@ + @/,/...........,%...............................**,,,,,,,*******//((###%%%&&&&@@@@@@@@@@@@@@%...............................,,,,,,,*/*.**.*& + /,#.....,*.,%&&%...........,.,..,*.....*,&/......*.*,/....&(#%......,.....*. ,.....,,,............../*........ .............../,..#*,..%..@ + @/*,/..,*@*...../(...........%*(,*%....,/#../#....*%( /.....(*.....,*,....(,......../.,......(,......#(.....#...#...........,.....//...&..%, + @/,**.*(....(,%./%.........*%,#.,&.....,(..&.....*%.##.....((.....,/.....*/........(........(,......#(....../../........../.......((.**.*& + (@/,(*..%#....,.,&........................................................................................................#*....../.,%..@ + #%/,(,..**/,..*%..*....................................................................................................,..#,.**(#..#..@ @%/*#*.,....%*.#*%,,...................................................................................................%.........%.,@ + /,(/...,%.%./.*@*,................../&//...................................................,#*................../#*....&*./..%.,@ + &&/,(%..,./.(&....,/,..............,#(/,/. ,..............................................(*,,.,,...............,*..&..*../.,#.,@ + /&/,*%..,%,....*.(&*%............##.,...*&., ,....................................../.#...,,.../................%,..../&,.*,.,@ + ,@/**%*......,&(...&.#................*&..,(,./(,*.............................*..%./*.....#*,............*......,%.*,..&.,/% + @(/*#&..*/@.......%#(%............,/&...,(*#..(#./#.................,*.,.%,, .( ....,*.................,#...,.....(..#,.@* + #&/**&%......,,(&/..*.,................,%..../%(,..........///,#(.,*.....(.#,.,....#(...............%.*..%.....(..%,,,@ + @(/*(&*...*&.((...../%/..................,/(.............*......./##,...(,..#*.....................,#.,..%.*..,/,,@* + #@//*#@..##%..../.%...%....................,............(/.../..(*..,../...................#/.....#..%...,..%..*@ @&(**%@,.,/.,.(*...//...................................%&(................................& &,..*..%,..%,,.@ + @&(*/#&(..((..,.#/....../.*.*.......................................................%.,...%*..%/....%...@. @&(//(&@...%#/.......#/%..*.( /,..........................................*,,...../*%*,...#..../(.,.@. + &@(///%&/...........,/#.....*/##(.....................................,*,........(.%%#,/...%,.,*@ + /@#((/(%&*.....*/..((%...*/#...,*((#&. ,,*///*..............(*.../*.,.*,......&......%#.,,@% + &@((//#%&*...#(**#.../,/...*#*/../,,.*.*...(*,,..((....../,.....,,./........(...%/,,,#@ + @@(((((%%&,....../,/...,.**/..*,*..,,,(/..,,.,.,......(,.....(,..(, ...../%*.,,(@* #@%////#%%&*....#.,(.,#*,..*,...*,./*.....#(........(,....(.......(%/,,,,&@. + .&@#////(#%%&(.....*&&*/*(...*,,..*./,...(...............,/%/,,,,,%@# + #@@/*////(#%%&&/.........,*(#*..(,/*.........,*#%//,,*,,*@@( /@@@(/(////((((###%&&&&%%%%%%%%&%%##(/*******/&@@( ,%@@@@%#((//////******/////(/#%@@@@%, .,***/***,. @@ -17763,7 +18302,7 @@ New /__\ /___\ - [stix import] Parsing observable compositions from external STIX files. [chrisr3d] -- :lock: Made certain settings modifiable via the CLI only. +- [security] Made certain settings modifiable via the CLI only. [iglocska] - some settings are too risky to be exposed, even to site admins, so made them CLI accessible only @@ -17771,7 +18310,7 @@ New rotating config.php handler. [iglocska] Changes -------- +~~~~~~~ - [docs] Added excludeLocalTags to events/restSearch. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [version] bumped. [iglocska] @@ -17789,6 +18328,7 @@ Changes - [travis] Fix perms (?) [Raphaël Vinot] - [travis] Try to fix upload_sample. [Raphaël Vinot] - [PyMISP] Bump version. [Raphaël Vinot] +- [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [travis] more gpg experiments. [Alexandre Dulaunoy] - [travis] It's not my week with GnuPG and OpenPGP. [Alexandre Dulaunoy] @@ -17808,15 +18348,15 @@ Changes - [installer] Added fork checker. [Steve Clement] - [installer] One step closer to "sane" aka. generic os-detection. [Steve Clement] -- [doc] Leveled RHEL7/RHEL8 Install procedure (:construction:) (#4824) [Steve +- [doc] Leveled RHEL7/RHEL8 Install procedure (WiP) (#4824) [Steve Clement] - chg: [doc] Leveled RHEL7/RHEL8 Install procedure (:construction:) + chg: [doc] Leveled RHEL7/RHEL8 Install procedure (WiP) - [installer] Updated Installer. [Steve Clement] - [doc] Updated Debian Install. [Steve Clement] - [doc] More CentOS/RHEL updates towards some sort of installer. [Steve Clement] -- [doc] Leveled RHEL7/RHEL8 Install procedure (:construction:) [Steve Clement] +- [doc] Leveled RHEL7/RHEL8 Install procedure (WiP) [Steve Clement] - [i18n] Updated Russian Translation to >30% (#4821) [Steve Clement] chg: [i18n] Updated Russian Translation to >30% @@ -17874,9 +18414,9 @@ Changes - [relatedEvent:view] Display the number of unique correlation. [mokaddem] - [view:relatedEvents] Improved UI. [mokaddem] -- [relatedEvent:view] Started integration into event:view - :construction:. +- [relatedEvent:view] Started integration into event:view - WiP. [mokaddem] -- [previewEvent] Improved UI of related events - :construction:. [mokaddem] +- [previewEvent] Improved UI of related events - WiP. [mokaddem] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [stix2] Bumped latest version. [chrisr3d] @@ -17922,7 +18462,7 @@ Changes reuse. [iglocska] Fix ---- +~~~ - [stix2 export] Fixed user account pattern creation. [chrisr3d] - [stix2 export] Fixed user account observable extension. [chrisr3d] - [galaxies] several minor issues fixed in the UI. [iglocska] @@ -18187,7 +18727,7 @@ Fix - [shell] ask_o () needed some quotes, regenerated installer. [Steve Clement] - [stix import] Better handling of missing python libraries. [chrisr3d] -- :lock: Fixed an RCE vulnerability with user controled entries +- [security] Fixed an RCE vulnerability with user controled entries being fed to file_exists. [iglocska] - phar protocol paths for php file instructions can lead to RCE via meta-data deserialization @@ -18197,9 +18737,10 @@ Fix - [ajaxTypes] copy pasta fixed. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4841 from SteveClement/guides. [Steve Clement] chg: [doc] Minor update, added known-issues section @@ -18234,6 +18775,7 @@ Other chg: [installer] One step closer to "sane" aka. generic os-detection - Merge branch '2.4' into tools. [Steve Clement] +- Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' into guides. [Steve Clement] - Merge pull request #4822 from Kortho/patch-1. [Andras Iklody] @@ -18242,6 +18784,7 @@ Other changed so the script uses the correct var - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'module_rework2' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] @@ -18324,7 +18867,7 @@ Other rework_modules. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Handling the potential uuids differences. [chrisr3d] +- Wip: [enrichment] Handling the potential uuids differences. [chrisr3d] - We want to be sure the references we add to an event are pointing to the right target, so @@ -18340,17 +18883,17 @@ Other - More care to the references themselves to come - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Avoiding duplicate object attributes. [chrisr3d] +- Wip: [enrichment] Avoiding duplicate object attributes. [chrisr3d] - It concerns obviously the case where we query a module using an attribute within an object as input - More to come about the ObjectReference field that should not be overwritten/duplicated either -- :construction: [enrichment] Passing initial object references as well. +- Wip: [enrichment] Passing initial object references as well. [chrisr3d] - Also testing if the initial object found is not empty -- :construction: [enrichment] Passing the initial object within the request data. +- Wip: [enrichment] Passing the initial object within the request data. [chrisr3d] - Makes its parsing easier afterwards @@ -18358,13 +18901,13 @@ Other new modules results. [chrisr3d] - Also quick indentation fix -- :construction: [hover enrichment] Passing new modules results to the hover +- Wip: [hover enrichment] Passing new modules results to the hover enrichment view. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Support of object references. [chrisr3d] +- Wip: [enrichment] Support of object references. [chrisr3d] - Handling the references between objects and attributes or objects that are displayed in the @@ -18377,18 +18920,18 @@ Other object or attribute is found. - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Returning a status message after the module results +- Wip: [enrichment] Returning a status message after the module results handling is done. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Saving attributes & objects from module results. +- Wip: [enrichment] Saving attributes & objects from module results. [chrisr3d] - Need to handle specific cases, relationships, and to update the progress status information - Add: [enrichment] Added possibility to get object template version & uuid. [chrisr3d] -- :construction: [enrichment] Capturing objects & attributes. [chrisr3d] +- Wip: [enrichment] Capturing objects & attributes. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into @@ -18404,6 +18947,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix2 export] Added network connection to the mapped objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -18428,10 +18972,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4769 from cvandeplas/2.4. [Andras Iklody] fix: [js] fixes #4678 and javascript errors - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4674 from juju4/devel-globalstrict. [Andras Iklody] @@ -18448,16 +18994,18 @@ Other (minor) aligns the text with app/Controller/Component/BlackListComponent.php - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into tools. [Steve Clement] +- Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.109 (2019-06-13) --------------------- New ---- +~~~ - [eventblacklist] Added search filters. [iglocska] - We really need a DISP - development information sharing platform @@ -18465,7 +19013,7 @@ New [mokaddem] - [statistics:galaxyMatrix] Added filtering capabilities. [mokaddem] - [object:fromAttribute] Started dev on merging selected attributes into - an object - :construction:. [mokaddem] + an object - WiP. [mokaddem] - [API] added new restSearch filter - date. [iglocska] - deprecated to and from @@ -18485,7 +19033,7 @@ New alerts, fixes #4714. [iglocska] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated Installer and chksums to latest (#4740) [Steve @@ -18539,18 +19087,18 @@ Changes - [object:fromAttributes] Created Object from Attribute now works. [mokaddem] - [object:fromAttributes] Shows selected types and started implementaion - of the actual object creation - :construction:. [mokaddem] -- [object:fromAttributes] Added support of form submission - :construction:. + of the actual object creation - WiP. [mokaddem] +- [object:fromAttributes] Added support of form submission - WiP. [mokaddem] -- [object:fromAttributes] Better Attribute filtering - :construction:. [mokaddem] -- [object:fromAttributes] Greatly improved UI - :construction:. [mokaddem] +- [object:fromAttributes] Better Attribute filtering - WiP. [mokaddem] +- [object:fromAttributes] Greatly improved UI - WiP. [mokaddem] - [object:fromAttribute] Continue of web and controller implementation - - :construction:. [mokaddem] + WiP. [mokaddem] - Bumped queryversion. [mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [installer] added missing python zmq lib. [Christophe Vandeplas] - [installer] Commit: https://github.com/MISP/MISP/commit/1716ca7da9d671 a5e103069d4b74c867a17b1020 regressed the installer to an earlier @@ -18578,7 +19126,7 @@ Fix - [object:fromAttributes] Correctly skip non valid attributes. [mokaddem] - [galaxy:add] Fix #4733 (adding galaxies on attribute) [mokaddem] -- :lock: Org admins could reset credentials for site admins. +- [security] Org admins could reset credentials for site admins. [iglocska] - org admins have the inherent ability to reset passwords for all of their org's users @@ -18601,7 +19149,7 @@ Fix from a new instance via an outdated one. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' into guides. [Steve Clement] - Merge pull request #4734 from cvandeplas/2.4. [Steve Clement] @@ -18646,11 +19194,12 @@ Other - Add: [stix import] Supporting additional marking & namespace. [chrisr3d] + v2.4.108 (2019-06-04) --------------------- New ---- +~~~ - [Sync] Add a tool to create MISP sync configuration JSONs and to ingest them, fixes #4696. [iglocska] @@ -18671,15 +19220,17 @@ New unexpected error. [iglocska] Changes -------- +~~~~~~~ - [doc] CentOS 7 updates (#4718) [Steve Clement] chg: [doc] CentOS 7 updates - [doc] CentOS 7 updates chg: [doc] Cake command failing. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [installer] Updated the installer to the latest version. [Steve Clement] @@ -18702,6 +19253,7 @@ Changes - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - Bumped queryversion. [mokaddem] +- Bumped queryversion. [mokaddem] - [font-awesome] Bumped version to 5.8.2 and updated glyphs. [mokaddem] - [doc] adde --no-cache to wget to make sure we always have the la… (#4648) [Steve Clement] @@ -18746,7 +19298,7 @@ Changes Dulaunoy] Fix ---- +~~~ - [UI] Event lock concatinating quoted empty strings. [iglocska] - [UI] Double sanitisation of org view fixed, fixes #4704. [iglocska] - [sync] Further fixes to the deleted flag changes breakig things. @@ -18827,7 +19379,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge pull request #4671 from Kortho/patch-1. [Steve Clement] fixed sql-statement for creating user RHEL @@ -18855,6 +19407,8 @@ Other Remove the import - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4683 from MISP/chrisr3d_patch. [Christian Studer] fix: [freetext import] Fixed shadow attribute import @@ -18895,6 +19449,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #4629 from RichieB2B/ncsc-nl/wipe-exports. [Andras Iklody] @@ -18904,11 +19459,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.107 (2019-05-13) --------------------- New ---- +~~~ - [installer] Added rhash and an sfv file for the installer chg: [installer] Updated installer to latest. [Steve Clement] - [ATT&CK] Added new export system for restsearch for ATT&CK. [iglocska] @@ -18925,11 +19481,11 @@ New - [update] Injected update-related files/changes from zoidberg. [mokaddem] - [yara] Added diagnostics. [iglocska] -- [object:add] UI to propose to merge into similar objects - :construction:. +- [object:add] UI to propose to merge into similar objects - WiP. [mokaddem] Changes -------- +~~~~~~~ - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] fix: MITRE ATT&CK kill-chain missing @@ -19084,18 +19640,18 @@ Changes [mokaddem] - [object] Refacto renamed variables and added comments. [mokaddem] - [object:edit] Added possibility to inject invalid type + UI - improvements - :construction:. [mokaddem] + improvements - WiP. [mokaddem] - [object:revise] Little perf improvement. [mokaddem] - [object:edit] Clean up. [mokaddem] - [object:edit] Avoid duplicating same multiple entries and usage of threshold instead of harcdoded value. [mokaddem] - [object:edit] Added similarity amount between objects. [mokaddem] -- [object:edit] Improved UI and diff recognition - :construction:. [mokaddem] +- [object:edit] Improved UI and diff recognition - WiP. [mokaddem] - [object:edit] Continuation integration with template update and object - merge - :construction:. [mokaddem] + merge - WiP. [mokaddem] - [object:edit] Started integration to allow updating object templates - - :construction:. [mokaddem] -- [object:add] Improved UI for similar objects - :construction:. [mokaddem] + WiP. [mokaddem] +- [object:add] Improved UI for similar objects - WiP. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [doc/misp-modules generic] update the dependency list. [Alexandre Dulaunoy] @@ -19111,7 +19667,7 @@ Changes - [doc] Updates to Debian install document. [Steve Clement] Fix ---- +~~~ - [genericPicker] allow tagging when the ATT&CK Matrix has been opened. [mokaddem] - [object:revise] Removed useless ACL conditions; was failing for users @@ -19173,19 +19729,19 @@ Fix - [UI] Notice errors fixed in the discussion threads. [iglocska] - [bug] Fixed a bug in the update process that caused updates to fail due to an invalid value assigned as default for org_id. [iglocska] -- :lock: Fix persistent xss due to invalid sanitisation of image +- [security] Fix persistent xss due to invalid sanitisation of image names in titles. [iglocska] - triggered by expanding a screenshot - as reported by João Lucas Melo Brasio from Elytron Security S.A. (https://elytronsecurity.com) -- :lock: Fix persistent xss via link type attributes containing +- [security] Fix persistent xss via link type attributes containing javascript:// links. [iglocska] - low impact as it requires user interaction to trigger - as reported by João Lucas Melo Brasio from Elytron Security S.A. (https://elytronsecurity.com) -- :lock: Fix persistent xss via discussion links via javascript:// +- [security] Fix persistent xss via discussion links via javascript:// links. [iglocska] - low impact as it requires user interaction to trigger @@ -19239,7 +19795,7 @@ Fix - [updateSubmodule] Simplified calculation of time difference. [mokaddem] - [object:edit] Removed faulty line. [mokaddem] -- [object:revise] Reverted correct `endif` position - :construction:. [mokaddem] +- [object:revise] Reverted correct `endif` position - WiP. [mokaddem] - [diagnostic:submodules] [Sami Mokaddem] Time difference is correctly calculated. Should solve #4538 @@ -19262,16 +19818,19 @@ Fix ██░░░██──────██░░░██─────██░░░░██ ██░░░░████████░░░░░███████░░░░░██ █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ + █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ + █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ █░░░░░███████████████░░░░░░░░░░░█ █░░░████░░░░░░░░░░░░░░░░░░░░░░░░█ █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ + █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ ██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░██ ░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░█░ ░░███░░░░░░░░░░░░░░░░░░░░░░░░░██░ ░░░░██░░░░░░░░░░░░░░░░░░░░░░░██░░ Other ------ +~~~~~ - Merge pull request #4622 from SteveClement/guides. [Steve Clement] fix: [sql] SQL Syntax error fix @@ -19338,6 +19897,7 @@ Other * TCP-only forces the client over to use TCP. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' into tools. [Steve Clement] @@ -19354,12 +19914,14 @@ Other - Merge branch '2.4' into fix-i18n. [Steve Clement] - Merge branch 'guides' into tools. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'yara2' into 2.4. [iglocska] - Cleaning up imports. [edhoedt] - Yara export. [edhoedt] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4545 from MISP/mergeSimilarObject. [Alexandre Dulaunoy] @@ -19367,12 +19929,14 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into mergeSimilarObject. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] + v2.4.106 (2019-04-25) --------------------- New ---- +~~~ - [tools] Added local forward in case we run under a VM. [Steve Clement] - [tools] Added (official) checksums for the Installer. [Steve Clement] - [row_attribute] Added `title` containing the `event.info` data for the @@ -19394,10 +19958,10 @@ New - [CLI] reset / set a user's API key via the CLI. [iglocska] - [CLI] Change password with the --override_password_change (or -o) flag to avoid forcing a password reset. [iglocska] -- [diagnostic:submodule] Added output message after update - :construction:. +- [diagnostic:submodule] Added output message after update - WiP. [mokaddem] - [CLI] Set default role via the CLI. [iglocska] -- :construction: LinOTP authentication. [Andreas Rammhold] +- WIP LinOTP authentication. [Andreas Rammhold] - [UI] refactor of the asset loading. [iglocska] - [tags] refactor of the tag picker. [iglocska] @@ -19415,7 +19979,7 @@ New - [eventFiltering] Added support of sighting filtering. [mokaddem] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [doc] Updated RHEL8(BETA) doc, core works, misp-modules do not, LIEF does not. (#4529) [Steve Clement] @@ -19474,6 +20038,7 @@ Changes - [tools] Updated installer. [Steve Clement] - [tools] 19.04 test. [Steve Clement] - [tools] Updated installer. [Steve Clement] +- [tools] Updated installer. [Steve Clement] - [tools] If staff does not exist do not run commands with that group. [Steve Clement] - [tools] Updated installer after doc update. [Steve Clement] @@ -19525,7 +20090,7 @@ Changes outputs. [mokaddem] - [diagnostic:submodules] Added support and feedbacks if workers not available. [mokaddem] -- [diagnostic:submodule] continued sync DB after pull done - :construction:. +- [diagnostic:submodule] continued sync DB after pull done - WiP. [mokaddem] - [diagnostic:submodule] Started integration of update DB after pull with workers. [mokaddem] @@ -19557,7 +20122,7 @@ Changes - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [restClient:querybuilder] bit of cleanup. [mokaddem] - [restClient:querybuilder] Prefil the QB when picking a saved query - - :construction:. [mokaddem] + WiP. [mokaddem] - [INSTALL] Do not touch the auto-generated installation file anymore. [mokaddem] - [viewPicture] Echo base64decoded data with GIF image type as php-gd @@ -19581,7 +20146,7 @@ Changes - [i18n] Fix filename typo. [Steve Clement] Fix ---- +~~~ - [doc] Fixed symlink for kali. [Steve Clement] - [object:edit] attachment field when empty. [mokaddem] - [Sightings] ACL fixed. [iglocska] @@ -19711,7 +20276,7 @@ Fix - [enrichment view] Fixed typo. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -19723,6 +20288,7 @@ Other There was still a problem for matching the search on a cluster name. I have also slightly simplified the construction of the SQL request for better code readability. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4492 from mokaddem/eventViewPerfImprov. [Andras Iklody] @@ -19836,6 +20402,7 @@ Other feature/attribute_references. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4435 from MISP/submoduleUpdatev4. [Steve Clement] Diagnostic - Submodule update v4 @@ -19868,6 +20435,8 @@ Other Small typo - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4430 from SteveClement/guides. [Steve Clement] @@ -19881,7 +20450,7 @@ Other - Add Pipfile and Pipfile.lock. [Georges Toth] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment] Removed debug calls. [chrisr3d] +- Wip: [enrichment] Removed debug calls. [chrisr3d] - Before having new modules fully operational, let us at least not keep only 2 debugs within an @@ -19898,7 +20467,7 @@ Other - Be consistent in quoting table names. [Richard van den Berg] - Merge pull request #4421 from andir/2.4-linotp. [Andras Iklody] - new: :construction: LinOTP authentication + new: WIP LinOTP authentication - Merge pull request #4420 from RichieB2B/ncsc-nl/misp-wipe-update. [Andras Iklody] @@ -19908,6 +20477,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'feature/assetloader' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -19931,9 +20501,9 @@ Other - Update WarninglistsController.php. [Steve Clement] typo -- :construction: [enrichment] Added javascript function to fetch all elements from +- Wip: [enrichment] Added javascript function to fetch all elements from the view. [chrisr3d] -- :construction: [enrichment view] Displaying multiple additional fields. +- Wip: [enrichment view] Displaying multiple additional fields. [chrisr3d] - Object ID of the object containing the attribute @@ -19948,6 +20518,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4390 from couchuser12345/couchuser12345-patch-1. [Steve Clement] @@ -19971,14 +20542,15 @@ Other - We can now disable correlation on attributes from the resolved attributes view -- :construction: [enrichment view] Reordered different elements and classes. +- Wip: [enrichment view] Reordered different elements and classes. [chrisr3d] - Making the next step iterations easier - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- :construction: [enrichment view] Displaying Object References information. +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Wip: [enrichment view] Displaying Object References information. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into i18n. [Steve Clement] @@ -20003,12 +20575,14 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into sightingFiltering. [mokaddem] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] + v2.4.105 (2019-03-28) --------------------- New ---- +~~~ - [diagnostic] Fetch submodules git status. [mokaddem] - [export] Replaced the old non-cached export page. [iglocska] @@ -20024,11 +20598,11 @@ New - [UI] Move to FA 5. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [diagnostic] Added reload button for submodules git status. [mokaddem] - [diagnostic] Changed submodule header table text. [mokaddem] -- [submodules] added skeleton for submodules git status - :construction:. +- [submodules] added skeleton for submodules git status - WiP. [mokaddem] - Additional Russian translation. [4ekin] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] @@ -20043,8 +20617,8 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- -- :lock: Fix to a reflected XSS in the default layout template. +~~~ +- [security] Fix to a reflected XSS in the default layout template. [iglocska] - as reported by Tuscany Internet eXchange | Misp Team | TIX CyberSecurity @@ -20104,7 +20678,7 @@ Fix set, fixes #4355. [iglocska] Other ------ +~~~~~ - Merge pull request #4337 from mokaddem/submoduleDiagnostic. [Steve Clement] @@ -20133,29 +20707,31 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- :construction: [enrichment view] Displaying sharing group distribution if +- Wip: [enrichment view] Displaying sharing group distribution if needed. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment view] Test returning data from the new form. +- Wip: [enrichment view] Test returning data from the new form. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment view] Made IDS, comment and distribution changeable. +- Wip: [enrichment view] Made IDS, comment and distribution changeable. [chrisr3d] - Applied on each attribute and object attribute returned as part of the module results - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #4351 from 4ekin/fix-i18n. [Andras Iklody] Fix i18n in Controllers and Views + v2.4.104 (2019-03-21) --------------------- New ---- +~~~ - [cluster] Display heatmap on the Att&ck Matrix for all tagged data. fix #4344. [mokaddem] - [tagging] Stop pre-populating forms for tagging / attaching of @@ -20183,12 +20759,12 @@ New - [Feeds] New overlap tool finished. [iglocska] - compare a feed against a combination of feeds/servers to find if you can cover the contents with a combination of other cached feeds -- [Feeds] Implementation of the feed coverage tool (:construction:) [iglocska] +- [Feeds] Implementation of the feed coverage tool (WIP) [iglocska] - [API] Add pagination related parameters to event index, fixes #4270. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] @@ -20198,9 +20774,9 @@ Changes - [distributionNetwork] Prevent interactive picking in event index. [mokaddem] - [distributionNetwork] Improved consistency in event index and improved - UX - :construction:. [mokaddem] + UX - WiP. [mokaddem] - [distributionNetwork] Added missing JS. [mokaddem] -- [distributionNetwork] Integration with event index - :construction:. [mokaddem] +- [distributionNetwork] Integration with event index - WiP. [mokaddem] - [distributionGraph] Added bar chart and deferred distribution data fetching process. [mokaddem] - [distributionGraphNetwork] Improved sharing accuracy. [mokaddem] @@ -20215,9 +20791,9 @@ Changes [mokaddem] - [distributionGraph] Added interactive plotting feature. [mokaddem] - [distributionGraph] Pin node after drag. [mokaddem] -- [distributionGraph] Added support of sharing group - :construction:. [mokaddem] +- [distributionGraph] Added support of sharing group - WiP. [mokaddem] - [distributionGraph] Continuation of integration, basic distribution is - supported - :construction:. [mokaddem] + supported - WiP. [mokaddem] - [distributionGraph] Started advanced distribution view. [mokaddem] - [distributionGraph] Replaced all tabs by spaces. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] @@ -20226,6 +20802,7 @@ Changes - splitting of some nastier unreadable functions - added interactive mode - [REST] Disable all SSL validation if requested by the user. [iglocska] +- [REST] Disable all SSL validation if requested by the user. [iglocska] - [Training script] Improvements. [iglocska] - Create reverse sync accounts/link on demand @@ -20248,15 +20825,15 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version (LS19 exercise) [Alexandre Dulaunoy] -- [tools] misp-restore updates. Still :construction:. Not working ATM. [Steve +- [tools] misp-restore updates. Still WIP. Not working ATM. [Steve Clement] - [tools] Various changes to the misp-backup script to make it more - stable. Still :construction:. [Steve Clement] + stable. Still WIP. [Steve Clement] - [workers] Worker start script has initial support to only restart the workers that are not running. [Steve Clement] Fix ---- +~~~ - [tools] Fixed empty variable check function. [Steve Clement] - [stix2 export] Fixed comma typo. [chrisr3d] - [stix2 export] Support of previous versions of python that are more @@ -20337,7 +20914,7 @@ Fix - bro still hasn't been migrated to restsearch - the exception for this in the caching algorithm called the wrong function -- [tools] misp-restore works a little better... still :construction:. [Steve +- [tools] misp-restore works a little better... still WiP. [Steve Clement] - [i18n] Stray file removed. [Steve Clement] - [UI] Missing org logos added to statistics -> organisations page, @@ -20346,7 +20923,7 @@ Fix - Events index filter button i18n bug. [4ekin] Other ------ +~~~~~ - Merge pull request #4349 from SteveClement/tools. [Steve Clement] fix: [tools] Fixed empty variable check function @@ -20358,7 +20935,7 @@ Other new: [cluster] Display heatmap on the Att&ck Matrix for all tagged data. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment view] First version of the view for objects & +- Wip: [enrichment view] First version of the view for objects & attributes returned from misp modules. [chrisr3d] - Visualization atm @@ -20395,7 +20972,7 @@ Other - Replacing freetext results when no simplified format is returned as module result - Actual results view coming soon -- :construction: [enrichment] Handling module results and passing it to the view. +- Wip: [enrichment] Handling module results and passing it to the view. [chrisr3d] - Work in progress on the view right now @@ -20422,7 +20999,7 @@ Other - Merge remote-tracking branch 'origin/2.4' into extendedDistributionGraph. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- :construction: [enrichment] Capturing attributes & objects returned by modules. +- Wip: [enrichment] Capturing attributes & objects returned by modules. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -20445,19 +21022,19 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] -- :construction: [hover enrichment] Started changing hover enrichment as well. +- Wip: [hover enrichment] Started changing hover enrichment as well. [chrisr3d] - As for enrichment modules, it does not change the support of the current modules, and should not interfere with them either -- :construction: [enrichment] Started changing enrichment modules. [chrisr3d] +- Wip: [enrichment] Started changing enrichment modules. [chrisr3d] - Passing full attributes to the new modules - No changes for the currently used modules - Using a parameter to specify which format to use - Current format used if no parameter is set - :warning: :construction:, more to be updated soon :warning: + /!\ WIP, more to be updated soon /!\ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -20465,12 +21042,14 @@ Other Dulaunoy] - Merge pull request #4285 from SteveClement/tools. [Steve Clement] - chg: [tools] More work on misp-restore, still :construction: but a little more functional + chg: [tools] More work on misp-restore, still WiP but a little more functional - Merge branch '2.4' into tools. [Steve Clement] - Merge pull request #4276 from SteveClement/i18n. [Steve Clement] chg: [i18n] Various updates to translations, most notably French is at 100% again. - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -20499,11 +21078,12 @@ Other chg: [Tools] misp-backup/-restore improvements, quality of life improvements of worker start.sh + v2.4.103 (2019-03-04) --------------------- New ---- +~~~ - Added ldapEmailField example and exaplanation. [iwitz] - Add ldapEmailField config option. [iwitz] @@ -20534,7 +21114,7 @@ New - [UI] Added javascript to support the index filtering. [iglocska] - [UI] Tied the index filter system into all indeces. [iglocska] - - :construction:: Event view + - WIP: Event view - [UI] Added new system to template index filters. [iglocska] - [setting] Use the new setting to set the urls to the current instance on sharing groups when pushing the info via the API. [iglocska] @@ -20547,7 +21127,7 @@ New - [eventFiltering] Added support of toIDS. [mokaddem] - [eventFiltering] Added support of server and feed hits filtering. [mokaddem] -- [eventView] Attribute filtering tool - :construction:. [mokaddem] +- [eventView] Attribute filtering tool - WIP. [mokaddem] - Add pre-pagination result count to headers. [Hannah Ward] Fixes #4161 @@ -20587,7 +21167,7 @@ New - [tools] Experimental tool to upgrade MISP via GitHub. [Steve Clement] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Remove debug. [mokaddem] - Reduce complexity of authenticate function. [iwitz] @@ -20676,7 +21256,7 @@ Changes - [eventFiltering] IU/UX Improvements. [mokaddem] - [tags] Improved perfs on tag retrieval (all tags belonging to an event) [mokaddem] -- [eventFiltering] Started integration of tag filtering - :construction:. +- [eventFiltering] Started integration of tag filtering - WiP. [mokaddem] - [eventFiltering] Prevent multiple `searchFor` entries. [mokaddem] - [eventfiltering] Added more sanitization. [mokaddem] @@ -20686,18 +21266,18 @@ Changes - [eventFiltering] Simplified filtering conditions and fixed `deletion` proposal layout. [mokaddem] - [eventFiltering] First version on the event filter tool. [mokaddem] -- [eventFiltering] :construction: - UI displays all elements. [mokaddem] -- [eventFiltering] :construction: - Simplified filtering conditions. [mokaddem] -- [eventFiltering] :construction: - fixed filtering bugs and improved warning +- [eventFiltering] WIP - UI displays all elements. [mokaddem] +- [eventFiltering] WIP - Simplified filtering conditions. [mokaddem] +- [eventFiltering] WIP - fixed filtering bugs and improved warning filtering. [mokaddem] -- [eventFiltering] :construction: -Improved filtering and UI. [mokaddem] -- [eventFiltering] :construction: - Integrating new filtering behavior into Model. +- [eventFiltering] WIP -Improved filtering and UI. [mokaddem] +- [eventFiltering] WIP - Integrating new filtering behavior into Model. [mokaddem] - [eventFiltering] Bumped flag skip_empty. [mokaddem] - [eventFiltering] Moved searchFor to the top. [mokaddem] -- [eventFiltering] Improved UI - :construction:. [mokaddem] +- [eventFiltering] Improved UI - WIP. [mokaddem] - [eventFiltering] Improved UI and added filter link. [mokaddem] -- [eventFiltering] Improved filtering tool - :construction:. [mokaddem] +- [eventFiltering] Improved filtering tool - WIP. [mokaddem] - [eventFiltering] renamed file. [mokaddem] - [eventView] moved attribute filtering tool in its own file. [mokaddem] - Simplified condition 2. [mokaddem] @@ -20718,9 +21298,11 @@ Changes - [galaxies] Updated view to support `kill_chain_order` [mokaddem] - [attackMatrix] Improved layout + fixed bug (carret on scale do not go out of bound anymore) [mokaddem] -- [attackMatrix] UI: improved color scale - :construction:. [mokaddem] +- [attackMatrix] UI: improved color scale - WiP. [mokaddem] - [attackMatrix] Updated the matrix to match the changes in the mitre - galaxies and improved layout - :construction:. [mokaddem] + galaxies and improved layout - WiP. [mokaddem] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Security warning at step 5. [iwitz] @@ -20812,7 +21394,7 @@ Changes - [tools] Made it a little more universal. [Steve Clement] Fix ---- +~~~ - [API] hacky fix to capitalisation issues between the old /events/index camelcased parameters and the newer lowercased one, fixes #3855. [iglocska] @@ -20997,6 +21579,7 @@ Fix - [UI] UI experts at work. [iglocska] - [UI] small fix. [iglocska] - [ui] small fix. [iglocska] +- [ui] small fix. [iglocska] - Disable stix test with PyMISP on travis. [Raphaël Vinot] - [generic_picker] fix #4083. When picking, force exact match (instead of `contains`) [mokaddem] @@ -21007,7 +21590,7 @@ Fix - not enforced yet Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3827 from MISP/fix3819. [Steve Clement] @@ -21056,6 +21639,7 @@ Other chg: [tools] Various updates to CLI tools - Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -21064,6 +21648,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4203 from eCrimeLabs/2.4. [Andras Iklody] Update defaults.json (Phishtank - Exclude through regex) @@ -21179,6 +21764,7 @@ Other new: [installer] MISP has now an Install Script for Ubuntu 18.04 - 18.10 and Kali - Merge branch '2.4' into guides. [Steve Clement] +- Merge branch '2.4' into guides. [Steve Clement] - Merge pull request #4146 from hackunagi/2.4. [Alexandre Dulaunoy] Fix on folder with misp.local.key @@ -21206,8 +21792,10 @@ Other Error to create ssl keys, while following procedures. The steps to create openssl private keys on line 335 point to file in /etc/pki/tls/certs/misp.local.key, while later in line 338 it looks for file in /etc/pki/tls/certs/misp.local.key. + ### Steps to reproduce the behavior + ### Logs, screenshots, configuration dump, ... - Merge pull request #1 from MISP/2.4. [Carlos Borges] @@ -21240,6 +21828,8 @@ Other fix: Typo in tag ID query - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4128 from iwitz/add-systemd-unit-rhel7. [Steve Clement] @@ -21287,11 +21877,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.102 (2019-02-01) --------------------- New ---- +~~~ - [kali] Added debug function and breakpoints. [Steve Clement] - [doc] Initial MISP with Letsencrypt doc. [Steve Clement] - [installer] Initial bash installer functions. [Steve Clement] @@ -21313,7 +21904,7 @@ New - [Tag collections] Export/import tag collections added. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Added more comments and implemented base parameter logic. @@ -21387,9 +21978,9 @@ Changes - [generic_picker] added support of infoExtra for pills. [mokaddem] - [generic_picker] moved sanitization to views. [mokaddem] - [generic_picker] all view using the generic_picker now use the - generic_picker view elements - :construction:. [mokaddem] + generic_picker view elements - WIP. [mokaddem] - [generic_picker] use php generic_picker elements for constructing the - template server side. - :construction:. [mokaddem] + template server side. - WIP. [mokaddem] Previously, it was done client side - [doc] Fix kali script, php7.2 was used by apache. Add reference to @@ -21404,7 +21995,7 @@ Changes - [query] Query string bump. [iglocska] Fix ---- +~~~ - [restsearch] CSV special parameters added to the URL parameters. [iglocska] - [stix 1&2 export] Switched attachment parameter to make it work. @@ -21562,7 +22153,7 @@ Fix exported as labels Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4075 from obert01/cluster-detach-accessibility. [Andras Iklody] @@ -21570,6 +22161,8 @@ Other clusters. [Olivier BERT] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -21590,17 +22183,22 @@ Other This reverts commit 66037a36c55c66d4d2fe41f71619bc79e27dfdc5. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3995 from patriziotufarolo/2.4. [Andras Iklody] fix: check also event.org_id when validating event ownership in order to fetch attributes. Fixes #1918 - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #4053 from Rafiot/pipenv. [Raphaël Vinot] chg: Pump PyMISP, use pipenv in travis @@ -21642,25 +22240,27 @@ Other add php 7.3 to travis - Add php 7.3 to travis. [Andrey Bolonin] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.101 (2019-01-20) --------------------- New ---- +~~~ - [feeds] Opened up feed inspection to host org users and added servers to overlap matrix. [iglocska] - [remote caching] First release version of the remote caching. [iglocska] -- [server caching] Initial version :construction:. [iglocska] +- [server caching] Initial version WIP. [iglocska] - [UI] PopoverConfirm now support shortcut (/+ to submit and to Cancel) [mokaddem] - [attackMatrix] Added support of chosen in the ATT&CK Matrix. [mokaddem] - [addObject] adding objects is done via the generic_picker. [mokaddem] - [galaxy] Added bulk galaxy tagging. [mokaddem] -- [UI] generic_picker - :construction:. [mokaddem] +- [UI] generic_picker - WIP. [mokaddem] - [cache export] Added the includeEventUuid flag to the output. [iglocska] - [publishing] Unpublish function added. [iglocska] @@ -21684,13 +22284,13 @@ New - [tag collections] Added missing views. [iglocska] - [tag collections] Renamed tagCollectionElement to tagCollectionTag. [iglocska] -- [tag collections] :construction:. [iglocska] -- [:construction:] tag collections :construction:. [iglocska] +- [tag collections] WIP. [iglocska] +- [WIP] tag collections WIP. [iglocska] - [tag_collections] Added db upgrade. [iglocska] - [Tag collections] Added boilerplate models. [iglocska] Changes -------- +~~~~~~~ - [remote cache] Further progress on caching remote instances. [iglocska] - [tagging] Added more ordering while displaying results. [mokaddem] @@ -21705,35 +22305,35 @@ Changes So that the focus is not done when clicking on it - [attackMatrix] removed useless view. [mokaddem] -- [UI] :construction: - generic_picker improved title management of popover. +- [UI] WIP - generic_picker improved title management of popover. [mokaddem] -- [UI] :construction: - generic_picker remove popover on tag deletion. [mokaddem] -- [UI] :construction: - generic_picker popover is attached to body. [mokaddem] +- [UI] WIP - generic_picker remove popover on tag deletion. [mokaddem] +- [UI] WIP - generic_picker popover is attached to body. [mokaddem] Needed to add reference to the original node that toggle the popover -- [UI] :construction: - generic_picker slightly improved tag template. [mokaddem] -- [UI] :construction: - generic_picker replaced galaxy deletion alert by confirm +- [UI] WIP - generic_picker slightly improved tag template. [mokaddem] +- [UI] WIP - generic_picker replaced galaxy deletion alert by confirm popover. [mokaddem] -- [UI] :construction: - generic_picker deleting tags uses popover. [mokaddem] -- [UI] :construction: - generic_picker add warning message if number of option is +- [UI] WIP - generic_picker deleting tags uses popover. [mokaddem] +- [UI] WIP - generic_picker add warning message if number of option is to large. [mokaddem] -- [UI] :construction: - generic_picker filter galaxies by synonyms. [mokaddem] -- [UI] :construction: - generic_picker display expanded taxonomy info. [mokaddem] -- [UI] :construction: - generic_picker added tag styling and additional data in +- [UI] WIP - generic_picker filter galaxies by synonyms. [mokaddem] +- [UI] WIP - generic_picker display expanded taxonomy info. [mokaddem] +- [UI] WIP - generic_picker added tag styling and additional data in option. [mokaddem] -- [UI] :construction: - generic_picker automatically switch to submit pills if +- [UI] WIP - generic_picker automatically switch to submit pills if applicable. [mokaddem] -- [UI] :construction: - generic_picker added custom chosen event to support +- [UI] WIP - generic_picker added custom chosen event to support redrawing after searches. [mokaddem] -- [UI] :construction: - generic_picker prevnet drawing empty option. [mokaddem] -- [UI] :construction: - generic_picker improved template (show more fields) +- [UI] WIP - generic_picker prevnet drawing empty option. [mokaddem] +- [UI] WIP - generic_picker improved template (show more fields) [mokaddem] -- [UI] :construction: - generic_picker added templating system for select options. +- [UI] WIP - generic_picker added templating system for select options. [mokaddem] -- [tagging] :construction: - bulk galaxy tagging on attribute and event. [mokaddem] -- [tagging] :construction: - bulk tagging via generic picker on event and complete +- [tagging] WIP - bulk galaxy tagging on attribute and event. [mokaddem] +- [tagging] WIP - bulk tagging via generic picker on event and complete support for TagCollection. [mokaddem] -- [tagging] :construction: - bulk tagging via generic picker on tag level. +- [tagging] WIP - bulk tagging via generic picker on tag level. [mokaddem] - [taxonomy choice] replace old popup view by the generic pre-picker. [mokaddem] @@ -21793,7 +22393,7 @@ Changes - [generic index] Fixed scoping issue with rows. [iglocska] Fix ---- +~~~ - [caching] Some minor fixes. [iglocska] - [ACL] ACL updated. [iglocska] - [AttackMatrix] Stopped comparing string with integer. [mokaddem] @@ -21898,7 +22498,7 @@ Fix - [api] editing organisation attributes, other than name. [Jan Skalny] - [galaxies] Some minor fixes with the ajaxification. [iglocska] - [galaxies] added new view that wasn't finished for the previous commit - (stil :construction:) [iglocska] + (stil WIP) [iglocska] - [over-sanitisation] cleared up over-sanitised message in the events controller. [iglocska] - [ACL] Added missing function. [iglocska] @@ -21920,9 +22520,10 @@ Fix - [js] Various fixes with adding/removing tags. [iglocska] Other ------ +~~~~~ - Merge branch 'features/server_caching' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'UISelector' into 2.4. [mokaddem] - Merge branch '2.4' into UISelector. [mokaddem] @@ -21930,7 +22531,7 @@ Other tag collection. [mokaddem] - New/fix: [MassEdit] Allow addition/deletion of tags and clusters on selected attributes + Lots of usage bug fixes. [mokaddem] -- [UI] generic_picker merged the pre_picker into the picker - :construction:. +- [UI] generic_picker merged the pre_picker into the picker - WIP. [mokaddem] - Merge pull request #4028 from SteveClement/guides. [Steve Clement] @@ -21955,6 +22556,7 @@ Other STIX files at attribute level. [chrisr3d] - Add: Added stix2 scripts subdirectory to gitignore. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #3989 from cvandeplas/2.4. [Andras Iklody] @@ -21968,11 +22570,12 @@ Other fix: [api] editing organisation attributes, other than name - Merge branch '2.4' into tag_collections. [iglocska] + v2.4.100 (2018-12-31) --------------------- New ---- +~~~ - [restClient] Added support of URL param in the querybuilder widget. [mokaddem] - [restClient] Transform query to json, more descriptions and layout @@ -21991,10 +22594,12 @@ New longer using double-click. [Sami Mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [restClient] small css change. [Sami Mokaddem] - [restClient] Still show help for nested parameters instead of crashing. [Sami Mokaddem] @@ -22019,6 +22624,7 @@ Changes - [rest client] added some overwrite functions. [mokaddem] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [Objects] Sorts object references types in add reference form (#3969) @@ -22039,7 +22645,7 @@ Changes - [quickEditHover] change variable scope to local. [Sami Mokaddem] - [eventGraph] added fail save if requiredOneOff is not set. [Sami Mokaddem] -- [:construction:] added function meant to resolve id vs uuid issues for the UI +- [WIP] added function meant to resolve id vs uuid issues for the UI attribute search. [iglocska] - still needs some love @@ -22052,7 +22658,7 @@ Changes - Bump PyMISP. [Raphaël Vinot] Fix ---- +~~~ - [cleanup] Fixed a few issues. [iglocska] - unnecesary access to controller from component fixed (load component instead) @@ -22152,7 +22758,7 @@ Fix otherwise Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3974 from eCrimeLabs/2.4. [Alexandre Dulaunoy] @@ -22174,6 +22780,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3956 from dawid-czarnecki/fix/disable_correlation. [Andras Iklody] @@ -22225,11 +22832,12 @@ Other according to http://php.net/manual/de/exception.getmessage.php , the parenthesis are required - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.99 (2018-12-06) -------------------- New ---- +~~~ - [usability] Object templates view also accepts uuid as input vector. [iglocska] - [UI] Added warning for users not to edit events as site admins. @@ -22240,7 +22848,7 @@ New - [ReST] Added statistics. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] @@ -22251,9 +22859,10 @@ Changes config fix: [doc] Fixed symlink to Ubuntu webmin instructions. [Steve Clement] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] Fix ---- +~~~ - [stix import] Fixed missing event fields import. [chrisr3d] - Such as event info, event date and so on @@ -22302,7 +22911,7 @@ Fix - as notified by @a1ext Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #3912 from Sh3idan/fix-incoherence-types-and- @@ -22348,11 +22957,12 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.98 (2018-11-26) -------------------- New ---- +~~~ - [server settings] Added automatic backup system for the server settings. [iglocska] - [UI] Explain what caching vs fetching feeds means. [iglocska] @@ -22404,7 +23014,7 @@ New - [statistics] Added local org and user/org counts. [iglocska] Changes -------- +~~~~~~~ - [bro] Preparation for the move to restsearch. [iglocska] - also fixed some edge-case issues @@ -22416,6 +23026,7 @@ Changes - Bump PyMISP, because I like it... [Raphaël Vinot] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [doc] More hardening ressources. [Steve Clement] - [doc] Added hardening section. [Steve Clement] - [documentation] Documented the freetext import API on the automation @@ -22427,6 +23038,7 @@ Changes [Steve Clement] - Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [diag] Added warning message if getCurrentBranch() in Model/Server.php returns empty. [Steve Clement] - [contact email] Aligned button colours with the rest of the UI. @@ -22446,7 +23058,7 @@ Changes (Works on FreeBSD 12.0BETA4) [Steve Clement] - [documentation] Link to the rest client from the automation page. [iglocska] -- [seach] :construction:, more work on the attribute search's JS components. +- [seach] WIP, more work on the attribute search's JS components. [iglocska] - [search] Further progress on the attribute search UI. [iglocska] - [taxonomies] added the exercise taxonomy from CSIRT network @@ -22463,6 +23075,7 @@ Changes Dulaunoy] - [enrichment] Linebreak handling for enrichment hovers. [iglocska] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [doc] Fixed folder typo. [Steve Clement] - [doc] Added Tsurugi Linux to Index and changed some minor issue. [Steve Clement] @@ -22485,6 +23098,7 @@ Changes previously setup in the documentation) [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [doc] ${PATH_TO_MISP} everywhere. Added more granular php etc variable. [Steve Clement] - [doc] Added more notices on misp-dashboard on Ubuntu 16.04. [Steve @@ -22506,7 +23120,7 @@ Changes /restSearch) [Alexandre Dulaunoy] Fix ---- +~~~ - [ACL] ACL updated. [iglocska] - Fixed header description value fetching. [chrisr3d] - [sync] Fixed a blocking bug preventing a full push from working with @@ -22553,7 +23167,7 @@ Fix - [stix import] Fixed uuid fetching. [chrisr3d] - [missing files] added missing templates. [iglocska] - [attribute search] Fixed invalid JS calls introduced as part of the - rework (:construction:) [iglocska] + rework (WiP) [iglocska] - [api] Invalid handling of empty parameters in the built in parameter builder. [iglocska] - [tags] showAttributeTag function now correctly culls galaxy tags. @@ -22613,7 +23227,7 @@ Fix - Also improved the loop iterating through reports - [stix2 import] Try-catching Report objects creator reference. [chrisr3d] -- \#3774 [restResponse] added missing `includeEventTags` entry. +- #3774 [restResponse] added missing `includeEventTags` entry. [mokaddem] - [doc] Added note about WSGI issues on Ubuntu 16.04 chg: [doc] Changelog.md updated to latest. [Steve Clement] @@ -22639,7 +23253,7 @@ Fix that can include multiple MISP events Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'mactime_merge' into 2.4. [iglocska] @@ -22696,6 +23310,12 @@ Other fix: [tools] misp-restore.sh incorrectly validating 'BackupFile' from… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] - Merge branch 'contact' into 2.4. [iglocska] - Merge branch '2.4' into contact. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -22753,11 +23373,22 @@ Other new: [doc] Added Tsurugi Linux install script - Merge branch '2.4' into guides. [Steve Clement] +- Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #3821 from StefanKelm/2.4. [Andras Iklody] super tiny typos - Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] - Merge pull request #3828 from SteveClement/guides. [Steve Clement] chg: [doc] ${PATH_TO_MISP} everywhere. Added more granular php etc var @@ -22795,15 +23426,16 @@ Other - Mapping of markings - More to come with the same operation for individual objects + v2.4.97 (2018-10-29) -------------------- New ---- +~~~ - [sighting/api] xml output format + improved error feedback. [Sami Mokaddem] - [sighting/api] trying to follow the new API architecture. JSON export - is broken but CSV is working. :construction:... [Sami Mokaddem] + is broken but CSV is working. WIP... [Sami Mokaddem] - [Sightings/API] Added possiblity to get sightings based on a timerange/source/... [Sami Mokaddem] - [docs] Added new sub-sections in seperate files that are shared @@ -22853,8 +23485,116 @@ New - [related tags] View the related tags of attributes on the event view (via a toggle) [iglocska] + ,,.,,+zznzzzzzzzzzzzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMMMMMMMMxMxMMWMMMWMMz*ii****iiiiiiiii**iiii,.... + ,,.,,#zzzzzzzzzzzzzzzzzzzzzzzznxMMMMMWMMMMMMMMMMMMMMMMMMxMxMMMWWWWWWWWx+*iii*iiiiiiiii*iiiii,,,.. + ,,,,,#zzzzzzzzzzzzzzzzzzzzzzznMWWMMMMMMMMMMMMMMMMMMMMMMMWWMxnnzxxMWWWWMn*iiiiiiiiiiiiiiiiiii..,.. + ,,,,,#znzzzzzzzzzzzzzzzzzzzznMMMMMMWWWWMMMMMMMMMMMMMMMMWWWMMMxnxxxxMMMMW#*iiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzzznMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMWxMMMMMMxxxxnxxz*iiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWMWWWWMWMMMxxxni*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzznMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWWMMWWMWMMWWWMMMni*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzzxWMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMMWMMMMMMWMWWMMMMMz*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznzzznMMMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMMMMMWWWWMMMMMMMMMWn*iiiiiiiiiiii*i,.,., + ,,.,,#zzzzzzzzzzzzzzznzzzxMMMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMMWWWWWWWWWWWMMMMMWWM+*iiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzzznzznMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMWWWWWWWWWWWWWMMWWn*iiiiiiiiii*i,.,., + ,,.,,#zzzzzzzzzzznzzzznzxMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMMMWWWWMMWWWWWMMMM**iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzznMMMMMMMMMMMMMWMMMMMWMMMMMMMMMMMMMMWWWWWMMMMMMMMWWWWWMWM#iiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWWWWWWWWMMMMMMMWWWWMzi*iiiiiiii*i,.,., + ,,.,,#zzzzzzzzzzzzzzzzzMMMMMMMMMMMMMMMWMnzxMMMMMMMMMMMMMWWWWWWWWWWWWMMMMMMMWWWWni*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzWMMMMMMMMMMMMMMMnnzznxMWMMMMMMMMMMWWWWWWWWWWWWWWWWWMMWWMn**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzMMMMMMMMMMMWMMMMzz#+#znxMWMMMMMMMMMMMMMWWWWWWWWWWWWWMWWMn**iiiiiiii*i,.,,, + ,,.,,#zzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMxz#*i**+zznMMMMMMMMMMMMMMMWWWWWWWMWWWWWWWx**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzxMMMMMMMMMMWWMMn#*iii*i*+znxMWMMMMMMMMMMMMWWWWWMMMMMMMMMM+*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzznMWMMMMMMMMMMMMn#*iiii*i*i+#znMMWWMMMMMWMWMMWWWMMMMMMMMWWx+iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzMMMMMMMMMMMMMx#i*iii**iiii*#znxMWMMMMMMMMMMMWWMMMMWWWWWWniiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznzMMMMMMMMMMMMxn+ii**i**iiii*i*zznMMMMMMMMMMMMMMMMMxMWWWMMx*iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznnMMMMMMMMMMMMxz*ii*iiiiiiiii:;*+znMWMMMMMMMMMMMMMMMMMWWWMx**iiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzzzzzznMMMMMMMMMMMMMn+ii*iiiii**;;:.:i*zznxMMMMMMMMMMMMMMWWWWWWni*ii**iiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzxMMMMMMMMMMMMMn*ii*iii*i;:,.,..,.,;+znxxMMMMMMMMMMMMMMWWWziiii**iiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznxMMMMMMMMMMMMxzi*ii*ii*;,,,,,,,,,,,,:i*i#znnnxMWWMMMMMMMWn*iii*iiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznxMMMMMMMMMMMMz*i*i*i*;:,.,,,,,,,,,,,,.,,,;i*#zznxMMMMMMWWM+iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMWMMMMMMMMx#iii*i*i:.,.,,,.,.,,,,,,,,,,,,,,;i#znxMMMMMWM+iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMWMMMMMMMMx#iiiiii:.,,.,,.......,,,,..,,,,,,,,iznxMMMMWM*iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMMMMMMMMMMx#ii*ii:.,,,,,,..........,.....,,,,,,:*#MMMMWxi*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzMMMMMMMMMMMMn+i*i;:,.,,,......,.............,....,,;xMMMWniiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznzzMMMMMMMMMWMn+iiii;,,,,,,.,..........,....,.,...,,,,.zMMMMxiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznznMMMMMMMMMMnz*iiii:,,,,,,,,,,,,................,,,...zMMMMzi*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznznMMMMMMMMMxzz**ii;..,,,.,,,,,,.................,,,...nMMMM#**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznzzMMMMMMMWxzzz+iii:.,,,,.,,,,,....,............,,,,..,nMMWx*iiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznznMMMMMMMWnzzzn+i*,...,,..,,,.,..,.,...,........,,,.,;MWMM+iiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMMMMMWnzzzzzzii*++++z+;,,,.,,,,,,,,,...,.....,...;MWMxii**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMMMMMWnzzznzzzzznnnzzzn#i,,,.,...................,MWM#iii*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzxMMMMMMMMzz+#znzznznMWWMMWMx#i:,,,,,,,,,,,,,,.,,..,,:MMx*iiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzxMMMMMMMxzz**#znMMnnxxxxxMWWWMnz;,,,,,.,.,,,,,,,,,,,,MMziiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzMMMMxMMMnzz*ii#nWWWWMWWnMMMWWWWWn*,,;i;i;**+#zzz+i,,,Mx*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzMMMMMMMxzzzi*;,+xWWMnxMnx+xMWWMWWn,.,znMMMxxMMMMxni:*Mziiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzznxnxMMMMxznziii.,:+nxiinn*.iMMMWMM+,,.*WWWWWWM#:,:#z##M*iiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzznxzMWMMMxznziii,..,+#n:,:,,,izzMM#;,,,+WWWWWzxn+i,:zzzMi**iiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzznnzxMMMMxzz#ii;,,,,:**++i::,:::zx;,,,,#MM#zxxMznWx#+izxiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzxnzMWMMMnzzz*i:.,,,,,,,i;i;,,.,*n,,,,,+#+::#n*,#xni,,zniiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzxnzMMMMWnzzz**;..,,,.,..,;,,,,,;n,.,,:*;,:::,,,:*,.,,n#i*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzznxzMWMMMnzzz**i,..,,.,,,,,,,,,,+#,...,i,.,;**++*:.,,:x***iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzznnxWWMxnzzzz+*i,,,,,.,,,,,,,,,:z;,,..,:..,,,,::.,..,;xi*iiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzznxxxzzzzzz+ii,...,.,,,,,,.,,+zi.,,.,,.,,.,,..,,,,,++iiiiiiiiiiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzzzzzzzznMzzzznz#ii:.,.,..,,,,,,,izn:,..,.,,..,...,,.,,,#*iiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzznxzzzzzz#ii;.,.,..,,,,.,:zzz,,..,,,,.,...,,,,,,:+*iiiiiiiiiiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzzzzzznzxxzzzznzz*i;..,,,.,,,,..;zz*..,.,,,,........,.,**iiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzznzxMnzzznzz*ii,.,,,,,,,,,,ii:,,,,,,,,,,,,,,.,,.,;+*iiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzxMzzzzzzz**i,,.,..,,,,,;*:*,,,.,,...,,,,,,.,,,**iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzMMnnzzzzz*ii:.,,,,,,..,#nnn#+,,,,,..,,....,.,i+i*iiiiiiiiiiiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzznzznnzMMnxzzzzz**i;.,,,,.,,.,zxWWWxi,,,:*,,,..,.,,,#**iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznM+WMxxzzzzz***;..,,,,,,..;xWWWWn+**#;,,,,.,,,.i#*iiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzznW#zWMxnnzzzz*iii,.,,,,,,,,,+nWMWWWMx+,,,,,.,,,,++i*iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznMM,zWMMnnzzz#*ii*;.,,,,,,::iznxMMWWWWn#;,,.,,,,*#**iiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzMWz,zMMMxxznn#*ii*i::;i++#zznxWxxxWWWxxxzi,.,,,,#+iiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznMWW#,#MMMMMnznz*ii**izzzzzzxMMWWnxM@WMMMMzzi,.,,+*+iiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzznMWWW#,*xMMMMnznz*iiii+MnnnnnxMWWWxxMxMxMxxxnz*,,,*+*iiii**iiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzMWWWW#;;zMMMMMnnz#*i*#MWxxxxxMWMxMMxMxMWWWWxMzn;.i:#*iiii**iiiiiiiiiiiiiii*i,.,.. + ,,,,,#zzzzzznnzxWWWWW#:;+MMMMMxzzz#*zzxWMWMWxMWWMMWWMMWWWWMxxMn:,*:#iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzxWWWWWWz::inMMMMMxznzzzzznxMMMxxxMMxxxzxMWWWMMWWx:ii+*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ....,#zzzzzzznWWWWWWWz;,;+MMMMMMxzzzzzzzzznz#**i;::,,:;#nxxWMM+;*;+*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ...,,#zzzzzznMWWWWWWWni,,*nWMMMMMxnzzzzzzzz#i*i,,,,:,,,,:+#z##i#+#*iiiiiiiiiiiiiiiiiiiiiii*i,.,.. + ...,,#zzznnnxWWWWWWWWx*,.i+MMMMMMMMxxnzz#+****i,i**#z+;,:*iiii*zz+*iiiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,#nzzzxMMWWWWWWWWW*;.:*#WMMMMMMMMxz+**iiiii;*++####:;i****zz#*iiiiiiiiiiiiiiiiiiiiiiii*i,.,,. + ,,,,,#zznMWxWWWWWWWWWWz;,.;*nWMMMMMMMMnz#ii:.....,,,,,,,,ii*+zzz*ii**iiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,#nxWWMxWWWWWWWWWWW;:,,*+xMMMMMMMMMxnz*:.,,,,,..,,,,,,i#nnx+i*i*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,zWWWWMxWWWWWWWWWWW*;,.,*+MMMMMMWMMWMx#*:,,,,....,,,,:#nMM#+*ii*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,xWWWWxWWWWWWWWWWWWx::,,:;+MMMMMMWMWMMnz+:....,,.,,,,+MWMM*#z+*iiiiiiii**iiiiiiiiiiiii*i,.,.. + ,,,,,xWWWMxWWWWWWWWWWWWW+:,,,;:+MMMMMMMMMMMxnz*;,,:,,,i+#xM++W#+nz#iii*iiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,xWWWMMWWWWWWWWWWWWWx,,..,;,*xWMMMMMMMWMWxnn####+##nxx#,+Wx*nznz:i**iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,xWWWxMWWWWWWWWWWWWWWi.,,,,:,*#MMMMMMMMMMWMMxxxxxxxMnn,.zWM#;zzMn;*i*iiiiiiiiiiiiiiiii*i,.,.. + ,..,,xWWWxWWWWWWWWWWWWWWWx,,,,,,:,;+MMWMMMMWWWWWWWMMMMMxn:..nWWni+nzMn#niii**iiiiiiiiiiiii*i,.,.. + ,..,,xWWMxWWWWWWWWWWWWWWWWi,,,,.,:,,;xWMMMMMMMMMMMMMMxnni...xMWxz;znnMxxM#;i*i**iiiiiiiiii*i,.,.. + ,..,,xWWMMWWWWWWWWWWWWWWWWz.,,...::,,;zWMMMMMMMMMMMMnzzi,,,,MMMMx*innxMxxWx+iiii**iiiiiiii*i,.,.. + ,..,,xWWMMWWWWWWWWWWWWWWWWM:,,...,:,,,,+xWMMMMMMMMxnnzi,.,,,MMMMMzinxMxMxxMMM#;i**iiiiiiii*i,.,.. + ,..,,xWWxWWWWWWWWWWWWWWWWWW*.,.,.,,:,,.,i+xWWMMMMxnnni,,,,,.WMMMMMz#nMMxMMMMMWxi;i*iiii*ii*i,,,.. + ,..,,xWWxWWWWWWWWWWWWWWWWWWz.,,,,.,,:,,,,::#@WMMxnnn;..,,.,:WMWMMMMznxWxxWMMMMMM#;iiiiiiii*i,,,.. + ,..,.nWMMWWWWWWWWWWWWWWWWWWM,.,,,...,,..,.,.iMWMxnz:.,.,,.,;WMWMMMMnzxMMxMMMMMMWMxi;i*iii*ii..,.. + ,..,,nWWMMWWWWWWWWWWWWWWWWWWi,,,....,.,,.,,,,:nxxz:,.,,,...iWMWMMMWMznMMMxMMMMMMMMMzi;i**iii..,., + ,..,,xWWWMMWWWWWWWWWWWWWWWWW#:.....,....,.,,..:#+,..,,,....:WWMMMMMMxnnMMMxWMMMMMMMWM#;;*i*i,.,.. + ,..,,xWWWWWMMWWWWWWWWWWWWWWWxi:..,.......,,,,..;;,...,,...,,@WMMMMMMMxzxMMxxMMWMMMMMMWx+;iii,,,.. + ,..,,xWWWWWWMMMWWWWWWWWWWWWWM*i,,,,......,,,,,;MWx+,..,,,..,@WMMMMMMMMnzxxnMMMMMMMMMMMWWx+ii,,,,. + ,..,,xWWWWWWWMxWWWWWWWWWWWWWW+*;,,,,.....,,.,,xWWW@n:.,,,,.,WWMMMMMMMMMnnnMMMMMMMMMMMMWMWMxz,,,.. + ,..,,xWWWWWWWWMxWWWWWWWWWWWWWzi*;,,,,.....,,,nWMMMWWM:.,,,..MWMMMWMMMMMMnMMMMMMMMMMMMMMMMMMx,.,., + ,..,,xWWWWWWWWMxWWWWWWWWWWWWWMiii;,,.,,...,.zWWWWWWWWn,.....zWMMMMMMMMMMMxMMMMMMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWMWWWWWWWWWWWWWWWiii*;,,,,,,.,z@WWWWWWWWW*,..,,zWMMMMMMMMMMMMnMMMMMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWMWWWWWWWWWWWWWWW@+,;ii:,,.,,,zWWWWWWWWWWWM:.,,,#WMMMMMMMMMMMMxnMMWMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWz,.;i*:...,ixWWWWWWWWWMMW+,,,.+WMMMMMMMMMMMMMxxMWWMMMMMMMMMMMx,,,.. + ,..,.xWWWWWWWWWWWWWWWWWWWWWWWWM,,,iii,,,;i+WWWWWWWWW#+xx;,,.+WWMMMMMMMMMMMWMxxMMMMMMMMMMMMMx,,,,, + ,..,.xWWWMWWWWWWWWWWWWWWWWWWWWW;.,:iii,:ii*xWWWWWWWW+i*Mz,.,*WWMMMMMMMMMMMMWMxnMMMMMMMMMMMMx,,,.. + ,..,.xWWWMWWWWWWWWWWWWWWWWWWWWWz.,.;i*iiiiinWWWWWWWW*i*+z*.,iWWMMMMMMMMMMMMMMMxxMMMMMMMMMMMx,,,.. + ,..,.xWWWMMWWWWWWWWWWWWWWWWWWWWx,,,.i***;:i#WWWWWWWMi*ii*zi,;WWMMMMMMMMMMMMMMMMxMMMMMMMMMMMx,,,,. + ,..,,xWWWWMMWWWWWWWWWWWWWWWWWWWW;,,.:*ii,,i+WWWWWWWM::iiiizi:WWMMMMMMMMMMMMMMMMMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWW+,,,.,i,,,;*WWWWWWWx:.:iii*z*MWMMMMMMMMMMMMMMMMMWMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWn,,,,...,,:*MWWWWWWn:..;ii**xWWMMMMMMMMMMMMMMMMWWMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWW:.,.,,,.,,iMWWWWWWz,.,,i*i*nWWMMMMMMMMMMMMMMMWWMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWW@*..,,,..,,ixWWWWWWz..,.,i*inWWMMMMMMMMMMMMMMMWWMMMMMMMMMMMx,,,,. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWWn,.,,,,,,,;n@WWWWWn..,,,:*izWWMMMMMMMMMMMMMMWWWWMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWWM:.,,,....:xWWWWWWM,,,,,.:izMWMMMMMMMMMMMMMMMWWMMMMMMMMMMMx,,,.. + ,..,,nMWWWWWWWWWWWWWWWWWWWWWMWWWWM#*********MWWWWWWW+*******nMWMMMMMMMMMMMMMMMMMMMMMMMMMMMMx,,,.. + ,..,,nMWWMMMMMMMMMMMMMMMMWWMMMMMWMMMWWMMMWWMMMMMMMMMMMMWWMWWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMx,,,.. + Changes -------- +~~~~~~~ - [sighting/api] improved comments. [Sami Mokaddem] - [RestResponse] bump. [Sami Mokaddem] - Typo. [Sami Mokaddem] @@ -22894,6 +23634,7 @@ Changes Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [docs] More general info about xINSTALL in index. Minor formatting touch-up in license. Added missing sections to mkdocs.yml and adapted it to reflect official MISP repo. [Steve Clement] @@ -22958,7 +23699,7 @@ Changes - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [API] minor fixes to the sightings api. [iglocska] - fixed duplicate sighting tags in XML output @@ -23005,7 +23746,7 @@ Fix - [stix2 import] Avoiding errors when the imported file name is not specified. [chrisr3d] - [routes] Added route for .csv parsing. [iglocska] -- \#3769 Att&ck matrix now render multiple kill_chain by column. [Sami +- #3769 Att&ck matrix now render multiple kill_chain by column. [Sami Mokaddem] - Check if the format is xml or application/xml on __sendResponse. [Tom King] @@ -23095,7 +23836,7 @@ Fix correctly. [iglocska] Other ------ +~~~~~ - Merge branch 'sighting_api' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'weekend_fixes' into 2.4. [iglocska] @@ -23150,6 +23891,8 @@ Other chg: [docs] The debian install docs are now fully functional and quite a few format changes to some of the install guides. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -23173,6 +23916,7 @@ Other Fixes Issue #3633 - Returned XML has application/json Content-Type header - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3768 from devnull-/#3748_download_files. [Andras Iklody] @@ -23196,6 +23940,10 @@ Other chg: [tools] Added the option to have Python Virtualenv support - Merge branch '2.4' into py-virtualenv. [www-data] - Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] - Merge branch '2.4' into py-virtualenv. [www-data] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3760 from cudeso/2.4. [Alexandre Dulaunoy] @@ -23218,11 +23966,11 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external Network Socket objects when +- Wip: [stix2 import] Parsing external Network Socket objects when references are hostnames. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] @@ -23232,81 +23980,81 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external observable IPAddr - +- Wip: [stix2 import] Parsing external observable IPAddr - NetworkTraffic - Domain composition objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external process objects. [chrisr3d] +- Wip: [stix2 import] Parsing external process objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external AS objects. [chrisr3d] +- Wip: [stix2 import] Parsing external AS objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external x509 objects. [chrisr3d] +- Wip: [stix2 import] Parsing external x509 objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external mutex objects. [chrisr3d] +- Wip: [stix2 import] Parsing external mutex objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: -- :construction: [stix2 import] Parsing external mac-address objects. [chrisr3d] + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ +- Wip: [stix2 import] Parsing external mac-address objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: -- :construction: [stix2 import] Parsing external url objects. [chrisr3d] + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ +- Wip: [stix2 import] Parsing external url objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external regkey objects. [chrisr3d] +- Wip: [stix2 import] Parsing external regkey objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external email objects. [chrisr3d] +- Wip: [stix2 import] Parsing external email objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing domain & domain-ip attributes/objects. +- Wip: [stix2 import] Parsing domain & domain-ip attributes/objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing code that works for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Included pe & pe-section parsing for file objects. +- Wip: [stix2 import] Included pe & pe-section parsing for file objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Including uuid fields - Including refactor on some class attributes to avoid errors and duplications - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Starting parsing network-traffic objects from +- Wip: [stix2 import] Starting parsing network-traffic objects from external files. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: -- :construction: [stix2 import] Starting parsing observables from external STIX2 + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ +- Wip: [stix2 import] Starting parsing observables from external STIX2 files + moving functions to the main script. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, script broken atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, script broken atm /!\ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3751 from ancailliau/fixes-error-message- control_workers. [Andras Iklody] @@ -23318,11 +24066,12 @@ Other fix: travis import/export + v2.4.96 (2018-10-09) -------------------- New ---- +~~~ - [ReST client] generate python output too. [iglocska] - also, nicer toggle! @@ -23427,7 +24176,7 @@ New [iglocska] Changes -------- +~~~~~~~ - [CSV] Added timestamp in CSV output with include context on the event level. [iglocska] - [version] version bump. [iglocska] @@ -23445,6 +24194,7 @@ Changes published ignored by default) [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - [API] new restresponse library addition fixed (send file) [iglocska] @@ -23453,6 +24203,8 @@ Changes [Alexandre Dulaunoy] - [misp-objects] add the relationship annotates. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomy] updated to the latest version. [Alexandre Dulaunoy] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] @@ -23510,7 +24262,7 @@ Changes - Bump recommended pyMispVersion. [Raphaël Vinot] Fix ---- +~~~ - [sanitisation] Sanitise curl query. [iglocska] - [stix2 import] Fixed to_ids flag in imported objects. [chrisr3d] - [API] Fixed broken check for overriding IDS flags via proposals, fixes @@ -23785,7 +24537,7 @@ Fix - [feeds] Feed caching generates a lot of notices. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -23793,6 +24545,8 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3743 from WaryWolf/unmanaged-workers. [Andras @@ -23832,18 +24586,18 @@ Other read and displayed - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [stix2 export] Supporting export of multiple MISP events. +- Wip: [stix2 export] Supporting export of multiple MISP events. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [restSearch] Passing multiple events to the STIX parsing script. +- Wip: [restSearch] Passing multiple events to the STIX parsing script. [chrisr3d] - atm calling the python script every 10 events fetched with fetchEvent - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [stix1 export] Supporting export of multiple MISP events. +- Wip: [stix1 export] Supporting export of multiple MISP events. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] @@ -23851,8 +24605,8 @@ Other chrisr3d_restSearch_tests. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [restSearch] Added stix2 export in restSearch. [chrisr3d] -- :construction: [restSearch] Stix1 export for restSearch. [chrisr3d] +- Wip: [restSearch] Added stix2 export in restSearch. [chrisr3d] +- Wip: [restSearch] Stix1 export for restSearch. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -23904,6 +24658,15 @@ Other chg: Bump PyMISP - Merge branch 'stix2' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Add: [export] Introduction of a framing script. [chrisr3d] - atm returning header, separator and footer for @@ -23913,16 +24676,23 @@ Other for the format in subject and returning the corresponding header, footer and separator - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Add: [stix2 export] Added stix2 export view. [chrisr3d] - Add: [stix2 export] Added instruction about automation part. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3664 from SteveClement/guides. [Andras Iklody] chg: [doc] Moved INSTALL files around to reflect a more accurate support landscape. @@ -23979,11 +24749,12 @@ Other - Fixed bug where popoverChoice was returning undefined values for some browser. [Sami Mokaddem] + v2.4.95 (2018-09-06) -------------------- New ---- +~~~ - [API] set default behaviour to require to_ids and published set to 1 to be included in exports. [iglocska] @@ -24049,13 +24820,13 @@ New - [rest client] parsers for JSON/HTML return added. [iglocska] - [rest client] parser helper css/js added. [iglocska] - [API] CSV export tool added. [iglocska] -- [API] :construction: work in progress - moving CSV export to standardised +- [API] WIP work in progress - moving CSV export to standardised converter format. [iglocska] - [API] Added publish filter to restsearch. [iglocska] - [API] further rework of the restsearch api. [iglocska] - move to the new popping filter system -- [API] rework of the event level restSearch (:construction:) [iglocska] +- [API] rework of the event level restSearch (WIP) [iglocska] - [internal] Further work on the filtering. [iglocska] - [internal] Rework of the filter handling internally. [iglocska] - [internal] Added internal functions to interpret parameters in various @@ -24096,7 +24867,7 @@ New - no more shitty chrome extensions that crash during trainings, rejoice! Changes -------- +~~~~~~~ - [doc] Point to official misp-book, MISP "User Guide" in main codebase is obsolete. [Steve Clement] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] @@ -24130,6 +24901,10 @@ Changes - instead of loading it over and over - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [rest client] render the response by default. [iglocska] - [querystring] version bumped. [iglocska] - [API] Fixed fetchAttributes lookup on value to be only optionally a @@ -24158,6 +24933,7 @@ Changes - [doc] MISP logo b&w only added. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [data-model] new bro attribute type to store rule in Bro rule-format. [Alexandre Dulaunoy] @@ -24173,13 +24949,14 @@ Changes - [misp-galaxy] updated to the latest version including related changes. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-warninglist] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [visual] Changed the name of the rest client. [iglocska] Fix ---- +~~~ - [documentation] added missing legacy automation page view. [iglocska] - [description] Typo in serverSetting fixed, fixes #3612. [iglocska] - [API] using "download" as a returnformat via the URL breaks the @@ -24344,7 +25121,7 @@ Fix - [API] Some API rearrange issues fixed in events/add. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Temporary revert to avoid PGP bug. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -24405,10 +25182,12 @@ Other - Add: [stix2 export] Parsing expiration date from sightings as 'valid_until' in indicators. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'feature/api_rework2' into 2.4. [iglocska] +- Merge branch 'feature/api_rework2' into 2.4. [iglocska] - Merge branch 'feature/api_rework' into feature/api_rework2. [iglocska] - Merge branch 'feature/api_rework' into 2.4. [iglocska] - Merge branch '2.4' into feature/api_rework. [iglocska] @@ -24417,6 +25196,7 @@ Other - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [Raphaël Vinot] - Merge branch '2.4' into feature/api_rework. [iglocska] +- Merge branch '2.4' into feature/api_rework. [iglocska] - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [iglocska] - Merge branch 'feature/api_rework' of github.com:MISP/MISP into @@ -24426,6 +25206,7 @@ Other - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [iglocska] - Merge branch '2.4' into feature/api_rework. [iglocska] +- Merge branch '2.4' into feature/api_rework. [iglocska] - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [iglocska] - Merge pull request #3557 from Rafiot/feature/api_rework. [Raphaël @@ -24559,11 +25340,12 @@ Other - Merge remote-tracking branch 'origin/2.4' into 2.4. [Christophe Vandeplas] + v2.4.94 (2018-08-09) -------------------- New ---- +~~~ - [PGP] Added fingerprint to /users/verifyGPG. [iglocska] - [internal] Streamlining of the push process. [iglocska] @@ -24664,7 +25446,7 @@ New - MISP's diagnostic tool WILL complain if this is ever enabled Changes -------- +~~~~~~~ - [release] Version bump. [iglocska] - [internal] Refactor of the pull function. [iglocska] @@ -24702,6 +25484,8 @@ Changes - [cleanup] added function to check for prio worker's existance in Event.php. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [documenation] Added CLI documentation for the getAuthkey tool. [iglocska] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] @@ -24829,6 +25613,7 @@ Changes - [doc] More updates on the debian install guides, small fix on OpenBSD. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [attackMatrix] UI improvement (contextual menu) [Sami Mokaddem] - [attackMatrix] UI improvements. [Sami Mokaddem] - [attackMatrix] support of quick tagging from the attackMatrix at event @@ -24903,7 +25688,7 @@ Changes each section Fix ---- +~~~ - [stix1 import] Fixed journal entries parsing fails. [chrisr3d] - [stix1 import] Copy/paste error fixed. [chrisr3d] - [cleanup] Some more minor clean up. [chrisr3d] @@ -25199,7 +25984,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #3535 from PaoloVecchi/patch-4. [Andras Iklody] @@ -25215,6 +26000,8 @@ Other - Default sort order for ID and Date: desc. [StefanKelm] - Default sort order for timesamps: desc. [StefanKelm] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -25232,6 +26019,7 @@ Other chg: [typo] Minor typo - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #3520 from ater49/patch-5. [Alexandre Dulaunoy] @@ -25260,6 +26048,7 @@ Other Update default.po - Update default.po. [ater49] +- Update default.po. [ater49] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3502 from SteveClement/2.4. [Andras Iklody] @@ -25314,6 +26103,8 @@ Other - Merge branch '2.4' of github.com:SteveClement/MISP into 2.4. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -25404,6 +26195,9 @@ Other Sod the bloody typos - Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] - Add: [stix2 import] Importing email-attachment attributes. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix2 export] Exporting email-attachment attributes. [chrisr3d] @@ -25420,6 +26214,7 @@ Other chg: [doc] debian testing/stable install guide updates - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3445 from SteveClement/2.4. [Steve Clement] chg: [doc] debian install guide updates @@ -25478,6 +26273,7 @@ Other Change --force to --recursive in update/upgrade documentation - Change --force to --recursive. [StefanKelm] +- Change --force to --recursive. [StefanKelm] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'attributeFetcherFix' into 2.4. [iglocska] @@ -25486,7 +26282,7 @@ Other - Merge pull request #3417 from SteveClement/2.4. [Steve Clement] Added initial internationalization for: French (6%), Japanese (21%) - Updated FreeBSD and added OpenBSD Install document (:construction:-pre-alpha) + Updated FreeBSD and added OpenBSD Install document (WIP-pre-alpha) - - Rudimentary support for apache2, login works. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - - Partially works, again, but still CSS issues. [Steve Clement] @@ -25522,11 +26318,12 @@ Other [chrisr3d] - [stix2 import] Improved file observable object parsing. [chrisr3d] + v2.4.93 (2018-06-27) -------------------- New ---- +~~~ - [attackMatrix] Skeleton of multiple galaxy picking. [Sami Mokaddem] - [stix2 export] Starting exporting PE binary files. [chrisr3d] @@ -25571,7 +26368,7 @@ New - Add schema for feed-metadata. [Raphaël Vinot] Changes -------- +~~~~~~~ - [version] Version bump. [iglocska] - [misp-galaxy] updated to the latest version (including CFR test) [Alexandre Dulaunoy] @@ -25630,7 +26427,7 @@ Changes - Add enums in feed-metadata schema. [Raphaël Vinot] Fix ---- +~~~ - [stix1 import] Fixed Monkey typo. [chrisr3d] - [stix1 import] Fixed missing self call. [chrisr3d] - [bug] Typo in the event before validate hook. [Andras Iklody] @@ -25669,7 +26466,7 @@ Fix MISP/PyMISP#236. [iglocska] - [stix diagnostic] Returning the correct 'success' value in case of error with maec. [chrisr3d] -- :lock: Brute force protection can be bypased with a PUT request. +- [security] Brute force protection can be bypased with a PUT request. [iglocska] - fixes an issue where brute forcing the login would work by using PUT requests @@ -25790,7 +26587,7 @@ Fix published. [Sami Mokaddem] Other ------ +~~~~~ - Add: [stix1 import] Parsing x509 raw certificate in x509 object. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -25883,6 +26680,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into favicon. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: [stix2 export] Exporting asn MISP objects. [chrisr3d] - Add: [stix1 export] Exporting asn object. [chrisr3d] - [stix2 export] Removed intermediary 1 line functions. [chrisr3d] @@ -25911,11 +26709,12 @@ Other Enable python3 for php-fpm for RHEL/CentOS - Enable python3 for php-fpm for RHEL/CentOS. [Richard van den Berg] + v2.4.92 (2018-06-07) -------------------- New ---- +~~~ - [ACL] Added new role permission: publish_zmq. [iglocska] - permission flag to use the "publish to ZMQ" button @@ -25953,7 +26752,7 @@ New - uses bootstrap's own classes/structure Changes -------- +~~~~~~~ - [version] VERSION bump. [iglocska] - Bump PyMISP version. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] @@ -26005,7 +26804,7 @@ Changes - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - Removed debug breaking update. [iglocska] - [API] Fixed a black hole on API actions via the Objects controller, fixes #3271. [iglocska] @@ -26131,7 +26930,7 @@ Fix notices thrown. [iglocska] Other ------ +~~~~~ - Bump recommended version of PyMISP. [Raphaël Vinot] - Merge pull request #3316 from jezkerwin/2.4. [Andras Iklody] @@ -26277,8 +27076,10 @@ Other STIX Custom object. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - [stix1 export] typo. [chrisr3d] - Add: [stix1 export] Added namespaces for WindowsService object. [chrisr3d] @@ -26312,11 +27113,12 @@ Other - Add: [stix1 export] Exporting network connection MISP objects. [chrisr3d] + v2.4.91 (2018-05-15) -------------------- New ---- +~~~ - Remove galaxy cluster information from the sync mechanism for now. [iglocska] @@ -26356,7 +27158,7 @@ New - GET on add/edit to receive usage information Changes -------- +~~~~~~~ - [PyMISP] updated to latest version. [Alexandre Dulaunoy] - [stix1 export] Added object name in observable composition id. [chrisr3d] @@ -26423,13 +27225,14 @@ Changes - Changed distribution graph popover title. [Sami Mokaddem] - Removed useless prints. [Sami Mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - First round of refactoring of the side menu. [iglocska] - Changed the org admin role to not have sync privileges by default. [iglocska] Fix ---- +~~~ - Detaching galaxy clusters from attributes was using the old function name. [iglocska] - Attachcluster to object attributes fails due to no flattening. @@ -26623,7 +27426,7 @@ Fix - Fixed color mapping issue that avoided Marking creation. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Version bump. [iglocska] @@ -26636,8 +27439,10 @@ Other - [stix1 export] Reusing little functions. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: [stix1 import] Importing reply-to attributes. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -26652,6 +27457,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Added description for the latest functions created. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'global_ajax' into 2.4. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -26801,6 +27607,7 @@ Other - Merge pull request #3183 from StefanKelm/2.4. [Andras Iklody] Update Log.php +- Update Log.php. [StefanKelm] - Update Log.php. [StefanKelm] Alphabetically sort list of Actions pull-down menu within "Search Logs" @@ -26808,6 +27615,7 @@ Other importing STIX. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: Added Windows Service objects parsing. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -26822,11 +27630,12 @@ Other - MISP to STIX export refactored & updated to work with python3. [chrisr3d] + v2.4.90 (2018-04-21) -------------------- New ---- +~~~ - Add download buttons for user profiles. [iglocska] - Added the extended event lookup to the edit event view. [iglocska] - Preview the extended event ID / UUID. [iglocska] @@ -26847,7 +27656,7 @@ New automation page. [iglocska] - Cleanup of server push, feed fetch, fed cache console commands. [iglocska] -- Rework of the server/feed command line tools, :construction:. [iglocska] +- Rework of the server/feed command line tools, WIP. [iglocska] - Added improvements to the Cortex settings. [iglocska] - allow for configuring SSL options for Cortex @@ -26890,7 +27699,7 @@ New - set max memory usage and execution time / role Changes -------- +~~~~~~~ - Version bump. [iglocska] - Changed the extended event lookup box's colour. [iglocska] @@ -26923,7 +27732,7 @@ Changes [chrisr3d] Fix ---- +~~~ - Z-index popover issue in event graph. [Sami Mokaddem] - MISP galaxy updated. [Alexandre Dulaunoy] - Tag removal fixed. [iglocska] @@ -27045,7 +27854,7 @@ Fix - Handling case of stix events without labels. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3170 from mokaddem/ref_graph. [Andras Iklody] @@ -27141,6 +27950,7 @@ Other - Made the auto download of attachments when loaded in the browser configurable. [John Doe] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3152 from StefanKelm/2.4. [Andras Iklody] Default sort order for id / date reversed on click for Server preview index @@ -27165,6 +27975,7 @@ Other - Starting parsing some easy patterns. [chrisr3d] - Add: Added course-of-action object parsing. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Add: Added the stix version attribute in stix2-pattern objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] @@ -27176,57 +27987,57 @@ Other - Importing external indicators as stix2-pattern objects. [chrisr3d] Now on the same state as the current used import module -- :construction: Import module importing things, but need to fix few attributes +- Wip: Import module importing things, but need to fix few attributes loss. [chrisr3d] -- :construction: Parsing patterns representing MISP objects. [chrisr3d] -- :construction: Parsing observable objects representing MISP objects. [chrisr3d] -- :construction: Parsing STIX2 objects that give MISP attributes with the import. +- Wip: Parsing patterns representing MISP objects. [chrisr3d] +- Wip: Parsing observable objects representing MISP objects. [chrisr3d] +- Wip: Parsing STIX2 objects that give MISP attributes with the import. [chrisr3d] -- :construction: Starting parsing STIX2 from MISP. [chrisr3d] +- Wip: Starting parsing STIX2 from MISP. [chrisr3d] - STIX2 export refactored. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Parsing ip-port objects. [chrisr3d] - Observable added - Observable & pattern tested -- :construction: Parsing file objects. [chrisr3d] +- Wip: Parsing file objects. [chrisr3d] - observable added - observable & pattern tested -- :construction: Parsing email objects. [chrisr3d] +- Wip: Parsing email objects. [chrisr3d] - observable added - observable & pattern tested -- :construction: Parsing url objects (observable added & tested + pattern tested) +- Wip: Parsing url objects (observable added & tested + pattern tested) [chrisr3d] -- :construction: Parsing x509 objects (observable added + pattern & observable +- Wip: Parsing x509 objects (observable added + pattern & observable tested) [chrisr3d] -- :construction: Regkey object parsing + Fix on observable object creation. +- Wip: Regkey object parsing + Fix on observable object creation. [chrisr3d] -- :construction: Implementing observable objects generation for MISP objects. +- Wip: Implementing observable objects generation for MISP objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] -- :construction: Should now be able to create indicators for MISP objects. +- Wip: Should now be able to create indicators for MISP objects. [chrisr3d] - Patterns generation to be tested -- :construction: Parsing Galaxies. [chrisr3d] +- Wip: Parsing Galaxies. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] -- :construction: Fixed typo of some attribute values to delete spaces. [chrisr3d] -- :construction: Catching errors on indicators and observed data, and creating +- Wip: Fixed typo of some attribute values to delete spaces. [chrisr3d] +- Wip: Catching errors on indicators and observed data, and creating custom objects instead. [chrisr3d] -- :construction: Fixed typo & bugs. [chrisr3d] +- Wip: Fixed typo & bugs. [chrisr3d] - tests made for indicators -- :construction: Dictionary for attributes mapping should be ok. [chrisr3d] -- :construction: Always better with a stix package builder and the output file +- Wip: Dictionary for attributes mapping should be ok. [chrisr3d] +- Wip: Always better with a stix package builder and the output file saved. [chrisr3d] -- :construction: Handling special misp types. [chrisr3d] -- :construction: Should be able to export attributes. [chrisr3d] -- :construction: Refactoring to be continued. [chrisr3d] -- :construction: Dictionary update to go with stix2 export refactoring. [chrisr3d] -- :construction: Refactoring stix2 export & performance improvement. [chrisr3d] -- :construction: First try of refactored stix2 parsing. [chrisr3d] +- Wip: Handling special misp types. [chrisr3d] +- Wip: Should be able to export attributes. [chrisr3d] +- Wip: Refactoring to be continued. [chrisr3d] +- Wip: Dictionary update to go with stix2 export refactoring. [chrisr3d] +- Wip: Refactoring stix2 export & performance improvement. [chrisr3d] +- Wip: First try of refactored stix2 parsing. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3148 from StefanKelm/2.4. [Andras Iklody] @@ -27249,6 +28060,8 @@ Other Spelling error update - Spelling error update. [Geert De Ron] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3139 from mokaddem/quick-fix-metacategory-graph. [Andras Iklody] @@ -27330,6 +28143,7 @@ Other - Update admin_add.ctp. [StefanKelm] - Update user_management.ctp. [StefanKelm] - Update administration.ctp. [StefanKelm] +- Update administration.ctp. [StefanKelm] - Update diagnostics.ctp. [StefanKelm] - Update footer.ctp. [StefanKelm] - Update User.php. [StefanKelm] @@ -27351,11 +28165,12 @@ Other - Changed imports & only kept only used pymisp functions. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.89 (2018-03-23) -------------------- New ---- +~~~ - Added STIX 2.x import to the GUI. [iglocska] - Purge all/completed jobs via the job index, fixes #3024. [iglocska] - Describe the new changes to the deleteAttributes API. [iglocska] @@ -27365,7 +28180,7 @@ New - Allow the searching of organisations by uuid on the event index (via the API) [iglocska] - Finished the first version of the recovery tool. [iglocska] -- Object reconstruction after, resolving the ID bug, :construction:. [iglocska] +- Object reconstruction after, resolving the ID bug, WIP. [iglocska] - Temp diagnostic tool for orphaned object attributes. [iglocska] - RestResponse::describe() now uses generic URLs with optional url parameters instead of showing the currently accessed ID. [iglocska] @@ -27379,7 +28194,7 @@ New - just set the `require_standard_format` to true in the moduleinfo disctionary Changes -------- +~~~~~~~ - Version bump. [iglocska] - Query string bumped. [iglocska] - Updates to the deleteAttributes API. [iglocska] @@ -27396,7 +28211,7 @@ Changes - no ID needs to be passed for the description Fix ---- +~~~ - Added annoying missing space between the password field's label and it's tooltip. [iglocska] - Handling case of stix events without timestamp. [chrisr3d] @@ -27569,7 +28384,7 @@ Fix - Removed left in debug/thrown exception. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Update event-graph.js. [Sami Mokaddem] @@ -27650,16 +28465,16 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into stiximport. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: Parsing attachments. [chrisr3d] -- :construction: Starting parsing portable executables. [chrisr3d] -- :construction: Added description parsing for stix objects without properties. +- Wip: Starting parsing portable executables. [chrisr3d] +- Wip: Added description parsing for stix objects without properties. [chrisr3d] -- :construction: Whois parsing function improved. [chrisr3d] +- Wip: Whois parsing function improved. [chrisr3d] Still need some tests with proper examples to finish this part -- :construction: Starting parsing Whois Objects. [chrisr3d] +- Wip: Starting parsing Whois Objects. [chrisr3d] But need some examples to parse properly !!!! -- :construction: Rebuilt hashes & files parsing functions. [chrisr3d] +- Wip: Rebuilt hashes & files parsing functions. [chrisr3d] Also handling more properly when to import a stix object as a MISP Object or as Attribute @@ -27679,19 +28494,19 @@ Other #2473. [Andras Iklody] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Fixed key value that was not correct. [chrisr3d] -- :construction: More types supported & functions clarified. [chrisr3d] -- :construction: Starting to import external stix. [chrisr3d] -- :construction: Supporting more Object types. [chrisr3d] -- :construction: handling malware-sample in file objects. [chrisr3d] -- :construction: Supporting more attribute types. [chrisr3d] -- :construction: Parsing more attribute types & objects. [chrisr3d] +- Wip: More types supported & functions clarified. [chrisr3d] +- Wip: Starting to import external stix. [chrisr3d] +- Wip: Supporting more Object types. [chrisr3d] +- Wip: handling malware-sample in file objects. [chrisr3d] +- Wip: Supporting more attribute types. [chrisr3d] +- Wip: Parsing more attribute types & objects. [chrisr3d] - More attribute types and objects to come with events testing - First version parsing some attributes. [chrisr3d] - More attribute types to be added - Objects to be parsed as well -- :construction: Refactor of stix2misp - only a beginning atm. [chrisr3d] +- Wip: Refactor of stix2misp - only a beginning atm. [chrisr3d] - Merge pull request #3012 from Res260/feature_keyboard_navigation. [Andras Iklody] @@ -27785,12 +28600,15 @@ Other - Fixed a bug regarding filename|ssdeep attributes importing using FreeTextImport. See Issue #2971. [Émilio Gonzalez] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2979 from SteveClement/2.4. [Alexandre Dulaunoy] Added install step to make sure submodule permissions are ignored - - Added install step to make sure all the submodules ignore permissions. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:SteveClement/MISP into 2.4. [Steve Clement] - Merge remote-tracking branch 'origin/i18n_prep' into 2.4. [Steve @@ -27803,14 +28621,16 @@ Other - Add attribute shortcut now triggers the popup instead of changing page + bottom right triangle now with pointer cursor. [Émilio Gonzalez] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] + v2.4.88 (2018-02-21) -------------------- New ---- +~~~ - Add API response for /sightings/listSightings. [Andras Iklody] - Reowkred organisation merge workflow, #fixes 2931. [iglocska] @@ -27894,7 +28714,7 @@ New - for example: 'addOrg' => 'add Organisation to' Changes -------- +~~~~~~~ - Version bump. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - Updated documentation. [iglocska] @@ -27904,7 +28724,7 @@ Changes - Bump PyMISP. [Raphaël Vinot] Fix ---- +~~~ - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - PyMISP fixed to the latest version. [Alexandre Dulaunoy] - Ssdeep is now updated on PECL - installation updated. [Alexandre @@ -27925,6 +28745,7 @@ Fix - removed the module config from the index function to avoid exposing API keys / credentials to users - some formating fixes - ModulesController. [Juan C. Montes] +- ModulesController. [Juan C. Montes] - Searching for exact values not possible via the attribute search, fixes #2946. [iglocska] @@ -28019,7 +28840,7 @@ Fix - Graceful handling of gnupg not being set up on an instnace. [iglocska] Other ------ +~~~~~ - Update list_sightings.ctp. [Andras Iklody] - Add: Updated to the latest version of taxonomies including new ones. [Alexandre Dulaunoy] @@ -28080,12 +28901,14 @@ Other Dulaunoy] - Add: mime-type attribute added. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #2908 from Res260/fix_keyboard_shortcut_focus. [Andras Iklody] new: Add search shortcut for events and attributes + small bugfix - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2906 from Res260/feature_keyboard_shortcuts. [Alexandre Dulaunoy] @@ -28114,6 +28937,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2886 from MISP/Bump-PyMISP. [Raphaël Vinot] chg: Bump PyMISP recommended version @@ -28121,11 +28945,12 @@ Other chg: Bump PyMISP + v2.4.87 (2018-01-28) -------------------- New ---- +~~~ - Mispzmq.py updated with new topic (tags) [iglocska] - Added boolean attribute type. [iglocska] - New upgrade system. [iglocska] @@ -28153,7 +28978,7 @@ New freetext import/module triage screen. [iglocska] Changes -------- +~~~~~~~ - Version bump. [iglocska] - Rework of the event history view, no more crazy slow parsing of all strings in the log table. [iglocska] @@ -28177,7 +29002,7 @@ Changes - Clarified feed action buttons. [iglocska] Fix ---- +~~~ - Removed the crazy complex lookup for attribute tag counts from the tag index. [iglocska] @@ -28194,7 +29019,7 @@ Fix - Load orgc data after attributes are loaded in search csv export. [iglocska] - - functionality still needs further fixes, :construction: + - functionality still needs further fixes, WIP - Graceful handling of removed users in discussion boards. [iglocska] - Suricata export URL encodes an IPv6 between [], fixes #2872. [iglocska] @@ -28262,7 +29087,7 @@ Fix - Missing action added to ACL system. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: MISP galaxy updated. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -28335,6 +29160,9 @@ Other - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - - Feeds/compare_feeds.ctp. [Steve Clement] - - Fixed various typos/omissions etc. [Steve Clement] +- - Fixed various typos/omissions etc. [Steve Clement] +- - Fixed various typos/omissions etc. [Steve Clement] +- - Fixed various typos/omissions etc. [Steve Clement] - - Closing parenthesis mistake. [Steve Clement] - View/SharingGroups -> __(' [Steve Clement] - View/Sightings -> __(' [Steve Clement] @@ -28431,11 +29259,12 @@ Other - - Attributes folder scavenged for Translatables… [Steve Clement] - - __('')-ized labels, buttons, styles. [Steve Clement] + v2.4.86 (2018-01-16) -------------------- New ---- +~~~ - Mass enable/disable feeds. [iglocska] - protecting the sanity of MISP admins since 2012! @@ -28464,7 +29293,7 @@ New - Allow the collapsing of related events on the event view. [iglocska] Changes -------- +~~~~~~~ - Version bumped. [iglocska] - Warninglists updated. [iglocska] - Performance tuning. [iglocska] @@ -28485,7 +29314,7 @@ Changes event IDs. [iglocska] Fix ---- +~~~ - Remove the option for disabling sightings - it's an integral feature of the MISP core. Fixes #2820. [iglocska] - Fixed image element. [iglocska] @@ -28617,7 +29446,7 @@ Fix - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] Other ------ +~~~~~ - Merge pull request #2422 from panzertime/add-button-fetch-all-feeds. [Andras Iklody] @@ -28627,6 +29456,8 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - 1st version of TTPs parsing function. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'feature/sg_api' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -28649,7 +29480,7 @@ Other - Merge pull request #2789 from MISP/pymisp_test2. [Raphaël Vinot] chg: Bump PyMISP -- :construction: Some updates on pattern import. [chrisr3d] +- Wip: Some updates on pattern import. [chrisr3d] Will work on pattern parser soon - Merge pull request #2785 from atluxity/patch-1. [Alexandre Dulaunoy] @@ -28688,11 +29519,12 @@ Other -- Fixed config typos -- Added all missing dependencies + v2.4.85 (2017-12-22) -------------------- New ---- +~~~ - Limit the max amount of time spent fetching the latest commit ID to 3 seconds max. [iglocska] @@ -28713,7 +29545,7 @@ New - Add tag restrictions for a single user. [iglocska] Changes -------- +~~~~~~~ - PyMISP bump. [iglocska] - Version bumps for everyone! [iglocska] - Support the changes about registry-key for import as well. [chrisr3d] @@ -28748,7 +29580,7 @@ Changes Also changed a bit Custom Objects Fix ---- +~~~ - Fixed z-index of correlation popovers. [iglocska] - Fixed stupidly slow cluster selection list. [iglocska] @@ -28859,10 +29691,10 @@ Fix - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- :construction: parsing external Stix2 documents. [chrisr3d] +- Wip: parsing external Stix2 documents. [chrisr3d] - atm: read patterns and create a stix2-pattern Object with the pattern as attribute @@ -28964,7 +29796,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- :construction: Includes category import. [chrisr3d] +- Wip: Includes category import. [chrisr3d] Still need to include the missing types of object not supported yet. @@ -28994,7 +29826,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- :construction: fixed bugs that appeared with Objects support. [chrisr3d] +- Wip: fixed bugs that appeared with Objects support. [chrisr3d] - Add: new feed VXvault - URL List added. [Alexandre Dulaunoy] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -29005,7 +29837,7 @@ Other - Initial FreeBSD install document - - Initial FreeBSD install document. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: Parsing patterns for Objects. [chrisr3d] +- Wip: Parsing patterns for Objects. [chrisr3d] Also little fixes & updates - Added label with the type for Identity object. [chrisr3d] @@ -29016,7 +29848,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: Import module from STIX2. [chrisr3d] +- Wip: Import module from STIX2. [chrisr3d] Functional but improvements still needed. Not all the fields of Stix2 events supported @@ -29031,11 +29863,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Added custom object for MISP Objects. [chrisr3d] + v2.4.84 (2017-12-06) -------------------- Fix ---- +~~~ - Fixed a critical issue introduced in 2.4.83 blocking the synchronisation of edits in certain situations. [iglocska] @@ -29044,15 +29877,16 @@ Fix - as reported by SIEMENS Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Added label to recognize malware-sample attributes. [chrisr3d] + v2.4.83 (2017-12-06) -------------------- New ---- +~~~ - Various improvements to the CSV export. [iglocska] - The @FloatingCode and @ilmoka care package @@ -29092,18 +29926,19 @@ New object to the ZMQ channel. [iglocska] Changes -------- +~~~~~~~ - Version strings updated. [iglocska] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - Wip. [chrisr3d] +- Wip. [chrisr3d] - Make misp to stix export work with MISP json formatted. [chrisr3d] - Push MISP json formatted events to the stix exporter (pending rework) instead of the direct output of fetchEvents() [iglocska] - Push the full user object to the ZMQ feed. [iglocska] Fix ---- +~~~ - Updated pyMISP recommended version. [iglocska] - PyMISP updated. [iglocska] - Removed the requirement for a comment from the import modules. @@ -29248,10 +30083,11 @@ Fix - As reported by Dawid Czarnecki Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2706 from Rafiot/cortex_doc. [Raphaël Vinot] @@ -29264,6 +30100,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into feature/tag_filter_rework. [iglocska] - Merge branch '2.4' into feature/tag_filter_rework. [iglocska] +- Merge branch '2.4' into feature/tag_filter_rework. [iglocska] - Little change about SDOs generated from Galaxy. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -29327,7 +30164,7 @@ Other - Parsing attachment attributes. [chrisr3d] Also fixed some specific issues with single quotes -- :construction: Import of some of the most common attributes. [chrisr3d] +- Wip: Import of some of the most common attributes. [chrisr3d] Work still in progress in order to: - Support as many attribute types as possible @@ -29466,11 +30303,12 @@ Other - 2017 even if it's not 2049 ;-) [Alexandre Dulaunoy] - Quick fixes. [chrisr3d] + v2.4.82 (2017-11-10) -------------------- New ---- +~~~ - Various features. [iglocska] - Added quickhashing to the feed generator @@ -29486,7 +30324,7 @@ New - The overall feed correlation counter also allows users to pivot to a view that loads all correlations, though it should be used with some caution as it can be somewhat heavy Changes -------- +~~~~~~~ - PyMISP version bump. [iglocska] - Pass event_id to import modules, fixes #2612. [Andras Iklody] @@ -29500,7 +30338,7 @@ Changes - as reported by Or Hanuka (PALANTIR) Fix ---- +~~~ - 3rd time is the charm (PyMISP updated) [iglocska] - PyMISP version. [iglocska] - Warning list updated to the latest version. [Alexandre Dulaunoy] @@ -29580,7 +30418,7 @@ Fix - Fixed a bug with the restSearch API. [iglocska] Other ------ +~~~~~ - Supporting Observed Data SDOs from event Objects. [chrisr3d] Objects currently supported: @@ -29638,6 +30476,7 @@ Other - Enables the user to select the attributes to be included in the CSV export (event and object attributes). [Cédric Bonhomme] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Added custom objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -29729,11 +30568,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] + v2.4.81 (2017-10-10) -------------------- New ---- +~~~ - Added first experimental STIX 2 export implementation. [iglocska] - kudos to @chrisr3d for digging into the deepest bowels of the scary beast that is STIX2 @@ -29761,25 +30601,44 @@ New - this commit was brought to you by CEF and + MMMH$= - ., ,,. %H++ ,= %%$$$$X+ ;=== .= :+HHHMMMHMMM####MMH@@@@@@HHH$= HHH@HHHHH+XXX$$$$$$$$XXXXXXX+ MMH = -. . ,-,,-,. :H@H =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$ ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX + . ---, - ,,, +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+ +++HHHHHHH+++++++++HHHHHHHHHHHHHH - -- ,,, --,. - , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ; ;= . % + ,+$X+++XXXXXXXXXXXXX++HH+++++++ ---==,,--,-,-., : . -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+ = - --,, , -- .. =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$ = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X + ====== --,,,, ,= = ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+ ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X :==-===-,. ,., == . :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX , = ==- - . == . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+ , ,,,,- , ,$$$$$$$+++++$$$$XXXXX$$ + ,,- , --= .. . ;/ ++++%$X+HHHHHHH ++$++X+HH+X+H@HMMHHHHHHHH+. ,, ,, , . +$$$$+%+$$$$$$$$$$ + ,-----=-=--, ,== ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX . .,,,. ,,,, ,-=$$$$$$$$$$$$$$$$$ + - ,- -- -, ,-= . =/++%++%+++++XXXXX$$+. +HHH@+$XHHHHHHHHH++$ -,,, ,, ,,,. ,+$$$$$$$$$$$$ + ---,-----, . == =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+% ,-,-, ,, . . ,+$$+++++++ == --, -- =--, ,,= . ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/ .,,,,,, .. .. ,. ,,,-=+%+++ /++ + -- - -,,- ., . . . = +$$++++HH+. ,+$$+++++++$XX$X$XHHH+X$$+ ..--,- .. . . ,-, = ====== MH - ---- --,,, . .. , %++$$X++++ +%++++++++%++$$$$$+H++X$$+ --, . . . = .==== + MM=,-, ---,,,,, . . ...,,, =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+: ,-- . ,. .. .. ==::;=-:;;; MM+ ,----,,,, , .. ,. +++X+HH+++++%++$++++$$+HHH+++$$ ,- , . . : ;/ +%+. MMH ,-,-,, ,,. . -, = = +$+H@HH++++$$X$$+++HHH+++$ , .. , +++++++%%+%+ + MM@,--,-,,,,,. . ,, . ,-, .=+$XHHHXXHHHHHHHH@@@@HX$%+: ,, . ..,, ..... ...%%%%++%%%%%%%% M@@== ,,, , ++++XX++HHHHHH++HHH+, , , . .... . +$+%%%%%%+%%%%% + H@H+=,,, .. ,,+%$+H@HHHXX++, , ,, . ... . ,$$$$$%%%%%+%+%%%% @H+,-,,..... . .,.;; ++$$X+%+:- , . .,,, . ... . XXX$$$%%%%%%+%%%%% + +++ -, . ... . .======== === , ,, . . .. . -,XXX$X$+$+%%%%%%%%% $+ . ===:; ++++ ++++-,. , ,-, . $X+XX+XXX$$+%++%%%%% ++: ,. . ,-,,-==:; %%%%%+%$$%$$X$$$+%+:== . . ,, ..+X$XXXXXX$$$+%%$$%%%% + =: ,,, == ++++++$+$$%+++$$$++$+ . == . .,,, +$$$$$$$$$$$$$$+$%%%+ , ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== . ., .. +%%+$++$%$$$$$$%%++%+ ===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+, === .. ,=; +++++++++.. :;; . =:; /++%$$++, ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ . .. :=;;:;;;;;========== .,,-==;;;+% %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X . -=====::::=========:: + . =; ++++++$+++ , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$ ,, - --- ==:=: + ====; ++++$$+% ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++. ,,,,-,--- =:==;; + .,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%; ...,,,,,--==;;;/; + . ...= .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++. ++++H+HHHHHHHMMMMMMMMMMMM@++: ,,, ===;;;;; + ==: . ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . , = ++$H@@HMHMMH%= . ..,,= + +++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :, ...,, + %+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -, = ,=== ,, ,,, . H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++ , . %%%%%%%%%%%%%%++++%%++ .. ... .. . +++%+++++++%++++%+++++++++%+%++%+%%++%++++++% - Change server settings via the API. [iglocska] @@ -29797,7 +30656,7 @@ New - Added object relations to the CSV export. [iglocska] Changes -------- +~~~~~~~ - Submodules updated. [iglocska] - Replaced the correlation graph icon to something more appropriate. [iglocska] @@ -29807,7 +30666,7 @@ Changes - Added .onion to the TLD list for the complext type tool. [iglocska] Fix ---- +~~~ - Skipping composite objects. [chrisr3d] - STIX 2.0 report doesn't require labels but the python-stix2 requires one. [Alexandre Dulaunoy] @@ -29875,6 +30734,7 @@ Fix ──████────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──███─────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██──────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ + ──██──────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██─────────▐█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██────────▐█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██───────▐█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▌ @@ -29904,7 +30764,7 @@ Fix - Port added to network activity. [iglocska] Other ------ +~~~~~ - Replaced placeholder label with threat-report. [Andras Iklody] - Merge branch '2.4.81' into 2.4. [iglocska] - Merge branch '2.4.81' of github.com:MISP/MISP into 2.4.81. [chrisr3d] @@ -29917,7 +30777,7 @@ Other for 'created' and 'modified' properties of all the STIX Objects - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- Add: First :construction: STIX 2.0 export from MISP JSON standard format. +- Add: First WiP STIX 2.0 export from MISP JSON standard format. [chrisr3d] This is an early stage export from MISP JSON into the STIX 2.0 @@ -30001,11 +30861,12 @@ Other - Up: Bump PyMISP. [Raphaël Vinot] - Up: test file. [Raphaël Vinot] + v2.4.80 (2017-09-19) -------------------- New ---- +~~~ - Various object template improvements. [iglocska] - allow multiple versions of a template to be stored at the same time @@ -30042,7 +30903,7 @@ New - added multiple flag among other things - Added first iteration of new add attachment functionality. [iglocska] - - still :construction: + - still WIP - Added back referencing from a referenced object. [iglocska] - also fixed some view file issues @@ -30068,11 +30929,11 @@ New - added objects fields to object rows - nested rows within the object - massive cleanup -- :construction: - change to model aliasing to solve the reserved class name. +- WIP - change to model aliasing to solve the reserved class name. [iglocska] - Internal name is now MispObject for the model, but it is used Aliased, removing the need to do any data massaging - - Added :construction: edit function + - Added WIP edit function - Added objects submodule. [iglocska] - Further progress with the objects. [iglocska] @@ -30085,7 +30946,7 @@ New - Further progress on the objects. [iglocska] Changes -------- +~~~~~~~ - Version bumps all around. [iglocska] - Updated taxonomies. [iglocska] - PyMISP updated. [iglocska] @@ -30112,7 +30973,7 @@ Changes - Added new fields to mysql. [iglocska] Fix ---- +~~~ - Reverted CakePHP version. [iglocska] - Fixed the XML view. [iglocska] @@ -30207,7 +31068,7 @@ Fix - Add object functions to ACL. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2493 from RichieB2B/patch-2. [Andras Iklody] @@ -30305,13 +31166,17 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into objects_wip. [iglocska] +- Merge branch '2.4' into objects_wip. [iglocska] +- Merge branch '2.4' into objects_wip. [iglocska] +- Merge branch '2.4' into objects_wip. [iglocska] - Merge branch '2.4' into feature/objects. [iglocska] + v2.4.79 (2017-08-28) -------------------- New ---- +~~~ - Feeds added to the scheduled jobs. [iglocska] - Opened up the taxonomies actions to the API: [iglocska] @@ -30332,7 +31197,7 @@ New - cake /var/www/MISP/app/Console Baseurl [new baseurl] Changes -------- +~~~~~~~ - Update for the version release. [iglocska] - querystring bump @@ -30352,7 +31217,7 @@ Changes - Added exit 0 to start.sh to make vagrant happy. [iglocska] Fix ---- +~~~ - Removed url -> tls_cert_subject rule conversion for the suricata export, fixes #2396. [Andras Iklody] - Fixed a bug where /events/uuid would return the incorrect event. @@ -30410,7 +31275,7 @@ Fix - Additionally enforce content-type on all async APIs called by the UI using CakeResponse Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -30434,6 +31299,7 @@ Other Vagrant dev environment - Updated default values for OpenSSL and GPG. [Cédric Bonhomme] +- Updated default values for OpenSSL and GPG. [Cédric Bonhomme] - Merge pull request #2410 from cedricbonhomme/vagrant-dev-environment. [Andras Iklody] @@ -30442,6 +31308,8 @@ Other - Updateg .gitignore: ignore Vagrant log files and VM related files. [Cédric Bonhomme] - Updated README. [Cédric Bonhomme] +- Updated README. [Cédric Bonhomme] +- Updated README. [Cédric Bonhomme] - Added Vagrant configuration files for a development environment. [Cédric Bonhomme] - Added Vagrant configuration files for a development environment. @@ -30478,6 +31346,8 @@ Other Expose galaxies lit to api - Update GalaxiesController.php. [truckydev] +- Update GalaxiesController.php. [truckydev] +- Update GalaxiesController.php. [truckydev] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2385 from cedricbonhomme/fix-command-line-tool-to- @@ -30488,11 +31358,12 @@ Other 'true' to true for example.' when enabling/disabling MISP with the command line tool. [Cédric Bonhomme] + v2.4.78 (2017-08-06) -------------------- New ---- +~~~ - Exposed Roles to the API. [iglocska] - valid commands via the API @@ -30504,13 +31375,13 @@ New - /roles/index [GET] Changes -------- +~~~~~~~ - Version bump. [iglocska] - Updated misp galaxies. [iglocska] - Updated warninglists. [iglocska] Fix ---- +~~~ - Fixed capitalisation of "throw" in templateElementsController. [iglocska] - Fixes the lookup of attributes in the UI attribute search to correctly @@ -30546,7 +31417,7 @@ Fix due to missing group by. [iglocska] Other ------ +~~~~~ - Fixed org logos in attribute index. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -30568,15 +31439,16 @@ Other - MISP website links and references updated. [Alexandre Dulaunoy] - A link to the CONTRIBUTING page added. [Alexandre Dulaunoy] + v2.4.77 (2017-07-12) -------------------- New ---- +~~~ - Added php ini path. [iglocska] Changes -------- +~~~~~~~ - PyMISP version bump. [iglocska] - Redacted certain server settings that could be considered sensitive. [iglocska] @@ -30588,7 +31460,7 @@ Changes - Version bump. [iglocska] Fix ---- +~~~ - Remove delegation request once event delegation is accepted. [iglocska] @@ -30668,7 +31540,7 @@ Fix JSON output, fixes #2280. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2327 from kallix/attachments_dir-settings. [Andras @@ -30768,10 +31640,12 @@ Other New apache directive with apache 2.4 - Fixes #2278. [dc] +- Fixes #2278. [dc] - Merge pull request #2276 from FafnerKeyZee/2.4. [Andras Iklody] Install Debian 9 (Stretch) - Update INSTALL.debian9.txt. [Fafner [_KeyZee_]] +- Update INSTALL.debian9.txt. [Fafner [_KeyZee_]] - Create INSTALL.debian9.txt. [Fafner [_KeyZee_]] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Fafner [_KeyZee_]] @@ -30779,11 +31653,12 @@ Other update + v2.4.76 (2017-06-20) -------------------- New ---- +~~~ - Feed http://cinsscore.com/list/ci-badguys.txt added. [Alexandre Dulaunoy] - Contributing guidelines added following the initial wiki document. @@ -30802,7 +31677,7 @@ New API. [iglocska] Changes -------- +~~~~~~~ - VERSION bump. [iglocska] - Some small changes to the discussion ZMQ integration. [iglocska] @@ -30810,7 +31685,7 @@ Changes - added some context fields to the messages being pushed (orgname, user email, etc) Fix ---- +~~~ - Warning-lists updated to the latest version. [Alexandre Dulaunoy] - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - Prevent form from being submitted when changing a template element, @@ -30872,7 +31747,7 @@ Fix - Fixed a notice error in the taxonomy view. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2182 from ppanero/2.4. [Andras Iklody] @@ -30917,11 +31792,12 @@ Other - Merge branch '2.4' into dmaciejak-patch-2. [David Maciejak] - Remove duplicated h() calls. [David Maciejak] + v2.4.75 (2017-06-13) -------------------- New ---- +~~~ - First round of massive performance tuning (tm)(c) [iglocska] - Make MISP fast again @@ -30942,7 +31818,7 @@ New - Added email-body attribute type, fixes #1062. [iglocska] Changes -------- +~~~~~~~ - Version bump. [iglocska] - Performance tuning: Custom pagination tool. [iglocska] @@ -30950,7 +31826,7 @@ Changes - Added event info in feed correlations via a popover. [iglocska] Fix ---- +~~~ - Fixed an error causing combined feed cache issues. [iglocska] - Relaxed UUID4 requirement for UUID validation. [iglocska] @@ -31006,7 +31882,7 @@ Fix - Email-attachment and email-body now accept line breaks. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2207 from RichieB2B/ncsc-nl/mixbox. [Alexandre @@ -31040,11 +31916,12 @@ Other - Two new feeds from @bambenek added in the default JSON feed. [Alexandre Dulaunoy] + v2.4.74 (2017-05-30) -------------------- New ---- +~~~ - Added default feed list. [iglocska] - Publish event to ZMQ on demand and beaconing of ZMQ tool. [iglocska] - Auto load the default feeds from file. [iglocska] @@ -31060,14 +31937,14 @@ New - Add instance uuid. [iglocska] Changes -------- +~~~~~~~ - VERSION bump. [iglocska] - Querystring version bump. [iglocska] - Also store the lookup_visible field from the field import. [iglocska] - Allow for \t to be used as a CSV feed delimiter. [iglocska] Fix ---- +~~~ - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - Logrotate, database.php settings explanation. [Steffen Sauler] - Clarified ZMQ start button (it doesn't restart anything anyway) @@ -31115,6 +31992,7 @@ Fix - simpler response always responds with txt type, won't complain about view not being set for incorrect accept headers - Hids api threw error on empty result. [iglocska] - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] +- MISP galaxy updated to the latest version. [Alexandre Dulaunoy] - Update to the MISP galaxy latest version. [Alexandre Dulaunoy] - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - Deal with all the weird and "wonderful" stix versions Tries to fix @@ -31130,7 +32008,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2232 from SHSauler/patch-1. [Andras Iklody] @@ -31199,11 +32077,12 @@ Other - Add possibility to define tags for import module. Add possibility to desable validation for String field when empty. [Tristan METAYER] + v2.4.73 (2017-05-10) -------------------- New ---- +~~~ - Update all the json structures in MISP via the API, fixes #2168. [iglocska] @@ -31225,7 +32104,7 @@ New - expected format is {"value": "my_string_to_parse"} with "distribution" being an optional value (otherwise instnace defaults are assumed) Changes -------- +~~~~~~~ - Version bump on the queryVersion. [iglocska] - In preparation of the various taxonomy types, only update event type taxonomies or ones without a type. [iglocska] @@ -31239,7 +32118,7 @@ Changes - Added distribution as a possible module output field. [iglocska] Fix ---- +~~~ - Removed two duplicate fields from MYSQL.sql. [iglocska] - Added missing fields causing pulled events to not contain attributes, fixes #2171. [iglocska] @@ -31300,7 +32179,7 @@ Fix #2138. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -31323,7 +32202,7 @@ Other [iglocska] - Merge pull request #2163 from ppanero/bro_export. [Andras Iklody] - [:construction:] - BroExport types updeted + [WIP] - BroExport types updeted - BroExport types updeted. [Pablo Panero] - Merge pull request #2161 from Keisial/2158. [Andras Iklody] @@ -31360,6 +32239,10 @@ Other Issues 1643 - Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] - Quick & Dirty 'without_email' & 'Unpublish_event' options for Sync Server. [devnull-] - Update the database schema unpublish_event (servers) & @@ -31380,11 +32263,12 @@ Other Strangely, this does not affect centos7 and mariadb 5.5 even if corresponding documentation states the same. https://travis-ci.org/juju4/ansible-MISP/jobs/222624827#L4862 + v2.4.72 (2017-04-14) -------------------- New ---- +~~~ - Disable taxonomy tags. [iglocska] - Added attributes / event average to statistics. [iglocska] - Minimal flag added to the event index. [iglocska] @@ -31401,14 +32285,14 @@ New - sgReferenceOnly: Will only load the sharing_group_id not the actual sharing group data Changes -------- +~~~~~~~ - Version bump. [iglocska] - Querystring bump. [iglocska] - Make the extension .js for people's syntax highlighters. [Hannah Ward] - Add npm instructions in install. [Hannah Ward] Fix ---- +~~~ - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] - Enforce the hide tag directive. [iglocska] - Toggling an attribute's correlation won't reload the page anymore. @@ -31455,17 +32339,18 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch 'jsfix' into 2.4. [iglocska] - Ignore node packages in gitignore. [Hannah Ward] + v2.4.71 (2017-04-11) -------------------- New ---- +~~~ - Set distribution level in freetext results / module import results, fixes #2023. [iglocska] - Password complexity defaults tightened, also passowrd requirements @@ -31478,7 +32363,7 @@ New - refactor of the CIDR tool Changes -------- +~~~~~~~ - Org blacklisting enabled by default. [iglocska] - Bumped versions. [iglocska] @@ -31497,7 +32382,7 @@ Changes - If your name is Raphael, move along nothing to see here *cough* Fix ---- +~~~ - Invalid lookup in the upgrade script causing the two default entries for the org blacklist to not populate. [iglocska] - PyMISP version bump. [iglocska] @@ -31587,7 +32472,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -31624,11 +32509,12 @@ Other Pull Update - Merge branch '2.4' into 2.4. [devnull-] + v2.4.70 (2017-03-26) -------------------- New ---- +~~~ - Added 2 new types. [iglocska] - hex and sigma @@ -31649,7 +32535,7 @@ New - Sane defaults used automatically, making {"value":"1.2.3.4", "type":"ip-dst"} a valid attribute Changes -------- +~~~~~~~ - Changed js query string. [iglocska] - Version bump. [iglocska] - Edit and delete attributes now accept uuids as parameters instead of @@ -31660,7 +32546,7 @@ Changes - Further work on the accessibility changes. [iglocska] Fix ---- +~~~ - Spring cleaning. [iglocska] - removal of debug from the syncdebug @@ -31687,7 +32573,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch 'syncdebug' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -31744,11 +32630,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] + v2.4.69 (2017-03-10) -------------------- Changes -------- +~~~~~~~ - Some changes to the users. [iglocska] - added date created/modified in the backend @@ -31757,7 +32644,7 @@ Changes - PyMISP update. [iglocska] Fix ---- +~~~ - Version bump. [iglocska] - Fixed a typo in an upgrade script. [Iglocska] - Readded the failing entry caused by a typo in the upgrade system. @@ -31793,7 +32680,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -31815,11 +32702,12 @@ Other - Initialize host to empty value when the URL is formed incorrectly. [Mathieu Deloitte] + v2.4.68 (2017-03-08) -------------------- New ---- +~~~ - Added float as a new attribute type. [iglocska] - Added a way to upload org logos directly from the org add/edit view. [iglocska] @@ -31830,7 +32718,7 @@ New - But please consider just adding some more space instead.. Changes -------- +~~~~~~~ - Added some language clarifying the filter rule relations, fixes #2011. [iglocska] - Cakephp updated. [iglocska] @@ -31842,7 +32730,7 @@ Changes - Add the version number to the headers for sync requests. [iglocska] Fix ---- +~~~ - Fixed sql fail. [iglocska] - AttachTagToObject and removeTagFromObject now accept posted JSON objects. [iglocska] @@ -31880,7 +32768,7 @@ Fix potentially fixes #1993 Other ------ +~~~~~ - Merge branch 'hotfix-2.4.68' into 2.4. [iglocska] - Version bump. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -31901,11 +32789,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.67 (2017-02-24) -------------------- New ---- +~~~ - Add reverse proxy support for test of baseurl. [Adrien RAFFIN] - Added activity charts to tag and galaxy cluster indeces. [iglocska] @@ -31922,7 +32811,7 @@ New - Sightings column added to sightings table. [iglocska] Changes -------- +~~~~~~~ - Removed superfluous style. [iglocska] - On event create page add a notice #1973. [iglocska] - Added warnings about the user's encryption status in the quick mailer. @@ -31938,7 +32827,7 @@ Changes - Sightings role added to ACL. [iglocska] Fix ---- +~~~ - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] - More invalid MySQL fields fixed. [iglocska] - Fixed a mysql issue. [iglocska] @@ -31965,7 +32854,7 @@ Fix sightings. [iglocska] Other ------ +~~~~~ - Version bump. [iglocska] - Merge branch '2.4.67' into 2.4. [iglocska] - Merge branch '2.4' into 2.4.67. [iglocska] @@ -32015,11 +32904,12 @@ Other Code for issue : https://github.com/MISP/MISP/issues/1965 - Code for issue : https://github.com/MISP/MISP/issues/1965. [truckydev] + v2.4.66 (2017-02-19) -------------------- New ---- +~~~ - Added links to all events that match sightings sources in the sightings top list. [iglocska] - Added sighting top list to the statistics. [iglocska] @@ -32031,12 +32921,12 @@ New - First iteration of the improved sightings. [iglocska] Changes -------- +~~~~~~~ - Work on the sightings. [iglocska] - Added default to shadow_attributes old_id. [iglocska] Fix ---- +~~~ - Fixed an issue that prevented < 2.4.63 from being upgraded to the latest version. [Iglocska] - Version bump 2.4.66. [Alexandre Dulaunoy] @@ -32088,7 +32978,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -32169,6 +33059,8 @@ Other NidsSuricataExport refactoring for attribute *URL* - Merge branch '2.4' into 2.4. [Alexandre Dulaunoy] +- Merge branch '2.4' into 2.4. [Alexandre Dulaunoy] +- Merge branch '2.4' into 2.4. [Alexandre Dulaunoy] - NidsSuricataExport refactoring for attribute *URL* [Mathieu Deloitte] - Merge pull request #1928 from cvandeplas/2.4. [Andras Iklody] @@ -32191,17 +33083,18 @@ Other [iglocska] - Update PyMISP. [Raphaël Vinot] + v2.4.65 (2017-02-09) -------------------- Changes -------- +~~~~~~~ - Allow the creation of read only auth users/auditors. [iglocska] - also add creator email to json output for auditors Fix ---- +~~~ - Fixed the new indexer generating a notice on a successful indexing. [iglocska] - Import whitelist - add a description to make it clearer, fixes #1902. @@ -32227,21 +33120,23 @@ Fix - also, rerun the recent indexing rules Other ------ +~~~~~ - Version bump. [iglocska] - Merge branch 'auditor' into 2.4. [iglocska] - Merge branch '2.4' into 2.4. [truckydev] +- Merge branch '2.4' into 2.4. [truckydev] - Check if auditor have good "org_id" [truckydev] - Merge branch '2.4' into 2.4. [truckydev] - Get email creator user for auditor users. [Tristan METAYER] - Add auditor user auditor user can see event_creator_id. [Tristan METAYER] + v2.4.64 (2017-02-06) -------------------- New ---- +~~~ - Lookup organisations by uuid using organisations/view. [iglocska] - Advanced correlations. [iglocska] @@ -32269,13 +33164,13 @@ New - /users/statistics/attributehistogram.json Changes -------- +~~~~~~~ - Version bump. [iglocska] - Added default log org entry. [iglocska] - Added ids to the server index. [iglocska] Fix ---- +~~~ - Fixed a bug retrieving an org with no users. [iglocska] - MISP galaxy updated. [Alexandre Dulaunoy] - MISP taxonomy to the latest version. [Alexandre Dulaunoy] @@ -32292,7 +33187,7 @@ Fix the warning list is for ALL, fixes #1837. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #1896 from RichieB2B/ncsc-nl/logrotate. [Andras @@ -32316,11 +33211,12 @@ Other events. [Christophe Vandeplas] - Merge branch 'feature/passwordSending' into 2.4. [iglocska] + v2.4.63 (2017-02-01) -------------------- New ---- +~~~ - Small rework of the thread functionalities. [iglocska] - API get /threads/view/ and /threads/viewEvent/ @@ -32334,7 +33230,7 @@ New - Affects events and attributes Changes -------- +~~~~~~~ - Changes to the email notification. [iglocska] - added attribute tags @@ -32342,7 +33238,7 @@ Changes - Misp-galaxy update. [iglocska] Fix ---- +~~~ - Fixing a notice introduced in the last commit. [iglocska] - Warning list updated to the latest version. [Alexandre Dulaunoy] - Composite attributes displayed in 2 lines. [iglocska] @@ -32379,7 +33275,7 @@ Fix - tags that were not exportable returned weird empty lists via the API Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -32388,11 +33284,12 @@ Other Dulaunoy] - Merge branch 'feature/db_fix' into 2.4. [iglocska] + v2.4.62 (2017-01-26) -------------------- New ---- +~~~ - Added the option to delete files after ingestion of local feed. [iglocska] - Local feeds. [iglocska] @@ -32411,7 +33308,7 @@ New - "only": ONLY include deleted attributes Changes -------- +~~~~~~~ - Version bump. [iglocska] - Added validation errors for a local feed pointing to the wrong resource. [iglocska] @@ -32420,7 +33317,7 @@ Changes - should be a directory for misp feeds Fix ---- +~~~ - PyMISP version bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Fixed an invalid lookup for the site admin debug. [iglocska] @@ -32436,7 +33333,7 @@ Fix - Views left off. [iglocska] Other ------ +~~~~~ - Merge branch 'feature/localfeeds' into 2.4. [iglocska] - Merge branch '2.4' into feature/localfeeds. [iglocska] - Add: Code of conduct added to the MISP Project - fix #1858. [Alexandre @@ -32449,18 +33346,19 @@ Other Truncate bro cached export files - Truncate bro cached export files. [Richard van den Berg] + v2.4.61 (2017-01-22) -------------------- New ---- +~~~ - New warninglist type: hostname. [Iglocska] - use lists designated as hostname lists (which can be domains too) - Allow the new type "substring" to be used for warninglists. [Iglocska] Changes -------- +~~~~~~~ - Version bump. [Iglocska] - Updated warninglists. [Iglocska] - Nicer screenshot view. [Iglocska] @@ -32469,7 +33367,7 @@ Changes - Warninglists updated. [Iglocska] Fix ---- +~~~ - Fixed the hacky solution for hostname evaluation in warninglists. [Iglocska] - Critical fix to an issue with event add fixed. [Andras Iklody] @@ -32511,7 +33409,7 @@ Fix instead of an empty array in the retrieved data. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge pull request #1857 from deralexxx/patch-6. [Alexandre Dulaunoy] @@ -32536,11 +33434,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.60 (2017-01-17) -------------------- New ---- +~~~ - Request encryption of samples via the event REST api. [iglocska] - Add the encrypt flag to attributes to be added via the events/add or events/edit api @@ -32548,7 +33447,7 @@ New - make sure that the attribute value is the desired filename, the hashes will be added automagically - Add a new api to check the supported PyMISP version. [iglocska] - Index API for sightings added. [iglocska] -- Sightings API improvements :construction:. [iglocska] +- Sightings API improvements WIP. [iglocska] - reworked responses - started work on the new index @@ -32574,7 +33473,7 @@ New - Add sql for attribute_tags (MySQL) [Andreas Ziegler] Changes -------- +~~~~~~~ - Use cakeresponse for JSON response in updateGraph instead of serialize. [Iglocska] - Update of the JS filename. [Iglocska] @@ -32593,7 +33492,7 @@ Changes - despite my earlier request to @rotanid, there is no need for this feature to be optional, it's one of the few cases where it should be universally enabled Fix ---- +~~~ - Fix a unicode issue with the correlation graphs. [Iglocska] - Fix an issue with the graphs when no relations are found. [Iglocska] - Clarification a selectable group is also an active group. [Alexandre @@ -32670,9 +33569,10 @@ Fix Ziegler] Other ------ +~~~~~ - Merge branch 'feature/attribute-tagging' into 2.4. [Iglocska] - Merge branch '2.4' into feature/attribute-tagging. [Iglocska] +- Merge branch '2.4' into feature/attribute-tagging. [Iglocska] - Merge branch '2.4' into feature/attribute-tagging. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -32706,11 +33606,12 @@ Other [Iglocska] - Merge branch '2.4' into feature/attribute-tagging. [iglocska] + v2.4.59 (2017-01-01) -------------------- New ---- +~~~ - Added a new field for an exclude regex for the CSV / Freetext feeds. [iglocska] @@ -32728,7 +33629,7 @@ New - also, new method for writing the MISP config file Changes -------- +~~~~~~~ - Version bump. [iglocska] - Changed the feed cache locations. [iglocska] - Added description for feed metadata download. [iglocska] @@ -32739,7 +33640,7 @@ Changes settings) [iglocska] Fix ---- +~~~ - Copy paste fail. [iglocska] - Left off changes to the complextypetool. [iglocska] @@ -32778,7 +33679,7 @@ Fix - was using the local owner id instead of the creator id Other ------ +~~~~~ - Merge branch '2.4.59' into 2.4. [iglocska] - Merge branch '2.4' into 2.4.59. [iglocska] - Merge branch 'feature/colour' into 2.4.59. [iglocska] @@ -32796,11 +33697,12 @@ Other Remove bang (!) so it doesn't get interpreted as an image. + v2.4.58 (2016-12-22) -------------------- New ---- +~~~ - Disable correlation. [iglocska] - globally @@ -32808,11 +33710,11 @@ New - on an attribute level Changes -------- +~~~~~~~ - Updated misp galaxies. [iglocska] Fix ---- +~~~ - Small fix on the attribute correlation popup's header. [iglocska] - F-A-I-L @@ -32848,7 +33750,7 @@ Fix disabling and enabling for attributs. [iglocska] Other ------ +~~~~~ - Merge branch 'feature/disable_correlation' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into feature/disable_correlation. [iglocska] @@ -32865,11 +33767,12 @@ Other - Added support for creating users into different roles depending on ldap group membership. [Emil Enemærke] + v2.4.57 (2016-12-19) -------------------- New ---- +~~~ - Added new option to the attribute level restsearch. [iglocska] - filter on attributes using timestamps newer than parameter @@ -32878,7 +33781,7 @@ New - still missing: Export modules - consider having the flag for misp JSON/XML and STIX perhaps? -- :construction:: Parameter to remove warning list hits from exports. [iglocska] +- WIP: Parameter to remove warning list hits from exports. [iglocska] - Added a way to disable certain tags from the UI, fixes #1733. [iglocska] @@ -32889,7 +33792,7 @@ New - First iteration of the new types. [iglocska] Changes -------- +~~~~~~~ - Added documentation on the warninglist enforcement to the automation page. [iglocska] @@ -32916,7 +33819,7 @@ Changes #1744. [iglocska] Fix ---- +~~~ - Failtypo fixed. [iglocska] - Taxonomies updated to the latest version. [Alexandre Dulaunoy] - Added exception for site admins to be able to add galaxies to events @@ -32957,7 +33860,7 @@ Fix - affects #1731 Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -33029,6 +33932,7 @@ Other up: Run tests in python3 - Merge branch '2.4' into travis. [Raphaël Vinot] +- Merge branch '2.4' into travis. [Raphaël Vinot] - Up: Run tests in python3. [Raphaël Vinot] - Merge pull request #1727 from kirzaks/2.4. [Andras Iklody] @@ -33036,15 +33940,16 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Armins] - Added fast_pattern. [Armins] + v2.4.56 (2016-12-07) -------------------- New ---- +~~~ - Tied the galaxies into the ACL. [Iglocska] - First RC of MISP galaxies 1.0. [Iglocska] - Added galaxy attach/detach functions. [Iglocska] -- First iteration of the galaxies (:construction:) [Iglocska] +- First iteration of the galaxies (WIP) [Iglocska] - Added upgrade scripts. [Iglocska] - Added galaxy tables. [Iglocska] - Added the publish_timestamp and timestamp parameters to both @@ -33057,7 +33962,7 @@ New - allows users to specify whether the events / attributes returned should come from published / unpublished events only. If the parameter is not set both are included Changes -------- +~~~~~~~ - Some minor UI changes. [Iglocska] - Update to gitignore. [Iglocska] - Version bump. [Iglocska] @@ -33073,7 +33978,7 @@ Changes - kill the url parameters with fire Fix ---- +~~~ - Removed a duplicate ACL entry. [Iglocska] - Clusters added don't have the exportable field set on the tag and because of that they don't show up on the API. [Iglocska] @@ -33128,7 +34033,7 @@ Fix - Removed invalid entry in writeable file diagnostics. [Iglocska] Other ------ +~~~~~ - Merge branch 'syntax' into 2.4. [Iglocska] - [*] Corrected the bug with endless loops in while() [Birdy42] - [*] Removed the double htmlentities check, minor text correction. @@ -33174,11 +34079,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.55 (2016-11-22) -------------------- New ---- +~~~ - Sightings enabled by default. [Iglocska] - Added timestamps of shadow attributes wherever appropriate. [Iglocska] - Added uuid as a restsearch parameter, fixes #1683. [Iglocska] @@ -33199,7 +34105,7 @@ New - affects #1618 Changes -------- +~~~~~~~ - Version bump. [Iglocska] - Changed the behaviour of the proposal index. [Iglocska] @@ -33211,7 +34117,7 @@ Changes - Added the type field to be able to restrict / attribute type Fix ---- +~~~ - Some additional changes to accomodate for the automatically enabled sightings. [Iglocska] - Tell MISP to run the db update. [Iglocska] @@ -33249,7 +34155,7 @@ Fix - Some cleanup Other ------ +~~~~~ - Merge branch '2.4.55' into 2.4. [Iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] @@ -33277,15 +34183,17 @@ Other - Block alert e-mails based on tag. [Richard van den Berg] - Merge branch '1642' into 2.4. [Iglocska] - Update UPDATE.txt. [Deventual] +- Update UPDATE.txt. [Deventual] - Merge branch '1653' into 2.4. [Iglocska] - Sorts the "Attributes per organization" array by the total number of attr, highest on top. [cristian bell] + v2.4.54 (2016-11-04) -------------------- New ---- +~~~ - Added new statistics page, fixes #1648, fixes #1557. [Iglocska] - brought back the quick organisation overview as it's a much missed feature @@ -33342,7 +34250,7 @@ New - RPZ Zone file export Changes -------- +~~~~~~~ - Further work on the user APIs. [Iglocska] - Remove obsolete getEnrichmentSettings() [Andreas Ziegler] @@ -33360,13 +34268,14 @@ Changes - does not alter any functionality otherwise Fix ---- +~~~ - PyMISP to the latest version. [Alexandre Dulaunoy] - Fixed an issue with an incorrect condition on the admin index. [Iglocska] - Increased space between taxonomy names in the treemap as some of them can be quite long. [Iglocska] - PyMISP updated to the latest version. [Alexandre Dulaunoy] +- PyMISP updated to the latest version. [Alexandre Dulaunoy] - MISP name fixed. [Alexandre Dulaunoy] - Fixed annoying capitalisation mess in the event index parameters. [Iglocska] @@ -33420,7 +34329,7 @@ Fix - Removed double sanitisation of the resolved attributes. [Iglocska] Other ------ +~~~~~ - Version bump. [Iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] @@ -33456,11 +34365,12 @@ Other - Removed Imported via the Freetext Import ... text. [Christophe Vandeplas] + v2.4.53 (2016-10-21) -------------------- New ---- +~~~ - Added a way to disable the default HTTP_ header namespace or to alter it to something else for the custom auth plugin. [Iglocska] - Added quick search in tag selection popup. [Iglocska] @@ -33479,7 +34389,7 @@ New - Added correlations to the freetext feed preview. [Iglocska] Changes -------- +~~~~~~~ - Added the capability to search for attributes by uuid. [Iglocska] - ID field in the attribute search now accepts attribute UUIDs @@ -33506,7 +34416,7 @@ Changes updated) [Alexandre Dulaunoy] Fix ---- +~~~ - Fixes an issue where adding a new user allowed an invalid role choice. [Iglocska] @@ -33565,7 +34475,7 @@ Fix freetext code path. [Iglocska] Other ------ +~~~~~ - Version bump. [Iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] @@ -33578,11 +34488,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.52 (2016-10-07) -------------------- New ---- +~~~ - First implementation of the freetext feed pull. [Iglocska] - View proposal count on event index and filter events on whether they have proposals. [Iglocska] @@ -33606,7 +34517,7 @@ New - Add basic experimental support for PostgreSQL. [Andreas Ziegler] Changes -------- +~~~~~~~ - Updated to the latest MISP taxonomies. [Alexandre Dulaunoy] - Cleanup of removed functionality. [Iglocska] - MISP taxonomies updated to the latest version. [Alexandre Dulaunoy] @@ -33695,7 +34606,7 @@ Changes - Set "User" as the default role for new installations. [iglocska] Fix ---- +~~~ - Fixes to the ssdeep detection as it was way too loose. [Iglocska] - Resolved several issues with error handling in the new feed system. [Iglocska] @@ -33884,7 +34795,7 @@ Fix - Moved the example API script using SSL client certificate. [iglocska] Other ------ +~~~~~ - Merge branch '2.4.52' into 2.4. [Iglocska] - Revert "fix: Removed already removed file that got reverted" [Iglocska] @@ -34115,11 +35026,12 @@ Other fix: update version number to 2.4.51 in MYSQL.sql + v2.4.51 (2016-08-29) -------------------- New ---- +~~~ - Add default role to the user creation, fixes #256. [iglocska] - New piece by piece stix export allowing large datasets to be exported. [iglocska] @@ -34137,7 +35049,7 @@ New - Allow site admins to view the reason of the failure (up to 24h after the fact) including a stack trace Changes -------- +~~~~~~~ - Enabled 2.4.51 db upgrade. [iglocska] - Version bump. [iglocska] - UI changes for the email field in the event history. [iglocska] @@ -34212,7 +35124,7 @@ Changes - Redundant members list and organisations page #1013. [Cristian Bell] Fix ---- +~~~ - Pushing upgraded to respect the internal sync setting. [iglocska] - Allows the push of org only attributes @@ -34234,7 +35146,7 @@ Fix - Refactoring of the STIX export. [iglocska] - Also adding it to the caching mechanism - - still :construction: + - still WIP - Differentiate queued and running jobs if no granular progress is returned. [iglocska] - Version bump. [iglocska] @@ -34324,11 +35236,14 @@ Fix organisation. [iglocska] Other ------ +~~~~~ - Merge branch '2.4.51' into 2.4. [iglocska] - Model/Server.php modified so the settings remain the same after config change on the web UI. [ppanero] - Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] - Merge branch 'sslclientsync' into 2.4.51. [iglocska] - Merge branch 'sslclientcert' into sslclientsync. [iglocska] - Example API script using client cert. [Richard van den Berg] @@ -34336,6 +35251,7 @@ Other - Add support for sync server SSL client certificates. [Richard van den Berg] - Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] - First iteration of the internal sync rework. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -34476,16 +35392,17 @@ Other - Update to the latest version of PyMISP. [Alexandre Dulaunoy] - Version bump. [iglocska] + v2.4.50 (2016-08-10) -------------------- New ---- +~~~ - Added export module first iteration. [Iglocska] - First revision of the new import system. [Iglocska] Changes -------- +~~~~~~~ - Handle module results in one place. [Iglocska] - Remove duplicate line from install doc. [Andreas Ziegler] - Small cleanup of MYSQL.sql. [Andreas Ziegler] @@ -34510,7 +35427,7 @@ Changes - Added sync user's org to the sharing group view. [Iglocska] Fix ---- +~~~ - Some cleanup. [Iglocska] - Removed debug. [Iglocska] - Further work on the modules. [Iglocska] @@ -34580,9 +35497,10 @@ Fix fixes #1377. [Iglocska] Other ------ +~~~~~ - Merge branch 'feature/import-export-modules' into 2.4. [iglocska] - Merge branch '2.4' into feature/import-export-modules. [iglocska] +- Merge branch '2.4' into feature/import-export-modules. [iglocska] - Merge branch '2.4' into feature/import-export-modules. [Iglocska] - Merge branch '2.4.50' into 2.4. [iglocska] - Merge branch '1426' into 2.4. [iglocska] @@ -34651,11 +35569,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.49 (2016-07-22) -------------------- New ---- +~~~ - Updates to the module system. [Iglocska] - hover modules now require a 0.5 second hover to fire off the query @@ -34668,7 +35587,7 @@ New - Installation instructions for MISP on Ubuntu 16.04. [Andreas Ziegler] Changes -------- +~~~~~~~ - Taxonomies updated to the latest version. [Alexandre Dulaunoy] - Version bump. [Iglocska] - Added the sharing group roaming setting to various parts of the @@ -34749,7 +35668,7 @@ Changes - Improve file access using new Lib. [Andreas Ziegler] Fix ---- +~~~ - Sharing group edit summary tab issues. [Iglocska] - if no external organisations were added it still showed the sentence listing them with the list being empty @@ -34924,7 +35843,7 @@ Fix - Proposals now have the correct page title. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4.49' into 2.4. [Iglocska] - Merge branch '2.4' into 2.4.49. [Iglocska] @@ -34949,6 +35868,8 @@ Other [Andras Iklody] fix: Remove the default defined salt #625 +- Merge branch '2.4' into feature/modulerework. [Iglocska] +- Merge branch '2.4' into feature/modulerework. [Iglocska] - Merge branch '2.4' into feature/modulerework. [Iglocska] Conflicts: @@ -35231,17 +36152,18 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.48 (2016-06-08) -------------------- New ---- +~~~ - Enable/disable feed via API. [Iglocska] - simply POST to /feeds/enable/feed_id or /feeds/disable/feed_id to enable and disable a feed Changes -------- +~~~~~~~ - Version bump. [Iglocska] - Lowered the level of the custom css setting. [Iglocska] - Added the option to load a custom css after the default css. @@ -35272,7 +36194,7 @@ Changes - it was causing issues for a user using a rather exotic configuration Fix ---- +~~~ - Fix to a bug that allowed adding server connections without an org. [Iglocska] - Some small fixes. [Iglocska] @@ -35323,7 +36245,7 @@ Fix [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Add gitter webhook. [Raphaël Vinot] @@ -35506,6 +36428,7 @@ Other - set missing keys to null in foreach - Merge remote-tracking branch 'origin/2.4' into 2.4. [Iglocska] - Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] +- Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] - Update ISSUE_TEMPLATE.md. [Raphaël Vinot] - Merge pull request #1193 from rotanid/defaults. [Andras Iklody] @@ -35545,6 +36468,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] +- Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Add PR template. [Raphaël Vinot] - Update ISSUE_TEMPLATE.md. [Raphaël Vinot] @@ -35635,11 +36559,12 @@ Other [Iglocska] - Add issue template. [Raphaël Vinot] + v2.4.47 (2016-05-24) -------------------- Fix ---- +~~~ - Wrong variable name in __ipv6InCidr() [Andreas Ziegler] - Reverted a change that broke PyMISP's copy_list.py To be revisited for a better solution. [Iglocska] @@ -35651,7 +36576,7 @@ Fix - Left off a change. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge pull request #1166 from RichieB2B/ncsc-nl/fix-mod_proxy_fcgi- @@ -35664,15 +36589,16 @@ Other fix: wrong variable name in __ipv6InCidr() + v2.4.46 (2016-05-23) -------------------- New ---- +~~~ - Added Statixtics for taxonomy and tag usage, fixes 1158. [Iglocska] Changes -------- +~~~~~~~ - Tiny fix to an if statement. [Iglocska] - Added sort by value or name option for tag statistics API. [Iglocska] @@ -35683,7 +36609,7 @@ Changes - name-sort set to true will sort the results by the namespace, alternatively by the count/percentage Fix ---- +~~~ - Fixed some wonky behaviour with the popover enrichment and the warning list popover. [Iglocska] - Fixed an issue with the attribute search timing out. [Iglocska] @@ -35698,7 +36624,7 @@ Fix - Also some minor fixes to the ACL Other ------ +~~~~~ - Merge pull request #1153 from sfossen/patch-13. [Andras Iklody] Handle error in getEventIdsFromServer better @@ -35721,18 +36647,19 @@ Other improve some text passages - Improve some text passages. [Andreas Ziegler] + v2.4.45 (2016-05-20) -------------------- New ---- +~~~ - Added the news functionality back. [Iglocska] - admins can add/edit/delete news items - users get redirected if there is a newsitem that they haven't seen yet Changes -------- +~~~~~~~ - Some additional cleanup after the merge of some obsolete stuff. [Iglocska] - Some cleanup of old unused stuff. [Iglocska] @@ -35746,7 +36673,7 @@ Changes - Small cosmetic change on the log index. [Iglocska] Fix ---- +~~~ - Fix to the redirect issues on logout. [Iglocska] - Added the new db changes to the SQL files. [Iglocska] - Some more cleanup on the redirects at login. [Iglocska] @@ -35768,7 +36695,7 @@ Fix - Contact Users Form Email Issue fixed, fixes #1130. [Iglocska] Other ------ +~~~~~ - Merge branch 'feature/news' into 2.4. [Iglocska] - Added url detection to the news items. [Iglocska] - Merge branch 'pr1148' into 2.4. [Iglocska] @@ -35843,18 +36770,19 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] + v2.4.44 (2016-05-12) -------------------- Fix ---- +~~~ - Fixed an issue with the download as MISP XML/JSON failing for regular users due to a permission issue. [Iglocska] - Fix to an issue with server urls having a trailing slash causing an invalid sharing group server detection. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge pull request #1125 from I-am-Sherlocked/patch-3. [Andras Iklody] @@ -35862,15 +36790,16 @@ Other Missing DEFAULT value in certif_public - Missing DEFAULT value in certif_public. [I-am-Sherlocked] + v2.4.43 (2016-05-11) -------------------- New ---- +~~~ - Started work on the new attribute deletion. [Iglocska] Changes -------- +~~~~~~~ - Prevent attribute edit on deleted attributes, prevent proposal correlation on deleted attributes. [Iglocska] - Some small fixes to the soft-delete. [Iglocska] @@ -35882,7 +36811,7 @@ Changes - DB changes for the attribute deletion. [Iglocska] Fix ---- +~~~ - Attribute search - download as CSV returns empty result set, fixes #1122. [Iglocska] - Fixed an issue that would cause invalid empty events to be created @@ -35892,7 +36821,7 @@ Fix - Left off a change. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge branch 'feature/soft-delete' into 2.4. [Iglocska] @@ -35915,11 +36844,12 @@ Other in "Request URL: /users/memberslist" , since Organization.name is not a unique field. Grouping by Organization.id instead will fix the issue. - Fixed the logging of attribute deletes. [Iglocska] + v2.4.42 (2016-05-05) -------------------- Changes -------- +~~~~~~~ - Filter event index for my own events. [Iglocska] - Part of the initiative for a happier Andrzej @@ -35942,7 +36872,7 @@ Changes the worker shell scripts on RHEL/CentOS. [Iglocska] Fix ---- +~~~ - Problem with osint json/taxonomy, fixes #1119. [Iglocska] - Added a new validation for strings where "0" should be a valid value @@ -35956,58 +36886,61 @@ Fix - Fix to an issue for new installations. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.41 (2016-04-28) -------------------- Changes -------- +~~~~~~~ - Updated the user edit view to match the user admin edit view's interpretation of the SMIME certificate field. [Iglocska] - Renamed the JS used by MISP. [Iglocska] Fix ---- +~~~ - Fixed some issues with the favourite tags. [Iglocska] + v2.4.40 (2016-04-28) -------------------- New ---- +~~~ - Favourite tags. [Iglocska] - Add a tag to your favourites list - When tagging events there is a new setting: Favourite tags, which only contains the tags you've selected Changes -------- +~~~~~~~ - Added encryption feature with PGP or S/MIME support. [Alexandre Dulaunoy] Other ------ +~~~~~ - Airbus added as contributor. [Alexandre Dulaunoy] + v2.4.39 (2016-04-27) -------------------- Changes -------- +~~~~~~~ - Small test with the embedded headers. [Iglocska] - Reverted the previous change. [Iglocska] - Small fix to the headers sent for SMIME. [Iglocska] Fix ---- +~~~ - Fixed an issue with handling SMIME encrypted messages on instances that don't have a signing key. [Iglocska] Other ------ +~~~~~ - Merge branch 'feature/smime' into 2.4. [Iglocska] - Updates to the SMIME setup instructions. [Iglocska] - SMIME changes. [Iglocska] @@ -36046,6 +36979,7 @@ Other - Add the field 'certif_public' in view. [devnull-] - Add the field 'certif_public' in index. [devnull-] - Add in form the field 'certif_public' [devnull-] +- Add in form the field 'certif_public' [devnull-] - Patch SMIME to sign and encrypt email. [devnull-] - Update fields & add certificate as attachment to email. [devnull-] - Add function verifyCertificate & update of fields. [devnull-] @@ -36060,6 +36994,7 @@ Other headers) [devnull-] - PATCH: Update the database schema (SMIME) [devnull-] + v2.4.38 (2016-04-23) -------------------- - Merge branch 'feature/warninglists' into 2.4. [Iglocska] @@ -36080,9 +37015,10 @@ v2.4.38 (2016-04-23) - Merge branch '2.4' into feature/warninglists. [Iglocska] - First version of the warnings finished. [Iglocska] - Further progress. [Iglocska] +- Further progress. [Iglocska] - Import, enabling, viewing, indexing of warninglists finished. [Iglocska] -- Warninglists :construction:. [Iglocska] +- Warninglists WIP. [Iglocska] - Fix to an invalid check. [Iglocska] - Small tune to the freetext import. [Iglocska] @@ -36176,6 +37112,7 @@ v2.4.38 (2016-04-23) - Some small changes. [Iglocska] - Small fixes. [Iglocska] + v2.4.37 (2016-04-18) -------------------- - Version bump. [Iglocska] @@ -36185,6 +37122,7 @@ v2.4.37 (2016-04-18) - Gitchangelog configuration added. [Alexandre Dulaunoy] - Version bump. [Iglocska] + v2.4.36 (2016-04-15) -------------------- - Fixed a check for the upload sample API to check if the target event @@ -36193,6 +37131,7 @@ v2.4.36 (2016-04-15) - Changed the publish dating to number of days from fixed date. [Iglocska] + v2.4.35 (2016-04-15) -------------------- - Added a way to block old publish alerts from going out. [Iglocska] @@ -36319,6 +37258,7 @@ v2.4.35 (2016-04-15) - 4. Include the Sightings data in the XML/JSON views - 5. View sighting for attribute / event via the API + v2.4.34 (2016-04-08) -------------------- - Version bump. [Iglocska] @@ -36411,6 +37351,7 @@ v2.4.34 (2016-04-08) Dulaunoy] - MISP logo in a square. [Alexandre Dulaunoy] + v2.4.32 (2016-03-30) -------------------- - Split the tagging permission into two. [Iglocska] @@ -36435,6 +37376,7 @@ v2.4.32 (2016-03-30) - new tool for rearranging request data to allow the APIs to automatically catch and correct typical rearrange errors + v2.4.31 (2016-03-30) -------------------- - Fix to an issue with the password reset breaking the credentials. @@ -36472,6 +37414,7 @@ v2.4.31 (2016-03-30) There is a typo in main.css - CIRCL logo added. [Alexandre Dulaunoy] - Fix #1051. [Alexandre Dulaunoy] +- Fix #1051. [Alexandre Dulaunoy] - Fix to an invalid default password complexity validation, fixes #585. [Iglocska] - Fixes to the plugin settings not working for any plugin beyond the @@ -36481,10 +37424,12 @@ v2.4.31 (2016-03-30) - also added the correlations to the enrichment view + v2.4.30 (2016-03-28) -------------------- - Verision bump. [Iglocska] + v2.4.29 (2016-03-28) -------------------- - Added the authkey to the admin user index, including filtering / @@ -36538,6 +37483,7 @@ v2.4.29 (2016-03-28) - Fix to the incoming address check. [Iglocska] - First implementation of the new auth mechanism. [Iglocska] + v2.4.28 (2016-03-21) -------------------- - Version bump. [Iglocska] @@ -36595,6 +37541,7 @@ v2.4.28 (2016-03-21) - next step: Tie it into the freetext import results - add additional fields to the python service + v2.4.27 (2016-03-11) -------------------- - Re-added a feed. [Iglocska] @@ -36611,6 +37558,7 @@ v2.4.27 (2016-03-11) - Correctly detect e-mail addresses in the freetext import tool. [Iglocska] + v2.4.26 (2016-03-10) -------------------- - Version bump. [Iglocska] @@ -36660,11 +37608,13 @@ v2.4.26 (2016-03-10) - Set proposal's deleted field to 0 if nothing is set before saving, fixes #988. [Iglocska] + v2.4.25 (2016-03-09) -------------------- - Scheduled push incorrectly used the user e-mail address instead of a user object to initiate the sync, fixes #1000. [Iglocska] + v2.4.24 (2016-03-07) -------------------- - Version bump. [Iglocska] @@ -36746,11 +37696,13 @@ v2.4.24 (2016-03-07) event. [Iglocska] - Version bump. [Iglocska] + v2.4.23 (2016-02-22) -------------------- - Fixed a bug that caused the publish e-mails to not respect the sharing groups correctly. [Iglocska] + v2.4.22 (2016-02-21) -------------------- - Added correlation as a quick filter on attributes in the event view. @@ -36765,6 +37717,7 @@ v2.4.22 (2016-02-21) - MYSQL.sql brought up to date, the upgrade scripts in the application shouldn't have to run on first login - Version bump. [Iglocska] + v2.4.21 (2016-02-19) -------------------- - Fix to a critical vulnerability for the login authentication @@ -36790,6 +37743,7 @@ v2.4.21 (2016-02-19) correlating proposals. [Iglocska] - Fixed a copy paste fail. [Iglocska] + v2.4.20 (2016-02-17) -------------------- - Added correlations on a proposal level. [Iglocska] @@ -36846,10 +37800,12 @@ v2.4.20 (2016-02-17) - Added new attribute type x509-fingerprint-sha1. [Iglocska] - Version bump and footer version fix. [Iglocska] + v2.4.18 (2016-02-13) -------------------- - Merge branch 'features/delegation' into 2.4. [Iglocska] - Merge fixes. [Iglocska] +- Merge fixes. [Iglocska] - Merge branch '2.4' into features/delegation. [Iglocska] Conflicts: @@ -36868,6 +37824,7 @@ v2.4.18 (2016-02-13) - this helps with composite attributes where only one half of the attribute correlates + v2.4.17 (2016-02-11) -------------------- - Version bump. [Iglocska] @@ -36959,8 +37916,10 @@ v2.4.17 (2016-02-11) Comment a line that includes a comment - Update INSTALL.ubuntu1404.txt. [Alexander J] +- Update INSTALL.ubuntu1404.txt. [Alexander J] - Fix to the e-mail contents of the contact message. [Iglocska] + v2.4.16 (2016-02-02) -------------------- - Version bump. [Iglocska] @@ -36979,6 +37938,7 @@ v2.4.16 (2016-02-02) - contact e-mail recipients were incorrectly set resulting in the e-mails landing at the wrong recipient - disabled users were not excluded from certain e-mails + v2.4.15 (2016-02-02) -------------------- - Version bump. [Iglocska] @@ -37037,6 +37997,7 @@ v2.4.15 (2016-02-02) - Display and Search for model ID in the audit logs, fixes #889. [Iglocska] + v2.4.14 (2016-01-29) -------------------- - Version bump. [Iglocska] @@ -37066,6 +38027,7 @@ v2.4.14 (2016-01-29) - Set the returnPath header in e-mails correctly. [Iglocska] - Version bump. [Iglocska] + v2.4.13 (2016-01-28) -------------------- - Added org merge tool. [Iglocska] @@ -37122,6 +38084,7 @@ v2.4.13 (2016-01-28) - Fixed an invalid org lookup on the proposal download blocking users from downloading proposal attachments, fixes #874. [Iglocska] + v2.4.12 (2016-01-21) -------------------- - Merge branch 'feature/proposalFix' into 2.4. [Iglocska] @@ -37151,6 +38114,7 @@ v2.4.12 (2016-01-21) - the removed columns can cause exceptions if not removed as described in #814 + v2.4.11 (2016-01-20) -------------------- - Fix to an invalid org lookup. [Iglocska] @@ -37158,6 +38122,7 @@ v2.4.11 (2016-01-20) - prevents normal users from seeing the proposal index - still a left-over from 2.3 + v2.4.10 (2016-01-20) -------------------- - Version bump. [Iglocska] @@ -37172,6 +38137,7 @@ v2.4.10 (2016-01-20) - also some fixes and enhancements in general for this + v2.4.9 (2016-01-19) ------------------- - Fix to an issue with the XML cleanup method. [Iglocska] @@ -37251,6 +38217,7 @@ v2.4.9 (2016-01-19) - Fix to an invalid data entry pre-validation call that broke prtn attribute entry with a leading + [Iglocska] + v2.4.7 (2016-01-14) ------------------- - Version bump. [Iglocska] @@ -37315,6 +38282,9 @@ v2.4.7 (2016-01-14) - Add php 5.5 and 7.0 in the travis tests. [Raphaël Vinot] - Merge branch 'pr/679' into 2.4. [Raphaël Vinot] - Update .travis.yml. [Steve Peak] +- Update .travis.yml. [Steve Peak] +- Update .travis.yml. [Steve Peak] +- Update .travis.yml. [Steve Peak] - Create .coveragerc. [Steve Peak] - Debugging coverage. [Steve Peak] - Add check for values on diagnostics page, fixes #839. [Iglocska] @@ -37341,6 +38311,7 @@ v2.4.7 (2016-01-14) - fixed a series of issues with the exports + v2.4.6 (2016-01-07) ------------------- - Fix to a trailing slash in the baseurl breaking the upgrade script. @@ -37363,6 +38334,7 @@ v2.4.6 (2016-01-07) - Quickfilter added for users. [Iglocska] - Added malware sample to the file attribute filter. [Iglocska] + v2.4.5 (2016-01-04) ------------------- - First version of the quick filters for the event view. [Iglocska] @@ -37396,6 +38368,7 @@ v2.4.5 (2016-01-04) - Add today's date as the event date field if not set. [Iglocska] - Removal of PGP key generation for travis. [Iglocska] + v2.4.4 (2015-12-30) ------------------- - Fixes to the first user initialisation. [Iglocska] @@ -37420,6 +38393,7 @@ v2.4.4 (2015-12-30) Solving #786 - Solving #786. [Fafner [_KeyZee_]] +- Solving #786. [Fafner [_KeyZee_]] - Merge pull request #796 from FafnerKeyZee/2.4. [Andras Iklody] Fix for orgc_id into TemplatesController.php @@ -37443,6 +38417,7 @@ v2.4.4 (2015-12-30) - it was erroneously looking up servers that have push enabled instead of pull + v2.4.3 (2015-12-27) ------------------- - Rework of the contributor field, some MYSQL.sql tweaks. [iglocska] @@ -37450,6 +38425,7 @@ v2.4.3 (2015-12-27) - added indeces to the MYSQL.sql file - contributors now looks for shadow attributes instead of log entries (should make the event view much faster and resolve some timeout issues on sync when the log is massive) + v2.4.2 (2015-12-26) ------------------- - Fixes a bug on invalid event IDs passed to the STIX export causing @@ -37458,6 +38434,7 @@ v2.4.2 (2015-12-26) - Running a stix export for a specific ID that doesn't exist results in a full STIX export for the user (events visible to the user) - This leads for an unnecesarily long export process when a quick export is expected + v2.4.1 (2015-12-26) ------------------- - Several fixes to the exports, fixes #790. [iglocska] @@ -37472,6 +38449,7 @@ v2.4.1 (2015-12-26) - scheduled pulls would fail because of invalid user object passed - invalid permissions checks / org checks would cause the RPZ export to fail when using background workers + v2.4.0 (2015-12-24) ------------------- - Merge branch 'feature/fastupgrade' into 2.4. [iglocska] @@ -38159,7 +39137,7 @@ v2.4.0 (2015-12-24) - Progress on the sync. [Iglocska] - Creating objects whenever necessary during sync (sharing groups, organisations, etc) - - it's still :construction:, but time to sleep + - it's still WIP, but time to sleep - More changes to the sync. [Iglocska] - pushes are now taking into account the push_rules and pull_rules fields @@ -38276,6 +39254,7 @@ v2.4.0 (2015-12-24) - Removed debug line. [iglocska] - Initial commit. [iglocska] + v2.3.178 (2015-12-14) --------------------- - Merge branch 'hotfix-2.3.178' [iglocska] @@ -38287,12 +39266,14 @@ v2.3.178 (2015-12-14) - Double quoting of quoted messages in discussion threads fixed. [iglocska] + v2.3.177 (2015-12-08) --------------------- - Merge branch 'hotfix-2.3.177' [iglocska] - Invalid message fixed when accepting several proposals at once. [iglocska] + v2.3.176 (2015-12-08) --------------------- - Merge branch 'hotfix-2.3.176' [iglocska] @@ -38302,6 +39283,7 @@ v2.3.176 (2015-12-08) - Fixed an issue where an ip/resource was recognised as a CIDR notation IP range instead of a url - Changed the flash message for publishing without e-mails to something less scary + v2.3.175 (2015-12-04) --------------------- - Merge branch 'hotfix-2.3.175' [iglocska] @@ -38326,11 +39308,13 @@ v2.3.175 (2015-12-04) - admin tool doesn't recognise a word followed by a . as a url + v2.3.174 (2015-12-04) --------------------- - Merge branch 'hotfix-2.3.173' [iglocska] - Junk left in the previous commit. [iglocska] + v2.3.173 (2015-12-02) --------------------- - Merge branch 'hotfix-2.3.173' [iglocska] @@ -38348,6 +39332,7 @@ v2.3.173 (2015-12-02) - Fix to an incorrect call on sending out alert emails on edit. [iglocska] + v2.3.172 (2015-12-01) --------------------- - Merge branch 'hotfix-2.3.172' [iglocska] @@ -38363,6 +39348,7 @@ v2.3.172 (2015-12-01) - add_misp_export updated with the above in mind + v2.3.171 (2015-12-01) --------------------- - Merge branch 'hotfix-2.3.170' [iglocska] @@ -38375,6 +39361,7 @@ v2.3.171 (2015-12-01) - REST XML/JSON add/edit of events returns errors instead of the partially succeeding event + v2.3.169 (2015-11-27) --------------------- - Merge branch 'hotfix-2.3.169' [iglocska] @@ -38383,27 +39370,32 @@ v2.3.169 (2015-11-27) - there is no need to keep retransfering the actual attached file if all we want to convey is that the proposal is gone. + v2.3.168 (2015-11-27) --------------------- - Merge branch 'hotfix-2.3.168' [iglocska] - Fix to an issue where a proposal with an attachment could not be correctly accepted. [iglocska] + v2.3.167 (2015-11-26) --------------------- - Merge branch 'hotfix-2.3.167' [iglocska] - Updated CakePHP version to 2.7.7. [iglocska] - Merge branch 'hotfix-2.3.166' into develop. [iglocska] +- Merge branch 'hotfix-2.3.166' into develop. [iglocska] - Merge branch 'hotfix-2.3.165' into develop. [iglocska] - Merge branch 'hotfix-2.3.166' [iglocska] - Left off the view file from the previous commit. [iglocska] + v2.3.166 (2015-11-26) --------------------- - Merge branch 'hotfix-2.3.166' [iglocska] - Backport of a fix to 2.4 adding comments to proposed attachments. [iglocska] + v2.3.165 (2015-11-26) --------------------- - Merge branch 'hotfix-2.3.165' [iglocska] @@ -38414,6 +39406,7 @@ v2.3.165 (2015-11-26) - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] - Initial JSON schema - MISP event (version 2.3) [Alexandre Dulaunoy] + v2.3.164 (2015-11-22) --------------------- - Merge branch 'hotfix-2.3.164' [iglocska] @@ -38430,6 +39423,7 @@ v2.3.164 (2015-11-22) - Merge branch 'master' into develop. [iglocska] - Merge branch 'hotfix-2.3.161' into develop. [iglocska] + v2.3.163 (2015-11-19) --------------------- - Merge branch 'hotfix-2.3.163' [iglocska] @@ -38441,6 +39435,7 @@ v2.3.163 (2015-11-19) - Added a note on the server page to make it more obvious that values can be changed by double clicking them + v2.3.162 (2015-11-17) --------------------- - Merge branch 'hotfix-2.3.162' [iglocska] @@ -38453,6 +39448,7 @@ v2.3.162 (2015-11-17) - fixed a reflected XSS for template creator users when viewing a template - Merge branch 'hotfix-2.3.160' into develop. [iglocska] +- Merge branch 'hotfix-2.3.160' into develop. [iglocska] - Merge branch 'hotfix-2.3.159' into develop. [iglocska] - Merge branch 'hotfix-2.3.158' into develop. [iglocska] - Merge branch 'hotfix-2.3.157' into develop. [iglocska] @@ -38464,6 +39460,7 @@ v2.3.162 (2015-11-17) - Merge branch 'hotfix-2.3.161' [iglocska] - Fix to a recent patch breaking the publish button. [iglocska] + v2.3.161 (2015-11-17) --------------------- - Merge branch 'hotfix-2.3.160' [iglocska] @@ -38472,6 +39469,7 @@ v2.3.161 (2015-11-17) - sanitising it in appcontroller instead + v2.3.160 (2015-11-16) --------------------- - Merge branch 'hotfix-2.3.160' [iglocska] @@ -38502,6 +39500,7 @@ v2.3.160 (2015-11-16) - also added an admin tool that lets admins clean their current set of regexes of the harmful modifier + v2.3.159 (2015-11-15) --------------------- - Merge branch 'hotfix-2.3.159' [iglocska] @@ -38517,8 +39516,10 @@ v2.3.159 (2015-11-15) - Also removed the logging of the hashed password for newly created users - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] - PyMISP submodule updated. [Alexandre Dulaunoy] +- PyMISP submodule updated. [Alexandre Dulaunoy] - PyMISP updated. [Alexandre Dulaunoy] + v2.3.158 (2015-11-13) --------------------- - Merge branch 'hotfix-2.3.158' [iglocska] @@ -38546,6 +39547,7 @@ v2.3.158 (2015-11-13) - Fixed an issue where PGP keys that are set to never expire show up as expired. [iglocska] + v2.3.157 (2015-11-12) --------------------- - Merge branch 'hotfix-2.3.156' [iglocska] @@ -38553,6 +39555,7 @@ v2.3.157 (2015-11-12) - checks whether the key can be used to encrypt and whether it's expired + v2.3.156 (2015-11-11) --------------------- - Merge branch 'hotfix-2.3.155' [iglocska] @@ -38569,6 +39572,7 @@ v2.3.156 (2015-11-11) - reported by RichieB2B - The scraped URL for the PGP fetching tool was not sanitised before being echoed + v2.3.155 (2015-11-10) --------------------- - Merge branch 'hotfix-2.3.155' [iglocska] @@ -38577,6 +39581,7 @@ v2.3.155 (2015-11-10) - The scraped URL for the PGP fetching tool was not sanitised before being echoed - Trying to view an event that doesn't exist and one that the user has no access to resulted in different error messages + v2.3.154 (2015-11-10) --------------------- - Merge branch 'hotfix-2.3.154' [iglocska] @@ -38587,6 +39592,7 @@ v2.3.154 (2015-11-10) - until now multi line fields were both escaped and the line breaks removed - this was overkill, linebreaks are now kept intact + v2.3.153 (2015-11-09) --------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] @@ -38594,6 +39600,7 @@ v2.3.153 (2015-11-09) - Merge branch 'hotfix-2.3.153' [iglocska] - Fixed a bug with the attribute search API. [iglocska] + v2.3.152 (2015-11-08) --------------------- - Merge branch 'hotfix-2.3.152' [iglocska] @@ -38610,6 +39617,7 @@ v2.3.152 (2015-11-08) - disabling it also hides the IPs from the interface - added new IP field for the log search (only if enabled) + v2.3.151 (2015-11-03) --------------------- - Merge branch 'develop' [iglocska] @@ -38620,6 +39628,7 @@ v2.3.151 (2015-11-03) - Merge branch 'hotfix-2.3.148' into develop. [Iglocska] - Merge branch 'hotfix-2.3.147' into develop. [Iglocska] + v2.3.150 (2015-10-30) --------------------- - Merge branch 'hotfix-2.3.150' [iglocska] @@ -38629,6 +39638,7 @@ v2.3.150 (2015-10-30) - Proposals that can be accepted / discarded via the API - Can restrict the index to the proposals of a single event + v2.3.149 (2015-10-30) --------------------- - Merge branch 'hotfix-2.3.149' [iglocska] @@ -38636,6 +39646,7 @@ v2.3.149 (2015-10-30) - Create / Edit / Remove / index / view tags via the API + v2.3.148 (2015-10-28) --------------------- - Merge branch 'hotfix-2.3.148' [Iglocska] @@ -38652,6 +39663,7 @@ v2.3.148 (2015-10-28) - Merge branch 'hotfix-2.3.147' [Iglocska] - More details on the PGP validation tool. [Iglocska] + v2.3.147 (2015-10-27) --------------------- - Merge branch 'hotfix-2.3.147' [Iglocska] @@ -38662,13 +39674,18 @@ v2.3.147 (2015-10-27) - Merge branch 'hotfix-2.3.145' into develop. [iglocska] - Merge branch 'hotfix-2.3.144' into develop. [iglocska] - Merge branch 'hotfix-2.3.143' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.143' into develop. [Iglocska] - Merge branch 'hotfix-2.3.142' into develop. [Iglocska] - Merge branch 'hotfix-2.3.141' into develop. [Iglocska] - Merge branch 'hotfix-2.3.140' into develop. [Iglocska] - Merge branch 'hotfix-2.3.139' into develop. [Iglocska] - Merge branch 'hotfix-2.3.138' into develop. [Iglocska] - Merge branch 'hotfix-2.3.136' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.136' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.136' into develop. [Iglocska] - Merge branch 'hotfix-2.3.135' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.135' into develop. [Iglocska] + v2.3.146 (2015-10-27) --------------------- @@ -38682,12 +39699,14 @@ v2.3.146 (2015-10-27) - removed ajax path - added XML/JSON view + v2.3.145 (2015-10-22) --------------------- - Merge branch 'hotfix-2.3.145' [iglocska] - Reverted change in proposal file storage path that wasn't needed. [iglocska] + v2.3.144 (2015-10-21) --------------------- - Merge branch 'hotfix-2.3.144' [iglocska] @@ -38710,6 +39729,7 @@ v2.3.144 (2015-10-21) - Added the attribute relations to the XML / JSON output, fixes #687. [Iglocska] + v2.3.143 (2015-10-15) --------------------- - Copyright notices as a list. [Alexandre Dulaunoy] @@ -38720,6 +39740,7 @@ v2.3.143 (2015-10-15) - Merge branch 'master' of github.com:MISP/MISP. [Alexandre Dulaunoy] - Licensed updated to AGPL 3.0 - #686. [Alexandre Dulaunoy] + v2.3.142 (2015-10-14) --------------------- - Merge branch 'hotfix-2.3.142' [Iglocska] @@ -38728,6 +39749,7 @@ v2.3.142 (2015-10-14) - as pointed out by RichieB2B + v2.3.141 (2015-10-13) --------------------- - Merge branch 'hotfix-2.3.141' [Iglocska] @@ -38741,6 +39763,7 @@ v2.3.141 (2015-10-13) - Merge branch 'master' of https://github.com/MISP/MISP. [Iglocska] - Documentation location updated (misp-book) [Alexandre Dulaunoy] + v2.3.140 (2015-10-12) --------------------- - Merge branch 'hotfix-2.3.140' [Iglocska] @@ -38751,6 +39774,7 @@ v2.3.140 (2015-10-12) - this was due to access to /proc being blocked by open_basedir directive settings - added a check and the corresponding view changes to this being the case + v2.3.139 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.139' [Iglocska] @@ -38762,11 +39786,13 @@ v2.3.139 (2015-10-09) - Under these distros, php is blocked from seeing concurrently running php processes even under the same user - instead of running ps, the diagnostic now checks the existance of the pid file in /proc/ + v2.3.138 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.136' [Iglocska] - Further fixes that caused issues with old PHP versions. [Iglocska] + v2.3.137 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.136' [Iglocska] @@ -38774,6 +39800,7 @@ v2.3.137 (2015-10-09) - Fixed a possible issue with the previous commit on certain php versions. [Iglocska] + v2.3.136 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.136' [Iglocska] @@ -38786,6 +39813,7 @@ v2.3.136 (2015-10-09) - Merge branch 'hotfix-2.3.135' [Iglocska] - Left off view file. [Iglocska] + v2.3.135 (2015-10-08) --------------------- - Merge branch 'hotfix-2.3.135' [Iglocska] @@ -38803,6 +39831,7 @@ v2.3.135 (2015-10-08) - Merge branch 'hotfix-2.3.132' into develop. [Iglocska] - Merge branch 'hotfix-2.3.131' into develop. [iglocska] - Merge branch 'hotfix-2.3.130' into develop. [iglocska] +- Merge branch 'hotfix-2.3.130' into develop. [iglocska] - Merge branch 'hotfix-2.3.129' into develop. [iglocska] - Merge branch 'hotfix-2.3.128' into develop. [iglocska] - Merge branch 'hotfix-2.3.127' into develop. [iglocska] @@ -38811,6 +39840,7 @@ v2.3.135 (2015-10-08) - Merge branch 'hotfix-2.3.122' into develop. [Iglocska] - Merge branch 'hotfix-2.3.121' into develop. [Iglocska] + v2.3.134 (2015-09-24) --------------------- - Merge branch 'hotfix-2.3.134' [Iglocska] @@ -38823,11 +39853,13 @@ v2.3.134 (2015-09-24) - before the recorrelation admin tool would load all attributes into memory in one go - now it loads them in chunks of 1k attributes at a time + v2.3.133 (2015-09-24) --------------------- - Merge branch 'hotfix-2.3.132' [Iglocska] - Fix to the previous commit. [Iglocska] + v2.3.132 (2015-09-23) --------------------- - Merge branch 'hotfix-2.3.132' [Iglocska] @@ -38856,6 +39888,7 @@ v2.3.132 (2015-09-23) Move test cases to PyMISP - Move test cases to PyMISP. [Raphaël Vinot] + v2.3.131 (2015-09-21) --------------------- - Merge branch 'hotfix-2.3.131' [iglocska] @@ -38870,12 +39903,14 @@ v2.3.131 (2015-09-21) - Merge branch 'hotfix-2.3.130' [iglocska] - Version bump. [iglocska] + v2.3.130 (2015-09-17) --------------------- - Merge branch 'hotfix-2.3.130' [iglocska] - Fix to an issue introduced in 2.3.128 that incorrectly causes MISP to not sync due to a version mismatch. [iglocska] + v2.3.129 (2015-09-16) --------------------- - Added an API to quickly check the current MISP version, fixes #664. @@ -38888,12 +39923,14 @@ v2.3.129 (2015-09-16) At least, I think so, please review :) + v2.3.128 (2015-09-16) --------------------- - Merge branch 'hotfix-2.3.128' [iglocska] - Added a diagnostic to check and purge overgrown session tables. [iglocska] + v2.3.127 (2015-09-16) --------------------- - Merge branch 'hotfix-2.3.127' [iglocska] @@ -38911,6 +39948,7 @@ v2.3.127 (2015-09-16) https://github.com/MISP/MISP/issues/302) [David André] - Added gcc in dependencies (related to #302) [David André] + v2.3.126 (2015-09-16) --------------------- - Merge branch 'hotfix-2.3.126' [iglocska] @@ -38939,7 +39977,7 @@ v2.3.126 (2015-09-16) - Further progress on several issues. [iglocska] - Progress on several issues. [Iglocska] - - switching workstations, this is all :construction: + - switching workstations, this is all WiP - Merge pull request #653 from Rafiot/master. [Raphaël Vinot] [Travis] Fix DB @@ -38951,6 +39989,7 @@ v2.3.126 (2015-09-16) - Fix to a display bug on the event index when short tags are used. [Iglocska] + v2.3.125 (2015-09-09) --------------------- - Merge branch 'hotfix-2.3.125' [Iglocska] @@ -38972,6 +40011,7 @@ v2.3.125 (2015-09-09) non IDS flagged attributes are also exported by default. - Fix travis message in README. [Raphaël Vinot] + v2.3.124 (2015-09-07) --------------------- - Merge branch 'hotfix-2.3.124' [Iglocska] @@ -38997,6 +40037,7 @@ v2.3.124 (2015-09-07) Add partial travis support - Add partial travis support. [Raphaël Vinot] + v2.3.123 (2015-09-03) --------------------- - Merge branch 'hotfix-2.3.123' [Iglocska] @@ -39006,6 +40047,7 @@ v2.3.123 (2015-09-03) - now also shows issues not related to the value field - takes an optional parameter to validate a single event's attributes + v2.3.122 (2015-09-02) --------------------- - Merge branch 'hotfix-2.3.122' [Iglocska] @@ -39014,6 +40056,7 @@ v2.3.122 (2015-09-02) - reported by Roberto Suggi Liverani from NCIA + v2.3.121 (2015-09-02) --------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [Iglocska] @@ -39041,11 +40084,13 @@ v2.3.121 (2015-09-02) - Merge branch 'hotfix-2.3.120' [Iglocska] - Cleanup of some mistakes. [Iglocska] + v2.3.120 (2015-08-27) --------------------- - Merge branch 'hotfix-2.3.118' [Iglocska] - Add / Remove tags from events via a new API. [Iglocska] + v2.3.118 (2015-08-27) --------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [Iglocska] @@ -39062,6 +40107,7 @@ v2.3.118 (2015-08-27) it must be core.php instead of Core.php + v2.3.117 (2015-08-27) --------------------- - Merge branch 'hotfix-2.3.117' [Iglocska] @@ -39072,6 +40118,7 @@ v2.3.117 (2015-08-27) - timing out and clicking on an admin action results in being redirected to a non-existing admin login page - distribution setting ignored when uploading attachments + v2.3.116 (2015-08-25) --------------------- - Merge branch 'hotfix-2.3.116' [Iglocska] @@ -39098,6 +40145,7 @@ v2.3.116 (2015-08-25) - Merge branch 'hotfix-2.3.113' into develop. [Iglocska] - Merge branch 'hotfix-2.3.112' into develop. [Iglocska] + v2.3.114 (2015-08-24) --------------------- - Merge branch 'hotfix-2.3.114' [Iglocska] @@ -39115,6 +40163,7 @@ v2.3.114 (2015-08-24) - Fixed a blackhole issue with the password reset popups + v2.3.112 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.112' [Iglocska] @@ -39132,6 +40181,7 @@ v2.3.112 (2015-08-18) - removed the requirement for the files to have the .ioc extension - Merge branch 'hotfix-2.3.110' into develop. [Iglocska] + v2.3.110 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.110' [Iglocska] @@ -39139,6 +40189,7 @@ v2.3.110 (2015-08-18) events from being added via the UI. [Iglocska] - Merge branch 'hotfix-2.3.109' into develop. [Iglocska] + v2.3.109 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.109' [Iglocska] @@ -39152,12 +40203,14 @@ v2.3.109 (2015-08-18) - Merge branch 'hotfix-2.3.107' into develop. [iglocska] - Merge branch 'hotfix-2.3.106' into develop. [Iglocska] + v2.3.108 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.108' [Iglocska] - Database update admin-actions are now logged and if they fail the errors are logged. [Iglocska] + v2.3.107 (2015-08-17) --------------------- - Merge branch 'hotfix-2.3.107' [iglocska] @@ -39178,6 +40231,7 @@ v2.3.107 (2015-08-17) - the sync uses 404s to signal that an event with a given uuid does not exist when negotiating proposal synchronisation - this causes a dangerously high amount of noise in the logs + v2.3.106 (2015-08-07) --------------------- - Merge branch 'hotfix-2.3.106' [Iglocska] @@ -39202,6 +40256,7 @@ v2.3.106 (2015-08-07) - Merge branch 'hotfix-2.3.93' into develop. [Iglocska] - Merge branch 'hotfix-2.3.92' into develop. [Iglocska] + v2.3.105 (2015-08-07) --------------------- - Merge branch 'hotfix-2.3.105' [Iglocska] @@ -39212,6 +40267,7 @@ v2.3.105 (2015-08-07) - Also, fix for an issue with the freetext import not using semi-colons as separators + v2.3.104 (2015-08-04) --------------------- - Merge branch 'hotfix-2.3.104' [Iglocska] @@ -39226,6 +40282,7 @@ v2.3.104 (2015-08-04) * the real name of libxslt-dev is libxslt1-dev * curl is required later in the installation and may not be present on the system + v2.3.103 (2015-08-04) --------------------- - Merge branch 'hotfix-2.3.103' [Iglocska] @@ -39246,6 +40303,7 @@ v2.3.103 (2015-08-04) - changed the UI attachment upload to reflect these changes - code more centralised and extendible + v2.3.102 (2015-07-27) --------------------- - Merge branch 'hotfix-2.3.102' [Iglocska] @@ -39259,6 +40317,7 @@ v2.3.102 (2015-07-27) - added a toggle for the IDS fields in the freetext import to quickly set all found attributes to being IDS worthy + v2.3.100 (2015-07-22) --------------------- - Merge branch 'hotfix-2.3.100' [Iglocska] @@ -39271,10 +40330,12 @@ v2.3.100 (2015-07-22) - Greatly reduces memory footprint (It mostly depends on the event with the most eligible attributes now, instead of the combined list of all events) - Because of the lower memory usage, the time taken for the export is also slashed to a fragment of what it was before + v2.3.99 (2015-07-20) -------------------- - Merge branch 'hotfix-2.3.98' [Iglocska] + v2.3.98 (2015-07-17) -------------------- - Merge branch '570' into hotfix-2.3.98. [Iglocska] @@ -39295,6 +40356,7 @@ v2.3.98 (2015-07-17) - fixed some issues with unset variables (from, to, last) when triggered by the background workers - reduced memory usage of the hids exports (removed storing the hashes twice in memory, drastically removed the data retrieved from the db when preparing the export) + v2.3.97 (2015-07-13) -------------------- - Merge branch 'hotfix-2.3.97' [Iglocska] @@ -39311,6 +40373,7 @@ v2.3.97 (2015-07-13) - Merge branch 'pr546' into hotfix-2.3.97. [Iglocska] - Use innodb engine for cake sessions table. [David André] + v2.3.96 (2015-07-12) -------------------- - Merge branch 'hotfix-2.3.96' [Iglocska] @@ -39320,12 +40383,14 @@ v2.3.96 (2015-07-12) - allows site admins to add workers to any queue on the fly - allows site admins to kill workers on the fly + v2.3.95 (2015-07-09) -------------------- - Merge branch 'hotfix-2.3.95' [Iglocska] - Some tuning to the hostname / url type recognition in the freetext import tool, fixes #562. [Iglocska] + v2.3.94 (2015-07-08) -------------------- - Merge branch 'hotfix-2.3.94' [Iglocska] @@ -39334,6 +40399,7 @@ v2.3.94 (2015-07-08) Moved the XML conversion in restfullEventToServer() to MISP's own xml conversion tool + v2.3.93 (2015-07-07) -------------------- - Merge branch 'hotfix-2.3.93' [Iglocska] @@ -39342,23 +40408,27 @@ v2.3.93 (2015-07-07) - some errors in the format (wrong comment character used, rpz-ip not appended to IP addresses, missing semi-colon) - removed hostnames that are on domains blocked by the rules based on domain attributes + v2.3.92 (2015-07-01) -------------------- - Merge branch 'hotfix-2.3.92' [Iglocska] - Fix to an incorrect validation of temporary filenames. [Iglocska] - Merge branch 'hotfix-2.3.91' into develop. [Iglocska] - Merge branch 'hotfix-2.3.90' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.90' into develop. [Iglocska] - Merge branch 'hotfix-2.3.89' into develop. [Iglocska] - Merge branch 'hotfix-2.3.91' [Iglocska] - File management fixed in server settings. [Iglocska] - a previous patch removed the contents of the page + v2.3.91 (2015-07-01) -------------------- - Merge branch 'hotfix-2.3.90' [Iglocska] - GnuPG.binary demoted to optional setting as it should be. [Iglocska] + v2.3.90 (2015-07-01) -------------------- - Merge branch 'hotfix-2.3.90' [Iglocska] @@ -39375,9 +40445,11 @@ v2.3.90 (2015-07-01) - the disabled fields are no longer created via the form helper - Merge branch 'hotfix-2.3.88' into develop. [Iglocska] - Merge branch 'hotfix-2.3.87' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.87' into develop. [Iglocska] - Merge branch 'hotfix-2.3.86' into develop. [Iglocska] - Merge branch 'hotfix-2.3.84' into develop. [iglocska] + v2.3.88 (2015-06-29) -------------------- - Merge branch 'hotfix-2.3.88' [Iglocska] @@ -39397,6 +40469,7 @@ v2.3.88 (2015-06-29) - updated gitignore to ignore some items that are outside of the scope of the git package - Proposal mass accept/discard, fixes #466. [Iglocska] + v2.3.87 (2015-06-25) -------------------- - Merge branch 'hotfix-2.3.86' [Iglocska] @@ -39467,11 +40540,13 @@ v2.3.87 (2015-06-25) - future enhancement possibility: move the second stage (the actual key fetch) to the server side instead of a direct ajax query from the user's browser + v2.3.85 (2015-06-22) -------------------- - Merge branch 'hotfix-2.3.85' [Iglocska] - Tuning of the complex type tool. [Iglocska] + v2.3.84 (2015-06-18) -------------------- - Merge branch 'hotfix-2.3.84' [iglocska] @@ -39494,12 +40569,14 @@ v2.3.84 (2015-06-18) [Iglocska] - Merge branch 'hotfix-2.3.75' into develop. [Iglocska] + v2.3.83 (2015-06-17) -------------------- - Merge branch 'hotfix-2.3.83' [iglocska] - Small tweak to the email/domain/hostname validation, affects #551. [iglocska] + v2.3.82 (2015-06-16) -------------------- - Merge branch 'hotfix-2.3.82' [iglocska] @@ -39508,6 +40585,7 @@ v2.3.82 (2015-06-16) - Merge branch 'hotfix-2.3.81' [Iglocska] - Removed some junk. [Iglocska] + v2.3.81 (2015-06-10) -------------------- - Merge branch 'hotfix-2.3.81' [Iglocska] @@ -39523,6 +40601,7 @@ v2.3.81 (2015-06-10) - Sending a password reset / welcome message picked the opposite subject line - line breaks were sent as literals. + v2.3.80 (2015-06-09) -------------------- - Merge branch 'hotfix-2.3.80' [Iglocska] @@ -39539,6 +40618,7 @@ v2.3.80 (2015-06-09) - This patch enables option 3, administrators can point MISP to the alternate executable in the server settings - Server setting changes logged, fixes #531. [Iglocska] + v2.3.79 (2015-06-06) -------------------- - Merge branch 'hotfix-2.3.79' [Iglocska] @@ -39565,6 +40645,7 @@ v2.3.79 (2015-06-06) - added a new entry to the admin tools (Administartion -> Administrative tools) - converts title and change columns in the logs table to text from varchar(255) + v2.3.77 (2015-06-05) -------------------- - Merge branch 'hotfix-2.3.77' [Iglocska] @@ -39573,6 +40654,7 @@ v2.3.77 (2015-06-05) - fixed an incorrect privilege check on the publish pop-up + v2.3.76 (2015-06-04) -------------------- - Merge branch 'hotfix-2.3.76' [Iglocska] @@ -39602,6 +40684,7 @@ v2.3.76 (2015-06-04) - on CentOS this is a separate package php-mbstring - on Ubuntu this is part of libapache2-mod-php5 + v2.3.74 (2015-06-03) -------------------- - Merge branch 'hotfix-2.3.74' [Iglocska] @@ -39609,6 +40692,7 @@ v2.3.74 (2015-06-03) - The rescheduling now happens before the task is executed - this way a failed job will not prevent the rescheduling of the next execution time + v2.3.73 (2015-06-03) -------------------- - Merge branch 'hotfix-2.3.73' [Iglocska] @@ -39637,6 +40721,7 @@ v2.3.73 (2015-06-03) - Ports in IP/url/link/domain/hostname now added as a comment - virustotal now automatically recognised as external analysis / link + v2.3.71 (2015-06-01) -------------------- - Merge branch 'hotfix-2.3.71' [Iglocska] @@ -39653,6 +40738,8 @@ v2.3.71 (2015-06-01) Add a note on Debian Wheezy installation instructions - Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] +- Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] +- Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] - Merge branch 'master' of https://github.com/aaronkaplan/MISP. [Aaron Kaplan] - Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] @@ -39666,6 +40753,7 @@ v2.3.71 (2015-06-01) Kaplan] - Merge branch 'hotfix-2.3.69' into develop. [iglocska] + v2.3.69 (2015-05-27) -------------------- - Merge branch 'hotfix-2.3.69' [iglocska] @@ -39728,11 +40816,13 @@ v2.3.69 (2015-05-27) - Merge branch 'hotfix-2.3.66' into develop. [iglocska] - Merge branch 'hotfix-2.3.65' into develop. [iglocska] + v2.3.68 (2015-05-21) -------------------- - Merge branch 'hotfix-2.3.68' [iglocska] - Date set to today's date by default, fixes #495. [iglocska] + v2.3.67 (2015-05-20) -------------------- - Merge branch 'hotfix-2.3.67' [iglocska] @@ -39743,12 +40833,14 @@ v2.3.67 (2015-05-20) - MISP will now try to only detect MISP auth keys in the headers and if it detects something else it ignores it + v2.3.66 (2015-05-15) -------------------- - Merge branch 'hotfix-2.3.66' [iglocska] - Fix to copy pasta issue breaking from/to filters in exports, fixes #494. [iglocska] + v2.3.65 (2015-05-15) -------------------- - Merge branch 'hotfix-2.3.65' [iglocska] @@ -39808,12 +40900,14 @@ v2.3.65 (2015-05-15) - based on stevengoossensB's pull request + v2.3.64 (2015-05-13) -------------------- - Merge branch 'password_script' [iglocska] - Password reset fix. [iglocska] - Added link to GNU AGLP License v3 text. [David André] + v2.3.63 (2015-05-04) -------------------- - Merge branch 'hotfix-2.3.63' [iglocska] @@ -39835,6 +40929,7 @@ v2.3.63 (2015-05-04) Fix for issue #467 Changed the label of IDS checkbox for proposals + v2.3.62 (2015-04-16) -------------------- - Merge branch 'hotfix-2.3.62' [Iglocska] @@ -39847,6 +40942,7 @@ v2.3.62 (2015-04-16) - also updated the sample curl scripts + v2.3.60 (2015-04-13) -------------------- - Merge branch 'hotfix-2.3.60' [Iglocska] @@ -39855,6 +40951,7 @@ v2.3.60 (2015-04-13) - Issue fixed: When background jobs are enabled the wrong flag is checked when attemptying to enqueue a pull + v2.3.59 (2015-04-08) -------------------- - Merge branch 'hotfix-2.3.59' [Iglocska] @@ -39937,6 +41034,7 @@ v2.3.59 (2015-04-08) - Merge remote-tracking branch 'upstream/master' [Richard van den Berg] - Disallow unpublished events. [Richard van den Berg] + v2.3.58 (2015-04-01) -------------------- - Merge branch 'hotfix-2.3.58' [Iglocska] @@ -39945,6 +41043,7 @@ v2.3.58 (2015-04-01) - attributes were not correctly updated during a manual push due to an incorrect conditional - re-publishing was unaffected + v2.3.57 (2015-03-16) -------------------- - Merge branch 'hotfix-2.3.57' [Iglocska] @@ -39964,11 +41063,13 @@ v2.3.57 (2015-03-16) - Merge branch 'hotfix-2.3.47' into develop. [iglocska] - Merge branch 'hotfix-2.3.46' into develop. [iglocska] - Merge branch 'hotfix-2.3.45' into develop. [iglocska] +- Merge branch 'hotfix-2.3.45' into develop. [iglocska] - Merge branch 'hotfix-2.3.44' into develop. [iglocska] - Merge branch 'hotfix-2.3.43' into develop. [iglocska] - Merge branch 'hotfix-2.3.42' into develop. [iglocska] - Merge branch 'hotfix-2.3.41' into develop. [iglocska] + v2.3.56 (2015-03-14) -------------------- - Merge branch 'hotfix-2.3.56' [Iglocska] @@ -39983,6 +41084,7 @@ v2.3.56 (2015-03-14) - The log search incorrectly set the search terms for empty fields, meaning that any log entries that had unfilled columns, such as it is the case with admin_email would never return results + v2.3.55 (2015-03-10) -------------------- - Merge branch 'hotfix-2.3.55' [iglocska] @@ -39990,12 +41092,14 @@ v2.3.55 (2015-03-10) - filenames are now enclosed by quotes instead of double quotes while executing the zip command via exec + v2.3.54 (2015-02-24) -------------------- - Merge branch 'hotfix-2.3.54' [iglocska] - Version bump. [iglocska] - Json view fixed, fixes #411. [iglocska] + v2.3.53 (2015-02-23) -------------------- - Merge branch 'hotfix-2.3.53' [iglocska] @@ -40014,6 +41118,7 @@ v2.3.53 (2015-02-23) - also fixed the edit button on the index + v2.3.52 (2015-02-18) -------------------- - Merge branch 'hotfix-2.3.51' [iglocska] @@ -40024,6 +41129,7 @@ v2.3.52 (2015-02-18) - JSON view code moved to Lib - Fixed an issue that didn't restrict the dates correctly with the from / to parameters + v2.3.51 (2015-02-16) -------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] @@ -40031,6 +41137,7 @@ v2.3.51 (2015-02-16) - MISP logo added. [Alexandre Dulaunoy] - MISP logos added (SVG, PDF and PNG) [Alexandre Dulaunoy] + v2.3.50 (2015-02-16) -------------------- - Merge branch 'hotfix-2.3.50' [iglocska] @@ -40041,6 +41148,7 @@ v2.3.50 (2015-02-16) - return attributes fails when requesting the results in JSON - added missing view file + v2.3.49 (2015-02-16) -------------------- - Merge branch 'hotfix-2.3.49' [iglocska] @@ -40049,6 +41157,7 @@ v2.3.49 (2015-02-16) - incorrect check on the nids exports blocked logged in users from downloading the snort/suricata rules of an event - check removed + v2.3.48 (2015-02-10) -------------------- - Merge branch 'hotfix-2.3.48' [iglocska] @@ -40061,6 +41170,7 @@ v2.3.48 (2015-02-10) - Allows massive IOC lists to be imported - improved performance + v2.3.47 (2015-02-09) -------------------- - Merge branch 'hotfix-2.3.47' [iglocska] @@ -40070,11 +41180,13 @@ v2.3.47 (2015-02-09) - World's smallest patch + v2.3.46 (2015-02-05) -------------------- - Merge branch 'hotfix-2.3.45' [iglocska] - New documentation left off. [iglocska] + v2.3.45 (2015-02-05) -------------------- - Merge branch 'hotfix-2.3.45' [iglocska] @@ -40085,6 +41197,7 @@ v2.3.45 (2015-02-05) - resolved an issue of warnings being generated when an event without attributes / relations gets XML exported. - added new dump of the documentation + v2.3.44 (2015-02-04) -------------------- - Merge branch 'hotfix-2.3.44' [iglocska] @@ -40094,11 +41207,13 @@ v2.3.44 (2015-02-04) - added a file that was not pushed during the last hotfix - some improvements to the XML export to lower memory usage + v2.3.43 (2015-02-03) -------------------- - Merge branch 'hotfix-2.3.43' [iglocska] - Documentation fail fixes #384. [iglocska] + v2.3.42 (2015-02-03) -------------------- - Merge branch 'hotfix-2.3.42' [iglocska] @@ -40112,6 +41227,7 @@ v2.3.42 (2015-02-03) - Most exports are now restrictable by the event date (From/To parameters) - none cached XML export now writes to file after converting each event, clearing the memory and resolving any potential memory issues + v2.3.41 (2015-02-02) -------------------- - Merge branch 'hotfix-2.3.41' [iglocska] @@ -40131,6 +41247,7 @@ v2.3.41 (2015-02-02) hotfix-2.3.41. [iglocska] - Pretify some comments. [Richard van den Berg] - Fixed typo. [Richard van den Berg] +- Fixed typo. [Richard van den Berg] - Fix string assignments to StructuredText. [Richard van den Berg] - Map most MISP attribute comments into STIX. [Richard van den Berg] - Preserve indicator comments in STIX export. [Richard van den Berg] @@ -40144,6 +41261,7 @@ v2.3.41 (2015-02-02) - old behavior used if left untouched - Merge branch 'hotfix-2.3.40' into develop. [iglocska] + v2.3.40 (2015-01-15) -------------------- - Merge branch 'hotfix-2.3.40' [iglocska] @@ -40152,6 +41270,7 @@ v2.3.40 (2015-01-15) Incorrectly trying to look up authenticated user in the model fixed - Merge branch 'hotfix-2.3.39' into develop. [iglocska] + v2.3.39 (2015-01-12) -------------------- - Merge branch 'hotfix-2.3.39' [iglocska] @@ -40161,6 +41280,8 @@ v2.3.39 (2015-01-12) - Scheduled pushes and pulls correctly display in the logs - Scheduled caching correctly sets the next date of execution - Merge branch 'hotfix-2.3.38' into develop. [iglocska] +- Merge branch 'hotfix-2.3.38' into develop. [iglocska] +- Merge branch 'hotfix-2.3.38' into develop. [iglocska] - Merge branch 'hotfix-2.3.38' [iglocska] - Copy pasta fail. [iglocska] - Merge branch 'hotfix-2.3.38' [iglocska] @@ -40189,6 +41310,7 @@ v2.3.39 (2015-01-12) - text exports now allow restricting the results based on event id - Merge branch 'hotfix-2.3.37' into develop. [iglocska] + v2.3.37 (2014-12-12) -------------------- - Merge branch 'hotfix-2.3.37' [iglocska] @@ -40201,12 +41323,15 @@ v2.3.37 (2014-12-12) - Fix to some event altering actions not updating the timestamp. [iglocska] - Merge branch 'hotfix-2.3.35' into develop. [iglocska] +- Merge branch 'hotfix-2.3.35' into develop. [iglocska] + v2.3.36 (2014-12-10) -------------------- - Merge branch 'hotfix-2.3.35' [iglocska] - Small fix. [iglocska] + v2.3.35 (2014-12-10) -------------------- - Merge branch 'hotfix-2.3.35' [iglocska] @@ -40235,6 +41360,7 @@ v2.3.35 (2014-12-10) - Changed wording of warning message when entering a targeting type attribute, fixes #355. [iglocska] + v2.3.34 (2014-12-05) -------------------- - Merge branch 'hotfix-2.3.33' [iglocska] @@ -40243,6 +41369,7 @@ v2.3.34 (2014-12-05) - Merge branch 'hotfix-2.3.32' into develop. [iglocska] - Merge branch 'hotfix-2.3.31' into develop. [iglocska] + v2.3.33 (2014-12-03) -------------------- - Merge branch 'hotfix-2.3.32' [iglocska] @@ -40250,6 +41377,7 @@ v2.3.33 (2014-12-03) - xpath describing the current node and descendants is incorrect + v2.3.31 (2014-11-27) -------------------- - Merge branch 'hotfix-2.3.31' [iglocska] @@ -40263,6 +41391,7 @@ v2.3.31 (2014-11-27) - Small fix to wrapping text in the pivot graph - Merge branch 'hotfix-2.3.30' into develop. [iglocska] + v2.3.30 (2014-11-27) -------------------- - Merge branch 'hotfix-2.3.30' [iglocska] @@ -40280,6 +41409,7 @@ v2.3.30 (2014-11-27) - naming convention changed (orgc => source org, org => member org) - this should allow users to see if an event was generated on their instance or not. + v2.3.29 (2014-11-20) -------------------- - Merge branch 'hotfix-2.3.29' [iglocska] @@ -40292,21 +41422,27 @@ v2.3.29 (2014-11-20) - Merge branch 'hotfix-2.3.28' into develop. [iglocska] - Merge branch 'hotfix-2.3.27' into develop. [iglocska] + v2.3.28 (2014-11-19) -------------------- - Merge branch 'hotfix-2.3.28' [iglocska] - Fix to the CSRF protection blocking a proposal add. [iglocska] + v2.3.27 (2014-11-14) -------------------- - Merge branch 'hotfix-2.3.27' [iglocska] - Diagnostics check fails on PGP check if the server's key is a sign only key. [iglocska] - Merge branch 'hotfix-2.3.25' into develop. [iglocska] +- Merge branch 'hotfix-2.3.25' into develop. [iglocska] +- Merge branch 'hotfix-2.3.25' into develop. [iglocska] +- Merge branch 'hotfix-2.3.25' into develop. [iglocska] - Merge branch 'hotfix-2.3.25' [iglocska] - Further corner case fixed (shadow attribute to attribute, not event) [iglocska] + v2.3.26 (2014-11-14) -------------------- - Merge branch 'hotfix-2.3.25' [iglocska] @@ -40316,6 +41452,7 @@ v2.3.26 (2014-11-14) - Merge branch 'hotfix-2.3.25' [iglocska] - Added to the caching mechanism. [iglocska] + v2.3.25 (2014-11-14) -------------------- - Merge branch 'hotfix-2.3.25' [iglocska] @@ -40324,6 +41461,7 @@ v2.3.25 (2014-11-14) - Merge branch 'hotfix-2.3.23' into develop. [iglocska] - Merge branch 'hotfix-2.3.24' [iglocska] + v2.3.24 (2014-11-12) -------------------- - Fix to an issue with the CSV export. [iglocska] @@ -40331,16 +41469,19 @@ v2.3.24 (2014-11-12) - missing linebreak after header row added - fixed an issue with quotes in the value field not being escaped properly + v2.3.23 (2014-11-05) -------------------- - Merge branch 'hotfix-2.3.23' [iglocska] - Fixes issue with file attachments not being downloadable for users of another org. [iglocska] - Merge branch 'hotfix-2.3.22' into develop. [iglocska] +- Merge branch 'hotfix-2.3.22' into develop. [iglocska] - Merge branch 'hotfix-2.3.22' [iglocska] - Document referencing deprecated way of passing authkey in url. [iglocska] + v2.3.22 (2014-11-03) -------------------- - Merge branch 'hotfix-2.3.22' [iglocska] @@ -40350,12 +41491,14 @@ v2.3.22 (2014-11-03) - search on any sub-string match in the event info, orgc, attribute value, attribute comment via the API - Merge branch 'hotfix-2.3.21' into develop. [iglocska] + v2.3.21 (2014-10-31) -------------------- - Merge branch 'hotfix-2.3.21' [iglocska] - Fix to the missing accept terms button. [iglocska] - Merge branch 'hotfix-2.3.20' into develop. [iglocska] + v2.3.20 (2014-10-31) -------------------- - Merge branch 'hotfix-2.3.20' [iglocska] @@ -40370,11 +41513,14 @@ v2.3.20 (2014-10-31) - attribute search returns any event that has a a sub-string match on the entered attribute - can also be used to negate (e.g: don't show me any events that have a sub-string match on any of its attributes) - Merge branch 'hotfix-2.3.19' into develop. [iglocska] +- Merge branch 'hotfix-2.3.19' into develop. [iglocska] +- Merge branch 'hotfix-2.3.19' into develop. [iglocska] - Merge branch 'hotfix-2.3.19' [iglocska] - Left off from previous commit. [iglocska] - Merge branch 'hotfix-2.3.19' [iglocska] - Font change caused some misalignment. [iglocska] + v2.3.19 (2014-10-30) -------------------- - Merge branch 'hotfix-2.3.19' [iglocska] @@ -40392,9 +41538,11 @@ v2.3.19 (2014-10-30) - Mapping of hostnames to Network activity failed due to incorrect capitalistion - Temporarily removed the ignore function on certain indicators. Ignoring an element in an AND-ed branch happens without a pruning of the element IDs - Merge branch 'hotfix-2.3.18' into develop. [iglocska] +- Merge branch 'hotfix-2.3.18' into develop. [iglocska] - Merge branch 'hotfix-2.3.18' [iglocska] - Small visual fix. [iglocska] + v2.3.18 (2014-10-29) -------------------- - Merge branch 'hotfix-2.3.18' [iglocska] @@ -40405,6 +41553,7 @@ v2.3.18 (2014-10-29) - add, link, delete files directly from the interface - Merge branch 'hotfix-2.3.17' into develop. [iglocska] + v2.3.17 (2014-10-28) -------------------- - Merge branch 'hotfix-2.3.17' [iglocska] @@ -40415,21 +41564,25 @@ v2.3.17 (2014-10-28) - specify whether to show it inline or create a download link for users instead - by default everything is the same as before, except that the MISP installation path is no longer exposed by a non-existing terms file - Merge branch 'hotfix-2.3.16' into develop. [iglocska] +- Merge branch 'hotfix-2.3.16' into develop. [iglocska] - Merge branch 'hotfix-2.3.14' into develop. [iglocska] - Merge branch 'hotfix-2.3.16' [iglocska] - Version number fixed. [iglocska] + v2.3.16 (2014-10-27) -------------------- - Merge branch 'hotfix-2.3.16' [iglocska] - Made the version check exclusive to the diagnostics tab. [iglocska] + v2.3.15 (2014-10-27) -------------------- - Merge branch 'hotfix-2.3.15' [iglocska] - Event attribute pagination is persistent through edits / deletes. [iglocska] + v2.3.14 (2014-10-27) -------------------- - Merge branch 'hotfix-2.3.14' [iglocska] @@ -40459,6 +41612,8 @@ v2.3.14 (2014-10-27) - Fix to the GFI upload. [iglocska] - Merge branch 'hotfix-2.3.10' [iglocska] - Merge branch 'hotfix-2.3.9' into develop. [iglocska] +- Merge branch 'hotfix-2.3.9' into develop. [iglocska] +- Merge branch 'hotfix-2.3.9' into develop. [iglocska] - Merge branch 'hotfix-2.3.9' [iglocska] - Fix to the filters. [iglocska] - Merge branch 'hotfix-2.3.9' [iglocska] @@ -40474,6 +41629,7 @@ v2.3.14 (2014-10-27) - Added missing comment about enabling the scheduler worker fixes #295. [iglocska] - Merge branch 'hotfix-2.3.6' into develop. [iglocska] +- Merge branch 'hotfix-2.3.6' into develop. [iglocska] - Merge branch 'hotfix-2.3.6' [iglocska] - Fixes to the proposal ajax mechanism for newer cakephp versions. [iglocska] @@ -40489,6 +41645,10 @@ v2.3.14 (2014-10-27) Might revisit this in the future - Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] - Merge branch 'hotfix-2.3.3' into develop. [iglocska] - Merge branch 'hotfix-2.3.2' into develop. [iglocska] - Merge branch 'hotfix-2.3.4' [iglocska] @@ -40512,6 +41672,7 @@ v2.3.14 (2014-10-27) - CIDR now recognised by freetext import. [iglocska] - Typo fail fixed. [iglocska] + v2.3.0 (2014-10-07) ------------------- - Documentation changes. [iglocska] @@ -40561,6 +41722,7 @@ v2.3.0 (2014-10-07) - CakeResque's installation instructions changed - Merge branch 'hotfix-2.2.39' [iglocska] +- Merge branch 'hotfix-2.2.39' [iglocska] - Merge branch 'hotfix-2.2.38' [iglocska] - Updated .gitignore. [iglocska] - Issue with the new csrf protection with the new ajax fields. @@ -40631,6 +41793,7 @@ v2.3.0 (2014-10-07) partially responsible for #271. [iglocska] - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] - Merge branch 'hotfix-2.2.35' [iglocska] +- Merge branch 'hotfix-2.2.35' [iglocska] - Merge branch 'hotfix-2.2.36' [iglocska] - Added the confirmation box div to all the pages that can have the publish popup. [iglocska] @@ -40680,6 +41843,7 @@ v2.3.0 (2014-10-07) - changed the pull implementation for proposals - Merge branch 'hotfix-2.2.35' into feature/proposalfix. [iglocska] +- Merge branch 'hotfix-2.2.35' into feature/proposalfix. [iglocska] - Publishing now also pushes proposals. [iglocska] This is especially important to push deleted proposals once a proposal has been accepted @@ -40812,6 +41976,7 @@ v2.3.0 (2014-10-07) - Division by zero in e-mail alerts when calculating the progress of the background job - Merge branch 'hotfix-2.2.32' [iglocska] +- Merge branch 'hotfix-2.2.32' [iglocska] - Merge branch 'hotfix-2.2.32' into develop. [iglocska] - Removed junk left in the previous commit. [iglocska] - Update to the way xml files are cached. [iglocska] @@ -40907,6 +42072,7 @@ v2.3.0 (2014-10-07) - The tags parameter in the exports now correctly accepts null as a valid value even if it is the last parameter - Merge branch 'hotfix-2.2.20' [iglocska] +- Merge branch 'hotfix-2.2.20' [iglocska] - Merge branch 'hotfix-2.2.20' into develop. [iglocska] - Missing parantheses. [iglocska] @@ -40969,6 +42135,7 @@ v2.3.0 (2014-10-07) - Event description in alert e-mail subject made optional, fixes #231. [iglocska] - Merge branch 'hotfix-2.2.13' [iglocska] +- Merge branch 'hotfix-2.2.13' [iglocska] - Clearer disctinction between proposals that belong to an attribute and proposals to an event. [iglocska] - Ajaxification of the event page done also, replaced histogram in @@ -41185,9 +42352,15 @@ v2.3.0 (2014-10-07) - A colon in the tag search tag will render the tag search invalid. Since colons are commonly used in tag names, this poses an issue - users should use a semi-colon instead, which gets automatically converted to a colon. - Fixing newlines in script. [Christophe Vandeplas] - Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] - Minor corrections in the UPGRADE docu. [Christophe Vandeplas] - Clean cache at upgrade. [Christophe Vandeplas] - Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] + v2.2.1 (2014-02-19) ------------------- @@ -41900,6 +43073,7 @@ v2.2.1 (2014-02-19) - Helper will now only be called during view when it's not a rest request. - Merge branch 'hotfix-2.1.21' [iglocska] +- Merge branch 'hotfix-2.1.21' [iglocska] - Merge branch 'hotfix-2.1.21' into develop. [iglocska] - Accidental debug removed. [iglocska] - Merge branch 'hotfix-2.1.21' into develop. [iglocska] @@ -41908,6 +43082,8 @@ v2.2.1 (2014-02-19) - removed own proposals from the list - allowing site admin to see all proposals of any org - Merge branch 'hotfix-2.1.19' [iglocska] +- Merge branch 'hotfix-2.1.19' [iglocska] +- Merge branch 'hotfix-2.1.19' [iglocska] - Merge branch 'hotfix-2.1.20' [iglocska] - Merge branch 'hotfix-2.1.19' into develop. [iglocska] - Debug info removed. [iglocska] @@ -41966,6 +43142,8 @@ v2.2.1 (2014-02-19) - The idea is to draw a horizontal path instead of a vertical one - First refactoring of the pivoting. [iglocska] - Merge branch 'hotfix-2.1.18' [iglocska] +- Merge branch 'hotfix-2.1.18' [iglocska] +- Merge branch 'hotfix-2.1.18' [iglocska] - Merge branch 'hotfix/2.1.18' [Christophe Vandeplas] - Merge branch 'hotfix-2.1.18' into develop. [iglocska] - Deleting attributes deletes associated shadow attributes. [iglocska] @@ -41987,6 +43165,7 @@ v2.2.1 (2014-02-19) - Fix bug in pull updated events, improved performance. [Christophe Vandeplas] - Merge branch 'hotfix-2.1.17' [iglocska] +- Merge branch 'hotfix-2.1.17' [iglocska] - Merge branch 'hotfix-2.1.17' into develop. [iglocska] - Left-over line removed. [iglocska] - Merge branch 'hotfix-2.1.17' into develop. [iglocska] @@ -41997,6 +43176,8 @@ v2.2.1 (2014-02-19) - data only exported on view() not mass xml exports - Merge branch 'hotfix-2.1.15' [iglocska] +- Merge branch 'hotfix-2.1.15' [iglocska] +- Merge branch 'hotfix-2.1.15' [iglocska] - Merge branch 'hotfix-2.1.15' into develop. [iglocska] - Export fixes. [iglocska] @@ -42020,6 +43201,9 @@ v2.2.1 (2014-02-19) - Merge branch 'hotfix-2.1.13' into develop. [iglocska] - Removed vulnerability and comment from correlation. [iglocska] - Merge branch 'hotfix-2.1.12' [iglocska] +- Merge branch 'hotfix-2.1.12' [iglocska] +- Merge branch 'hotfix-2.1.12' [iglocska] +- Merge branch 'hotfix-2.1.12' [iglocska] - Merge branch 'hotfix-2.1.12' into develop. [iglocska] - Final change to the placement of the logos on the login page. [iglocska] @@ -42031,6 +43215,8 @@ v2.2.1 (2014-02-19) - Added second logo to the left of the login screen. [iglocska] - Merge branch 'hotfix-2.1.8' [iglocska] - Merge branch 'hotfix-2.1.11' [iglocska] +- Merge branch 'hotfix-2.1.11' [iglocska] +- Merge branch 'hotfix-2.1.11' [iglocska] - Merge branch 'hotfix-2.1.8' into develop. [iglocska] - A previous change reverted by accident in the previous commit. [iglocska] @@ -42608,6 +43794,7 @@ v2.2.1 (2014-02-19) - Some changes to the documentation - More updates to the manual. [iglocska] +- More updates to the manual. [iglocska] - Some UI changes and partial update to the manual. [iglocska] - Added 2 new type of attributes. [iglocska] @@ -43117,6 +44304,7 @@ v2.2.1 (2014-02-19) - Removed unused CyDefSIG.showowner field. Closes issue #93. [Christophe Vandeplas] - Merge branch 'develop' [Andras Iklody] +- Merge branch 'develop' [Andras Iklody] - Updated github url. [Christophe Vandeplas] - Merge branch 'master' of https://github.com/BeDefCERT/MISP. [iglocska] - Updated INSTALL docu and apache templates. [Christophe Vandeplas] @@ -45608,6 +46796,7 @@ v2.2.1 (2014-02-19) - Allow string-in-file. [Christophe Vandeplas] - Snort signature type has no datavalidation. [Christophe Vandeplas] - Added 'snort' signature type. [Christophe Vandeplas] +- Added 'snort' signature type. [Christophe Vandeplas] - Database structure and rough license. [Christophe Vandeplas] - List members (orgs) of the platform. [Christophe Vandeplas] - Allow to hide (default) the name of the Organisation that posted the @@ -45654,3 +46843,4 @@ v2.2.1 (2014-02-19) - Minor change. [Christophe Vandeplas] - Initial import. [Christophe Vandeplas] + From 130f2ddb0d22be06c5d066610312fc4779da719e Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 21 Feb 2022 20:46:25 +0100 Subject: [PATCH 0042/1366] chg: [doc] changelog replaced with the official one --- docs/Changelog.md | 2960 +++++++++++++++++++++++++++++++-------------- 1 file changed, 2075 insertions(+), 885 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 307b5378e..1d2dbd43f 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -1,30 +1,327 @@ Changelog ========= -v2.4 aka 2.4 for ever (current changelog) ------------------------- + +v2.4.153 (2022-02-04) +--------------------- + +New +~~~ +- [UI] Show TLS version for server test. [Jakub Onderka] +- [security] Check TLSv1.3 connection. [Jakub Onderka] +- [oidc] Add new option: OidcAuth.authentication_method. [Jakub Onderka] +- [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork. + [Jakub Onderka] +- [CLI] admin configLint. [Jakub Onderka] +- [security] Allow to specify min_tls_version. [Jakub Onderka] +- [security] securityAuditTls. [Jakub Onderka] +- [CLI] Security audit. [Jakub Onderka] +- [form factory] added a div field type. [iglocska] + + - allows to create parametrised divs for additional placeholders + - parameters are id, class, style, to be extended when needed +- [test] New audit. [Jakub Onderka] Changes -------- +~~~~~~~ +- [version] bump. [iglocska] +- Fix findoriginaluuid typo. [Jeroen Pinoy] +- [oidc] Store user sid in session. [Jakub Onderka] +- [misp-objects] updated. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [internal] Add debugging for problematic push. [Jakub Onderka] +- [tools] communities.md generator works with new website. [Christophe + Vandeplas] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [setting] Check if value is from options. [Jakub Onderka] +- [UI] Use number input for numeric setting. [Jakub Onderka] +- [internal] Do not call __evaluateLeaf for branch. [Jakub Onderka] +- [internal] Recommend to install pydeep2. [Jakub Onderka] +- [connection] Allow to define onConnect callback. [Jakub Onderka] +- [js:markdown-it] Update markdown-it library from version 11.0.0 to + version 12.3.2. [Sami Mokaddem] +- [test] Use new link to install poetry. [Jakub Onderka] +- [test] Remove libfuzzy-dev package. [Jakub Onderka] +- [internal] Bump PyMISP to use pydeep2. [Jakub Onderka] +- [internal] Use pydeep2. [Jakub Onderka] +- [internal] Event report name is required. [Jakub Onderka] +- [security] Warn about unsupported OS. [Jakub Onderka] +- [internal] Fix session closing for dashboard widget. [Jakub Onderka] +- [internal] Remove useless session closing. [Jakub Onderka] +- [security] Avoid timing attacks for post validating. [Jakub Onderka] +- [internal] Remove random_compat. [Jakub Onderka] +- [internal] Do not modify session when not necessary. [Jakub Onderka] +- [cli] Deprecate `cake baseurl` command. [Jakub Onderka] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [CI] fixed installation. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [i18n] Updated Thai (21%) [Steve Clement] +- [doc] Added php-curl to speed up composer. [Steve Clement] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [i18n] default.pot update. [Steve Clement] +- [i18n] Renamed Thai directory. [Steve Clement] +- [i18n] Added Thai, updated active language files. [Steve Clement] +- [i18n] Update pot files. [Steve Clement] +- [warning-lists] updated to the latest version. [Alexandre Dulaunoy] +- [installer] Updated to latest, considering rhel8.4/8.5. [Steve + Clement] - [doc] Remove centos ref. [Steve Clement] - [doc] Added rhel8.4 and rhel8.5. [Steve Clement] - [installer] Latest installer to reflect doc changes. [Steve Clement] +- [installer] Latest installer to reflect doc changes. [Steve Clement] - [doc] Removed CentOS ref. [Steve Clement] - [doc] Updated docs and removed obsolete refs. [Steve Clement] - [doc] Various CentOS9 references. [Steve Clement] +Fix +~~~ +- [language] fix (exception text) [iglocska] +- [internal] Array to string conversion. [Jakub Onderka] +- [misp-stix] Same errors handling for STIX1 as it recently has been + pushed for STIX2. [chrisr3d] +- [API key] shown on automation page when using classic keys. [iglocska] +- [misp-stix] Bumped latest version with enhanced parsing of objects + which encountered parsing errors. [chrisr3d] + + - Instead of simply storing the error message, we + also convert those objects as STIX Custom objects +- [misp-stix] Bumped latest version with a better exceptions handling + for file, pe & pe-section objects converted to STIX2 file objects with + a pebinary extension. [chrisr3d] +- [stix export] Fixed wrong indentation causing variable name errors. + [chrisr3d] +- [misp-stix] Bumped latest version with a quick fix on Tags handling as + STIX2 markings. [chrisr3d] +- [misp-stix] Bumped latest version with some fixes on the tags parsing. + [chrisr3d] +- [internal] testForCABundle should return true. [Jakub Onderka] +- [stix] STIX test. [Jakub Onderka] +- [internal] Syntax error in PHP 7.2. [Jakub Onderka] +- [test] Do not force libpcre2 installation. [Jakub Onderka] +- [setting] Default value for MISP.require_password_confirmation is + false. [Jakub Onderka] +- [appController:loginByAuthkey] Skip authentication with basic + authorization. [Sami Mokaddem] + + Fix #7576. + Basic Auth might happen for some setup where the authentication is performed by another component such as LDAP. + For these cases, the Authorization header is present and contains the Basic Auth data used by the authentication plugin. Before this patch, MISP failed to resolve the API key to a user and threw a 403. This was because MISP detected the presence of the Authorization header which triggered an authentication by Authkey that would always fail as the content is not a valid API key. +- [event add] resolved notice error when viewing the event add form. + [iglocska] + + - converted the html div added as a field to a proper factory field +- [audit] Send IP address to ZMQ in full form. [Jakub Onderka] +- Supervisord_status showing as a worker when its not. [Luciano + Righetti] +- [CLI] Authkey valid - reconnect in case of failure. [Jakub Onderka] +- Fix: add flag to update deps as suggested by @hlijan. [Luciano + Righetti] +- Bug defaulting source_format instead of fixed_event on /feeds/add + endpoint. [Luciano Righetti] +- [UI] Fix authkey field type. [Jakub Onderka] +- [internal] Closing session for statistics. [Jakub Onderka] +- Fix: unix timestamps should have a @ prefix. [Luciano Righetti] +- Make SimpleBackgroundJobs work on RHEL 7 with + supervisorphp/supervisor:^3.0. [Richard van den Berg] +- Change simple bg jobs settings to critical, fix notice in server + shell. [Luciano Righetti] +- [stix1 export] Removed unused imports. [chrisr3d] +- [stix2 import] Fixed wrong variable name. [chrisr3d] +- [misp-stix] Bumped latest fixed version of the library. [chrisr3d] + + - Includes fixes on the usage of orgnames during + a STIX 1 export: + - The orgname used to define the information + source and the reporter identity remains + the same + - The orgname used to define every STIX object + id is sanitized to comply with the STIX + validation process +- [CI] libpcre2 issue. [Alexandre Dulaunoy] +- Error later on when json enconding a binary repr ipv6. [Luciano + Righetti] +- [i18n] Typo. [Steve Clement] +- [typo] check - not chech. [Steve Clement] +- [galaxyclusters] view by uuid fixed. [iglocska] +- [typo] tagID. [Steve Clement] +- Fix: unix timestamps should have a @ prefix. [Luciano Righetti] + Other ------ +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge pull request #8129 from Wachizungu/fix-findoriginaluuid-typo. + [Alexandre Dulaunoy] + + chg: fix findoriginaluuid typo +- Merge pull request #8118 from JakubOnderka/new-oidc. [Jakub Onderka] + + chg: [oidc] Store user sid in session +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8123 from JakubOnderka/event-push-debug. [Jakub + Onderka] + + fix: [internal] Array to string conversion +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch 'develop' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. + [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. + [chrisr3d] +- Merge pull request #8120 from JakubOnderka/event-push-debug. [Jakub + Onderka] + + chg: [internal] Add debugging for problematic push +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. + [chrisr3d] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8109 from JakubOnderka/tls-debug. [Jakub Onderka] + + TLS connection debug +- Merge pull request #8117 from JakubOnderka/new-oidc. [Jakub Onderka] + + new: [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch 'develop' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [chrisr3d] +- Merge pull request #8107 from JakubOnderka/settings-lint. [Jakub + Onderka] + + Settings lint +- Merge pull request #8106 from JakubOnderka/stix-test. [Jakub Onderka] + + Stix test +- Merge pull request #8105 from JakubOnderka/min_tls_version. [Jakub + Onderka] + + new: [security] Allow to specify min_tls_version +- Merge pull request #8089 from JakubOnderka/security-audit-cli. [Jakub + Onderka] + + new: [CLI] Security audit +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8100 from JakubOnderka/pydeep2. [Jakub Onderka] + + chg: [internal] Bump PyMISP to use pydeep2 +- Merge pull request #8098 from JakubOnderka/zmq-audit-ip-address. + [Jakub Onderka] + + fix: [audit] Send IP address to ZMQ in full form +- Merge pull request #8099 from JakubOnderka/pydeep2. [Jakub Onderka] + + chg: [internal] Use pydeep2 +- Merge branch '2.4' into develop. [Luciano Righetti] +- Merge pull request #8065 from fandigunawan/2.4. [Jakub Onderka] + + fix: Removes debug print in AWS S3 Client +- Removes debug print. [Fandi Gunawan] +- Merge pull request #8067 from righel/issue-8064. [Andras Iklody] + + fix: supervisord_status showing as a worker when its not +- Merge pull request #8086 from JakubOnderka/event-report-name-required. + [Jakub Onderka] + + chg: [internal] Event report name is required +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Steve Clement] +- Merge pull request #8072 from JakubOnderka/fix-authkeys-valid. [Jakub + Onderka] + + fix: [CLI] Authkey valid - reconnect in case of failure +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #8069 from JakubOnderka/security-audit-old-os. + [Jakub Onderka] + + chg: [security] Warn about unsupported OS +- Merge pull request #8061 from JakubOnderka/authkey-input. [Jakub + Onderka] + + fix: [UI] Fix authkey field type +- Merge pull request #7986 from JakubOnderka/better-security. [Jakub + Onderka] + + chg: [internal] Do not modify session when not necessary +- Merge branch '2.4' into develop. [Steve Clement] +- Merge pull request #8052 from RichieB2B/ncsc-nl/supervisor. [Luciano + Righetti] + + Make supervisor connector work with supervisorphp/supervisor 3 +- Merge pull request #8053 from righel/improve-simple-bg-jobs-settings. + [Luciano Righetti] + + Improve SimpleBackgroundJobs settings +- Add: add migration guide to docs. [Luciano Righetti] +- Merge pull request #8039 from JakubOnderka/cake-baseurl-deprecated. + [Jakub Onderka] + + chg: [cli] Deprecate `cake baseurl` command +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge branch '2.4' of https://github.com/MISP/MISP into develop. + [chrisr3d] +- Merge pull request #8092 from DCSO/fix/linotp-throw2. [Alexandre + Dulaunoy] + + LinOTP minor fixes +- [chg] LinOTP default baseURL. [Hendrik Baecker] +- [chg] Make LinOTP configurable via webui and cli. [Hendrik Baecker] +- [chg] Add link to LinOTP selfservice. [Hendrik Baecker] +- [chg] Improved LinOTP error handling. [Hendrik Baecker] + + Matches if ssl verify fails for example +- Merge pull request #8096 from righel/fix-issue-8093. [Luciano + Righetti] + + fix: error later on when json enconding a binary repr ipv6 +- Merge pull request #8091 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8084 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8083 from SteveClement/guides. [Steve Clement] +- Merge remote-tracking branch 'origin' into guides. [Steve Clement] +- Merge branch 'MISP:2.4' into 2.4. [Steve Clement] +- Merge branch 'MISP:2.4' into 2.4. [Steve Clement] +- Merge pull request #5 from SteveClement/guides. [Steve Clement] +- Merge pull request #8082 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8080 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8079 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8075 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8074 from SteveClement/i18n. [Steve Clement] +- Merge pull request #8068 from StefanKelm/2.4. [Luciano Righetti] + + fix wording +- Update Server.php. [StefanKelm] + + fix wording - Merge pull request #8059 from SteveClement/guides. [Steve Clement] - Merge pull request #8058 from SteveClement/guides. [Steve Clement] - Merge pull request #8056 from SteveClement/guides. [Steve Clement] - Add: add migration guide to docs. [Luciano Righetti] + v2.4.152 (2021-12-22) --------------------- New ---- +~~~ - [CLI] user authkey_valid command. [Jakub Onderka] - [tag] Generate predictable tag color. [Jakub Onderka] - [server:synchronisation] Type filtering during PULL synchronisation. @@ -38,7 +335,7 @@ New - [internal] Use pubToZmq to check if publish to ZMQ. [Jakub Onderka] Changes -------- +~~~~~~~ - [misp-stix] Bumped latest version of the library. [chrisr3d] - [security audit] fixed failures on kernel compilation time. [iglocska] @@ -146,7 +443,7 @@ Changes [chrisr3d] Fix ---- +~~~ - [stix1 export] Ordering object types to avoid validation issues. [chrisr3d] @@ -204,7 +501,7 @@ Fix - [test] Ignore beforeRender function. [Jakub Onderka] - [internal] Deleting events. [Jakub Onderka] - [internal] Old style view class. [Jakub Onderka] -- :lock: Disable caching of images. [Jakub Onderka] +- [security] Disable caching of images. [Jakub Onderka] - [CLI] Show error when calling methods for managing workers when SimpleBackgroundJobs are enabled. [Jakub Onderka] - [internal] Fix checking if system is Linux. [Jakub Onderka] @@ -273,11 +570,13 @@ Fix going to be used when exporting event galaxies Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'misp-stix' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. @@ -380,6 +679,7 @@ Other chg: [internal] Log when attribute was dropped - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #7975 from JakubOnderka/process-tool-selftest. [Jakub Onderka] @@ -444,19 +744,20 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [stix export] Adding stix various formats in the list of valid +- Wip: [stix export] Adding stix various formats in the list of valid formats for attributes restSearch. [chrisr3d] -- :construction: [stix export] First implementation of an attributes restSearch +- Wip: [stix export] First implementation of an attributes restSearch export as STIX 1 & 2. [chrisr3d] - More testing, and changes on other parts of the process to come as well + v2.4.151 (2021-11-23) --------------------- New ---- +~~~ - [internal] Faster caching. [Jakub Onderka] - [user] Add sub field for user. [Jakub Onderka] - [CLI] For redisMemoryUsage show also server cache size. [Jakub @@ -467,7 +768,7 @@ New Righetti] - [CLI] Redis memory usage diagnostics. [Jakub Onderka] - [CLI] admin reencrypt command. [Jakub Onderka] -- :lock: Store authkeys for servers encrypted. [Jakub Onderka] +- [security] Store authkeys for servers encrypted. [Jakub Onderka] - [UI] Define custom right menu link. [Jakub Onderka] - [CLI] Allow to set setting value to `null` [Jakub Onderka] - [internal] Save to config file just what was in file. [Jakub Onderka] @@ -499,7 +800,7 @@ New - [test] test_search_index_by_all. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] @@ -560,8 +861,10 @@ Changes redis client. [Luciano Righetti] - Move initTool() logic to constructor. [Luciano Righetti] - Merge develop, fix conflicts. [Luciano Righetti] +- Merge develop, fix conflicts. [Luciano Righetti] - Rename settings. [Luciano Righetti] - Rename conf name. [Luciano Righetti] +- Rename conf name. [Luciano Righetti] - Call supervisor xml-rpc api, add supervisor app required packages. [Luciano Righetti] - Add db update. [Luciano Righetti] @@ -827,7 +1130,7 @@ Changes Onderka] Fix ---- +~~~ - [tools:backgroundjob] Support of legacy systems (3) [Sami Mokaddem] - [tools:backgroundjob] Support of legacy systems (2) [Sami Mokaddem] - [backgroundjob] Support of legacy system. [Sami Mokaddem] @@ -856,6 +1159,7 @@ Fix - [internal] Remove unused MISP.cached_attachments setting. [Jakub Onderka] - Wrong default. [Luciano Righetti] +- Wrong default. [Luciano Righetti] - Allow start worker by queue type. [Luciano Righetti] - Issues when worker is stopped, allow null pid and user in worker class. [Luciano Righetti] @@ -918,6 +1222,7 @@ Fix - [internal] Simplify Attribute code. [Jakub Onderka] - [API] Simplify some validations. [Jakub Onderka] - [cti-python-stix2] Correctly bumped latest version... [chrisr3d] +- [cti-python-stix2] Correctly bumped latest version... [chrisr3d] - [database] upgrade script using mb4 defaulted to 255 key length. [iglocska] @@ -966,7 +1271,7 @@ Fix MISP/PyMISP#799. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] @@ -974,6 +1279,7 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7971 from JakubOnderka/apcu. [Jakub Onderka] @@ -1032,6 +1338,7 @@ Other new: [CLI] Redis memory usage diagnostics - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #7944 from SteveClement/guides. [Steve Clement] @@ -1208,6 +1515,7 @@ Other Attribute validation tool fix - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7894 from JakubOnderka/attribute-code-style. [Jakub Onderka] @@ -1409,15 +1717,16 @@ Other chg: [internal] Use FileAccessTool for publishing sightings + v2.4.150 (2021-10-12) --------------------- New ---- +~~~ - [test] Build test. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Add missing action buttons. [Luciano Righetti] - Add tags and galaxies col. [Luciano Righetti] @@ -1491,7 +1800,7 @@ Changes - [MISP/cakephp] updated - to get latest CA bundle. [Alexandre Dulaunoy] Fix ---- +~~~ - [attribute index] fixed attribute tag widget. [iglocska] - notice errors due to missing variables in the closure @@ -1520,7 +1829,7 @@ Fix - [stix1 export] Removed unnecessary write. [chrisr3d] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'attribute_index' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. @@ -1613,11 +1922,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.149 (2021-10-09) --------------------- New ---- +~~~ - [internal] Store MISP live status also in Redis. [Jakub Onderka] - [internal] OrgBlocklist::removeBlockedEvents. [Jakub Onderka] - [internal] Method Job::createJob. [Jakub Onderka] @@ -1636,7 +1946,7 @@ New - [CLI] User shell. [Jakub Onderka] - [oidc] Allow to automatically unblock user after successful login. [Jakub Onderka] -- :lock: Disable browser autocomplete for authkeys field. [Jakub +- [security] Disable browser autocomplete for authkeys field. [Jakub Onderka] - [export:host] RestSearch export for blackholing via host file. [mokaddem] @@ -1651,7 +1961,7 @@ New - [test] Sync. [Jakub Onderka] Changes -------- +~~~~~~~ - [stix2 export] Using a specific filter to specify the STIX version. [chrisr3d] @@ -1717,6 +2027,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - Detail attribute categories in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] +- Detail attribute types in openapi doc. [Luciano Righetti] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [internal] Refactor FileAccessTool. [Jakub Onderka] - [internal] Simplified EventsController::view code. [Jakub Onderka] @@ -1749,6 +2060,7 @@ Changes - Migrate org_blocklists/index view to factory. [Luciano Righetti] - Detail attribute categories in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] +- Detail attribute types in openapi doc. [Luciano Righetti] - [internal] Code cleanup. [Jakub Onderka] - [UI] Better error messages when uploading MISP file. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] @@ -1779,6 +2091,7 @@ Changes - [misp-wipe] wipe auth_keys tables. [Richard van den Berg] - Add openapi docs for [POST]/admin/logs. [Luciano Righetti] - [PyMISP] Bump. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] - Skip dev dependencies when installing via INSTALL.sh script. [Luciano Righetti] - [alert] Deprecate `publish_alerts_summary_only`, this option just @@ -1815,12 +2128,12 @@ Changes - Should fix diagnostic issues with version mentioned in #7054 - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [internal] Server controller cleanup. [Jakub Onderka] -- :lock: Use const hasher also for login. [Jakub Onderka] +- [security] Use const hasher also for login. [Jakub Onderka] - [sync] Use server sync to get available sync filtering rules. [Jakub Onderka] - [sync] Simplify server post test code. [Jakub Onderka] - [sync] Use server sync tool for connection test. [Jakub Onderka] -- :lock: Mitigate timing attacks when comparing advanced auth keys +- [security] Mitigate timing attacks when comparing advanced auth keys hashes. [Jakub Onderka] - [restResponseComponent] Added doc for new sighting/add filters parameter. [Sami Mokaddem] @@ -1885,7 +2198,7 @@ Changes - [ui] Various improvements in factories. [mokaddem] Fix ---- +~~~ - [misp-stix] updated to the latest version (incorrect submodule) [Alexandre Dulaunoy] @@ -1978,7 +2291,7 @@ Fix - [sync] Pushing sightings. [Jakub Onderka] - [ACL] queryAvailableSyncFilteringRules is required just for site admins. [Jakub Onderka] -- :lock: Check permission when viewing shadow attribute picture. +- [security] Check permission when viewing shadow attribute picture. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [API] Deprecation header. [Jakub Onderka] @@ -2002,7 +2315,7 @@ Fix - [acl] Bumped ACL. [mokaddem] Other ------ +~~~~~ - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of https://github.com/MISP/MISP into misp-stix. @@ -2011,6 +2324,7 @@ Other [chrisr3d] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'misp-stix' into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] @@ -2018,7 +2332,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [misp-stix] Bumped latest version. [chrisr3d] +- Wip: [misp-stix] Bumped latest version. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. @@ -2031,16 +2345,16 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [stix2 export] Args parsing to better handle parameters & Support +- Wip: [stix2 export] Args parsing to better handle parameters & Support for STIX 2.1. [chrisr3d] -- :construction: [stix export, framing] Reworked misp_framing. [chrisr3d] +- Wip: [stix export, framing] Reworked misp_framing. [chrisr3d] - Made it cleaner - Made it support the STIX framing provided by misp-stix converter library - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] -- :construction: [stix2 export] Testing MISP-STIX python library with the included +- Wip: [stix2 export] Testing MISP-STIX python library with the included changes on the Export Lib and on the misp2stix2.py script. [chrisr3d] - Add: [submodules, stix] Added MISP-STIX converter library as submodule. [chrisr3d] @@ -2073,6 +2387,7 @@ Other # app/Console/Command/EventShell.php # app/Model/Server.php - Merge branch 'MISP:2.4' into 2.4. [Matjaz Rihtar] +- Merge branch 'MISP:2.4' into 2.4. [Matjaz Rihtar] - Merge pull request #1 from MISP/2.4. [Matjaz Rihtar] Sync fork with original MISP/MISP @@ -2325,7 +2640,7 @@ Other - Merge pull request #7692 from JakubOnderka/const-hasher-password. [Jakub Onderka] - chg: :lock: Use const hasher also for login + chg: [security] Use const hasher also for login - Merge pull request #7693 from JakubOnderka/oidc_auth_unblock. [Jakub Onderka] @@ -2363,11 +2678,11 @@ Other - Merge pull request #7677 from JakubOnderka/mitigate-timing-attacks. [Jakub Onderka] - chg: :lock: Mitigate timing attacks + chg: [security] Mitigate timing attacks - Merge pull request #7675 from JakubOnderka/authkeys-autocompelte-off. [Jakub Onderka] - new: :lock: Disable browser autocomplete for authkeys field + new: [security] Disable browser autocomplete for authkeys field - Merge branch 'develop' of github.com:MISP/MISP into develop. [Luciano Righetti] - Merge pull request #7649 from JakubOnderka/pull-sightings. [Jakub @@ -2502,17 +2817,19 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into migration- taxonomy. [mokaddem] + v2.4.148 (2021-08-05) --------------------- New ---- +~~~ - [test] Check schema diagnostics in CI. [Jakub Onderka] - [citation-cff] added. [Alexandre Dulaunoy] +- [citation-cff] added. [Alexandre Dulaunoy] - [test] Security test for publishing events. [Jakub Onderka] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump recommended version. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] @@ -2535,6 +2852,7 @@ Changes modifications). [Liviu Valsan] - [API] Refactor event publishing. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] +- [internal] Convert array to const. [Jakub Onderka] - [internal] Simplified Attribute::deleteAttribute method. [Jakub Onderka] - [internal] Removed unused variables. [Jakub Onderka] @@ -2553,7 +2871,7 @@ Changes - update your PHP version though Fix ---- +~~~ - [js] Show correct error message for get remote version. [Jakub Onderka] - [UI] Show correct error message for get remote user. [Jakub Onderka] @@ -2568,15 +2886,15 @@ Fix - this caused the CLI setting change to error out - [stix2misp] Use describeTypes from PyMISP. [Jakub Onderka] -- :lock: Stored XSS when viewing galaxy cluster relationships - As +- [security] Stored XSS when viewing galaxy cluster relationships - As reported by Dawid Czarnecki. [mokaddem] -- :lock: Stored XSS when viewing galaxy cluster elements in JSON +- [security] Stored XSS when viewing galaxy cluster elements in JSON format. [mokaddem] - [compatibility] several scoped constants reverted. [iglocska] - [proposal alert email] function call fixed. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7624 from JakubOnderka/get-remote-user-fixes. [Jakub Onderka] @@ -2632,6 +2950,7 @@ Other chg: [shibbauth] added option to block organisation changes at login - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7539 from JakubOnderka/publishing-refactoring. [Jakub Onderka] @@ -2647,11 +2966,12 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] + v2.4.147 (2021-07-27) --------------------- New ---- +~~~ - [sync] When saving sightings, push just new sightings. [Jakub Onderka] - [sync] When pushing event, upload sightings by another call. [Jakub Onderka] @@ -2662,7 +2982,7 @@ New - [misp2stix2] Return traceback for error. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] bump. [iglocska] - [security audit] Check config.php.bk file permission. [Jakub Onderka] @@ -2672,6 +2992,7 @@ Changes [Jakub Onderka] - [test] Move PHP tests to different task. [Jakub Onderka] - [PyMISP] bump. [iglocska] +- [PyMISP] bump. [iglocska] - [UI] Use time element for event published timestamp. [Jakub Onderka] - [UI] Raise font size of local org description. [Jakub Onderka] - [UI] After creating new org, redirect to org details. [Jakub Onderka] @@ -2737,11 +3058,12 @@ Changes getVersion. [Jakub Onderka] - [mispObject:breakOnDuplicate] Provide more feedback. [mokaddem] - [installer] Update to latest version. [Steve Clement] +- [installer] Update to latest version. [Steve Clement] - [doc] Guides now compatible with Fedora WS/Server 34. [Steve Clement] - [warning-list] updated. [Alexandre Dulaunoy] Fix ---- +~~~ - [test] Set expected config for security tests. [Jakub Onderka] - [test] Check if user is logged. [Jakub Onderka] - [config defaults] unset the default python bin path. [iglocska] @@ -2750,7 +3072,7 @@ Fix - [config] Fixed indentation. [mokaddem] - [test] Redis password can be empty. [Jakub Onderka] - [test] After CLI setSetting change. [Jakub Onderka] -- :lock: Stored XSS when forking a galaxy cluster As reported by +- [security] Stored XSS when forking a galaxy cluster As reported by Giuseppe Diego Gianni. [mokaddem] - [posts] add org field to email job. [iglocska] - Add missing newline. [Luciano Righetti] @@ -2827,7 +3149,8 @@ Fix - [galaxies:add] Missing entry in sidebar Fix #7499. [mokaddem] Other ------ +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7603 from JakubOnderka/fix-tests-vol2. [Jakub Onderka] @@ -2986,28 +3309,29 @@ Other Righetti] - Add crud component noticelists index. [Luciano Righetti] + v2.4.146 (2021-06-30) --------------------- New ---- +~~~ - [API] Read only authkeys. [Jakub Onderka] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [log] Remove ObjectRelationship from audit log. [Jakub Onderka] - [internal] Simplify generating some JSON responses. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [UI] Loading non exists library in Audit log index. [Jakub Onderka] - [event:add] Typo in accessing sharing group roaming information. [mokaddem] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7533 from JakubOnderka/audit-log-ui-fix. [Jakub Onderka] @@ -3031,11 +3355,12 @@ Other - Security: fix stored xss in sharing groups view as reported by Nicolas Vidal from TEHTRIS. [Luciano Righetti] + v2.4.145 (2021-06-28) --------------------- New ---- +~~~ - [API] Import warninglist. [Jakub Onderka] - [internal] Support Cake installation by composer. [Jakub Onderka] - [ZMQ] Send warninglist changes to ZMQ. [Jakub Onderka] @@ -3048,7 +3373,7 @@ New - exclude attributes/objects, so the e-mail will only include a summary Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [doc:authentication_diagrams] Included session and cookie handling. [mokaddem] @@ -3075,7 +3400,7 @@ Changes - [composer] Crypt_GPG updated to 1.6.5. [Alexandre Dulaunoy] Fix ---- +~~~ - [rest client] Handle state when body is too big to save into rest client history. [Jakub Onderka] - [server caching] only push data to redis / logs if there's something @@ -3120,9 +3445,10 @@ Fix 😅 Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7495 from JakubOnderka/warninglist-import. [Jakub @@ -3148,6 +3474,12 @@ Other chg: [user] Relaxed email validation rule - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. @@ -3202,11 +3534,12 @@ Other fix: typo + v2.4.144 (2021-06-07) --------------------- New ---- +~~~ - Add initial version of openapi spec, add ReDoc js files. [Luciano Righetti] - [doc:sync] Added notes and diagrams about synchornisation logics. @@ -3221,7 +3554,7 @@ New - [doc:auth-diagram] Added authentication diagram. [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [logo] reverted to the non-birthday version. [iglocska] @@ -3255,6 +3588,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated fix #7445. [Alexandre Dulaunoy] - [config] default config now uses RFC2606 example.com domain. @@ -3262,7 +3596,7 @@ Changes - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [PyMISP] Bump pipenv. [Raphaël Vinot] - /feeds/add endpoint returns empty 'name' error via api call. [Luciano Righetti] @@ -3289,7 +3623,7 @@ Fix sharing group. [mokaddem] - [dashboard:update_settings] Added missing view. [mokaddem] - [dashbpard:updateSetting] Usage of CSRF token. [mokaddem] -- :lock: Always capture attribute sharing groups. [iglocska] +- [security] Always capture attribute sharing groups. [iglocska] - via object edits it was omitted, leading to a possible misassociation of sharing groups by using the local ID of a referenced SG @@ -3327,7 +3661,7 @@ Fix [Anders Einar Hilden] Restore the notice_message div that vanished in commit 0d4df7c98b0fc67618b1c3c298e64efb668fc4fe. -- :lock: disable email uniqueness validation for the self +- [security] disable email uniqueness validation for the self registration. [iglocska] - [OTP] identifier tag fixed. [iglocska] @@ -3337,7 +3671,7 @@ Fix - [group by] error fixed in diagnostics, fixes #7411. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] @@ -3390,6 +3724,7 @@ Other [mokaddem] - Merge branch 'doc-sync' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] @@ -3414,11 +3749,13 @@ Other fails. [Luciano Righetti] - Return api error when feed is not enabled. [Luciano Righetti] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7432 from JakubOnderka/perm_flags_translatable. [Jakub Onderka] Perm flags translatable - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'airbus-cert-synchronisation_servers_cache_features' into develop. [Alexandre Dulaunoy] - Add cacheServerAll documentation. [Amaury Leroy] @@ -3440,11 +3777,12 @@ Other fix: [UI] Restore notice list warnings when adding or editing attribute - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] + v2.4.143 (2021-05-14) --------------------- New ---- +~~~ - [internal] View event as different user. [Jakub Onderka] - [event index] add report count. [iglocska] - [users:index] Batch toggleable fields. [mokaddem] @@ -3467,7 +3805,7 @@ New - should also be a fair bit faster Changes -------- +~~~~~~~ - [version] bumped. [iglocska] - [birthday] logo added. [iglocska] @@ -3486,7 +3824,7 @@ Changes - [organisations:add] Migrated view to factory. [mokaddem] - [organisations:index] Migrated view to factory. [mokaddem] - [elements:indexGenericField] Allow passing implode's glue. [mokaddem] -- [warninglists:index] Moved views to factory - :construction:. [mokaddem] +- [warninglists:index] Moved views to factory - WiP. [mokaddem] - [UsageData] fix active proposal count, exclude deleted entries. [Jeroen Pinoy] - Bumped queryversion. [mokaddem] @@ -3537,7 +3875,7 @@ Changes Fixed JS error throwing undefined variable in top correlations Fix ---- +~~~ - [jobs view] Typo with $baseurl variable name. [chrisr3d] - [module results] References between objects returned with module results and the original object attribute are now pointing to the @@ -3650,7 +3988,7 @@ Fix In some cases, galaxy clusters might not have targeting clusters Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7377 from 86x/pi-support. [Andras Iklody] @@ -3762,6 +4100,7 @@ Other chg: [UI] Link to proposal limited view from proposal event index - Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] @@ -3793,12 +4132,16 @@ Other - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] + v2.4.142 (2021-04-27) --------------------- New ---- +~~~ - [correlation exclusions] now have an optional comment field. [iglocska] @@ -3870,7 +4213,7 @@ New - just pass "ago": 1 as a parameter to the field Changes -------- +~~~~~~~ - [elements:indexPostlink] Added possibility to add confirm messages. [mokaddem] @@ -3918,7 +4261,7 @@ Changes feeds. [mokaddem] - [elements:serverRuleElements] Inject existing rules into widget. [mokaddem] -- [elements:serverRuleElements] Support of previous rule states - :construction:. +- [elements:serverRuleElements] Support of previous rule states - WiP. [mokaddem] - [elements:serverRuleElements] Added preventive sanitizations. [mokaddem] @@ -3983,6 +4326,7 @@ Changes - [UI] Correctly handle progress for jobs. [Jakub Onderka] - [UI] Make possible to filter jobs by prio queue. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [attributes/restSearch] add clarifying comments. [Jeroen Pinoy] - [restResponseComponent] Get scoped available endpoints. [mokaddem] - Bump PyMISP. [Raphaël Vinot] @@ -4003,7 +4347,7 @@ Changes - [doc] Added details on MISPvars. [Steve Clement] Fix ---- +~~~ - [attribute search] Don't use form tampering protection for searches. [iglocska] - [top correlations] Divide the count by 2. [iglocska] @@ -4074,7 +4418,7 @@ Fix - Fix remove attribute tag showing text/html content-type. [Luciano Righetti] - [CSRF] issues resolved for the dashboards controller. [iglocska] -- :lock: Sharing group misassociation on sync. [iglocska] +- [security] Sharing group misassociation on sync. [iglocska] - when an object has a sharing group associated on an event edit, the sharing group object is ignored and instead the passed local ID is reused - as reported by Jeroen Pinoy @@ -4112,12 +4456,13 @@ Fix - causes issues under certain PHP versions as it's a reserved keyword Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7369 from MISP/fix-link. [Alexandre Dulaunoy] Fix link @@ -4200,6 +4545,7 @@ Other - Update STYLE.md. [E. Cleopatra] - Update GITWORKFLOW.md. [E. Cleopatra] - Update CONTRIBUTING.md. [E. Cleopatra] +- Update CONTRIBUTING.md. [E. Cleopatra] - Write coding style guidelines. [E. Cleopatra] - Merge pull request #7342 from Wachizungu/fix-checkForDuplicateObjects- typo. [Andras Iklody] @@ -4391,11 +4737,12 @@ Other - Add AadAuth module as saved settings. [Eva Yang] - Merge branch '2.4' into develop. [iglocska] + v2.4.141 (2021-03-29) --------------------- New ---- +~~~ - [cli] enable all tags for a taxonomy. [Jeroen Pinoy] - [eventgraph:viewPicture] Allow access to saved picture from the eventgraph history. [mokaddem] @@ -4420,7 +4767,7 @@ New - [UI] Render galaxy cluster description as markdown. [Jakub Onderka] Changes -------- +~~~~~~~ - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [doc] when enabling remi 7.4 by default, paths change. [Steve Clement] @@ -4436,6 +4783,7 @@ Changes - [UI] fix debugon for debug = 1. fix #7131. [Jeroen Pinoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] +- [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [doc] more fine tuning to RHEL8. [Steve Clement] - [doc] Balanced RHEL 8 and 7 Docs. [Steve Clement] - [doc] Move away from expect. [Steve Clement] @@ -4527,7 +4875,7 @@ Changes - [optimise] Faster loading galaxy cluster index. [Jakub Onderka] Fix ---- +~~~ - [attribute:restSearch] `includeCorrelations` Do not longer returns soft-deleted attributes. [mokaddem] - [sharinggroup:captureSG] Correctly capture the roaming state. @@ -4636,10 +4984,11 @@ Fix - [internal] Undefined index when importing from module. [Jakub Onderka] Other ------ +~~~~~ - Chg; [version] bump. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #7261 from SteveClement/guides. [Steve Clement] chg: [doc] when enabling remi 7.4 by default, paths change @@ -4785,6 +5134,8 @@ Other fix: [merge] Local tags should stay local - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'eventgraph-node-coloring' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into eventgraph-node- @@ -4913,18 +5264,19 @@ Other chg: [optimise] Faster loading galaxy cluster index - Merge branch '2.4' into develop. [iglocska] + v2.4.140 (2021-03-03) --------------------- New ---- +~~~ - [test] Password change. [Jakub Onderka] - [server shell] list servers, fixes #7115. [iglocska] - simple human readable listing - kept the old weird JSON producing listServers intact - [oidc] Readme. [Jakub Onderka] -- :lock: Content-Security-Policy support. [Jakub Onderka] +- [security] Content-Security-Policy support. [Jakub Onderka] - [CLI] check if updates are done yet or not. [iglocska] usage: @@ -4944,7 +5296,7 @@ New Onderka] - [UI] Show tag info in taxonomy view. [Jakub Onderka] - [sync] Compressed requests support. [Jakub Onderka] -- :lock: Security audit. [Jakub Onderka] +- [security] Security audit. [Jakub Onderka] - [oidc] OpenID Connect authentication. [Jakub Onderka] - [devshell] added a new shell for developer related tasks. [iglocska] @@ -4953,7 +5305,7 @@ New - [object] Allows updating from an unknown object templates. [mokaddem] Changes -------- +~~~~~~~ - [csp] Add Security.csp_enforce to server setting. [Jakub Onderka] - [csp] Report only by default. [Jakub Onderka] - [PyMISP] Bump version. [Raphaël Vinot] @@ -5020,7 +5372,7 @@ Changes - [internal] Faster updating taxonomies. [Jakub Onderka] Fix ---- +~~~ - [csp] Incorrect variable name. [Jakub Onderka] - [csp] Custom policies. [Jakub Onderka] - [Sharing groups] capturing a sharing group correctly ignores the @@ -5037,7 +5389,7 @@ Fix - however, show a clear message that this is the case - in-line with the rest of the ACL -- :lock: sharing group all org flag too lax. [iglocska] +- [security] sharing group all org flag too lax. [iglocska] - the all org flag was used as a trigger to make the sharing group obejct itself viewable to all local organisations - even if the all org flag was set for an instance other than the local one @@ -5152,7 +5504,7 @@ Fix proper message. [Tom King] Other ------ +~~~~~ - Merge pull request #7149 from JakubOnderka/csp-setting. [Jakub Onderka] @@ -5251,7 +5603,7 @@ Other fix: [internal] Empty object when getting event info for event report - Merge pull request #7097 from JakubOnderka/csp. [Jakub Onderka] - new: :lock: Content-Security-Policy support + new: [security] Content-Security-Policy support - Merge pull request #7102 from JakubOnderka/disable-sync-xhr. [Jakub Onderka] @@ -5372,6 +5724,7 @@ Other Galaxy view mini - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7029 from JakubOnderka/galaxy-cluster-description. @@ -5419,7 +5772,7 @@ Other - Merge pull request #6741 from JakubOnderka/security-diagnostics. [Jakub Onderka] - new: :lock: Security diagnostics + new: [security] Security diagnostics - Merge pull request #6938 from tomking2/feature/attribute_sightings. [Jakub Onderka] @@ -5480,11 +5833,12 @@ Other - Merge remote-tracking branch 'upstream/2.4' into bug/galaxy_cluster. [Tom King] + v2.4.139 (2021-02-16) --------------------- New ---- +~~~ - [widget] Eventstream widget and index widget UI added. [iglocska] - EventStream @@ -5501,7 +5855,7 @@ New Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [array lookup index field] updatd to work correctly. [iglocska] - [event model] fetchEvent() now accepts page/limit/order as parameters. @@ -5541,7 +5895,7 @@ Changes - Added a clarification that they can still pull Fix ---- +~~~ - [dashboard] removed training example left in the code. [iglocska] - restricted new module to only 3 user IDs @@ -5600,7 +5954,7 @@ Fix - invalid group by statement removed Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] @@ -5657,6 +6011,7 @@ Other fix: [internal] GalaxyCluster::getCluster also accepts ID - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #6993 from JakubOnderka/warninglist-index. [Jakub @@ -5716,6 +6071,8 @@ Other fix: [internal] idTranslator could show invalid results - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -5725,11 +6082,12 @@ Other fix: Elasticsearch complains when an IP is an empty string + v2.4.138 (2021-02-08) --------------------- New ---- +~~~ - [settings] Allow to use ThreatLevel.name for alert filter. [Jakub Onderka] - [test] Update github actions build to Ubuntu 20.04. [Jakub Onderka] @@ -5741,7 +6099,7 @@ New - 8.0 is not supported, let users know in a more obvious way Changes -------- +~~~~~~~ - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] @@ -5796,7 +6154,7 @@ Changes - Bumped queryversion. [mokaddem] Fix ---- +~~~ - [zmq/kafka] attribute edits should include non exportable attributes. [iglocska] - [UI] notice resolved on the feed index. [iglocska] @@ -5896,7 +6254,7 @@ Fix - [diagnostics] complain about PHP >= 8.0. [iglocska] Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #6939 from JakubOnderka/warnings-fix. [Jakub Onderka] @@ -5937,6 +6295,8 @@ Other fix: [internal] First check if attribute value is valid composite - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Steve Clement] @@ -5990,6 +6350,7 @@ Other [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #6889 from JakubOnderka/log-org-filter. [Jakub Onderka] @@ -6052,11 +6413,12 @@ Other fix: [UI] Allow to sort feeds by name + v2.4.137 (2021-01-21) --------------------- New ---- +~~~ - [UI] Show event count in server popover for comparison. [Jakub Onderka] - [object add] make add event / edit event breakOnDuplicate aware. @@ -6100,23 +6462,23 @@ New sightings. [Jakub Onderka] - [UI] Show tag description if tag belongs to taxonomy. [Jakub Onderka] - [internal] New model method find('column') [Jakub Onderka] -- :lock: Check org list when accessing distribution graph. [Jakub +- [security] Check org list when accessing distribution graph. [Jakub Onderka] -- :lock: Test for hide_organisations_in_sharing_groups setting. +- [security] Test for hide_organisations_in_sharing_groups setting. [Jakub Onderka] -- :lock: Setting to hide orgs form sharing group view. [Jakub +- [security] Setting to hide orgs form sharing group view. [Jakub Onderka] - [internal] Allow to output directly TmpFileTool. [Jakub Onderka] - [UI] Show number of unique IPs for key usage. [Jakub Onderka] - [UI] Show last key usage in index table. [Jakub Onderka] - [UI] Show information about key expiration in server list. [Jakub Onderka] -- :lock: Cancel API session right after auth key is deleted. [Jakub +- [security] Cancel API session right after auth key is deleted. [Jakub Onderka] -- :lock: Put information about key expiration into response header. +- [security] Put information about key expiration into response header. [Jakub Onderka] -- :lock: Allow to set key validity. [Jakub Onderka] -- :lock: New setting Security.username_in_response_header. [Jakub +- [security] Allow to set key validity. [Jakub Onderka] +- [security] New setting Security.username_in_response_header. [Jakub Onderka] - [test] Check when `MISP.authkey_keep_session` is true. [Jakub Onderka] - [internal] Show auth key usage in key view page. [Jakub Onderka] @@ -6133,7 +6495,7 @@ New - run it via /var/www/MISP/app/Console/cake Statistics rommelfs Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - Bump PyMISP version. [Raphaël Vinot] - [pgp] default pgp key server updated to openpgp.circl.lu. [Alexandre @@ -6198,6 +6560,8 @@ Changes - [sync] Convert connection timeout to exception. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [optimisation] Faster Tag::fetchSimpleEventsForTag method. [Jakub Onderka] @@ -6262,6 +6626,7 @@ Changes - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] +- [PyMISP] updated. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [doc] From Travis to GH action. [Alexandre Dulaunoy] @@ -6275,7 +6640,7 @@ Changes - [doc] Added new default flags. [Steve Clement] Fix ---- +~~~ - [helper:genericPicker] Adding object from pill selector - Prevents double encoding of the passed data. [mokaddem] - [login] Correctly convert old password hash to blowfish. [Jakub @@ -6283,24 +6648,24 @@ Fix - [login] Convert old password hash to blowfish. [Jakub Onderka] - [update] fixed due to issues introduced with the branch flag. [iglocska] -- :lock: Reflective XSS in the RestClient. [mokaddem] -- :lock: XSS in the user homepage favourite button. [iglocska] +- [security] Reflective XSS in the RestClient. [mokaddem] +- [security] XSS in the user homepage favourite button. [iglocska] - navigating to a url in MISP with the URL containing a javascript payload would cause the execution of reflected xss - automatically sanitised by modern browsers, but still confirmed via raw curl fetches -- :lock: XSS via galaxy cluster element values for reference types +- [security] XSS via galaxy cluster element values for reference types could contain javascript links. [iglocska] - ref type elements are automatically converted to links. A user would have to click a javascript: link for it to trigger, it's still too risky to keep as is - only urls starting with http:// and https:// are converted from here on - As reported by Patrik Kontura from ESET -- :lock: Stored XSS in the galaxy cluster view. [iglocska] +- [security] Stored XSS in the galaxy cluster view. [iglocska] - Galaxy cluster names were vulnerable to XSS injection - As reported by Patrik Kontura of ESET -- :lock: Require password confirmations by default. [iglocska] +- [security] Require password confirmations by default. [iglocska] - the setting is optional, but the default should be that it's required unless disabled @@ -6356,12 +6721,12 @@ Fix - [UI] Enable quick filter for auth keys. [Jakub Onderka] - [UI] Auth Key index and view changes and fixes. [Jakub Onderka] - [UI] Days to expire count. [Jakub Onderka] -- :lock: Do not return hashed authentication key after creation. +- [security] Do not return hashed authentication key after creation. [Jakub Onderka] - [internal] Check if setting value is scalar. [Jakub Onderka] -- :lock: Auth key must be always random generated at server side. +- [security] Auth key must be always random generated at server side. [Jakub Onderka] -- :lock: Do not allow to use API key authenticated session to do non +- [security] Do not allow to use API key authenticated session to do non API calls. [Jakub Onderka] - [internal] Remove unused variables. [Jakub Onderka] - [internal] Remove unused $user siteadmin variable. [Jakub Onderka] @@ -6402,7 +6767,7 @@ Fix - [delegation] invalid user call. [iglocska] Other ------ +~~~~~ - Merge pull request #6896 from JakubOnderka/fix-old-password-convert. [Jakub Onderka] @@ -6410,6 +6775,7 @@ Other - Merge branch 'old-hash-transfer' into 2.4. [Christophe Vandeplas] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. @@ -6419,11 +6785,13 @@ Other new: [UI] Show event count in server popover for comparison - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] - Merge pull request #6879 from JakubOnderka/first-seen-input-format. [Jakub Onderka] @@ -6460,6 +6828,7 @@ Other chg: [UI] Optimise fetching tags for picker - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #6865 from SteveClement/guides. [Andras Iklody] @@ -6614,6 +6983,7 @@ Other Optimisations vol2 - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #6797 from JakubOnderka/optimisations. [Jakub @@ -6662,6 +7032,7 @@ Other chg: [internal] Move user checks to one place - Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #6782 from JakubOnderka/taxonomies-view. [Jakub Onderka] @@ -6783,11 +7154,12 @@ Other Best regards, Kamil + v2.4.136 (2020-12-16) --------------------- New ---- +~~~ - [CLI] Import events with compressed file support. [Jakub Onderka] Useful for importing big files @@ -6797,7 +7169,7 @@ New - [UI] Show number of events for sharing group. [Jakub Onderka] - [test] View org page. [Jakub Onderka] - [UI] Allow to search in sharing group list. [Jakub Onderka] -- :lock: Test if user can see sharing groups. [Jakub Onderka] +- [security] Test if user can see sharing groups. [Jakub Onderka] - [factories] generic confirmation UI factory added. [iglocska] - [Cerebrates] added Cerebrate sync functionality. [iglocska] @@ -6832,20 +7204,20 @@ New Onderka] - [test] Test for ApacheShibbAuth. [Jakub Onderka] - [test] Security test suite. [Jakub Onderka] -- :lock: New setting to check `Sec-Fetch-Site` header. [Jakub +- [security] New setting to check `Sec-Fetch-Site` header. [Jakub Onderka] -- :lock: Add new `Security.disable_browser_cache` option to disable +- [security] Add new `Security.disable_browser_cache` option to disable saving data to browser cache. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [UI] Nicer galaxy cluster view. [Jakub Onderka] - [UI] Nicer icon for discussion reply. [Jakub Onderka] - [UI] Move org UUID after ID to match other page style. [Jakub Onderka] - [UI] Add cancel for sharing group search. [Jakub Onderka] - [UI] Nicer title when creating event report. [Jakub Onderka] -- :lock: For `hide_organisation_index_from_users` hide orgs that +- [security] For `hide_organisation_index_from_users` hide orgs that make contribution that user cannot see. [Jakub Onderka] - [composer] Add ext-rdkafka as suggested dependency. [Jakub Onderka] - [UI] Use PGP instead of GnuGP, GnuPG is implementation. [Jakub @@ -6935,7 +7307,7 @@ Changes future Fix ---- +~~~ - [UI] Contact form text. [Jakub Onderka] - [distribution graph] Graph doesn't work for non sync users when event is shared to sharing group. [Jakub Onderka] @@ -6968,7 +7340,7 @@ Fix Onderka] - [internal] Undefined variable me. [Jakub Onderka] - [UI] Better error message for permission denied. [Jakub Onderka] -- :lock: Do not leak org names when +- [security] Do not leak org names when hide_organisation_index_from_users enabled. [Jakub Onderka] - [UI] Nicer error message for CSRF. [Jakub Onderka] - [internal] User should be able to see his org. [Jakub Onderka] @@ -7014,10 +7386,10 @@ Fix - [custompagination tool] hardcoded modelname fixed. [iglocska] - [doc] Location typo fixed. [Alexandre Dulaunoy] - [pgp] Key info for older GPG versions. [Jakub Onderka] -- :lock: XSS in authkey comment field. [Jakub Onderka] +- [security] XSS in authkey comment field. [Jakub Onderka] - [sightings] Support mysql in sql_mode=only_full_group_by. [Jakub Onderka] -- :lock: Remove hashed advanced keys from response. [Jakub Onderka] +- [security] Remove hashed advanced keys from response. [Jakub Onderka] - [bindmodel] added reset = false to the linking of users to authkeys. [Andras Iklody] @@ -7043,7 +7415,7 @@ Fix S/MIME label misaligned Other ------ +~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #6754 from JakubOnderka/fix-contact-ui. [Jakub Onderka] @@ -7083,7 +7455,7 @@ Other - Merge pull request #6738 from JakubOnderka/hide-orgs-dont-leak. [Jakub Onderka] - fix: :lock: Do not leak org names + fix: [security] Do not leak org names - Merge pull request #6735 from JakubOnderka/error-message. [Jakub Onderka] @@ -7099,7 +7471,7 @@ Other - Merge pull request #6721 from JakubOnderka/org-can-see. [Jakub Onderka] - chg: :lock: For `hide_organisation_index_from_users` hide more orgs + chg: [security] For `hide_organisation_index_from_users` hide more orgs - Merge pull request #6725 from JakubOnderka/object-delete-ui. [Jakub Onderka] @@ -7159,7 +7531,7 @@ Other - Merge pull request #6701 from JakubOnderka/security-sg-view. [Jakub Onderka] - new: :lock: Test if user can see sharing groups + new: [security] Test if user can see sharing groups - Merge pull request #6662 from JakubOnderka/php-test. [Jakub Onderka] Disable PHP 8 support @@ -7179,7 +7551,7 @@ Other [Alexandre Dulaunoy] Create JA3 Hash Suricata Rules -- \#6355 Create JA3 Hash Suricata Rules. [Alex Resnick] +- #6355 Create JA3 Hash Suricata Rules. [Alex Resnick] - Merge pull request #6697 from JakubOnderka/gpg-key-import-fix. [Jakub Onderka] @@ -7187,7 +7559,7 @@ Other - Merge pull request #6690 from JakubOnderka/xss-authkey-fix. [Jakub Onderka] - fix: :lock: XSS in authkey comment field + fix: [security] XSS in authkey comment field - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6675 from SteveClement/guides. [Steve Clement] @@ -7217,7 +7589,7 @@ Other - Merge pull request #6665 from JakubOnderka/remove-hashed-keys. [Jakub Onderka] - fix: :lock: Remove hashed advanced keys from response + fix: [security] Remove hashed advanced keys from response - Merge pull request #6664 from SteveClement/guides. [Steve Clement] chg: [fmt] Make it look better @@ -7254,7 +7626,7 @@ Other - Merge pull request #6081 from JakubOnderka/security_disable_browser_cache. [Jakub Onderka] - new: :lock: HTTP headers hardening + new: [security] HTTP headers hardening - Merge pull request #6646 from JakubOnderka/gpg-key-validation. [Jakub Onderka] @@ -7269,11 +7641,12 @@ Other chg: [internal] Optimise attribute search in UI + v2.4.135 (2020-11-24) --------------------- New ---- +~~~ - [datamodels] added jarm-fingerprint type. [Kory Kyzar] - [galaxyCluster:index] Added badge showing number of custom clusters. [mokaddem] @@ -7346,15 +7719,16 @@ New cluster's elements to his parent. [mokaddem] - [galaxyClusters:add] Added UI to create/edit GalaxyClusterElements. [mokaddem] -- [galaxyCluster] Initial import of Galaxy2.0 codebase - :construction:. [mokaddem] +- [galaxyCluster] Initial import of Galaxy2.0 codebase - WiP. [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [attribute] new process-state type. [Alexandre Dulaunoy] - Add optional dep (email) [Raphaël Vinot] +- Add optional dep (email) [Raphaël Vinot] - [PyMISP] updated for jarm-fingerprint type. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [installer] Update to latest version. [Steve Clement] @@ -7478,9 +7852,9 @@ Changes in fact MISP Objects - [galaxy:export] Improved misp-galaxy format export and added notice. [mokaddem] -- [galaxy:export] Started conversion tool to misp-galaxy format - :construction:. +- [galaxy:export] Started conversion tool to misp-galaxy format - WiP. [mokaddem] -- [galaxies:export] Added form entry to specify the export format - :construction:. +- [galaxies:export] Added form entry to specify the export format - WiP. [mokaddem] - Bumped queryversion. [mokaddem] - [rest] Faster attributes restSearch. [Jakub Onderka] @@ -7628,7 +8002,7 @@ Changes - [galaxyCluster] Centralized permission checks and code refactoring. [mokaddem] - [galaxyCluster] Replaced `galaxyCluster->find` by its ACL-aware - counterpart where applicable - :construction:. [mokaddem] + counterpart where applicable - WiP. [mokaddem] - [clusterRelation] Unpublish source cluster when altering a relation. [mokaddem] - [servers:getVersion] Return `perm_galaxy_editor` status. [mokaddem] @@ -7765,7 +8139,7 @@ Changes - [galaxyClusters:view] Added forked version number. [mokaddem] - [galaxy:fork_tree] Version's rectangle with is now dynamically computed. [mokaddem] -- [galaxy:fork_tree] Added version node - :construction:. [mokaddem] +- [galaxy:fork_tree] Added version node - WiP. [mokaddem] - [galaxy:fork_tree] Added more information in the tooltip. [mokaddem] - [galaxyClusters] Added column `extends_version` [mokaddem] - [galaxy:fork_tree] Adapth root node size. [mokaddem] @@ -7779,7 +8153,7 @@ Changes - [galaxy:fork_tree] Moved generation in the model. [mokaddem] - [galaxy:fork_tree] Doubleclick redirects to the cliked element. [mokaddem] -- [galaxy:fork_tree] Added fork tree visualisation - :construction:. [mokaddem] +- [galaxy:fork_tree] Added fork tree visualisation - WiP. [mokaddem] - [genericForm:extend] Adde `extended_generic` that support both `extended_by` and `extended_from` [mokaddem] - [galaxyCluster:sidebar] Reorganised the sidebar a bit. [mokaddem] @@ -7796,8 +8170,8 @@ Changes - [galaxyCluster:fetchClusters] Added function. [mokaddem] Fix ---- -- :lock: Make cluster's elements adhere to ACL. [mokaddem] +~~~ +- [security] Make cluster's elements adhere to ACL. [mokaddem] - Missing dep in actions. [Raphaël Vinot] - [installer] Added missing checkout. [Steve Clement] - [galaxy update] tag capture fixed. [iglocska] @@ -7826,14 +8200,14 @@ Fix [mokaddem] - [galaxy:update] Correctly delete clusters when performing a force update. [mokaddem] -- :lock: XSS in the template element index view - As reported by +- [security] XSS in the template element index view - As reported by Rubin Azad. [mokaddem] - [object] Send all required arguments. [mokaddem] - [authkey] default value incorrect. [iglocska] - [galaxy:update] Make sure the fake user has the perm_sync right. [mokaddem] - [UI] Correct path to user profile from authkey view. [Jakub Onderka] -- :lock: Proper check who can view new authkeys. [Jakub Onderka] +- [security] Proper check who can view new authkeys. [Jakub Onderka] - [test] Do not pull PyMISP. [Jakub Onderka] - [internal] MISP update without branch. [Jakub Onderka] - [test] Run updates. [Jakub Onderka] @@ -7857,7 +8231,7 @@ Fix key. [iglocska] - [tag:search] Correctly pass user data. [mokaddem] - [UI] Put back requesting API access to user page. [Jakub Onderka] -- :lock: Properly validate new auth key. [Jakub Onderka] +- [security] Properly validate new auth key. [Jakub Onderka] - [UI] Cerebrate -> MISP. [Jakub Onderka] - [MYSQL.sql] added first/last seen. [iglocska] - [MYSQL.sql] removed duplicate entry. [iglocska] @@ -8136,7 +8510,7 @@ Fix [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] @@ -8296,6 +8670,8 @@ Other [mokaddem] - Merge branch 'CRUD' into 2.4. [iglocska] - Merge branch '2.4' into CRUD. [iglocska] +- Merge branch '2.4' into CRUD. [iglocska] +- Merge branch '2.4' into CRUD. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6560 from JakubOnderka/rest-client-handle- @@ -8398,11 +8774,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] + v2.4.134 (2020-11-02) --------------------- New ---- +~~~ - [tag index] simple/advanced view. [iglocska] - simple view excludes eventtags / attributetags / sightings @@ -8432,7 +8809,7 @@ New [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-taxonomies] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] @@ -8520,12 +8897,12 @@ Changes replacements. [mokaddem] Fix ---- +~~~ - [stix import] Avoiding issue with test_mechanisms with no rule value. [chrisr3d] - [internal] Remove warning when modules are not reachable. [Jakub Onderka] -- :lock: SSRF fixed in the rest client. [iglocska] +- [security] SSRF fixed in the rest client. [iglocska] - by using the full path parameter in the rest client, users could issue queries to any server - this becomes especially problematic when the MISP server is able to query other internal servers, @@ -8553,7 +8930,7 @@ Fix - [UI] Show error if multiSelectAction fails. [Jakub Onderka] - [eventReport] Correctly tag event if requested + undefined variable. [mokaddem] -- \#6354. [Nick] +- #6354. [Nick] fix: #6354 @@ -8586,10 +8963,11 @@ Fix [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #6535 from JakubOnderka/module-warning-fix. [Jakub Onderka] @@ -8775,11 +9153,12 @@ Other chg: [UI] Fixes for user profile admin view + v2.4.133 (2020-10-16) --------------------- New ---- +~~~ - [UI] Use flag icons from Twemoji. [Jakub Onderka] - [UI] Show organisation nationality flag. [Jakub Onderka] - [attribute type] cpe Common Platform Enumeration attribute type added. @@ -8834,7 +9213,7 @@ New [mokaddem] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] @@ -9101,9 +9480,9 @@ Changes - [eventReport] Added comments. [mokaddem] - [eventReports] Prevent fields override. [mokaddem] - [eventReport] Moved event unpublishing to model. [mokaddem] -- [eventReport] Started refactoring model - :construction:. [mokaddem] +- [eventReport] Started refactoring model - WiP. [mokaddem] - [eventReports] Refactored indexes. [mokaddem] -- [eventReports] Major refactoring - :construction:. [mokaddem] +- [eventReports] Major refactoring - WiP. [mokaddem] - [eventReport] Improved authorization error reporting. [mokaddem] - [eventReports] Added event unpublishing. [mokaddem] - [eventReports] Few UI improvements. [mokaddem] @@ -9136,7 +9515,7 @@ Changes - [eventReports] Deleted unused file. [mokaddem] - [eventReport] Improved UI and added support of soft/hard deletion. [mokaddem] -- [eventReport] Started rework on CRUD operations - :construction:. [mokaddem] +- [eventReport] Started rework on CRUD operations - WiP. [mokaddem] - [markdownEditor] Increased debounced render timer. [mokaddem] - [markdownEditor] highlight unsaved changes. [mokaddem] - [markdownEditor] Support of lastmodified and UI improvements when @@ -9202,11 +9581,11 @@ Changes - [markdownView] Improved layout. [mokaddem] - [eventReport] Improved models and markdown editor. [mokaddem] - [eventReport] Added markdown-it dependency and started integration - - :construction:. [mokaddem] -- [eventReport] Continuation of implementation - :construction:. [mokaddem] + WiP. [mokaddem] +- [eventReport] Continuation of implementation - WiP. [mokaddem] Fix ---- +~~~ - [server] caching notice fixed. [iglocska] - [UI] Do not show quick edit for deleted attributes and when user don't have permission. [Jakub Onderka] @@ -9435,7 +9814,7 @@ Fix - no longer hides tags that should be included in the export Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'tagfix' into 2.4. [iglocska] @@ -9781,11 +10160,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into feature-event-report. [mokaddem] + v2.4.132 (2020-09-15) --------------------- Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [queryversion] Bumped. [mokaddem] - [bootstrap-datepicker] Updated to version 1.9.0. [mokaddem] @@ -9805,7 +10185,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [users] Avoid POSTing forms not linked to the login page resulting in unwanted actions. [mokaddem] @@ -9816,6 +10196,7 @@ Fix - [Server] only push events/sightings when selected. [Richard van den Berg] - [cleanup] [iglocska] +- [cleanup] [iglocska] - [string concat] fix. [iglocska] - [cleanup] debug. [iglocska] - [internal] Correctly handle positive tag filters for non site admins. @@ -9825,7 +10206,7 @@ Fix - [internal] Nonsense index names. [Jakub Onderka] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Bumped db_schema. [Sami Mokaddem] - Merge branch 'fix-login' into 2.4. [mokaddem] @@ -9846,11 +10227,12 @@ Other - Merge pull request #6272 from JakubOnderka/uuid-validation. [Jakub Onderka] + v2.4.131 (2020-09-08) --------------------- New ---- +~~~ - [types] pgp-public-key/pgp-private-key added. [iglocska] - [internal] filter "type" added for the internal fetcher. [iglocska] @@ -9866,7 +10248,7 @@ New - also added a new special permission for the ACL system host_org_user - which will evaluate whether the user is in the org configured in the MISP.host_org_id directive Changes -------- +~~~~~~~ - Bumped MISP objects latest version. [chrisr3d] - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] @@ -9914,6 +10296,7 @@ Changes - [internal] Use faster fetcher for viewing sightings. [Jakub Onderka] - [JS libraries] Updated to latest version. [mokaddem] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [internal] Using Allowedlist instead of Whitelist. [Golbark] - [internal] Using blocklist instead of blacklist. [Golbark] - [internal] Removed unused variables. [Jakub Onderka] @@ -9952,7 +10335,7 @@ Changes eventblacklists controller. [iglocska] Fix ---- +~~~ - [widgets] Adding images by default on the repository (#6298) [Loïc Fortemps] - [validation] relaxed first/last/middle name validation. [iglocska] @@ -10023,7 +10406,8 @@ Fix - [internal] Remove unused compositeTypes variable. [Jakub Onderka] Other ------ +~~~~~ +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #6297 from JakubOnderka/fix-merging-events. [Jakub @@ -10158,6 +10542,7 @@ Other * Additionnal protection against XSS, the response type defaults to html while it should be JSON. * new: widget: Achievements widget * Update AchievementsWidget.php + * Update AchievementsWidget.php * Visual adjustments, new badges * i18n * indentation to MISP convention @@ -10191,11 +10576,12 @@ Other titles for actions in the admin user index table, - Added a few missing aria labels in the global menu. [Olivier BERT] + v2.4.130 (2020-08-20) --------------------- New ---- +~~~ - [internal] cache tags instead of loading them over and over via the event fetcher, fixes #6201. [iglocska] @@ -10223,7 +10609,7 @@ New Fixes #4908 and #4805 Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump tag. [Raphaël Vinot] @@ -10362,15 +10748,15 @@ Changes - [diagnostic] Updated required stix2 library version. [chrisr3d] Fix ---- +~~~ - [internal] Syntax error in bootstrap.default.php. [Jakub Onderka] - [invalid element reference] element filepath was incorrectly treated as a url. [iglocska] - [UI] Show correct options in menu. [Jakub Onderka] - [internal] Notice when adding tag to collection. [Jakub Onderka] -- :lock: Check tag restriction for collection tags. [Jakub Onderka] -- :lock: Check tag restriction for attribute tags. [Jakub Onderka] -- :lock: Check tag restriction for event tags. [Jakub Onderka] +- [security] Check tag restriction for collection tags. [Jakub Onderka] +- [security] Check tag restriction for attribute tags. [Jakub Onderka] +- [security] Check tag restriction for event tags. [Jakub Onderka] - [attachment] Do not fetch attachment when accepting deletion proposal. [Jakub Onderka] - [UI] Showing image thumbnail. [Jakub Onderka] @@ -10395,30 +10781,30 @@ Fix - [events:queryEnrichment] Recovers tag colour. [mokaddem] - Fix #6186 -- :lock: Check if user can access sharing group when uploading +- [security] Check if user can access sharing group when uploading attachment. [Jakub Onderka] - [UI] Bad merge for mass edit form. [Jakub Onderka] - [proposals] Downloading proposal attachment. [Jakub Onderka] - [ACL] Allow proposal author to discard it. [Jakub Onderka] -- :lock: Respect ACL for freetext import. [Jakub Onderka] -- :lock: Throw exception if invalid data provided. [Jakub Onderka] +- [security] Respect ACL for freetext import. [Jakub Onderka] +- [security] Throw exception if invalid data provided. [Jakub Onderka] - [ACL] Use common methods for ACL when editing object reference. [Jakub Onderka] - [ACL] Unpublished private for object do not apply for site admin. [Jakub Onderka] -- :lock: Sharing groups for objects respect permissions. [Jakub +- [security] Sharing groups for objects respect permissions. [Jakub Onderka] - [tags] Show just tags that user can really use. [Jakub Onderka] -- :lock: Respect ACL for proposals. [Jakub Onderka] +- [security] Respect ACL for proposals. [Jakub Onderka] - [proposals] Respect unpublished private event when loading proposals. [Jakub Onderka] - [internal] Check `allow_disabling_correlation` before correlation toggle. [Jakub Onderka] -- :lock: ACL check when loading ajax tags. [Jakub Onderka] -- :lock: ACL check when adding or removing tags. [Jakub Onderka] -- :lock: ACL check when editing multiple event attributes. [Jakub +- [security] ACL check when loading ajax tags. [Jakub Onderka] +- [security] ACL check when adding or removing tags. [Jakub Onderka] +- [security] ACL check when editing multiple event attributes. [Jakub Onderka] -- :lock: Respect ACL when event edit. [Jakub Onderka] +- [security] Respect ACL when event edit. [Jakub Onderka] - [stix import] Better TTPs parsing for external STIX. [chrisr3d] - [stix import] Fixed parameter determining if a ttp should be handled as attribute/object or as galaxy. [chrisr3d] @@ -10577,7 +10963,7 @@ Fix - [internal] Reduce number of regexp in refang table. [Jakub Onderka] - [freetext] Handle IPv6 and punycode domains when import. [Jakub Onderka] -- :lock: xss fix missing part of solution. [iglocska] +- [security] xss fix missing part of solution. [iglocska] - the previous fix to the xss in the homepage setter was lacking the controller changes due to a partial commit (#bf4610c947c7dc372c4078f363d2dff6ae0703a8) @@ -10587,33 +10973,43 @@ Fix empty. [chrisr3d] Other ------ +~~~~~ - Merge pull request #6204 from JakubOnderka/2.4. [Jakub Onderka] fix: [internal] Syntax error in bootstrap.default.php - Merge branch 'baseurl' into 2.4. [iglocska] - Syntax check and fix. [Vito Piserchia] - Recover from upstream version missing bits. [Vito Piserchia] +- Recover from upstream version missing bits. [Vito Piserchia] - Merge remote-tracking branch 'upstream/2.4' into baseurl-patch. [Vito Piserchia] - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix genericPopup. [johndoe] - Use this here. [johndoe] +- Use this here. [johndoe] - Rebase continue. [Vito Piserchia] - Fix rebase. [johndoe] +- Fix rebase. [johndoe] +- Fix rebase. [johndoe] +- Fix rebase. [johndoe] +- Fix rebase. [johndoe] - Fixed Codacy warnings. [Léarch] - Corrected redirections. [Léarch] See the following for an explanation: https://stackoverflow.com/questions/6836990/how-to-get-complete-current-url-for-cakephp#comment11184149_6875310 - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix rebase. [johndoe] - Rebase continue. [Vito Piserchia] - Added missed variable declaration. [Vito Piserchia] - Improve code quality. [Vito Piserchia] - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix genericPopup. [Vito Piserchia] - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - Fix baseurl use to view organizations. [Léarch] - Fixed Codacy warnings. [Léarch] - Corrected redirections. [Léarch] @@ -10621,6 +11017,7 @@ Other See the following for an explanation: https://stackoverflow.com/questions/6836990/how-to-get-complete-current-url-for-cakephp#comment11184149_6875310 - Rebase continue. [Vito Piserchia] +- Rebase continue. [Vito Piserchia] - More merge fixes. [Vito Piserchia] - Resolve merge. [Vito Piserchia] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -10670,7 +11067,7 @@ Other - Merge pull request #6181 from JakubOnderka/checek-sg-perm. [Jakub Onderka] - fix: :lock: Check if user can access sharing group when uploading… + fix: [security] Check if user can access sharing group when uploading… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6178 from JakubOnderka/fix-mass-edit. [Jakub Onderka] @@ -10683,11 +11080,11 @@ Other - Merge pull request #6172 from JakubOnderka/freetext-import-acl2. [Jakub Onderka] - fix: :lock: Respect ACL for freetext import + fix: [security] Respect ACL for freetext import - Merge pull request #6136 from JakubOnderka/acl-can-modify-chekcs. [Jakub Onderka] - fix: :lock: Respect ACL when event edit + fix: [security] Respect ACL when event edit - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] @@ -10875,11 +11272,12 @@ Other fix: [freetext] Handle IPv6 and punycode domains when import + v2.4.129 (2020-07-13) --------------------- New ---- +~~~ - [diag] Check if ZIP extension is installed. [Jakub Onderka] - [merge] functionality reworked. [iglocska] @@ -10898,7 +11296,7 @@ New - to be extended with other similar tasks Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [stix2 library] Bumped latest version. [chrisr3d] - [UI] Add attribute fixes. [Jakub Onderka] @@ -10928,7 +11326,7 @@ Changes - [statistics shell] added total commit count. [iglocska] Fix ---- +~~~ - [installer] Update to latest. [Steve Clement] - [StixExport] suppress unlink warnings. [Richard van den Berg] - [stix export] log stack trace on error, support 'AMBER NATO ALLIANCE' @@ -10961,7 +11359,7 @@ Fix - Duplication can happen when the result of the import process is an event that already exists -- :lock: setting a favourite homepage was not CSRF protected. +- [security] setting a favourite homepage was not CSRF protected. [iglocska] - a user could be lured into setting a MISP home-page outside of the MISP baseurl @@ -10979,11 +11377,11 @@ Fix Do not send that GPG or Public key are sent as attachment, when user don't have them - [proposals] re-edded the edit view for propsoals. [iglocska] -- :lock: Remove ShadowAttributesController::{getProposalsByUuid,getP +- [security] Remove ShadowAttributesController::{getProposalsByUuid,getP roposalsByUuidList} [Jakub Onderka] These methods are not used, but they let sync users to access proposals for any event. -- :lock: Remove +- [security] Remove ShadowAttributesController::{fetchEditForm,editField} [Jakub Onderka] These methods are not used, but they allow to access attribute data without proper ACL checks. @@ -11002,19 +11400,19 @@ Fix - When capturing, roaming mode was always defaulted to false - The logs could not be written due to non-initialized class - [acl] Added event block rule. [iglocska] -- :lock: Check event ACL before allowing user to send event contact +- [security] Check event ACL before allowing user to send event contact form. [Jakub Onderka] - [stix2 export] Fixed first_seen/last_seen field parsing. [chrisr3d] - [returnAttributes] remap small cleanup. [iglocska] - no need to set xml as returnformat, it's the default based on the injected params -- :lock: deprecated function with lacking ACL removed. [iglocska] +- [security] deprecated function with lacking ACL removed. [iglocska] - replaced deprecated, sharing group unaware, broken function with one that follows the documentation of the deprecated endpoint - keeping it alive until we purge the deprecated ones in the move to MISP 3/next whatever - Thanks to Jakub Onderka for reporting it! -- :lock: Insufficient ACL checks in the attachment downloader fixed +- [security] Insufficient ACL checks in the attachment downloader fixed - Thanks to Jakub Onderka for reporting it. [mokaddem] - [tag:checkForOverride] Catch if tag didn't have a numerical value before the override. [mokaddem] @@ -11053,7 +11451,7 @@ Fix - [internal] HTML code fix. [Jakub Onderka] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6110 from RichieB2B/ncsc-nl/unlink. [Andras Iklody] @@ -11120,11 +11518,11 @@ Other - Merge pull request #6095 from JakubOnderka/shadow-attribute-unused- vol2. [Andras Iklody] - fix: :lock: Remove ShadowAttributesController::{getProposalsByUuid,getProposalsByUuidList} + fix: [security] Remove ShadowAttributesController::{getProposalsByUuid,getProposalsByUuidList} - Merge pull request #6093 from JakubOnderka/shadow-attribute-unused. [Andras Iklody] - fix: :lock: Remove ShadowAttributesController::{fetchEditForm,editField} + fix: [security] Remove ShadowAttributesController::{fetchEditForm,editField} - Merge pull request #6094 from RichieB2B/ncsc-nl/stop-loop. [Andras Iklody] @@ -11151,7 +11549,7 @@ Other - Merge pull request #6077 from JakubOnderka/contact-acl. [Andras Iklody] - fix: :lock: Check event ACL before allowing user to send event contact form + fix: [security] Check event ACL before allowing user to send event contact form - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -11198,16 +11596,17 @@ Other fix: [internal] HTML code fix + v2.4.128 (2020-06-22) --------------------- New ---- +~~~ - [correlations] Enable CIDR correlations for ip-src|port and ip- dst|port types. [Jakub Onderka] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [stix2 import] Parsing external pattern made with 'OR' separators the @@ -11291,7 +11690,7 @@ Changes tag names about galaxies Fix ---- +~~~ - [stix2 import] Quick issues fixing. [chrisr3d] - Fixed issue that could happen sometimes during @@ -11622,14 +12021,14 @@ Fix correlations. [iglocska] - Thanks to Jakub Onderka for reporting and providing a fix to this! -- :lock: missing ACL lookup on attribute correlations. [iglocska] +- [security] missing ACL lookup on attribute correlations. [iglocska] - attribute correlation ACL checks are skipped when querying the attribute restsearch API revealing metadata about a correlating but unreachable attribute. - Thanks to Jakub Onderka for his tireless work and for reporting this! Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'rework_stix' into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. @@ -11656,17 +12055,17 @@ Other add [widget] Authentication failure widget - Add [widget] Authentication failure widget. [Jean-Louis Huynen] -- :construction: [stix2 import] More complete external patterns mapping. +- Wip: [stix2 import] More complete external patterns mapping. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external domain, ip & network traffic +- Wip: [stix2 import] Importing external domain, ip & network traffic patterns. [chrisr3d] -- :construction: [stix2 import] Importing external network traffic patterns. +- Wip: [stix2 import] Importing external network traffic patterns. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external email patterns. [chrisr3d] +- Wip: [stix2 import] Importing external email patterns. [chrisr3d] - Parsing function to split attachments fields from all the other fields already implemented, @@ -11674,16 +12073,16 @@ Other attributes handling at the end - Also slight fixes on the from, to and cc refs following the last fix on the export side -- :construction: [stix2 import] Handling import case for indicators of which we +- Wip: [stix2 import] Handling import case for indicators of which we already parsed the pattern. [chrisr3d] -- :construction: [stix2 import] Importing external process indicators. [chrisr3d] -- :construction: [stix2 import] Importing external url indicator based on the +- Wip: [stix2 import] Importing external process indicators. [chrisr3d] +- Wip: [stix2 import] Importing external url indicator based on the pattern mapping already implemented. [chrisr3d] - tl;dr: We just took the parsed attributes and callled the appropriate function to handle the import case (attribute or object) -- :construction: [stix2 import] Importing external user-account indicators. +- Wip: [stix2 import] Importing external user-account indicators. [chrisr3d] - Also fixed some user-account and credential @@ -11694,18 +12093,18 @@ Other documents generated with MISP. [chrisr3d] - Little typo and copy-paste issue -- :construction: [stix2 import] Parsing external process observable objects. +- Wip: [stix2 import] Parsing external process observable objects. [chrisr3d] - Also changed parsing of process observable objects from STIX documents generated with MISP to apply the same logic to both use cases -- :construction: [stix2 import] Parsing external user_account observable objects. +- Wip: [stix2 import] Parsing external user_account observable objects. [chrisr3d] - Mapping into credential or user-account MISP objects depending on the case -- :construction: [stix2 import] Finally parsing properly external network traffic +- Wip: [stix2 import] Finally parsing properly external network traffic observable objects with their references and potential extensions. [chrisr3d] @@ -11725,32 +12124,32 @@ Other common point afterwards - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Network traffic references parsing function for +- Wip: [stix2 import] Network traffic references parsing function for further reuse. [chrisr3d] -- :construction: [stix2 import] Importing external autonomous system observable +- Wip: [stix2 import] Importing external autonomous system observable objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external x509 observable objects. +- Wip: [stix2 import] Importing external x509 observable objects. [chrisr3d] -- :construction: [stix2 import] Importing mac-address external observable objects. +- Wip: [stix2 import] Importing mac-address external observable objects. [chrisr3d] - Also changed the recently changed mutex import to reuse a function to parse all observable objects of an observed-data object at once to import single attributes -- :construction: [stix2 import] Importing external mutex observable objects. +- Wip: [stix2 import] Importing external mutex observable objects. [chrisr3d] - Also change on a function name for more clarity and to differenciate more easily functions for observable objects and patterns -- :construction: [stix2 import] Importing external registry-key observable +- Wip: [stix2 import] Importing external registry-key observable objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Updated external observable mapping: files with +- Wip: [stix2 import] Updated external observable mapping: files with artifact & directory references. [chrisr3d] - The parsing logic is already there since files @@ -11759,13 +12158,13 @@ Other the mapping dictionary - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing external url observable objects. +- Wip: [stix2 import] Importing external url observable objects. [chrisr3d] -- :construction: [stix2 import] Added warning message if not all the observable +- Wip: [stix2 import] Added warning message if not all the observable objects are referenced by an email-message object. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Import of external email message & address +- Wip: [stix2 import] Import of external email message & address observable objects. [chrisr3d] - Reuse of some parsing functions for external and @@ -11774,18 +12173,18 @@ Other parsing email addresses, body & content refs references by email message objects - Fixed another indentation issue -- :construction: [stix2 import] Import of domain and ip observable objects. +- Wip: [stix2 import] Import of domain and ip observable objects. [chrisr3d] - Also quick indentation fix - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Import of network-traffic and ip external +- Wip: [stix2 import] Import of network-traffic and ip external observable objects. [chrisr3d] - Ongoing rework for external observable objects and patterns in progress -- :construction: [stix2 import] Import of external file observable objects. +- Wip: [stix2 import] Import of external file observable objects. [chrisr3d] - Support of PE extension to create PE object(s) @@ -11797,7 +12196,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Starting parsing external observable objects. +- Wip: [stix2 import] Starting parsing external observable objects. [chrisr3d] - Started with file observables @@ -11806,9 +12205,9 @@ Other object type we want and all the references - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Struggling with the files and payloads import. +- Wip: [stix2 import] Struggling with the files and payloads import. [chrisr3d] -- :construction: [stix2 import] Removed unused mapping dict + moved constant to +- Wip: [stix2 import] Removed unused mapping dict + moved constant to the mapping script. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] @@ -11816,7 +12215,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 export] Moved dictionaries in the mapping file & using the +- Wip: [stix2 export] Moved dictionaries in the mapping file & using the complete import path instead of import * from the mapping file. [chrisr3d] @@ -11828,7 +12227,7 @@ Other the main script - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Moving small parsing functions to the main script. +- Wip: [stix2 import] Moving small parsing functions to the main script. [chrisr3d] - Also passing the function names only instead of @@ -11853,11 +12252,11 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Parsing single external IP v4 or v6 address. +- Wip: [stix2 import] Parsing single external IP v4 or v6 address. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Parsing external relationships, galaxies, tags & +- Wip: [stix2 import] Parsing external relationships, galaxies, tags & reports. [chrisr3d] (+ Quick fix on internal tags handling) @@ -11869,7 +12268,7 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Handling File objects with PE extension & +- Wip: [stix2 import] Handling File objects with PE extension & sections. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] @@ -11893,17 +12292,17 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Separating file extensions to be parsed later. +- Wip: [stix2 import] Separating file extensions to be parsed later. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Better attack-pattern external references parsing +- Wip: [stix2 import] Better attack-pattern external references parsing + parsing external galaxies. [chrisr3d] -- :construction: [stix2 import] Parsing attack-pattern, course-of-action and +- Wip: [stix2 import] Parsing attack-pattern, course-of-action and vulnerability objects from external stix files. [chrisr3d] -- :construction: [stix2 import] Making difference between external and from MISP +- Wip: [stix2 import] Making difference between external and from MISP for some STIX object types. [chrisr3d] - Including Attack Pattern, Course of Action and @@ -11911,17 +12310,17 @@ Other - Also better file pattern parsing - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Better parsing for more external patterns. +- Wip: [stix2 import] Better parsing for more external patterns. [chrisr3d] -- :construction: [stix2 import] Some more external pattern mapped. [chrisr3d] +- Wip: [stix2 import] Some more external pattern mapped. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Starting parsing external patterns. [chrisr3d] -- :construction: [stix2 import] Some quick clean-up. [chrisr3d] +- Wip: [stix2 import] Starting parsing external patterns. [chrisr3d] +- Wip: [stix2 import] Some quick clean-up. [chrisr3d] - Preparing for the future 2.1 import - Removing mapping variables no longer used @@ -11935,53 +12334,53 @@ Other [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Importing reports external references as links. +- Wip: [stix2 import] Importing reports external references as links. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Proper parsing of galaxies, and tags. [chrisr3d] +- Wip: [stix2 import] Proper parsing of galaxies, and tags. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] -- :construction: [stix2 import] Loading relationships in a dictionary. [chrisr3d] +- Wip: [stix2 import] Loading relationships in a dictionary. [chrisr3d] - Thus we can parse them afterwards depending on the type of objects they put into relationship -- :construction: [stix2 import] Properly loading galaxies as tags. [chrisr3d] -- :construction: [stix2 import] Import of CourseOfAction, AttackPattern and +- Wip: [stix2 import] Properly loading galaxies as tags. [chrisr3d] +- Wip: [stix2 import] Import of CourseOfAction, AttackPattern and Vulnerability as objects reworked. [chrisr3d] -- :construction: [stix2 export] Defining relationships between observed-data and +- Wip: [stix2 export] Defining relationships between observed-data and galaxy objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] -- :construction: [stix2 import] Updated mapping library + removed +- Wip: [stix2 import] Updated mapping library + removed disable_correlation flags. [chrisr3d] - Since we use the object templates directly for the objects creation, we do not need to have the flag here. -- :construction: [stix2 import] Observable import rework completed. [chrisr3d] -- :construction: [stix2 import] Process observables import reworked. [chrisr3d] -- :construction: [stix2 import] More observable objects reworked. [chrisr3d] +- Wip: [stix2 import] Observable import rework completed. [chrisr3d] +- Wip: [stix2 import] Process observables import reworked. [chrisr3d] +- Wip: [stix2 import] More observable objects reworked. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] -- :construction: [stix2 import] User Account objects import reworked. [chrisr3d] -- :construction: [stix2 import] ASN observable import reworked + functions +- Wip: [stix2 import] User Account objects import reworked. [chrisr3d] +- Wip: [stix2 import] ASN observable import reworked + functions ordered. [chrisr3d] -- :construction: [stix2 import] Credential observable import + standard observable +- Wip: [stix2 import] Credential observable import + standard observable parsing function reworked. [chrisr3d] -- :construction: [stix2 import] Network socket import reworked. [chrisr3d] -- :construction: [stix2 import] Import of network connection objects from +- Wip: [stix2 import] Network socket import reworked. [chrisr3d] +- Wip: [stix2 import] Import of network connection objects from observable. [chrisr3d] -- :construction: [stix2 import] Started reworking observable objects import. +- Wip: [stix2 import] Started reworking observable objects import. [chrisr3d] -- :construction: [stix2 import] All known MISP objects mapped with STIX patterning +- Wip: [stix2 import] All known MISP objects mapped with STIX patterning are now reworked. [chrisr3d] -- :construction: [stix2 import] Email pattern import. [chrisr3d] -- :construction: [stix2 import] File patterns import reworked. [chrisr3d] -- :construction: [stix2 import] Cleaner pattern import into objects. [chrisr3d] +- Wip: [stix2 import] Email pattern import. [chrisr3d] +- Wip: [stix2 import] File patterns import reworked. [chrisr3d] +- Wip: [stix2 import] Cleaner pattern import into objects. [chrisr3d] - Add: [stix2 export] Exporting process image attribute in observable objects. [chrisr3d] -- :construction: [stix2 import] Reworking stix2 import. [chrisr3d] +- Wip: [stix2 import] Reworking stix2 import. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -11995,11 +12394,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.127 (2020-06-16) --------------------- New ---- +~~~ - [cli] Command for pulling from all remote servers. [Jakub Onderka] - [Tag] Allow Tag's numerical_values to be overriden by userSettings. [mokaddem] @@ -12013,7 +12413,7 @@ New With more tabs, navigation between tabs with different events can be pain, when all of them has the same title. Changes -------- +~~~~~~~ - [PyMISP] Bump. [Raphaël Vinot] - [version] bump. [iglocska] - [internal] Log exception if exception is thrown during event @@ -12080,7 +12480,7 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [UI] Double Discussion header when sending comment. [Jakub Onderka] - [internal] object level restsearch issues resolved when querying via filters on the attribute scope, fixes #6016. [iglocska] @@ -12127,7 +12527,7 @@ Fix - [whitelist] Correclty refresh the cached values. Fix #3772. [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #5992 from JakubOnderka/download-event-log- @@ -12271,11 +12671,12 @@ Other - Merge branch 'pr-5256' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5256. [mokaddem] + v2.4.126 (2020-05-18) --------------------- New ---- +~~~ - [internal] Do not log auhtkeys. [Jakub Onderka] - [tool] Generates communities webpage. [Christophe Vandeplas] - [pubsub] Show info about processed messages. [Jakub Onderka] @@ -12302,12 +12703,13 @@ New - [statistics] added contributing org count. [iglocska] Changes -------- +~~~~~~~ - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [ui] Simplified code for OrgImgHelper. [Jakub Onderka] - [installer] Version bump. [Steve Clement] +- [installer] Version bump. [Steve Clement] - [installer] Update after Kali Linux fix. [Steve Clement] - [kali] More fixes, perhaps installing cake is useful?! 200QI. [Steve Clement] @@ -12360,14 +12762,15 @@ Changes - [roles] allow the creation site admin enabled roles without auth access. [iglocska] - [i18n] Updated: zh-s. [Applenice] +- [i18n] Updated: zh-s. [Applenice] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Bump version. [Steve Clement] - [doc] Make misp-modules work again. [Steve Clement] - [installer] Version Bump. [Steve Clement] Fix ---- -- :lock: xss in the resolved attributes view. [iglocska] +~~~ +- [security] xss in the resolved attributes view. [iglocska] - thanks to Jakub Onderka for reporting it - [UI] Always use capital UUID. [Jakub Onderka] @@ -12485,7 +12888,7 @@ Fix - [installer] Embarassing typo no1, 7.3!=7.4. [Steve Clement] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'pr-5917' into 2.4. [mokaddem] @@ -12500,6 +12903,7 @@ Other - Merge branch '2.4' into pr-5862. [mokaddem] - Merge branch 'pr-5856' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5856. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into pr-5856. [mokaddem] - Clean up errors when trying to update warning lists. [Jason Kendall] - Merge remote-tracking branch 'MISP/2.4' into 2.4. [Christophe Vandeplas] @@ -12578,6 +12982,7 @@ Other - Add: [restSearch] Added opendata to the valid formats. [chrisr3d] - Add: [opendata] Submoduling misp-opendata. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5861 from JakubOnderka/capital-uuid. [Alexandre Dulaunoy] @@ -12630,14 +13035,15 @@ Other - Merge remote-tracking branch 'upstream/2.4' into tools. [Steve Clement] + v2.4.125 (2020-04-30) --------------------- New ---- +~~~ - [feed] Support for compressed feeds. [Jakub Onderka] - Implementation of email-based OTP. [Golbark] -- :lock: added policy for github. [iglocska] +- [security] added policy for github. [iglocska] - [doc] Initial copy for Ubuntu 20.04. [Steve Clement] - [installer] updated template to prepare grounds for 20.04 (php7.4) [Steve Clement] @@ -12670,6 +13076,7 @@ New - helps the index factory fields retrieve data from the currently processed object based on a set of paths - [tool] MISP to Slack messaging using ZMQ. [Christophe Vandeplas] +- [tool] MISP to Slack messaging using ZMQ. [Christophe Vandeplas] - [database] New MySQL data source added for debugging. [iglocska] - MySQLObserver datasource added - prepends all queries with the requested controller/action and user ID for better debugging @@ -12694,7 +13101,7 @@ New - quick user creation if the user asks for an org that doesn't exist yet Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [pymisp] bump. [iglocska] - [new] Added QEMU support. [Steve Clement] @@ -12811,7 +13218,7 @@ Changes the user receives the e-mail. [iglocska] Fix ---- +~~~ - [internal] Just site admin can force when saving freetext. [Jakub Onderka] - [installer] Bug where the wrong php deps would get installed. [Steve @@ -12969,7 +13376,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge pull request #5207 from JakubOnderka/patch-33. [Steve Clement] fix: [internal] Just site admin can force when saving freetext @@ -13053,6 +13460,7 @@ Other - Merge branch '5819' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'JakubOnderka-redis-delete-multiple' into 2.4. [mokaddem] - Merge branch '2.4' into JakubOnderka-redis-delete-multiple. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -13124,10 +13532,16 @@ Other chg: [i18n] Updated: de, dk, fr, it, jp, no, ru, zh-s - Merge branch 'i18n' of github.com:MISP/MISP into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge remote-tracking branch 'origin/2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -13170,6 +13584,11 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5672 from patriziotufarolo/2.4. [Andras Iklody] @@ -13187,6 +13606,7 @@ Other Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5727 from stricaud/debian. [Alexandre Dulaunoy] - Various improvements: * Do not push a string for VERSION.json but use @@ -13201,11 +13621,12 @@ Other - Fixed bugs with PostgreSQL in bruteforce and feed models. [Bechkalo Evgeny] + v2.4.124 (2020-03-30) --------------------- New ---- +~~~ - [attributes:massEdit] Possibility to create proposals instead of edit. [mokaddem] - Add support for RHEL in the install script. [Golbark] @@ -13221,10 +13642,10 @@ New - [dashboard] multi line chart UI added. [iglocska] Changes -------- +~~~~~~~ - [server:dbSchemaDiagnostic] UI Improvement to hide tables containing only non-critical entries. [mokaddem] -- :lock: Added setting to restrict the encoding of local feeds. +- [security] Added setting to restrict the encoding of local feeds. [iglocska] - By adding local feeds, a malicious administrator could point MISP to ingest configuration files that the apache user has access to @@ -13246,6 +13667,7 @@ Changes - [widgets:multiline] Added possibility to pick datapoint and see the deltas. [mokaddem] - [warninglist] bump. [iglocska] +- [warninglist] bump. [iglocska] - [genericElement:indexTable-links] Allow to craft an URL with custom data_path. [mokaddem] - [genericElement:IndexTable] Allow to pass pagination options to @@ -13264,7 +13686,7 @@ Changes - [widgets:multiline] Adapt left margin for big numbers. [mokaddem] - [widgets:multiline] Added more Options, datapoints and total serie. [mokaddem] -- [widgets:multiline] Layout, UI and interactivity improvements - :construction:. +- [widgets:multiline] Layout, UI and interactivity improvements - WiP. [mokaddem] - [galaxy:view] Commented `altered galaxy` for now. [mokaddem] - [galaxyCluster:index] Migrated to use the genericElement factory + @@ -13291,7 +13713,7 @@ Changes - [travis] cat exec errors file. [Raphaël Vinot] Fix ---- +~~~ - [sync] Added function to handle older MISP instances despite the new way of passing org filter options. [iglocska] - [event:view] Show correct number of related events to be shown - Fix @@ -13339,13 +13761,15 @@ Fix - [stix export] Fixed cybox object import. [chrisr3d] Other ------ +~~~~~ +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5643 from Kortho/patch-3. [Steve Clement] @@ -13402,6 +13826,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into feature-widgets- scoped-css. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5697 from MISP/chrisr3d_patch. [Andras Iklody] Fix link to the dashboard from the statistics page @@ -13409,11 +13834,12 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.123 (2020-03-10) --------------------- New ---- +~~~ - [dashboard] added template delete functionality. [iglocska] - [dashboard] persistence package. [iglocska] @@ -13466,10 +13892,10 @@ New - various other fixes - [API] object level restSearch added. [iglocska] - still :construction: + still WiP Changes -------- +~~~~~~~ - [stix2] Bumped latest stix2 python library version. [chrisr3d] - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] @@ -13519,7 +13945,7 @@ Changes - [i18n] Updated pot files. [Steve Clement] Fix ---- +~~~ - [travis] ANTLR 4.8 works again. [Raphaël Vinot] - [ACL] added deleteTemplate. [iglocska] - [dashboards:edit] Prevent overriding the edited template with data @@ -13544,7 +13970,7 @@ Fix - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [user:edit] Correctly re-insert form data wipping password information. [mokaddem] -- :lock: Fixed presistent xss in the sighting popover tool. +- [security] Fixed presistent xss in the sighting popover tool. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) @@ -13552,7 +13978,7 @@ Fix [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) -- :lock: Fix reflected xss via unsanitized URL parameters. +- [security] Fix reflected xss via unsanitized URL parameters. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) @@ -13586,7 +14012,7 @@ Fix - [i18n] Various edits and small __('') addeage. [Steve Clement] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Bumped db_version. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -13600,6 +14026,7 @@ Other chg: [widget:worldmap] Various JS and UI Improvements - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -13616,11 +14043,12 @@ Other fix: [i18n] Various edits and small __('') addeage. + v2.4.122 (2020-02-26) --------------------- New ---- +~~~ - [logging] Log user IPs on login. [iglocska] - feature is optional and needs to be enabled in the server settings @@ -13633,7 +14061,7 @@ New system. [iglocska] Changes -------- +~~~~~~~ - [pymisp] bump. [iglocska] - Use poetry in travis. [Raphaël Vinot] - [version] bump. [iglocska] @@ -13652,7 +14080,7 @@ Changes - [version] bump. [jcarter] Fix ---- +~~~ - Run python tests from python. [Raphaël Vinot] - [CLI] allow for calling the update via the CLI without passing a process ID. [iglocska] @@ -13691,7 +14119,7 @@ Fix - [internal] Remove unused function. [Jakub Onderka] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -13773,11 +14201,12 @@ Other -- STR + v2.4.121 (2020-02-10) --------------------- New ---- +~~~ - [config load task] Added a task that will reload the settings on any console shell execution, fixes #5498. [iglocska] @@ -13803,7 +14232,7 @@ New - uses the same format as the index filters Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [internal] mispzmqtest.py. [Jakub Onderka] @@ -13821,8 +14250,10 @@ Changes - [UI] Check if ssdeep PHP extension is installed. [Jakub Onderka] - Bump expected PyMISP version. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [user] GPG key fetching by server. [Jakub Onderka] @@ -13856,8 +14287,8 @@ Changes - [console:server] Stop execution if user does not exists. [mokaddem] Fix ---- -- :lock: Correctly sanitize search string in Galaxy view. [mokaddem] +~~~ +- [security] Correctly sanitize search string in Galaxy view. [mokaddem] - As reported by Dawid Czarnecki - [object] object deduplication fixed. [iglocska] @@ -13866,15 +14297,15 @@ Fix To prevent saving it into browser cache - [internal] Remove unused line. [Jakub Onderka] - [indexes] Added SQL index for tag numerical_value. [mokaddem] -- :lock: Further fixes to the bruteforce handling. [iglocska] +- [security] Further fixes to the bruteforce handling. [iglocska] - resolved a potential failure of the subsystem when the MySQL and the webserver time settings are diverged - as reported by Dawid Czarnecki - several tightenings of the checks to avoid potential foul play -- :lock: discussion thread ACL issues fixed. [iglocska] +- [security] discussion thread ACL issues fixed. [iglocska] - as reported by Dawid Czarnecki -- :lock: brutefoce protection rules tightened. [iglocska] +- [security] brutefoce protection rules tightened. [iglocska] - as reported by Dawid Czarnecki - [API] make param tag alias of tags for /events/restSearch. [Jeroen @@ -13930,7 +14361,7 @@ Fix indexing change nad pretty-printed it. [mokaddem] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5615 from JakubOnderka/patch-85. [Andras Iklody] @@ -14059,11 +14490,12 @@ Other fix: [UI] Add space after ':' in error text + v2.4.120 (2020-01-21) --------------------- New ---- +~~~ - [shadowAttribute] first_seen and last_seen on shadowAttributes. [mokaddem] - [timeline/*-seen] Initial import of the timeline code from the @@ -14083,7 +14515,7 @@ New - [UI] first implementation of the modal forms. [iglocska] Changes -------- +~~~~~~~ - [PyMISP] update to the latest version. [Alexandre Dulaunoy] - [attributes] new attribute type 'chrome-extension-id' [Alexandre Dulaunoy] @@ -14144,7 +14576,7 @@ Changes - [update] Usage of `indexArray` instead of raw sql. [mokaddem] - [object:delta] No deletion of ObjectAttribute when sync. with Object's FS/LS. [mokaddem] -- [timeline] Improved controller name parsing (used in form) - :construction:. +- [timeline] Improved controller name parsing (used in form) - WiP. [mokaddem] - [object:quickAttributeAdd] Replace popover selection by the generic picker. [mokaddem] @@ -14223,7 +14655,7 @@ Changes - Bumped queryversion. [mokaddem] Fix ---- +~~~ - [install] Update .sfv. [Steve Clement] - [stix2] Fix stix2 for the Docs and Installer (#5526) [Steve Clement] @@ -14420,7 +14852,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] @@ -14500,10 +14932,17 @@ Other Wrong hash composer-setup.php - Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] +- Fix composer-setup.php hash. [Amaury Leroy] - Merge pull request #1 from MISP/2.4. [devnull-] Update fork - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #5459 from mokaddem/schemaDiagnosticImprovement. @@ -14530,6 +14969,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5208 from JakubOnderka/patch-34. [Andras Iklody] Simplify user profile logging @@ -14567,11 +15007,12 @@ Other fix: Remove unusued config option - Add: [stix import] Importing LinkObjects as link attribute. [chrisr3d] + v2.4.119 (2019-12-02) --------------------- New ---- +~~~ - [server:fixDBSchema] Preliminary work to fix database schema. [mokaddem] - [refactor] Massive internal refactor and cleanup of deprecated APIs. @@ -14634,7 +15075,7 @@ New - allows for the easier debugging of for example search queries Changes -------- +~~~~~~~ - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] @@ -14724,7 +15165,7 @@ Changes - reduces the number of queries greatly making debugging easier Fix ---- +~~~ - [diagnostic:DBSchema] Aligned schema to a clean non-tampered instance. [mokaddem] - [internal] When capturing an object, avoid throwig notice errors if no @@ -14770,7 +15211,7 @@ Fix index. [iglocska] - [tag] do not show actions column for non-admins. [Christophe Vandeplas] -- :lock: tightened checks for restricting users from tagging data +- [security] tightened checks for restricting users from tagging data they shouldn't be allowed to tag. [iglocska] As reported by Christophe Vandeplas @@ -14853,12 +15294,13 @@ Fix - returns puzzling error messages Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'db_fix' into 2.4. [iglocska] +- Merge branch 'db_fix' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into feature-fix-db- inconsistencies. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -14900,6 +15342,7 @@ Other Added more Organisation statistics - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5400 from SteveClement/REST_Client_python. [Andras Iklody] @@ -14925,9 +15368,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Revert "Revert "Merge pull request #5304 from JakubOnderka/version- @@ -14949,11 +15395,12 @@ Other fix: [internal] Load MISP version just once in AppController - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] + v2.4.118 (2019-11-08) --------------------- New ---- +~~~ - [attribute:restSearch] Support of Orgc and GalaxyElement meta searches. [mokaddem] - [event:restSearch] Support of Orgc meta searches. [mokaddem] @@ -14973,10 +15420,10 @@ New [mokaddem] - [cli] server connectivity test. [Jan Skalny] - [servers:DBDiagnostic] Improved indexTable and added new DB schema - diagnostic (:construction:) [mokaddem] + diagnostic (WiP) [mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [diagnostic] Exposed dbSchemaDiagnostic to the API. [mokaddem] - [restSearch] Improved meta-search code - Correctly returns nothing if @@ -15026,6 +15473,7 @@ Changes - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Enable mailing in travis. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated installer to support latest Kali Linux chg: [doc] Amended Centos7 mirror foo. [Steve Clement] @@ -15073,7 +15521,7 @@ Changes - [updateProgress] Added threshold preventing animations. [mokaddem] - [updateProgress] Redraw the switch if it gets overriden. [mokaddem] - [updateProgress] Pooling task now use the taskScheduler. [mokaddem] -- [updateProgress] Started taking into account stack of updates - :construction:. +- [updateProgress] Started taking into account stack of updates - WiP. [mokaddem] - [diagnostic] Exposed mysql and redis diagnostic on the API. [mokaddem] - [dbSchemaDiagnostic] UI improvements. [mokaddem] @@ -15085,27 +15533,27 @@ Changes - [dbSchemaDiagnostic] show remaining time before update unlock and columns that should not be there. [mokaddem] - [update] Added new worker type `update` to perform updates. [mokaddem] -- [update] Correctly terminate parallels workers doing updates - :construction:. +- [update] Correctly terminate parallels workers doing updates - WiP. [mokaddem] - [update] Moved locking system from `updateDatase` to `runUpdates` - - :construction:. [mokaddem] + WiP. [mokaddem] So that `updateMISP` is also locked and workers benefits of more context -- [update] Keep track of update number in job - :construction:. [mokaddem] +- [update] Keep track of update number in job - WiP. [mokaddem] - [dbSchemaDiagnostic] Improved wording. [mokaddem] - [dbSchemaDiagnostic] Improved code quality. [mokaddem] - [dbSchemaDiagnostic] Adapt label color. [mokaddem] - [dbSchemaDiagnostic] Catches errors and display them in the UI. [mokaddem] - [dbSchemaDiagnostic] Added support of db_version. [mokaddem] -- [dbSchemaDiagnostic] Improved parsing and UI - :construction:. [mokaddem] -- [dbSchemaDiagnostic] changing diagnostic - :construction:. [mokaddem] +- [dbSchemaDiagnostic] Improved parsing and UI - WiP. [mokaddem] +- [dbSchemaDiagnostic] changing diagnostic - WiP. [mokaddem] - [update] Update function name are more explicit. [mokaddem] - [update] `updateDatabase` returns the result of the update (duplicated column are nbot counted as an error) [mokaddem] Fix ---- +~~~ - [attributes:restSearch] Fixed typo. [mokaddem] - [UI] Automatic logout. [Jakub Onderka] - [UI] Server diagnostics download link. [Jakub Onderka] @@ -15147,6 +15595,7 @@ Fix present in the bundle. [chrisr3d] - [stix2 import] Removed unused variable in dictionary loop. [chrisr3d] - [live:notice UI] Fixed baseurl variable. [mokaddem] +- [live:notice UI] Fixed baseurl variable. [mokaddem] - [updateProgress] Fixed return message to better handle translation. [mokaddem] - [update] Apply restriction of only 1 running process for only the @@ -15163,7 +15612,8 @@ Fix [mokaddem] Other ------ +~~~~~ +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5311 from JakubOnderka/patch-63. [Andras Iklody] @@ -15344,11 +15794,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into workerForDBUpdate. [mokaddem] + v2.4.117 (2019-10-10) --------------------- New ---- +~~~ - [user settings] Added restrictions for certain settings. [iglocska] - based on role permissions @@ -15382,7 +15833,7 @@ New - [API] Netfilter added as new export format. [iglocska] Changes -------- +~~~~~~~ - Bump recommended PYMISP version. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [sync] Code cleanup. [Jakub Onderka] @@ -15391,6 +15842,7 @@ Changes - Version bump. [iglocska] - Bumped queryversion. [mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [eventGraph] Renamed `rotation key` to `pivot key` and do not collaspe when adding/removing edges. Fix #3683. [mokaddem] - [event:view] Displays sighting popover if button has been hovered for @@ -15407,6 +15859,7 @@ Changes context. [mokaddem] - [UI] Collapse S/MIME or GPG key. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [tool] gen_misp_types_categories uses jq. [Christophe Vandeplas] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [feed] Use new AppModel::logException method. [Jakub Onderka] @@ -15475,7 +15928,7 @@ Changes - [stix2 export] Better vulnerability object parsing. [chrisr3d] Fix ---- +~~~ - [PyMISP] Travis tests. [Raphaël Vinot] - [internal] missing org object for users/view. [iglocska] - [internal] Remove closing PHP tag. [Jakub Onderka] @@ -15634,7 +16087,7 @@ Fix type (indicator, observable or vulnerability) Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5263 from JakubOnderka/patch-51. [Andras Iklody] @@ -15846,14 +16299,16 @@ Other Refactor app controller - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.116 (2019-09-16) --------------------- New ---- +~~~ - [sync] Added sync priority system to prioritise the order of instances to push to. [iglocska] - [CLI] Added cleanup tool to purge all events related to a feed. @@ -15869,7 +16324,7 @@ New - [API] verbose output for /servers/update. [iglocska] - [event:view] Added support of decay score. [mokaddem] - [decaying:rest] Filtering out of decayed attributes. [mokaddem] -- [decaying] Partial API support - :construction:. [mokaddem] +- [decaying] Partial API support - WiP. [mokaddem] - [restResponse] Added entries in Attribute/RestSearch for decaying model support. [mokaddem] - [decaying] Added models import and export feature. [mokaddem] @@ -15886,7 +16341,7 @@ New entries to 1 / hour / key. [iglocska] Changes -------- +~~~~~~~ - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest one. [Alexandre Dulaunoy] @@ -15909,26 +16364,26 @@ Changes attributeTag. [mokaddem] - [decaying:simulation] Swapped round to floor when rounding sightings timestamp. [mokaddem] -- [decaying:model] Seventh batch of fix from the PR review - :construction: (not +- [decaying:model] Seventh batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Sixth batch of fix from the PR review - :construction: (not +- [decaying:model] Sixth batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Fith batch of fix from the PR review - :construction: (not +- [decaying:model] Fith batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Fourth batch of fix from the PR review - :construction: (not +- [decaying:model] Fourth batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Third batch of fix from the PR review - :construction: (not +- [decaying:model] Third batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] Second batch of fix from the PR review - :construction: (not +- [decaying:model] Second batch of fix from the PR review - WiP (not tested) [mokaddem] -- [decaying:model] First batch of fix from the PR review - :construction: (not +- [decaying:model] First batch of fix from the PR review - WiP (not tested) [mokaddem] - [database] Added indexes to decaying models and related tables. [mokaddem] - [event] applying few PSR2 rules. [mokaddem] - [decaying:simulation] restSearch comments added to be fixed in next decaying version. [mokaddem] -- [decaying] First batch of fix from the PR review - :construction: (not tested) +- [decaying] First batch of fix from the PR review - WiP (not tested) [mokaddem] - Added CR/LF. [mokaddem] - [sql] align initial perm with sightings. [mokaddem] @@ -15960,7 +16415,7 @@ Changes - [decaying:base_score_config] Simulation at predicate level in the user interface. [mokaddem] - [decaying:base_score_config] Improved UI responsiveness. [mokaddem] -- [decaying:base_score_config] Consider predicate weight UI only - :construction:. +- [decaying:base_score_config] Consider predicate weight UI only - WiP. [mokaddem] - [decaying:base_score_config] Added reason of taxonomy exclusion. [mokaddem] @@ -16014,7 +16469,7 @@ Changes - [decaying] `FetchAllowedModels` now supports `all_orgs` [mokaddem] - [decaying] Renamed function and started true implemention of ACL for models. [mokaddem] -- [decaying] Added restricted edition and `all_orgs`` flag - :construction:. +- [decaying] Added restricted edition and `all_orgs`` flag - WiP. [mokaddem] - [globalmenu] Added link to `/decayingModel/index` [mokaddem] - [decaying:view] Added logo to distinguish between custom and default @@ -16026,7 +16481,7 @@ Changes - [decaying] Allow for model parameteres override. [mokaddem] - [decaying] Usage of classname instead of const, support of `retention` taxonomy and small fix. [mokaddem] -- [decaying] Added list of available formulas and model settings - :construction:. +- [decaying] Added list of available formulas and model settings - WiP. [mokaddem] - [decaying] Changed default formula name to polynomial. [mokaddem] - [sidemenu:decayingModel] Added dividers. [mokaddem] @@ -16075,12 +16530,12 @@ Changes [mokaddem] - [decaying:simulation] Support of sightings in the decaying simulation. [mokaddem] -- [decaying:simulation] Draft 2 of simulation chart line - :construction:. +- [decaying:simulation] Draft 2 of simulation chart line - WiP. [mokaddem] -- [decaying:simulation] Draft of simulation chart line - :construction:. [mokaddem] +- [decaying:simulation] Draft of simulation chart line - WiP. [mokaddem] - [decaying:simulation] Support of row clicking. [mokaddem] - [decaying:simulation] Attribute searches. [mokaddem] -- [decaying:simulation] Started simulation view - :construction:. [mokaddem] +- [decaying:simulation] Started simulation view - WiP. [mokaddem] - [decaying:tool] Object categories are treated as an array. [mokaddem] - [decaying] Improved UI and limit number of digit in parameters. [mokaddem] @@ -16094,31 +16549,31 @@ Changes [mokaddem] - [decaying:tool] Show available tags in the taxonomy. [mokaddem] - [decaying:tool] Added example table with automatic tags picking and - pass config to the model - :construction:. [mokaddem] + pass config to the model - WiP. [mokaddem] - [decaying:tool] Started implementation of tag support and examples in the `adjust base_score` [mokaddem] - [decaying:tool] Filter taxonomies not having numerical score. [mokaddem] - [decaying] UI tweaking on the galaxy tree map. [mokaddem] - [css] Increase z-index of popover. [mokaddem] -- [decaying] Improved UI - :construction:. [mokaddem] -- [decaying] slight UI Improvement - :construction:. [mokaddem] -- [decaying] Improved UI - :construction:. [mokaddem] -- [decaying] Started support of taxonomies (base_score) - :construction:. +- [decaying] Improved UI - WiP. [mokaddem] +- [decaying] slight UI Improvement - WiP. [mokaddem] +- [decaying] Improved UI - WiP. [mokaddem] +- [decaying] Started support of taxonomies (base_score) - WiP. [mokaddem] -- [decaying] Started taxonomies integretion - :construction:. [mokaddem] +- [decaying] Started taxonomies integretion - WiP. [mokaddem] - [decayingTool] Added missing class. [mokaddem] - [decayingTool] Added number of type assigned to a model. [mokaddem] - [decayingTool] Added selection history and selection restoration. [mokaddem] -- [decayingTool] Improved UI - :construction:. [mokaddem] -- [decaying] fixed bug (array_values) and improved layout - :construction:. +- [decayingTool] Improved UI - WiP. [mokaddem] +- [decaying] fixed bug (array_values) and improved layout - WiP. [mokaddem] -- [decaying] Improved getAssociatedModels - :construction:. [mokaddem] -- [decaying] Clean-up - :construction:. [mokaddem] +- [decaying] Improved getAssociatedModels - WiP. [mokaddem] +- [decaying] Clean-up - WiP. [mokaddem] - [Decaying] Improved mapping reset and started integration with the interface. [mokaddem] -- [decayingTool] Improved related type retreival and improved UI - :construction:. +- [decayingTool] Improved related type retreival and improved UI - WiP. [mokaddem] - [DecayingTool] Added more fields. [mokaddem] - [decayingModel] Added update mechanism from local files and started @@ -16127,12 +16582,12 @@ Changes - [decayingTool] Added filtering/search on the Attribute type table. [mokaddem] - [decayingTool] Switched to JQuery plugin instead of raw JS. [mokaddem] -- [decayingTool] Improved bounding rect - :construction:. [mokaddem] +- [decayingTool] Improved bounding rect - WiP. [mokaddem] - [decayingTool] removed comments. [mokaddem] -- [decayingTool] UI improvement - :construction:. [mokaddem] -- [decayingTool] Majority has been moved to d3. Still :construction:. [mokaddem] -- [devayingTool] UI improvement - :construction:. [mokaddem] -- [DecayingTool] Playing around with d3 - :construction:. [mokaddem] +- [decayingTool] UI improvement - WiP. [mokaddem] +- [decayingTool] Majority has been moved to d3. Still WiP. [mokaddem] +- [devayingTool] UI improvement - WiP. [mokaddem] +- [DecayingTool] Playing around with d3 - WiP. [mokaddem] - [decayingTool] Moving from chart.js to d3.js. [mokaddem] - [DecayingTool] Added list of available Object Attribute. [mokaddem] - [decaying] Improved selection performance. [mokaddem] @@ -16140,17 +16595,17 @@ Changes and non-ToIDS Attributes. [mokaddem] - [decayingTool] Moved JS in its own file + added table checkbox. [mokaddem] -- [decayingModel] Improved UI (selectable behavior) - :construction:. [mokaddem] +- [decayingModel] Improved UI (selectable behavior) - WiP. [mokaddem] - [decayingModel] Added Col org and splitted json into input fields. [mokaddem] -- [decaying] Model and UI improvement - :construction:. [mokaddem] +- [decaying] Model and UI improvement - WiP. [mokaddem] - [decayingTool] Added model and controller. [mokaddem] -- [decayingTool] More info on Attribute types and model loading - :construction:. +- [decayingTool] More info on Attribute types and model loading - WiP. [mokaddem] - [decayingTool] More info and help text. [mokaddem] -- [deacyingTool] Improved UI - :construction:. [mokaddem] +- [deacyingTool] Improved UI - WiP. [mokaddem] - [decayingTool] Added var. [mokaddem] -- [decaying] UI skeleton - :construction:. [mokaddem] +- [decaying] UI skeleton - WiP. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Set composer vendor dir right in composer.json. [Jakub Onderka] - Put require PHP version and extension into composer.json. [Jakub @@ -16164,7 +16619,7 @@ Changes expected part. [iglocska] Fix ---- +~~~ - [stix2] Fixed custom objects parsing when an attribute is multiple. [chrisr3d] @@ -16238,7 +16693,7 @@ Fix - [appModel] SQL query syntax fixed. [mokaddem] - [decaying] UI - Interface errors and sanitization. [mokaddem] - [decaying:base_score_config] basescore computation steps works again - - :construction:. [mokaddem] + WiP. [mokaddem] - [appmodel] Added db_change number for the decaying update. [mokaddem] - [Sightings] Plugin.Sightings_policy=Event Owner now shows sightings that belong to the creating org. [mokaddem] @@ -16327,7 +16782,7 @@ Fix - [stix import] Fixed some typos. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] @@ -16361,9 +16816,18 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] -- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge remote-tracking branch 'origin/2.4' into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying. [mokaddem] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] @@ -16402,7 +16866,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Add: [stix import] Importing attack pattern galaxies. [chrisr3d] -- :construction: [stix import] Functions to import attack pattern, vulnerability & +- Wip: [stix import] Functions to import attack pattern, vulnerability & weakness objects. [chrisr3d] - Functions to parse galaxies to come soon @@ -16415,11 +16879,12 @@ Other not related that will be imported as attributes or objects + v2.4.115 (2019-09-09) --------------------- Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Install crypt_gpg by composer. [Jakub Onderka] - Allow to load Crypt_GPG from composer. [Jakub Onderka] @@ -16455,7 +16920,7 @@ Changes - [stix2] Bumped latest STIX2 python library changes. [chrisr3d] Fix ---- +~~~ - [UI] Removed duplicate button title in userIndexTable.ctp. [Jakub Onderka] - Throw exception when GnuGP homedir is not set. [Jakub Onderka] @@ -16465,7 +16930,7 @@ Fix This error was introduced in 600e54051694ca4d479a9e2c82db45fe19a46a6c - [stix2 import] Fixed hash patterns import for external STIX files. [chrisr3d] -- :lock: Fix to a vulnerability related to the server index. +- [security] Fix to a vulnerability related to the server index. [iglocska] - along with various support tools @@ -16500,7 +16965,7 @@ Fix fixes #3871. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5119 from JakubOnderka/patch-24. [Sami Mokaddem] @@ -16552,11 +17017,12 @@ Other Fix Declaration of RestResponseComponent warning - Fix Declaration of RestResponseComponent warning. [Richie B2B] + v2.4.114 (2019-08-30) --------------------- New ---- +~~~ - [API] Added event delegations to the list of API enabled functions. [iglocska] @@ -16601,7 +17067,7 @@ New - increased recommended memory size additionally Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump for release, take 2. [Raphaël Vinot] - [PyMISP] Bump for release. [Raphaël Vinot] @@ -16680,7 +17146,7 @@ Changes This exception is thrown when not logged access `users/checkIfLoggedIn.json` Fix ---- +~~~ - [API] Messages fixed for event delegations. [iglocska] - [API] event delegation inverted invalid IF branch. [iglocska] - [internal] return true from the external email sender if no mocking is @@ -16770,9 +17236,10 @@ Fix fixes #5022. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -16784,6 +17251,7 @@ Other fix: [ui] Missing space and dot at export page - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5083 from 4ekin/fix-postgresql-issues. [Andras Iklody] @@ -16923,11 +17391,12 @@ Other chg: Do not log ForbiddenException by default + v2.4.113 (2019-08-16) --------------------- New ---- +~~~ - [API] get a single server setting via /servers/getSetting/[setting_name], fixes #4964. [iglocska] - [API] Allow posting freetext data for ingestion via the event uuid @@ -16956,7 +17425,7 @@ New - very primitives, simply concatenates events to be pushed into a file - Reminder to run gen_misp_types_categories when model changes. [Christophe Vandeplas] -- [API] Attribute add rework - :construction:. [iglocska] +- [API] Attribute add rework - WIP. [iglocska] - handle attribute creation in a unified manner via captureAttributes - [internal] Default field list added for attributes. [iglocska] @@ -16964,7 +17433,7 @@ New - let's try to standardised on things we output instead of doing it manually. It's a first step Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [Travis] Use default python3 version on the image (3.6+), fix perms @@ -17026,7 +17495,7 @@ Changes posted JSON object. [iglocska] Fix ---- +~~~ - [PyMISP] Bump, missing change. [Raphaël Vinot] - [internal] Feed lookup by UUID removed as feeds don't actually have UUIDs, fixes #4998. [iglocska] @@ -17143,7 +17612,7 @@ Fix - [internal] testBoolFalse logic error fixed. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Revert "chg: [warning-list] Filter CIDR warning list before eval" [iglocska] @@ -17222,11 +17691,13 @@ Other - Add: [stix export] Exporting attack-pattern, vulnerability & weakness objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'feature/attribute_add_rework' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -17234,15 +17705,17 @@ Other [chrisr3d] - Add: [stix2 export] Exporting Attack Pattern objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4955 from JakubOnderka/patch-3. [Andras Iklody] fix: [UI] Row description in View Warninglists + v2.4.112 (2019-08-02) --------------------- New ---- +~~~ - [sync] Event index cleaned up, total count of listd events added as X-Result-Count header. [iglocska] - [sync] Previewing a remote instance now passes pagination rules in the @@ -17272,7 +17745,7 @@ New alternative to the timestamp, fixes #4937. [iglocska] Changes -------- +~~~~~~~ - [pymisp] bumped. [iglocska] - [version] bump. [iglocska] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] @@ -17311,6 +17784,8 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [Submodules] Bump Taxonomies and objects. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] - [travis] Cleanup pymisp install. [Raphaël Vinot] - [pymisp] Bump it. [Raphaël Vinot] - [travis] Start workers. [Raphaël Vinot] @@ -17326,7 +17801,7 @@ Changes stripped label. [mokaddem] Fix ---- +~~~ - [pymisp / querystring] versions bumped. [iglocska] - [enrichment] Getting objects description from the view. [chrisr3d] - [enrichment view] Passing description & template information about @@ -17428,7 +17903,7 @@ Fix - [servers] Adding a server now requires the name to be set, partially fixes #4889. [iglocska] - [API] Server deletion now responds correctly via the API. [iglocska] -- :lock: Fix to stored XSS. [mokaddem] +- [security] Fix to stored XSS. [mokaddem] - as reported by David Heise - Removed unnecessary uuid rewriting in objects. [chrisr3d] @@ -17515,7 +17990,7 @@ Fix - [debug] Remove debug call. [Raphaël Vinot] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] @@ -17523,6 +17998,8 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4951 from JakubOnderka/patch-2. [Andras Iklody] chg: Use faster algorithm for Warninglist::__ipv6InCidr @@ -17541,6 +18018,7 @@ Other - Describing links linking to the provided CWE lookup - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix import] Importing user account object. [chrisr3d] @@ -17570,6 +18048,7 @@ Other slightly modified logroate config which rotates all logs in MISP/app/… - Update misp.logrotate. [Steve Clement] +- Update misp.logrotate. [Steve Clement] - Slightly modified logroate config which rotates all logs in MISP/app/tmp/logs when they reach a 50MB limit, with maximum log size set to 500M. rotation is checked every hour. [michael] @@ -17612,25 +18091,26 @@ Other Allow SSL verification to be disabled with config. If I understand this right this will need to be scheduled with a cronjob if the expiration framework is wanted? + v2.4.111 (2019-07-14) --------------------- New ---- +~~~ - [attribute-type] community-id added. [Alexandre Dulaunoy] Community-id is a new attribute type to describe a flow hashing algorithm allowing the consumers of output from multiple traffic monitors to link each system's flow records more easily. - [API] Proposal sync rework done. [iglocska] -- [proposal sync rework] :construction:. [iglocska] +- [proposal sync rework] WIP. [iglocska] - [doc] "Hidden" NetBSD install (core works) (#4847) [Steve Clement] new: [doc] "Hidden" NetBSD install (core works) - [doc] Hidden NetBSD install (core works) [Steve Clement] Changes -------- +~~~~~~~ - [version] bump version 2.4.111. [Alexandre Dulaunoy] - [version] align PyMISP version with core. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] @@ -17647,7 +18127,7 @@ Changes [mokaddem] Fix ---- +~~~ - [internal] Explicit conditions to avoid ambiguous lookups. [iglocska] - [UI] Fixed galaxy add buttons on event index. [iglocska] - [bug] RestClient notice error fixed. [iglocska] @@ -17682,7 +18162,7 @@ Fix - [sync] Fixed a bug breaking the sync. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'hotfix/sync_rework' into 2.4. [iglocska] - Merge branch '2.4' into hotfix/sync_rework. [iglocska] @@ -17690,6 +18170,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix2 import] Importing external User Account objects. [chrisr3d] @@ -17701,11 +18182,12 @@ Other - External STIX documents support of User Account object to come very soon + v2.4.110 (2019-07-08) --------------------- New ---- +~~~ - [tags] Local tags feature added. [iglocska] - Create tags locally if you are a host org user that allows in-place tagging for sync / export filtering @@ -17718,20 +18200,77 @@ New - [correlation graph] Toggle physics on/off. [iglocska] .,/#&&@@@@@@@@&%(*. + #@@@@%*..,..,.,,.,,.,.,.,,,,..,*#@@@@( .&@@%,,.,,.,,,*#%&&&%#(/**,,**/(%&&&%(/,.......(@@@, + %@@(,,,,,,(&&%*.......... ...*,*..,.........../&,....,%@@, &@&,,,,,*&&(.... .*....*..//.../../(...*.*(...%..........#&(....*@@/ + ,@@,,,.,#......#..#*..(#..(*./,..,...*(...*.,.*..........#/#.....%&,..,/@@. + /@%,,,,(&(.....#/,...#../.(#...,/.,,../,..*(...*...%,.........,*...#./....#&,.,,@@. + .@&,.,,%&....,,....(*,.../.(,..(...,..,..*#..,,..,..,...*,....../#...,..(//.....,&/..,&@. + %@,,,,#&...,,/./**....(,,..(,.//..,*..............................,.....././(.,..*...,&/,,,@& + @%,,.(&,../(*..(#../#....(*. /....................................../,..*.*..//,,..,/.....,&...%@ + .@(..,&&,......%,,/..../(..(................................................/(..(.,.*.....**....%#,,*@, + @(,,*&%*.........*((....*#.......................................................(*.,,.......*,#...*&..,@* @#,,/&%,.(*..........#,/.............................................................../...*..*(.......*&.,*@, + #@,.,&&*.#&/(.,...............................................................................,...(...,.,,.*%..*@ @*,,%@/......#*(................................................................................./. (./.#.....#%..%@ + &@,,/..........#,../................................................................................,.#.........&*,,@* @/,,&@,............/(..................................................................................#............*&../@ @*,/&&.................................................................................................................&,..@ (@,,(&(...................................................................................................................%%..@( + (&,,#&*.....................................................................................................................,%../% #@,,%&........................................................*/,...../(*......................................................&..*@ + /&,,%&...................................................., **..................................................&..,@ + *@,,%&.................................................., . . .. . . *,................................................&..*@ @*,#%,................................................* .. (................................................&.,*% + @/,*#*...............................................*%/,,,***,...,,. ..............,&..............................................,&..&( + %&,,%@...............................................%**,..,,,,,,,......,. ........ ,,%#............................................./(,.@ @*,(%................................................*,..*(*.*,,...*,/..*,.. ... .,.*... ...............................................&*..@ + &(,,#,...............................(/**,,,.,,(.*/,%&&%#*/#(....,* .,...... */. ..,/**/(##% *,,.,,.( . .(..............................&..## + @*,%#................................*.... .(/..... %,,.,,*.,**.,,,,,,*((*,..... .(. . . .. ,.,,,..,. .....,..............................#(..@ + ,,/,................................*. ...........#,*.,/*.,,,,,,,,,,,...,*....... .(. . * %...............................&..*# + @/,##.................#*..,*,,,,..(/,,,*.,***/,,,,/*/*.,,,,,,,,,,,//***,,,**...... .. ./.%.,*.(*,,,..,.,/,..,***/*#...*%(...............%(..@ + .@*.#*..........,,,,,*,%....,/,**/...,//(/...*/((,.,/&%((/***/*//**///////********,,,,......./%(.......... . .,,,,.....#*.. ...,.........%..%/ + #(*//..........%,.,,,,.%........... . ...............*/****,*,,,,**,,,,,,,,,,,,,..,,.........(,,,,,*,,,*,,,......... ....( ...../.........&.,.@ + @/,(/........%%,.,,*,(%/*/*...,.,,*,..............,,.,/%%%###%%##%####(#%####%%(/((###(//(%((.................., . ....,%%((((//(&.......#/..@ + @/,((..........%......#*...........,..............,.../,//****/***/**,,*/,,/(*,*,,........**.(.,.................*...........& .*.........,%..@ + @/,#/..........(,,.,,,(*.........../..............,.../,/*/((((//*//*,*#***,./,/,,,........*./...................*...........%....../..........%..%. + @/,#*..........#......*/...........*..................*.**/,.,*(//**/,..,..,...*,,,..,*,...*.(...................*...........% .../..........&..(, + .@(*#,..........%......//...........,.,......,,*,**....*./**(,##,(//*/,/%&&&%%&//,,,..,//,.,*.(...../,,,,.........*.,.,.,.....& .. ../..........&../, + @(*#,..........#...(,,&/.....,%##(,*.......,,/*,(.,..,*./*/(*/**(/*,/,///***,.*/,,,..,../.,*./.....*/..(........./,*,*#......&,../..*..........&..(, + @(*#/..........#..*...%/...,.*,..#,,.......,,,..#,,.,,*./*/(*//*(//,(**//,,,,.*/,.,.,*../../,/...../(..(.........(.,..(.,....#. ..*.,,.........%..% + @/*/*..........#..,...%*...,.*,..#.,.......,*,..(.,,..*,**(#*((/(//,/********,*/*,,,.*..*.,/,(.,...*(..(.........(.,..(......#... *.*,.........%..@ + &//*,..........%..*...&,...../...(,,......,,*...(.,,,,,.///(*/////(*(,/*/***,,*/*.,.,*..*.,*./.,...*(../.........#,,..(......#. /./..........#..@ + *%/,#..........%..,...%,...........,.......,*...#.,,,./.**((*//*(//*(,/*/**,*,//*,,..,..*.,/,(...,.*#../,........#. .,......./. /.*.........**..@ + @/,(,.........%.. %....,..,....,,......,*...(,,,,/.,/,./*/(,(((/%#*,(///*//((,...*..*.,*,,#.,,,// ,.........#...........#. . ,.........&..%/ + @(/,/....,.........,*..,.........,,.....,.,.,,*,,,*//***,,,,,,**,***,****//(((##%%#######(#(#(..,.***,,,........#............./... ..,*...%..@ + ,@/,#,...,..,.,**,,,..,,,.,,.....,.,.,...,,/***/,,//(/////////**///(////**,,,,,,**,,,,......./.*,,**,,,,........#.............*,,,*,,,..**..#*.,% + @/**/...............................,,,,,,,,,,,*&&%%%###%%%%%%%%%&&&&&&%%##((/////***,*,,,,*/#%(&%###%%%%%&&&&&&%########((//**,...........%..@ + @/,/...........,%...............................**,,,,,,,*******//((###%%%&&&&@@@@@@@@@@@@@@%...............................,,,,,,,*/*.**.*& + /,#.....,*.,%&&%...........,.,..,*.....*,&/......*.*,/....&(#%......,.....*. ,.....,,,............../*........ .............../,..#*,..%..@ + @/*,/..,*@*...../(...........%*(,*%....,/#../#....*%( /.....(*.....,*,....(,......../.,......(,......#(.....#...#...........,.....//...&..%, + @/,**.*(....(,%./%.........*%,#.,&.....,(..&.....*%.##.....((.....,/.....*/........(........(,......#(....../../........../.......((.**.*& + (@/,(*..%#....,.,&........................................................................................................#*....../.,%..@ + #%/,(,..**/,..*%..*....................................................................................................,..#,.**(#..#..@ @%/*#*.,....%*.#*%,,...................................................................................................%.........%.,@ + /,(/...,%.%./.*@*,................../&//...................................................,#*................../#*....&*./..%.,@ + &&/,(%..,./.(&....,/,..............,#(/,/. ,..............................................(*,,.,,...............,*..&..*../.,#.,@ + /&/,*%..,%,....*.(&*%............##.,...*&., ,....................................../.#...,,.../................%,..../&,.*,.,@ + ,@/**%*......,&(...&.#................*&..,(,./(,*.............................*..%./*.....#*,............*......,%.*,..&.,/% + @(/*#&..*/@.......%#(%............,/&...,(*#..(#./#.................,*.,.%,, .( ....,*.................,#...,.....(..#,.@* + #&/**&%......,,(&/..*.,................,%..../%(,..........///,#(.,*.....(.#,.,....#(...............%.*..%.....(..%,,,@ + @(/*(&*...*&.((...../%/..................,/(.............*......./##,...(,..#*.....................,#.,..%.*..,/,,@* + #@//*#@..##%..../.%...%....................,............(/.../..(*..,../...................#/.....#..%...,..%..*@ @&(**%@,.,/.,.(*...//...................................%&(................................& &,..*..%,..%,,.@ + @&(*/#&(..((..,.#/....../.*.*.......................................................%.,...%*..%/....%...@. @&(//(&@...%#/.......#/%..*.( /,..........................................*,,...../*%*,...#..../(.,.@. + &@(///%&/...........,/#.....*/##(.....................................,*,........(.%%#,/...%,.,*@ + /@#((/(%&*.....*/..((%...*/#...,*((#&. ,,*///*..............(*.../*.,.*,......&......%#.,,@% + &@((//#%&*...#(**#.../,/...*#*/../,,.*.*...(*,,..((....../,.....,,./........(...%/,,,#@ + @@(((((%%&,....../,/...,.**/..*,*..,,,(/..,,.,.,......(,.....(,..(, ...../%*.,,(@* #@%////#%%&*....#.,(.,#*,..*,...*,./*.....#(........(,....(.......(%/,,,,&@. + .&@#////(#%%&(.....*&&*/*(...*,,..*./,...(...............,/%/,,,,,%@# + #@@/*////(#%%&&/.........,*(#*..(,/*.........,*#%//,,*,,*@@( /@@@(/(////((((###%&&&&%%%%%%%%&%%##(/*******/&@@( ,%@@@@%#((//////******/////(/#%@@@@%, .,***/***,. @@ -17763,7 +18302,7 @@ New /__\ /___\ - [stix import] Parsing observable compositions from external STIX files. [chrisr3d] -- :lock: Made certain settings modifiable via the CLI only. +- [security] Made certain settings modifiable via the CLI only. [iglocska] - some settings are too risky to be exposed, even to site admins, so made them CLI accessible only @@ -17771,7 +18310,7 @@ New rotating config.php handler. [iglocska] Changes -------- +~~~~~~~ - [docs] Added excludeLocalTags to events/restSearch. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [version] bumped. [iglocska] @@ -17789,6 +18328,7 @@ Changes - [travis] Fix perms (?) [Raphaël Vinot] - [travis] Try to fix upload_sample. [Raphaël Vinot] - [PyMISP] Bump version. [Raphaël Vinot] +- [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [travis] more gpg experiments. [Alexandre Dulaunoy] - [travis] It's not my week with GnuPG and OpenPGP. [Alexandre Dulaunoy] @@ -17808,15 +18348,15 @@ Changes - [installer] Added fork checker. [Steve Clement] - [installer] One step closer to "sane" aka. generic os-detection. [Steve Clement] -- [doc] Leveled RHEL7/RHEL8 Install procedure (:construction:) (#4824) [Steve +- [doc] Leveled RHEL7/RHEL8 Install procedure (WiP) (#4824) [Steve Clement] - chg: [doc] Leveled RHEL7/RHEL8 Install procedure (:construction:) + chg: [doc] Leveled RHEL7/RHEL8 Install procedure (WiP) - [installer] Updated Installer. [Steve Clement] - [doc] Updated Debian Install. [Steve Clement] - [doc] More CentOS/RHEL updates towards some sort of installer. [Steve Clement] -- [doc] Leveled RHEL7/RHEL8 Install procedure (:construction:) [Steve Clement] +- [doc] Leveled RHEL7/RHEL8 Install procedure (WiP) [Steve Clement] - [i18n] Updated Russian Translation to >30% (#4821) [Steve Clement] chg: [i18n] Updated Russian Translation to >30% @@ -17874,9 +18414,9 @@ Changes - [relatedEvent:view] Display the number of unique correlation. [mokaddem] - [view:relatedEvents] Improved UI. [mokaddem] -- [relatedEvent:view] Started integration into event:view - :construction:. +- [relatedEvent:view] Started integration into event:view - WiP. [mokaddem] -- [previewEvent] Improved UI of related events - :construction:. [mokaddem] +- [previewEvent] Improved UI of related events - WiP. [mokaddem] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [stix2] Bumped latest version. [chrisr3d] @@ -17922,7 +18462,7 @@ Changes reuse. [iglocska] Fix ---- +~~~ - [stix2 export] Fixed user account pattern creation. [chrisr3d] - [stix2 export] Fixed user account observable extension. [chrisr3d] - [galaxies] several minor issues fixed in the UI. [iglocska] @@ -18187,7 +18727,7 @@ Fix - [shell] ask_o () needed some quotes, regenerated installer. [Steve Clement] - [stix import] Better handling of missing python libraries. [chrisr3d] -- :lock: Fixed an RCE vulnerability with user controled entries +- [security] Fixed an RCE vulnerability with user controled entries being fed to file_exists. [iglocska] - phar protocol paths for php file instructions can lead to RCE via meta-data deserialization @@ -18197,9 +18737,10 @@ Fix - [ajaxTypes] copy pasta fixed. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4841 from SteveClement/guides. [Steve Clement] chg: [doc] Minor update, added known-issues section @@ -18234,6 +18775,7 @@ Other chg: [installer] One step closer to "sane" aka. generic os-detection - Merge branch '2.4' into tools. [Steve Clement] +- Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' into guides. [Steve Clement] - Merge pull request #4822 from Kortho/patch-1. [Andras Iklody] @@ -18242,6 +18784,7 @@ Other changed so the script uses the correct var - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'module_rework2' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] @@ -18324,7 +18867,7 @@ Other rework_modules. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Handling the potential uuids differences. [chrisr3d] +- Wip: [enrichment] Handling the potential uuids differences. [chrisr3d] - We want to be sure the references we add to an event are pointing to the right target, so @@ -18340,17 +18883,17 @@ Other - More care to the references themselves to come - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Avoiding duplicate object attributes. [chrisr3d] +- Wip: [enrichment] Avoiding duplicate object attributes. [chrisr3d] - It concerns obviously the case where we query a module using an attribute within an object as input - More to come about the ObjectReference field that should not be overwritten/duplicated either -- :construction: [enrichment] Passing initial object references as well. +- Wip: [enrichment] Passing initial object references as well. [chrisr3d] - Also testing if the initial object found is not empty -- :construction: [enrichment] Passing the initial object within the request data. +- Wip: [enrichment] Passing the initial object within the request data. [chrisr3d] - Makes its parsing easier afterwards @@ -18358,13 +18901,13 @@ Other new modules results. [chrisr3d] - Also quick indentation fix -- :construction: [hover enrichment] Passing new modules results to the hover +- Wip: [hover enrichment] Passing new modules results to the hover enrichment view. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Support of object references. [chrisr3d] +- Wip: [enrichment] Support of object references. [chrisr3d] - Handling the references between objects and attributes or objects that are displayed in the @@ -18377,18 +18920,18 @@ Other object or attribute is found. - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Returning a status message after the module results +- Wip: [enrichment] Returning a status message after the module results handling is done. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] -- :construction: [enrichment] Saving attributes & objects from module results. +- Wip: [enrichment] Saving attributes & objects from module results. [chrisr3d] - Need to handle specific cases, relationships, and to update the progress status information - Add: [enrichment] Added possibility to get object template version & uuid. [chrisr3d] -- :construction: [enrichment] Capturing objects & attributes. [chrisr3d] +- Wip: [enrichment] Capturing objects & attributes. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into @@ -18404,6 +18947,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix2 export] Added network connection to the mapped objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -18428,10 +18972,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4769 from cvandeplas/2.4. [Andras Iklody] fix: [js] fixes #4678 and javascript errors - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4674 from juju4/devel-globalstrict. [Andras Iklody] @@ -18448,16 +18994,18 @@ Other (minor) aligns the text with app/Controller/Component/BlackListComponent.php - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into tools. [Steve Clement] +- Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.109 (2019-06-13) --------------------- New ---- +~~~ - [eventblacklist] Added search filters. [iglocska] - We really need a DISP - development information sharing platform @@ -18465,7 +19013,7 @@ New [mokaddem] - [statistics:galaxyMatrix] Added filtering capabilities. [mokaddem] - [object:fromAttribute] Started dev on merging selected attributes into - an object - :construction:. [mokaddem] + an object - WiP. [mokaddem] - [API] added new restSearch filter - date. [iglocska] - deprecated to and from @@ -18485,7 +19033,7 @@ New alerts, fixes #4714. [iglocska] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated Installer and chksums to latest (#4740) [Steve @@ -18539,18 +19087,18 @@ Changes - [object:fromAttributes] Created Object from Attribute now works. [mokaddem] - [object:fromAttributes] Shows selected types and started implementaion - of the actual object creation - :construction:. [mokaddem] -- [object:fromAttributes] Added support of form submission - :construction:. + of the actual object creation - WiP. [mokaddem] +- [object:fromAttributes] Added support of form submission - WiP. [mokaddem] -- [object:fromAttributes] Better Attribute filtering - :construction:. [mokaddem] -- [object:fromAttributes] Greatly improved UI - :construction:. [mokaddem] +- [object:fromAttributes] Better Attribute filtering - WiP. [mokaddem] +- [object:fromAttributes] Greatly improved UI - WiP. [mokaddem] - [object:fromAttribute] Continue of web and controller implementation - - :construction:. [mokaddem] + WiP. [mokaddem] - Bumped queryversion. [mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [installer] added missing python zmq lib. [Christophe Vandeplas] - [installer] Commit: https://github.com/MISP/MISP/commit/1716ca7da9d671 a5e103069d4b74c867a17b1020 regressed the installer to an earlier @@ -18578,7 +19126,7 @@ Fix - [object:fromAttributes] Correctly skip non valid attributes. [mokaddem] - [galaxy:add] Fix #4733 (adding galaxies on attribute) [mokaddem] -- :lock: Org admins could reset credentials for site admins. +- [security] Org admins could reset credentials for site admins. [iglocska] - org admins have the inherent ability to reset passwords for all of their org's users @@ -18601,7 +19149,7 @@ Fix from a new instance via an outdated one. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' into guides. [Steve Clement] - Merge pull request #4734 from cvandeplas/2.4. [Steve Clement] @@ -18646,11 +19194,12 @@ Other - Add: [stix import] Supporting additional marking & namespace. [chrisr3d] + v2.4.108 (2019-06-04) --------------------- New ---- +~~~ - [Sync] Add a tool to create MISP sync configuration JSONs and to ingest them, fixes #4696. [iglocska] @@ -18671,15 +19220,17 @@ New unexpected error. [iglocska] Changes -------- +~~~~~~~ - [doc] CentOS 7 updates (#4718) [Steve Clement] chg: [doc] CentOS 7 updates - [doc] CentOS 7 updates chg: [doc] Cake command failing. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [installer] Updated the installer to the latest version. [Steve Clement] @@ -18702,6 +19253,7 @@ Changes - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - Bumped queryversion. [mokaddem] +- Bumped queryversion. [mokaddem] - [font-awesome] Bumped version to 5.8.2 and updated glyphs. [mokaddem] - [doc] adde --no-cache to wget to make sure we always have the la… (#4648) [Steve Clement] @@ -18746,7 +19298,7 @@ Changes Dulaunoy] Fix ---- +~~~ - [UI] Event lock concatinating quoted empty strings. [iglocska] - [UI] Double sanitisation of org view fixed, fixes #4704. [iglocska] - [sync] Further fixes to the deleted flag changes breakig things. @@ -18827,7 +19379,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge pull request #4671 from Kortho/patch-1. [Steve Clement] fixed sql-statement for creating user RHEL @@ -18855,6 +19407,8 @@ Other Remove the import - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4683 from MISP/chrisr3d_patch. [Christian Studer] fix: [freetext import] Fixed shadow attribute import @@ -18895,6 +19449,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #4629 from RichieB2B/ncsc-nl/wipe-exports. [Andras Iklody] @@ -18904,11 +19459,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] + v2.4.107 (2019-05-13) --------------------- New ---- +~~~ - [installer] Added rhash and an sfv file for the installer chg: [installer] Updated installer to latest. [Steve Clement] - [ATT&CK] Added new export system for restsearch for ATT&CK. [iglocska] @@ -18925,11 +19481,11 @@ New - [update] Injected update-related files/changes from zoidberg. [mokaddem] - [yara] Added diagnostics. [iglocska] -- [object:add] UI to propose to merge into similar objects - :construction:. +- [object:add] UI to propose to merge into similar objects - WiP. [mokaddem] Changes -------- +~~~~~~~ - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] fix: MITRE ATT&CK kill-chain missing @@ -19084,18 +19640,18 @@ Changes [mokaddem] - [object] Refacto renamed variables and added comments. [mokaddem] - [object:edit] Added possibility to inject invalid type + UI - improvements - :construction:. [mokaddem] + improvements - WiP. [mokaddem] - [object:revise] Little perf improvement. [mokaddem] - [object:edit] Clean up. [mokaddem] - [object:edit] Avoid duplicating same multiple entries and usage of threshold instead of harcdoded value. [mokaddem] - [object:edit] Added similarity amount between objects. [mokaddem] -- [object:edit] Improved UI and diff recognition - :construction:. [mokaddem] +- [object:edit] Improved UI and diff recognition - WiP. [mokaddem] - [object:edit] Continuation integration with template update and object - merge - :construction:. [mokaddem] + merge - WiP. [mokaddem] - [object:edit] Started integration to allow updating object templates - - :construction:. [mokaddem] -- [object:add] Improved UI for similar objects - :construction:. [mokaddem] + WiP. [mokaddem] +- [object:add] Improved UI for similar objects - WiP. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [doc/misp-modules generic] update the dependency list. [Alexandre Dulaunoy] @@ -19111,7 +19667,7 @@ Changes - [doc] Updates to Debian install document. [Steve Clement] Fix ---- +~~~ - [genericPicker] allow tagging when the ATT&CK Matrix has been opened. [mokaddem] - [object:revise] Removed useless ACL conditions; was failing for users @@ -19173,19 +19729,19 @@ Fix - [UI] Notice errors fixed in the discussion threads. [iglocska] - [bug] Fixed a bug in the update process that caused updates to fail due to an invalid value assigned as default for org_id. [iglocska] -- :lock: Fix persistent xss due to invalid sanitisation of image +- [security] Fix persistent xss due to invalid sanitisation of image names in titles. [iglocska] - triggered by expanding a screenshot - as reported by João Lucas Melo Brasio from Elytron Security S.A. (https://elytronsecurity.com) -- :lock: Fix persistent xss via link type attributes containing +- [security] Fix persistent xss via link type attributes containing javascript:// links. [iglocska] - low impact as it requires user interaction to trigger - as reported by João Lucas Melo Brasio from Elytron Security S.A. (https://elytronsecurity.com) -- :lock: Fix persistent xss via discussion links via javascript:// +- [security] Fix persistent xss via discussion links via javascript:// links. [iglocska] - low impact as it requires user interaction to trigger @@ -19239,7 +19795,7 @@ Fix - [updateSubmodule] Simplified calculation of time difference. [mokaddem] - [object:edit] Removed faulty line. [mokaddem] -- [object:revise] Reverted correct `endif` position - :construction:. [mokaddem] +- [object:revise] Reverted correct `endif` position - WiP. [mokaddem] - [diagnostic:submodules] [Sami Mokaddem] Time difference is correctly calculated. Should solve #4538 @@ -19262,16 +19818,19 @@ Fix ██░░░██──────██░░░██─────██░░░░██ ██░░░░████████░░░░░███████░░░░░██ █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ + █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ + █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ █░░░░░███████████████░░░░░░░░░░░█ █░░░████░░░░░░░░░░░░░░░░░░░░░░░░█ █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ + █░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░█ ██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░██ ░██░░░░░░░░░░░░░░░░░░░░░░░░░░░░█░ ░░███░░░░░░░░░░░░░░░░░░░░░░░░░██░ ░░░░██░░░░░░░░░░░░░░░░░░░░░░░██░░ Other ------ +~~~~~ - Merge pull request #4622 from SteveClement/guides. [Steve Clement] fix: [sql] SQL Syntax error fix @@ -19338,6 +19897,7 @@ Other * TCP-only forces the client over to use TCP. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' into tools. [Steve Clement] @@ -19354,12 +19914,14 @@ Other - Merge branch '2.4' into fix-i18n. [Steve Clement] - Merge branch 'guides' into tools. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'yara2' into 2.4. [iglocska] - Cleaning up imports. [edhoedt] - Yara export. [edhoedt] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4545 from MISP/mergeSimilarObject. [Alexandre Dulaunoy] @@ -19367,12 +19929,14 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into mergeSimilarObject. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] + v2.4.106 (2019-04-25) --------------------- New ---- +~~~ - [tools] Added local forward in case we run under a VM. [Steve Clement] - [tools] Added (official) checksums for the Installer. [Steve Clement] - [row_attribute] Added `title` containing the `event.info` data for the @@ -19394,10 +19958,10 @@ New - [CLI] reset / set a user's API key via the CLI. [iglocska] - [CLI] Change password with the --override_password_change (or -o) flag to avoid forcing a password reset. [iglocska] -- [diagnostic:submodule] Added output message after update - :construction:. +- [diagnostic:submodule] Added output message after update - WiP. [mokaddem] - [CLI] Set default role via the CLI. [iglocska] -- :construction: LinOTP authentication. [Andreas Rammhold] +- WIP LinOTP authentication. [Andreas Rammhold] - [UI] refactor of the asset loading. [iglocska] - [tags] refactor of the tag picker. [iglocska] @@ -19415,7 +19979,7 @@ New - [eventFiltering] Added support of sighting filtering. [mokaddem] Changes -------- +~~~~~~~ - [VERSION] bump. [iglocska] - [doc] Updated RHEL8(BETA) doc, core works, misp-modules do not, LIEF does not. (#4529) [Steve Clement] @@ -19474,6 +20038,7 @@ Changes - [tools] Updated installer. [Steve Clement] - [tools] 19.04 test. [Steve Clement] - [tools] Updated installer. [Steve Clement] +- [tools] Updated installer. [Steve Clement] - [tools] If staff does not exist do not run commands with that group. [Steve Clement] - [tools] Updated installer after doc update. [Steve Clement] @@ -19525,7 +20090,7 @@ Changes outputs. [mokaddem] - [diagnostic:submodules] Added support and feedbacks if workers not available. [mokaddem] -- [diagnostic:submodule] continued sync DB after pull done - :construction:. +- [diagnostic:submodule] continued sync DB after pull done - WiP. [mokaddem] - [diagnostic:submodule] Started integration of update DB after pull with workers. [mokaddem] @@ -19557,7 +20122,7 @@ Changes - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [restClient:querybuilder] bit of cleanup. [mokaddem] - [restClient:querybuilder] Prefil the QB when picking a saved query - - :construction:. [mokaddem] + WiP. [mokaddem] - [INSTALL] Do not touch the auto-generated installation file anymore. [mokaddem] - [viewPicture] Echo base64decoded data with GIF image type as php-gd @@ -19581,7 +20146,7 @@ Changes - [i18n] Fix filename typo. [Steve Clement] Fix ---- +~~~ - [doc] Fixed symlink for kali. [Steve Clement] - [object:edit] attachment field when empty. [mokaddem] - [Sightings] ACL fixed. [iglocska] @@ -19711,7 +20276,7 @@ Fix - [enrichment view] Fixed typo. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -19723,6 +20288,7 @@ Other There was still a problem for matching the search on a cluster name. I have also slightly simplified the construction of the SQL request for better code readability. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4492 from mokaddem/eventViewPerfImprov. [Andras Iklody] @@ -19836,6 +20402,7 @@ Other feature/attribute_references. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4435 from MISP/submoduleUpdatev4. [Steve Clement] Diagnostic - Submodule update v4 @@ -19868,6 +20435,8 @@ Other Small typo - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4430 from SteveClement/guides. [Steve Clement] @@ -19881,7 +20450,7 @@ Other - Add Pipfile and Pipfile.lock. [Georges Toth] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment] Removed debug calls. [chrisr3d] +- Wip: [enrichment] Removed debug calls. [chrisr3d] - Before having new modules fully operational, let us at least not keep only 2 debugs within an @@ -19898,7 +20467,7 @@ Other - Be consistent in quoting table names. [Richard van den Berg] - Merge pull request #4421 from andir/2.4-linotp. [Andras Iklody] - new: :construction: LinOTP authentication + new: WIP LinOTP authentication - Merge pull request #4420 from RichieB2B/ncsc-nl/misp-wipe-update. [Andras Iklody] @@ -19908,6 +20477,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'feature/assetloader' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -19931,9 +20501,9 @@ Other - Update WarninglistsController.php. [Steve Clement] typo -- :construction: [enrichment] Added javascript function to fetch all elements from +- Wip: [enrichment] Added javascript function to fetch all elements from the view. [chrisr3d] -- :construction: [enrichment view] Displaying multiple additional fields. +- Wip: [enrichment view] Displaying multiple additional fields. [chrisr3d] - Object ID of the object containing the attribute @@ -19948,6 +20518,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4390 from couchuser12345/couchuser12345-patch-1. [Steve Clement] @@ -19971,14 +20542,15 @@ Other - We can now disable correlation on attributes from the resolved attributes view -- :construction: [enrichment view] Reordered different elements and classes. +- Wip: [enrichment view] Reordered different elements and classes. [chrisr3d] - Making the next step iterations easier - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- :construction: [enrichment view] Displaying Object References information. +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Wip: [enrichment view] Displaying Object References information. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into i18n. [Steve Clement] @@ -20003,12 +20575,14 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into sightingFiltering. [mokaddem] - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] + v2.4.105 (2019-03-28) --------------------- New ---- +~~~ - [diagnostic] Fetch submodules git status. [mokaddem] - [export] Replaced the old non-cached export page. [iglocska] @@ -20024,11 +20598,11 @@ New - [UI] Move to FA 5. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [diagnostic] Added reload button for submodules git status. [mokaddem] - [diagnostic] Changed submodule header table text. [mokaddem] -- [submodules] added skeleton for submodules git status - :construction:. +- [submodules] added skeleton for submodules git status - WiP. [mokaddem] - Additional Russian translation. [4ekin] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] @@ -20043,8 +20617,8 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ---- -- :lock: Fix to a reflected XSS in the default layout template. +~~~ +- [security] Fix to a reflected XSS in the default layout template. [iglocska] - as reported by Tuscany Internet eXchange | Misp Team | TIX CyberSecurity @@ -20104,7 +20678,7 @@ Fix set, fixes #4355. [iglocska] Other ------ +~~~~~ - Merge pull request #4337 from mokaddem/submoduleDiagnostic. [Steve Clement] @@ -20133,29 +20707,31 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- :construction: [enrichment view] Displaying sharing group distribution if +- Wip: [enrichment view] Displaying sharing group distribution if needed. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment view] Test returning data from the new form. +- Wip: [enrichment view] Test returning data from the new form. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment view] Made IDS, comment and distribution changeable. +- Wip: [enrichment view] Made IDS, comment and distribution changeable. [chrisr3d] - Applied on each attribute and object attribute returned as part of the module results - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #4351 from 4ekin/fix-i18n. [Andras Iklody] Fix i18n in Controllers and Views + v2.4.104 (2019-03-21) --------------------- New ---- +~~~ - [cluster] Display heatmap on the Att&ck Matrix for all tagged data. fix #4344. [mokaddem] - [tagging] Stop pre-populating forms for tagging / attaching of @@ -20183,12 +20759,12 @@ New - [Feeds] New overlap tool finished. [iglocska] - compare a feed against a combination of feeds/servers to find if you can cover the contents with a combination of other cached feeds -- [Feeds] Implementation of the feed coverage tool (:construction:) [iglocska] +- [Feeds] Implementation of the feed coverage tool (WIP) [iglocska] - [API] Add pagination related parameters to event index, fixes #4270. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] @@ -20198,9 +20774,9 @@ Changes - [distributionNetwork] Prevent interactive picking in event index. [mokaddem] - [distributionNetwork] Improved consistency in event index and improved - UX - :construction:. [mokaddem] + UX - WiP. [mokaddem] - [distributionNetwork] Added missing JS. [mokaddem] -- [distributionNetwork] Integration with event index - :construction:. [mokaddem] +- [distributionNetwork] Integration with event index - WiP. [mokaddem] - [distributionGraph] Added bar chart and deferred distribution data fetching process. [mokaddem] - [distributionGraphNetwork] Improved sharing accuracy. [mokaddem] @@ -20215,9 +20791,9 @@ Changes [mokaddem] - [distributionGraph] Added interactive plotting feature. [mokaddem] - [distributionGraph] Pin node after drag. [mokaddem] -- [distributionGraph] Added support of sharing group - :construction:. [mokaddem] +- [distributionGraph] Added support of sharing group - WiP. [mokaddem] - [distributionGraph] Continuation of integration, basic distribution is - supported - :construction:. [mokaddem] + supported - WiP. [mokaddem] - [distributionGraph] Started advanced distribution view. [mokaddem] - [distributionGraph] Replaced all tabs by spaces. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] @@ -20226,6 +20802,7 @@ Changes - splitting of some nastier unreadable functions - added interactive mode - [REST] Disable all SSL validation if requested by the user. [iglocska] +- [REST] Disable all SSL validation if requested by the user. [iglocska] - [Training script] Improvements. [iglocska] - Create reverse sync accounts/link on demand @@ -20248,15 +20825,15 @@ Changes - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version (LS19 exercise) [Alexandre Dulaunoy] -- [tools] misp-restore updates. Still :construction:. Not working ATM. [Steve +- [tools] misp-restore updates. Still WIP. Not working ATM. [Steve Clement] - [tools] Various changes to the misp-backup script to make it more - stable. Still :construction:. [Steve Clement] + stable. Still WIP. [Steve Clement] - [workers] Worker start script has initial support to only restart the workers that are not running. [Steve Clement] Fix ---- +~~~ - [tools] Fixed empty variable check function. [Steve Clement] - [stix2 export] Fixed comma typo. [chrisr3d] - [stix2 export] Support of previous versions of python that are more @@ -20337,7 +20914,7 @@ Fix - bro still hasn't been migrated to restsearch - the exception for this in the caching algorithm called the wrong function -- [tools] misp-restore works a little better... still :construction:. [Steve +- [tools] misp-restore works a little better... still WiP. [Steve Clement] - [i18n] Stray file removed. [Steve Clement] - [UI] Missing org logos added to statistics -> organisations page, @@ -20346,7 +20923,7 @@ Fix - Events index filter button i18n bug. [4ekin] Other ------ +~~~~~ - Merge pull request #4349 from SteveClement/tools. [Steve Clement] fix: [tools] Fixed empty variable check function @@ -20358,7 +20935,7 @@ Other new: [cluster] Display heatmap on the Att&ck Matrix for all tagged data. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: [enrichment view] First version of the view for objects & +- Wip: [enrichment view] First version of the view for objects & attributes returned from misp modules. [chrisr3d] - Visualization atm @@ -20395,7 +20972,7 @@ Other - Replacing freetext results when no simplified format is returned as module result - Actual results view coming soon -- :construction: [enrichment] Handling module results and passing it to the view. +- Wip: [enrichment] Handling module results and passing it to the view. [chrisr3d] - Work in progress on the view right now @@ -20422,7 +20999,7 @@ Other - Merge remote-tracking branch 'origin/2.4' into extendedDistributionGraph. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] -- :construction: [enrichment] Capturing attributes & objects returned by modules. +- Wip: [enrichment] Capturing attributes & objects returned by modules. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -20445,19 +21022,19 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] -- :construction: [hover enrichment] Started changing hover enrichment as well. +- Wip: [hover enrichment] Started changing hover enrichment as well. [chrisr3d] - As for enrichment modules, it does not change the support of the current modules, and should not interfere with them either -- :construction: [enrichment] Started changing enrichment modules. [chrisr3d] +- Wip: [enrichment] Started changing enrichment modules. [chrisr3d] - Passing full attributes to the new modules - No changes for the currently used modules - Using a parameter to specify which format to use - Current format used if no parameter is set - :warning: :construction:, more to be updated soon :warning: + /!\ WIP, more to be updated soon /!\ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -20465,12 +21042,14 @@ Other Dulaunoy] - Merge pull request #4285 from SteveClement/tools. [Steve Clement] - chg: [tools] More work on misp-restore, still :construction: but a little more functional + chg: [tools] More work on misp-restore, still WiP but a little more functional - Merge branch '2.4' into tools. [Steve Clement] - Merge pull request #4276 from SteveClement/i18n. [Steve Clement] chg: [i18n] Various updates to translations, most notably French is at 100% again. - Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] +- Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -20499,11 +21078,12 @@ Other chg: [Tools] misp-backup/-restore improvements, quality of life improvements of worker start.sh + v2.4.103 (2019-03-04) --------------------- New ---- +~~~ - Added ldapEmailField example and exaplanation. [iwitz] - Add ldapEmailField config option. [iwitz] @@ -20534,7 +21114,7 @@ New - [UI] Added javascript to support the index filtering. [iglocska] - [UI] Tied the index filter system into all indeces. [iglocska] - - :construction:: Event view + - WIP: Event view - [UI] Added new system to template index filters. [iglocska] - [setting] Use the new setting to set the urls to the current instance on sharing groups when pushing the info via the API. [iglocska] @@ -20547,7 +21127,7 @@ New - [eventFiltering] Added support of toIDS. [mokaddem] - [eventFiltering] Added support of server and feed hits filtering. [mokaddem] -- [eventView] Attribute filtering tool - :construction:. [mokaddem] +- [eventView] Attribute filtering tool - WIP. [mokaddem] - Add pre-pagination result count to headers. [Hannah Ward] Fixes #4161 @@ -20587,7 +21167,7 @@ New - [tools] Experimental tool to upgrade MISP via GitHub. [Steve Clement] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - Remove debug. [mokaddem] - Reduce complexity of authenticate function. [iwitz] @@ -20676,7 +21256,7 @@ Changes - [eventFiltering] IU/UX Improvements. [mokaddem] - [tags] Improved perfs on tag retrieval (all tags belonging to an event) [mokaddem] -- [eventFiltering] Started integration of tag filtering - :construction:. +- [eventFiltering] Started integration of tag filtering - WiP. [mokaddem] - [eventFiltering] Prevent multiple `searchFor` entries. [mokaddem] - [eventfiltering] Added more sanitization. [mokaddem] @@ -20686,18 +21266,18 @@ Changes - [eventFiltering] Simplified filtering conditions and fixed `deletion` proposal layout. [mokaddem] - [eventFiltering] First version on the event filter tool. [mokaddem] -- [eventFiltering] :construction: - UI displays all elements. [mokaddem] -- [eventFiltering] :construction: - Simplified filtering conditions. [mokaddem] -- [eventFiltering] :construction: - fixed filtering bugs and improved warning +- [eventFiltering] WIP - UI displays all elements. [mokaddem] +- [eventFiltering] WIP - Simplified filtering conditions. [mokaddem] +- [eventFiltering] WIP - fixed filtering bugs and improved warning filtering. [mokaddem] -- [eventFiltering] :construction: -Improved filtering and UI. [mokaddem] -- [eventFiltering] :construction: - Integrating new filtering behavior into Model. +- [eventFiltering] WIP -Improved filtering and UI. [mokaddem] +- [eventFiltering] WIP - Integrating new filtering behavior into Model. [mokaddem] - [eventFiltering] Bumped flag skip_empty. [mokaddem] - [eventFiltering] Moved searchFor to the top. [mokaddem] -- [eventFiltering] Improved UI - :construction:. [mokaddem] +- [eventFiltering] Improved UI - WIP. [mokaddem] - [eventFiltering] Improved UI and added filter link. [mokaddem] -- [eventFiltering] Improved filtering tool - :construction:. [mokaddem] +- [eventFiltering] Improved filtering tool - WIP. [mokaddem] - [eventFiltering] renamed file. [mokaddem] - [eventView] moved attribute filtering tool in its own file. [mokaddem] - Simplified condition 2. [mokaddem] @@ -20718,9 +21298,11 @@ Changes - [galaxies] Updated view to support `kill_chain_order` [mokaddem] - [attackMatrix] Improved layout + fixed bug (carret on scale do not go out of bound anymore) [mokaddem] -- [attackMatrix] UI: improved color scale - :construction:. [mokaddem] +- [attackMatrix] UI: improved color scale - WiP. [mokaddem] - [attackMatrix] Updated the matrix to match the changes in the mitre - galaxies and improved layout - :construction:. [mokaddem] + galaxies and improved layout - WiP. [mokaddem] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Security warning at step 5. [iwitz] @@ -20812,7 +21394,7 @@ Changes - [tools] Made it a little more universal. [Steve Clement] Fix ---- +~~~ - [API] hacky fix to capitalisation issues between the old /events/index camelcased parameters and the newer lowercased one, fixes #3855. [iglocska] @@ -20997,6 +21579,7 @@ Fix - [UI] UI experts at work. [iglocska] - [UI] small fix. [iglocska] - [ui] small fix. [iglocska] +- [ui] small fix. [iglocska] - Disable stix test with PyMISP on travis. [Raphaël Vinot] - [generic_picker] fix #4083. When picking, force exact match (instead of `contains`) [mokaddem] @@ -21007,7 +21590,7 @@ Fix - not enforced yet Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3827 from MISP/fix3819. [Steve Clement] @@ -21056,6 +21639,7 @@ Other chg: [tools] Various updates to CLI tools - Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -21064,6 +21648,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4203 from eCrimeLabs/2.4. [Andras Iklody] Update defaults.json (Phishtank - Exclude through regex) @@ -21179,6 +21764,7 @@ Other new: [installer] MISP has now an Install Script for Ubuntu 18.04 - 18.10 and Kali - Merge branch '2.4' into guides. [Steve Clement] +- Merge branch '2.4' into guides. [Steve Clement] - Merge pull request #4146 from hackunagi/2.4. [Alexandre Dulaunoy] Fix on folder with misp.local.key @@ -21206,8 +21792,10 @@ Other Error to create ssl keys, while following procedures. The steps to create openssl private keys on line 335 point to file in /etc/pki/tls/certs/misp.local.key, while later in line 338 it looks for file in /etc/pki/tls/certs/misp.local.key. + ### Steps to reproduce the behavior + ### Logs, screenshots, configuration dump, ... - Merge pull request #1 from MISP/2.4. [Carlos Borges] @@ -21240,6 +21828,8 @@ Other fix: Typo in tag ID query - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4128 from iwitz/add-systemd-unit-rhel7. [Steve Clement] @@ -21287,11 +21877,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.102 (2019-02-01) --------------------- New ---- +~~~ - [kali] Added debug function and breakpoints. [Steve Clement] - [doc] Initial MISP with Letsencrypt doc. [Steve Clement] - [installer] Initial bash installer functions. [Steve Clement] @@ -21313,7 +21904,7 @@ New - [Tag collections] Export/import tag collections added. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Added more comments and implemented base parameter logic. @@ -21387,9 +21978,9 @@ Changes - [generic_picker] added support of infoExtra for pills. [mokaddem] - [generic_picker] moved sanitization to views. [mokaddem] - [generic_picker] all view using the generic_picker now use the - generic_picker view elements - :construction:. [mokaddem] + generic_picker view elements - WIP. [mokaddem] - [generic_picker] use php generic_picker elements for constructing the - template server side. - :construction:. [mokaddem] + template server side. - WIP. [mokaddem] Previously, it was done client side - [doc] Fix kali script, php7.2 was used by apache. Add reference to @@ -21404,7 +21995,7 @@ Changes - [query] Query string bump. [iglocska] Fix ---- +~~~ - [restsearch] CSV special parameters added to the URL parameters. [iglocska] - [stix 1&2 export] Switched attachment parameter to make it work. @@ -21562,7 +22153,7 @@ Fix exported as labels Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #4075 from obert01/cluster-detach-accessibility. [Andras Iklody] @@ -21570,6 +22161,8 @@ Other clusters. [Olivier BERT] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -21590,17 +22183,22 @@ Other This reverts commit 66037a36c55c66d4d2fe41f71619bc79e27dfdc5. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3995 from patriziotufarolo/2.4. [Andras Iklody] fix: check also event.org_id when validating event ownership in order to fetch attributes. Fixes #1918 - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #4053 from Rafiot/pipenv. [Raphaël Vinot] chg: Pump PyMISP, use pipenv in travis @@ -21642,25 +22240,27 @@ Other add php 7.3 to travis - Add php 7.3 to travis. [Andrey Bolonin] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.101 (2019-01-20) --------------------- New ---- +~~~ - [feeds] Opened up feed inspection to host org users and added servers to overlap matrix. [iglocska] - [remote caching] First release version of the remote caching. [iglocska] -- [server caching] Initial version :construction:. [iglocska] +- [server caching] Initial version WIP. [iglocska] - [UI] PopoverConfirm now support shortcut (/+ to submit and to Cancel) [mokaddem] - [attackMatrix] Added support of chosen in the ATT&CK Matrix. [mokaddem] - [addObject] adding objects is done via the generic_picker. [mokaddem] - [galaxy] Added bulk galaxy tagging. [mokaddem] -- [UI] generic_picker - :construction:. [mokaddem] +- [UI] generic_picker - WIP. [mokaddem] - [cache export] Added the includeEventUuid flag to the output. [iglocska] - [publishing] Unpublish function added. [iglocska] @@ -21684,13 +22284,13 @@ New - [tag collections] Added missing views. [iglocska] - [tag collections] Renamed tagCollectionElement to tagCollectionTag. [iglocska] -- [tag collections] :construction:. [iglocska] -- [:construction:] tag collections :construction:. [iglocska] +- [tag collections] WIP. [iglocska] +- [WIP] tag collections WIP. [iglocska] - [tag_collections] Added db upgrade. [iglocska] - [Tag collections] Added boilerplate models. [iglocska] Changes -------- +~~~~~~~ - [remote cache] Further progress on caching remote instances. [iglocska] - [tagging] Added more ordering while displaying results. [mokaddem] @@ -21705,35 +22305,35 @@ Changes So that the focus is not done when clicking on it - [attackMatrix] removed useless view. [mokaddem] -- [UI] :construction: - generic_picker improved title management of popover. +- [UI] WIP - generic_picker improved title management of popover. [mokaddem] -- [UI] :construction: - generic_picker remove popover on tag deletion. [mokaddem] -- [UI] :construction: - generic_picker popover is attached to body. [mokaddem] +- [UI] WIP - generic_picker remove popover on tag deletion. [mokaddem] +- [UI] WIP - generic_picker popover is attached to body. [mokaddem] Needed to add reference to the original node that toggle the popover -- [UI] :construction: - generic_picker slightly improved tag template. [mokaddem] -- [UI] :construction: - generic_picker replaced galaxy deletion alert by confirm +- [UI] WIP - generic_picker slightly improved tag template. [mokaddem] +- [UI] WIP - generic_picker replaced galaxy deletion alert by confirm popover. [mokaddem] -- [UI] :construction: - generic_picker deleting tags uses popover. [mokaddem] -- [UI] :construction: - generic_picker add warning message if number of option is +- [UI] WIP - generic_picker deleting tags uses popover. [mokaddem] +- [UI] WIP - generic_picker add warning message if number of option is to large. [mokaddem] -- [UI] :construction: - generic_picker filter galaxies by synonyms. [mokaddem] -- [UI] :construction: - generic_picker display expanded taxonomy info. [mokaddem] -- [UI] :construction: - generic_picker added tag styling and additional data in +- [UI] WIP - generic_picker filter galaxies by synonyms. [mokaddem] +- [UI] WIP - generic_picker display expanded taxonomy info. [mokaddem] +- [UI] WIP - generic_picker added tag styling and additional data in option. [mokaddem] -- [UI] :construction: - generic_picker automatically switch to submit pills if +- [UI] WIP - generic_picker automatically switch to submit pills if applicable. [mokaddem] -- [UI] :construction: - generic_picker added custom chosen event to support +- [UI] WIP - generic_picker added custom chosen event to support redrawing after searches. [mokaddem] -- [UI] :construction: - generic_picker prevnet drawing empty option. [mokaddem] -- [UI] :construction: - generic_picker improved template (show more fields) +- [UI] WIP - generic_picker prevnet drawing empty option. [mokaddem] +- [UI] WIP - generic_picker improved template (show more fields) [mokaddem] -- [UI] :construction: - generic_picker added templating system for select options. +- [UI] WIP - generic_picker added templating system for select options. [mokaddem] -- [tagging] :construction: - bulk galaxy tagging on attribute and event. [mokaddem] -- [tagging] :construction: - bulk tagging via generic picker on event and complete +- [tagging] WIP - bulk galaxy tagging on attribute and event. [mokaddem] +- [tagging] WIP - bulk tagging via generic picker on event and complete support for TagCollection. [mokaddem] -- [tagging] :construction: - bulk tagging via generic picker on tag level. +- [tagging] WIP - bulk tagging via generic picker on tag level. [mokaddem] - [taxonomy choice] replace old popup view by the generic pre-picker. [mokaddem] @@ -21793,7 +22393,7 @@ Changes - [generic index] Fixed scoping issue with rows. [iglocska] Fix ---- +~~~ - [caching] Some minor fixes. [iglocska] - [ACL] ACL updated. [iglocska] - [AttackMatrix] Stopped comparing string with integer. [mokaddem] @@ -21898,7 +22498,7 @@ Fix - [api] editing organisation attributes, other than name. [Jan Skalny] - [galaxies] Some minor fixes with the ajaxification. [iglocska] - [galaxies] added new view that wasn't finished for the previous commit - (stil :construction:) [iglocska] + (stil WIP) [iglocska] - [over-sanitisation] cleared up over-sanitised message in the events controller. [iglocska] - [ACL] Added missing function. [iglocska] @@ -21920,9 +22520,10 @@ Fix - [js] Various fixes with adding/removing tags. [iglocska] Other ------ +~~~~~ - Merge branch 'features/server_caching' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'UISelector' into 2.4. [mokaddem] - Merge branch '2.4' into UISelector. [mokaddem] @@ -21930,7 +22531,7 @@ Other tag collection. [mokaddem] - New/fix: [MassEdit] Allow addition/deletion of tags and clusters on selected attributes + Lots of usage bug fixes. [mokaddem] -- [UI] generic_picker merged the pre_picker into the picker - :construction:. +- [UI] generic_picker merged the pre_picker into the picker - WIP. [mokaddem] - Merge pull request #4028 from SteveClement/guides. [Steve Clement] @@ -21955,6 +22556,7 @@ Other STIX files at attribute level. [chrisr3d] - Add: Added stix2 scripts subdirectory to gitignore. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #3989 from cvandeplas/2.4. [Andras Iklody] @@ -21968,11 +22570,12 @@ Other fix: [api] editing organisation attributes, other than name - Merge branch '2.4' into tag_collections. [iglocska] + v2.4.100 (2018-12-31) --------------------- New ---- +~~~ - [restClient] Added support of URL param in the querybuilder widget. [mokaddem] - [restClient] Transform query to json, more descriptions and layout @@ -21991,10 +22594,12 @@ New longer using double-click. [Sami Mokaddem] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [restClient] small css change. [Sami Mokaddem] - [restClient] Still show help for nested parameters instead of crashing. [Sami Mokaddem] @@ -22019,6 +22624,7 @@ Changes - [rest client] added some overwrite functions. [mokaddem] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [Objects] Sorts object references types in add reference form (#3969) @@ -22039,7 +22645,7 @@ Changes - [quickEditHover] change variable scope to local. [Sami Mokaddem] - [eventGraph] added fail save if requiredOneOff is not set. [Sami Mokaddem] -- [:construction:] added function meant to resolve id vs uuid issues for the UI +- [WIP] added function meant to resolve id vs uuid issues for the UI attribute search. [iglocska] - still needs some love @@ -22052,7 +22658,7 @@ Changes - Bump PyMISP. [Raphaël Vinot] Fix ---- +~~~ - [cleanup] Fixed a few issues. [iglocska] - unnecesary access to controller from component fixed (load component instead) @@ -22152,7 +22758,7 @@ Fix otherwise Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3974 from eCrimeLabs/2.4. [Alexandre Dulaunoy] @@ -22174,6 +22780,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3956 from dawid-czarnecki/fix/disable_correlation. [Andras Iklody] @@ -22225,11 +22832,12 @@ Other according to http://php.net/manual/de/exception.getmessage.php , the parenthesis are required - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.99 (2018-12-06) -------------------- New ---- +~~~ - [usability] Object templates view also accepts uuid as input vector. [iglocska] - [UI] Added warning for users not to edit events as site admins. @@ -22240,7 +22848,7 @@ New - [ReST] Added statistics. [iglocska] Changes -------- +~~~~~~~ - [version] bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] @@ -22251,9 +22859,10 @@ Changes config fix: [doc] Fixed symlink to Ubuntu webmin instructions. [Steve Clement] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] Fix ---- +~~~ - [stix import] Fixed missing event fields import. [chrisr3d] - Such as event info, event date and so on @@ -22302,7 +22911,7 @@ Fix - as notified by @a1ext Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #3912 from Sh3idan/fix-incoherence-types-and- @@ -22348,11 +22957,12 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.98 (2018-11-26) -------------------- New ---- +~~~ - [server settings] Added automatic backup system for the server settings. [iglocska] - [UI] Explain what caching vs fetching feeds means. [iglocska] @@ -22404,7 +23014,7 @@ New - [statistics] Added local org and user/org counts. [iglocska] Changes -------- +~~~~~~~ - [bro] Preparation for the move to restsearch. [iglocska] - also fixed some edge-case issues @@ -22416,6 +23026,7 @@ Changes - Bump PyMISP, because I like it... [Raphaël Vinot] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [doc] More hardening ressources. [Steve Clement] - [doc] Added hardening section. [Steve Clement] - [documentation] Documented the freetext import API on the automation @@ -22427,6 +23038,7 @@ Changes [Steve Clement] - Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [diag] Added warning message if getCurrentBranch() in Model/Server.php returns empty. [Steve Clement] - [contact email] Aligned button colours with the rest of the UI. @@ -22446,7 +23058,7 @@ Changes (Works on FreeBSD 12.0BETA4) [Steve Clement] - [documentation] Link to the rest client from the automation page. [iglocska] -- [seach] :construction:, more work on the attribute search's JS components. +- [seach] WIP, more work on the attribute search's JS components. [iglocska] - [search] Further progress on the attribute search UI. [iglocska] - [taxonomies] added the exercise taxonomy from CSIRT network @@ -22463,6 +23075,7 @@ Changes Dulaunoy] - [enrichment] Linebreak handling for enrichment hovers. [iglocska] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [doc] Fixed folder typo. [Steve Clement] - [doc] Added Tsurugi Linux to Index and changed some minor issue. [Steve Clement] @@ -22485,6 +23098,7 @@ Changes previously setup in the documentation) [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [doc] ${PATH_TO_MISP} everywhere. Added more granular php etc variable. [Steve Clement] - [doc] Added more notices on misp-dashboard on Ubuntu 16.04. [Steve @@ -22506,7 +23120,7 @@ Changes /restSearch) [Alexandre Dulaunoy] Fix ---- +~~~ - [ACL] ACL updated. [iglocska] - Fixed header description value fetching. [chrisr3d] - [sync] Fixed a blocking bug preventing a full push from working with @@ -22553,7 +23167,7 @@ Fix - [stix import] Fixed uuid fetching. [chrisr3d] - [missing files] added missing templates. [iglocska] - [attribute search] Fixed invalid JS calls introduced as part of the - rework (:construction:) [iglocska] + rework (WiP) [iglocska] - [api] Invalid handling of empty parameters in the built in parameter builder. [iglocska] - [tags] showAttributeTag function now correctly culls galaxy tags. @@ -22613,7 +23227,7 @@ Fix - Also improved the loop iterating through reports - [stix2 import] Try-catching Report objects creator reference. [chrisr3d] -- \#3774 [restResponse] added missing `includeEventTags` entry. +- #3774 [restResponse] added missing `includeEventTags` entry. [mokaddem] - [doc] Added note about WSGI issues on Ubuntu 16.04 chg: [doc] Changelog.md updated to latest. [Steve Clement] @@ -22639,7 +23253,7 @@ Fix that can include multiple MISP events Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'mactime_merge' into 2.4. [iglocska] @@ -22696,6 +23310,12 @@ Other fix: [tools] misp-restore.sh incorrectly validating 'BackupFile' from… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Steve Clement] - Merge branch 'contact' into 2.4. [iglocska] - Merge branch '2.4' into contact. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -22753,11 +23373,22 @@ Other new: [doc] Added Tsurugi Linux install script - Merge branch '2.4' into guides. [Steve Clement] +- Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #3821 from StefanKelm/2.4. [Andras Iklody] super tiny typos - Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] - Merge pull request #3828 from SteveClement/guides. [Steve Clement] chg: [doc] ${PATH_TO_MISP} everywhere. Added more granular php etc var @@ -22795,15 +23426,16 @@ Other - Mapping of markings - More to come with the same operation for individual objects + v2.4.97 (2018-10-29) -------------------- New ---- +~~~ - [sighting/api] xml output format + improved error feedback. [Sami Mokaddem] - [sighting/api] trying to follow the new API architecture. JSON export - is broken but CSV is working. :construction:... [Sami Mokaddem] + is broken but CSV is working. WIP... [Sami Mokaddem] - [Sightings/API] Added possiblity to get sightings based on a timerange/source/... [Sami Mokaddem] - [docs] Added new sub-sections in seperate files that are shared @@ -22853,8 +23485,116 @@ New - [related tags] View the related tags of attributes on the event view (via a toggle) [iglocska] + ,,.,,+zznzzzzzzzzzzzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMMMMMMMMxMxMMWMMMWMMz*ii****iiiiiiiii**iiii,.... + ,,.,,#zzzzzzzzzzzzzzzzzzzzzzzznxMMMMMWMMMMMMMMMMMMMMMMMMxMxMMMWWWWWWWWx+*iii*iiiiiiiii*iiiii,,,.. + ,,,,,#zzzzzzzzzzzzzzzzzzzzzzznMWWMMMMMMMMMMMMMMMMMMMMMMMWWMxnnzxxMWWWWMn*iiiiiiiiiiiiiiiiiii..,.. + ,,,,,#znzzzzzzzzzzzzzzzzzzzznMMMMMMWWWWMMMMMMMMMMMMMMMMWWWMMMxnxxxxMMMMW#*iiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzzznMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMWxMMMMMMxxxxnxxz*iiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWMWWWWMWMMMxxxni*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzznMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWWMMWWMWMMWWWMMMni*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzzzxWMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMMWMMMMMMWMWWMMMMMz*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznzzznMMMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMMMMMWWWWMMMMMMMMMWn*iiiiiiiiiiii*i,.,., + ,,.,,#zzzzzzzzzzzzzzznzzzxMMMMMMMMMMMWMMMMMMMMMMMMMMMMMMMMMWWWWWWWWWWWMMMMMWWM+*iiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzzznzznMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMWWWWWWWWWWWWWMMWWn*iiiiiiiiii*i,.,., + ,,.,,#zzzzzzzzzzznzzzznzxMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMMMWWWWMMWWWWWMMMM**iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzznMMMMMMMMMMMMMWMMMMMWMMMMMMMMMMMMMMWWWWWMMMMMMMMWWWWWMWM#iiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWWWWWWWWWWMMMMMMMWWWWMzi*iiiiiiii*i,.,., + ,,.,,#zzzzzzzzzzzzzzzzzMMMMMMMMMMMMMMMWMnzxMMMMMMMMMMMMMWWWWWWWWWWWWMMMMMMMWWWWni*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzWMMMMMMMMMMMMMMMnnzznxMWMMMMMMMMMMWWWWWWWWWWWWWWWWWMMWWMn**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzMMMMMMMMMMMWMMMMzz#+#znxMWMMMMMMMMMMMMMWWWWWWWWWWWWWMWWMn**iiiiiiii*i,.,,, + ,,.,,#zzzzzzzzzzzzzzzzzxMMMMMMMMMMMMMMxz#*i**+zznMMMMMMMMMMMMMMMWWWWWWWMWWWWWWWx**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzxMMMMMMMMMMWWMMn#*iii*i*+znxMWMMMMMMMMMMMMWWWWWMMMMMMMMMM+*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzznMWMMMMMMMMMMMMn#*iiii*i*i+#znMMWWMMMMMWMWMMWWWMMMMMMMMWWx+iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzMMMMMMMMMMMMMx#i*iii**iiii*#znxMWMMMMMMMMMMMWWMMMMWWWWWWniiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznzMMMMMMMMMMMMxn+ii**i**iiii*i*zznMMMMMMMMMMMMMMMMMxMWWWMMx*iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznnMMMMMMMMMMMMxz*ii*iiiiiiiii:;*+znMWMMMMMMMMMMMMMMMMMWWWMx**iiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzzzzzznMMMMMMMMMMMMMn+ii*iiiii**;;:.:i*zznxMMMMMMMMMMMMMMWWWWWWni*ii**iiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzxMMMMMMMMMMMMMn*ii*iii*i;:,.,..,.,;+znxxMMMMMMMMMMMMMMWWWziiii**iiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznxMMMMMMMMMMMMxzi*ii*ii*;,,,,,,,,,,,,:i*i#znnnxMWWMMMMMMMWn*iii*iiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznxMMMMMMMMMMMMz*i*i*i*;:,.,,,,,,,,,,,,.,,,;i*#zznxMMMMMMWWM+iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMWMMMMMMMMx#iii*i*i:.,.,,,.,.,,,,,,,,,,,,,,;i#znxMMMMMWM+iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMWMMMMMMMMx#iiiiii:.,,.,,.......,,,,..,,,,,,,,iznxMMMMWM*iiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMMMMMMMMMMx#ii*ii:.,,,,,,..........,.....,,,,,,:*#MMMMWxi*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzMMMMMMMMMMMMn+i*i;:,.,,,......,.............,....,,;xMMMWniiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznzzMMMMMMMMMWMn+iiii;,,,,,,.,..........,....,.,...,,,,.zMMMMxiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznznMMMMMMMMMMnz*iiii:,,,,,,,,,,,,................,,,...zMMMMzi*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznznMMMMMMMMMxzz**ii;..,,,.,,,,,,.................,,,...nMMMM#**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznzzMMMMMMMWxzzz+iii:.,,,,.,,,,,....,............,,,,..,nMMWx*iiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznznMMMMMMMWnzzzn+i*,...,,..,,,.,..,.,...,........,,,.,;MWMM+iiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMMMMMWnzzzzzzii*++++z+;,,,.,,,,,,,,,...,.....,...;MWMxii**iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznMMMMMMMWnzzznzzzzznnnzzzn#i,,,.,...................,MWM#iii*iiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzxMMMMMMMMzz+#znzznznMWWMMWMx#i:,,,,,,,,,,,,,,.,,..,,:MMx*iiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzxMMMMMMMxzz**#znMMnnxxxxxMWWWMnz;,,,,,.,.,,,,,,,,,,,,MMziiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzMMMMxMMMnzz*ii#nWWWWMWWnMMMWWWWWn*,,;i;i;**+#zzz+i,,,Mx*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzMMMMMMMxzzzi*;,+xWWMnxMnx+xMWWMWWn,.,znMMMxxMMMMxni:*Mziiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzznxnxMMMMxznziii.,:+nxiinn*.iMMMWMM+,,.*WWWWWWM#:,:#z##M*iiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzznxzMWMMMxznziii,..,+#n:,:,,,izzMM#;,,,+WWWWWzxn+i,:zzzMi**iiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzznnzxMMMMxzz#ii;,,,,:**++i::,:::zx;,,,,#MM#zxxMznWx#+izxiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzxnzMWMMMnzzz*i:.,,,,,,,i;i;,,.,*n,,,,,+#+::#n*,#xni,,zniiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzxnzMMMMWnzzz**;..,,,.,..,;,,,,,;n,.,,:*;,:::,,,:*,.,,n#i*iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzznxzMWMMMnzzz**i,..,,.,,,,,,,,,,+#,...,i,.,;**++*:.,,:x***iiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznzznnxWWMxnzzzz+*i,,,,,.,,,,,,,,,:z;,,..,:..,,,,::.,..,;xi*iiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzznxxxzzzzzz+ii,...,.,,,,,,.,,+zi.,,.,,.,,.,,..,,,,,++iiiiiiiiiiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzzzzzzzznMzzzznz#ii:.,.,..,,,,,,,izn:,..,.,,..,...,,.,,,#*iiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzznxzzzzzz#ii;.,.,..,,,,.,:zzz,,..,,,,.,...,,,,,,:+*iiiiiiiiiiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzzzzzznzxxzzzznzz*i;..,,,.,,,,..;zz*..,.,,,,........,.,**iiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzznzxMnzzznzz*ii,.,,,,,,,,,,ii:,,,,,,,,,,,,,,.,,.,;+*iiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzxMzzzzzzz**i,,.,..,,,,,;*:*,,,.,,...,,,,,,.,,,**iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzzzzzMMnnzzzzz*ii:.,,,,,,..,#nnn#+,,,,,..,,....,.,i+i*iiiiiiiiiiiiiiiii*i,.,,. + ,,.,,#zzzzzzzzzzzznzznnzMMnxzzzzz**i;.,,,,.,,.,zxWWWxi,,,:*,,,..,.,,,#**iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzzznM+WMxxzzzzz***;..,,,,,,..;xWWWWn+**#;,,,,.,,,.i#*iiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzznW#zWMxnnzzzz*iii,.,,,,,,,,,+nWMWWWMx+,,,,,.,,,,++i*iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzznMM,zWMMnnzzz#*ii*;.,,,,,,::iznxMMWWWWn#;,,.,,,,*#**iiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzzzzMWz,zMMMxxznn#*ii*i::;i++#zznxWxxxWWWxxxzi,.,,,,#+iiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzznMWW#,#MMMMMnznz*ii**izzzzzzxMMWWnxM@WMMMMzzi,.,,+*+iiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzznMWWW#,*xMMMMnznz*iiii+MnnnnnxMWWWxxMxMxMxxxnz*,,,*+*iiii**iiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzzzMWWWW#;;zMMMMMnnz#*i*#MWxxxxxMWMxMMxMxMWWWWxMzn;.i:#*iiii**iiiiiiiiiiiiiii*i,.,.. + ,,,,,#zzzzzznnzxWWWWW#:;+MMMMMxzzz#*zzxWMWMWxMWWMMWWMMWWWWMxxMn:,*:#iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,#zzzzzzzzxWWWWWWz::inMMMMMxznzzzzznxMMMxxxMMxxxzxMWWWMMWWx:ii+*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ....,#zzzzzzznWWWWWWWz;,;+MMMMMMxzzzzzzzzznz#**i;::,,:;#nxxWMM+;*;+*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ...,,#zzzzzznMWWWWWWWni,,*nWMMMMMxnzzzzzzzz#i*i,,,,:,,,,:+#z##i#+#*iiiiiiiiiiiiiiiiiiiiiii*i,.,.. + ...,,#zzznnnxWWWWWWWWx*,.i+MMMMMMMMxxnzz#+****i,i**#z+;,:*iiii*zz+*iiiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,#nzzzxMMWWWWWWWWW*;.:*#WMMMMMMMMxz+**iiiii;*++####:;i****zz#*iiiiiiiiiiiiiiiiiiiiiiii*i,.,,. + ,,,,,#zznMWxWWWWWWWWWWz;,.;*nWMMMMMMMMnz#ii:.....,,,,,,,,ii*+zzz*ii**iiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,#nxWWMxWWWWWWWWWWW;:,,*+xMMMMMMMMMxnz*:.,,,,,..,,,,,,i#nnx+i*i*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,zWWWWMxWWWWWWWWWWW*;,.,*+MMMMMMWMMWMx#*:,,,,....,,,,:#nMM#+*ii*iiiiiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,xWWWWxWWWWWWWWWWWWx::,,:;+MMMMMMWMWMMnz+:....,,.,,,,+MWMM*#z+*iiiiiiii**iiiiiiiiiiiii*i,.,.. + ,,,,,xWWWMxWWWWWWWWWWWWW+:,,,;:+MMMMMMMMMMMxnz*;,,:,,,i+#xM++W#+nz#iii*iiiiiiiiiiiiiiiiiii*i,.,.. + ,,,,,xWWWMMWWWWWWWWWWWWWx,,..,;,*xWMMMMMMMWMWxnn####+##nxx#,+Wx*nznz:i**iiiiiiiiiiiiiiiiii*i,.,.. + ,,.,,xWWWxMWWWWWWWWWWWWWWi.,,,,:,*#MMMMMMMMMMWMMxxxxxxxMnn,.zWM#;zzMn;*i*iiiiiiiiiiiiiiiii*i,.,.. + ,..,,xWWWxWWWWWWWWWWWWWWWx,,,,,,:,;+MMWMMMMWWWWWWWMMMMMxn:..nWWni+nzMn#niii**iiiiiiiiiiiii*i,.,.. + ,..,,xWWMxWWWWWWWWWWWWWWWWi,,,,.,:,,;xWMMMMMMMMMMMMMMxnni...xMWxz;znnMxxM#;i*i**iiiiiiiiii*i,.,.. + ,..,,xWWMMWWWWWWWWWWWWWWWWz.,,...::,,;zWMMMMMMMMMMMMnzzi,,,,MMMMx*innxMxxWx+iiii**iiiiiiii*i,.,.. + ,..,,xWWMMWWWWWWWWWWWWWWWWM:,,...,:,,,,+xWMMMMMMMMxnnzi,.,,,MMMMMzinxMxMxxMMM#;i**iiiiiiii*i,.,.. + ,..,,xWWxWWWWWWWWWWWWWWWWWW*.,.,.,,:,,.,i+xWWMMMMxnnni,,,,,.WMMMMMz#nMMxMMMMMWxi;i*iiii*ii*i,,,.. + ,..,,xWWxWWWWWWWWWWWWWWWWWWz.,,,,.,,:,,,,::#@WMMxnnn;..,,.,:WMWMMMMznxWxxWMMMMMM#;iiiiiiii*i,,,.. + ,..,.nWMMWWWWWWWWWWWWWWWWWWM,.,,,...,,..,.,.iMWMxnz:.,.,,.,;WMWMMMMnzxMMxMMMMMMWMxi;i*iii*ii..,.. + ,..,,nWWMMWWWWWWWWWWWWWWWWWWi,,,....,.,,.,,,,:nxxz:,.,,,...iWMWMMMWMznMMMxMMMMMMMMMzi;i**iii..,., + ,..,,xWWWMMWWWWWWWWWWWWWWWWW#:.....,....,.,,..:#+,..,,,....:WWMMMMMMxnnMMMxWMMMMMMMWM#;;*i*i,.,.. + ,..,,xWWWWWMMWWWWWWWWWWWWWWWxi:..,.......,,,,..;;,...,,...,,@WMMMMMMMxzxMMxxMMWMMMMMMWx+;iii,,,.. + ,..,,xWWWWWWMMMWWWWWWWWWWWWWM*i,,,,......,,,,,;MWx+,..,,,..,@WMMMMMMMMnzxxnMMMMMMMMMMMWWx+ii,,,,. + ,..,,xWWWWWWWMxWWWWWWWWWWWWWW+*;,,,,.....,,.,,xWWW@n:.,,,,.,WWMMMMMMMMMnnnMMMMMMMMMMMMWMWMxz,,,.. + ,..,,xWWWWWWWWMxWWWWWWWWWWWWWzi*;,,,,.....,,,nWMMMWWM:.,,,..MWMMMWMMMMMMnMMMMMMMMMMMMMMMMMMx,.,., + ,..,,xWWWWWWWWMxWWWWWWWWWWWWWMiii;,,.,,...,.zWWWWWWWWn,.....zWMMMMMMMMMMMxMMMMMMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWMWWWWWWWWWWWWWWWiii*;,,,,,,.,z@WWWWWWWWW*,..,,zWMMMMMMMMMMMMnMMMMMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWMWWWWWWWWWWWWWWW@+,;ii:,,.,,,zWWWWWWWWWWWM:.,,,#WMMMMMMMMMMMMxnMMWMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWz,.;i*:...,ixWWWWWWWWWMMW+,,,.+WMMMMMMMMMMMMMxxMWWMMMMMMMMMMMx,,,.. + ,..,.xWWWWWWWWWWWWWWWWWWWWWWWWM,,,iii,,,;i+WWWWWWWWW#+xx;,,.+WWMMMMMMMMMMMWMxxMMMMMMMMMMMMMx,,,,, + ,..,.xWWWMWWWWWWWWWWWWWWWWWWWWW;.,:iii,:ii*xWWWWWWWW+i*Mz,.,*WWMMMMMMMMMMMMWMxnMMMMMMMMMMMMx,,,.. + ,..,.xWWWMWWWWWWWWWWWWWWWWWWWWWz.,.;i*iiiiinWWWWWWWW*i*+z*.,iWWMMMMMMMMMMMMMMMxxMMMMMMMMMMMx,,,.. + ,..,.xWWWMMWWWWWWWWWWWWWWWWWWWWx,,,.i***;:i#WWWWWWWMi*ii*zi,;WWMMMMMMMMMMMMMMMMxMMMMMMMMMMMx,,,,. + ,..,,xWWWWMMWWWWWWWWWWWWWWWWWWWW;,,.:*ii,,i+WWWWWWWM::iiiizi:WWMMMMMMMMMMMMMMMMMMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWW+,,,.,i,,,;*WWWWWWWx:.:iii*z*MWMMMMMMMMMMMMMMMMMWMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWn,,,,...,,:*MWWWWWWn:..;ii**xWWMMMMMMMMMMMMMMMMWWMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWW:.,.,,,.,,iMWWWWWWz,.,,i*i*nWWMMMMMMMMMMMMMMMWWMMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWW@*..,,,..,,ixWWWWWWz..,.,i*inWWMMMMMMMMMMMMMMMWWMMMMMMMMMMMx,,,,. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWWn,.,,,,,,,;n@WWWWWn..,,,:*izWWMMMMMMMMMMMMMMWWWWMMMMMMMMMMx,,,.. + ,..,,xWWWWWWWWWWWWWWWWWWWWWWWWWWWM:.,,,....:xWWWWWWM,,,,,.:izMWMMMMMMMMMMMMMMMWWMMMMMMMMMMMx,,,.. + ,..,,nMWWWWWWWWWWWWWWWWWWWWWMWWWWM#*********MWWWWWWW+*******nMWMMMMMMMMMMMMMMMMMMMMMMMMMMMMx,,,.. + ,..,,nMWWMMMMMMMMMMMMMMMMWWMMMMMWMMMWWMMMWWMMMMMMMMMMMMWWMWWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMx,,,.. + Changes -------- +~~~~~~~ - [sighting/api] improved comments. [Sami Mokaddem] - [RestResponse] bump. [Sami Mokaddem] - Typo. [Sami Mokaddem] @@ -22894,6 +23634,7 @@ Changes Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [docs] More general info about xINSTALL in index. Minor formatting touch-up in license. Added missing sections to mkdocs.yml and adapted it to reflect official MISP repo. [Steve Clement] @@ -22958,7 +23699,7 @@ Changes - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - [API] minor fixes to the sightings api. [iglocska] - fixed duplicate sighting tags in XML output @@ -23005,7 +23746,7 @@ Fix - [stix2 import] Avoiding errors when the imported file name is not specified. [chrisr3d] - [routes] Added route for .csv parsing. [iglocska] -- \#3769 Att&ck matrix now render multiple kill_chain by column. [Sami +- #3769 Att&ck matrix now render multiple kill_chain by column. [Sami Mokaddem] - Check if the format is xml or application/xml on __sendResponse. [Tom King] @@ -23095,7 +23836,7 @@ Fix correctly. [iglocska] Other ------ +~~~~~ - Merge branch 'sighting_api' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'weekend_fixes' into 2.4. [iglocska] @@ -23150,6 +23891,8 @@ Other chg: [docs] The debian install docs are now fully functional and quite a few format changes to some of the install guides. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -23173,6 +23916,7 @@ Other Fixes Issue #3633 - Returned XML has application/json Content-Type header - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3768 from devnull-/#3748_download_files. [Andras Iklody] @@ -23196,6 +23940,10 @@ Other chg: [tools] Added the option to have Python Virtualenv support - Merge branch '2.4' into py-virtualenv. [www-data] - Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] +- Merge branch '2.4' into py-virtualenv. [Steve Clement] - Merge branch '2.4' into py-virtualenv. [www-data] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3760 from cudeso/2.4. [Alexandre Dulaunoy] @@ -23218,11 +23966,11 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external Network Socket objects when +- Wip: [stix2 import] Parsing external Network Socket objects when references are hostnames. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] @@ -23232,81 +23980,81 @@ Other [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external observable IPAddr - +- Wip: [stix2 import] Parsing external observable IPAddr - NetworkTraffic - Domain composition objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external process objects. [chrisr3d] +- Wip: [stix2 import] Parsing external process objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external AS objects. [chrisr3d] +- Wip: [stix2 import] Parsing external AS objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external x509 objects. [chrisr3d] +- Wip: [stix2 import] Parsing external x509 objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external mutex objects. [chrisr3d] +- Wip: [stix2 import] Parsing external mutex objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: -- :construction: [stix2 import] Parsing external mac-address objects. [chrisr3d] + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ +- Wip: [stix2 import] Parsing external mac-address objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: -- :construction: [stix2 import] Parsing external url objects. [chrisr3d] + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ +- Wip: [stix2 import] Parsing external url objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Parsing external regkey objects. [chrisr3d] +- Wip: [stix2 import] Parsing external regkey objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing external email objects. [chrisr3d] +- Wip: [stix2 import] Parsing external email objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing functions working for both subclasses -- :construction: [stix2 import] Parsing domain & domain-ip attributes/objects. +- Wip: [stix2 import] Parsing domain & domain-ip attributes/objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Also reusing code that works for both subclasses - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Included pe & pe-section parsing for file objects. +- Wip: [stix2 import] Included pe & pe-section parsing for file objects. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ - Including uuid fields - Including refactor on some class attributes to avoid errors and duplications - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_patch. [chrisr3d] -- :construction: [stix2 import] Starting parsing network-traffic objects from +- Wip: [stix2 import] Starting parsing network-traffic objects from external files. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, - this script may be broken in some cases atm :warning: -- :construction: [stix2 import] Starting parsing observables from external STIX2 + - /!\ WiP, it is preferable to wait for the branch to be merged, + this script may be broken in some cases atm /!\ +- Wip: [stix2 import] Starting parsing observables from external STIX2 files + moving functions to the main script. [chrisr3d] - - :warning: :construction:, it is preferable to wait for the branch to be merged, script broken atm :warning: + - /!\ WiP, it is preferable to wait for the branch to be merged, script broken atm /!\ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3751 from ancailliau/fixes-error-message- control_workers. [Andras Iklody] @@ -23318,11 +24066,12 @@ Other fix: travis import/export + v2.4.96 (2018-10-09) -------------------- New ---- +~~~ - [ReST client] generate python output too. [iglocska] - also, nicer toggle! @@ -23427,7 +24176,7 @@ New [iglocska] Changes -------- +~~~~~~~ - [CSV] Added timestamp in CSV output with include context on the event level. [iglocska] - [version] version bump. [iglocska] @@ -23445,6 +24194,7 @@ Changes published ignored by default) [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - [API] new restresponse library addition fixed (send file) [iglocska] @@ -23453,6 +24203,8 @@ Changes [Alexandre Dulaunoy] - [misp-objects] add the relationship annotates. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomy] updated to the latest version. [Alexandre Dulaunoy] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] @@ -23510,7 +24262,7 @@ Changes - Bump recommended pyMispVersion. [Raphaël Vinot] Fix ---- +~~~ - [sanitisation] Sanitise curl query. [iglocska] - [stix2 import] Fixed to_ids flag in imported objects. [chrisr3d] - [API] Fixed broken check for overriding IDS flags via proposals, fixes @@ -23785,7 +24537,7 @@ Fix - [feeds] Feed caching generates a lot of notices. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -23793,6 +24545,8 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3743 from WaryWolf/unmanaged-workers. [Andras @@ -23832,18 +24586,18 @@ Other read and displayed - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [stix2 export] Supporting export of multiple MISP events. +- Wip: [stix2 export] Supporting export of multiple MISP events. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [restSearch] Passing multiple events to the STIX parsing script. +- Wip: [restSearch] Passing multiple events to the STIX parsing script. [chrisr3d] - atm calling the python script every 10 events fetched with fetchEvent - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [stix1 export] Supporting export of multiple MISP events. +- Wip: [stix1 export] Supporting export of multiple MISP events. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] @@ -23851,8 +24605,8 @@ Other chrisr3d_restSearch_tests. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into chrisr3d_restSearch_tests. [chrisr3d] -- :construction: [restSearch] Added stix2 export in restSearch. [chrisr3d] -- :construction: [restSearch] Stix1 export for restSearch. [chrisr3d] +- Wip: [restSearch] Added stix2 export in restSearch. [chrisr3d] +- Wip: [restSearch] Stix1 export for restSearch. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -23904,6 +24658,15 @@ Other chg: Bump PyMISP - Merge branch 'stix2' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Add: [export] Introduction of a framing script. [chrisr3d] - atm returning header, separator and footer for @@ -23913,16 +24676,23 @@ Other for the format in subject and returning the corresponding header, footer and separator - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Add: [stix2 export] Added stix2 export view. [chrisr3d] - Add: [stix2 export] Added instruction about automation part. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3664 from SteveClement/guides. [Andras Iklody] chg: [doc] Moved INSTALL files around to reflect a more accurate support landscape. @@ -23979,11 +24749,12 @@ Other - Fixed bug where popoverChoice was returning undefined values for some browser. [Sami Mokaddem] + v2.4.95 (2018-09-06) -------------------- New ---- +~~~ - [API] set default behaviour to require to_ids and published set to 1 to be included in exports. [iglocska] @@ -24049,13 +24820,13 @@ New - [rest client] parsers for JSON/HTML return added. [iglocska] - [rest client] parser helper css/js added. [iglocska] - [API] CSV export tool added. [iglocska] -- [API] :construction: work in progress - moving CSV export to standardised +- [API] WIP work in progress - moving CSV export to standardised converter format. [iglocska] - [API] Added publish filter to restsearch. [iglocska] - [API] further rework of the restsearch api. [iglocska] - move to the new popping filter system -- [API] rework of the event level restSearch (:construction:) [iglocska] +- [API] rework of the event level restSearch (WIP) [iglocska] - [internal] Further work on the filtering. [iglocska] - [internal] Rework of the filter handling internally. [iglocska] - [internal] Added internal functions to interpret parameters in various @@ -24096,7 +24867,7 @@ New - no more shitty chrome extensions that crash during trainings, rejoice! Changes -------- +~~~~~~~ - [doc] Point to official misp-book, MISP "User Guide" in main codebase is obsolete. [Steve Clement] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] @@ -24130,6 +24901,10 @@ Changes - instead of loading it over and over - Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] +- Bump PyMISP. [Raphaël Vinot] - [rest client] render the response by default. [iglocska] - [querystring] version bumped. [iglocska] - [API] Fixed fetchAttributes lookup on value to be only optionally a @@ -24158,6 +24933,7 @@ Changes - [doc] MISP logo b&w only added. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [data-model] new bro attribute type to store rule in Bro rule-format. [Alexandre Dulaunoy] @@ -24173,13 +24949,14 @@ Changes - [misp-galaxy] updated to the latest version including related changes. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-warninglist] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [visual] Changed the name of the rest client. [iglocska] Fix ---- +~~~ - [documentation] added missing legacy automation page view. [iglocska] - [description] Typo in serverSetting fixed, fixes #3612. [iglocska] - [API] using "download" as a returnformat via the URL breaks the @@ -24344,7 +25121,7 @@ Fix - [API] Some API rearrange issues fixed in events/add. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Temporary revert to avoid PGP bug. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -24405,10 +25182,12 @@ Other - Add: [stix2 export] Parsing expiration date from sightings as 'valid_until' in indicators. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'feature/api_rework2' into 2.4. [iglocska] +- Merge branch 'feature/api_rework2' into 2.4. [iglocska] - Merge branch 'feature/api_rework' into feature/api_rework2. [iglocska] - Merge branch 'feature/api_rework' into 2.4. [iglocska] - Merge branch '2.4' into feature/api_rework. [iglocska] @@ -24417,6 +25196,7 @@ Other - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [Raphaël Vinot] - Merge branch '2.4' into feature/api_rework. [iglocska] +- Merge branch '2.4' into feature/api_rework. [iglocska] - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [iglocska] - Merge branch 'feature/api_rework' of github.com:MISP/MISP into @@ -24426,6 +25206,7 @@ Other - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [iglocska] - Merge branch '2.4' into feature/api_rework. [iglocska] +- Merge branch '2.4' into feature/api_rework. [iglocska] - Merge branch 'feature/api_rework' of github.com:MISP/MISP into feature/api_rework. [iglocska] - Merge pull request #3557 from Rafiot/feature/api_rework. [Raphaël @@ -24559,11 +25340,12 @@ Other - Merge remote-tracking branch 'origin/2.4' into 2.4. [Christophe Vandeplas] + v2.4.94 (2018-08-09) -------------------- New ---- +~~~ - [PGP] Added fingerprint to /users/verifyGPG. [iglocska] - [internal] Streamlining of the push process. [iglocska] @@ -24664,7 +25446,7 @@ New - MISP's diagnostic tool WILL complain if this is ever enabled Changes -------- +~~~~~~~ - [release] Version bump. [iglocska] - [internal] Refactor of the pull function. [iglocska] @@ -24702,6 +25484,8 @@ Changes - [cleanup] added function to check for prio worker's existance in Event.php. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [documenation] Added CLI documentation for the getAuthkey tool. [iglocska] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] @@ -24829,6 +25613,7 @@ Changes - [doc] More updates on the debian install guides, small fix on OpenBSD. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [attackMatrix] UI improvement (contextual menu) [Sami Mokaddem] - [attackMatrix] UI improvements. [Sami Mokaddem] - [attackMatrix] support of quick tagging from the attackMatrix at event @@ -24903,7 +25688,7 @@ Changes each section Fix ---- +~~~ - [stix1 import] Fixed journal entries parsing fails. [chrisr3d] - [stix1 import] Copy/paste error fixed. [chrisr3d] - [cleanup] Some more minor clean up. [chrisr3d] @@ -25199,7 +25984,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #3535 from PaoloVecchi/patch-4. [Andras Iklody] @@ -25215,6 +26000,8 @@ Other - Default sort order for ID and Date: desc. [StefanKelm] - Default sort order for timesamps: desc. [StefanKelm] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -25232,6 +26019,7 @@ Other chg: [typo] Minor typo - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #3520 from ater49/patch-5. [Alexandre Dulaunoy] @@ -25260,6 +26048,7 @@ Other Update default.po - Update default.po. [ater49] +- Update default.po. [ater49] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3502 from SteveClement/2.4. [Andras Iklody] @@ -25314,6 +26103,8 @@ Other - Merge branch '2.4' of github.com:SteveClement/MISP into 2.4. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -25404,6 +26195,9 @@ Other Sod the bloody typos - Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] +- Typo. [StefanKelm] - Add: [stix2 import] Importing email-attachment attributes. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Add: [stix2 export] Exporting email-attachment attributes. [chrisr3d] @@ -25420,6 +26214,7 @@ Other chg: [doc] debian testing/stable install guide updates - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3445 from SteveClement/2.4. [Steve Clement] chg: [doc] debian install guide updates @@ -25478,6 +26273,7 @@ Other Change --force to --recursive in update/upgrade documentation - Change --force to --recursive. [StefanKelm] +- Change --force to --recursive. [StefanKelm] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'attributeFetcherFix' into 2.4. [iglocska] @@ -25486,7 +26282,7 @@ Other - Merge pull request #3417 from SteveClement/2.4. [Steve Clement] Added initial internationalization for: French (6%), Japanese (21%) - Updated FreeBSD and added OpenBSD Install document (:construction:-pre-alpha) + Updated FreeBSD and added OpenBSD Install document (WIP-pre-alpha) - - Rudimentary support for apache2, login works. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - - Partially works, again, but still CSS issues. [Steve Clement] @@ -25522,11 +26318,12 @@ Other [chrisr3d] - [stix2 import] Improved file observable object parsing. [chrisr3d] + v2.4.93 (2018-06-27) -------------------- New ---- +~~~ - [attackMatrix] Skeleton of multiple galaxy picking. [Sami Mokaddem] - [stix2 export] Starting exporting PE binary files. [chrisr3d] @@ -25571,7 +26368,7 @@ New - Add schema for feed-metadata. [Raphaël Vinot] Changes -------- +~~~~~~~ - [version] Version bump. [iglocska] - [misp-galaxy] updated to the latest version (including CFR test) [Alexandre Dulaunoy] @@ -25630,7 +26427,7 @@ Changes - Add enums in feed-metadata schema. [Raphaël Vinot] Fix ---- +~~~ - [stix1 import] Fixed Monkey typo. [chrisr3d] - [stix1 import] Fixed missing self call. [chrisr3d] - [bug] Typo in the event before validate hook. [Andras Iklody] @@ -25669,7 +26466,7 @@ Fix MISP/PyMISP#236. [iglocska] - [stix diagnostic] Returning the correct 'success' value in case of error with maec. [chrisr3d] -- :lock: Brute force protection can be bypased with a PUT request. +- [security] Brute force protection can be bypased with a PUT request. [iglocska] - fixes an issue where brute forcing the login would work by using PUT requests @@ -25790,7 +26587,7 @@ Fix published. [Sami Mokaddem] Other ------ +~~~~~ - Add: [stix1 import] Parsing x509 raw certificate in x509 object. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] @@ -25883,6 +26680,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into favicon. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: [stix2 export] Exporting asn MISP objects. [chrisr3d] - Add: [stix1 export] Exporting asn object. [chrisr3d] - [stix2 export] Removed intermediary 1 line functions. [chrisr3d] @@ -25911,11 +26709,12 @@ Other Enable python3 for php-fpm for RHEL/CentOS - Enable python3 for php-fpm for RHEL/CentOS. [Richard van den Berg] + v2.4.92 (2018-06-07) -------------------- New ---- +~~~ - [ACL] Added new role permission: publish_zmq. [iglocska] - permission flag to use the "publish to ZMQ" button @@ -25953,7 +26752,7 @@ New - uses bootstrap's own classes/structure Changes -------- +~~~~~~~ - [version] VERSION bump. [iglocska] - Bump PyMISP version. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] @@ -26005,7 +26804,7 @@ Changes - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ---- +~~~ - Removed debug breaking update. [iglocska] - [API] Fixed a black hole on API actions via the Objects controller, fixes #3271. [iglocska] @@ -26131,7 +26930,7 @@ Fix notices thrown. [iglocska] Other ------ +~~~~~ - Bump recommended version of PyMISP. [Raphaël Vinot] - Merge pull request #3316 from jezkerwin/2.4. [Andras Iklody] @@ -26277,8 +27076,10 @@ Other STIX Custom object. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - [stix1 export] typo. [chrisr3d] - Add: [stix1 export] Added namespaces for WindowsService object. [chrisr3d] @@ -26312,11 +27113,12 @@ Other - Add: [stix1 export] Exporting network connection MISP objects. [chrisr3d] + v2.4.91 (2018-05-15) -------------------- New ---- +~~~ - Remove galaxy cluster information from the sync mechanism for now. [iglocska] @@ -26356,7 +27158,7 @@ New - GET on add/edit to receive usage information Changes -------- +~~~~~~~ - [PyMISP] updated to latest version. [Alexandre Dulaunoy] - [stix1 export] Added object name in observable composition id. [chrisr3d] @@ -26423,13 +27225,14 @@ Changes - Changed distribution graph popover title. [Sami Mokaddem] - Removed useless prints. [Sami Mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - First round of refactoring of the side menu. [iglocska] - Changed the org admin role to not have sync privileges by default. [iglocska] Fix ---- +~~~ - Detaching galaxy clusters from attributes was using the old function name. [iglocska] - Attachcluster to object attributes fails due to no flattening. @@ -26623,7 +27426,7 @@ Fix - Fixed color mapping issue that avoided Marking creation. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Version bump. [iglocska] @@ -26636,8 +27439,10 @@ Other - [stix1 export] Reusing little functions. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: [stix1 import] Importing reply-to attributes. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -26652,6 +27457,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Added description for the latest functions created. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'global_ajax' into 2.4. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -26801,6 +27607,7 @@ Other - Merge pull request #3183 from StefanKelm/2.4. [Andras Iklody] Update Log.php +- Update Log.php. [StefanKelm] - Update Log.php. [StefanKelm] Alphabetically sort list of Actions pull-down menu within "Search Logs" @@ -26808,6 +27615,7 @@ Other importing STIX. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: Added Windows Service objects parsing. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -26822,11 +27630,12 @@ Other - MISP to STIX export refactored & updated to work with python3. [chrisr3d] + v2.4.90 (2018-04-21) -------------------- New ---- +~~~ - Add download buttons for user profiles. [iglocska] - Added the extended event lookup to the edit event view. [iglocska] - Preview the extended event ID / UUID. [iglocska] @@ -26847,7 +27656,7 @@ New automation page. [iglocska] - Cleanup of server push, feed fetch, fed cache console commands. [iglocska] -- Rework of the server/feed command line tools, :construction:. [iglocska] +- Rework of the server/feed command line tools, WIP. [iglocska] - Added improvements to the Cortex settings. [iglocska] - allow for configuring SSL options for Cortex @@ -26890,7 +27699,7 @@ New - set max memory usage and execution time / role Changes -------- +~~~~~~~ - Version bump. [iglocska] - Changed the extended event lookup box's colour. [iglocska] @@ -26923,7 +27732,7 @@ Changes [chrisr3d] Fix ---- +~~~ - Z-index popover issue in event graph. [Sami Mokaddem] - MISP galaxy updated. [Alexandre Dulaunoy] - Tag removal fixed. [iglocska] @@ -27045,7 +27854,7 @@ Fix - Handling case of stix events without labels. [chrisr3d] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3170 from mokaddem/ref_graph. [Andras Iklody] @@ -27141,6 +27950,7 @@ Other - Made the auto download of attachments when loaded in the browser configurable. [John Doe] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3152 from StefanKelm/2.4. [Andras Iklody] Default sort order for id / date reversed on click for Server preview index @@ -27165,6 +27975,7 @@ Other - Starting parsing some easy patterns. [chrisr3d] - Add: Added course-of-action object parsing. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Add: Added the stix version attribute in stix2-pattern objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] @@ -27176,57 +27987,57 @@ Other - Importing external indicators as stix2-pattern objects. [chrisr3d] Now on the same state as the current used import module -- :construction: Import module importing things, but need to fix few attributes +- Wip: Import module importing things, but need to fix few attributes loss. [chrisr3d] -- :construction: Parsing patterns representing MISP objects. [chrisr3d] -- :construction: Parsing observable objects representing MISP objects. [chrisr3d] -- :construction: Parsing STIX2 objects that give MISP attributes with the import. +- Wip: Parsing patterns representing MISP objects. [chrisr3d] +- Wip: Parsing observable objects representing MISP objects. [chrisr3d] +- Wip: Parsing STIX2 objects that give MISP attributes with the import. [chrisr3d] -- :construction: Starting parsing STIX2 from MISP. [chrisr3d] +- Wip: Starting parsing STIX2 from MISP. [chrisr3d] - STIX2 export refactored. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] - Parsing ip-port objects. [chrisr3d] - Observable added - Observable & pattern tested -- :construction: Parsing file objects. [chrisr3d] +- Wip: Parsing file objects. [chrisr3d] - observable added - observable & pattern tested -- :construction: Parsing email objects. [chrisr3d] +- Wip: Parsing email objects. [chrisr3d] - observable added - observable & pattern tested -- :construction: Parsing url objects (observable added & tested + pattern tested) +- Wip: Parsing url objects (observable added & tested + pattern tested) [chrisr3d] -- :construction: Parsing x509 objects (observable added + pattern & observable +- Wip: Parsing x509 objects (observable added + pattern & observable tested) [chrisr3d] -- :construction: Regkey object parsing + Fix on observable object creation. +- Wip: Regkey object parsing + Fix on observable object creation. [chrisr3d] -- :construction: Implementing observable objects generation for MISP objects. +- Wip: Implementing observable objects generation for MISP objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] -- :construction: Should now be able to create indicators for MISP objects. +- Wip: Should now be able to create indicators for MISP objects. [chrisr3d] - Patterns generation to be tested -- :construction: Parsing Galaxies. [chrisr3d] +- Wip: Parsing Galaxies. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into stix2. [chrisr3d] -- :construction: Fixed typo of some attribute values to delete spaces. [chrisr3d] -- :construction: Catching errors on indicators and observed data, and creating +- Wip: Fixed typo of some attribute values to delete spaces. [chrisr3d] +- Wip: Catching errors on indicators and observed data, and creating custom objects instead. [chrisr3d] -- :construction: Fixed typo & bugs. [chrisr3d] +- Wip: Fixed typo & bugs. [chrisr3d] - tests made for indicators -- :construction: Dictionary for attributes mapping should be ok. [chrisr3d] -- :construction: Always better with a stix package builder and the output file +- Wip: Dictionary for attributes mapping should be ok. [chrisr3d] +- Wip: Always better with a stix package builder and the output file saved. [chrisr3d] -- :construction: Handling special misp types. [chrisr3d] -- :construction: Should be able to export attributes. [chrisr3d] -- :construction: Refactoring to be continued. [chrisr3d] -- :construction: Dictionary update to go with stix2 export refactoring. [chrisr3d] -- :construction: Refactoring stix2 export & performance improvement. [chrisr3d] -- :construction: First try of refactored stix2 parsing. [chrisr3d] +- Wip: Handling special misp types. [chrisr3d] +- Wip: Should be able to export attributes. [chrisr3d] +- Wip: Refactoring to be continued. [chrisr3d] +- Wip: Dictionary update to go with stix2 export refactoring. [chrisr3d] +- Wip: Refactoring stix2 export & performance improvement. [chrisr3d] +- Wip: First try of refactored stix2 parsing. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3148 from StefanKelm/2.4. [Andras Iklody] @@ -27249,6 +28060,8 @@ Other Spelling error update - Spelling error update. [Geert De Ron] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #3139 from mokaddem/quick-fix-metacategory-graph. [Andras Iklody] @@ -27330,6 +28143,7 @@ Other - Update admin_add.ctp. [StefanKelm] - Update user_management.ctp. [StefanKelm] - Update administration.ctp. [StefanKelm] +- Update administration.ctp. [StefanKelm] - Update diagnostics.ctp. [StefanKelm] - Update footer.ctp. [StefanKelm] - Update User.php. [StefanKelm] @@ -27351,11 +28165,12 @@ Other - Changed imports & only kept only used pymisp functions. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] + v2.4.89 (2018-03-23) -------------------- New ---- +~~~ - Added STIX 2.x import to the GUI. [iglocska] - Purge all/completed jobs via the job index, fixes #3024. [iglocska] - Describe the new changes to the deleteAttributes API. [iglocska] @@ -27365,7 +28180,7 @@ New - Allow the searching of organisations by uuid on the event index (via the API) [iglocska] - Finished the first version of the recovery tool. [iglocska] -- Object reconstruction after, resolving the ID bug, :construction:. [iglocska] +- Object reconstruction after, resolving the ID bug, WIP. [iglocska] - Temp diagnostic tool for orphaned object attributes. [iglocska] - RestResponse::describe() now uses generic URLs with optional url parameters instead of showing the currently accessed ID. [iglocska] @@ -27379,7 +28194,7 @@ New - just set the `require_standard_format` to true in the moduleinfo disctionary Changes -------- +~~~~~~~ - Version bump. [iglocska] - Query string bumped. [iglocska] - Updates to the deleteAttributes API. [iglocska] @@ -27396,7 +28211,7 @@ Changes - no ID needs to be passed for the description Fix ---- +~~~ - Added annoying missing space between the password field's label and it's tooltip. [iglocska] - Handling case of stix events without timestamp. [chrisr3d] @@ -27569,7 +28384,7 @@ Fix - Removed left in debug/thrown exception. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Update event-graph.js. [Sami Mokaddem] @@ -27650,16 +28465,16 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into stiximport. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: Parsing attachments. [chrisr3d] -- :construction: Starting parsing portable executables. [chrisr3d] -- :construction: Added description parsing for stix objects without properties. +- Wip: Starting parsing portable executables. [chrisr3d] +- Wip: Added description parsing for stix objects without properties. [chrisr3d] -- :construction: Whois parsing function improved. [chrisr3d] +- Wip: Whois parsing function improved. [chrisr3d] Still need some tests with proper examples to finish this part -- :construction: Starting parsing Whois Objects. [chrisr3d] +- Wip: Starting parsing Whois Objects. [chrisr3d] But need some examples to parse properly !!!! -- :construction: Rebuilt hashes & files parsing functions. [chrisr3d] +- Wip: Rebuilt hashes & files parsing functions. [chrisr3d] Also handling more properly when to import a stix object as a MISP Object or as Attribute @@ -27679,19 +28494,19 @@ Other #2473. [Andras Iklody] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Fixed key value that was not correct. [chrisr3d] -- :construction: More types supported & functions clarified. [chrisr3d] -- :construction: Starting to import external stix. [chrisr3d] -- :construction: Supporting more Object types. [chrisr3d] -- :construction: handling malware-sample in file objects. [chrisr3d] -- :construction: Supporting more attribute types. [chrisr3d] -- :construction: Parsing more attribute types & objects. [chrisr3d] +- Wip: More types supported & functions clarified. [chrisr3d] +- Wip: Starting to import external stix. [chrisr3d] +- Wip: Supporting more Object types. [chrisr3d] +- Wip: handling malware-sample in file objects. [chrisr3d] +- Wip: Supporting more attribute types. [chrisr3d] +- Wip: Parsing more attribute types & objects. [chrisr3d] - More attribute types and objects to come with events testing - First version parsing some attributes. [chrisr3d] - More attribute types to be added - Objects to be parsed as well -- :construction: Refactor of stix2misp - only a beginning atm. [chrisr3d] +- Wip: Refactor of stix2misp - only a beginning atm. [chrisr3d] - Merge pull request #3012 from Res260/feature_keyboard_navigation. [Andras Iklody] @@ -27785,12 +28600,15 @@ Other - Fixed a bug regarding filename|ssdeep attributes importing using FreeTextImport. See Issue #2971. [Émilio Gonzalez] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2979 from SteveClement/2.4. [Alexandre Dulaunoy] Added install step to make sure submodule permissions are ignored - - Added install step to make sure all the submodules ignore permissions. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] +- Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - Merge branch '2.4' of github.com:SteveClement/MISP into 2.4. [Steve Clement] - Merge remote-tracking branch 'origin/i18n_prep' into 2.4. [Steve @@ -27803,14 +28621,16 @@ Other - Add attribute shortcut now triggers the popup instead of changing page + bottom right triangle now with pointer cursor. [Émilio Gonzalez] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] + v2.4.88 (2018-02-21) -------------------- New ---- +~~~ - Add API response for /sightings/listSightings. [Andras Iklody] - Reowkred organisation merge workflow, #fixes 2931. [iglocska] @@ -27894,7 +28714,7 @@ New - for example: 'addOrg' => 'add Organisation to' Changes -------- +~~~~~~~ - Version bump. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - Updated documentation. [iglocska] @@ -27904,7 +28724,7 @@ Changes - Bump PyMISP. [Raphaël Vinot] Fix ---- +~~~ - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - PyMISP fixed to the latest version. [Alexandre Dulaunoy] - Ssdeep is now updated on PECL - installation updated. [Alexandre @@ -27925,6 +28745,7 @@ Fix - removed the module config from the index function to avoid exposing API keys / credentials to users - some formating fixes - ModulesController. [Juan C. Montes] +- ModulesController. [Juan C. Montes] - Searching for exact values not possible via the attribute search, fixes #2946. [iglocska] @@ -28019,7 +28840,7 @@ Fix - Graceful handling of gnupg not being set up on an instnace. [iglocska] Other ------ +~~~~~ - Update list_sightings.ctp. [Andras Iklody] - Add: Updated to the latest version of taxonomies including new ones. [Alexandre Dulaunoy] @@ -28080,12 +28901,14 @@ Other Dulaunoy] - Add: mime-type attribute added. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #2908 from Res260/fix_keyboard_shortcut_focus. [Andras Iklody] new: Add search shortcut for events and attributes + small bugfix - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2906 from Res260/feature_keyboard_shortcuts. [Alexandre Dulaunoy] @@ -28114,6 +28937,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2886 from MISP/Bump-PyMISP. [Raphaël Vinot] chg: Bump PyMISP recommended version @@ -28121,11 +28945,12 @@ Other chg: Bump PyMISP + v2.4.87 (2018-01-28) -------------------- New ---- +~~~ - Mispzmq.py updated with new topic (tags) [iglocska] - Added boolean attribute type. [iglocska] - New upgrade system. [iglocska] @@ -28153,7 +28978,7 @@ New freetext import/module triage screen. [iglocska] Changes -------- +~~~~~~~ - Version bump. [iglocska] - Rework of the event history view, no more crazy slow parsing of all strings in the log table. [iglocska] @@ -28177,7 +29002,7 @@ Changes - Clarified feed action buttons. [iglocska] Fix ---- +~~~ - Removed the crazy complex lookup for attribute tag counts from the tag index. [iglocska] @@ -28194,7 +29019,7 @@ Fix - Load orgc data after attributes are loaded in search csv export. [iglocska] - - functionality still needs further fixes, :construction: + - functionality still needs further fixes, WIP - Graceful handling of removed users in discussion boards. [iglocska] - Suricata export URL encodes an IPv6 between [], fixes #2872. [iglocska] @@ -28262,7 +29087,7 @@ Fix - Missing action added to ACL system. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Add: MISP galaxy updated. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] @@ -28335,6 +29160,9 @@ Other - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Steve Clement] - - Feeds/compare_feeds.ctp. [Steve Clement] - - Fixed various typos/omissions etc. [Steve Clement] +- - Fixed various typos/omissions etc. [Steve Clement] +- - Fixed various typos/omissions etc. [Steve Clement] +- - Fixed various typos/omissions etc. [Steve Clement] - - Closing parenthesis mistake. [Steve Clement] - View/SharingGroups -> __(' [Steve Clement] - View/Sightings -> __(' [Steve Clement] @@ -28431,11 +29259,12 @@ Other - - Attributes folder scavenged for Translatables… [Steve Clement] - - __('')-ized labels, buttons, styles. [Steve Clement] + v2.4.86 (2018-01-16) -------------------- New ---- +~~~ - Mass enable/disable feeds. [iglocska] - protecting the sanity of MISP admins since 2012! @@ -28464,7 +29293,7 @@ New - Allow the collapsing of related events on the event view. [iglocska] Changes -------- +~~~~~~~ - Version bumped. [iglocska] - Warninglists updated. [iglocska] - Performance tuning. [iglocska] @@ -28485,7 +29314,7 @@ Changes event IDs. [iglocska] Fix ---- +~~~ - Remove the option for disabling sightings - it's an integral feature of the MISP core. Fixes #2820. [iglocska] - Fixed image element. [iglocska] @@ -28617,7 +29446,7 @@ Fix - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] Other ------ +~~~~~ - Merge pull request #2422 from panzertime/add-button-fetch-all-feeds. [Andras Iklody] @@ -28627,6 +29456,8 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - 1st version of TTPs parsing function. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'feature/sg_api' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -28649,7 +29480,7 @@ Other - Merge pull request #2789 from MISP/pymisp_test2. [Raphaël Vinot] chg: Bump PyMISP -- :construction: Some updates on pattern import. [chrisr3d] +- Wip: Some updates on pattern import. [chrisr3d] Will work on pattern parser soon - Merge pull request #2785 from atluxity/patch-1. [Alexandre Dulaunoy] @@ -28688,11 +29519,12 @@ Other -- Fixed config typos -- Added all missing dependencies + v2.4.85 (2017-12-22) -------------------- New ---- +~~~ - Limit the max amount of time spent fetching the latest commit ID to 3 seconds max. [iglocska] @@ -28713,7 +29545,7 @@ New - Add tag restrictions for a single user. [iglocska] Changes -------- +~~~~~~~ - PyMISP bump. [iglocska] - Version bumps for everyone! [iglocska] - Support the changes about registry-key for import as well. [chrisr3d] @@ -28748,7 +29580,7 @@ Changes Also changed a bit Custom Objects Fix ---- +~~~ - Fixed z-index of correlation popovers. [iglocska] - Fixed stupidly slow cluster selection list. [iglocska] @@ -28859,10 +29691,10 @@ Fix - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- :construction: parsing external Stix2 documents. [chrisr3d] +- Wip: parsing external Stix2 documents. [chrisr3d] - atm: read patterns and create a stix2-pattern Object with the pattern as attribute @@ -28964,7 +29796,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- :construction: Includes category import. [chrisr3d] +- Wip: Includes category import. [chrisr3d] Still need to include the missing types of object not supported yet. @@ -28994,7 +29826,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- :construction: fixed bugs that appeared with Objects support. [chrisr3d] +- Wip: fixed bugs that appeared with Objects support. [chrisr3d] - Add: new feed VXvault - URL List added. [Alexandre Dulaunoy] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -29005,7 +29837,7 @@ Other - Initial FreeBSD install document - - Initial FreeBSD install document. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: Parsing patterns for Objects. [chrisr3d] +- Wip: Parsing patterns for Objects. [chrisr3d] Also little fixes & updates - Added label with the type for Identity object. [chrisr3d] @@ -29016,7 +29848,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] -- :construction: Import module from STIX2. [chrisr3d] +- Wip: Import module from STIX2. [chrisr3d] Functional but improvements still needed. Not all the fields of Stix2 events supported @@ -29031,11 +29863,12 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Added custom object for MISP Objects. [chrisr3d] + v2.4.84 (2017-12-06) -------------------- Fix ---- +~~~ - Fixed a critical issue introduced in 2.4.83 blocking the synchronisation of edits in certain situations. [iglocska] @@ -29044,15 +29877,16 @@ Fix - as reported by SIEMENS Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Added label to recognize malware-sample attributes. [chrisr3d] + v2.4.83 (2017-12-06) -------------------- New ---- +~~~ - Various improvements to the CSV export. [iglocska] - The @FloatingCode and @ilmoka care package @@ -29092,18 +29926,19 @@ New object to the ZMQ channel. [iglocska] Changes -------- +~~~~~~~ - Version strings updated. [iglocska] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - Wip. [chrisr3d] +- Wip. [chrisr3d] - Make misp to stix export work with MISP json formatted. [chrisr3d] - Push MISP json formatted events to the stix exporter (pending rework) instead of the direct output of fetchEvents() [iglocska] - Push the full user object to the ZMQ feed. [iglocska] Fix ---- +~~~ - Updated pyMISP recommended version. [iglocska] - PyMISP updated. [iglocska] - Removed the requirement for a comment from the import modules. @@ -29248,10 +30083,11 @@ Fix - As reported by Dawid Czarnecki Other ------ +~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #2706 from Rafiot/cortex_doc. [Raphaël Vinot] @@ -29264,6 +30100,7 @@ Other - Merge branch '2.4' of github.com:MISP/MISP into feature/tag_filter_rework. [iglocska] - Merge branch '2.4' into feature/tag_filter_rework. [iglocska] +- Merge branch '2.4' into feature/tag_filter_rework. [iglocska] - Little change about SDOs generated from Galaxy. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -29327,7 +30164,7 @@ Other - Parsing attachment attributes. [chrisr3d] Also fixed some specific issues with single quotes -- :construction: Import of some of the most common attributes. [chrisr3d] +- Wip: Import of some of the most common attributes. [chrisr3d] Work still in progress in order to: - Support as many attribute types as possible @@ -29466,11 +30303,12 @@ Other - 2017 even if it's not 2049 ;-) [Alexandre Dulaunoy] - Quick fixes. [chrisr3d] + v2.4.82 (2017-11-10) -------------------- New ---- +~~~ - Various features. [iglocska] - Added quickhashing to the feed generator @@ -29486,7 +30324,7 @@ New - The overall feed correlation counter also allows users to pivot to a view that loads all correlations, though it should be used with some caution as it can be somewhat heavy Changes -------- +~~~~~~~ - PyMISP version bump. [iglocska] - Pass event_id to import modules, fixes #2612. [Andras Iklody] @@ -29500,7 +30338,7 @@ Changes - as reported by Or Hanuka (PALANTIR) Fix ---- +~~~ - 3rd time is the charm (PyMISP updated) [iglocska] - PyMISP version. [iglocska] - Warning list updated to the latest version. [Alexandre Dulaunoy] @@ -29580,7 +30418,7 @@ Fix - Fixed a bug with the restSearch API. [iglocska] Other ------ +~~~~~ - Supporting Observed Data SDOs from event Objects. [chrisr3d] Objects currently supported: @@ -29638,6 +30476,7 @@ Other - Enables the user to select the attributes to be included in the CSV export (event and object attributes). [Cédric Bonhomme] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Added custom objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -29729,11 +30568,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] + v2.4.81 (2017-10-10) -------------------- New ---- +~~~ - Added first experimental STIX 2 export implementation. [iglocska] - kudos to @chrisr3d for digging into the deepest bowels of the scary beast that is STIX2 @@ -29761,25 +30601,44 @@ New - this commit was brought to you by CEF and + MMMH$= - ., ,,. %H++ ,= %%$$$$X+ ;=== .= :+HHHMMMHMMM####MMH@@@@@@HHH$= HHH@HHHHH+XXX$$$$$$$$XXXXXXX+ MMH = -. . ,-,,-,. :H@H =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$ ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX + . ---, - ,,, +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+ +++HHHHHHH+++++++++HHHHHHHHHHHHHH - -- ,,, --,. - , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ; ;= . % + ,+$X+++XXXXXXXXXXXXX++HH+++++++ ---==,,--,-,-., : . -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+ = - --,, , -- .. =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$ = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X + ====== --,,,, ,= = ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+ ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X :==-===-,. ,., == . :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX , = ==- - . == . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+ , ,,,,- , ,$$$$$$$+++++$$$$XXXXX$$ + ,,- , --= .. . ;/ ++++%$X+HHHHHHH ++$++X+HH+X+H@HMMHHHHHHHH+. ,, ,, , . +$$$$+%+$$$$$$$$$$ + ,-----=-=--, ,== ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX . .,,,. ,,,, ,-=$$$$$$$$$$$$$$$$$ + - ,- -- -, ,-= . =/++%++%+++++XXXXX$$+. +HHH@+$XHHHHHHHHH++$ -,,, ,, ,,,. ,+$$$$$$$$$$$$ + ---,-----, . == =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+% ,-,-, ,, . . ,+$$+++++++ == --, -- =--, ,,= . ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/ .,,,,,, .. .. ,. ,,,-=+%+++ /++ + -- - -,,- ., . . . = +$$++++HH+. ,+$$+++++++$XX$X$XHHH+X$$+ ..--,- .. . . ,-, = ====== MH - ---- --,,, . .. , %++$$X++++ +%++++++++%++$$$$$+H++X$$+ --, . . . = .==== + MM=,-, ---,,,,, . . ...,,, =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+: ,-- . ,. .. .. ==::;=-:;;; MM+ ,----,,,, , .. ,. +++X+HH+++++%++$++++$$+HHH+++$$ ,- , . . : ;/ +%+. MMH ,-,-,, ,,. . -, = = +$+H@HH++++$$X$$+++HHH+++$ , .. , +++++++%%+%+ + MM@,--,-,,,,,. . ,, . ,-, .=+$XHHHXXHHHHHHHH@@@@HX$%+: ,, . ..,, ..... ...%%%%++%%%%%%%% M@@== ,,, , ++++XX++HHHHHH++HHH+, , , . .... . +$+%%%%%%+%%%%% + H@H+=,,, .. ,,+%$+H@HHHXX++, , ,, . ... . ,$$$$$%%%%%+%+%%%% @H+,-,,..... . .,.;; ++$$X+%+:- , . .,,, . ... . XXX$$$%%%%%%+%%%%% + +++ -, . ... . .======== === , ,, . . .. . -,XXX$X$+$+%%%%%%%%% $+ . ===:; ++++ ++++-,. , ,-, . $X+XX+XXX$$+%++%%%%% ++: ,. . ,-,,-==:; %%%%%+%$$%$$X$$$+%+:== . . ,, ..+X$XXXXXX$$$+%%$$%%%% + =: ,,, == ++++++$+$$%+++$$$++$+ . == . .,,, +$$$$$$$$$$$$$$+$%%%+ , ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== . ., .. +%%+$++$%$$$$$$%%++%+ ===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+, === .. ,=; +++++++++.. :;; . =:; /++%$$++, ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ . .. :=;;:;;;;;========== .,,-==;;;+% %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X . -=====::::=========:: + . =; ++++++$+++ , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$ ,, - --- ==:=: + ====; ++++$$+% ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++. ,,,,-,--- =:==;; + .,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%; ...,,,,,--==;;;/; + . ...= .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++. ++++H+HHHHHHHMMMMMMMMMMMM@++: ,,, ===;;;;; + ==: . ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . , = ++$H@@HMHMMH%= . ..,,= + +++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :, ...,, + %+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -, = ,=== ,, ,,, . H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++ , . %%%%%%%%%%%%%%++++%%++ .. ... .. . +++%+++++++%++++%+++++++++%+%++%+%%++%++++++% - Change server settings via the API. [iglocska] @@ -29797,7 +30656,7 @@ New - Added object relations to the CSV export. [iglocska] Changes -------- +~~~~~~~ - Submodules updated. [iglocska] - Replaced the correlation graph icon to something more appropriate. [iglocska] @@ -29807,7 +30666,7 @@ Changes - Added .onion to the TLD list for the complext type tool. [iglocska] Fix ---- +~~~ - Skipping composite objects. [chrisr3d] - STIX 2.0 report doesn't require labels but the python-stix2 requires one. [Alexandre Dulaunoy] @@ -29875,6 +30734,7 @@ Fix ──████────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──███─────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██──────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ + ──██──────────█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██─────────▐█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██────────▐█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█ ──██───────▐█▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓█▌ @@ -29904,7 +30764,7 @@ Fix - Port added to network activity. [iglocska] Other ------ +~~~~~ - Replaced placeholder label with threat-report. [Andras Iklody] - Merge branch '2.4.81' into 2.4. [iglocska] - Merge branch '2.4.81' of github.com:MISP/MISP into 2.4.81. [chrisr3d] @@ -29917,7 +30777,7 @@ Other for 'created' and 'modified' properties of all the STIX Objects - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] -- Add: First :construction: STIX 2.0 export from MISP JSON standard format. +- Add: First WiP STIX 2.0 export from MISP JSON standard format. [chrisr3d] This is an early stage export from MISP JSON into the STIX 2.0 @@ -30001,11 +30861,12 @@ Other - Up: Bump PyMISP. [Raphaël Vinot] - Up: test file. [Raphaël Vinot] + v2.4.80 (2017-09-19) -------------------- New ---- +~~~ - Various object template improvements. [iglocska] - allow multiple versions of a template to be stored at the same time @@ -30042,7 +30903,7 @@ New - added multiple flag among other things - Added first iteration of new add attachment functionality. [iglocska] - - still :construction: + - still WIP - Added back referencing from a referenced object. [iglocska] - also fixed some view file issues @@ -30068,11 +30929,11 @@ New - added objects fields to object rows - nested rows within the object - massive cleanup -- :construction: - change to model aliasing to solve the reserved class name. +- WIP - change to model aliasing to solve the reserved class name. [iglocska] - Internal name is now MispObject for the model, but it is used Aliased, removing the need to do any data massaging - - Added :construction: edit function + - Added WIP edit function - Added objects submodule. [iglocska] - Further progress with the objects. [iglocska] @@ -30085,7 +30946,7 @@ New - Further progress on the objects. [iglocska] Changes -------- +~~~~~~~ - Version bumps all around. [iglocska] - Updated taxonomies. [iglocska] - PyMISP updated. [iglocska] @@ -30112,7 +30973,7 @@ Changes - Added new fields to mysql. [iglocska] Fix ---- +~~~ - Reverted CakePHP version. [iglocska] - Fixed the XML view. [iglocska] @@ -30207,7 +31068,7 @@ Fix - Add object functions to ACL. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2493 from RichieB2B/patch-2. [Andras Iklody] @@ -30305,13 +31166,17 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into objects_wip. [iglocska] +- Merge branch '2.4' into objects_wip. [iglocska] +- Merge branch '2.4' into objects_wip. [iglocska] +- Merge branch '2.4' into objects_wip. [iglocska] - Merge branch '2.4' into feature/objects. [iglocska] + v2.4.79 (2017-08-28) -------------------- New ---- +~~~ - Feeds added to the scheduled jobs. [iglocska] - Opened up the taxonomies actions to the API: [iglocska] @@ -30332,7 +31197,7 @@ New - cake /var/www/MISP/app/Console Baseurl [new baseurl] Changes -------- +~~~~~~~ - Update for the version release. [iglocska] - querystring bump @@ -30352,7 +31217,7 @@ Changes - Added exit 0 to start.sh to make vagrant happy. [iglocska] Fix ---- +~~~ - Removed url -> tls_cert_subject rule conversion for the suricata export, fixes #2396. [Andras Iklody] - Fixed a bug where /events/uuid would return the incorrect event. @@ -30410,7 +31275,7 @@ Fix - Additionally enforce content-type on all async APIs called by the UI using CakeResponse Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -30434,6 +31299,7 @@ Other Vagrant dev environment - Updated default values for OpenSSL and GPG. [Cédric Bonhomme] +- Updated default values for OpenSSL and GPG. [Cédric Bonhomme] - Merge pull request #2410 from cedricbonhomme/vagrant-dev-environment. [Andras Iklody] @@ -30442,6 +31308,8 @@ Other - Updateg .gitignore: ignore Vagrant log files and VM related files. [Cédric Bonhomme] - Updated README. [Cédric Bonhomme] +- Updated README. [Cédric Bonhomme] +- Updated README. [Cédric Bonhomme] - Added Vagrant configuration files for a development environment. [Cédric Bonhomme] - Added Vagrant configuration files for a development environment. @@ -30478,6 +31346,8 @@ Other Expose galaxies lit to api - Update GalaxiesController.php. [truckydev] +- Update GalaxiesController.php. [truckydev] +- Update GalaxiesController.php. [truckydev] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2385 from cedricbonhomme/fix-command-line-tool-to- @@ -30488,11 +31358,12 @@ Other 'true' to true for example.' when enabling/disabling MISP with the command line tool. [Cédric Bonhomme] + v2.4.78 (2017-08-06) -------------------- New ---- +~~~ - Exposed Roles to the API. [iglocska] - valid commands via the API @@ -30504,13 +31375,13 @@ New - /roles/index [GET] Changes -------- +~~~~~~~ - Version bump. [iglocska] - Updated misp galaxies. [iglocska] - Updated warninglists. [iglocska] Fix ---- +~~~ - Fixed capitalisation of "throw" in templateElementsController. [iglocska] - Fixes the lookup of attributes in the UI attribute search to correctly @@ -30546,7 +31417,7 @@ Fix due to missing group by. [iglocska] Other ------ +~~~~~ - Fixed org logos in attribute index. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -30568,15 +31439,16 @@ Other - MISP website links and references updated. [Alexandre Dulaunoy] - A link to the CONTRIBUTING page added. [Alexandre Dulaunoy] + v2.4.77 (2017-07-12) -------------------- New ---- +~~~ - Added php ini path. [iglocska] Changes -------- +~~~~~~~ - PyMISP version bump. [iglocska] - Redacted certain server settings that could be considered sensitive. [iglocska] @@ -30588,7 +31460,7 @@ Changes - Version bump. [iglocska] Fix ---- +~~~ - Remove delegation request once event delegation is accepted. [iglocska] @@ -30668,7 +31540,7 @@ Fix JSON output, fixes #2280. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2327 from kallix/attachments_dir-settings. [Andras @@ -30768,10 +31640,12 @@ Other New apache directive with apache 2.4 - Fixes #2278. [dc] +- Fixes #2278. [dc] - Merge pull request #2276 from FafnerKeyZee/2.4. [Andras Iklody] Install Debian 9 (Stretch) - Update INSTALL.debian9.txt. [Fafner [_KeyZee_]] +- Update INSTALL.debian9.txt. [Fafner [_KeyZee_]] - Create INSTALL.debian9.txt. [Fafner [_KeyZee_]] - Merge remote-tracking branch 'upstream/2.4' into 2.4. [Fafner [_KeyZee_]] @@ -30779,11 +31653,12 @@ Other update + v2.4.76 (2017-06-20) -------------------- New ---- +~~~ - Feed http://cinsscore.com/list/ci-badguys.txt added. [Alexandre Dulaunoy] - Contributing guidelines added following the initial wiki document. @@ -30802,7 +31677,7 @@ New API. [iglocska] Changes -------- +~~~~~~~ - VERSION bump. [iglocska] - Some small changes to the discussion ZMQ integration. [iglocska] @@ -30810,7 +31685,7 @@ Changes - added some context fields to the messages being pushed (orgname, user email, etc) Fix ---- +~~~ - Warning-lists updated to the latest version. [Alexandre Dulaunoy] - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - Prevent form from being submitted when changing a template element, @@ -30872,7 +31747,7 @@ Fix - Fixed a notice error in the taxonomy view. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2182 from ppanero/2.4. [Andras Iklody] @@ -30917,11 +31792,12 @@ Other - Merge branch '2.4' into dmaciejak-patch-2. [David Maciejak] - Remove duplicated h() calls. [David Maciejak] + v2.4.75 (2017-06-13) -------------------- New ---- +~~~ - First round of massive performance tuning (tm)(c) [iglocska] - Make MISP fast again @@ -30942,7 +31818,7 @@ New - Added email-body attribute type, fixes #1062. [iglocska] Changes -------- +~~~~~~~ - Version bump. [iglocska] - Performance tuning: Custom pagination tool. [iglocska] @@ -30950,7 +31826,7 @@ Changes - Added event info in feed correlations via a popover. [iglocska] Fix ---- +~~~ - Fixed an error causing combined feed cache issues. [iglocska] - Relaxed UUID4 requirement for UUID validation. [iglocska] @@ -31006,7 +31882,7 @@ Fix - Email-attachment and email-body now accept line breaks. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2207 from RichieB2B/ncsc-nl/mixbox. [Alexandre @@ -31040,11 +31916,12 @@ Other - Two new feeds from @bambenek added in the default JSON feed. [Alexandre Dulaunoy] + v2.4.74 (2017-05-30) -------------------- New ---- +~~~ - Added default feed list. [iglocska] - Publish event to ZMQ on demand and beaconing of ZMQ tool. [iglocska] - Auto load the default feeds from file. [iglocska] @@ -31060,14 +31937,14 @@ New - Add instance uuid. [iglocska] Changes -------- +~~~~~~~ - VERSION bump. [iglocska] - Querystring version bump. [iglocska] - Also store the lookup_visible field from the field import. [iglocska] - Allow for \t to be used as a CSV feed delimiter. [iglocska] Fix ---- +~~~ - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - Logrotate, database.php settings explanation. [Steffen Sauler] - Clarified ZMQ start button (it doesn't restart anything anyway) @@ -31115,6 +31992,7 @@ Fix - simpler response always responds with txt type, won't complain about view not being set for incorrect accept headers - Hids api threw error on empty result. [iglocska] - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] +- MISP galaxy updated to the latest version. [Alexandre Dulaunoy] - Update to the MISP galaxy latest version. [Alexandre Dulaunoy] - Misp-galaxy updated to the latest version. [Alexandre Dulaunoy] - Deal with all the weird and "wonderful" stix versions Tries to fix @@ -31130,7 +32008,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #2232 from SHSauler/patch-1. [Andras Iklody] @@ -31199,11 +32077,12 @@ Other - Add possibility to define tags for import module. Add possibility to desable validation for String field when empty. [Tristan METAYER] + v2.4.73 (2017-05-10) -------------------- New ---- +~~~ - Update all the json structures in MISP via the API, fixes #2168. [iglocska] @@ -31225,7 +32104,7 @@ New - expected format is {"value": "my_string_to_parse"} with "distribution" being an optional value (otherwise instnace defaults are assumed) Changes -------- +~~~~~~~ - Version bump on the queryVersion. [iglocska] - In preparation of the various taxonomy types, only update event type taxonomies or ones without a type. [iglocska] @@ -31239,7 +32118,7 @@ Changes - Added distribution as a possible module output field. [iglocska] Fix ---- +~~~ - Removed two duplicate fields from MYSQL.sql. [iglocska] - Added missing fields causing pulled events to not contain attributes, fixes #2171. [iglocska] @@ -31300,7 +32179,7 @@ Fix #2138. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -31323,7 +32202,7 @@ Other [iglocska] - Merge pull request #2163 from ppanero/bro_export. [Andras Iklody] - [:construction:] - BroExport types updeted + [WIP] - BroExport types updeted - BroExport types updeted. [Pablo Panero] - Merge pull request #2161 from Keisial/2158. [Andras Iklody] @@ -31360,6 +32239,10 @@ Other Issues 1643 - Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] +- Merge branch '2.4' into issues_1643. [devnull-] - Quick & Dirty 'without_email' & 'Unpublish_event' options for Sync Server. [devnull-] - Update the database schema unpublish_event (servers) & @@ -31380,11 +32263,12 @@ Other Strangely, this does not affect centos7 and mariadb 5.5 even if corresponding documentation states the same. https://travis-ci.org/juju4/ansible-MISP/jobs/222624827#L4862 + v2.4.72 (2017-04-14) -------------------- New ---- +~~~ - Disable taxonomy tags. [iglocska] - Added attributes / event average to statistics. [iglocska] - Minimal flag added to the event index. [iglocska] @@ -31401,14 +32285,14 @@ New - sgReferenceOnly: Will only load the sharing_group_id not the actual sharing group data Changes -------- +~~~~~~~ - Version bump. [iglocska] - Querystring bump. [iglocska] - Make the extension .js for people's syntax highlighters. [Hannah Ward] - Add npm instructions in install. [Hannah Ward] Fix ---- +~~~ - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] - Enforce the hide tag directive. [iglocska] - Toggling an attribute's correlation won't reload the page anymore. @@ -31455,17 +32339,18 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch 'jsfix' into 2.4. [iglocska] - Ignore node packages in gitignore. [Hannah Ward] + v2.4.71 (2017-04-11) -------------------- New ---- +~~~ - Set distribution level in freetext results / module import results, fixes #2023. [iglocska] - Password complexity defaults tightened, also passowrd requirements @@ -31478,7 +32363,7 @@ New - refactor of the CIDR tool Changes -------- +~~~~~~~ - Org blacklisting enabled by default. [iglocska] - Bumped versions. [iglocska] @@ -31497,7 +32382,7 @@ Changes - If your name is Raphael, move along nothing to see here *cough* Fix ---- +~~~ - Invalid lookup in the upgrade script causing the two default entries for the org blacklist to not populate. [iglocska] - PyMISP version bump. [iglocska] @@ -31587,7 +32472,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -31624,11 +32509,12 @@ Other Pull Update - Merge branch '2.4' into 2.4. [devnull-] + v2.4.70 (2017-03-26) -------------------- New ---- +~~~ - Added 2 new types. [iglocska] - hex and sigma @@ -31649,7 +32535,7 @@ New - Sane defaults used automatically, making {"value":"1.2.3.4", "type":"ip-dst"} a valid attribute Changes -------- +~~~~~~~ - Changed js query string. [iglocska] - Version bump. [iglocska] - Edit and delete attributes now accept uuids as parameters instead of @@ -31660,7 +32546,7 @@ Changes - Further work on the accessibility changes. [iglocska] Fix ---- +~~~ - Spring cleaning. [iglocska] - removal of debug from the syncdebug @@ -31687,7 +32573,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch 'syncdebug' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] @@ -31744,11 +32630,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] + v2.4.69 (2017-03-10) -------------------- Changes -------- +~~~~~~~ - Some changes to the users. [iglocska] - added date created/modified in the backend @@ -31757,7 +32644,7 @@ Changes - PyMISP update. [iglocska] Fix ---- +~~~ - Version bump. [iglocska] - Fixed a typo in an upgrade script. [Iglocska] - Readded the failing entry caused by a typo in the upgrade system. @@ -31793,7 +32680,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -31815,11 +32702,12 @@ Other - Initialize host to empty value when the URL is formed incorrectly. [Mathieu Deloitte] + v2.4.68 (2017-03-08) -------------------- New ---- +~~~ - Added float as a new attribute type. [iglocska] - Added a way to upload org logos directly from the org add/edit view. [iglocska] @@ -31830,7 +32718,7 @@ New - But please consider just adding some more space instead.. Changes -------- +~~~~~~~ - Added some language clarifying the filter rule relations, fixes #2011. [iglocska] - Cakephp updated. [iglocska] @@ -31842,7 +32730,7 @@ Changes - Add the version number to the headers for sync requests. [iglocska] Fix ---- +~~~ - Fixed sql fail. [iglocska] - AttachTagToObject and removeTagFromObject now accept posted JSON objects. [iglocska] @@ -31880,7 +32768,7 @@ Fix potentially fixes #1993 Other ------ +~~~~~ - Merge branch 'hotfix-2.4.68' into 2.4. [iglocska] - Version bump. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -31901,11 +32789,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.67 (2017-02-24) -------------------- New ---- +~~~ - Add reverse proxy support for test of baseurl. [Adrien RAFFIN] - Added activity charts to tag and galaxy cluster indeces. [iglocska] @@ -31922,7 +32811,7 @@ New - Sightings column added to sightings table. [iglocska] Changes -------- +~~~~~~~ - Removed superfluous style. [iglocska] - On event create page add a notice #1973. [iglocska] - Added warnings about the user's encryption status in the quick mailer. @@ -31938,7 +32827,7 @@ Changes - Sightings role added to ACL. [iglocska] Fix ---- +~~~ - MISP galaxy updated to the latest version. [Alexandre Dulaunoy] - More invalid MySQL fields fixed. [iglocska] - Fixed a mysql issue. [iglocska] @@ -31965,7 +32854,7 @@ Fix sightings. [iglocska] Other ------ +~~~~~ - Version bump. [iglocska] - Merge branch '2.4.67' into 2.4. [iglocska] - Merge branch '2.4' into 2.4.67. [iglocska] @@ -32015,11 +32904,12 @@ Other Code for issue : https://github.com/MISP/MISP/issues/1965 - Code for issue : https://github.com/MISP/MISP/issues/1965. [truckydev] + v2.4.66 (2017-02-19) -------------------- New ---- +~~~ - Added links to all events that match sightings sources in the sightings top list. [iglocska] - Added sighting top list to the statistics. [iglocska] @@ -32031,12 +32921,12 @@ New - First iteration of the improved sightings. [iglocska] Changes -------- +~~~~~~~ - Work on the sightings. [iglocska] - Added default to shadow_attributes old_id. [iglocska] Fix ---- +~~~ - Fixed an issue that prevented < 2.4.63 from being upgraded to the latest version. [Iglocska] - Version bump 2.4.66. [Alexandre Dulaunoy] @@ -32088,7 +32978,7 @@ Fix [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -32169,6 +33059,8 @@ Other NidsSuricataExport refactoring for attribute *URL* - Merge branch '2.4' into 2.4. [Alexandre Dulaunoy] +- Merge branch '2.4' into 2.4. [Alexandre Dulaunoy] +- Merge branch '2.4' into 2.4. [Alexandre Dulaunoy] - NidsSuricataExport refactoring for attribute *URL* [Mathieu Deloitte] - Merge pull request #1928 from cvandeplas/2.4. [Andras Iklody] @@ -32191,17 +33083,18 @@ Other [iglocska] - Update PyMISP. [Raphaël Vinot] + v2.4.65 (2017-02-09) -------------------- Changes -------- +~~~~~~~ - Allow the creation of read only auth users/auditors. [iglocska] - also add creator email to json output for auditors Fix ---- +~~~ - Fixed the new indexer generating a notice on a successful indexing. [iglocska] - Import whitelist - add a description to make it clearer, fixes #1902. @@ -32227,21 +33120,23 @@ Fix - also, rerun the recent indexing rules Other ------ +~~~~~ - Version bump. [iglocska] - Merge branch 'auditor' into 2.4. [iglocska] - Merge branch '2.4' into 2.4. [truckydev] +- Merge branch '2.4' into 2.4. [truckydev] - Check if auditor have good "org_id" [truckydev] - Merge branch '2.4' into 2.4. [truckydev] - Get email creator user for auditor users. [Tristan METAYER] - Add auditor user auditor user can see event_creator_id. [Tristan METAYER] + v2.4.64 (2017-02-06) -------------------- New ---- +~~~ - Lookup organisations by uuid using organisations/view. [iglocska] - Advanced correlations. [iglocska] @@ -32269,13 +33164,13 @@ New - /users/statistics/attributehistogram.json Changes -------- +~~~~~~~ - Version bump. [iglocska] - Added default log org entry. [iglocska] - Added ids to the server index. [iglocska] Fix ---- +~~~ - Fixed a bug retrieving an org with no users. [iglocska] - MISP galaxy updated. [Alexandre Dulaunoy] - MISP taxonomy to the latest version. [Alexandre Dulaunoy] @@ -32292,7 +33187,7 @@ Fix the warning list is for ALL, fixes #1837. [iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge pull request #1896 from RichieB2B/ncsc-nl/logrotate. [Andras @@ -32316,11 +33211,12 @@ Other events. [Christophe Vandeplas] - Merge branch 'feature/passwordSending' into 2.4. [iglocska] + v2.4.63 (2017-02-01) -------------------- New ---- +~~~ - Small rework of the thread functionalities. [iglocska] - API get /threads/view/ and /threads/viewEvent/ @@ -32334,7 +33230,7 @@ New - Affects events and attributes Changes -------- +~~~~~~~ - Changes to the email notification. [iglocska] - added attribute tags @@ -32342,7 +33238,7 @@ Changes - Misp-galaxy update. [iglocska] Fix ---- +~~~ - Fixing a notice introduced in the last commit. [iglocska] - Warning list updated to the latest version. [Alexandre Dulaunoy] - Composite attributes displayed in 2 lines. [iglocska] @@ -32379,7 +33275,7 @@ Fix - tags that were not exportable returned weird empty lists via the API Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. @@ -32388,11 +33284,12 @@ Other Dulaunoy] - Merge branch 'feature/db_fix' into 2.4. [iglocska] + v2.4.62 (2017-01-26) -------------------- New ---- +~~~ - Added the option to delete files after ingestion of local feed. [iglocska] - Local feeds. [iglocska] @@ -32411,7 +33308,7 @@ New - "only": ONLY include deleted attributes Changes -------- +~~~~~~~ - Version bump. [iglocska] - Added validation errors for a local feed pointing to the wrong resource. [iglocska] @@ -32420,7 +33317,7 @@ Changes - should be a directory for misp feeds Fix ---- +~~~ - PyMISP version bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Fixed an invalid lookup for the site admin debug. [iglocska] @@ -32436,7 +33333,7 @@ Fix - Views left off. [iglocska] Other ------ +~~~~~ - Merge branch 'feature/localfeeds' into 2.4. [iglocska] - Merge branch '2.4' into feature/localfeeds. [iglocska] - Add: Code of conduct added to the MISP Project - fix #1858. [Alexandre @@ -32449,18 +33346,19 @@ Other Truncate bro cached export files - Truncate bro cached export files. [Richard van den Berg] + v2.4.61 (2017-01-22) -------------------- New ---- +~~~ - New warninglist type: hostname. [Iglocska] - use lists designated as hostname lists (which can be domains too) - Allow the new type "substring" to be used for warninglists. [Iglocska] Changes -------- +~~~~~~~ - Version bump. [Iglocska] - Updated warninglists. [Iglocska] - Nicer screenshot view. [Iglocska] @@ -32469,7 +33367,7 @@ Changes - Warninglists updated. [Iglocska] Fix ---- +~~~ - Fixed the hacky solution for hostname evaluation in warninglists. [Iglocska] - Critical fix to an issue with event add fixed. [Andras Iklody] @@ -32511,7 +33409,7 @@ Fix instead of an empty array in the retrieved data. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge pull request #1857 from deralexxx/patch-6. [Alexandre Dulaunoy] @@ -32536,11 +33434,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.60 (2017-01-17) -------------------- New ---- +~~~ - Request encryption of samples via the event REST api. [iglocska] - Add the encrypt flag to attributes to be added via the events/add or events/edit api @@ -32548,7 +33447,7 @@ New - make sure that the attribute value is the desired filename, the hashes will be added automagically - Add a new api to check the supported PyMISP version. [iglocska] - Index API for sightings added. [iglocska] -- Sightings API improvements :construction:. [iglocska] +- Sightings API improvements WIP. [iglocska] - reworked responses - started work on the new index @@ -32574,7 +33473,7 @@ New - Add sql for attribute_tags (MySQL) [Andreas Ziegler] Changes -------- +~~~~~~~ - Use cakeresponse for JSON response in updateGraph instead of serialize. [Iglocska] - Update of the JS filename. [Iglocska] @@ -32593,7 +33492,7 @@ Changes - despite my earlier request to @rotanid, there is no need for this feature to be optional, it's one of the few cases where it should be universally enabled Fix ---- +~~~ - Fix a unicode issue with the correlation graphs. [Iglocska] - Fix an issue with the graphs when no relations are found. [Iglocska] - Clarification a selectable group is also an active group. [Alexandre @@ -32670,9 +33569,10 @@ Fix Ziegler] Other ------ +~~~~~ - Merge branch 'feature/attribute-tagging' into 2.4. [Iglocska] - Merge branch '2.4' into feature/attribute-tagging. [Iglocska] +- Merge branch '2.4' into feature/attribute-tagging. [Iglocska] - Merge branch '2.4' into feature/attribute-tagging. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -32706,11 +33606,12 @@ Other [Iglocska] - Merge branch '2.4' into feature/attribute-tagging. [iglocska] + v2.4.59 (2017-01-01) -------------------- New ---- +~~~ - Added a new field for an exclude regex for the CSV / Freetext feeds. [iglocska] @@ -32728,7 +33629,7 @@ New - also, new method for writing the MISP config file Changes -------- +~~~~~~~ - Version bump. [iglocska] - Changed the feed cache locations. [iglocska] - Added description for feed metadata download. [iglocska] @@ -32739,7 +33640,7 @@ Changes settings) [iglocska] Fix ---- +~~~ - Copy paste fail. [iglocska] - Left off changes to the complextypetool. [iglocska] @@ -32778,7 +33679,7 @@ Fix - was using the local owner id instead of the creator id Other ------ +~~~~~ - Merge branch '2.4.59' into 2.4. [iglocska] - Merge branch '2.4' into 2.4.59. [iglocska] - Merge branch 'feature/colour' into 2.4.59. [iglocska] @@ -32796,11 +33697,12 @@ Other Remove bang (!) so it doesn't get interpreted as an image. + v2.4.58 (2016-12-22) -------------------- New ---- +~~~ - Disable correlation. [iglocska] - globally @@ -32808,11 +33710,11 @@ New - on an attribute level Changes -------- +~~~~~~~ - Updated misp galaxies. [iglocska] Fix ---- +~~~ - Small fix on the attribute correlation popup's header. [iglocska] - F-A-I-L @@ -32848,7 +33750,7 @@ Fix disabling and enabling for attributs. [iglocska] Other ------ +~~~~~ - Merge branch 'feature/disable_correlation' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into feature/disable_correlation. [iglocska] @@ -32865,11 +33767,12 @@ Other - Added support for creating users into different roles depending on ldap group membership. [Emil Enemærke] + v2.4.57 (2016-12-19) -------------------- New ---- +~~~ - Added new option to the attribute level restsearch. [iglocska] - filter on attributes using timestamps newer than parameter @@ -32878,7 +33781,7 @@ New - still missing: Export modules - consider having the flag for misp JSON/XML and STIX perhaps? -- :construction:: Parameter to remove warning list hits from exports. [iglocska] +- WIP: Parameter to remove warning list hits from exports. [iglocska] - Added a way to disable certain tags from the UI, fixes #1733. [iglocska] @@ -32889,7 +33792,7 @@ New - First iteration of the new types. [iglocska] Changes -------- +~~~~~~~ - Added documentation on the warninglist enforcement to the automation page. [iglocska] @@ -32916,7 +33819,7 @@ Changes #1744. [iglocska] Fix ---- +~~~ - Failtypo fixed. [iglocska] - Taxonomies updated to the latest version. [Alexandre Dulaunoy] - Added exception for site admins to be able to add galaxies to events @@ -32957,7 +33860,7 @@ Fix - affects #1731 Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre @@ -33029,6 +33932,7 @@ Other up: Run tests in python3 - Merge branch '2.4' into travis. [Raphaël Vinot] +- Merge branch '2.4' into travis. [Raphaël Vinot] - Up: Run tests in python3. [Raphaël Vinot] - Merge pull request #1727 from kirzaks/2.4. [Andras Iklody] @@ -33036,15 +33940,16 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Armins] - Added fast_pattern. [Armins] + v2.4.56 (2016-12-07) -------------------- New ---- +~~~ - Tied the galaxies into the ACL. [Iglocska] - First RC of MISP galaxies 1.0. [Iglocska] - Added galaxy attach/detach functions. [Iglocska] -- First iteration of the galaxies (:construction:) [Iglocska] +- First iteration of the galaxies (WIP) [Iglocska] - Added upgrade scripts. [Iglocska] - Added galaxy tables. [Iglocska] - Added the publish_timestamp and timestamp parameters to both @@ -33057,7 +33962,7 @@ New - allows users to specify whether the events / attributes returned should come from published / unpublished events only. If the parameter is not set both are included Changes -------- +~~~~~~~ - Some minor UI changes. [Iglocska] - Update to gitignore. [Iglocska] - Version bump. [Iglocska] @@ -33073,7 +33978,7 @@ Changes - kill the url parameters with fire Fix ---- +~~~ - Removed a duplicate ACL entry. [Iglocska] - Clusters added don't have the exportable field set on the tag and because of that they don't show up on the API. [Iglocska] @@ -33128,7 +34033,7 @@ Fix - Removed invalid entry in writeable file diagnostics. [Iglocska] Other ------ +~~~~~ - Merge branch 'syntax' into 2.4. [Iglocska] - [*] Corrected the bug with endless loops in while() [Birdy42] - [*] Removed the double htmlentities check, minor text correction. @@ -33174,11 +34079,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.55 (2016-11-22) -------------------- New ---- +~~~ - Sightings enabled by default. [Iglocska] - Added timestamps of shadow attributes wherever appropriate. [Iglocska] - Added uuid as a restsearch parameter, fixes #1683. [Iglocska] @@ -33199,7 +34105,7 @@ New - affects #1618 Changes -------- +~~~~~~~ - Version bump. [Iglocska] - Changed the behaviour of the proposal index. [Iglocska] @@ -33211,7 +34117,7 @@ Changes - Added the type field to be able to restrict / attribute type Fix ---- +~~~ - Some additional changes to accomodate for the automatically enabled sightings. [Iglocska] - Tell MISP to run the db update. [Iglocska] @@ -33249,7 +34155,7 @@ Fix - Some cleanup Other ------ +~~~~~ - Merge branch '2.4.55' into 2.4. [Iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] @@ -33277,15 +34183,17 @@ Other - Block alert e-mails based on tag. [Richard van den Berg] - Merge branch '1642' into 2.4. [Iglocska] - Update UPDATE.txt. [Deventual] +- Update UPDATE.txt. [Deventual] - Merge branch '1653' into 2.4. [Iglocska] - Sorts the "Attributes per organization" array by the total number of attr, highest on top. [cristian bell] + v2.4.54 (2016-11-04) -------------------- New ---- +~~~ - Added new statistics page, fixes #1648, fixes #1557. [Iglocska] - brought back the quick organisation overview as it's a much missed feature @@ -33342,7 +34250,7 @@ New - RPZ Zone file export Changes -------- +~~~~~~~ - Further work on the user APIs. [Iglocska] - Remove obsolete getEnrichmentSettings() [Andreas Ziegler] @@ -33360,13 +34268,14 @@ Changes - does not alter any functionality otherwise Fix ---- +~~~ - PyMISP to the latest version. [Alexandre Dulaunoy] - Fixed an issue with an incorrect condition on the admin index. [Iglocska] - Increased space between taxonomy names in the treemap as some of them can be quite long. [Iglocska] - PyMISP updated to the latest version. [Alexandre Dulaunoy] +- PyMISP updated to the latest version. [Alexandre Dulaunoy] - MISP name fixed. [Alexandre Dulaunoy] - Fixed annoying capitalisation mess in the event index parameters. [Iglocska] @@ -33420,7 +34329,7 @@ Fix - Removed double sanitisation of the resolved attributes. [Iglocska] Other ------ +~~~~~ - Version bump. [Iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] @@ -33456,11 +34365,12 @@ Other - Removed Imported via the Freetext Import ... text. [Christophe Vandeplas] + v2.4.53 (2016-10-21) -------------------- New ---- +~~~ - Added a way to disable the default HTTP_ header namespace or to alter it to something else for the custom auth plugin. [Iglocska] - Added quick search in tag selection popup. [Iglocska] @@ -33479,7 +34389,7 @@ New - Added correlations to the freetext feed preview. [Iglocska] Changes -------- +~~~~~~~ - Added the capability to search for attributes by uuid. [Iglocska] - ID field in the attribute search now accepts attribute UUIDs @@ -33506,7 +34416,7 @@ Changes updated) [Alexandre Dulaunoy] Fix ---- +~~~ - Fixes an issue where adding a new user allowed an invalid role choice. [Iglocska] @@ -33565,7 +34475,7 @@ Fix freetext code path. [Iglocska] Other ------ +~~~~~ - Version bump. [Iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] @@ -33578,11 +34488,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.52 (2016-10-07) -------------------- New ---- +~~~ - First implementation of the freetext feed pull. [Iglocska] - View proposal count on event index and filter events on whether they have proposals. [Iglocska] @@ -33606,7 +34517,7 @@ New - Add basic experimental support for PostgreSQL. [Andreas Ziegler] Changes -------- +~~~~~~~ - Updated to the latest MISP taxonomies. [Alexandre Dulaunoy] - Cleanup of removed functionality. [Iglocska] - MISP taxonomies updated to the latest version. [Alexandre Dulaunoy] @@ -33695,7 +34606,7 @@ Changes - Set "User" as the default role for new installations. [iglocska] Fix ---- +~~~ - Fixes to the ssdeep detection as it was way too loose. [Iglocska] - Resolved several issues with error handling in the new feed system. [Iglocska] @@ -33884,7 +34795,7 @@ Fix - Moved the example API script using SSL client certificate. [iglocska] Other ------ +~~~~~ - Merge branch '2.4.52' into 2.4. [Iglocska] - Revert "fix: Removed already removed file that got reverted" [Iglocska] @@ -34115,11 +35026,12 @@ Other fix: update version number to 2.4.51 in MYSQL.sql + v2.4.51 (2016-08-29) -------------------- New ---- +~~~ - Add default role to the user creation, fixes #256. [iglocska] - New piece by piece stix export allowing large datasets to be exported. [iglocska] @@ -34137,7 +35049,7 @@ New - Allow site admins to view the reason of the failure (up to 24h after the fact) including a stack trace Changes -------- +~~~~~~~ - Enabled 2.4.51 db upgrade. [iglocska] - Version bump. [iglocska] - UI changes for the email field in the event history. [iglocska] @@ -34212,7 +35124,7 @@ Changes - Redundant members list and organisations page #1013. [Cristian Bell] Fix ---- +~~~ - Pushing upgraded to respect the internal sync setting. [iglocska] - Allows the push of org only attributes @@ -34234,7 +35146,7 @@ Fix - Refactoring of the STIX export. [iglocska] - Also adding it to the caching mechanism - - still :construction: + - still WIP - Differentiate queued and running jobs if no granular progress is returned. [iglocska] - Version bump. [iglocska] @@ -34324,11 +35236,14 @@ Fix organisation. [iglocska] Other ------ +~~~~~ - Merge branch '2.4.51' into 2.4. [iglocska] - Model/Server.php modified so the settings remain the same after config change on the web UI. [ppanero] - Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] - Merge branch 'sslclientsync' into 2.4.51. [iglocska] - Merge branch 'sslclientcert' into sslclientsync. [iglocska] - Example API script using client cert. [Richard van den Berg] @@ -34336,6 +35251,7 @@ Other - Add support for sync server SSL client certificates. [Richard van den Berg] - Merge branch '2.4' into 2.4.51. [iglocska] +- Merge branch '2.4' into 2.4.51. [iglocska] - First iteration of the internal sync rework. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] @@ -34476,16 +35392,17 @@ Other - Update to the latest version of PyMISP. [Alexandre Dulaunoy] - Version bump. [iglocska] + v2.4.50 (2016-08-10) -------------------- New ---- +~~~ - Added export module first iteration. [Iglocska] - First revision of the new import system. [Iglocska] Changes -------- +~~~~~~~ - Handle module results in one place. [Iglocska] - Remove duplicate line from install doc. [Andreas Ziegler] - Small cleanup of MYSQL.sql. [Andreas Ziegler] @@ -34510,7 +35427,7 @@ Changes - Added sync user's org to the sharing group view. [Iglocska] Fix ---- +~~~ - Some cleanup. [Iglocska] - Removed debug. [Iglocska] - Further work on the modules. [Iglocska] @@ -34580,9 +35497,10 @@ Fix fixes #1377. [Iglocska] Other ------ +~~~~~ - Merge branch 'feature/import-export-modules' into 2.4. [iglocska] - Merge branch '2.4' into feature/import-export-modules. [iglocska] +- Merge branch '2.4' into feature/import-export-modules. [iglocska] - Merge branch '2.4' into feature/import-export-modules. [Iglocska] - Merge branch '2.4.50' into 2.4. [iglocska] - Merge branch '1426' into 2.4. [iglocska] @@ -34651,11 +35569,12 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.49 (2016-07-22) -------------------- New ---- +~~~ - Updates to the module system. [Iglocska] - hover modules now require a 0.5 second hover to fire off the query @@ -34668,7 +35587,7 @@ New - Installation instructions for MISP on Ubuntu 16.04. [Andreas Ziegler] Changes -------- +~~~~~~~ - Taxonomies updated to the latest version. [Alexandre Dulaunoy] - Version bump. [Iglocska] - Added the sharing group roaming setting to various parts of the @@ -34749,7 +35668,7 @@ Changes - Improve file access using new Lib. [Andreas Ziegler] Fix ---- +~~~ - Sharing group edit summary tab issues. [Iglocska] - if no external organisations were added it still showed the sentence listing them with the list being empty @@ -34924,7 +35843,7 @@ Fix - Proposals now have the correct page title. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4.49' into 2.4. [Iglocska] - Merge branch '2.4' into 2.4.49. [Iglocska] @@ -34949,6 +35868,8 @@ Other [Andras Iklody] fix: Remove the default defined salt #625 +- Merge branch '2.4' into feature/modulerework. [Iglocska] +- Merge branch '2.4' into feature/modulerework. [Iglocska] - Merge branch '2.4' into feature/modulerework. [Iglocska] Conflicts: @@ -35231,17 +36152,18 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.48 (2016-06-08) -------------------- New ---- +~~~ - Enable/disable feed via API. [Iglocska] - simply POST to /feeds/enable/feed_id or /feeds/disable/feed_id to enable and disable a feed Changes -------- +~~~~~~~ - Version bump. [Iglocska] - Lowered the level of the custom css setting. [Iglocska] - Added the option to load a custom css after the default css. @@ -35272,7 +36194,7 @@ Changes - it was causing issues for a user using a rather exotic configuration Fix ---- +~~~ - Fix to a bug that allowed adding server connections without an org. [Iglocska] - Some small fixes. [Iglocska] @@ -35323,7 +36245,7 @@ Fix [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Add gitter webhook. [Raphaël Vinot] @@ -35506,6 +36428,7 @@ Other - set missing keys to null in foreach - Merge remote-tracking branch 'origin/2.4' into 2.4. [Iglocska] - Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] +- Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] - Update ISSUE_TEMPLATE.md. [Raphaël Vinot] - Merge pull request #1193 from rotanid/defaults. [Andras Iklody] @@ -35545,6 +36468,7 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] +- Update PULL_REQUEST_TEMPLATE.md. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Add PR template. [Raphaël Vinot] - Update ISSUE_TEMPLATE.md. [Raphaël Vinot] @@ -35635,11 +36559,12 @@ Other [Iglocska] - Add issue template. [Raphaël Vinot] + v2.4.47 (2016-05-24) -------------------- Fix ---- +~~~ - Wrong variable name in __ipv6InCidr() [Andreas Ziegler] - Reverted a change that broke PyMISP's copy_list.py To be revisited for a better solution. [Iglocska] @@ -35651,7 +36576,7 @@ Fix - Left off a change. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge pull request #1166 from RichieB2B/ncsc-nl/fix-mod_proxy_fcgi- @@ -35664,15 +36589,16 @@ Other fix: wrong variable name in __ipv6InCidr() + v2.4.46 (2016-05-23) -------------------- New ---- +~~~ - Added Statixtics for taxonomy and tag usage, fixes 1158. [Iglocska] Changes -------- +~~~~~~~ - Tiny fix to an if statement. [Iglocska] - Added sort by value or name option for tag statistics API. [Iglocska] @@ -35683,7 +36609,7 @@ Changes - name-sort set to true will sort the results by the namespace, alternatively by the count/percentage Fix ---- +~~~ - Fixed some wonky behaviour with the popover enrichment and the warning list popover. [Iglocska] - Fixed an issue with the attribute search timing out. [Iglocska] @@ -35698,7 +36624,7 @@ Fix - Also some minor fixes to the ACL Other ------ +~~~~~ - Merge pull request #1153 from sfossen/patch-13. [Andras Iklody] Handle error in getEventIdsFromServer better @@ -35721,18 +36647,19 @@ Other improve some text passages - Improve some text passages. [Andreas Ziegler] + v2.4.45 (2016-05-20) -------------------- New ---- +~~~ - Added the news functionality back. [Iglocska] - admins can add/edit/delete news items - users get redirected if there is a newsitem that they haven't seen yet Changes -------- +~~~~~~~ - Some additional cleanup after the merge of some obsolete stuff. [Iglocska] - Some cleanup of old unused stuff. [Iglocska] @@ -35746,7 +36673,7 @@ Changes - Small cosmetic change on the log index. [Iglocska] Fix ---- +~~~ - Fix to the redirect issues on logout. [Iglocska] - Added the new db changes to the SQL files. [Iglocska] - Some more cleanup on the redirects at login. [Iglocska] @@ -35768,7 +36695,7 @@ Fix - Contact Users Form Email Issue fixed, fixes #1130. [Iglocska] Other ------ +~~~~~ - Merge branch 'feature/news' into 2.4. [Iglocska] - Added url detection to the news items. [Iglocska] - Merge branch 'pr1148' into 2.4. [Iglocska] @@ -35843,18 +36770,19 @@ Other - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [iglocska] + v2.4.44 (2016-05-12) -------------------- Fix ---- +~~~ - Fixed an issue with the download as MISP XML/JSON failing for regular users due to a permission issue. [Iglocska] - Fix to an issue with server urls having a trailing slash causing an invalid sharing group server detection. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge pull request #1125 from I-am-Sherlocked/patch-3. [Andras Iklody] @@ -35862,15 +36790,16 @@ Other Missing DEFAULT value in certif_public - Missing DEFAULT value in certif_public. [I-am-Sherlocked] + v2.4.43 (2016-05-11) -------------------- New ---- +~~~ - Started work on the new attribute deletion. [Iglocska] Changes -------- +~~~~~~~ - Prevent attribute edit on deleted attributes, prevent proposal correlation on deleted attributes. [Iglocska] - Some small fixes to the soft-delete. [Iglocska] @@ -35882,7 +36811,7 @@ Changes - DB changes for the attribute deletion. [Iglocska] Fix ---- +~~~ - Attribute search - download as CSV returns empty result set, fixes #1122. [Iglocska] - Fixed an issue that would cause invalid empty events to be created @@ -35892,7 +36821,7 @@ Fix - Left off a change. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] - Merge branch 'feature/soft-delete' into 2.4. [Iglocska] @@ -35915,11 +36844,12 @@ Other in "Request URL: /users/memberslist" , since Organization.name is not a unique field. Grouping by Organization.id instead will fix the issue. - Fixed the logging of attribute deletes. [Iglocska] + v2.4.42 (2016-05-05) -------------------- Changes -------- +~~~~~~~ - Filter event index for my own events. [Iglocska] - Part of the initiative for a happier Andrzej @@ -35942,7 +36872,7 @@ Changes the worker shell scripts on RHEL/CentOS. [Iglocska] Fix ---- +~~~ - Problem with osint json/taxonomy, fixes #1119. [Iglocska] - Added a new validation for strings where "0" should be a valid value @@ -35956,58 +36886,61 @@ Fix - Fix to an issue for new installations. [Iglocska] Other ------ +~~~~~ - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [Iglocska] + v2.4.41 (2016-04-28) -------------------- Changes -------- +~~~~~~~ - Updated the user edit view to match the user admin edit view's interpretation of the SMIME certificate field. [Iglocska] - Renamed the JS used by MISP. [Iglocska] Fix ---- +~~~ - Fixed some issues with the favourite tags. [Iglocska] + v2.4.40 (2016-04-28) -------------------- New ---- +~~~ - Favourite tags. [Iglocska] - Add a tag to your favourites list - When tagging events there is a new setting: Favourite tags, which only contains the tags you've selected Changes -------- +~~~~~~~ - Added encryption feature with PGP or S/MIME support. [Alexandre Dulaunoy] Other ------ +~~~~~ - Airbus added as contributor. [Alexandre Dulaunoy] + v2.4.39 (2016-04-27) -------------------- Changes -------- +~~~~~~~ - Small test with the embedded headers. [Iglocska] - Reverted the previous change. [Iglocska] - Small fix to the headers sent for SMIME. [Iglocska] Fix ---- +~~~ - Fixed an issue with handling SMIME encrypted messages on instances that don't have a signing key. [Iglocska] Other ------ +~~~~~ - Merge branch 'feature/smime' into 2.4. [Iglocska] - Updates to the SMIME setup instructions. [Iglocska] - SMIME changes. [Iglocska] @@ -36046,6 +36979,7 @@ Other - Add the field 'certif_public' in view. [devnull-] - Add the field 'certif_public' in index. [devnull-] - Add in form the field 'certif_public' [devnull-] +- Add in form the field 'certif_public' [devnull-] - Patch SMIME to sign and encrypt email. [devnull-] - Update fields & add certificate as attachment to email. [devnull-] - Add function verifyCertificate & update of fields. [devnull-] @@ -36060,6 +36994,7 @@ Other headers) [devnull-] - PATCH: Update the database schema (SMIME) [devnull-] + v2.4.38 (2016-04-23) -------------------- - Merge branch 'feature/warninglists' into 2.4. [Iglocska] @@ -36080,9 +37015,10 @@ v2.4.38 (2016-04-23) - Merge branch '2.4' into feature/warninglists. [Iglocska] - First version of the warnings finished. [Iglocska] - Further progress. [Iglocska] +- Further progress. [Iglocska] - Import, enabling, viewing, indexing of warninglists finished. [Iglocska] -- Warninglists :construction:. [Iglocska] +- Warninglists WIP. [Iglocska] - Fix to an invalid check. [Iglocska] - Small tune to the freetext import. [Iglocska] @@ -36176,6 +37112,7 @@ v2.4.38 (2016-04-23) - Some small changes. [Iglocska] - Small fixes. [Iglocska] + v2.4.37 (2016-04-18) -------------------- - Version bump. [Iglocska] @@ -36185,6 +37122,7 @@ v2.4.37 (2016-04-18) - Gitchangelog configuration added. [Alexandre Dulaunoy] - Version bump. [Iglocska] + v2.4.36 (2016-04-15) -------------------- - Fixed a check for the upload sample API to check if the target event @@ -36193,6 +37131,7 @@ v2.4.36 (2016-04-15) - Changed the publish dating to number of days from fixed date. [Iglocska] + v2.4.35 (2016-04-15) -------------------- - Added a way to block old publish alerts from going out. [Iglocska] @@ -36319,6 +37258,7 @@ v2.4.35 (2016-04-15) - 4. Include the Sightings data in the XML/JSON views - 5. View sighting for attribute / event via the API + v2.4.34 (2016-04-08) -------------------- - Version bump. [Iglocska] @@ -36411,6 +37351,7 @@ v2.4.34 (2016-04-08) Dulaunoy] - MISP logo in a square. [Alexandre Dulaunoy] + v2.4.32 (2016-03-30) -------------------- - Split the tagging permission into two. [Iglocska] @@ -36435,6 +37376,7 @@ v2.4.32 (2016-03-30) - new tool for rearranging request data to allow the APIs to automatically catch and correct typical rearrange errors + v2.4.31 (2016-03-30) -------------------- - Fix to an issue with the password reset breaking the credentials. @@ -36472,6 +37414,7 @@ v2.4.31 (2016-03-30) There is a typo in main.css - CIRCL logo added. [Alexandre Dulaunoy] - Fix #1051. [Alexandre Dulaunoy] +- Fix #1051. [Alexandre Dulaunoy] - Fix to an invalid default password complexity validation, fixes #585. [Iglocska] - Fixes to the plugin settings not working for any plugin beyond the @@ -36481,10 +37424,12 @@ v2.4.31 (2016-03-30) - also added the correlations to the enrichment view + v2.4.30 (2016-03-28) -------------------- - Verision bump. [Iglocska] + v2.4.29 (2016-03-28) -------------------- - Added the authkey to the admin user index, including filtering / @@ -36538,6 +37483,7 @@ v2.4.29 (2016-03-28) - Fix to the incoming address check. [Iglocska] - First implementation of the new auth mechanism. [Iglocska] + v2.4.28 (2016-03-21) -------------------- - Version bump. [Iglocska] @@ -36595,6 +37541,7 @@ v2.4.28 (2016-03-21) - next step: Tie it into the freetext import results - add additional fields to the python service + v2.4.27 (2016-03-11) -------------------- - Re-added a feed. [Iglocska] @@ -36611,6 +37558,7 @@ v2.4.27 (2016-03-11) - Correctly detect e-mail addresses in the freetext import tool. [Iglocska] + v2.4.26 (2016-03-10) -------------------- - Version bump. [Iglocska] @@ -36660,11 +37608,13 @@ v2.4.26 (2016-03-10) - Set proposal's deleted field to 0 if nothing is set before saving, fixes #988. [Iglocska] + v2.4.25 (2016-03-09) -------------------- - Scheduled push incorrectly used the user e-mail address instead of a user object to initiate the sync, fixes #1000. [Iglocska] + v2.4.24 (2016-03-07) -------------------- - Version bump. [Iglocska] @@ -36746,11 +37696,13 @@ v2.4.24 (2016-03-07) event. [Iglocska] - Version bump. [Iglocska] + v2.4.23 (2016-02-22) -------------------- - Fixed a bug that caused the publish e-mails to not respect the sharing groups correctly. [Iglocska] + v2.4.22 (2016-02-21) -------------------- - Added correlation as a quick filter on attributes in the event view. @@ -36765,6 +37717,7 @@ v2.4.22 (2016-02-21) - MYSQL.sql brought up to date, the upgrade scripts in the application shouldn't have to run on first login - Version bump. [Iglocska] + v2.4.21 (2016-02-19) -------------------- - Fix to a critical vulnerability for the login authentication @@ -36790,6 +37743,7 @@ v2.4.21 (2016-02-19) correlating proposals. [Iglocska] - Fixed a copy paste fail. [Iglocska] + v2.4.20 (2016-02-17) -------------------- - Added correlations on a proposal level. [Iglocska] @@ -36846,10 +37800,12 @@ v2.4.20 (2016-02-17) - Added new attribute type x509-fingerprint-sha1. [Iglocska] - Version bump and footer version fix. [Iglocska] + v2.4.18 (2016-02-13) -------------------- - Merge branch 'features/delegation' into 2.4. [Iglocska] - Merge fixes. [Iglocska] +- Merge fixes. [Iglocska] - Merge branch '2.4' into features/delegation. [Iglocska] Conflicts: @@ -36868,6 +37824,7 @@ v2.4.18 (2016-02-13) - this helps with composite attributes where only one half of the attribute correlates + v2.4.17 (2016-02-11) -------------------- - Version bump. [Iglocska] @@ -36959,8 +37916,10 @@ v2.4.17 (2016-02-11) Comment a line that includes a comment - Update INSTALL.ubuntu1404.txt. [Alexander J] +- Update INSTALL.ubuntu1404.txt. [Alexander J] - Fix to the e-mail contents of the contact message. [Iglocska] + v2.4.16 (2016-02-02) -------------------- - Version bump. [Iglocska] @@ -36979,6 +37938,7 @@ v2.4.16 (2016-02-02) - contact e-mail recipients were incorrectly set resulting in the e-mails landing at the wrong recipient - disabled users were not excluded from certain e-mails + v2.4.15 (2016-02-02) -------------------- - Version bump. [Iglocska] @@ -37037,6 +37997,7 @@ v2.4.15 (2016-02-02) - Display and Search for model ID in the audit logs, fixes #889. [Iglocska] + v2.4.14 (2016-01-29) -------------------- - Version bump. [Iglocska] @@ -37066,6 +38027,7 @@ v2.4.14 (2016-01-29) - Set the returnPath header in e-mails correctly. [Iglocska] - Version bump. [Iglocska] + v2.4.13 (2016-01-28) -------------------- - Added org merge tool. [Iglocska] @@ -37122,6 +38084,7 @@ v2.4.13 (2016-01-28) - Fixed an invalid org lookup on the proposal download blocking users from downloading proposal attachments, fixes #874. [Iglocska] + v2.4.12 (2016-01-21) -------------------- - Merge branch 'feature/proposalFix' into 2.4. [Iglocska] @@ -37151,6 +38114,7 @@ v2.4.12 (2016-01-21) - the removed columns can cause exceptions if not removed as described in #814 + v2.4.11 (2016-01-20) -------------------- - Fix to an invalid org lookup. [Iglocska] @@ -37158,6 +38122,7 @@ v2.4.11 (2016-01-20) - prevents normal users from seeing the proposal index - still a left-over from 2.3 + v2.4.10 (2016-01-20) -------------------- - Version bump. [Iglocska] @@ -37172,6 +38137,7 @@ v2.4.10 (2016-01-20) - also some fixes and enhancements in general for this + v2.4.9 (2016-01-19) ------------------- - Fix to an issue with the XML cleanup method. [Iglocska] @@ -37251,6 +38217,7 @@ v2.4.9 (2016-01-19) - Fix to an invalid data entry pre-validation call that broke prtn attribute entry with a leading + [Iglocska] + v2.4.7 (2016-01-14) ------------------- - Version bump. [Iglocska] @@ -37315,6 +38282,9 @@ v2.4.7 (2016-01-14) - Add php 5.5 and 7.0 in the travis tests. [Raphaël Vinot] - Merge branch 'pr/679' into 2.4. [Raphaël Vinot] - Update .travis.yml. [Steve Peak] +- Update .travis.yml. [Steve Peak] +- Update .travis.yml. [Steve Peak] +- Update .travis.yml. [Steve Peak] - Create .coveragerc. [Steve Peak] - Debugging coverage. [Steve Peak] - Add check for values on diagnostics page, fixes #839. [Iglocska] @@ -37341,6 +38311,7 @@ v2.4.7 (2016-01-14) - fixed a series of issues with the exports + v2.4.6 (2016-01-07) ------------------- - Fix to a trailing slash in the baseurl breaking the upgrade script. @@ -37363,6 +38334,7 @@ v2.4.6 (2016-01-07) - Quickfilter added for users. [Iglocska] - Added malware sample to the file attribute filter. [Iglocska] + v2.4.5 (2016-01-04) ------------------- - First version of the quick filters for the event view. [Iglocska] @@ -37396,6 +38368,7 @@ v2.4.5 (2016-01-04) - Add today's date as the event date field if not set. [Iglocska] - Removal of PGP key generation for travis. [Iglocska] + v2.4.4 (2015-12-30) ------------------- - Fixes to the first user initialisation. [Iglocska] @@ -37420,6 +38393,7 @@ v2.4.4 (2015-12-30) Solving #786 - Solving #786. [Fafner [_KeyZee_]] +- Solving #786. [Fafner [_KeyZee_]] - Merge pull request #796 from FafnerKeyZee/2.4. [Andras Iklody] Fix for orgc_id into TemplatesController.php @@ -37443,6 +38417,7 @@ v2.4.4 (2015-12-30) - it was erroneously looking up servers that have push enabled instead of pull + v2.4.3 (2015-12-27) ------------------- - Rework of the contributor field, some MYSQL.sql tweaks. [iglocska] @@ -37450,6 +38425,7 @@ v2.4.3 (2015-12-27) - added indeces to the MYSQL.sql file - contributors now looks for shadow attributes instead of log entries (should make the event view much faster and resolve some timeout issues on sync when the log is massive) + v2.4.2 (2015-12-26) ------------------- - Fixes a bug on invalid event IDs passed to the STIX export causing @@ -37458,6 +38434,7 @@ v2.4.2 (2015-12-26) - Running a stix export for a specific ID that doesn't exist results in a full STIX export for the user (events visible to the user) - This leads for an unnecesarily long export process when a quick export is expected + v2.4.1 (2015-12-26) ------------------- - Several fixes to the exports, fixes #790. [iglocska] @@ -37472,6 +38449,7 @@ v2.4.1 (2015-12-26) - scheduled pulls would fail because of invalid user object passed - invalid permissions checks / org checks would cause the RPZ export to fail when using background workers + v2.4.0 (2015-12-24) ------------------- - Merge branch 'feature/fastupgrade' into 2.4. [iglocska] @@ -38159,7 +39137,7 @@ v2.4.0 (2015-12-24) - Progress on the sync. [Iglocska] - Creating objects whenever necessary during sync (sharing groups, organisations, etc) - - it's still :construction:, but time to sleep + - it's still WIP, but time to sleep - More changes to the sync. [Iglocska] - pushes are now taking into account the push_rules and pull_rules fields @@ -38276,6 +39254,7 @@ v2.4.0 (2015-12-24) - Removed debug line. [iglocska] - Initial commit. [iglocska] + v2.3.178 (2015-12-14) --------------------- - Merge branch 'hotfix-2.3.178' [iglocska] @@ -38287,12 +39266,14 @@ v2.3.178 (2015-12-14) - Double quoting of quoted messages in discussion threads fixed. [iglocska] + v2.3.177 (2015-12-08) --------------------- - Merge branch 'hotfix-2.3.177' [iglocska] - Invalid message fixed when accepting several proposals at once. [iglocska] + v2.3.176 (2015-12-08) --------------------- - Merge branch 'hotfix-2.3.176' [iglocska] @@ -38302,6 +39283,7 @@ v2.3.176 (2015-12-08) - Fixed an issue where an ip/resource was recognised as a CIDR notation IP range instead of a url - Changed the flash message for publishing without e-mails to something less scary + v2.3.175 (2015-12-04) --------------------- - Merge branch 'hotfix-2.3.175' [iglocska] @@ -38326,11 +39308,13 @@ v2.3.175 (2015-12-04) - admin tool doesn't recognise a word followed by a . as a url + v2.3.174 (2015-12-04) --------------------- - Merge branch 'hotfix-2.3.173' [iglocska] - Junk left in the previous commit. [iglocska] + v2.3.173 (2015-12-02) --------------------- - Merge branch 'hotfix-2.3.173' [iglocska] @@ -38348,6 +39332,7 @@ v2.3.173 (2015-12-02) - Fix to an incorrect call on sending out alert emails on edit. [iglocska] + v2.3.172 (2015-12-01) --------------------- - Merge branch 'hotfix-2.3.172' [iglocska] @@ -38363,6 +39348,7 @@ v2.3.172 (2015-12-01) - add_misp_export updated with the above in mind + v2.3.171 (2015-12-01) --------------------- - Merge branch 'hotfix-2.3.170' [iglocska] @@ -38375,6 +39361,7 @@ v2.3.171 (2015-12-01) - REST XML/JSON add/edit of events returns errors instead of the partially succeeding event + v2.3.169 (2015-11-27) --------------------- - Merge branch 'hotfix-2.3.169' [iglocska] @@ -38383,27 +39370,32 @@ v2.3.169 (2015-11-27) - there is no need to keep retransfering the actual attached file if all we want to convey is that the proposal is gone. + v2.3.168 (2015-11-27) --------------------- - Merge branch 'hotfix-2.3.168' [iglocska] - Fix to an issue where a proposal with an attachment could not be correctly accepted. [iglocska] + v2.3.167 (2015-11-26) --------------------- - Merge branch 'hotfix-2.3.167' [iglocska] - Updated CakePHP version to 2.7.7. [iglocska] - Merge branch 'hotfix-2.3.166' into develop. [iglocska] +- Merge branch 'hotfix-2.3.166' into develop. [iglocska] - Merge branch 'hotfix-2.3.165' into develop. [iglocska] - Merge branch 'hotfix-2.3.166' [iglocska] - Left off the view file from the previous commit. [iglocska] + v2.3.166 (2015-11-26) --------------------- - Merge branch 'hotfix-2.3.166' [iglocska] - Backport of a fix to 2.4 adding comments to proposed attachments. [iglocska] + v2.3.165 (2015-11-26) --------------------- - Merge branch 'hotfix-2.3.165' [iglocska] @@ -38414,6 +39406,7 @@ v2.3.165 (2015-11-26) - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] - Initial JSON schema - MISP event (version 2.3) [Alexandre Dulaunoy] + v2.3.164 (2015-11-22) --------------------- - Merge branch 'hotfix-2.3.164' [iglocska] @@ -38430,6 +39423,7 @@ v2.3.164 (2015-11-22) - Merge branch 'master' into develop. [iglocska] - Merge branch 'hotfix-2.3.161' into develop. [iglocska] + v2.3.163 (2015-11-19) --------------------- - Merge branch 'hotfix-2.3.163' [iglocska] @@ -38441,6 +39435,7 @@ v2.3.163 (2015-11-19) - Added a note on the server page to make it more obvious that values can be changed by double clicking them + v2.3.162 (2015-11-17) --------------------- - Merge branch 'hotfix-2.3.162' [iglocska] @@ -38453,6 +39448,7 @@ v2.3.162 (2015-11-17) - fixed a reflected XSS for template creator users when viewing a template - Merge branch 'hotfix-2.3.160' into develop. [iglocska] +- Merge branch 'hotfix-2.3.160' into develop. [iglocska] - Merge branch 'hotfix-2.3.159' into develop. [iglocska] - Merge branch 'hotfix-2.3.158' into develop. [iglocska] - Merge branch 'hotfix-2.3.157' into develop. [iglocska] @@ -38464,6 +39460,7 @@ v2.3.162 (2015-11-17) - Merge branch 'hotfix-2.3.161' [iglocska] - Fix to a recent patch breaking the publish button. [iglocska] + v2.3.161 (2015-11-17) --------------------- - Merge branch 'hotfix-2.3.160' [iglocska] @@ -38472,6 +39469,7 @@ v2.3.161 (2015-11-17) - sanitising it in appcontroller instead + v2.3.160 (2015-11-16) --------------------- - Merge branch 'hotfix-2.3.160' [iglocska] @@ -38502,6 +39500,7 @@ v2.3.160 (2015-11-16) - also added an admin tool that lets admins clean their current set of regexes of the harmful modifier + v2.3.159 (2015-11-15) --------------------- - Merge branch 'hotfix-2.3.159' [iglocska] @@ -38517,8 +39516,10 @@ v2.3.159 (2015-11-15) - Also removed the logging of the hashed password for newly created users - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] - PyMISP submodule updated. [Alexandre Dulaunoy] +- PyMISP submodule updated. [Alexandre Dulaunoy] - PyMISP updated. [Alexandre Dulaunoy] + v2.3.158 (2015-11-13) --------------------- - Merge branch 'hotfix-2.3.158' [iglocska] @@ -38546,6 +39547,7 @@ v2.3.158 (2015-11-13) - Fixed an issue where PGP keys that are set to never expire show up as expired. [iglocska] + v2.3.157 (2015-11-12) --------------------- - Merge branch 'hotfix-2.3.156' [iglocska] @@ -38553,6 +39555,7 @@ v2.3.157 (2015-11-12) - checks whether the key can be used to encrypt and whether it's expired + v2.3.156 (2015-11-11) --------------------- - Merge branch 'hotfix-2.3.155' [iglocska] @@ -38569,6 +39572,7 @@ v2.3.156 (2015-11-11) - reported by RichieB2B - The scraped URL for the PGP fetching tool was not sanitised before being echoed + v2.3.155 (2015-11-10) --------------------- - Merge branch 'hotfix-2.3.155' [iglocska] @@ -38577,6 +39581,7 @@ v2.3.155 (2015-11-10) - The scraped URL for the PGP fetching tool was not sanitised before being echoed - Trying to view an event that doesn't exist and one that the user has no access to resulted in different error messages + v2.3.154 (2015-11-10) --------------------- - Merge branch 'hotfix-2.3.154' [iglocska] @@ -38587,6 +39592,7 @@ v2.3.154 (2015-11-10) - until now multi line fields were both escaped and the line breaks removed - this was overkill, linebreaks are now kept intact + v2.3.153 (2015-11-09) --------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] @@ -38594,6 +39600,7 @@ v2.3.153 (2015-11-09) - Merge branch 'hotfix-2.3.153' [iglocska] - Fixed a bug with the attribute search API. [iglocska] + v2.3.152 (2015-11-08) --------------------- - Merge branch 'hotfix-2.3.152' [iglocska] @@ -38610,6 +39617,7 @@ v2.3.152 (2015-11-08) - disabling it also hides the IPs from the interface - added new IP field for the log search (only if enabled) + v2.3.151 (2015-11-03) --------------------- - Merge branch 'develop' [iglocska] @@ -38620,6 +39628,7 @@ v2.3.151 (2015-11-03) - Merge branch 'hotfix-2.3.148' into develop. [Iglocska] - Merge branch 'hotfix-2.3.147' into develop. [Iglocska] + v2.3.150 (2015-10-30) --------------------- - Merge branch 'hotfix-2.3.150' [iglocska] @@ -38629,6 +39638,7 @@ v2.3.150 (2015-10-30) - Proposals that can be accepted / discarded via the API - Can restrict the index to the proposals of a single event + v2.3.149 (2015-10-30) --------------------- - Merge branch 'hotfix-2.3.149' [iglocska] @@ -38636,6 +39646,7 @@ v2.3.149 (2015-10-30) - Create / Edit / Remove / index / view tags via the API + v2.3.148 (2015-10-28) --------------------- - Merge branch 'hotfix-2.3.148' [Iglocska] @@ -38652,6 +39663,7 @@ v2.3.148 (2015-10-28) - Merge branch 'hotfix-2.3.147' [Iglocska] - More details on the PGP validation tool. [Iglocska] + v2.3.147 (2015-10-27) --------------------- - Merge branch 'hotfix-2.3.147' [Iglocska] @@ -38662,13 +39674,18 @@ v2.3.147 (2015-10-27) - Merge branch 'hotfix-2.3.145' into develop. [iglocska] - Merge branch 'hotfix-2.3.144' into develop. [iglocska] - Merge branch 'hotfix-2.3.143' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.143' into develop. [Iglocska] - Merge branch 'hotfix-2.3.142' into develop. [Iglocska] - Merge branch 'hotfix-2.3.141' into develop. [Iglocska] - Merge branch 'hotfix-2.3.140' into develop. [Iglocska] - Merge branch 'hotfix-2.3.139' into develop. [Iglocska] - Merge branch 'hotfix-2.3.138' into develop. [Iglocska] - Merge branch 'hotfix-2.3.136' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.136' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.136' into develop. [Iglocska] - Merge branch 'hotfix-2.3.135' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.135' into develop. [Iglocska] + v2.3.146 (2015-10-27) --------------------- @@ -38682,12 +39699,14 @@ v2.3.146 (2015-10-27) - removed ajax path - added XML/JSON view + v2.3.145 (2015-10-22) --------------------- - Merge branch 'hotfix-2.3.145' [iglocska] - Reverted change in proposal file storage path that wasn't needed. [iglocska] + v2.3.144 (2015-10-21) --------------------- - Merge branch 'hotfix-2.3.144' [iglocska] @@ -38710,6 +39729,7 @@ v2.3.144 (2015-10-21) - Added the attribute relations to the XML / JSON output, fixes #687. [Iglocska] + v2.3.143 (2015-10-15) --------------------- - Copyright notices as a list. [Alexandre Dulaunoy] @@ -38720,6 +39740,7 @@ v2.3.143 (2015-10-15) - Merge branch 'master' of github.com:MISP/MISP. [Alexandre Dulaunoy] - Licensed updated to AGPL 3.0 - #686. [Alexandre Dulaunoy] + v2.3.142 (2015-10-14) --------------------- - Merge branch 'hotfix-2.3.142' [Iglocska] @@ -38728,6 +39749,7 @@ v2.3.142 (2015-10-14) - as pointed out by RichieB2B + v2.3.141 (2015-10-13) --------------------- - Merge branch 'hotfix-2.3.141' [Iglocska] @@ -38741,6 +39763,7 @@ v2.3.141 (2015-10-13) - Merge branch 'master' of https://github.com/MISP/MISP. [Iglocska] - Documentation location updated (misp-book) [Alexandre Dulaunoy] + v2.3.140 (2015-10-12) --------------------- - Merge branch 'hotfix-2.3.140' [Iglocska] @@ -38751,6 +39774,7 @@ v2.3.140 (2015-10-12) - this was due to access to /proc being blocked by open_basedir directive settings - added a check and the corresponding view changes to this being the case + v2.3.139 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.139' [Iglocska] @@ -38762,11 +39786,13 @@ v2.3.139 (2015-10-09) - Under these distros, php is blocked from seeing concurrently running php processes even under the same user - instead of running ps, the diagnostic now checks the existance of the pid file in /proc/ + v2.3.138 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.136' [Iglocska] - Further fixes that caused issues with old PHP versions. [Iglocska] + v2.3.137 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.136' [Iglocska] @@ -38774,6 +39800,7 @@ v2.3.137 (2015-10-09) - Fixed a possible issue with the previous commit on certain php versions. [Iglocska] + v2.3.136 (2015-10-09) --------------------- - Merge branch 'hotfix-2.3.136' [Iglocska] @@ -38786,6 +39813,7 @@ v2.3.136 (2015-10-09) - Merge branch 'hotfix-2.3.135' [Iglocska] - Left off view file. [Iglocska] + v2.3.135 (2015-10-08) --------------------- - Merge branch 'hotfix-2.3.135' [Iglocska] @@ -38803,6 +39831,7 @@ v2.3.135 (2015-10-08) - Merge branch 'hotfix-2.3.132' into develop. [Iglocska] - Merge branch 'hotfix-2.3.131' into develop. [iglocska] - Merge branch 'hotfix-2.3.130' into develop. [iglocska] +- Merge branch 'hotfix-2.3.130' into develop. [iglocska] - Merge branch 'hotfix-2.3.129' into develop. [iglocska] - Merge branch 'hotfix-2.3.128' into develop. [iglocska] - Merge branch 'hotfix-2.3.127' into develop. [iglocska] @@ -38811,6 +39840,7 @@ v2.3.135 (2015-10-08) - Merge branch 'hotfix-2.3.122' into develop. [Iglocska] - Merge branch 'hotfix-2.3.121' into develop. [Iglocska] + v2.3.134 (2015-09-24) --------------------- - Merge branch 'hotfix-2.3.134' [Iglocska] @@ -38823,11 +39853,13 @@ v2.3.134 (2015-09-24) - before the recorrelation admin tool would load all attributes into memory in one go - now it loads them in chunks of 1k attributes at a time + v2.3.133 (2015-09-24) --------------------- - Merge branch 'hotfix-2.3.132' [Iglocska] - Fix to the previous commit. [Iglocska] + v2.3.132 (2015-09-23) --------------------- - Merge branch 'hotfix-2.3.132' [Iglocska] @@ -38856,6 +39888,7 @@ v2.3.132 (2015-09-23) Move test cases to PyMISP - Move test cases to PyMISP. [Raphaël Vinot] + v2.3.131 (2015-09-21) --------------------- - Merge branch 'hotfix-2.3.131' [iglocska] @@ -38870,12 +39903,14 @@ v2.3.131 (2015-09-21) - Merge branch 'hotfix-2.3.130' [iglocska] - Version bump. [iglocska] + v2.3.130 (2015-09-17) --------------------- - Merge branch 'hotfix-2.3.130' [iglocska] - Fix to an issue introduced in 2.3.128 that incorrectly causes MISP to not sync due to a version mismatch. [iglocska] + v2.3.129 (2015-09-16) --------------------- - Added an API to quickly check the current MISP version, fixes #664. @@ -38888,12 +39923,14 @@ v2.3.129 (2015-09-16) At least, I think so, please review :) + v2.3.128 (2015-09-16) --------------------- - Merge branch 'hotfix-2.3.128' [iglocska] - Added a diagnostic to check and purge overgrown session tables. [iglocska] + v2.3.127 (2015-09-16) --------------------- - Merge branch 'hotfix-2.3.127' [iglocska] @@ -38911,6 +39948,7 @@ v2.3.127 (2015-09-16) https://github.com/MISP/MISP/issues/302) [David André] - Added gcc in dependencies (related to #302) [David André] + v2.3.126 (2015-09-16) --------------------- - Merge branch 'hotfix-2.3.126' [iglocska] @@ -38939,7 +39977,7 @@ v2.3.126 (2015-09-16) - Further progress on several issues. [iglocska] - Progress on several issues. [Iglocska] - - switching workstations, this is all :construction: + - switching workstations, this is all WiP - Merge pull request #653 from Rafiot/master. [Raphaël Vinot] [Travis] Fix DB @@ -38951,6 +39989,7 @@ v2.3.126 (2015-09-16) - Fix to a display bug on the event index when short tags are used. [Iglocska] + v2.3.125 (2015-09-09) --------------------- - Merge branch 'hotfix-2.3.125' [Iglocska] @@ -38972,6 +40011,7 @@ v2.3.125 (2015-09-09) non IDS flagged attributes are also exported by default. - Fix travis message in README. [Raphaël Vinot] + v2.3.124 (2015-09-07) --------------------- - Merge branch 'hotfix-2.3.124' [Iglocska] @@ -38997,6 +40037,7 @@ v2.3.124 (2015-09-07) Add partial travis support - Add partial travis support. [Raphaël Vinot] + v2.3.123 (2015-09-03) --------------------- - Merge branch 'hotfix-2.3.123' [Iglocska] @@ -39006,6 +40047,7 @@ v2.3.123 (2015-09-03) - now also shows issues not related to the value field - takes an optional parameter to validate a single event's attributes + v2.3.122 (2015-09-02) --------------------- - Merge branch 'hotfix-2.3.122' [Iglocska] @@ -39014,6 +40056,7 @@ v2.3.122 (2015-09-02) - reported by Roberto Suggi Liverani from NCIA + v2.3.121 (2015-09-02) --------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [Iglocska] @@ -39041,11 +40084,13 @@ v2.3.121 (2015-09-02) - Merge branch 'hotfix-2.3.120' [Iglocska] - Cleanup of some mistakes. [Iglocska] + v2.3.120 (2015-08-27) --------------------- - Merge branch 'hotfix-2.3.118' [Iglocska] - Add / Remove tags from events via a new API. [Iglocska] + v2.3.118 (2015-08-27) --------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [Iglocska] @@ -39062,6 +40107,7 @@ v2.3.118 (2015-08-27) it must be core.php instead of Core.php + v2.3.117 (2015-08-27) --------------------- - Merge branch 'hotfix-2.3.117' [Iglocska] @@ -39072,6 +40118,7 @@ v2.3.117 (2015-08-27) - timing out and clicking on an admin action results in being redirected to a non-existing admin login page - distribution setting ignored when uploading attachments + v2.3.116 (2015-08-25) --------------------- - Merge branch 'hotfix-2.3.116' [Iglocska] @@ -39098,6 +40145,7 @@ v2.3.116 (2015-08-25) - Merge branch 'hotfix-2.3.113' into develop. [Iglocska] - Merge branch 'hotfix-2.3.112' into develop. [Iglocska] + v2.3.114 (2015-08-24) --------------------- - Merge branch 'hotfix-2.3.114' [Iglocska] @@ -39115,6 +40163,7 @@ v2.3.114 (2015-08-24) - Fixed a blackhole issue with the password reset popups + v2.3.112 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.112' [Iglocska] @@ -39132,6 +40181,7 @@ v2.3.112 (2015-08-18) - removed the requirement for the files to have the .ioc extension - Merge branch 'hotfix-2.3.110' into develop. [Iglocska] + v2.3.110 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.110' [Iglocska] @@ -39139,6 +40189,7 @@ v2.3.110 (2015-08-18) events from being added via the UI. [Iglocska] - Merge branch 'hotfix-2.3.109' into develop. [Iglocska] + v2.3.109 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.109' [Iglocska] @@ -39152,12 +40203,14 @@ v2.3.109 (2015-08-18) - Merge branch 'hotfix-2.3.107' into develop. [iglocska] - Merge branch 'hotfix-2.3.106' into develop. [Iglocska] + v2.3.108 (2015-08-18) --------------------- - Merge branch 'hotfix-2.3.108' [Iglocska] - Database update admin-actions are now logged and if they fail the errors are logged. [Iglocska] + v2.3.107 (2015-08-17) --------------------- - Merge branch 'hotfix-2.3.107' [iglocska] @@ -39178,6 +40231,7 @@ v2.3.107 (2015-08-17) - the sync uses 404s to signal that an event with a given uuid does not exist when negotiating proposal synchronisation - this causes a dangerously high amount of noise in the logs + v2.3.106 (2015-08-07) --------------------- - Merge branch 'hotfix-2.3.106' [Iglocska] @@ -39202,6 +40256,7 @@ v2.3.106 (2015-08-07) - Merge branch 'hotfix-2.3.93' into develop. [Iglocska] - Merge branch 'hotfix-2.3.92' into develop. [Iglocska] + v2.3.105 (2015-08-07) --------------------- - Merge branch 'hotfix-2.3.105' [Iglocska] @@ -39212,6 +40267,7 @@ v2.3.105 (2015-08-07) - Also, fix for an issue with the freetext import not using semi-colons as separators + v2.3.104 (2015-08-04) --------------------- - Merge branch 'hotfix-2.3.104' [Iglocska] @@ -39226,6 +40282,7 @@ v2.3.104 (2015-08-04) * the real name of libxslt-dev is libxslt1-dev * curl is required later in the installation and may not be present on the system + v2.3.103 (2015-08-04) --------------------- - Merge branch 'hotfix-2.3.103' [Iglocska] @@ -39246,6 +40303,7 @@ v2.3.103 (2015-08-04) - changed the UI attachment upload to reflect these changes - code more centralised and extendible + v2.3.102 (2015-07-27) --------------------- - Merge branch 'hotfix-2.3.102' [Iglocska] @@ -39259,6 +40317,7 @@ v2.3.102 (2015-07-27) - added a toggle for the IDS fields in the freetext import to quickly set all found attributes to being IDS worthy + v2.3.100 (2015-07-22) --------------------- - Merge branch 'hotfix-2.3.100' [Iglocska] @@ -39271,10 +40330,12 @@ v2.3.100 (2015-07-22) - Greatly reduces memory footprint (It mostly depends on the event with the most eligible attributes now, instead of the combined list of all events) - Because of the lower memory usage, the time taken for the export is also slashed to a fragment of what it was before + v2.3.99 (2015-07-20) -------------------- - Merge branch 'hotfix-2.3.98' [Iglocska] + v2.3.98 (2015-07-17) -------------------- - Merge branch '570' into hotfix-2.3.98. [Iglocska] @@ -39295,6 +40356,7 @@ v2.3.98 (2015-07-17) - fixed some issues with unset variables (from, to, last) when triggered by the background workers - reduced memory usage of the hids exports (removed storing the hashes twice in memory, drastically removed the data retrieved from the db when preparing the export) + v2.3.97 (2015-07-13) -------------------- - Merge branch 'hotfix-2.3.97' [Iglocska] @@ -39311,6 +40373,7 @@ v2.3.97 (2015-07-13) - Merge branch 'pr546' into hotfix-2.3.97. [Iglocska] - Use innodb engine for cake sessions table. [David André] + v2.3.96 (2015-07-12) -------------------- - Merge branch 'hotfix-2.3.96' [Iglocska] @@ -39320,12 +40383,14 @@ v2.3.96 (2015-07-12) - allows site admins to add workers to any queue on the fly - allows site admins to kill workers on the fly + v2.3.95 (2015-07-09) -------------------- - Merge branch 'hotfix-2.3.95' [Iglocska] - Some tuning to the hostname / url type recognition in the freetext import tool, fixes #562. [Iglocska] + v2.3.94 (2015-07-08) -------------------- - Merge branch 'hotfix-2.3.94' [Iglocska] @@ -39334,6 +40399,7 @@ v2.3.94 (2015-07-08) Moved the XML conversion in restfullEventToServer() to MISP's own xml conversion tool + v2.3.93 (2015-07-07) -------------------- - Merge branch 'hotfix-2.3.93' [Iglocska] @@ -39342,23 +40408,27 @@ v2.3.93 (2015-07-07) - some errors in the format (wrong comment character used, rpz-ip not appended to IP addresses, missing semi-colon) - removed hostnames that are on domains blocked by the rules based on domain attributes + v2.3.92 (2015-07-01) -------------------- - Merge branch 'hotfix-2.3.92' [Iglocska] - Fix to an incorrect validation of temporary filenames. [Iglocska] - Merge branch 'hotfix-2.3.91' into develop. [Iglocska] - Merge branch 'hotfix-2.3.90' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.90' into develop. [Iglocska] - Merge branch 'hotfix-2.3.89' into develop. [Iglocska] - Merge branch 'hotfix-2.3.91' [Iglocska] - File management fixed in server settings. [Iglocska] - a previous patch removed the contents of the page + v2.3.91 (2015-07-01) -------------------- - Merge branch 'hotfix-2.3.90' [Iglocska] - GnuPG.binary demoted to optional setting as it should be. [Iglocska] + v2.3.90 (2015-07-01) -------------------- - Merge branch 'hotfix-2.3.90' [Iglocska] @@ -39375,9 +40445,11 @@ v2.3.90 (2015-07-01) - the disabled fields are no longer created via the form helper - Merge branch 'hotfix-2.3.88' into develop. [Iglocska] - Merge branch 'hotfix-2.3.87' into develop. [Iglocska] +- Merge branch 'hotfix-2.3.87' into develop. [Iglocska] - Merge branch 'hotfix-2.3.86' into develop. [Iglocska] - Merge branch 'hotfix-2.3.84' into develop. [iglocska] + v2.3.88 (2015-06-29) -------------------- - Merge branch 'hotfix-2.3.88' [Iglocska] @@ -39397,6 +40469,7 @@ v2.3.88 (2015-06-29) - updated gitignore to ignore some items that are outside of the scope of the git package - Proposal mass accept/discard, fixes #466. [Iglocska] + v2.3.87 (2015-06-25) -------------------- - Merge branch 'hotfix-2.3.86' [Iglocska] @@ -39467,11 +40540,13 @@ v2.3.87 (2015-06-25) - future enhancement possibility: move the second stage (the actual key fetch) to the server side instead of a direct ajax query from the user's browser + v2.3.85 (2015-06-22) -------------------- - Merge branch 'hotfix-2.3.85' [Iglocska] - Tuning of the complex type tool. [Iglocska] + v2.3.84 (2015-06-18) -------------------- - Merge branch 'hotfix-2.3.84' [iglocska] @@ -39494,12 +40569,14 @@ v2.3.84 (2015-06-18) [Iglocska] - Merge branch 'hotfix-2.3.75' into develop. [Iglocska] + v2.3.83 (2015-06-17) -------------------- - Merge branch 'hotfix-2.3.83' [iglocska] - Small tweak to the email/domain/hostname validation, affects #551. [iglocska] + v2.3.82 (2015-06-16) -------------------- - Merge branch 'hotfix-2.3.82' [iglocska] @@ -39508,6 +40585,7 @@ v2.3.82 (2015-06-16) - Merge branch 'hotfix-2.3.81' [Iglocska] - Removed some junk. [Iglocska] + v2.3.81 (2015-06-10) -------------------- - Merge branch 'hotfix-2.3.81' [Iglocska] @@ -39523,6 +40601,7 @@ v2.3.81 (2015-06-10) - Sending a password reset / welcome message picked the opposite subject line - line breaks were sent as literals. + v2.3.80 (2015-06-09) -------------------- - Merge branch 'hotfix-2.3.80' [Iglocska] @@ -39539,6 +40618,7 @@ v2.3.80 (2015-06-09) - This patch enables option 3, administrators can point MISP to the alternate executable in the server settings - Server setting changes logged, fixes #531. [Iglocska] + v2.3.79 (2015-06-06) -------------------- - Merge branch 'hotfix-2.3.79' [Iglocska] @@ -39565,6 +40645,7 @@ v2.3.79 (2015-06-06) - added a new entry to the admin tools (Administartion -> Administrative tools) - converts title and change columns in the logs table to text from varchar(255) + v2.3.77 (2015-06-05) -------------------- - Merge branch 'hotfix-2.3.77' [Iglocska] @@ -39573,6 +40654,7 @@ v2.3.77 (2015-06-05) - fixed an incorrect privilege check on the publish pop-up + v2.3.76 (2015-06-04) -------------------- - Merge branch 'hotfix-2.3.76' [Iglocska] @@ -39602,6 +40684,7 @@ v2.3.76 (2015-06-04) - on CentOS this is a separate package php-mbstring - on Ubuntu this is part of libapache2-mod-php5 + v2.3.74 (2015-06-03) -------------------- - Merge branch 'hotfix-2.3.74' [Iglocska] @@ -39609,6 +40692,7 @@ v2.3.74 (2015-06-03) - The rescheduling now happens before the task is executed - this way a failed job will not prevent the rescheduling of the next execution time + v2.3.73 (2015-06-03) -------------------- - Merge branch 'hotfix-2.3.73' [Iglocska] @@ -39637,6 +40721,7 @@ v2.3.73 (2015-06-03) - Ports in IP/url/link/domain/hostname now added as a comment - virustotal now automatically recognised as external analysis / link + v2.3.71 (2015-06-01) -------------------- - Merge branch 'hotfix-2.3.71' [Iglocska] @@ -39653,6 +40738,8 @@ v2.3.71 (2015-06-01) Add a note on Debian Wheezy installation instructions - Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] +- Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] +- Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] - Merge branch 'master' of https://github.com/aaronkaplan/MISP. [Aaron Kaplan] - Merge branch 'master' of https://github.com/MISP/MISP. [Aaron Kaplan] @@ -39666,6 +40753,7 @@ v2.3.71 (2015-06-01) Kaplan] - Merge branch 'hotfix-2.3.69' into develop. [iglocska] + v2.3.69 (2015-05-27) -------------------- - Merge branch 'hotfix-2.3.69' [iglocska] @@ -39728,11 +40816,13 @@ v2.3.69 (2015-05-27) - Merge branch 'hotfix-2.3.66' into develop. [iglocska] - Merge branch 'hotfix-2.3.65' into develop. [iglocska] + v2.3.68 (2015-05-21) -------------------- - Merge branch 'hotfix-2.3.68' [iglocska] - Date set to today's date by default, fixes #495. [iglocska] + v2.3.67 (2015-05-20) -------------------- - Merge branch 'hotfix-2.3.67' [iglocska] @@ -39743,12 +40833,14 @@ v2.3.67 (2015-05-20) - MISP will now try to only detect MISP auth keys in the headers and if it detects something else it ignores it + v2.3.66 (2015-05-15) -------------------- - Merge branch 'hotfix-2.3.66' [iglocska] - Fix to copy pasta issue breaking from/to filters in exports, fixes #494. [iglocska] + v2.3.65 (2015-05-15) -------------------- - Merge branch 'hotfix-2.3.65' [iglocska] @@ -39808,12 +40900,14 @@ v2.3.65 (2015-05-15) - based on stevengoossensB's pull request + v2.3.64 (2015-05-13) -------------------- - Merge branch 'password_script' [iglocska] - Password reset fix. [iglocska] - Added link to GNU AGLP License v3 text. [David André] + v2.3.63 (2015-05-04) -------------------- - Merge branch 'hotfix-2.3.63' [iglocska] @@ -39835,6 +40929,7 @@ v2.3.63 (2015-05-04) Fix for issue #467 Changed the label of IDS checkbox for proposals + v2.3.62 (2015-04-16) -------------------- - Merge branch 'hotfix-2.3.62' [Iglocska] @@ -39847,6 +40942,7 @@ v2.3.62 (2015-04-16) - also updated the sample curl scripts + v2.3.60 (2015-04-13) -------------------- - Merge branch 'hotfix-2.3.60' [Iglocska] @@ -39855,6 +40951,7 @@ v2.3.60 (2015-04-13) - Issue fixed: When background jobs are enabled the wrong flag is checked when attemptying to enqueue a pull + v2.3.59 (2015-04-08) -------------------- - Merge branch 'hotfix-2.3.59' [Iglocska] @@ -39937,6 +41034,7 @@ v2.3.59 (2015-04-08) - Merge remote-tracking branch 'upstream/master' [Richard van den Berg] - Disallow unpublished events. [Richard van den Berg] + v2.3.58 (2015-04-01) -------------------- - Merge branch 'hotfix-2.3.58' [Iglocska] @@ -39945,6 +41043,7 @@ v2.3.58 (2015-04-01) - attributes were not correctly updated during a manual push due to an incorrect conditional - re-publishing was unaffected + v2.3.57 (2015-03-16) -------------------- - Merge branch 'hotfix-2.3.57' [Iglocska] @@ -39964,11 +41063,13 @@ v2.3.57 (2015-03-16) - Merge branch 'hotfix-2.3.47' into develop. [iglocska] - Merge branch 'hotfix-2.3.46' into develop. [iglocska] - Merge branch 'hotfix-2.3.45' into develop. [iglocska] +- Merge branch 'hotfix-2.3.45' into develop. [iglocska] - Merge branch 'hotfix-2.3.44' into develop. [iglocska] - Merge branch 'hotfix-2.3.43' into develop. [iglocska] - Merge branch 'hotfix-2.3.42' into develop. [iglocska] - Merge branch 'hotfix-2.3.41' into develop. [iglocska] + v2.3.56 (2015-03-14) -------------------- - Merge branch 'hotfix-2.3.56' [Iglocska] @@ -39983,6 +41084,7 @@ v2.3.56 (2015-03-14) - The log search incorrectly set the search terms for empty fields, meaning that any log entries that had unfilled columns, such as it is the case with admin_email would never return results + v2.3.55 (2015-03-10) -------------------- - Merge branch 'hotfix-2.3.55' [iglocska] @@ -39990,12 +41092,14 @@ v2.3.55 (2015-03-10) - filenames are now enclosed by quotes instead of double quotes while executing the zip command via exec + v2.3.54 (2015-02-24) -------------------- - Merge branch 'hotfix-2.3.54' [iglocska] - Version bump. [iglocska] - Json view fixed, fixes #411. [iglocska] + v2.3.53 (2015-02-23) -------------------- - Merge branch 'hotfix-2.3.53' [iglocska] @@ -40014,6 +41118,7 @@ v2.3.53 (2015-02-23) - also fixed the edit button on the index + v2.3.52 (2015-02-18) -------------------- - Merge branch 'hotfix-2.3.51' [iglocska] @@ -40024,6 +41129,7 @@ v2.3.52 (2015-02-18) - JSON view code moved to Lib - Fixed an issue that didn't restrict the dates correctly with the from / to parameters + v2.3.51 (2015-02-16) -------------------- - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] @@ -40031,6 +41137,7 @@ v2.3.51 (2015-02-16) - MISP logo added. [Alexandre Dulaunoy] - MISP logos added (SVG, PDF and PNG) [Alexandre Dulaunoy] + v2.3.50 (2015-02-16) -------------------- - Merge branch 'hotfix-2.3.50' [iglocska] @@ -40041,6 +41148,7 @@ v2.3.50 (2015-02-16) - return attributes fails when requesting the results in JSON - added missing view file + v2.3.49 (2015-02-16) -------------------- - Merge branch 'hotfix-2.3.49' [iglocska] @@ -40049,6 +41157,7 @@ v2.3.49 (2015-02-16) - incorrect check on the nids exports blocked logged in users from downloading the snort/suricata rules of an event - check removed + v2.3.48 (2015-02-10) -------------------- - Merge branch 'hotfix-2.3.48' [iglocska] @@ -40061,6 +41170,7 @@ v2.3.48 (2015-02-10) - Allows massive IOC lists to be imported - improved performance + v2.3.47 (2015-02-09) -------------------- - Merge branch 'hotfix-2.3.47' [iglocska] @@ -40070,11 +41180,13 @@ v2.3.47 (2015-02-09) - World's smallest patch + v2.3.46 (2015-02-05) -------------------- - Merge branch 'hotfix-2.3.45' [iglocska] - New documentation left off. [iglocska] + v2.3.45 (2015-02-05) -------------------- - Merge branch 'hotfix-2.3.45' [iglocska] @@ -40085,6 +41197,7 @@ v2.3.45 (2015-02-05) - resolved an issue of warnings being generated when an event without attributes / relations gets XML exported. - added new dump of the documentation + v2.3.44 (2015-02-04) -------------------- - Merge branch 'hotfix-2.3.44' [iglocska] @@ -40094,11 +41207,13 @@ v2.3.44 (2015-02-04) - added a file that was not pushed during the last hotfix - some improvements to the XML export to lower memory usage + v2.3.43 (2015-02-03) -------------------- - Merge branch 'hotfix-2.3.43' [iglocska] - Documentation fail fixes #384. [iglocska] + v2.3.42 (2015-02-03) -------------------- - Merge branch 'hotfix-2.3.42' [iglocska] @@ -40112,6 +41227,7 @@ v2.3.42 (2015-02-03) - Most exports are now restrictable by the event date (From/To parameters) - none cached XML export now writes to file after converting each event, clearing the memory and resolving any potential memory issues + v2.3.41 (2015-02-02) -------------------- - Merge branch 'hotfix-2.3.41' [iglocska] @@ -40131,6 +41247,7 @@ v2.3.41 (2015-02-02) hotfix-2.3.41. [iglocska] - Pretify some comments. [Richard van den Berg] - Fixed typo. [Richard van den Berg] +- Fixed typo. [Richard van den Berg] - Fix string assignments to StructuredText. [Richard van den Berg] - Map most MISP attribute comments into STIX. [Richard van den Berg] - Preserve indicator comments in STIX export. [Richard van den Berg] @@ -40144,6 +41261,7 @@ v2.3.41 (2015-02-02) - old behavior used if left untouched - Merge branch 'hotfix-2.3.40' into develop. [iglocska] + v2.3.40 (2015-01-15) -------------------- - Merge branch 'hotfix-2.3.40' [iglocska] @@ -40152,6 +41270,7 @@ v2.3.40 (2015-01-15) Incorrectly trying to look up authenticated user in the model fixed - Merge branch 'hotfix-2.3.39' into develop. [iglocska] + v2.3.39 (2015-01-12) -------------------- - Merge branch 'hotfix-2.3.39' [iglocska] @@ -40161,6 +41280,8 @@ v2.3.39 (2015-01-12) - Scheduled pushes and pulls correctly display in the logs - Scheduled caching correctly sets the next date of execution - Merge branch 'hotfix-2.3.38' into develop. [iglocska] +- Merge branch 'hotfix-2.3.38' into develop. [iglocska] +- Merge branch 'hotfix-2.3.38' into develop. [iglocska] - Merge branch 'hotfix-2.3.38' [iglocska] - Copy pasta fail. [iglocska] - Merge branch 'hotfix-2.3.38' [iglocska] @@ -40189,6 +41310,7 @@ v2.3.39 (2015-01-12) - text exports now allow restricting the results based on event id - Merge branch 'hotfix-2.3.37' into develop. [iglocska] + v2.3.37 (2014-12-12) -------------------- - Merge branch 'hotfix-2.3.37' [iglocska] @@ -40201,12 +41323,15 @@ v2.3.37 (2014-12-12) - Fix to some event altering actions not updating the timestamp. [iglocska] - Merge branch 'hotfix-2.3.35' into develop. [iglocska] +- Merge branch 'hotfix-2.3.35' into develop. [iglocska] + v2.3.36 (2014-12-10) -------------------- - Merge branch 'hotfix-2.3.35' [iglocska] - Small fix. [iglocska] + v2.3.35 (2014-12-10) -------------------- - Merge branch 'hotfix-2.3.35' [iglocska] @@ -40235,6 +41360,7 @@ v2.3.35 (2014-12-10) - Changed wording of warning message when entering a targeting type attribute, fixes #355. [iglocska] + v2.3.34 (2014-12-05) -------------------- - Merge branch 'hotfix-2.3.33' [iglocska] @@ -40243,6 +41369,7 @@ v2.3.34 (2014-12-05) - Merge branch 'hotfix-2.3.32' into develop. [iglocska] - Merge branch 'hotfix-2.3.31' into develop. [iglocska] + v2.3.33 (2014-12-03) -------------------- - Merge branch 'hotfix-2.3.32' [iglocska] @@ -40250,6 +41377,7 @@ v2.3.33 (2014-12-03) - xpath describing the current node and descendants is incorrect + v2.3.31 (2014-11-27) -------------------- - Merge branch 'hotfix-2.3.31' [iglocska] @@ -40263,6 +41391,7 @@ v2.3.31 (2014-11-27) - Small fix to wrapping text in the pivot graph - Merge branch 'hotfix-2.3.30' into develop. [iglocska] + v2.3.30 (2014-11-27) -------------------- - Merge branch 'hotfix-2.3.30' [iglocska] @@ -40280,6 +41409,7 @@ v2.3.30 (2014-11-27) - naming convention changed (orgc => source org, org => member org) - this should allow users to see if an event was generated on their instance or not. + v2.3.29 (2014-11-20) -------------------- - Merge branch 'hotfix-2.3.29' [iglocska] @@ -40292,21 +41422,27 @@ v2.3.29 (2014-11-20) - Merge branch 'hotfix-2.3.28' into develop. [iglocska] - Merge branch 'hotfix-2.3.27' into develop. [iglocska] + v2.3.28 (2014-11-19) -------------------- - Merge branch 'hotfix-2.3.28' [iglocska] - Fix to the CSRF protection blocking a proposal add. [iglocska] + v2.3.27 (2014-11-14) -------------------- - Merge branch 'hotfix-2.3.27' [iglocska] - Diagnostics check fails on PGP check if the server's key is a sign only key. [iglocska] - Merge branch 'hotfix-2.3.25' into develop. [iglocska] +- Merge branch 'hotfix-2.3.25' into develop. [iglocska] +- Merge branch 'hotfix-2.3.25' into develop. [iglocska] +- Merge branch 'hotfix-2.3.25' into develop. [iglocska] - Merge branch 'hotfix-2.3.25' [iglocska] - Further corner case fixed (shadow attribute to attribute, not event) [iglocska] + v2.3.26 (2014-11-14) -------------------- - Merge branch 'hotfix-2.3.25' [iglocska] @@ -40316,6 +41452,7 @@ v2.3.26 (2014-11-14) - Merge branch 'hotfix-2.3.25' [iglocska] - Added to the caching mechanism. [iglocska] + v2.3.25 (2014-11-14) -------------------- - Merge branch 'hotfix-2.3.25' [iglocska] @@ -40324,6 +41461,7 @@ v2.3.25 (2014-11-14) - Merge branch 'hotfix-2.3.23' into develop. [iglocska] - Merge branch 'hotfix-2.3.24' [iglocska] + v2.3.24 (2014-11-12) -------------------- - Fix to an issue with the CSV export. [iglocska] @@ -40331,16 +41469,19 @@ v2.3.24 (2014-11-12) - missing linebreak after header row added - fixed an issue with quotes in the value field not being escaped properly + v2.3.23 (2014-11-05) -------------------- - Merge branch 'hotfix-2.3.23' [iglocska] - Fixes issue with file attachments not being downloadable for users of another org. [iglocska] - Merge branch 'hotfix-2.3.22' into develop. [iglocska] +- Merge branch 'hotfix-2.3.22' into develop. [iglocska] - Merge branch 'hotfix-2.3.22' [iglocska] - Document referencing deprecated way of passing authkey in url. [iglocska] + v2.3.22 (2014-11-03) -------------------- - Merge branch 'hotfix-2.3.22' [iglocska] @@ -40350,12 +41491,14 @@ v2.3.22 (2014-11-03) - search on any sub-string match in the event info, orgc, attribute value, attribute comment via the API - Merge branch 'hotfix-2.3.21' into develop. [iglocska] + v2.3.21 (2014-10-31) -------------------- - Merge branch 'hotfix-2.3.21' [iglocska] - Fix to the missing accept terms button. [iglocska] - Merge branch 'hotfix-2.3.20' into develop. [iglocska] + v2.3.20 (2014-10-31) -------------------- - Merge branch 'hotfix-2.3.20' [iglocska] @@ -40370,11 +41513,14 @@ v2.3.20 (2014-10-31) - attribute search returns any event that has a a sub-string match on the entered attribute - can also be used to negate (e.g: don't show me any events that have a sub-string match on any of its attributes) - Merge branch 'hotfix-2.3.19' into develop. [iglocska] +- Merge branch 'hotfix-2.3.19' into develop. [iglocska] +- Merge branch 'hotfix-2.3.19' into develop. [iglocska] - Merge branch 'hotfix-2.3.19' [iglocska] - Left off from previous commit. [iglocska] - Merge branch 'hotfix-2.3.19' [iglocska] - Font change caused some misalignment. [iglocska] + v2.3.19 (2014-10-30) -------------------- - Merge branch 'hotfix-2.3.19' [iglocska] @@ -40392,9 +41538,11 @@ v2.3.19 (2014-10-30) - Mapping of hostnames to Network activity failed due to incorrect capitalistion - Temporarily removed the ignore function on certain indicators. Ignoring an element in an AND-ed branch happens without a pruning of the element IDs - Merge branch 'hotfix-2.3.18' into develop. [iglocska] +- Merge branch 'hotfix-2.3.18' into develop. [iglocska] - Merge branch 'hotfix-2.3.18' [iglocska] - Small visual fix. [iglocska] + v2.3.18 (2014-10-29) -------------------- - Merge branch 'hotfix-2.3.18' [iglocska] @@ -40405,6 +41553,7 @@ v2.3.18 (2014-10-29) - add, link, delete files directly from the interface - Merge branch 'hotfix-2.3.17' into develop. [iglocska] + v2.3.17 (2014-10-28) -------------------- - Merge branch 'hotfix-2.3.17' [iglocska] @@ -40415,21 +41564,25 @@ v2.3.17 (2014-10-28) - specify whether to show it inline or create a download link for users instead - by default everything is the same as before, except that the MISP installation path is no longer exposed by a non-existing terms file - Merge branch 'hotfix-2.3.16' into develop. [iglocska] +- Merge branch 'hotfix-2.3.16' into develop. [iglocska] - Merge branch 'hotfix-2.3.14' into develop. [iglocska] - Merge branch 'hotfix-2.3.16' [iglocska] - Version number fixed. [iglocska] + v2.3.16 (2014-10-27) -------------------- - Merge branch 'hotfix-2.3.16' [iglocska] - Made the version check exclusive to the diagnostics tab. [iglocska] + v2.3.15 (2014-10-27) -------------------- - Merge branch 'hotfix-2.3.15' [iglocska] - Event attribute pagination is persistent through edits / deletes. [iglocska] + v2.3.14 (2014-10-27) -------------------- - Merge branch 'hotfix-2.3.14' [iglocska] @@ -40459,6 +41612,8 @@ v2.3.14 (2014-10-27) - Fix to the GFI upload. [iglocska] - Merge branch 'hotfix-2.3.10' [iglocska] - Merge branch 'hotfix-2.3.9' into develop. [iglocska] +- Merge branch 'hotfix-2.3.9' into develop. [iglocska] +- Merge branch 'hotfix-2.3.9' into develop. [iglocska] - Merge branch 'hotfix-2.3.9' [iglocska] - Fix to the filters. [iglocska] - Merge branch 'hotfix-2.3.9' [iglocska] @@ -40474,6 +41629,7 @@ v2.3.14 (2014-10-27) - Added missing comment about enabling the scheduler worker fixes #295. [iglocska] - Merge branch 'hotfix-2.3.6' into develop. [iglocska] +- Merge branch 'hotfix-2.3.6' into develop. [iglocska] - Merge branch 'hotfix-2.3.6' [iglocska] - Fixes to the proposal ajax mechanism for newer cakephp versions. [iglocska] @@ -40489,6 +41645,10 @@ v2.3.14 (2014-10-27) Might revisit this in the future - Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] +- Merge branch 'hotfix-2.3.4' into develop. [iglocska] - Merge branch 'hotfix-2.3.3' into develop. [iglocska] - Merge branch 'hotfix-2.3.2' into develop. [iglocska] - Merge branch 'hotfix-2.3.4' [iglocska] @@ -40512,6 +41672,7 @@ v2.3.14 (2014-10-27) - CIDR now recognised by freetext import. [iglocska] - Typo fail fixed. [iglocska] + v2.3.0 (2014-10-07) ------------------- - Documentation changes. [iglocska] @@ -40561,6 +41722,7 @@ v2.3.0 (2014-10-07) - CakeResque's installation instructions changed - Merge branch 'hotfix-2.2.39' [iglocska] +- Merge branch 'hotfix-2.2.39' [iglocska] - Merge branch 'hotfix-2.2.38' [iglocska] - Updated .gitignore. [iglocska] - Issue with the new csrf protection with the new ajax fields. @@ -40631,6 +41793,7 @@ v2.3.0 (2014-10-07) partially responsible for #271. [iglocska] - Merge branch 'master' of https://github.com/MISP/MISP. [iglocska] - Merge branch 'hotfix-2.2.35' [iglocska] +- Merge branch 'hotfix-2.2.35' [iglocska] - Merge branch 'hotfix-2.2.36' [iglocska] - Added the confirmation box div to all the pages that can have the publish popup. [iglocska] @@ -40680,6 +41843,7 @@ v2.3.0 (2014-10-07) - changed the pull implementation for proposals - Merge branch 'hotfix-2.2.35' into feature/proposalfix. [iglocska] +- Merge branch 'hotfix-2.2.35' into feature/proposalfix. [iglocska] - Publishing now also pushes proposals. [iglocska] This is especially important to push deleted proposals once a proposal has been accepted @@ -40812,6 +41976,7 @@ v2.3.0 (2014-10-07) - Division by zero in e-mail alerts when calculating the progress of the background job - Merge branch 'hotfix-2.2.32' [iglocska] +- Merge branch 'hotfix-2.2.32' [iglocska] - Merge branch 'hotfix-2.2.32' into develop. [iglocska] - Removed junk left in the previous commit. [iglocska] - Update to the way xml files are cached. [iglocska] @@ -40907,6 +42072,7 @@ v2.3.0 (2014-10-07) - The tags parameter in the exports now correctly accepts null as a valid value even if it is the last parameter - Merge branch 'hotfix-2.2.20' [iglocska] +- Merge branch 'hotfix-2.2.20' [iglocska] - Merge branch 'hotfix-2.2.20' into develop. [iglocska] - Missing parantheses. [iglocska] @@ -40969,6 +42135,7 @@ v2.3.0 (2014-10-07) - Event description in alert e-mail subject made optional, fixes #231. [iglocska] - Merge branch 'hotfix-2.2.13' [iglocska] +- Merge branch 'hotfix-2.2.13' [iglocska] - Clearer disctinction between proposals that belong to an attribute and proposals to an event. [iglocska] - Ajaxification of the event page done also, replaced histogram in @@ -41185,9 +42352,15 @@ v2.3.0 (2014-10-07) - A colon in the tag search tag will render the tag search invalid. Since colons are commonly used in tag names, this poses an issue - users should use a semi-colon instead, which gets automatically converted to a colon. - Fixing newlines in script. [Christophe Vandeplas] - Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] - Minor corrections in the UPGRADE docu. [Christophe Vandeplas] - Clean cache at upgrade. [Christophe Vandeplas] - Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] +- Merge branch 'develop' [iglocska] + v2.2.1 (2014-02-19) ------------------- @@ -41900,6 +43073,7 @@ v2.2.1 (2014-02-19) - Helper will now only be called during view when it's not a rest request. - Merge branch 'hotfix-2.1.21' [iglocska] +- Merge branch 'hotfix-2.1.21' [iglocska] - Merge branch 'hotfix-2.1.21' into develop. [iglocska] - Accidental debug removed. [iglocska] - Merge branch 'hotfix-2.1.21' into develop. [iglocska] @@ -41908,6 +43082,8 @@ v2.2.1 (2014-02-19) - removed own proposals from the list - allowing site admin to see all proposals of any org - Merge branch 'hotfix-2.1.19' [iglocska] +- Merge branch 'hotfix-2.1.19' [iglocska] +- Merge branch 'hotfix-2.1.19' [iglocska] - Merge branch 'hotfix-2.1.20' [iglocska] - Merge branch 'hotfix-2.1.19' into develop. [iglocska] - Debug info removed. [iglocska] @@ -41966,6 +43142,8 @@ v2.2.1 (2014-02-19) - The idea is to draw a horizontal path instead of a vertical one - First refactoring of the pivoting. [iglocska] - Merge branch 'hotfix-2.1.18' [iglocska] +- Merge branch 'hotfix-2.1.18' [iglocska] +- Merge branch 'hotfix-2.1.18' [iglocska] - Merge branch 'hotfix/2.1.18' [Christophe Vandeplas] - Merge branch 'hotfix-2.1.18' into develop. [iglocska] - Deleting attributes deletes associated shadow attributes. [iglocska] @@ -41987,6 +43165,7 @@ v2.2.1 (2014-02-19) - Fix bug in pull updated events, improved performance. [Christophe Vandeplas] - Merge branch 'hotfix-2.1.17' [iglocska] +- Merge branch 'hotfix-2.1.17' [iglocska] - Merge branch 'hotfix-2.1.17' into develop. [iglocska] - Left-over line removed. [iglocska] - Merge branch 'hotfix-2.1.17' into develop. [iglocska] @@ -41997,6 +43176,8 @@ v2.2.1 (2014-02-19) - data only exported on view() not mass xml exports - Merge branch 'hotfix-2.1.15' [iglocska] +- Merge branch 'hotfix-2.1.15' [iglocska] +- Merge branch 'hotfix-2.1.15' [iglocska] - Merge branch 'hotfix-2.1.15' into develop. [iglocska] - Export fixes. [iglocska] @@ -42020,6 +43201,9 @@ v2.2.1 (2014-02-19) - Merge branch 'hotfix-2.1.13' into develop. [iglocska] - Removed vulnerability and comment from correlation. [iglocska] - Merge branch 'hotfix-2.1.12' [iglocska] +- Merge branch 'hotfix-2.1.12' [iglocska] +- Merge branch 'hotfix-2.1.12' [iglocska] +- Merge branch 'hotfix-2.1.12' [iglocska] - Merge branch 'hotfix-2.1.12' into develop. [iglocska] - Final change to the placement of the logos on the login page. [iglocska] @@ -42031,6 +43215,8 @@ v2.2.1 (2014-02-19) - Added second logo to the left of the login screen. [iglocska] - Merge branch 'hotfix-2.1.8' [iglocska] - Merge branch 'hotfix-2.1.11' [iglocska] +- Merge branch 'hotfix-2.1.11' [iglocska] +- Merge branch 'hotfix-2.1.11' [iglocska] - Merge branch 'hotfix-2.1.8' into develop. [iglocska] - A previous change reverted by accident in the previous commit. [iglocska] @@ -42608,6 +43794,7 @@ v2.2.1 (2014-02-19) - Some changes to the documentation - More updates to the manual. [iglocska] +- More updates to the manual. [iglocska] - Some UI changes and partial update to the manual. [iglocska] - Added 2 new type of attributes. [iglocska] @@ -43117,6 +44304,7 @@ v2.2.1 (2014-02-19) - Removed unused CyDefSIG.showowner field. Closes issue #93. [Christophe Vandeplas] - Merge branch 'develop' [Andras Iklody] +- Merge branch 'develop' [Andras Iklody] - Updated github url. [Christophe Vandeplas] - Merge branch 'master' of https://github.com/BeDefCERT/MISP. [iglocska] - Updated INSTALL docu and apache templates. [Christophe Vandeplas] @@ -45608,6 +46796,7 @@ v2.2.1 (2014-02-19) - Allow string-in-file. [Christophe Vandeplas] - Snort signature type has no datavalidation. [Christophe Vandeplas] - Added 'snort' signature type. [Christophe Vandeplas] +- Added 'snort' signature type. [Christophe Vandeplas] - Database structure and rough license. [Christophe Vandeplas] - List members (orgs) of the platform. [Christophe Vandeplas] - Allow to hide (default) the name of the Organisation that posted the @@ -45654,3 +46843,4 @@ v2.2.1 (2014-02-19) - Minor change. [Christophe Vandeplas] - Initial import. [Christophe Vandeplas] + From b32f397949cbca67f22f90ef940e0d658ba057ab Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 23 Feb 2022 09:52:59 +0100 Subject: [PATCH 0043/1366] fix: [internal] CIDR validation --- app/Lib/Tools/CidrTool.php | 12 +++++++++--- app/Model/AuthKey.php | 22 ++++++++++++---------- app/Test/CidrToolTest.php | 11 +++++++++++ 3 files changed, 32 insertions(+), 13 deletions(-) diff --git a/app/Lib/Tools/CidrTool.php b/app/Lib/Tools/CidrTool.php index b21351c0c..36d8b83c8 100644 --- a/app/Lib/Tools/CidrTool.php +++ b/app/Lib/Tools/CidrTool.php @@ -78,9 +78,15 @@ class CidrTool return false; } - $maximumNetmask = strlen($ipBytes) === 4 ? 32 : 128; - if (isset($parts[1]) && ($parts[1] > $maximumNetmask || $parts[1] < 0)) { - return false; // Netmask part of CIDR is invalid + if (isset($parts[1])) { + if (!ctype_digit($parts[1])) { + return false; + } + + $maximumNetmask = strlen($ipBytes) === 4 ? 32 : 128; + if ($parts[1] > $maximumNetmask || $parts[1] < 0) { + return false; // Netmask part of CIDR is invalid + } } return true; diff --git a/app/Model/AuthKey.php b/app/Model/AuthKey.php index 63990e97f..b06e902f9 100644 --- a/app/Model/AuthKey.php +++ b/app/Model/AuthKey.php @@ -2,6 +2,7 @@ App::uses('AppModel', 'Model'); App::uses('RandomTool', 'Tools'); App::uses('CidrTool', 'Tools'); +App::uses('JsonTool', 'Tools'); App::uses('BlowfishConstantPasswordHasher', 'Controller/Component/Auth'); /** @@ -47,19 +48,20 @@ class AuthKey extends AppModel } if (!empty($this->data['AuthKey']['allowed_ips'])) { - if (is_string($this->data['AuthKey']['allowed_ips'])) { - $this->data['AuthKey']['allowed_ips'] = trim($this->data['AuthKey']['allowed_ips']); - if (empty($this->data['AuthKey']['allowed_ips'])) { - $this->data['AuthKey']['allowed_ips'] = []; + $allowedIps = &$this->data['AuthKey']['allowed_ips']; + if (is_string($allowedIps)) { + $allowedIps = trim($allowedIps); + if (empty($allowedIps)) { + $allowedIps = []; } else { - $this->data['AuthKey']['allowed_ips'] = explode("\n", $this->data['AuthKey']['allowed_ips']); - $this->data['AuthKey']['allowed_ips'] = array_map('trim', $this->data['AuthKey']['allowed_ips']); + $allowedIps = preg_split('/([\n,])/', $allowedIps); + $allowedIps = array_map('trim', $allowedIps); } } - if (!is_array($this->data['AuthKey']['allowed_ips'])) { + if (!is_array($allowedIps)) { $this->invalidate('allowed_ips', 'Allowed IPs must be array'); } - foreach ($this->data['AuthKey']['allowed_ips'] as $cidr) { + foreach ($allowedIps as $cidr) { if (!CidrTool::validate($cidr)) { $this->invalidate('allowed_ips', "$cidr is not valid IP range"); } @@ -91,7 +93,7 @@ class AuthKey extends AppModel { foreach ($results as $key => $val) { if (isset($val['AuthKey']['allowed_ips'])) { - $results[$key]['AuthKey']['allowed_ips'] = $this->jsonDecode($val['AuthKey']['allowed_ips']); + $results[$key]['AuthKey']['allowed_ips'] = JsonTool::decode($val['AuthKey']['allowed_ips']); } } return $results; @@ -103,7 +105,7 @@ class AuthKey extends AppModel if (empty($this->data['AuthKey']['allowed_ips'])) { $this->data['AuthKey']['allowed_ips'] = null; } else { - $this->data['AuthKey']['allowed_ips'] = json_encode($this->data['AuthKey']['allowed_ips']); + $this->data['AuthKey']['allowed_ips'] = JsonTool::encode($this->data['AuthKey']['allowed_ips']); } } return true; diff --git a/app/Test/CidrToolTest.php b/app/Test/CidrToolTest.php index 2ea58bc29..d825962a4 100644 --- a/app/Test/CidrToolTest.php +++ b/app/Test/CidrToolTest.php @@ -5,6 +5,17 @@ use PHPUnit\Framework\TestCase; class CidrToolTest extends TestCase { + public function testValidate(): void + { + $this->assertTrue(CidrTool::validate('1.2.3.4')); + $this->assertTrue(CidrTool::validate('1.2.3.4/32')); + $this->assertTrue(CidrTool::validate('::1')); + $this->assertTrue(CidrTool::validate('::1/128')); + $this->assertFalse(CidrTool::validate('::1/a')); + $this->assertFalse(CidrTool::validate('1.2.3.4/a')); + $this->assertFalse(CidrTool::validate('1.2.3.4/32, 1.2.3.4')); + } + public function testEmptyList(): void { $cidrTool = new CidrTool([]); From 6504612d2c00f52171f3cd0186446c8655f173a0 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 23 Feb 2022 13:43:10 +0100 Subject: [PATCH 0044/1366] chg: [internal] Limit size of CSP report --- app/Controller/ServersController.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 6e144fd80..8c134317b 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -2,6 +2,7 @@ App::uses('AppController', 'Controller'); App::uses('Xml', 'Utility'); App::uses('AttachmentTool', 'Tools'); +App::uses('JsonTool', 'Tools'); App::uses('SecurityAudit', 'Tools'); /** @@ -2490,7 +2491,7 @@ misp.direct_call(relative_path, body) throw new MethodNotAllowedException('This action expects a POST request.'); } - $report = $this->Server->jsonDecode($this->request->input()); + $report = JsonTool::decode($this->request->input()); if (!isset($report['csp-report'])) { throw new RuntimeException("Invalid report"); } @@ -2500,9 +2501,13 @@ misp.direct_call(relative_path, body) if ($remoteIp) { $message .= ' from IP ' . $remoteIp; } - $this->log("$message: " . json_encode($report['csp-report'], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)); + $report = JsonTool::encode($report['csp-report'], true); + if (strlen($report) > 1024 * 1024) { // limit report to 1 kB + $report = substr($report, 0, 1024 * 1024) . '...'; + } + $this->log("$message: $report"); - return new CakeResponse(['statusCodes' => 204]); + return new CakeResponse(['status' => 204]); } public function viewDeprecatedFunctionUse() From e5969d46a9fd795f2cb98d595df5d78cddd292bb Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 23 Feb 2022 15:08:34 +0100 Subject: [PATCH 0045/1366] new: [test] CSP report --- tests/testlive_comprehensive_local.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/testlive_comprehensive_local.py b/tests/testlive_comprehensive_local.py index 1999e451c..2c65c9a6c 100644 --- a/tests/testlive_comprehensive_local.py +++ b/tests/testlive_comprehensive_local.py @@ -633,6 +633,14 @@ class TestComprehensive(unittest.TestCase): event = check_response(self.user_misp_connector.add_event(event)) self.user_misp_connector.delete_event(event) + def test_csp_report(self): + response = self.admin_misp_connector._prepare_request('POST', 'servers/cspReport', data={ + "csp-report": { + "test": "test", + } + }) + self.assertEqual(204, response.status_code) + def _search(self, query: dict): response = self.admin_misp_connector._prepare_request('POST', 'events/restSearch', data=query) response = self.admin_misp_connector._check_response(response) From 4d9543d00ad2ca37b68a5269de9bd29c191057ea Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 14:04:04 +0100 Subject: [PATCH 0046/1366] new: [bgjobs] Allow to set Redis read timeout --- app/Lib/Tools/BackgroundJobsTool.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Lib/Tools/BackgroundJobsTool.php b/app/Lib/Tools/BackgroundJobsTool.php index def9d427a..f97160e05 100644 --- a/app/Lib/Tools/BackgroundJobsTool.php +++ b/app/Lib/Tools/BackgroundJobsTool.php @@ -576,6 +576,9 @@ class BackgroundJobsTool $redis->connect($this->settings['redis_host'], $this->settings['redis_port']); $redis->setOption(Redis::OPT_SERIALIZER, Redis::SERIALIZER_JSON); $redis->setOption(Redis::OPT_PREFIX, $this->settings['redis_namespace'] . ':'); + if (isset($this->settings['redis_read_timeout'])) { + $redis->setOption(Redis::OPT_READ_TIMEOUT, $this->settings['redis_read_timeout']); + } $redisPassword = $this->settings['redis_password']; if (!empty($redisPassword)) { From 4959173af6bcc89c99739069198454781ca40df8 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 14:45:10 +0100 Subject: [PATCH 0047/1366] fix: [bgjobs] Try to close pipes before proc_close --- app/Lib/Tools/BackgroundJobs/BackgroundJob.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/Lib/Tools/BackgroundJobs/BackgroundJob.php b/app/Lib/Tools/BackgroundJobs/BackgroundJob.php index fcf40f13b..17fa17567 100644 --- a/app/Lib/Tools/BackgroundJobs/BackgroundJob.php +++ b/app/Lib/Tools/BackgroundJobs/BackgroundJob.php @@ -89,7 +89,9 @@ class BackgroundJob implements JsonSerializable ); $this->output = stream_get_contents($pipes[1]); + fclose($pipes[1]); $this->error = stream_get_contents($pipes[2]); + fclose($pipes[2]); $this->returnCode = proc_close($process); From 5ed82b671421c76b72823a452080173c753a58a7 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 15:09:04 +0100 Subject: [PATCH 0048/1366] chg: [bgjobs] Add command name to logs --- app/Console/Command/StartWorkerShell.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/Console/Command/StartWorkerShell.php b/app/Console/Command/StartWorkerShell.php index 5902cf498..abf344cbd 100644 --- a/app/Console/Command/StartWorkerShell.php +++ b/app/Console/Command/StartWorkerShell.php @@ -78,7 +78,9 @@ class StartWorkerShell extends AppShell try { $job->setStatus(BackgroundJob::STATUS_RUNNING); - CakeLog::info("[JOB ID: {$job->id()}] - started."); + + $command = implode(' ', array_merge([$job->command()], $job->args())); + CakeLog::info("[JOB ID: {$job->id()}] - started command `$command`."); $this->BackgroundJobsTool->update($job); $job->run(); From 0cde5744c6e03f01f95b55f031b85c5855bd5826 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 15:09:23 +0100 Subject: [PATCH 0049/1366] fix: [bgjobs] First read STDERR, then STDOUT --- app/Lib/Tools/BackgroundJobs/BackgroundJob.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Lib/Tools/BackgroundJobs/BackgroundJob.php b/app/Lib/Tools/BackgroundJobs/BackgroundJob.php index 17fa17567..96a3e1a20 100644 --- a/app/Lib/Tools/BackgroundJobs/BackgroundJob.php +++ b/app/Lib/Tools/BackgroundJobs/BackgroundJob.php @@ -88,10 +88,10 @@ class BackgroundJob implements JsonSerializable ['BACKGROUND_JOB_ID' => $this->id] ); - $this->output = stream_get_contents($pipes[1]); - fclose($pipes[1]); $this->error = stream_get_contents($pipes[2]); fclose($pipes[2]); + $this->output = stream_get_contents($pipes[1]); + fclose($pipes[1]); $this->returnCode = proc_close($process); From a60825cbcc8a5cf58a00d6e9b25eb04611968801 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 15:44:40 +0100 Subject: [PATCH 0050/1366] fix: [bgjobs] Try to avoid deadlock --- .../Tools/BackgroundJobs/BackgroundJob.php | 42 ++++++++++++++++--- 1 file changed, 36 insertions(+), 6 deletions(-) diff --git a/app/Lib/Tools/BackgroundJobs/BackgroundJob.php b/app/Lib/Tools/BackgroundJobs/BackgroundJob.php index 96a3e1a20..57fdd00bb 100644 --- a/app/Lib/Tools/BackgroundJobs/BackgroundJob.php +++ b/app/Lib/Tools/BackgroundJobs/BackgroundJob.php @@ -88,12 +88,7 @@ class BackgroundJob implements JsonSerializable ['BACKGROUND_JOB_ID' => $this->id] ); - $this->error = stream_get_contents($pipes[2]); - fclose($pipes[2]); - $this->output = stream_get_contents($pipes[1]); - fclose($pipes[1]); - - $this->returnCode = proc_close($process); + $this->pool($process, $pipes); if ($this->returnCode === 0 && empty($stderr)) { $this->setStatus(BackgroundJob::STATUS_COMPLETED); @@ -103,6 +98,41 @@ class BackgroundJob implements JsonSerializable } } + private function pool($process, array $pipes) + { + stream_set_blocking($pipes[1], false); + stream_set_blocking($pipes[2], false); + + $this->output = ''; + $this->error = ''; + + while (true) { + $read = [$pipes[1], $pipes[2]]; + $write = null; + $except = null; + + if (false === ($changedStreams = stream_select($read, $write, $except, 5))) { + throw new RuntimeException("Could not select stream"); + } elseif ($changedStreams > 0) { + $this->output .= stream_get_contents($pipes[1]); + $this->error .= stream_get_contents($pipes[2]); + } + $status = proc_get_status($process); + if (!$status['running']) { + // Just in case read rest data from stream + $this->output .= stream_get_contents($pipes[1]); + $this->error .= stream_get_contents($pipes[2]); + + fclose($pipes[1]); + fclose($pipes[2]); + + proc_close($process); + $this->returnCode = $status['exitcode']; + break; + } + } + } + public function jsonSerialize(): array { return [ From 9bc899e3a491351022cf35e820f89ca47b49b130 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 16:42:56 +0100 Subject: [PATCH 0051/1366] fix: [internal] Append variable just when not null --- app/Console/Command/EventShell.php | 2 +- app/Model/Event.php | 18 +++++++++++------- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/app/Console/Command/EventShell.php b/app/Console/Command/EventShell.php index 6bd8eb904..99a5d1b78 100644 --- a/app/Console/Command/EventShell.php +++ b/app/Console/Command/EventShell.php @@ -281,7 +281,7 @@ class EventShell extends AppShell $userId = $this->args[0]; $jobId = $this->args[1]; $eventId = $this->args[2]; - $oldpublish = $this->args[3]; + $oldpublish = isset($this->args[3]) ? $this->args[3] : null; $user = $this->getUser($userId); $this->Event->sendAlertEmail($eventId, $user, $oldpublish, $jobId); } diff --git a/app/Model/Event.php b/app/Model/Event.php index 9f6c7f9f0..8a5a5bbb7 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3166,16 +3166,20 @@ class Event extends AppModel $job = ClassRegistry::init('Job'); $jobId = $job->createJob($user, Job::WORKER_EMAIL, 'publish_alert_email', "Event: $id", 'Sending...'); + $args = [ + 'alertemail', + $user['id'], + $jobId, + $id, + ]; + if ($oldpublish !== null) { + $args[] = $oldpublish; + } + $this->getBackgroundJobsTool()->enqueue( BackgroundJobsTool::EMAIL_QUEUE, BackgroundJobsTool::CMD_EVENT, - [ - 'alertemail', - $user['id'], - $jobId, - $id, - $oldpublish - ], + $args, true, $jobId ); From 341687cb616f1a32115f3faf7c9b661e9bfffeba Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 22 Feb 2022 17:27:13 +0100 Subject: [PATCH 0052/1366] chg: [internal] Simplify logging when pulling events --- app/Model/Event.php | 72 ++++++--------------------------------------- app/Model/Log.php | 8 ++--- 2 files changed, 13 insertions(+), 67 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 8a5a5bbb7..4d3555039 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3707,20 +3707,9 @@ class Event extends AppModel return 'Blocked by event block rules'; } $breakOnDuplicate = !empty($data['Event']['breakOnDuplicate']); - $this->Log = ClassRegistry::init('Log'); if (empty($data['Event']['Attribute']) && empty($data['Event']['Object']) && !empty($data['Event']['published']) && empty($data['Event']['EventReport'])) { - $this->Log->create(); $validationErrors['Event'] = 'Received a published event that was empty. Event add process blocked.'; - $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Event', - 'model_id' => 0, - 'email' => $user['email'], - 'action' => 'add', - 'user_id' => $user['id'], - 'title' => $validationErrors['Event'], - 'change' => '' - )); + $this->loadLog()->createLogEntry($user, 'add', 'Event', 0, $validationErrors['Event']); return json_encode($validationErrors); } $this->create(); @@ -3848,17 +3837,8 @@ class Event extends AppModel } else { $st = "disabled"; } - $this->Log->create(); - $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Event', - 'model_id' => $saveResult['Event']['id'], - 'email' => $user['email'], - 'action' => 'add', - 'user_id' => $user['id'], - 'title' => 'Event pulled from Server(' . $server['Server']['id'] . ') - "' . $server['Server']['name'] . '" - Notification by mail ' . $st, - 'change' => '' - )); + $logTitle = 'Event pulled from Server (' . $server['Server']['id'] . ') - "' . $server['Server']['name'] . '" - Notification by mail ' . $st; + $this->loadLog()->createLogEntry($user, 'add', 'Event', $saveResult['Event']['id'], $logTitle); } if (!empty($data['Event']['EventTag'])) { $toSave = []; @@ -3955,7 +3935,7 @@ class Event extends AppModel if (empty($found)) { $this->EventTag->create(); if ($this->EventTag->save(array('event_id' => $this->id, 'tag_id' => $tag_id))) { - $this->Log->createLogEntry($user, 'tag', 'Event', $this->id, 'Attached tag (' . $tag_id . ') "' . $tag['Tag']['name'] . '" to event (' . $this->id . ')', 'Event (' . $this->id . ') tagged as Tag (' . $tag_id . ')'); + $this->loadLog()->createLogEntry($user, 'tag', 'Event', $this->id, 'Attached tag (' . $tag_id . ') "' . $tag['Tag']['name'] . '" to event (' . $this->id . ')', 'Event (' . $this->id . ') tagged as Tag (' . $tag_id . ')'); } } } @@ -4086,7 +4066,6 @@ class Event extends AppModel 'extends_uuid' ); $saveResult = $this->save(array('Event' => $data['Event']), array('fieldList' => $fieldList)); - $this->Log = ClassRegistry::init('Log'); if ($saveResult) { if ($jobId) { /** @var EventLock $eventLock */ @@ -4163,17 +4142,7 @@ class Event extends AppModel // However, if a tag couldn't be added, it could also be that the user is a tagger but not a tag editor // In which case if no matching tag is found, no tag ID is returned. Logging these is pointless as it is the correct behaviour. if ($user['Role']['perm_tag_editor']) { - $this->Log->create(); - $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Event', - 'model_id' => $this->id, - 'email' => $user['email'], - 'action' => 'edit', - 'user_id' => $user['id'], - 'title' => 'Failed create or attach Tag ' . $tag['name'] . ' to the event.', - 'change' => '' - )); + $this->loadLog()->createLogEntry($user, 'edit', 'Event', $this->id, "Failed create or attach Tag {$tag['name']} to the event."); } } } @@ -4186,35 +4155,12 @@ class Event extends AppModel if ($changed && (!empty($data['Event']['published']) && 1 == $data['Event']['published'])) { // The edited event is from a remote server ? if ($passAlong) { - if ($server['Server']['publish_without_email'] == 0) { - $st = "enabled"; - } else { - $st = "disabled"; - } - $this->Log->create(); - $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Event', - 'model_id' => $saveResult['Event']['id'], - 'email' => $user['email'], - 'action' => 'add', - 'user_id' => $user['id'], - 'title' => 'Event edited from Server(' . $server['Server']['id'] . ') - "' . $server['Server']['name'] . '" - Notification by mail ' . $st, - 'change' => '' - )); + $st = $server['Server']['publish_without_email'] == 0 ? 'enabled' : 'disabled'; + $logTitle = 'Event edited from Server (' . $server['Server']['id'] . ') - "' . $server['Server']['name'] . '" - Notification by mail ' . $st; } else { - $this->Log->create(); - $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Event', - 'model_id' => $saveResult['Event']['id'], - 'email' => $user['email'], - 'action' => 'add', - 'user_id' => $user['id'], - 'title' => 'Event edited (locally)', - 'change' => '' - )); + $logTitle = 'Event edited (locally)'; } + $this->loadLog()->createLogEntry($user, 'add', 'Event', $saveResult['Event']['id'], $logTitle); // do the necessary actions to publish the event (email, upload,...) if ((true != Configure::read('MISP.disablerestalert')) && (empty($server) || empty($server['Server']['publish_without_email']))) { $this->sendAlertEmailRouter($id, $user, $existingEvent['Event']['publish_timestamp']); diff --git a/app/Model/Log.php b/app/Model/Log.php index af4315efe..6174a3976 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -205,13 +205,13 @@ class Log extends AppModel return; // Do not store tag changes when new audit is enabled } if ($user === 'SYSTEM') { - $user = array('Organisation' => array('name' => 'SYSTEM'), 'email' => 'SYSTEM', 'id' => 0); + $user = ['Organisation' => ['name' => 'SYSTEM'], 'email' => 'SYSTEM', 'id' => 0]; } else if (!is_array($user)) { throw new InvalidArgumentException("User must be array or 'SYSTEM' string."); } if (is_array($change)) { - $output = array(); + $output = []; foreach ($change as $field => $values) { $isSecret = strpos($field, 'password') !== false || ($field === 'authkey' && Configure::read('Security.do_not_log_authkeys')); if ($isSecret) { @@ -225,7 +225,7 @@ class Log extends AppModel } $this->create(); - $result = $this->save(array( + $result = $this->save(['Log' => [ 'org' => $user['Organisation']['name'], 'email' => $user['email'], 'user_id' => $user['id'], @@ -234,7 +234,7 @@ class Log extends AppModel 'change' => $change, 'model' => $model, 'model_id' => $modelId, - )); + ]]); if (!$result) { if ($action === 'request' && !empty(Configure::read('MISP.log_paranoid_skip_db'))) { From 3dc40aa33e1219c563d8f70f0281c33a008a3b98 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 23 Feb 2022 16:29:56 +0100 Subject: [PATCH 0053/1366] fix: [internal] Class 'Folder' not found --- app/Model/Dashboard.php | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/app/Model/Dashboard.php b/app/Model/Dashboard.php index cf24aff44..c74698530 100644 --- a/app/Model/Dashboard.php +++ b/app/Model/Dashboard.php @@ -29,7 +29,13 @@ class Dashboard extends AppModel ) ); - public function loadWidget($user, $name, $returnOnException = false) + /** + * @param array $user + * @param string $name + * @param bool $returnOnException + * @return false|mixed + */ + public function loadWidget(array $user, $name, $returnOnException = false) { $name = str_replace('/', '', $name); if (file_exists(APP . 'Lib/Dashboard/' . $name . '.php')) { @@ -37,14 +43,17 @@ class Dashboard extends AppModel } else if (file_exists(APP . 'Lib/Dashboard/Custom/' . $name . '.php')) { App::uses($name, 'Dashboard/Custom'); } else { - $customdir = new Folder(APP . 'Lib/Dashboard/Custom'); - $subDirectories = $customdir->read(); $found = false; - foreach ($subDirectories[0] as $subDir) { - if (file_exists(APP . 'Lib/Dashboard/Custom/' . $subDir . '/' . $name . '.php')) { - App::uses($name, 'Dashboard/Custom/' . $subDir); - $found = true; - break; + if (file_exists(APP . 'Lib/Dashboard/Custom')) { + App::uses('Folder', 'Utility'); + $customdir = new Folder(APP . 'Lib/Dashboard/Custom'); + $subDirectories = $customdir->read(); + foreach ($subDirectories[0] as $subDir) { + if (file_exists(APP . 'Lib/Dashboard/Custom/' . $subDir . '/' . $name . '.php')) { + App::uses($name, 'Dashboard/Custom/' . $subDir); + $found = true; + break; + } } } if (!$found) { @@ -55,13 +64,11 @@ class Dashboard extends AppModel } } $widget = new $name(); - if (method_exists($widget, 'checkPermissions')) { - if (!$widget->checkPermissions($user)) { - if ($returnOnException) { - return false; - } - throw new NotFoundException(__('Invalid widget or widget not found.')); + if (method_exists($widget, 'checkPermissions') && !$widget->checkPermissions($user)) { + if ($returnOnException) { + return false; } + throw new NotFoundException(__('Invalid widget or widget not found.')); } return $widget; } @@ -72,12 +79,12 @@ class Dashboard extends AppModel '/', '/Custom' ); + App::uses('Folder', 'Utility'); $customdir = new Folder(APP . 'Lib/Dashboard/Custom'); $subDirectories = $customdir->read(); foreach ($subDirectories[0] as $subDir) { $paths[] = '/Custom/' . $subDir; } - $widgetMeta = array(); $widgets = array(); foreach ($paths as $path) { $currentDir = new Folder(APP . 'Lib/Dashboard' . $path); From ae25fb0ad1b9c0408b2c802788d90fb63935286b Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 23 Feb 2022 16:59:01 +0100 Subject: [PATCH 0054/1366] chg: [internal] Simplify code for deleting multiple attributes --- app/Controller/AttributesController.php | 68 ++++++++++--------------- 1 file changed, 28 insertions(+), 40 deletions(-) diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index c6ad3273d..485164f1f 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -1147,12 +1147,11 @@ class AttributesController extends AppController } } - public function deleteSelected($id = false, $hard = false) + public function deleteSelected($eventId = false, $hard = false) { - if (!$this->request->is('post')) { - if ($this->request->is('get')) { - return $this->RestResponse->describe('Attributes', 'deleteSelected', false, $this->response->type()); - } + if ($this->request->is('get')) { + return $this->RestResponse->describe('Attributes', 'deleteSelected', false, $this->response->type()); + } else if (!$this->request->is('post')) { throw new MethodNotAllowedException(__('This function is only accessible via POST requests.')); } // get a json object with a list of attribute IDs to be deleted @@ -1166,21 +1165,21 @@ class AttributesController extends AppController } else { $ids = $this->request->data['Attribute']; } - if (empty($id) && isset($this->request->data['Attribute']['event_id']) && is_numeric($this->request->data['Attribute']['event_id'])) { - $id = $this->request->data['Attribute']['event_id']; + if (empty($eventId) && isset($this->request->data['Attribute']['event_id']) && is_numeric($this->request->data['Attribute']['event_id'])) { + $eventId = $this->request->data['Attribute']['event_id']; } } else { $ids = json_decode($this->request->data['Attribute']['ids_delete']); } - if (empty($id)) { + if (empty($eventId)) { throw new MethodNotAllowedException(__('No event ID set.')); } if (!$this->_isSiteAdmin()) { - $event = $this->Attribute->Event->find('first', array( - 'conditions' => array('id' => $id), - 'recursive' => -1, - 'fields' => array('id', 'orgc_id', 'user_id') - )); + $event = $this->Attribute->Event->find('first', [ + 'conditions' => ['id' => $eventId], + 'recursive' => -1, + 'fields' => ['id', 'orgc_id', 'user_id'], + ]); if (!$event) { throw new NotFoundException(__('Invalid event')); } @@ -1191,54 +1190,43 @@ class AttributesController extends AppController if (empty($ids)) { $ids = -1; } - $conditions = array('id' => $ids, 'event_id' => $id); - if ($ids == 'all') { + $conditions = ['id' => $ids, 'event_id' => $eventId]; + if ($ids === 'all') { unset($conditions['id']); } if ($hard || ($this->_isRest() && empty($this->request->data['Attribute']['allow_hard_delete']))) { $conditions['deleted'] = 0; } // find all attributes from the ID list that also match the provided event ID. - $attributes = $this->Attribute->find('all', array( - 'recursive' => -1, + $attributes = $this->Attribute->find('list', [ 'conditions' => $conditions, - 'fields' => array('id', 'event_id', 'deleted') - )); - if ($ids == 'all') { - $ids = array(); - foreach ($attributes as $attribute) { - $ids[] = $attribute['Attribute']['id']; - } + 'fields' => ['id', 'deleted'], + ]); + if ($ids === 'all') { + $ids = array_keys($attributes); } if (empty($attributes)) { throw new NotFoundException(__('No matching attributes found.')); } - $successes = array(); - foreach ($attributes as $a) { - if ($hard) { - if ($this->Attribute->deleteAttribute($a['Attribute']['id'], $this->Auth->user(), true)) { - $successes[] = $a['Attribute']['id']; - } - } else { - if ($this->Attribute->deleteAttribute($a['Attribute']['id'], $this->Auth->user(), $a['Attribute']['deleted'] == 1 ? true : false)) { - $successes[] = $a['Attribute']['id']; - } + $successes = []; + foreach ($attributes as $attributeId => $deleted) { + if ($this->Attribute->deleteAttribute($attributeId, $this->Auth->user(), $hard || $deleted == 1)) { + $successes[] = $attributeId; } } $fails = array_diff($ids, $successes); - $this->autoRender = false; - if (count($fails) == 0 && count($successes) > 0) { - $message = count($successes) . ' attribute' . (count($successes) != 1 ? 's' : '') . ' deleted.'; + if (empty($fails) && count($successes) > 0) { + $message = __n('%s attribute deleted.', '%s attributes deleted', count($successes), count($successes)); if ($this->_isRest()) { - return $this->RestResponse->saveSuccessResponse('Attributes', 'deleteSelected', $id, false, $message); + return $this->RestResponse->saveSuccessResponse('Attributes', 'deleteSelected', $eventId, false, $message); } - return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => $message)), 'status'=>200, 'type' => 'json')); + return $this->RestResponse->viewData(['saved' => true, 'success' => $message], 'json'); } else { $message = count($successes) . ' attribute' . (count($successes) != 1 ? 's' : '') . ' deleted, but ' . count($fails) . ' attribute' . (count($fails) != 1 ? 's' : '') . ' could not be deleted.'; if ($this->_isRest()) { return $this->RestResponse->saveFailResponse('Attributes', 'deleteSelected', false, $message); } - return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $message)), 'status'=>200, 'type' => 'json')); + return $this->RestResponse->viewData(['saved' => false, 'errors' => $message], 'json'); } } From 16077d0237803d6c59d06dca1a52e9cb22d81cfc Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 09:22:41 +0100 Subject: [PATCH 0055/1366] new: [test] Search index by eventid --- tests/testlive_comprehensive_local.py | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/testlive_comprehensive_local.py b/tests/testlive_comprehensive_local.py index 1999e451c..7485d6516 100644 --- a/tests/testlive_comprehensive_local.py +++ b/tests/testlive_comprehensive_local.py @@ -258,6 +258,27 @@ class TestComprehensive(unittest.TestCase): self.user_misp_connector.delete_event(event) + def test_search_index_by_eventid(self): + # Search by non exists uuid + index = self.admin_misp_connector.search_index(eventid=uuid.uuid4()) + self.assertEqual(len(index), 0, index) + + # Search by non exists id + index = self.admin_misp_connector.search_index(eventid=9999) + self.assertEqual(len(index), 0, index) + + event = create_simple_event() + event = self.user_misp_connector.add_event(event) + check_response(event) + + index = self.admin_misp_connector.search_index(eventid=event.id) + self.assertEqual(len(index), 1, index) + + index = self.admin_misp_connector.search_index(eventid=event.uuid) + self.assertEqual(len(index), 1, index) + + self.user_misp_connector.delete_event(event) + def test_search_index_minimal(self): # pythonify is not supported for minimal results self.user_misp_connector.global_pythonify = False From 5ec36f8d4b189628752d3794b511d4b187e13374 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 09:37:27 +0100 Subject: [PATCH 0056/1366] fix: [internal] Event ID translator --- app/Model/Event.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 8247801d4..07d3108c8 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -1363,7 +1363,11 @@ class Event extends AppModel if (empty($data)) { return null; } - return $data; + // Old format used by old MISP version + if (isset($data['id'])) { + return $data; + } + return $data[0]; } public function quickDelete(array $event) From d72dd18bad1b9138aff9b76423c299400cb9591e Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 09:58:28 +0100 Subject: [PATCH 0057/1366] fix: [security] Do not allow to fetch value of redacted setting --- app/Controller/ServersController.php | 29 +++++++++++++++------------ app/Model/Server.php | 16 +++++++-------- tests/testlive_comprehensive_local.py | 10 ++++++++- 3 files changed, 32 insertions(+), 23 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 8c134317b..a6b9b1c73 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -1442,23 +1442,23 @@ class ServersController extends AppController $this->render('ajax/submoduleStatus'); } - public function getSetting($setting_name) + public function getSetting($settingName) { - $setting = $this->Server->getSettingData($setting_name); - if (!empty($setting["redacted"])) { - throw new MethodNotAllowedException(__('This setting is redacted.')); + $setting = $this->Server->getSettingData($settingName); + if (!$setting) { + throw new NotFoundException(__('Setting %s is invalid.', $settingName)); } - if (Configure::check($setting_name)) { - $setting['value'] = Configure::read($setting_name); + if (!empty($setting["redacted"])) { + throw new ForbiddenException(__('This setting is redacted.')); + } + if (Configure::check($settingName)) { + $setting['value'] = Configure::read($settingName); } return $this->RestResponse->viewData($setting); } - public function serverSettingsEdit($setting_name, $id = false, $forceSave = false) + public function serverSettingsEdit($settingName, $id = false, $forceSave = false) { - if (!isset($setting_name)) { - throw new MethodNotAllowedException(); - } if (!$this->_isRest()) { if (!isset($id)) { throw new MethodNotAllowedException(); @@ -1466,9 +1466,9 @@ class ServersController extends AppController $this->set('id', $id); } - $setting = $this->Server->getSettingData($setting_name); + $setting = $this->Server->getSettingData($settingName); if ($setting === false) { - throw new NotFoundException(__('Setting %s is invalid.', $setting_name)); + throw new NotFoundException(__('Setting %s is invalid.', $settingName)); } if (!empty($setting['cli_only'])) { throw new MethodNotAllowedException(__('This setting can only be edited via the CLI.')); @@ -1489,7 +1489,10 @@ class ServersController extends AppController $subGroup = 'general'; } if ($this->_isRest()) { - return $this->RestResponse->viewData(array($setting['name'] => $setting['value'])); + if (!empty($setting['redacted'])) { + throw new ForbiddenException(__('This setting is redacted.')); + } + return $this->RestResponse->viewData([$setting['name'] => $setting['value']]); } else { $this->set('subGroup', $subGroup); $this->set('setting', $setting); diff --git a/app/Model/Server.php b/app/Model/Server.php index ee5e06fd4..d28b1f538 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -1294,8 +1294,7 @@ class Server extends AppModel { $serverSettings = $this->serverSettings; $moduleTypes = array('Enrichment', 'Import', 'Export', 'Cortex'); - $serverSettings = $this->readModuleSettings($serverSettings, $moduleTypes); - return $serverSettings; + return $this->readModuleSettings($serverSettings, $moduleTypes); } /** @@ -2156,33 +2155,32 @@ class Server extends AppModel } /** - * @param string $setting_name + * @param string $settingName * @return array|false False if setting doesn't exists */ - public function getSettingData($setting_name, $withOptions = true) + public function getSettingData($settingName, $withOptions = true) { // This is just hack to reset opcache, so for next request cache will be reloaded. $this->opcacheResetConfig(); - if (strpos($setting_name, 'Plugin.Enrichment') !== false || strpos($setting_name, 'Plugin.Import') !== false || strpos($setting_name, 'Plugin.Export') !== false || strpos($setting_name, 'Plugin.Cortex') !== false) { + if (strpos($settingName, 'Plugin.Enrichment') !== false || strpos($settingName, 'Plugin.Import') !== false || strpos($settingName, 'Plugin.Export') !== false || strpos($settingName, 'Plugin.Cortex') !== false) { $serverSettings = $this->getCurrentServerSettings(); } else { $serverSettings = $this->serverSettings; } $setting = $serverSettings; - $parts = explode('.', $setting_name); + $parts = explode('.', $settingName); foreach ($parts as $part) { if (isset($setting[$part])) { $setting = $setting[$part]; } else { - $setting = false; - break; + return false; } } if (isset($setting['level'])) { - $setting['name'] = $setting_name; + $setting['name'] = $settingName; if ($withOptions && isset($setting['optionsSource'])) { $setting['options'] = $setting['optionsSource'](); } diff --git a/tests/testlive_comprehensive_local.py b/tests/testlive_comprehensive_local.py index 2c65c9a6c..4826302c0 100644 --- a/tests/testlive_comprehensive_local.py +++ b/tests/testlive_comprehensive_local.py @@ -13,7 +13,7 @@ logging.disable(logging.CRITICAL) logger = logging.getLogger('pymisp') -from pymisp import PyMISP, MISPOrganisation, MISPUser, MISPRole, MISPSharingGroup, MISPEvent, MISPLog, MISPSighting, Distribution, ThreatLevel, Analysis, MISPEventReport +from pymisp import PyMISP, MISPOrganisation, MISPUser, MISPRole, MISPSharingGroup, MISPEvent, MISPLog, MISPSighting, Distribution, ThreatLevel, Analysis, MISPEventReport, MISPServerError # Load access information for env variables url = "http://" + os.environ["HOST"] @@ -641,6 +641,14 @@ class TestComprehensive(unittest.TestCase): }) self.assertEqual(204, response.status_code) + def test_redacted_setting(self): + response = self.admin_misp_connector.get_server_setting('Security.salt') + self.assertEqual(403, response["errors"][0]) + + response = self.admin_misp_connector._prepare_request('GET', 'servers/serverSettingsEdit/Security.salt') + response = self.admin_misp_connector._check_json_response(response) + self.assertEqual(403, response["errors"][0]) + def _search(self, query: dict): response = self.admin_misp_connector._prepare_request('POST', 'events/restSearch', data=query) response = self.admin_misp_connector._check_response(response) From 351d2bfa201a4b86532f319d39aadb40af961173 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 09:58:28 +0100 Subject: [PATCH 0058/1366] fix: [security] Do not allow to fetch value of redacted setting --- app/Controller/ServersController.php | 29 +++++++++++++++------------ app/Model/Server.php | 16 +++++++-------- tests/testlive_comprehensive_local.py | 10 ++++++++- 3 files changed, 32 insertions(+), 23 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 8c134317b..a6b9b1c73 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -1442,23 +1442,23 @@ class ServersController extends AppController $this->render('ajax/submoduleStatus'); } - public function getSetting($setting_name) + public function getSetting($settingName) { - $setting = $this->Server->getSettingData($setting_name); - if (!empty($setting["redacted"])) { - throw new MethodNotAllowedException(__('This setting is redacted.')); + $setting = $this->Server->getSettingData($settingName); + if (!$setting) { + throw new NotFoundException(__('Setting %s is invalid.', $settingName)); } - if (Configure::check($setting_name)) { - $setting['value'] = Configure::read($setting_name); + if (!empty($setting["redacted"])) { + throw new ForbiddenException(__('This setting is redacted.')); + } + if (Configure::check($settingName)) { + $setting['value'] = Configure::read($settingName); } return $this->RestResponse->viewData($setting); } - public function serverSettingsEdit($setting_name, $id = false, $forceSave = false) + public function serverSettingsEdit($settingName, $id = false, $forceSave = false) { - if (!isset($setting_name)) { - throw new MethodNotAllowedException(); - } if (!$this->_isRest()) { if (!isset($id)) { throw new MethodNotAllowedException(); @@ -1466,9 +1466,9 @@ class ServersController extends AppController $this->set('id', $id); } - $setting = $this->Server->getSettingData($setting_name); + $setting = $this->Server->getSettingData($settingName); if ($setting === false) { - throw new NotFoundException(__('Setting %s is invalid.', $setting_name)); + throw new NotFoundException(__('Setting %s is invalid.', $settingName)); } if (!empty($setting['cli_only'])) { throw new MethodNotAllowedException(__('This setting can only be edited via the CLI.')); @@ -1489,7 +1489,10 @@ class ServersController extends AppController $subGroup = 'general'; } if ($this->_isRest()) { - return $this->RestResponse->viewData(array($setting['name'] => $setting['value'])); + if (!empty($setting['redacted'])) { + throw new ForbiddenException(__('This setting is redacted.')); + } + return $this->RestResponse->viewData([$setting['name'] => $setting['value']]); } else { $this->set('subGroup', $subGroup); $this->set('setting', $setting); diff --git a/app/Model/Server.php b/app/Model/Server.php index ee5e06fd4..d28b1f538 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -1294,8 +1294,7 @@ class Server extends AppModel { $serverSettings = $this->serverSettings; $moduleTypes = array('Enrichment', 'Import', 'Export', 'Cortex'); - $serverSettings = $this->readModuleSettings($serverSettings, $moduleTypes); - return $serverSettings; + return $this->readModuleSettings($serverSettings, $moduleTypes); } /** @@ -2156,33 +2155,32 @@ class Server extends AppModel } /** - * @param string $setting_name + * @param string $settingName * @return array|false False if setting doesn't exists */ - public function getSettingData($setting_name, $withOptions = true) + public function getSettingData($settingName, $withOptions = true) { // This is just hack to reset opcache, so for next request cache will be reloaded. $this->opcacheResetConfig(); - if (strpos($setting_name, 'Plugin.Enrichment') !== false || strpos($setting_name, 'Plugin.Import') !== false || strpos($setting_name, 'Plugin.Export') !== false || strpos($setting_name, 'Plugin.Cortex') !== false) { + if (strpos($settingName, 'Plugin.Enrichment') !== false || strpos($settingName, 'Plugin.Import') !== false || strpos($settingName, 'Plugin.Export') !== false || strpos($settingName, 'Plugin.Cortex') !== false) { $serverSettings = $this->getCurrentServerSettings(); } else { $serverSettings = $this->serverSettings; } $setting = $serverSettings; - $parts = explode('.', $setting_name); + $parts = explode('.', $settingName); foreach ($parts as $part) { if (isset($setting[$part])) { $setting = $setting[$part]; } else { - $setting = false; - break; + return false; } } if (isset($setting['level'])) { - $setting['name'] = $setting_name; + $setting['name'] = $settingName; if ($withOptions && isset($setting['optionsSource'])) { $setting['options'] = $setting['optionsSource'](); } diff --git a/tests/testlive_comprehensive_local.py b/tests/testlive_comprehensive_local.py index 2c65c9a6c..4826302c0 100644 --- a/tests/testlive_comprehensive_local.py +++ b/tests/testlive_comprehensive_local.py @@ -13,7 +13,7 @@ logging.disable(logging.CRITICAL) logger = logging.getLogger('pymisp') -from pymisp import PyMISP, MISPOrganisation, MISPUser, MISPRole, MISPSharingGroup, MISPEvent, MISPLog, MISPSighting, Distribution, ThreatLevel, Analysis, MISPEventReport +from pymisp import PyMISP, MISPOrganisation, MISPUser, MISPRole, MISPSharingGroup, MISPEvent, MISPLog, MISPSighting, Distribution, ThreatLevel, Analysis, MISPEventReport, MISPServerError # Load access information for env variables url = "http://" + os.environ["HOST"] @@ -641,6 +641,14 @@ class TestComprehensive(unittest.TestCase): }) self.assertEqual(204, response.status_code) + def test_redacted_setting(self): + response = self.admin_misp_connector.get_server_setting('Security.salt') + self.assertEqual(403, response["errors"][0]) + + response = self.admin_misp_connector._prepare_request('GET', 'servers/serverSettingsEdit/Security.salt') + response = self.admin_misp_connector._check_json_response(response) + self.assertEqual(403, response["errors"][0]) + def _search(self, query: dict): response = self.admin_misp_connector._prepare_request('POST', 'events/restSearch', data=query) response = self.admin_misp_connector._check_response(response) From 3be61451d83d0c29c8439d6eddbdc7256d48c5c1 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Sat, 26 Feb 2022 16:16:10 +0100 Subject: [PATCH 0059/1366] chg: [warning-lists] updated --- app/files/warninglists | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/warninglists b/app/files/warninglists index 5155ebf39..653a035ae 160000 --- a/app/files/warninglists +++ b/app/files/warninglists @@ -1 +1 @@ -Subproject commit 5155ebf397d0003224bdb00a881bab88786dc216 +Subproject commit 653a035ae77fa46e9f6b1608b9f75bd1506bd1a6 From 32671ac8c04ccf3fded2d48112a2ab2614d766e7 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Sat, 26 Feb 2022 17:44:29 +0100 Subject: [PATCH 0060/1366] chg: [composer] Crypt_GPG updated --- app/composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/composer.json b/app/composer.json index 7f73a81e3..c00fe9223 100644 --- a/app/composer.json +++ b/app/composer.json @@ -10,7 +10,7 @@ "ext-simplexml": "*", "ext-pcre": "*", "kamisama/cake-resque": "4.1.2", - "pear/crypt_gpg": "1.6.5", + "pear/crypt_gpg": "1.6.7", "monolog/monolog": "1.24.0" }, "require-dev": { From 9cbb53f2edf82589e55b69eb0ca00b9a5c41e85c Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Sat, 26 Feb 2022 17:44:29 +0100 Subject: [PATCH 0061/1366] chg: [composer] Crypt_GPG updated --- app/composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/composer.json b/app/composer.json index 7f73a81e3..c00fe9223 100644 --- a/app/composer.json +++ b/app/composer.json @@ -10,7 +10,7 @@ "ext-simplexml": "*", "ext-pcre": "*", "kamisama/cake-resque": "4.1.2", - "pear/crypt_gpg": "1.6.5", + "pear/crypt_gpg": "1.6.7", "monolog/monolog": "1.24.0" }, "require-dev": { From ae07ea534e821b7a2f1c58f6124b9f58df53cc80 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 17:44:15 +0100 Subject: [PATCH 0062/1366] new: [test] Creating custom warninglist --- tests/testlive_comprehensive_local.py | 32 +++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/testlive_comprehensive_local.py b/tests/testlive_comprehensive_local.py index 1346f3806..8a40e60a6 100644 --- a/tests/testlive_comprehensive_local.py +++ b/tests/testlive_comprehensive_local.py @@ -670,6 +670,38 @@ class TestComprehensive(unittest.TestCase): response = self.admin_misp_connector._check_json_response(response) self.assertEqual(403, response["errors"][0]) + def test_custom_warninglist(self): + warninglist = { + "Warninglist": { + "name": "Test", + "description": "Test", + "type": "cidr", + "category": "false_positive", + "matching_attributes": ["ip-src", "ip-dst"], + "entries": "1.2.3.4", + } + } + wl = self.admin_misp_connector._prepare_request('POST', 'warninglists/add', data=warninglist) + wl = self.admin_misp_connector._check_json_response(wl) + check_response(wl) + + check_response(self.admin_misp_connector.enable_warninglist(wl["Warninglist"]["id"])) + + response = self.admin_misp_connector.values_in_warninglist("1.2.3.4") + self.assertEqual(wl["Warninglist"]["id"], response["1.2.3.4"][0]["id"]) + + warninglist["Warninglist"]["entries"] = "1.2.3.4\n2.3.4.5" + response = self.admin_misp_connector._prepare_request('POST', f'warninglists/edit/{wl["Warninglist"]["id"]}', data=warninglist) + response = self.admin_misp_connector._check_json_response(response) + check_response(response) + + response = self.admin_misp_connector.values_in_warninglist("2.3.4.5") + self.assertEqual(wl["Warninglist"]["id"], response["2.3.4.5"][0]["id"]) + + response = self.admin_misp_connector._prepare_request('POST', f'warninglists/delete/{wl["Warninglist"]["id"]}') + response = self.admin_misp_connector._check_json_response(response) + check_response(response) + def _search(self, query: dict): response = self.admin_misp_connector._prepare_request('POST', 'events/restSearch', data=query) response = self.admin_misp_connector._check_response(response) From 74dc9b36811a57de7765e74f4c78681d48295612 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 17:45:02 +0100 Subject: [PATCH 0063/1366] chg: [internal] Use FileAccessTool --- app/Controller/WarninglistsController.php | 7 +++---- app/Model/Warninglist.php | 11 ++++------- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/app/Controller/WarninglistsController.php b/app/Controller/WarninglistsController.php index 3c3a4130d..ae30556ab 100644 --- a/app/Controller/WarninglistsController.php +++ b/app/Controller/WarninglistsController.php @@ -417,15 +417,14 @@ class WarninglistsController extends AppController public function delete($id) { if ($this->request->is('post')) { - $id = intval($id); + $id = (int)$id; $result = $this->Warninglist->quickDelete($id); if ($result) { $this->Flash->success(__('Warninglist successfully deleted.')); - $this->redirect(array('controller' => 'warninglists', 'action' => 'index')); } else { - $this->Flash->error(__('Warninglists could not be deleted.')); - $this->redirect(array('controller' => 'warninglists', 'action' => 'index')); + $this->Flash->error(__('Warninglist could not be deleted.')); } + $this->redirect(['controller' => 'warninglists', 'action' => 'index']); } else { if ($this->request->is('ajax')) { $this->set('id', $id); diff --git a/app/Model/Warninglist.php b/app/Model/Warninglist.php index 6276964d1..52af29bd7 100644 --- a/app/Model/Warninglist.php +++ b/app/Model/Warninglist.php @@ -1,6 +1,7 @@ [], 'fails' => []); foreach ($directories as $dir) { - $file = new File($dir . DS . 'list.json'); - $list = $this->jsonDecode($file->read()); - $file->close(); - + $list = FileAccessTool::readJsonFromFile($dir . DS . 'list.json'); if (!isset($list['version'])) { $list['version'] = 1; } @@ -803,7 +801,7 @@ class Warninglist extends AppModel if (isset($data['WarninglistEntry'])) { $this->WarninglistEntry->deleteAll(['warninglist_id' => $id]); $entriesToInsert = []; - foreach ($data['WarninglistEntry'] as &$entry) { + foreach ($data['WarninglistEntry'] as $entry) { $entriesToInsert[] = [$entry['value'], isset($entry['comment']) ? $entry['comment'] : null, $id]; } $db->insertMulti( @@ -845,8 +843,7 @@ class Warninglist extends AppModel $this->regenerateWarninglistCaches($this->data['Warninglist']['id']); } - $pubToZmq = Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_warninglist_notifications_enable'); - if ($pubToZmq) { + if ($this->pubToZmq('warninglist')) { $warninglist = $this->find('first', [ 'conditions' => ['id' => $this->data['Warninglist']['id']], 'contains' => ['WarninglistEntry', 'WarninglistType'], From b0561c388ca94e44e1a7f0873e2734dbb596d281 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 26 Feb 2022 18:05:02 +0100 Subject: [PATCH 0064/1366] fix: [warnignlist] Update cache after warninglist edit --- app/Model/Warninglist.php | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/app/Model/Warninglist.php b/app/Model/Warninglist.php index 52af29bd7..3ae8f2218 100644 --- a/app/Model/Warninglist.php +++ b/app/Model/Warninglist.php @@ -799,7 +799,7 @@ class Warninglist extends AppModel try { $id = (int)$this->id; if (isset($data['WarninglistEntry'])) { - $this->WarninglistEntry->deleteAll(['warninglist_id' => $id]); + $this->WarninglistEntry->deleteAll(['warninglist_id' => $id], false); $entriesToInsert = []; foreach ($data['WarninglistEntry'] as $entry) { $entriesToInsert[] = [$entry['value'], isset($entry['comment']) ? $entry['comment'] : null, $id]; @@ -812,7 +812,7 @@ class Warninglist extends AppModel } if (isset($data['WarninglistType'])) { - $this->WarninglistType->deleteAll(['warninglist_id' => $id]); + $this->WarninglistType->deleteAll(['warninglist_id' => $id], false); foreach ($data['WarninglistType'] as &$entry) { $entry['warninglist_id'] = $id; } @@ -834,18 +834,26 @@ class Warninglist extends AppModel throw $e; } + if ($success) { + $this->afterFullSave(!isset($data['Warninglist']['id']), $success); + } + return $success; } - public function afterSave($created, $options = array()) + /** + * @param bool $created + * @return void + */ + private function afterFullSave($created, array $data) { - if (isset($this->data['Warninglist']['default']) && $this->data['Warninglist']['default'] == 0) { - $this->regenerateWarninglistCaches($this->data['Warninglist']['id']); + if (isset($data['Warninglist']['default']) && $data['Warninglist']['default'] == 0) { + $this->regenerateWarninglistCaches($data['Warninglist']['id']); } if ($this->pubToZmq('warninglist')) { $warninglist = $this->find('first', [ - 'conditions' => ['id' => $this->data['Warninglist']['id']], + 'conditions' => ['id' => $data['Warninglist']['id']], 'contains' => ['WarninglistEntry', 'WarninglistType'], ]); $pubSubTool = $this->getPubSubTool(); From a828e57b0dbff081433dfd19af1334deb37bc1a1 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 27 Feb 2022 08:26:53 +0100 Subject: [PATCH 0065/1366] chg: [test] Better custom warninglist test --- tests/testlive_comprehensive_local.py | 29 +++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/tests/testlive_comprehensive_local.py b/tests/testlive_comprehensive_local.py index 8a40e60a6..3c81bf241 100644 --- a/tests/testlive_comprehensive_local.py +++ b/tests/testlive_comprehensive_local.py @@ -38,6 +38,11 @@ def check_response(response): return response +def request(pymisp: PyMISP, request_type: str, url: str, data: dict = {}) -> dict: + response = pymisp._prepare_request(request_type, url, data) + return pymisp._check_json_response(response) + + class MISPSetting: def __init__(self, admin_connector: PyMISP, new_setting: dict): self.admin_connector = admin_connector @@ -681,8 +686,7 @@ class TestComprehensive(unittest.TestCase): "entries": "1.2.3.4", } } - wl = self.admin_misp_connector._prepare_request('POST', 'warninglists/add', data=warninglist) - wl = self.admin_misp_connector._check_json_response(wl) + wl = request(self.admin_misp_connector, 'POST', 'warninglists/add', data=warninglist) check_response(wl) check_response(self.admin_misp_connector.enable_warninglist(wl["Warninglist"]["id"])) @@ -691,15 +695,28 @@ class TestComprehensive(unittest.TestCase): self.assertEqual(wl["Warninglist"]["id"], response["1.2.3.4"][0]["id"]) warninglist["Warninglist"]["entries"] = "1.2.3.4\n2.3.4.5" - response = self.admin_misp_connector._prepare_request('POST', f'warninglists/edit/{wl["Warninglist"]["id"]}', data=warninglist) - response = self.admin_misp_connector._check_json_response(response) + response = request(self.admin_misp_connector, 'POST', f'warninglists/edit/{wl["Warninglist"]["id"]}', data=warninglist) check_response(response) response = self.admin_misp_connector.values_in_warninglist("2.3.4.5") self.assertEqual(wl["Warninglist"]["id"], response["2.3.4.5"][0]["id"]) - response = self.admin_misp_connector._prepare_request('POST', f'warninglists/delete/{wl["Warninglist"]["id"]}') - response = self.admin_misp_connector._check_json_response(response) + warninglist["Warninglist"]["entries"] = "2.3.4.5" + response = request(self.admin_misp_connector, 'POST', f'warninglists/edit/{wl["Warninglist"]["id"]}', data=warninglist) + check_response(response) + + response = self.admin_misp_connector.values_in_warninglist("1.2.3.4") + self.assertEqual(0, len(response)) + + response = self.admin_misp_connector.values_in_warninglist("2.3.4.5") + self.assertEqual(wl["Warninglist"]["id"], response["2.3.4.5"][0]["id"]) + + check_response(self.admin_misp_connector.disable_warninglist(wl["Warninglist"]["id"])) + + response = self.admin_misp_connector.values_in_warninglist("2.3.4.5") + self.assertEqual(0, len(response)) + + response = request(self.admin_misp_connector, 'POST', f'warninglists/delete/{wl["Warninglist"]["id"]}') check_response(response) def _search(self, query: dict): From 535633c9c0f00636888edbe8fb3aff35773bd9cb Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 27 Feb 2022 09:23:19 +0100 Subject: [PATCH 0066/1366] chg: [oidc] Do not log changes for OIDC user setting --- app/Model/AuditLog.php | 5 ++++- app/Model/Behavior/AuditLogBehavior.php | 16 ++++++++++++---- app/Model/UserSetting.php | 10 +++++----- 3 files changed, 21 insertions(+), 10 deletions(-) diff --git a/app/Model/AuditLog.php b/app/Model/AuditLog.php index e381f406e..2a0002ae7 100644 --- a/app/Model/AuditLog.php +++ b/app/Model/AuditLog.php @@ -318,6 +318,9 @@ class AuditLog extends AppModel return $this->user; } + /** + * @throws Exception + */ public function insert(array $data) { try { @@ -325,7 +328,7 @@ class AuditLog extends AppModel } catch (Exception $e) { return; // Table is missing when updating, so this is intentional } - if ($this->save($data) === false) { + if ($this->save(['AuditLog' => $data], ['atomic' => false]) === false) { throw new Exception($this->validationErrors); } } diff --git a/app/Model/Behavior/AuditLogBehavior.php b/app/Model/Behavior/AuditLogBehavior.php index 9d5347f58..f6da26a28 100644 --- a/app/Model/Behavior/AuditLogBehavior.php +++ b/app/Model/Behavior/AuditLogBehavior.php @@ -84,6 +84,10 @@ class AuditLogBehavior extends ModelBehavior return true; } + if (isset($options['skipAuditLog']) && $options['skipAuditLog']) { + return true; + } + // Do not fetch old version when just few fields will be fetched $fieldToFetch = []; if (!empty($options['fieldList'])) { @@ -128,6 +132,10 @@ class AuditLogBehavior extends ModelBehavior return; } + if (isset($options['skipAuditLog']) && $options['skipAuditLog']) { + return; + } + $id = $model->id ?: 0; $data = $model->data[$model->alias]; @@ -198,14 +206,14 @@ class AuditLogBehavior extends ModelBehavior $id = 0; } - $this->auditLog()->insert(['AuditLog' => [ + $this->auditLog()->insert([ 'action' => $action, 'model' => $modelName, 'model_id' => $id, 'model_title' => $modelTitle, 'event_id' => $eventId, 'change' => $changedFields, - ]]); + ]); $this->beforeSave = null; // cleanup } @@ -270,14 +278,14 @@ class AuditLogBehavior extends ModelBehavior $id = 0; } - $this->auditLog()->insert(['AuditLog' => [ + $this->auditLog()->insert([ 'action' => $action, 'model' => $modelName, 'model_id' => $id, 'model_title' => $modelTitle, 'event_id' => $eventId, 'change' => $this->changedFields($model, null), - ]]); + ]); } /** diff --git a/app/Model/UserSetting.php b/app/Model/UserSetting.php index 150b42805..e6e21c027 100644 --- a/app/Model/UserSetting.php +++ b/app/Model/UserSetting.php @@ -481,22 +481,22 @@ class UserSetting extends AppModel 'value' => $value, ]; - $existingSetting = $this->find('first', array( + $existingSetting = $this->find('first', [ 'recursive' => -1, - 'conditions' => array( + 'conditions' => [ 'UserSetting.user_id' => $userId, 'UserSetting.setting' => $setting, - ), + ], 'fields' => ['UserSetting.id'], 'callbacks' => false, - )); + ]); if (empty($existingSetting)) { $this->create(); } else { $userSetting['id'] = $existingSetting['UserSetting']['id']; } - return $this->save($userSetting); + return $this->save($userSetting, ['skipAuditLog' => $this->isInternal($setting)]); } /** From 1c97d4de2a5cfc7d1761603e505f010c211e0f55 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 28 Feb 2022 14:54:18 +0100 Subject: [PATCH 0067/1366] chg: [internal] Simplify code for pushing events --- app/Model/Event.php | 59 +++++++++++++++++++++------------------------ 1 file changed, 27 insertions(+), 32 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index e1604bc27..b494cb5b8 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -4403,12 +4403,12 @@ class Event extends AppModel } /** - * @param int $id - * @param int|null $passAlong + * @param int $id Event ID + * @param int|null $passAlong ID of server that event will be not pushed * @return array|bool * @throws Exception */ - public function uploadEventToServersRouter($id, $passAlong = null) + private function uploadEventToServersRouter($id, $passAlong = null) { $eventOrgcId = $this->find('first', array( 'conditions' => array('Event.id' => $id), @@ -4426,7 +4426,7 @@ class Event extends AppModel ), 'org_id' => $eventOrgcId['Event']['orgc_id'] ); - $event = $this->fetchEvent($elevatedUser, array('eventid' => $id, 'metadata' => 1)); + $event = $this->fetchEvent($elevatedUser, ['eventid' => $id, 'metadata' => 1]); if (empty($event)) { return true; } @@ -4434,21 +4434,21 @@ class Event extends AppModel $event['Event']['locked'] = 1; // get a list of the servers $this->Server = ClassRegistry::init('Server'); - - $conditions = array('push' => 1); + $conditions = ['push' => 1]; if ($passAlong) { - $conditions[] = array('Server.id !=' => $passAlong); + $conditions[] = ['Server.id !=' => $passAlong]; } - $servers = $this->Server->find('all', array( + $servers = $this->Server->find('all', [ 'conditions' => $conditions, - 'order' => array('Server.priority ASC', 'Server.id ASC') - )); + 'recursive' => -1, + 'order' => ['Server.priority ASC', 'Server.id ASC'], + ]); // iterate over the servers and upload the event if (empty($servers)) { return true; } $uploaded = true; - $failedServers = array(); + $failedServers = []; App::uses('SyncTool', 'Tools'); $syncTool = new SyncTool(); @@ -4458,24 +4458,23 @@ class Event extends AppModel ) { continue; } - $HttpSocket = $syncTool->setupHttpSocket($server); // Skip servers where the event has come from. - if (($passAlong != $server['Server']['id'])) { - $params = array(); - if (!empty($server['Server']['push_rules'])) { - $push_rules = json_decode($server['Server']['push_rules'], true); - if (!empty($push_rules['tags']['NOT'])) { - $params['blockedAttributeTags'] = $push_rules['tags']['NOT']; - } - } - $params = array_merge($params, array( + if ($passAlong != $server['Server']['id']) { + $HttpSocket = $syncTool->setupHttpSocket($server); + $params = [ 'eventid' => $id, 'includeAttachments' => true, 'includeAllTags' => true, - 'deleted' => array(0,1), + 'deleted' => [0, 1], 'excludeGalaxy' => 1, 'noSightings' => true, // sightings are pushed separately - )); + ]; + if (!empty($server['Server']['push_rules'])) { + $pushRules = json_decode($server['Server']['push_rules'], true); + if (!empty($pushRules['tags']['NOT'])) { + $params['blockedAttributeTags'] = $pushRules['tags']['NOT']; + } + } if (!empty($server['Server']['internal'])) { $params['excludeLocalTags'] = 0; } @@ -4512,9 +4511,8 @@ class Event extends AppModel return true; } return $failedServers; - } else { - return true; } + return true; } /** @@ -4642,10 +4640,9 @@ class Event extends AppModel } if (empty($hostOrg)) { $hostOrg = $this->Org->find('first', [ - 'recursive' => -1, - 'order' => ['id ASC'] - ] - ); + 'recursive' => -1, + 'order' => ['id ASC'] + ]); $hostOrgId = $hostOrg['Org']['id']; } $user = array('org_id' => $hostOrgId, 'Role' => array('perm_sync' => 0, 'perm_audit' => 0, 'perm_site_admin' => 0), 'Organisation' => $hostOrg['Org']); @@ -4672,11 +4669,9 @@ class Event extends AppModel } } } - $uploaded = $this->uploadEventToServersRouter($id, $passAlong); - return $uploaded; + return $this->uploadEventToServersRouter($id, $passAlong); } - // Sends out an email to all people within the same org with the request to be contacted about a specific event. public function sendContactEmailRouter($id, $message, $creator_only, $user) { From a226655aa42d99a2e4d3941c751516aaa2443477 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 2 Mar 2022 02:03:38 +0100 Subject: [PATCH 0068/1366] new: [json field] added to single view factory --- .../SingleViews/Fields/jsonField.ctp | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/jsonField.ctp diff --git a/app/View/Elements/genericElements/SingleViews/Fields/jsonField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/jsonField.ctp new file mode 100644 index 000000000..c67f8f928 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/jsonField.ctp @@ -0,0 +1,19 @@ +
', + h($field['key']) + ); + if (is_string($value)) { + $value = json_decode($value); + } +?> + From 0c4f225e712aba8e82750fc33f05adb581a8ed8c Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 2 Mar 2022 02:05:02 +0100 Subject: [PATCH 0069/1366] fix: [singleview factory] modelField element now handles empty data fields gracefully --- .../SingleViews/Fields/modelField.ctp | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/app/View/Elements/genericElements/SingleViews/Fields/modelField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/modelField.ctp index 03fabd7ae..53babfc60 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/modelField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/modelField.ctp @@ -1,10 +1,16 @@ %s', - $baseurl, - $field['model'], - h($id), - h($pathName) -); +$path = Hash::extract($data, $field['path']); +$pathName = Hash::extract($data, $field['pathName']); +if (!empty($path) && !empty($pathName)) { + $id = Hash::extract($data, $field['path'])[0]; + $pathName = Hash::extract($data, $field['pathName'])[0]; + echo sprintf( + '%s', + $baseurl, + $field['model'], + h($id), + h($pathName) + ); +} else { + echo empty($field['error']) ? ' ' : h($field['error']); +} From 639a4929e372b75f1ccaf8ac922c47f880df88b6 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 2 Mar 2022 02:09:20 +0100 Subject: [PATCH 0070/1366] new: [sharing group blueprints] - create a rule based blueprint that is used to create and update a sharing group - nest sharing groups - filter organisations by metadata fields - nested via boolean operators - CLI exposed - API exposed - Lightweight ownership model (only blueprint owner can see and edit the blueprint) --- app/Console/Command/AdminShell.php | 35 +- .../SharingGroupBlueprintsController.php | 196 +++++++++++ app/Model/AppModel.php | 19 +- app/Model/Log.php | 1 + app/Model/Server.php | 1 + app/Model/SharingGroupBlueprint.php | 307 ++++++++++++++++++ .../genericElements/SideMenu/side_menu.ctp | 29 ++ app/View/Elements/global_menu.ctp | 10 + app/View/SharingGroupBlueprints/add.ctp | 84 +++++ app/View/SharingGroupBlueprints/index.ctp | 118 +++++++ app/View/SharingGroupBlueprints/view.ctp | 54 +++ app/View/SharingGroupBlueprints/view_orgs.ctp | 54 +++ 12 files changed, 906 insertions(+), 2 deletions(-) create mode 100644 app/Controller/SharingGroupBlueprintsController.php create mode 100644 app/Model/SharingGroupBlueprint.php create mode 100644 app/View/SharingGroupBlueprints/add.ctp create mode 100644 app/View/SharingGroupBlueprints/index.ctp create mode 100644 app/View/SharingGroupBlueprints/view.ctp create mode 100644 app/View/SharingGroupBlueprints/view_orgs.ctp diff --git a/app/Console/Command/AdminShell.php b/app/Console/Command/AdminShell.php index e009eded8..97a845272 100644 --- a/app/Console/Command/AdminShell.php +++ b/app/Console/Command/AdminShell.php @@ -8,7 +8,7 @@ App::uses('ProcessTool', 'Tools'); */ class AdminShell extends AppShell { - public $uses = array('Event', 'Post', 'Attribute', 'Job', 'User', 'Task', 'Allowedlist', 'Server', 'Organisation', 'AdminSetting', 'Galaxy', 'Taxonomy', 'Warninglist', 'Noticelist', 'ObjectTemplate', 'Bruteforce', 'Role', 'Feed'); + public $uses = array('Event', 'Post', 'Attribute', 'Job', 'User', 'Task', 'Allowedlist', 'Server', 'Organisation', 'AdminSetting', 'Galaxy', 'Taxonomy', 'Warninglist', 'Noticelist', 'ObjectTemplate', 'Bruteforce', 'Role', 'Feed', 'SharingGroupBlueprint'); public function getOptionParser() { @@ -1142,4 +1142,37 @@ class AdminShell extends AppShell $this->out($setting['setting'] . ': ' . $setting['errorMessage']); } } + + public function executeSGBlueprint() + { + $id = false; + $target = 'all'; + if (!empty($this->args[0])) { + $target = trim($this->args[0]); + } + if (!is_numeric($target) && !in_array($target, ['all', 'attached', 'deteached'])) { + $this->error(__('Invalid target. Either pass a blueprint ID or one of the following filters: all, attached, detached.')); + } + $conditions = []; + if (is_numeric($target)) { + $conditions['SharingGroupBlueprint']['id'] = $target; + } else if ($target === 'attached') { + $conditions['SharingGroupBlueprint']['sharing_group_id >'] = 0; + } else if ($target === 'detached') { + $conditions['SharingGroupBlueprint']['sharing_group_id'] = 0; + } + $sharingGroupBlueprints = $this->SharingGroupBlueprint->find('all', ['conditions' => $conditions, 'recursive' => 0]); + if (empty($sharingGroupBlueprints)) { + $this->error(__('No valid blueprints found.')); + } + $stats = $this->SharingGroupBlueprint->execute($sharingGroupBlueprints); + $message = __( + 'Done, %s sharing group blueprint(s) matched. Sharing group changes: Created: %s. Updated: %s. Failed to create: %s.', + count($sharingGroupBlueprints), + $stats['created'], + $stats['changed'], + $stats['failed'] + ); + $this->out($message); + } } diff --git a/app/Controller/SharingGroupBlueprintsController.php b/app/Controller/SharingGroupBlueprintsController.php new file mode 100644 index 000000000..0e37554b9 --- /dev/null +++ b/app/Controller/SharingGroupBlueprintsController.php @@ -0,0 +1,196 @@ + 60, + 'maxLimit' => 9999 + ); + + public function index() + { + $params = [ + 'filters' => ['name', 'uuid'], + 'quickFilters' => ['name'] + ]; + $this->CRUD->index($params); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + $this->set('menuData', array('menuList' => 'globalActions', 'menuItem' => 'indexMG')); + } + + public function add() + { + $currentUser = $this->Auth->user(); + $params = [ + 'beforeSave' => function($data) use ($currentUser) { + $data['SharingGroupBlueprint']['uuid'] = CakeText::uuid(); + $data['SharingGroupBlueprint']['user_id'] = $currentUser['id']; + $data['SharingGroupBlueprint']['org_id'] = $currentUser['org_id']; + return $data; + } + ]; + $this->CRUD->add($params); + if ($this->restResponsePayload) { + return $this->restResponsePayload; + } + $this->set('menuData', array('menuList' => 'globalActions', 'menuItem' => 'addMG')); + } + + public function edit($id) + { + $this->set('menuData', array('menuList' => 'globalActions', 'menuItem' => 'editMG')); + $this->set('id', $id); + $params = [ + 'fields' => ['rules'] + ]; + $this->CRUD->edit($id, $params); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + $this->render('add'); + } + + public function delete($id) + { + $this->CRUD->delete($id); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + } + + public function view($id) + { + $this->set('menuData', ['menuList' => 'sync', 'menuItem' => 'view_cerebrate']); + $this->CRUD->view($id, ['contain' => ['Organisation.name', 'Organisation.uuid', 'Organisation.id', 'SharingGroup.id', 'SharingGroup.name']]); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + $this->set('id', $id); + $this->set('menuData', array('menuList' => 'globalActions', 'menuItem' => 'viewMG')); + } + + public function viewOrgs($id) + { + $conditions = ['SharingGroupBlueprint.id' => $id]; + if (!$this->_isSiteAdmin()) { + $conditions['SharingGroupBlueprint.org_id'] = $this->Auth->user('org_id'); + } + $sharingGroupBlueprint = $this->SharingGroupBlueprint->find('first', ['conditions' => $conditions]); + if (empty($sharingGroupBlueprint)) { + throw new NotFoundException(__('Invalid Sharing Group Blueprint')); + } + // we create a fake user to restrict the visible sharing groups to the creator of the SharingGroupBlueprint, in case an admin wants to update it + $fake_user = [ + 'Role' => [ + 'perm_site_admin' => false + ], + 'org_id' => $sharingGroupBlueprint['SharingGroupBlueprint']['org_id'], + 'id' => 1 + ]; + $temp = $this->SharingGroupBlueprint->evaluateSharingGroupBlueprint($sharingGroupBlueprint, $fake_user); + $orgs = $this->SharingGroupBlueprint->SharingGroup->Organisation->find('all', [ + 'recursive' => -1, + 'fields' => ['id', 'uuid', 'name', 'sector', 'type', 'nationality'], + 'conditions' => ['id' => $temp['orgs']] + ]); + $this->set('data', $orgs); + $this->set('menuData', array('menuList' => 'SharingGroupBlueprints', 'menuItem' => 'viewOrgs')); + } + + public function execute($id = false) + { + $conditions = []; + if (!empty($id)) { + $conditions['SharingGroupBlueprint.id'] = $id; + } + if (!$this->Auth->user('Role')['perm_admin']) { + $conditions['SharingGroupBlueprint.org_id'] = $this->Auth->user('org_id'); + } + $sharingGroupBlueprints = $this->SharingGroupBlueprint->find('all', ['conditions' => $conditions, 'recursive' => 0]); + if (empty($sharingGroupBlueprints)) { + throw new NotFoundException(__('No valid blueprints found.')); + } + if ($this->request->is('post')) { + $stats = $this->SharingGroupBlueprint->execute($sharingGroupBlueprints); + $message = __( + 'Done, %s sharing group blueprint(s) matched. Sharing group changes: Created: %s. Updated: %s. Failed to create: %s.', + count($sharingGroupBlueprints), + $stats['created'], + $stats['changed'], + $stats['failed'] + ); + if ($this->IndexFilter->isRest()) { + if ($stats['changed'] || $stats['created']) { + return $this->RestResponse->saveSuccessResponse('sharingGroupBlueprints', 'execute', $id, false, $message); + } else { + return $this->RestResponse->saveFailResponse('sharingGroupBlueprints', 'execute', $id, $message, $this->response->type()); + } + } else { + $status = 'success'; + if ($stats['failed']) { + $status = 'error'; + if ($stats['created'] || $stats['changed']) { + $status = 'info'; + } + } + $this->Flash->{$status}($message); + $this->redirect($this->referer()); + } + } else { + $this->set('id', empty($id) ? $id : 'all'); + $this->set('title', __('Execute Sharing Group Blueprint')); + $this->set('question', __('Are you sure you want to (re)create a sharing group based on the Sharing Group Blueprint?')); + $this->set('actionName', __('Execute')); + $this->layout = 'ajax'; + $this->render('/genericTemplates/confirm'); + } + } + + public function detach($id) + { + $conditions = []; + if (empty($id)) { + throw new MethodNotAllowedException(__('No ID specified.')); + } + $conditions['SharingGroupBlueprint.id'] = $id; + if (!$this->Auth->user('Role')['perm_admin']) { + $conditions['SharingGroupBlueprint.org_id'] = $this->Auth->user('org_id'); + } + $sharingGroupBlueprint = $this->SharingGroupBlueprint->find('first', ['conditions' => $conditions, 'recursive' => -1]); + if (empty($sharingGroupBlueprint)) { + throw new NotFoundException(__('Invalid Sharing Group Blueprint')); + } + if ($this->request->is('post')) { + $sharingGroupBlueprint['SharingGroupBlueprint']['sharing_group_id'] = 0; + $result = $this->SharingGroupBlueprint->save($sharingGroupBlueprint); + $message = $result ? __('Sharing group detached.') : __('Could not detach sharing group.'); + if ($this->IndexFilter->isRest()) { + if ($result) { + return $this->RestResponse->saveSuccessResponse('sharingGroupBlueprints', 'detach', $id, false, $message); + } else { + return $this->RestResponse->saveFailResponse('sharingGroupBlueprints', 'detach', $id, $message, $this->response->type()); + } + } else { + $this->Flash->{$result ? 'success' : 'error'}($message); + $this->redirect($this->referer()); + } + } else { + $this->set('id', $id); + $this->set('title', __('Detach Sharing Group Blueprint')); + $this->set('question', __('Are you sure you want to detach the associated sharing group from this Sharing Group Blueprint? This action is irreversible.')); + $this->set('actionName', __('Detach')); + $this->layout = 'ajax'; + $this->render('/genericTemplates/confirm'); + } + } +} diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index bc357c887..17a60de8a 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -85,7 +85,7 @@ class AppModel extends Model 57 => false, 58 => false, 59 => false, 60 => false, 61 => false, 62 => false, 63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false, 69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false, - 75 => false, 76 => true, 77 => false, 78 => false, 79 => false, + 75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false ); public $advanced_updates_description = array( @@ -1614,6 +1614,23 @@ class AppModel extends Model $sqlArray[] = "ALTER TABLE `users` ADD `sub` varchar(255) NULL DEFAULT NULL;"; $sqlArray[] = "ALTER TABLE `users` ADD UNIQUE INDEX `sub` (`sub`);"; break; + case 80: + $sqlArray[] = "CREATE TABLE IF NOT EXISTS `sharing_group_blueprints` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `uuid` varchar(40) COLLATE utf8_bin NOT NULL , + `name` varchar(191) NOT NULL, + `timestamp` int(11) NOT NULL DEFAULT 0, + `user_id` int(11) NOT NULL, + `org_id` int(11) NOT NULL, + `sharing_group_id` int(11), + `rules` text, + PRIMARY KEY (`id`), + INDEX `uuid` (`uuid`), + INDEX `name` (`name`), + INDEX `org_id` (`org_id`), + INDEX `sharing_group_id` (`sharing_group_id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/Log.php b/app/Model/Log.php index af4315efe..45ffe8d88 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -38,6 +38,7 @@ class Log extends AppModel 'enable', 'enrichment', 'error', + 'execute_blueprint', 'export', 'fetchEvent', 'file_upload', diff --git a/app/Model/Server.php b/app/Model/Server.php index d28b1f538..fb0009e1e 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -7268,6 +7268,7 @@ class Server extends AppModel 'Enqueue push' => 'MISP/app/Console/cake Server enqueuePush [timestamp] [task_id] [user_id]', 'Enqueue feed fetch' => 'MISP/app/Console/cake Server enqueueFeedFetch [timestamp] [user_id] [task_id]', 'Enqueue feed cache' => 'MISP/app/Console/cake Server enqueueFeedCache [timestamp] [user_id] [task_id]', + 'Update sharing groups based on blueprints' => 'MISP/app/Console/cake Server executeSGBlueprint [blueprint_id|all|attached|detached]' ), 'description' => __('If you would like to automate tasks such as caching feeds or pulling from server instances, you can do it using the following command line tools. Simply execute the given commands via the command line / create cron jobs easily out of them.'), 'header' => __('Automating certain console tasks') diff --git a/app/Model/SharingGroupBlueprint.php b/app/Model/SharingGroupBlueprint.php new file mode 100644 index 000000000..a235ac301 --- /dev/null +++ b/app/Model/SharingGroupBlueprint.php @@ -0,0 +1,307 @@ + [ + 'roleModel' => 'Role', + 'roleKey' => 'role_id', + 'change' => 'full' + ], + 'Containable' + ]; + + public $belongsTo = array( + 'SharingGroup', + 'Organisation' => array( + 'className' => 'Organisation', + 'foreignKey' => 'org_id' + ) + ); + + public $validFilters = [ + 'org' => [ + 'org_id' => 'id', + 'org_uuid' => 'uuid', + 'org_name' => 'name', + 'org_nationality' => 'nationality', + 'org_sector' => 'sector', + 'org_type' => 'type' + ], + 'sharing_group' => [ + 'sharing_group_id' => 'id', + 'sharing_group_uuid' => 'uuid' + ] + ]; + + public $operands = [ + 'OR', + 'AND', + 'NOT' + ]; + + public function beforeSave($options = array()) + { + $this->data['SharingGroupBlueprint']['timestamp'] = time(); + $this->data['SharingGroupBlueprint']['rules'] = json_decode($this->data['SharingGroupBlueprint']['rules']); + $this->data['SharingGroupBlueprint']['rules'] = json_encode($this->data['SharingGroupBlueprint']['rules']); + return true; + } + + public function afterFind($results, $primary = false) + { + foreach ($results as &$v) { + $v['SharingGroupBlueprint']['rules'] = json_encode(json_decode($v['SharingGroupBlueprint']['rules']), JSON_PRETTY_PRINT); + } + return $results; + } + + public function execute($sharingGroupBlueprints) + { + $stats = [ + 'changed' => 0, + 'created' => 0, + 'failed' => 0 + ]; + $updated = $failed = 0; + foreach ($sharingGroupBlueprints as $sharingGroupBlueprint) { + // we create a fake user to restrict the visible sharing groups to the creator of the SharingGroupBlueprint, in case an admin wants to update it + $fake_user = [ + 'Role' => [ + 'perm_site_admin' => false + ], + 'org_id' => $sharingGroupBlueprint['SharingGroupBlueprint']['org_id'], + 'id' => 1 + ]; + $result = $this->updateSharingGroup($sharingGroupBlueprint, $fake_user); + foreach (array_keys($stats) as $field) { + $stats[$field] += $result[$field]; + } + + } + return $stats; + } + + public function updateSharingGroup($sharingGroupBlueprint, $user) + { + $this->Organisation = ClassRegistry::init('Organisation'); + $data = $this->evaluateSharingGroupBlueprint($sharingGroupBlueprint, $user); + $failed = 0; + if (empty($sharingGroupBlueprint['SharingGroupBlueprint']['sharing_group_id'])) { + $created = true; + $this->SharingGroup->create(); + $org_uuid = $this->SharingGroup->Organisation->find('first', [ + 'recursive' => -1, + 'conditions' => ['Organisation.id' => $sharingGroupBlueprint['SharingGroupBlueprint']['org_id']], + 'fields' => ['Organisation.uuid'] + ]); + if (empty($org_uuid)) { + throw new MethodNotAllowedException(__('Invalid owner organisation.')); + } + $org_uuid = $org_uuid['Organisation']['uuid']; + $sg = [ + 'name' => $sharingGroupBlueprint['SharingGroupBlueprint']['name'], + 'description' => __('Generated based on Sharing Group Blueprint rules'), + 'org_id' => $user['org_id'], + 'organisation_uuid' => $org_uuid, + 'releasability' => __('Generated based on Sharing Group Blueprint rules'), + 'local' => 1, + 'roaming' => 1 + ]; + if ($this->SharingGroup->save($sg)) { + $id = $this->SharingGroup->id; + $sharingGroupBlueprint['SharingGroupBlueprint']['sharing_group_id'] = $id; + $existingOrgs = []; + $this->save($sharingGroupBlueprint); + } else { + $failed++; + } + + } else { + $created = false; + $sg = $this->SharingGroup->find('first', [ + 'recursive' => -1, + 'contain' => ['SharingGroupOrg'], + 'conditions' => ['SharingGroup.id' => $sharingGroupBlueprint['SharingGroupBlueprint']['sharing_group_id']] + ]); + $existingOrgs = []; + foreach ($sg['SharingGroupOrg'] as $sgo) { + $existingOrgs[] = $sgo['org_id']; + } + $existingOrgs = array_unique($existingOrgs); + $id = $sg['SharingGroup']['id']; + } + return [ + 'id' => $id, + 'changed' => !$created && $this->__handleSharingGroupOrgs($existingOrgs, $data['orgs'], $id), + 'created' => $created, + 'failed' => $failed + ]; + } + + private function __handleSharingGroupOrgs($existingOrgs, $newOrgs, $id) + { + $added = 0; + $removed = 0; + $this->Log = ClassRegistry::init('Log'); + foreach ($existingOrgs as $existingOrg) { + if (!in_array($existingOrg, $newOrgs)) { + $this->SharingGroup->SharingGroupOrg->deleteAll([ + 'sharing_group_id' => $id, + 'org_id' => $existingOrg + ], false); + $removed++; + } + } + foreach ($newOrgs as $newOrg) { + if (!in_array($newOrg, $existingOrgs)) { + $sgo = [ + 'sharing_group_id' => $id, + 'org_id' => $newOrg, + 'extend' => false + ]; + $this->SharingGroup->SharingGroupOrg->create(); + $this->SharingGroup->SharingGroupOrg->save($sgo); + $added++; + } + } + if ($added || $removed) { + $this->Log->create(); + $entry = array( + 'org' => 'SYSTEM', + 'model' => 'SharingGroup', + 'model_id' => $id, + 'email' => 'SYSTEM', + 'action' => 'execute_blueprint', + 'user_id' => 0, + 'title' => 'Updated the sharing group.', + 'change' => __('Updated sharing group. Added %s and removed %s organisations', $added, $removed) + ); + $this->Log->save($entry); + return true; + } + return false; + } + + // Walking on water and developing software from a specification are easy if both are frozen - Edward V Berard + public function evaluateSharingGroupBlueprint($sharingGroupBlueprint, $user) + { + $data = []; + $rules = json_decode($sharingGroupBlueprint['SharingGroupBlueprint']['rules'], true); + $data = $this->__recursiveEvaluate($user, $rules, 'OR'); + return $data; + } + + private function __recursiveEvaluate($user, $rules, $operand) + { + if (!empty($rules)) { + $data = []; + foreach ($rules as $key => $value) { + if (in_array($key, $this->operands)) { + if ($operand === 'NOT') { + throw new MethodNotAllwedException(__('Boolean branches within a NOT branch are not supported.')); + } + $temp = $this->__recursiveEvaluate($user, $rules[$key], $key); + } else { + $negation = $operand === 'NOT'; + $temp = $this->__evaluateLeaf($user, $key, $value, $negation); + } + if ($operand === 'OR') { + if (!isset($data['orgs'])) { + $data['orgs'] = []; + } + $data['orgs'] = array_merge( + $data['orgs'], + isset($temp['orgs']) ? $temp['orgs'] : [] + ); + } else if ($operand === 'AND' || $operand === 'NOT') { + if (!isset($data['orgs'])) { + $data['orgs'] = $temp['orgs']; + } else { + $data['orgs'] = array_intersect($data['orgs'], $temp['orgs']); + } + } + } + } + return $data; + } + + private function __evaluateLeaf($user, $key, $value, $negation = false) + { + if (substr($key, 0, strlen('org')) === 'org') { + return $this->__evaluateOrgLeaf( + $user, + substr($key, (strlen('org_'))), + $value, + $negation + ); + } else if (substr($key, 0, strlen('sharing_group')) === 'sharing_group') { + return $this->__evaluateSGLeaf( + $user, + substr($key, (strlen('sharing_group_'))), + $value, + $negation + ); + } + return []; + } + + private function __evaluateOrgLeaf($user, $key, $value, $negation) + { + if (in_array($key, $this->validFilters['org'])) { + $conditions = [$key => $value]; + if ($negation) { + $conditions = ['NOT' => $conditions]; + } + $orgs = $this->SharingGroup->Organisation->find('list', [ + 'fields' => ['id', 'id'], + 'recursive' => -1, + 'conditions' => $conditions + ]); + $orgs = array_values($orgs); + if (empty($orgs)) { + $orgs = [-1]; + } + return [ + 'orgs' => $orgs + ]; + } + return []; + } + + private function __evaluateSGLeaf($user, $key, $value, $negation) + { + $orgs = []; + if (in_array($key, $this->validFilters['sharing_group'])) { + $conditions = [$key => $value]; + if ($negation) { + $conditions = ['NOT' => $conditions]; + } + $sgs = $this->SharingGroup->find('all', [ + 'fields' => ['id', 'uuid', 'name', 'org_id'], + 'contain' => ['SharingGroupOrg.org_id'], + 'recursive' => -1, + 'conditions' => $conditions + ]); + foreach ($sgs as $sg) { + if ($this->SharingGroup->checkIfAuthorised($user, $sg['SharingGroup']['id'])) { + $orgs[$sg['SharingGroup']['org_id']] = true; + foreach ($sg['SharingGroupOrg'] as $sgo) { + $orgs[$sgo['org_id']] = true; + } + } + } + $orgs = array_keys($orgs); + if (empty($orgs)) { + $orgs = [-1]; + } + return [ + 'orgs' => $orgs + ]; + } + return []; + } +} diff --git a/app/View/Elements/genericElements/SideMenu/side_menu.ctp b/app/View/Elements/genericElements/SideMenu/side_menu.ctp index 8002bbec5..5e1604fa7 100644 --- a/app/View/Elements/genericElements/SideMenu/side_menu.ctp +++ b/app/View/Elements/genericElements/SideMenu/side_menu.ctp @@ -672,6 +672,25 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); 'text' => __('View Sharing Group') )); } + if ($menuItem === 'editMG' || ($menuItem == 'viewMG' && $isAclSharingGroup)) { + echo $this->element('/genericElements/SideMenu/side_menu_link', array( + 'element_id' => 'editMG', + 'url' => $baseurl . '/sharing_group_blueprints/edit/' . h($id), + 'text' => __('Edit Sharing Group Blueprint') + )); + echo $this->element('/genericElements/SideMenu/side_menu_link', array( + 'element_id' => 'viewMG', + 'url' => $baseurl . '/sharing_group_blueprints/view/' . h($id), + 'text' => __('View Sharing Group Blueprint') + )); + echo $this->element('/genericElements/SideMenu/side_menu_link', array( + 'text' => __('Execute Sharing Group Blueprint'), + 'onClick' => array( + 'function' => 'openGenericModal', + 'params' => array($baseurl . '/sharing_group_blueprints/execute/' . h($id)) + ), + )); + } echo $this->element('/genericElements/SideMenu/side_menu_link', array( 'element_id' => 'indexSG', 'url' => $baseurl . '/sharing_groups/index', @@ -683,6 +702,16 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); 'url' => $baseurl . '/sharing_groups/add', 'text' => __('Add Sharing Group') )); + echo $this->element('/genericElements/SideMenu/side_menu_link', array( + 'element_id' => 'indexMG', + 'url' => $baseurl . '/sharing_group_blueprints/index', + 'text' => __('List Sharing Group Blueprints') + )); + echo $this->element('/genericElements/SideMenu/side_menu_link', array( + 'element_id' => 'addMG', + 'url' => $baseurl . '/sharing_group_blueprints/add', + 'text' => __('Add Sharing Group Blueprint') + )); } echo $divider; echo $this->element('/genericElements/SideMenu/side_menu_link', array( diff --git a/app/View/Elements/global_menu.ctp b/app/View/Elements/global_menu.ctp index 2793797a6..28ffe8b81 100755 --- a/app/View/Elements/global_menu.ctp +++ b/app/View/Elements/global_menu.ctp @@ -220,6 +220,16 @@ 'url' => $baseurl . '/sharing_groups/add', 'requirement' => $isAclSharingGroup ), + array( + 'text' => __('List Sharing Groups Blueprints'), + 'url' => $baseurl . '/sharing_group_blueprints/index', + 'requirement' => $isAclSharingGroup + ), + array( + 'text' => __('Add Sharing Group Blueprint'), + 'url' => $baseurl . '/sharing_group_blueprints/add', + 'requirement' => $isAclSharingGroup + ), array( 'type' => 'separator' ), diff --git a/app/View/SharingGroupBlueprints/add.ctp b/app/View/SharingGroupBlueprints/add.ctp new file mode 100644 index 000000000..b52b3df89 --- /dev/null +++ b/app/View/SharingGroupBlueprints/add.ctp @@ -0,0 +1,84 @@ +request->params['action'] === 'edit' ? true : false; +$fields = [ + [ + 'field' => 'name', + 'class' => 'span6' + ], + [ + 'field' => 'rules', + 'type' => 'textarea' + ] +]; +$description = sprintf( + '%s
%s

%s
%s', + __('Create a sharing group blueprint, which can be used to generate a sharing rule based on the nested rules described.'), + __('Simply create a JSON dictionary using a combination of filters and boolean operators.'), + 'Filters: org_id, org_type, org_uuid, org_name, org_sector, org_nationality, sharing_group_id, , sharing_group_uuid', + 'Boolean operators: OR, AND, NOT', + +); +echo $this->element('genericElements/Form/genericForm', [ + 'data' => [ + 'description' => $description, + 'model' => 'SharingGroupBlueprint', + 'title' => $edit ? __('Edit SharingGroupBlueprint') : __('Add SharingGroupBlueprint'), + 'fields' => $fields, + 'submit' => [ + 'action' => $this->request->params['action'], + 'ajaxSubmit' => 'submitGenericFormInPlace();' + ] + ] +]); + +if (!$ajax) { + echo $this->element('/genericElements/SideMenu/side_menu', $menuData); +} + +echo $this->element('genericElements/assetLoader', array( + 'js' => array( + 'codemirror/codemirror', + 'codemirror/modes/javascript', + 'codemirror/addons/closebrackets', + 'codemirror/addons/lint', + 'codemirror/addons/jsonlint', + 'codemirror/addons/json-lint', + ), + 'css' => array( + 'codemirror', + 'codemirror/show-hint', + 'codemirror/lint', + ) +)); +?> + + + + diff --git a/app/View/SharingGroupBlueprints/index.ctp b/app/View/SharingGroupBlueprints/index.ctp new file mode 100644 index 000000000..3d1365aa3 --- /dev/null +++ b/app/View/SharingGroupBlueprints/index.ctp @@ -0,0 +1,118 @@ +element('genericElements/IndexTable/scaffold', [ + 'scaffold_data' => [ + 'data' => [ + 'data' => $data, + 'top_bar' => [ + 'pull' => 'right', + 'children' => [ + [ + 'type' => 'simple', + 'children' => [ + 'data' => [ + 'type' => 'simple', + 'text' => __('Add SharingGroupBlueprint'), + 'class' => 'btn btn-primary', + 'url' => sprintf( + '%s/SharingGroupBlueprints/add', + $baseurl + ) + ] + ] + ], + [ + 'type' => 'search', + 'button' => __('Filter'), + 'placeholder' => __('Enter value to search'), + 'data' => '', + 'searchKey' => 'quickFilter' + ] + ] + ], + 'fields' => [ + [ + 'name' => __('Id'), + 'sort' => 'SharingGroupBlueprint.id', + 'data_path' => 'SharingGroupBlueprint.id' + ], + [ + 'name' => __('Owner organisation'), + 'sort' => 'Organisation', + 'data_path' => 'Organisation', + 'element' => 'org' + ], + [ + 'name' => __('Name'), + 'sort' => 'SharingGroupBlueprint.name', + 'data_path' => 'SharingGroupBlueprint.name' + ], + [ + 'name' => __('SharingGroup'), + 'sort' => 'SharingGroupBlueprint.sharing_group_id', + 'data_path' => 'SharingGroupBlueprint.sharing_group_id', + 'element' => 'custom', + 'function' => function ($row) use ($baseurl) { + if (!empty($row['SharingGroupBlueprint']['sharing_group_id'])) { + if (!empty($row['SharingGroup'])) { + echo sprintf( + '#%s: %s %s', + $baseurl, + h($row['SharingGroup']['id']), + h($row['SharingGroup']['releasability']), + h($row['SharingGroup']['id']), + h($row['SharingGroup']['name']), + sprintf( + '', + $baseurl, + h($row['SharingGroupBlueprint']['id']) + ) + ); + } + } else { + echo ' '; + } + }, + ], + [ + 'name' => __('Rules'), + 'sort' => 'SharingGroupBlueprint.rules', + 'data_path' => 'SharingGroupBlueprint.rules', + 'element' => 'json' + ] + ], + 'title' => empty($ajax) ? __('Sharing Group Blueprints') : false, + 'description' => empty($ajax) ? __('Sharing Group Blueprints are blueprints for the creation of sharing groups') : false, + 'actions' => [ + [ + 'url' => $baseurl . '/SharingGroupBlueprints/view', + 'url_params_data_paths' => ['SharingGroupBlueprint.id'], + 'icon' => 'eye' + ], + [ + 'url' => $baseurl . '/SharingGroupBlueprints/edit', + 'url_params_data_paths' => ['SharingGroupBlueprint.id'], + 'icon' => 'edit' + ], + [ + 'onclick' => sprintf( + 'openGenericModal(\'%s/SharingGroupBlueprints/execute/[onclick_params_data_path]\');', + $baseurl + ), + 'onclick_params_data_path' => 'SharingGroupBlueprint.id', + 'icon' => 'recycle', + 'title' => __('(Re)generate sharing group based on blueprint') + ], + [ + 'onclick' => sprintf( + 'openGenericModal(\'%s/SharingGroupBlueprints/delete/[onclick_params_data_path]\');', + $baseurl + ), + 'onclick_params_data_path' => 'SharingGroupBlueprint.id', + 'icon' => 'trash' + ] + ] + ] + ] + ]); + +?> diff --git a/app/View/SharingGroupBlueprints/view.ctp b/app/View/SharingGroupBlueprints/view.ctp new file mode 100644 index 000000000..6358b61a6 --- /dev/null +++ b/app/View/SharingGroupBlueprints/view.ctp @@ -0,0 +1,54 @@ +element( + 'genericElements/SingleViews/single_view', + [ + 'title' => 'Sharing Group Blueprint view', + 'data' => $data, + 'fields' => [ + [ + 'key' => __('Id'), + 'path' => 'SharingGroupBlueprint.id' + ], + [ + 'key' => __('Uuid'), + 'path' => 'SharingGroupBlueprint.uuid' + ], + [ + 'key' => __('Owner Organisation'), + 'path' => 'SharingGroupBlueprint.org_id', + 'pathName' => 'Organisation.name', + 'type' => 'model', + 'model' => 'organisations' + ], + [ + 'key' => __('Name'), + 'path' => 'SharingGroupBlueprint.name' + ], + [ + 'key' => __('Description'), + 'path' => 'SharingGroupBlueprint.description' + ], + [ + 'key' => __('SharingGroup'), + 'path' => 'SharingGroupBlueprint.sharing_group_id', + 'pathName' => 'SharingGroup.name', + 'type' => 'model', + 'model' => 'sharing_groups', + 'error' => __('No Sharing group assigned yet, execute the Sharing Group Blueprint first.') + ], + [ + 'key' => __('Rules'), + 'path' => 'SharingGroupBlueprint.rules', + 'type' => 'json' + ], + ], + 'children' => [ + [ + 'url' => '/SharingGroupBlueprints/viewOrgs/{{0}}/', + 'url_params' => ['SharingGroupBlueprint.id'], + 'title' => __('Organisations'), + 'elementId' => 'preview_orgs_container' + ] + ] + ] +); diff --git a/app/View/SharingGroupBlueprints/view_orgs.ctp b/app/View/SharingGroupBlueprints/view_orgs.ctp new file mode 100644 index 000000000..dd740a51e --- /dev/null +++ b/app/View/SharingGroupBlueprints/view_orgs.ctp @@ -0,0 +1,54 @@ +', empty($ajax) ? ' class="index"' : ''); + echo $this->element('genericElements/IndexTable/index_table', [ + 'data' => [ + 'skip_pagination' => 1, + 'data' => $data, + 'fields' => [ + [ + 'name' => __('Id'), + 'sort' => 'Organisation.id', + 'data_path' => 'Organisation.id' + ], + [ + 'name' => __('Uuid'), + 'sort' => 'Organisation.uuid', + 'data_path' => 'Organisation.uuid' + ], + [ + 'name' => __('name'), + 'sort' => 'Organisation.name', + 'data_path' => 'Organisation.name' + ], + [ + 'name' => __('sector'), + 'sort' => 'Organisation.sector', + 'data_path' => 'Organisation.sector' + ], + [ + 'name' => __('type'), + 'sort' => 'Organisation.type', + 'data_path' => 'Organisation.type' + ], + [ + 'name' => __('nationality'), + 'sort' => 'Organisation.nationality', + 'data_path' => 'Organisation.nationality' + ] + ], + 'title' => false, + 'description' => __('Organisations that would end up in a sharing group with the current SharingGroupBlueprint blueprint.'), + 'actions' => [ + [ + 'url' => $baseurl . '/organisations/view', + 'url_params_data_paths' => ['Organisation.id'], + 'icon' => 'eye' + ] + ] + ] + ]); + echo ''; + if (empty($ajax)) { + echo $this->element('/genericElements/SideMenu/side_menu', $menuData); + } +?> From 6ceab79332f39da3c591befb1a6b9fc4cd2d4301 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 2 Mar 2022 02:10:52 +0100 Subject: [PATCH 0071/1366] chg: [ACL] updated --- app/Controller/Component/ACLComponent.php | 666 +++++++++++----------- 1 file changed, 338 insertions(+), 328 deletions(-) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index eedce9c4f..f1f099522 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -14,52 +14,52 @@ class ACLComponent extends Component // If we add any new functionality to MISP and we don't add it to this list, it will only be visible to site admins. const ACL_LIST = array( '*' => array( - 'blackhole' => array(), - 'debugACL' => array(), - 'queryACL' => array(), - 'restSearch' => array('*'), + 'blackhole' => array(), + 'debugACL' => array(), + 'queryACL' => array(), + 'restSearch' => array('*'), ), 'attributes' => array( - 'add' => array('perm_add'), - 'add_attachment' => array('perm_add'), - 'add_threatconnect' => array('perm_add'), - 'addTag' => array('perm_tagger'), - 'attributeReplace' => array('perm_add'), - 'attributeStatistics' => array('*'), - 'bro' => array('*'), - 'checkAttachments' => array(), - 'checkComposites' => array('perm_admin'), - 'checkOrphanedAttributes' => array(), - 'delete' => array('perm_add'), - 'deleteSelected' => array('perm_add'), - 'describeTypes' => array('*'), - 'download' => array('*'), - 'downloadAttachment' => array('*'), - 'downloadSample' => array('*'), - 'edit' => array('perm_add'), - 'editField' => array('perm_add'), - 'editSelected' => array('perm_add'), - 'exportSearch' => array('*'), - 'fetchEditForm' => array('perm_add'), - 'fetchViewValue' => array('*'), - 'generateCorrelation' => array(), - 'getMassEditForm' => array('perm_add'), - 'hoverEnrichment' => array('perm_add'), - 'index' => array('*'), - 'pruneOrphanedAttributes' => array(), - 'removeTag' => array('perm_tagger'), - 'reportValidationIssuesAttributes' => array(), - 'restore' => array('perm_add'), - 'restSearch' => array('*'), - 'returnAttributes' => array('*'), - 'rpz' => array('*'), - 'search' => array('*'), - 'toggleCorrelation' => array('perm_add'), - 'text' => array('*'), - 'toggleToIDS' => array('perm_add'), - 'updateAttributeValues' => array('perm_add'), - 'view' => array('*'), - 'viewPicture' => array('*'), + 'add' => array('perm_add'), + 'add_attachment' => array('perm_add'), + 'add_threatconnect' => array('perm_add'), + 'addTag' => array('perm_tagger'), + 'attributeReplace' => array('perm_add'), + 'attributeStatistics' => array('*'), + 'bro' => array('*'), + 'checkAttachments' => array(), + 'checkComposites' => array('perm_admin'), + 'checkOrphanedAttributes' => array(), + 'delete' => array('perm_add'), + 'deleteSelected' => array('perm_add'), + 'describeTypes' => array('*'), + 'download' => array('*'), + 'downloadAttachment' => array('*'), + 'downloadSample' => array('*'), + 'edit' => array('perm_add'), + 'editField' => array('perm_add'), + 'editSelected' => array('perm_add'), + 'exportSearch' => array('*'), + 'fetchEditForm' => array('perm_add'), + 'fetchViewValue' => array('*'), + 'generateCorrelation' => array(), + 'getMassEditForm' => array('perm_add'), + 'hoverEnrichment' => array('perm_add'), + 'index' => array('*'), + 'pruneOrphanedAttributes' => array(), + 'removeTag' => array('perm_tagger'), + 'reportValidationIssuesAttributes' => array(), + 'restore' => array('perm_add'), + 'restSearch' => array('*'), + 'returnAttributes' => array('*'), + 'rpz' => array('*'), + 'search' => array('*'), + 'toggleCorrelation' => array('perm_add'), + 'text' => array('*'), + 'toggleToIDS' => array('perm_add'), + 'updateAttributeValues' => array('perm_add'), + 'view' => array('*'), + 'viewPicture' => array('*'), ), 'authKeys' => [ 'add' => ['AND' => ['perm_auth', 'not_read_only_authkey']], @@ -128,41 +128,41 @@ class ACLComponent extends Component "linkAttributeTypeToModel" => array( 'OR' => array('perm_admin', 'perm_decaying')) ), 'communities' => array( - 'index' => array(), - 'requestAccess' => array(), - 'view' => array() + 'index' => array(), + 'requestAccess' => array(), + 'view' => array() ), 'eventBlocklists' => array( - 'add' => [ - 'AND' => [ - 'host_org_user', - 'perm_add' - ] - ], - 'delete' => [ - 'AND' => [ - 'host_org_user', - 'perm_add' - ] - ], - 'edit' => [ - 'AND' => [ - 'host_org_user', - 'perm_add' - ] - ], - 'index' => [ - 'AND' => [ - 'host_org_user', - 'perm_add' - ] - ], - 'massDelete' => [ - 'AND' => [ - 'host_org_user', - 'perm_add' - ] + 'add' => [ + 'AND' => [ + 'host_org_user', + 'perm_add' ] + ], + 'delete' => [ + 'AND' => [ + 'host_org_user', + 'perm_add' + ] + ], + 'edit' => [ + 'AND' => [ + 'host_org_user', + 'perm_add' + ] + ], + 'index' => [ + 'AND' => [ + 'host_org_user', + 'perm_add' + ] + ], + 'massDelete' => [ + 'AND' => [ + 'host_org_user', + 'perm_add' + ] + ] ), 'eventDelegations' => array( 'acceptDelegation' => array('AND' => ['delegation_enabled', 'perm_add']), @@ -435,112 +435,112 @@ class ACLComponent extends Component 'viewElements' => array('*') ), 'orgBlocklists' => array( - 'add' => array(), - 'delete' => array(), - 'edit' => array(), - 'index' => array(), + 'add' => array(), + 'delete' => array(), + 'edit' => array(), + 'index' => array(), ), 'organisations' => array( - 'admin_add' => array(), - 'admin_delete' => array(), - 'admin_edit' => array(), - 'admin_generateuuid' => array(), - 'admin_merge' => array(), - 'fetchOrgsForSG' => array('perm_sharing_group'), - 'fetchSGOrgRow' => array('*'), - 'getUUIDs' => array('perm_sync'), - 'index' => array('*'), - 'view' => array('*'), + 'admin_add' => array(), + 'admin_delete' => array(), + 'admin_edit' => array(), + 'admin_generateuuid' => array(), + 'admin_merge' => array(), + 'fetchOrgsForSG' => array('perm_sharing_group'), + 'fetchSGOrgRow' => array('*'), + 'getUUIDs' => array('perm_sync'), + 'index' => array('*'), + 'view' => array('*'), ), 'pages' => array( - 'display' => array('*'), + 'display' => array('*'), ), 'posts' => array( - 'add' => array('not_read_only_authkey'), - 'delete' => array('not_read_only_authkey'), - 'edit' => array('not_read_only_authkey'), - 'pushMessageToZMQ' => array() + 'add' => array('not_read_only_authkey'), + 'delete' => array('not_read_only_authkey'), + 'edit' => array('not_read_only_authkey'), + 'pushMessageToZMQ' => array() ), 'regexp' => array( - 'admin_add' => array('perm_regexp_access'), - 'admin_clean' => array('perm_regexp_access'), - 'admin_delete' => array('perm_regexp_access'), - 'admin_edit' => array('perm_regexp_access'), - 'admin_index' => array('perm_regexp_access'), - 'cleanRegexModifiers' => array('perm_regexp_access'), - 'index' => array('*'), + 'admin_add' => array('perm_regexp_access'), + 'admin_clean' => array('perm_regexp_access'), + 'admin_delete' => array('perm_regexp_access'), + 'admin_edit' => array('perm_regexp_access'), + 'admin_index' => array('perm_regexp_access'), + 'cleanRegexModifiers' => array('perm_regexp_access'), + 'index' => array('*'), ), 'restClientHistory' => array( - 'delete' => array('not_read_only_authkey'), - 'index' => array('*') + 'delete' => array('not_read_only_authkey'), + 'index' => array('*') ), 'roles' => array( - 'admin_add' => array(), - 'admin_delete' => array(), - 'admin_edit' => array(), - 'admin_set_default' => array(), - 'index' => array('*'), - 'view' => array('*'), + 'admin_add' => array(), + 'admin_delete' => array(), + 'admin_edit' => array(), + 'admin_set_default' => array(), + 'index' => array('*'), + 'view' => array('*'), ), 'servers' => array( - 'add' => array(), - 'dbSchemaDiagnostic' => array(), - 'cache' => array(), - 'changePriority' => array(), - 'checkout' => array(), - 'clearWorkerQueue' => array(), - 'createSync' => array('perm_sync'), - 'delete' => array(), - 'deleteFile' => array(), - 'edit' => array(), - 'eventBlockRule' => array(), - 'fetchServersForSG' => array('perm_sharing_group'), - 'filterEventIndex' => array(), - 'getApiInfo' => array('*'), - 'getAvailableSyncFilteringRules' => array('*'), - 'getInstanceUUID' => array('perm_sync'), - 'getPyMISPVersion' => array('*'), - 'getRemoteUser' => array(), - 'getSetting' => array(), - 'getSubmodulesStatus' => array(), - 'getSubmoduleQuickUpdateForm' => array(), - 'getWorkers' => array(), - 'getVersion' => array('perm_auth'), - 'idTranslator' => ['host_org_user'], - 'import' => array(), - 'index' => array(), - 'ondemandAction' => array(), - 'postTest' => array('*'), - 'previewEvent' => array(), - 'previewIndex' => array(), - 'compareServers' => [], - 'pull' => array(), - 'purgeSessions' => array(), - 'push' => array(), - 'queryAvailableSyncFilteringRules' => array(), - 'releaseUpdateLock' => array(), - 'resetRemoteAuthKey' => array(), - 'removeOrphanedCorrelations' => array(), - 'rest' => array('perm_auth'), - 'openapi' => array('*'), - 'restartDeadWorkers' => array(), - 'restartWorkers' => array(), - 'serverSettings' => array(), - 'serverSettingsEdit' => array(), - 'serverSettingsReloadSetting' => array(), - 'startWorker' => array(), - 'startZeroMQServer' => array(), - 'statusZeroMQServer' => array(), - 'stopWorker' => array(), - 'stopZeroMQServer' => array(), - 'testConnection' => array(), - 'update' => array(), - 'updateJSON' => array(), - 'updateProgress' => array(), - 'updateSubmodule' => array(), - 'uploadFile' => array(), - 'viewDeprecatedFunctionUse' => array(), - 'killAllWorkers' => [], + 'add' => array(), + 'dbSchemaDiagnostic' => array(), + 'cache' => array(), + 'changePriority' => array(), + 'checkout' => array(), + 'clearWorkerQueue' => array(), + 'createSync' => array('perm_sync'), + 'delete' => array(), + 'deleteFile' => array(), + 'edit' => array(), + 'eventBlockRule' => array(), + 'fetchServersForSG' => array('perm_sharing_group'), + 'filterEventIndex' => array(), + 'getApiInfo' => array('*'), + 'getAvailableSyncFilteringRules' => array('*'), + 'getInstanceUUID' => array('perm_sync'), + 'getPyMISPVersion' => array('*'), + 'getRemoteUser' => array(), + 'getSetting' => array(), + 'getSubmodulesStatus' => array(), + 'getSubmoduleQuickUpdateForm' => array(), + 'getWorkers' => array(), + 'getVersion' => array('perm_auth'), + 'idTranslator' => ['host_org_user'], + 'import' => array(), + 'index' => array(), + 'ondemandAction' => array(), + 'postTest' => array('*'), + 'previewEvent' => array(), + 'previewIndex' => array(), + 'compareServers' => [], + 'pull' => array(), + 'purgeSessions' => array(), + 'push' => array(), + 'queryAvailableSyncFilteringRules' => array(), + 'releaseUpdateLock' => array(), + 'resetRemoteAuthKey' => array(), + 'removeOrphanedCorrelations' => array(), + 'rest' => array('perm_auth'), + 'openapi' => array('*'), + 'restartDeadWorkers' => array(), + 'restartWorkers' => array(), + 'serverSettings' => array(), + 'serverSettingsEdit' => array(), + 'serverSettingsReloadSetting' => array(), + 'startWorker' => array(), + 'startZeroMQServer' => array(), + 'statusZeroMQServer' => array(), + 'stopWorker' => array(), + 'stopZeroMQServer' => array(), + 'testConnection' => array(), + 'update' => array(), + 'updateJSON' => array(), + 'updateProgress' => array(), + 'updateSubmodule' => array(), + 'uploadFile' => array(), + 'viewDeprecatedFunctionUse' => array(), + 'killAllWorkers' => [], 'cspReport' => ['*'], 'pruneDuplicateUUIDs' => array(), 'removeDuplicateEvents' => array(), @@ -549,181 +549,191 @@ class ACLComponent extends Component 'updateDatabase' => array(), ), 'shadowAttributes' => array( - 'accept' => array('perm_add'), - 'acceptSelected' => array('perm_add'), - 'add' => array('perm_add'), - 'add_attachment' => array('perm_add'), - 'delete' => array('perm_add'), - 'discard' => array('perm_add'), - 'discardSelected' => array('perm_add'), - 'download' => array('*'), - 'edit' => array('perm_add'), - 'generateCorrelation' => array(), - 'index' => array('*'), - 'view' => array('*'), - 'viewPicture' => array('*'), + 'accept' => array('perm_add'), + 'acceptSelected' => array('perm_add'), + 'add' => array('perm_add'), + 'add_attachment' => array('perm_add'), + 'delete' => array('perm_add'), + 'discard' => array('perm_add'), + 'discardSelected' => array('perm_add'), + 'download' => array('*'), + 'edit' => array('perm_add'), + 'generateCorrelation' => array(), + 'index' => array('*'), + 'view' => array('*'), + 'viewPicture' => array('*'), + ), + 'sharingGroupBlueprints' => array( + 'add' => array('perm_sharing_group'), + 'delete' => array('perm_sharing_group'), + 'detach' => array('perm_sharing_group'), + 'edit' => array('perm_sharing_group'), + 'execute' => array('perm_sharing_group'), + 'index' => array('perm_sharing_group'), + 'view' => array('perm_sharing_group'), + 'viewOrgs' => array('perm_sharing_group'), ), 'sharingGroups' => array( - 'add' => array('perm_sharing_group'), - 'addServer' => array('perm_sharing_group'), - 'addOrg' => array('perm_sharing_group'), - 'delete' => array('perm_sharing_group'), - 'edit' => array('perm_sharing_group'), - 'index' => array('*'), - 'removeServer' => array('perm_sharing_group'), - 'removeOrg' => array('perm_sharing_group'), - 'view' => array('*'), + 'add' => array('perm_sharing_group'), + 'addServer' => array('perm_sharing_group'), + 'addOrg' => array('perm_sharing_group'), + 'delete' => array('perm_sharing_group'), + 'edit' => array('perm_sharing_group'), + 'index' => array('*'), + 'removeServer' => array('perm_sharing_group'), + 'removeOrg' => array('perm_sharing_group'), + 'view' => array('*'), ), 'sightings' => array( - 'add' => array('perm_sighting'), - 'restSearch' => array('perm_sighting'), - 'advanced' => array('perm_sighting'), - 'delete' => array('perm_sighting'), - 'index' => array('*'), - 'listSightings' => array('*'), - 'quickDelete' => array('perm_sighting'), - 'viewSightings' => array('*'), - 'bulkSaveSightings' => array('OR' => array('perm_sync', 'perm_sighting')), - 'filterSightingUuidsForPush' => ['perm_sync'], - 'quickAdd' => array('perm_sighting') + 'add' => array('perm_sighting'), + 'restSearch' => array('perm_sighting'), + 'advanced' => array('perm_sighting'), + 'delete' => array('perm_sighting'), + 'index' => array('*'), + 'listSightings' => array('*'), + 'quickDelete' => array('perm_sighting'), + 'viewSightings' => array('*'), + 'bulkSaveSightings' => array('OR' => array('perm_sync', 'perm_sighting')), + 'filterSightingUuidsForPush' => ['perm_sync'], + 'quickAdd' => array('perm_sighting') ), 'sightingdb' => array( - 'add' => array(), - 'edit' => array(), - 'delete' => array(), - 'index' => array(), - 'requestStatus' => array(), - 'search' => array() + 'add' => array(), + 'edit' => array(), + 'delete' => array(), + 'index' => array(), + 'requestStatus' => array(), + 'search' => array() ), 'tagCollections' => array( - 'add' => array('perm_tag_editor'), - 'addTag' => array('perm_tag_editor'), - 'delete' => array('perm_tag_editor'), - 'edit' => array('perm_tag_editor'), - 'getRow' => array('perm_tag_editor'), - 'import' => array('perm_tag_editor'), - 'index' => array('*'), - 'removeTag' => array('perm_tag_editor'), - 'view' => array('*') + 'add' => array('perm_tag_editor'), + 'addTag' => array('perm_tag_editor'), + 'delete' => array('perm_tag_editor'), + 'edit' => array('perm_tag_editor'), + 'getRow' => array('perm_tag_editor'), + 'import' => array('perm_tag_editor'), + 'index' => array('*'), + 'removeTag' => array('perm_tag_editor'), + 'view' => array('*') ), 'tags' => array( - 'add' => array('perm_tag_editor'), - 'attachTagToObject' => array('perm_tagger'), - 'delete' => array(), - 'edit' => array(), - 'index' => array('*'), - 'quickAdd' => array('perm_tag_editor'), - 'removeTagFromObject' => array('perm_tagger'), - 'search' => array('*'), - 'selectTag' => array('perm_tagger'), - 'selectTaxonomy' => array('perm_tagger'), - 'showEventTag' => array('*'), - 'showAttributeTag' => array('*'), - 'showTagControllerTag' => array('*'), - 'tagStatistics' => array('*'), - 'view' => array('*'), - 'viewGraph' => array('*'), - 'viewTag' => array('*') + 'add' => array('perm_tag_editor'), + 'attachTagToObject' => array('perm_tagger'), + 'delete' => array(), + 'edit' => array(), + 'index' => array('*'), + 'quickAdd' => array('perm_tag_editor'), + 'removeTagFromObject' => array('perm_tagger'), + 'search' => array('*'), + 'selectTag' => array('perm_tagger'), + 'selectTaxonomy' => array('perm_tagger'), + 'showEventTag' => array('*'), + 'showAttributeTag' => array('*'), + 'showTagControllerTag' => array('*'), + 'tagStatistics' => array('*'), + 'view' => array('*'), + 'viewGraph' => array('*'), + 'viewTag' => array('*') ), 'tasks' => array( - 'index' => array(), - 'setTask' => array(), + 'index' => array(), + 'setTask' => array(), ), 'taxonomies' => array( - 'addTag' => array(), - 'delete' => array(), - 'disable' => array(), - 'disableTag' => array(), - 'enable' => array(), - 'index' => array('*'), - 'taxonomy_tags' => array('*'), - 'taxonomyMassConfirmation' => array('perm_tagger'), - 'taxonomyMassHide' => array('perm_tagger'), - 'taxonomyMassUnhide' => array('perm_tagger'), - 'toggleRequired' => array(), - 'update' => array(), - 'import' => [], - 'export' => ['*'], - 'view' => array('*'), - 'unhideTag' => array('perm_tagger'), - 'hideTag' => array('perm_tagger'), + 'addTag' => array(), + 'delete' => array(), + 'disable' => array(), + 'disableTag' => array(), + 'enable' => array(), + 'index' => array('*'), + 'taxonomy_tags' => array('*'), + 'taxonomyMassConfirmation' => array('perm_tagger'), + 'taxonomyMassHide' => array('perm_tagger'), + 'taxonomyMassUnhide' => array('perm_tagger'), + 'toggleRequired' => array(), + 'update' => array(), + 'import' => [], + 'export' => ['*'], + 'view' => array('*'), + 'unhideTag' => array('perm_tagger'), + 'hideTag' => array('perm_tagger'), ), 'templateElements' => array( - 'add' => array('perm_template'), - 'delete' => array('perm_template'), - 'edit' => array('perm_template'), - 'index' => array('*'), - 'templateElementAddChoices' => array('perm_template'), + 'add' => array('perm_template'), + 'delete' => array('perm_template'), + 'edit' => array('perm_template'), + 'index' => array('*'), + 'templateElementAddChoices' => array('perm_template'), ), 'templates' => array( - 'add' => array('perm_template'), - 'delete' => array('perm_template'), - 'deleteTemporaryFile' => array('perm_add'), - 'edit' => array('perm_template'), - 'index' => array('*'), - 'populateEventFromTemplate' => array('perm_add'), - 'saveElementSorting' => array('perm_template'), - 'submitEventPopulation' => array('perm_add'), - 'templateChoices' => array('*'), - 'uploadFile' => array('*'), - 'view' => array('*'), + 'add' => array('perm_template'), + 'delete' => array('perm_template'), + 'deleteTemporaryFile' => array('perm_add'), + 'edit' => array('perm_template'), + 'index' => array('*'), + 'populateEventFromTemplate' => array('perm_add'), + 'saveElementSorting' => array('perm_template'), + 'submitEventPopulation' => array('perm_add'), + 'templateChoices' => array('*'), + 'uploadFile' => array('*'), + 'view' => array('*'), ), 'threads' => array( - 'index' => array('*'), - 'view' => array('*'), - 'viewEvent' => array('*'), + 'index' => array('*'), + 'view' => array('*'), + 'viewEvent' => array('*'), ), 'users' => array( - 'acceptRegistrations' => array(), - 'admin_add' => ['AND' => ['perm_admin', 'add_user_enabled']], - 'admin_delete' => array('perm_admin'), - 'admin_edit' => array('perm_admin'), - 'admin_email' => array('perm_admin'), - 'admin_filterUserIndex' => array('perm_admin'), - 'admin_index' => array('perm_admin'), - 'admin_massToggleField' => array('perm_admin'), - 'admin_monitor' => array(), - 'admin_quickEmail' => array('perm_admin'), - 'admin_view' => array('perm_admin'), - 'attributehistogram' => array('*'), - 'change_pw' => ['AND' => ['self_management_enabled', 'password_change_enabled', 'not_read_only_authkey']], - 'checkAndCorrectPgps' => array(), - 'checkIfLoggedIn' => array('*'), - 'dashboard' => array('*'), - 'delete' => array('perm_admin'), - 'discardRegistrations' => array(), - 'downloadTerms' => array('*'), - 'edit' => array('self_management_enabled'), - 'email_otp' => array('*'), - 'searchGpgKey' => array('*'), - 'fetchGpgKey' => array('*'), - 'histogram' => array('*'), - 'initiatePasswordReset' => ['AND' => ['perm_admin', 'password_change_enabled']], - 'login' => array('*'), - 'logout' => array('*'), - 'register' => array('*'), - 'registrations' => array(), - 'resetAllSyncAuthKeys' => array(), - 'resetauthkey' => ['AND' => ['self_management_enabled', 'perm_auth', 'not_read_only_authkey']], - 'request_API' => array('*'), - 'routeafterlogin' => array('*'), - 'statistics' => array('*'), - 'tagStatisticsGraph' => array('*'), - 'terms' => array('*'), - 'updateLoginTime' => array('*'), - 'updateToAdvancedAuthKeys' => array(), - 'verifyCertificate' => array(), - 'verifyGPG' => array(), - 'view' => array('*'), - 'getGpgPublicKey' => array('*'), + 'acceptRegistrations' => array(), + 'admin_add' => ['AND' => ['perm_admin', 'add_user_enabled']], + 'admin_delete' => array('perm_admin'), + 'admin_edit' => array('perm_admin'), + 'admin_email' => array('perm_admin'), + 'admin_filterUserIndex' => array('perm_admin'), + 'admin_index' => array('perm_admin'), + 'admin_massToggleField' => array('perm_admin'), + 'admin_monitor' => array(), + 'admin_quickEmail' => array('perm_admin'), + 'admin_view' => array('perm_admin'), + 'attributehistogram' => array('*'), + 'change_pw' => ['AND' => ['self_management_enabled', 'password_change_enabled', 'not_read_only_authkey']], + 'checkAndCorrectPgps' => array(), + 'checkIfLoggedIn' => array('*'), + 'dashboard' => array('*'), + 'delete' => array('perm_admin'), + 'discardRegistrations' => array(), + 'downloadTerms' => array('*'), + 'edit' => array('self_management_enabled'), + 'email_otp' => array('*'), + 'searchGpgKey' => array('*'), + 'fetchGpgKey' => array('*'), + 'histogram' => array('*'), + 'initiatePasswordReset' => ['AND' => ['perm_admin', 'password_change_enabled']], + 'login' => array('*'), + 'logout' => array('*'), + 'register' => array('*'), + 'registrations' => array(), + 'resetAllSyncAuthKeys' => array(), + 'resetauthkey' => ['AND' => ['self_management_enabled', 'perm_auth', 'not_read_only_authkey']], + 'request_API' => array('*'), + 'routeafterlogin' => array('*'), + 'statistics' => array('*'), + 'tagStatisticsGraph' => array('*'), + 'terms' => array('*'), + 'updateLoginTime' => array('*'), + 'updateToAdvancedAuthKeys' => array(), + 'verifyCertificate' => array(), + 'verifyGPG' => array(), + 'view' => array('*'), + 'getGpgPublicKey' => array('*'), ), 'userSettings' => array( - 'index' => array('*'), - 'view' => array('*'), - 'setSetting' => array('not_read_only_authkey'), - 'getSetting' => array('*'), - 'delete' => array('not_read_only_authkey'), - 'setHomePage' => array('not_read_only_authkey'), + 'index' => array('*'), + 'view' => array('*'), + 'setSetting' => array('not_read_only_authkey'), + 'getSetting' => array('*'), + 'delete' => array('not_read_only_authkey'), + 'setHomePage' => array('not_read_only_authkey'), 'eventIndexColumnToggle' => ['*'], ), 'warninglists' => array( @@ -741,17 +751,17 @@ class ACLComponent extends Component 'import' => ['perm_warninglist'], ), 'allowedlists' => array( - 'admin_add' => array('perm_regexp_access'), - 'admin_delete' => array('perm_regexp_access'), - 'admin_edit' => array('perm_regexp_access'), - 'admin_index' => array('perm_regexp_access'), - 'index' => array('*'), + 'admin_add' => array('perm_regexp_access'), + 'admin_delete' => array('perm_regexp_access'), + 'admin_edit' => array('perm_regexp_access'), + 'admin_index' => array('perm_regexp_access'), + 'index' => array('*'), ), 'eventGraph' => array( - 'view' => array('*'), - 'viewPicture' => array('*'), - 'add' => array('perm_add'), - 'delete' => array('perm_modify'), + 'view' => array('*'), + 'viewPicture' => array('*'), + 'add' => array('perm_add'), + 'delete' => array('perm_modify'), ) ); From 18fb3d12bdfaf36f8fa55278dcc42bc6289d24fe Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 2 Mar 2022 02:11:08 +0100 Subject: [PATCH 0072/1366] fix: [sharing group] authorise sharing group if the user's organisation is not contained in the sharing group but is rather the creator organisation --- app/Model/SharingGroup.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/Model/SharingGroup.php b/app/Model/SharingGroup.php index 171f48020..8c90467bc 100644 --- a/app/Model/SharingGroup.php +++ b/app/Model/SharingGroup.php @@ -451,7 +451,13 @@ class SharingGroup extends AppModel if (!isset($user['id'])) { throw new MethodNotAllowedException('Invalid user.'); } + $sg_org_id = $this->find('first', [ + 'recursive' => -1, + 'fields' => ['SharingGroup.org_id'], + 'conditions' => ['SharingGroup.id' => $id] + ]); $authorized = ($adminCheck && $user['Role']['perm_site_admin']) || + $user['org_id'] === $sg_org_id['SharingGroup']['org_id'] || $this->SharingGroupServer->checkIfAuthorised($id) || $this->SharingGroupOrg->checkIfAuthorised($id, $user['org_id']); $this->__sgAuthorisationCache['access'][$adminCheck][$id] = $authorized; From 18f2b54a6c3eeaa91f17317d0dc965d43178d01a Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 2 Mar 2022 02:12:18 +0100 Subject: [PATCH 0073/1366] fix: [JSON field] fixes - do not sanitise data that is to be json encoded - decode json if a simple string is used --- app/View/Elements/genericElements/IndexTable/Fields/json.ctp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/IndexTable/Fields/json.ctp b/app/View/Elements/genericElements/IndexTable/Fields/json.ctp index 9fe805c9d..b4890068c 100644 --- a/app/View/Elements/genericElements/IndexTable/Fields/json.ctp +++ b/app/View/Elements/genericElements/IndexTable/Fields/json.ctp @@ -1,5 +1,5 @@ ', h($k) ); + if (is_string($data)) { + $data = json_decode($data); + } ?> \ No newline at end of file + From ce9fbea4d65946d4aa755a7cd8ba78138a653a74 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 3 Mar 2022 16:09:03 +0100 Subject: [PATCH 0091/1366] chg: [sharing group blueprint] default to active sharing groups - was confusing --- app/Model/SharingGroupBlueprint.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Model/SharingGroupBlueprint.php b/app/Model/SharingGroupBlueprint.php index a235ac301..108d3d1a8 100644 --- a/app/Model/SharingGroupBlueprint.php +++ b/app/Model/SharingGroupBlueprint.php @@ -109,7 +109,8 @@ class SharingGroupBlueprint extends AppModel 'organisation_uuid' => $org_uuid, 'releasability' => __('Generated based on Sharing Group Blueprint rules'), 'local' => 1, - 'roaming' => 1 + 'roaming' => 1, + 'active' => 1 ]; if ($this->SharingGroup->save($sg)) { $id = $this->SharingGroup->id; From ab3f8b6452d4be89080e3403a4f59b44c56d4f67 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 3 Mar 2022 16:09:58 +0100 Subject: [PATCH 0092/1366] chg: [PyMISP] bump --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index 5e89abd9b..a347f0ed4 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 5e89abd9bd285fba6fb66d5f23e9b89c3e9941dc +Subproject commit a347f0ed4e32e5135feecc6530be935c11bd5b51 From b32684561e65b3a8448c09bc5b9c54c87e96a34c Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 3 Mar 2022 18:57:44 +0100 Subject: [PATCH 0093/1366] chg: [authkeys] add accepts the user_id via URL params and posted JSON body --- app/Controller/AuthKeysController.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Controller/AuthKeysController.php b/app/Controller/AuthKeysController.php index 375db2de1..b0b62990b 100644 --- a/app/Controller/AuthKeysController.php +++ b/app/Controller/AuthKeysController.php @@ -105,6 +105,10 @@ class AuthKeysController extends AppController public function add($user_id = false) { + $options = $this->IndexFilter->harvestParameters(['user_id']); + if (!empty($params['user_id'])) { + $user_id = $options['user_id']; + } $params = [ 'displayOnSuccess' => 'authkey_display', 'saveModelVariable' => ['authkey_raw'], From 870b9d761bd16c38c3ac2d2c39b71ec990a48755 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 4 Mar 2022 16:10:12 +0100 Subject: [PATCH 0094/1366] fix: [db schema] fixed --- app/Model/AppModel.php | 7 +++++-- db_schema.json | 12 ++++++------ 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 07cb422da..d4cd52e30 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -86,7 +86,7 @@ class AppModel extends Model 63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false, 69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false, 75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false, - 81 => false + 81 => false, 82 => false ); public $advanced_updates_description = array( @@ -1633,12 +1633,15 @@ class AppModel extends Model ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; break; case 81: - $fields = ['nationality', 'sector', 'type', 'name', 'description']; + $fields = ['nationality', 'sector', 'type', 'name']; foreach ($fields as $field) { $sqlArray[] = sprintf("UPDATE organisations SET %s = '' WHERE %s IS NULL;", $field, $field); $sqlArray[] = sprintf("ALTER table organisations MODIFY %s varchar(255) NOT NULL DEFAULT '';", $field); } break; + case 82: + $sqlArray[] = sprintf("ALTER table organisations MODIFY description text;"); + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/db_schema.json b/db_schema.json index 704f3975f..50a4d49d1 100644 --- a/db_schema.json +++ b/db_schema.json @@ -4236,13 +4236,13 @@ }, { "column_name": "description", - "is_nullable": "NO", - "data_type": "varchar", - "character_maximum_length": "255", + "is_nullable": "YES", + "data_type": "text", + "character_maximum_length": "65535", "numeric_precision": null, "collation_name": "utf8_bin", - "column_type": "varchar(255)", - "column_default": "", + "column_type": "text", + "column_default": null, "extra": "" }, { @@ -8322,5 +8322,5 @@ "id": true } }, - "db_version": "81" + "db_version": "82" } \ No newline at end of file From ca54aa19b81422160c76e8076edb7fc05d51f223 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Fri, 4 Mar 2022 17:01:30 +0100 Subject: [PATCH 0095/1366] chg: add decomission step for systemctl workers service --- docs/background-jobs-migration-guide.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/docs/background-jobs-migration-guide.md b/docs/background-jobs-migration-guide.md index 988b8bdde..1cd608ced 100644 --- a/docs/background-jobs-migration-guide.md +++ b/docs/background-jobs-migration-guide.md @@ -19,11 +19,10 @@ Run on your MISP instance the following commands. 2. Install required PHP packages: ``` cd /var/www/MISP/app - sudo -u www-data composer require --with-all-dependencies supervisorphp/supervisor:^4.0 \ + sudo -u www-data php composer.phar require --with-all-dependencies supervisorphp/supervisor:^4.0 \ guzzlehttp/guzzle \ php-http/message \ lstrojny/fxmlrpc - ``` 3. Add the following settings at the bottom of the **Supervisord** conf file, usually located in: @@ -151,5 +150,11 @@ Run on your MISP instance the following commands. * /var/www/MISP/app/tmp/logs/misp-workers-errors.log * /var/www/MISP/app/tmp/logs/misp-workers.log +5. Once the new workers are functioning as expected, you can remove the previous workers service: + ```bash + $ sudo systemctl stop --now misp-workers + $ sudo systemctl disable --now misp-workers + ``` + ### Notes Scheduled tasks (TasksController) are not supported with the new backend, however this feature is going to be deprecated, it is recommended to use cron jobs instead. \ No newline at end of file From 5940187b33650ad6df2f8ca8f59ae897e19dde38 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 4 Mar 2022 17:53:07 +0100 Subject: [PATCH 0096/1366] new: [UI] Site admin can create SG with specific UUID --- app/Controller/SharingGroupsController.php | 24 +++++++-------- app/Model/SharingGroup.php | 34 +++++++++++++--------- app/View/SharingGroups/add.ctp | 4 +++ app/webroot/js/misp.js | 20 +++++++------ 4 files changed, 46 insertions(+), 36 deletions(-) diff --git a/app/Controller/SharingGroupsController.php b/app/Controller/SharingGroupsController.php index 9b5184fcb..329d39275 100644 --- a/app/Controller/SharingGroupsController.php +++ b/app/Controller/SharingGroupsController.php @@ -41,9 +41,8 @@ class SharingGroupsController extends AppController public function add() { - if (!$this->userRole['perm_sharing_group']) { - throw new MethodNotAllowedException('You don\'t have the required privileges to do that.'); - } + $canModifyUuid = $this->Auth->user()['Role']['perm_site_admin']; + if ($this->request->is('post')) { if ($this->_isRest()) { if (isset($this->request->data['SharingGroup'])) { @@ -79,6 +78,9 @@ class SharingGroupsController extends AppController } } $this->SharingGroup->create(); + if (!$canModifyUuid) { + unset($sg['uuid']); + } $sg['active'] = $sg['active'] ? 1: 0; $sg['roaming'] = $sg['roaming'] ? 1: 0; $sg['organisation_uuid'] = $this->Auth->user('Organisation')['uuid']; @@ -124,23 +126,15 @@ class SharingGroupsController extends AppController } elseif ($this->_isRest()) { return $this->RestResponse->describe('SharingGroup', 'add', false, $this->response->type()); } - - $orgs = $this->SharingGroup->Organisation->find('all', array( - 'conditions' => array('local' => 1), - 'recursive' => -1, - 'fields' => array('id', 'name', 'uuid') - )); - $this->set('orgs', $orgs); + $this->set('localInstance', empty(Configure::read('MISP.external_baseurl')) ? Configure::read('MISP.baseurl') : Configure::read('MISP.external_baseurl')); // We just pass true and allow the user to edit, since he/she is just about to create the SG. This is needed to reuse the view for the edit $this->set('user', $this->Auth->user()); + $this->set('canModifyUuid', $canModifyUuid); } public function edit($id = false) { - if (!$this->userRole['perm_sharing_group']) { - throw new MethodNotAllowedException('You don\'t have the required privileges to do that.'); - } if (empty($id)) { throw new NotFoundException('Invalid sharing group.'); } @@ -163,6 +157,10 @@ class SharingGroupsController extends AppController ), ), )); + if (empty($sharingGroup)) { + throw new NotFoundException('Invalid sharing group.'); + } + if (!$this->SharingGroup->checkIfAuthorisedExtend($this->Auth->user(), $sharingGroup['SharingGroup']['id'])) { throw new MethodNotAllowedException('Action not allowed.'); } diff --git a/app/Model/SharingGroup.php b/app/Model/SharingGroup.php index 8c90467bc..68a235af3 100644 --- a/app/Model/SharingGroup.php +++ b/app/Model/SharingGroup.php @@ -306,14 +306,19 @@ class SharingGroup extends AppModel return $sharingGroups; } - // Who can create a new sharing group with the elements pre-defined (via REST for example)? - // 1. site admins - // 2. Sharing group enabled users - // a. as long as they are creator or extender of the SG object - // 3. Sync users - // a. as long as they are at least users of the SG (they can circumvent the extend rule to - // avoid situations where no one can create / edit an SG on an instance after a push) - public function checkIfAuthorisedToSave($user, $sg) + /** + * Who can create a new sharing group with the elements pre-defined (via REST for example)? + * 1. site admins + * 2. Sharing group enabled users + * a. as long as they are creator or extender of the SG object + * 3. Sync users + * a. as long as they are at least users of the SG (they can circumvent the extend rule to + * avoid situations where no one can create / edit an SG on an instance after a push) + * @param array $user + * @param array $sg + * @return bool + */ + private function checkIfAuthorisedToSave(array $user, array $sg) { if (isset($sg[0])) { $sg = $sg[0]; @@ -379,7 +384,7 @@ class SharingGroup extends AppModel // a. Belong to the organisation that created the SG // b. Have an organisation entry in the SG with the extend flag set // 3. Sync users that have synced the SG to the local instance - public function checkIfAuthorisedExtend($user, $id) + public function checkIfAuthorisedExtend(array $user, $id) { if ($user['Role']['perm_site_admin']) { return true; @@ -644,15 +649,16 @@ class SharingGroup extends AppModel } } - /* + /** * Capture a new sharing group, rather than update an existing one * * @param array $user * @param array $sg - * @param boolean syncLocal - * @return int || false + * @param boolean $syncLocal + * @return int|false + * @throws Exception */ - private function captureSGNew($user, $sg, $syncLocal) + private function captureSGNew(array $user, array $sg, $syncLocal) { // check if current user is contained in the SG and we are in a local sync setup if (!empty($sg['uuid'])) { @@ -666,7 +672,7 @@ class SharingGroup extends AppModel $authorisedToSave = $this->checkIfAuthorisedToSave($user, $sg); } if (!$user['Role']['perm_site_admin'] && - !($user['Role']['perm_sync'] && $syncLocal ) && + !($user['Role']['perm_sync'] && $syncLocal) && !$authorisedToSave ) { $this->loadLog()->createLogEntry($user, 'error', 'SharingGroup', 0, "Tried to save a sharing group with UUID '{$sg['uuid']}' but the user does not belong to it."); diff --git a/app/View/SharingGroups/add.ctp b/app/View/SharingGroups/add.ctp index b3ec48e3d..aa3efc9f2 100644 --- a/app/View/SharingGroups/add.ctp +++ b/app/View/SharingGroups/add.ctp @@ -48,6 +48,10 @@ } ?>
+ + + + diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index 5f77693dd..1c1d49a14 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -3204,15 +3204,16 @@ function cancelPicklistValues() { function sgSubmitForm(action) { var ajax = { - 'organisations': organisations, - 'servers': servers, - 'sharingGroup': { - 'name': $('#SharingGroupName').val(), - 'releasability': $('#SharingGroupReleasability').val(), - 'description': $('#SharingGroupDescription').val(), - 'active': $('#SharingGroupActive').is(":checked"), - 'roaming': $('#SharingGroupRoaming').is(":checked"), - } + 'organisations': organisations, + 'servers': servers, + 'sharingGroup': { + 'uuid': $('#SharingGroupUuid').val(), + 'name': $('#SharingGroupName').val(), + 'releasability': $('#SharingGroupReleasability').val(), + 'description': $('#SharingGroupDescription').val(), + 'active': $('#SharingGroupActive').is(":checked"), + 'roaming': $('#SharingGroupRoaming').is(":checked"), + } }; $('#SharingGroupJson').val(JSON.stringify(ajax)); var formName = "#SharingGroup" + action + "Form"; @@ -3274,6 +3275,7 @@ function sharingGroupPopulateFromJson() { } $('#SharingGroupName').attr('value', jsonparsed.sharingGroup.name); $('#SharingGroupReleasability').attr('value', jsonparsed.sharingGroup.releasability); + $('#SharingGroupUuid').attr('value', jsonparsed.sharingGroup.uuid); $('#SharingGroupDescription').text(jsonparsed.sharingGroup.description); } From 5cfc83f66521c8275f40c31b7f45d9ac88e063d1 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 5 Mar 2022 10:37:20 +0100 Subject: [PATCH 0097/1366] chg: [internal] Bump PyMISP --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index a347f0ed4..03dc22f95 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit a347f0ed4e32e5135feecc6530be935c11bd5b51 +Subproject commit 03dc22f9598e6caae81b0e40ce27bf3f17799f4e From 3aa2d7e31028c90c79426d1eceb2867383224852 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sat, 5 Mar 2022 11:06:24 +0100 Subject: [PATCH 0098/1366] fix: [sharing group blueprint] fixed --- app/Controller/SharingGroupBlueprintsController.php | 2 +- app/Model/SharingGroupBlueprint.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Controller/SharingGroupBlueprintsController.php b/app/Controller/SharingGroupBlueprintsController.php index 0e37554b9..452e98763 100644 --- a/app/Controller/SharingGroupBlueprintsController.php +++ b/app/Controller/SharingGroupBlueprintsController.php @@ -51,7 +51,7 @@ class SharingGroupBlueprintsController extends AppController $this->set('menuData', array('menuList' => 'globalActions', 'menuItem' => 'editMG')); $this->set('id', $id); $params = [ - 'fields' => ['rules'] + 'fields' => ['rules', 'name'] ]; $this->CRUD->edit($id, $params); if ($this->IndexFilter->isRest()) { diff --git a/app/Model/SharingGroupBlueprint.php b/app/Model/SharingGroupBlueprint.php index 108d3d1a8..6b6c1c9c5 100644 --- a/app/Model/SharingGroupBlueprint.php +++ b/app/Model/SharingGroupBlueprint.php @@ -137,7 +137,7 @@ class SharingGroupBlueprint extends AppModel } return [ 'id' => $id, - 'changed' => !$created && $this->__handleSharingGroupOrgs($existingOrgs, $data['orgs'], $id), + 'changed' => $this->__handleSharingGroupOrgs($existingOrgs, $data['orgs'], $id) || $created, 'created' => $created, 'failed' => $failed ]; From 7537d62e7f61be92313700724ebfa4aa4edadfba Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 6 Mar 2022 23:51:25 +0100 Subject: [PATCH 0099/1366] chg: [event view] rework - use the factories - a host of new elements added - new side panels - changed the behaviour of several existing functionalities - various other small improvements --- app/Controller/DecayingModelController.php | 8 +- app/Controller/EventsController.php | 23 +- app/Controller/GalaxiesController.php | 4 +- .../Elements/Events/View/event_contents.ctp | 94 ++ .../genericElements/Common/action_button.ctp | 13 + .../SidePanels/Templates/eventWarnings.ctp | 25 + .../SidePanels/Templates/relatedEvents.ctp | 36 + .../SidePanels/Templates/relatedFeeds.ctp | 94 ++ .../SidePanels/Templates/relatedServers.ctp | 48 + .../SidePanels/Templates/tagConflicts.ctp | 41 + .../genericElements/SidePanels/scaffold.ctp | 16 +- .../Fields/delegationRequestField.ctp | 32 + .../SingleViews/Fields/distributionField.ctp | 52 + .../SingleViews/Fields/elementField.ctp | 5 + .../SingleViews/Fields/extendedByField.ctp | 24 + .../SingleViews/Fields/extendsField.ctp | 13 + .../SingleViews/Fields/orgField.ctp | 7 +- .../SingleViews/Fields/threatLevelField.ctp | 6 + .../SingleViews/Fields/uuidField.ctp | 6 + .../SingleViews/Fields/warningsField.ctp | 11 + .../SingleViews/single_view.ctp | 30 +- app/View/Events/view.ctp | 890 ++++++------------ 22 files changed, 832 insertions(+), 646 deletions(-) create mode 100644 app/View/Elements/Events/View/event_contents.ctp create mode 100644 app/View/Elements/genericElements/Common/action_button.ctp create mode 100644 app/View/Elements/genericElements/SidePanels/Templates/eventWarnings.ctp create mode 100644 app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp create mode 100644 app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp create mode 100644 app/View/Elements/genericElements/SidePanels/Templates/relatedServers.ctp create mode 100644 app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/delegationRequestField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/elementField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/extendedByField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/extendsField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/threatLevelField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/uuidField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/warningsField.ctp diff --git a/app/Controller/DecayingModelController.php b/app/Controller/DecayingModelController.php index 132cd887a..299391e19 100644 --- a/app/Controller/DecayingModelController.php +++ b/app/Controller/DecayingModelController.php @@ -9,7 +9,7 @@ class DecayingModelController extends AppController public $paginate = array( 'limit' => 50, 'order' => array( - 'DecayingModel.ID' => 'desc' + 'DecayingModel.ID' => 'desc' ) ); @@ -48,7 +48,9 @@ class DecayingModelController extends AppController } if ($data['submittedjson']['size'] > 0) { $filename = basename($data['submittedjson']['name']); - $file_content = file_get_contents($data['submittedjson']['tmp_name']); + $file = new File($data['submittedjson']['tmp_name']); + $file_content = $file->read(); + $file->close(); if ((isset($data['submittedjson']['error']) && $data['submittedjson']['error'] == 0) || (!empty($data['submittedjson']['tmp_name']) && $data['submittedjson']['tmp_name'] != '') ) { @@ -64,7 +66,7 @@ class DecayingModelController extends AppController if ($json === null) { throw new MethodNotAllowedException(__('Error while decoding JSON')); } - + unset($json['id']); unset($json['uuid']); $json['default'] = 0; diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index a95338839..f06cddd43 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1607,6 +1607,7 @@ class EventsController extends AppController $this->set('attribute_count', $attributeCount); $this->set('object_count', $objectCount); $this->set('warnings', $this->Event->generateWarnings($event)); + $this->set('menuData', array('menuList' => 'event', 'menuItem' => 'viewEvent')); $this->__eventViewCommon($user); } @@ -3298,26 +3299,6 @@ class EventsController extends AppController throw new Exception(__('Filename not allowed.')); } - App::uses('FileAccessTool', 'Tools'); - $iocData = FileAccessTool::readFromFile($this->data['Event']['submittedioc']['tmp_name'], $this->data['Event']['submittedioc']['size']); - - // write - $attachments_dir = Configure::read('MISP.attachments_dir') ?: (APP . 'files'); - $rootDir = $attachments_dir . DS . $id . DS; - App::uses('Folder', 'Utility'); - $dir = new Folder($rootDir . 'ioc', true); - $destPath = $rootDir . 'ioc'; - App::uses('File', 'Utility'); - $iocFile = new File($destPath . DS . $this->data['Event']['submittedioc']['name']); - $result = $iocFile->write($iocData); - if (!$result) { - $this->Flash->error(__('Problem with writing the IoC file. Please report to site admin.')); - } - - // open the xml - $xmlFilePath = $destPath . DS . $this->data['Event']['submittedioc']['name']; - $xmlFileData = FileAccessTool::readFromFile($xmlFilePath, $this->data['Event']['submittedioc']['size']); - // Load event and populate the event data $this->Event->id = $id; $this->Event->recursive = -1; @@ -3337,6 +3318,8 @@ class EventsController extends AppController } } // read XML + App::uses('FileAccessTool', 'Tools'); + $xmlFileData = FileAccessTool::readFromFile($this->data['Event']['submittedioc']['tmp_name'], $this->data['Event']['submittedioc']['size']); $event = $this->IOCImport->readXML($xmlFileData, $id, $dist, $this->data['Event']['submittedioc']['name']); // make some changes to have $saveEvent in the format that is needed to save the event together with its attributes diff --git a/app/Controller/GalaxiesController.php b/app/Controller/GalaxiesController.php index 06dcf4666..459dee312 100644 --- a/app/Controller/GalaxiesController.php +++ b/app/Controller/GalaxiesController.php @@ -221,7 +221,9 @@ class GalaxiesController extends AppController } if ($data['submittedjson']['size'] > 0) { $filename = basename($data['submittedjson']['name']); - $file_content = file_get_contents($data['submittedjson']['tmp_name']); + $file = new File($data['submittedjson']['tmp_name']); + $file_content = $file->read(); + $file->close(); if ((isset($data['submittedjson']['error']) && $data['submittedjson']['error'] == 0) || (!empty($data['submittedjson']['tmp_name']) && $data['submittedjson']['tmp_name'] != '') ) { diff --git a/app/View/Elements/Events/View/event_contents.ctp b/app/View/Elements/Events/View/event_contents.ctp new file mode 100644 index 000000000..ce2d12a91 --- /dev/null +++ b/app/View/Elements/Events/View/event_contents.ctp @@ -0,0 +1,94 @@ +
+ + + + + + + + + +
+
+
+
+ 1) echo $this->element('pivot'); ?> +
+
+ + element('galaxyQuickViewNew', [ + 'mayModify' => $mayModify, + 'isAclTagger' => $isAclTagger, + 'data' => $event['Galaxy'], + 'event' => $event, + 'target_id' => $event['Event']['id'], + 'target_type' => 'event' + ]); ?> +
+ + + + + + +
+ element('eventattribute'); ?> +
+
+
+
+ diff --git a/app/View/Elements/genericElements/Common/action_button.ctp b/app/View/Elements/genericElements/Common/action_button.ctp new file mode 100644 index 000000000..82596edfc --- /dev/null +++ b/app/View/Elements/genericElements/Common/action_button.ctp @@ -0,0 +1,13 @@ +%s%s%s', + h($params['url']), + h($params['style']), + h($params['title']), + empty($params['onclick']) ? '' : sprintf('onClick="%s"', $params['onClick']), + empty($params['html']) ? '' : h($params['html']), + empty($params['text']) ? '' : h($params['text']), + empty($params['icon']) ? '' : sprintf('', h($params['icon'])) + ); + } + ?> diff --git a/app/View/Elements/genericElements/SidePanels/Templates/eventWarnings.ctp b/app/View/Elements/genericElements/SidePanels/Templates/eventWarnings.ctp new file mode 100644 index 000000000..c44aedfc9 --- /dev/null +++ b/app/View/Elements/genericElements/SidePanels/Templates/eventWarnings.ctp @@ -0,0 +1,25 @@ + $name) { + $links[] = sprintf( + '%s', + $baseurl, + h($id), + h($name) + ); + } + echo sprintf( + '
%s%s
', + sprintf( + '

%s

', + sprintf( + '%s%s', + __('Warning: Potential false positives'), + __('Show just attributes that have warnings'), + $baseurl, + h($event['Event']['id']), + __(' (show)') + ) + ), + implode('
', $links) + ); diff --git a/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp b/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp new file mode 100644 index 000000000..fabaa077a --- /dev/null +++ b/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp @@ -0,0 +1,36 @@ + $display_threshold) { + $htmlElements[] = sprintf( + '
%s
', + 'no-side-padding correlation-expand-button useCursorPointer linkButton blue', + __('Show (%s more)', $total - ($count-1)), + ); + } + $htmlElements[] = $this->element('/Events/View/related_event', array( + 'related' => $relatedEvent['Event'], + 'color_red' => $relatedEvent['Event']['orgc_id'] == $me['org_id'], + 'hide' => $count > $display_threshold, + 'relatedEventCorrelationCount' => $relatedEventCorrelationCount, + 'from_id' => $event['Event']['id'] + )); + } + if ($total > $display_threshold) { + $htmlElements[] = sprintf( + '', + 'no-side-padding correlation-collapse-button useCursorPointer linkButton blue', + 'display:none', + __('Collapse…') + ); + } + + echo sprintf( + '

%s

%s
', + __('Related Events'), + implode(PHP_EOL, $htmlElements) + ); diff --git a/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp b/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp new file mode 100644 index 000000000..e0dd7c985 --- /dev/null +++ b/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp @@ -0,0 +1,94 @@ + $relatedFeed['name'], + __('URL') => $relatedFeed['url'], + __('Provider') => $relatedFeed['provider'], + ]; + $popover = ''; + foreach ($relatedData as $k => $v) { + $popover .= sprintf( + '%s: %s
', + h($k), + h($v) + ); + } + if ($relatedFeed ['source_format'] === 'misp') { + $htmlElements[] = sprintf( + '
%s
', + h($baseurl), + h($relatedFeed['id']), + sprintf( + ' + ', + h(json_encode($relatedFeed['event_uuids'])), + h($relatedFeed['name']) . ' (' . $relatedFeed['id'] . ')', + h($popover) + ) + ); + } else { + $htmlElements[] = sprintf( + '%s
', + h($baseurl), + h($relatedFeed['id']), + h($popover), + h($relatedFeed['name']) . ' (' . $relatedFeed['id'] . ')' + ); + + } + } + } else { + $htmlElements[] = sprintf( + '%s', + __( + 'This event has %s correlations with data contained within the various feeds, however, due to the large number of attributes the actual feed correlations are not shown. Click here to refresh the page with the feed data loaded.', + h($event['Event']['FeedCount']), + h(Router::url(null, true)) + ) + ); + } + + $total = count($event['RelatedEvent']); + foreach ($event['RelatedEvent'] as $relatedEvent) { + $count++; + if ($count == $display_threshold+1 && $total > $display_threshold) { + $htmlElements[] = sprintf( + '
%s
', + 'no-side-padding correlation-expand-button useCursorPointer linkButton blue', + __('Show (%s more)', $total - ($count-1)), + ); + } + $htmlElements[] = $this->element('/Events/View/related_event', array( + 'related' => $relatedEvent['Event'], + 'color_red' => $relatedEvent['Event']['orgc_id'] == $me['org_id'], + 'hide' => $count > $display_threshold, + 'relatedEventCorrelationCount' => $relatedEventCorrelationCount, + 'from_id' => $event['Event']['id'] + )); + } + if ($total > $display_threshold) { + $htmlElements[] = sprintf( + '', + 'no-side-padding correlation-collapse-button useCursorPointer linkButton blue', + 'display:none', + __('Collapse…') + ); + } + + echo sprintf( + '

%s%s

%s
', + __('Related Feeds'), + sprintf( + '%s', + __('Show just attributes that have feed hits'), + sprintf( + "toggleBoolFilter('%s/events/view/%s', 'feed')", + $baseurl, + h($event['Event']['id']) + ), + __('(show)') + ), + implode(PHP_EOL, $htmlElements) + ); diff --git a/app/View/Elements/genericElements/SidePanels/Templates/relatedServers.ctp b/app/View/Elements/genericElements/SidePanels/Templates/relatedServers.ctp new file mode 100644 index 000000000..75775a793 --- /dev/null +++ b/app/View/Elements/genericElements/SidePanels/Templates/relatedServers.ctp @@ -0,0 +1,48 @@ + $relatedServer['name'], + 'URL' => $relatedServer['url'] + ]; + $popover = ''; + foreach ($relatedData as $k => $v) { + $popover .= sprintf( + '%s: %s
', + h($k), + h($v) + ); + $serverHtml[] = sprintf( + '%s', + sprintf( + '%s ', + $baseurl, + h($relatedServer['id']), + h($popover), + h($relatedServer['name']) . ' (' . $relatedServer['id'] . ')' + ) + ); + } + } + } else { + $relatedData[] = __( + 'This event has %s correlations with data contained within the various feeds, however, due to the large number of attributes the actual feed correlations are not shown. Click %s to refresh the page with the feed data loaded.', + sprintf( + '%s', + h($event['Event']['FeedCount']) + ), + sprintf( + '%s', + h(Router::url(null, true)), + __('here') + ) + ); + } + echo sprintf( + '
%s
', + implode(PHP_EOL, $serverHtml) + ); diff --git a/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp b/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp new file mode 100644 index 000000000..87512be8c --- /dev/null +++ b/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp @@ -0,0 +1,41 @@ +%s', + $baseurl, + h($taxonomy['Taxonomy']['id']), + h($taxonomy['Taxonomy']['description']), + h($taxonomy['Taxonomy']['namespace']), + ); + $conflictHtmlInternal = []; + if ($taxonomy['Taxonomy']['exclusive']) { + $conflictHtmlInternal[] = sprintf( + '
  • %s
    • ', + sprintf( + ('%s is an exclusive taxonomy. Only one Tag of this taxonomy is allowed on an element.'), + sprintf('%s', h($taxonomy['Taxonomy']['namespace'])) + ) + ); + } else { + foreach ($taxonomy['TaxonomyPredicate'] as $predicate) { + $conflictHtmlInternal[] = sprintf( + '
  • %s
    • ', + sprintf( + ('%s is an exclusive taxonomy predicate. Only one Tag of this predicate is allowed on an element'), + sprintf('%s', h($predicate['value'])) + ) + ); + } + } + $conflictHtml .= sprintf( + '
      %s
    ', + implode(PHP_EOL, $conflictHtmlInternal) + ); + } + + echo sprintf( + '

    %s

    %s
    ', + __('Warning: Taxonomy inconsistencies'), + $conflictHtml + ); diff --git a/app/View/Elements/genericElements/SidePanels/scaffold.ctp b/app/View/Elements/genericElements/SidePanels/scaffold.ctp index e5f8eb16c..8ed2a63e1 100644 --- a/app/View/Elements/genericElements/SidePanels/scaffold.ctp +++ b/app/View/Elements/genericElements/SidePanels/scaffold.ctp @@ -1,11 +1,11 @@ element( - '/genericElements/SidePanels/Templates/' . $side_panel['type'], - [ - 'side_panel' => $side_panel - ] - ); + if (!isset($side_panel['requirement']) || $side_panel['requirement']) { + echo $this->element( + '/genericElements/SidePanels/Templates/' . $side_panel['type'], + [ + 'side_panel' => $side_panel + ] + ); + } } - -?> diff --git a/app/View/Elements/genericElements/SingleViews/Fields/delegationRequestField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/delegationRequestField.ctp new file mode 100644 index 000000000..583e81ac9 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/delegationRequestField.ctp @@ -0,0 +1,32 @@ +%s', + sprintf( + "'%s/eventDelegations/view/%s', '#confirmation_box'", + $baseurl, + h($field['delegationRequest']['EventDelegation']['id']) + ), + __('View request details') + ) +); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp new file mode 100644 index 000000000..5118f0dec --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp @@ -0,0 +1,52 @@ +%s', + __('your organisation is the local owner of this event, however it is not explicitly listed in the sharing group.'), + __('Undisclosed sharing group') + ); + } else { + $sgHtml = sprintf( + '%s', + $baseurl . '/sharing_groups/view/', + h($sg['id']), + h($sg['name']) + ); + } +} + +$eventDistributionGraph = ''; +if (!($distribution == 4 && empty($sg))) { + $eventDistributionGraph = sprintf( + '%s %s %s', + sprintf( + '', + h($event_id_path) + ), + sprintf( + '
    %s
    ', + 'useCursorPointer fa fa-info-circle distribution_graph', + h($event_id_path), + $this->element('view_event_distribution_graph') + ), + sprintf( + '', + __('Toggle advanced sharing network viewer'), + 'fa fa-share-alt useCursorPointer' + ) + ); +} + +echo sprintf( + '%s %s', + isset($sgHtml) ? $sgHtml : $distributionLevels[$distribution], + $eventDistributionGraph +); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/elementField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/elementField.ctp new file mode 100644 index 000000000..b5017b89e --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/elementField.ctp @@ -0,0 +1,5 @@ +element( + h($field['element']), + empty($field['element_params']) ? [] : $field['element_params'] + ); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/extendedByField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/extendedByField.ctp new file mode 100644 index 000000000..809409e7e --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/extendedByField.ctp @@ -0,0 +1,24 @@ +%s (%s): %s', __('Event'), $baseurl . '/events/view/' . h($extension['Event']['id']), h($extension['Event']['id']), h($extension['Event']['info'])); + } + echo sprintf( + '%s %s %s', + implode('
    ', $extended_by), + __( + 'Currently in %s view.', + $field['extended'] ? __('extended') : __('atomic') + ), + sprintf( + '', + sprintf( + '%s/events/view/%s%s', + $baseurl, + h($id), + ($field['extended'] ? '' : '/extended:1') + ), + $field['extended'] ? __('Switch to atomic view') : __('Switch to extended view') + ) + ); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/extendsField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/extendsField.ctp new file mode 100644 index 000000000..d7a5217a2 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/extendsField.ctp @@ -0,0 +1,13 @@ +%s (%s): %s', + __('Event'), + $baseurl . '/events/view/' . h($extendedEvent[0]['Event']['id']), + h($extendedEvent[0]['Event']['id']), + h($extendedEvent[0]['Event']['info']) + ); + } else { + $value = Hash::extract($data, $field['path'])[0]; + echo h($value); + } diff --git a/app/View/Elements/genericElements/SingleViews/Fields/orgField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/orgField.ctp index df3fb2d94..d427135e6 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/orgField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/orgField.ctp @@ -1,3 +1,6 @@ OrgImg->getNameWithImg($data) : __('Unknown'); +$org = Hash::extract($data, $field['path']); +if (!isset($org['Organisation']) && !empty($org['id'])) { + $org = ['Organisation' => $org]; +} +echo empty($org) ? __('Unknown') : $this->OrgImg->getNameWithImg($org); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/threatLevelField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/threatLevelField.ctp new file mode 100644 index 000000000..37dad6fb1 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/threatLevelField.ctp @@ -0,0 +1,6 @@ +%s', + h($uuid) + ); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/uuidField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/uuidField.ctp new file mode 100644 index 000000000..a6fd54cb1 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/uuidField.ctp @@ -0,0 +1,6 @@ +%s', + h($uuid) + ); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/warningsField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/warningsField.ctp new file mode 100644 index 000000000..2e89fc824 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/warningsField.ctp @@ -0,0 +1,11 @@ + $values) { + $values = is_array($values) ? $values : [$values]; + foreach ($values as $value) { + echo sprintf( + '%s:

    %s

    ', + h($key), + h($value) + ); + } + } diff --git a/app/View/Elements/genericElements/SingleViews/single_view.ctp b/app/View/Elements/genericElements/SingleViews/single_view.ctp index d7f1bd924..6e1b29faf 100644 --- a/app/View/Elements/genericElements/SingleViews/single_view.ctp +++ b/app/View/Elements/genericElements/SingleViews/single_view.ctp @@ -37,13 +37,27 @@ if (empty($field['type'])) { $field['type'] = 'generic'; } + $action_buttons = ''; + if (!empty($field['action_buttons'])) { + foreach ($field['action_buttons'] as $action_button) { + $action_buttons .= $this->element( + '/genericElements/Common/action_button', + ['data' => $data, 'params' => $action_button] + ); + } + } $listElements .= sprintf( - '%s%s', + '%s%s %s', + empty($field['key_class']) ? '' : h($field['key_class']), + empty($field['key_title']) ? '' : h($field['key_title']), h($field['key']), + empty($field['class']) ? '' : h($field['class']), + empty($field['title']) ? '' : h($field['title']), $this->element( '/genericElements/SingleViews/Fields/' . $field['type'] . 'Field', ['data' => $data, 'field' => $field] - ) + ), + $action_buttons ); } } @@ -87,11 +101,20 @@ } else { $side_panels = ''; } + $appendHtml = ''; + if (!empty($append)) { + foreach ($append as $appendElement) { + $appendHtml .= $this->element( + $appendElement['element'], + empty($appendElement['element_params']) ? [] : $appendElement['element_params'] + ); + } + } $title = empty($title) ? __('%s view', Inflector::singularize(Inflector::humanize($this->request->params['controller']))) : $title; echo sprintf( - '
    %s
    %s
    %s
    %s', + '
    %s
    %s
    %s%s
    %s', sprintf( '

    %s

    %s%s%s
    ', h($title), @@ -101,6 +124,7 @@ ), $side_panels, $ajaxLists, + $appendHtml, $ajax ? '' : $this->element('/genericElements/SideMenu/side_menu', $menuData) ); ?> diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 07f0f55c4..661a89170 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -1,618 +1,290 @@ element('/genericElements/SideMenu/side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent', 'mayModify' => $mayModify, 'mayPublish' => $mayPublish)); - echo $this->Html->script('doT'); - echo $this->Html->script('extendext'); - echo $this->Html->script('moment.min'); - echo $this->Html->css('query-builder.default'); - echo $this->Html->script('query-builder'); - echo $this->Html->css('attack_matrix'); - echo $this->Html->script('network-distribution-graph'); -?> -
    - -
    OrgImg->getOrgLogo($event['Orgc'], 48); ?>
    - __('Event ID'), 'value' => $event['Event']['id']); - $table_data[] = array( - 'key' => 'UUID', - 'html' => sprintf('%s%s%s', - $event['Event']['uuid'], - $isAclAdd ? sprintf(' ', - $baseurl, - $event['Event']['id'], - __('Extend this event') - ) : '', - $isSiteAdmin || $hostOrgUser ? sprintf(' ', - $baseurl, - $event['Event']['id'], - __('Check this event on different servers') - ) : '' - ) - ); - if (Configure::read('MISP.showorgalternate')) { - $table_data[] = array( - 'key' => __('Source Organisation'), - 'html' => sprintf( - '%s', - $baseurl, - h($event['Orgc']['id']), - h($event['Orgc']['name']) - ) - ); - $table_data[] = array( - 'key' => __('Member Organisation'), - 'html' => sprintf( - '%s', - $baseurl, - h($event['Org']['id']), - h($event['Org']['name']) - ) - ); - } else { - $table_data[] = array( - 'key' => __('Creator org'), - 'html' => sprintf( - '%s', - $baseurl, - h($event['Orgc']['id']), - h($event['Orgc']['name']) - ) - ); - if ($isSiteAdmin) { - $table_data[] = array( + $menuData = array_merge($menuData, ['mayPublish' => $mayPublish, 'mayModify' => $mayModify]); + $scripts = ['doT', 'extendext', 'moment.min', 'query-builder', 'network-distribution-graph']; + echo $this->element('genericElements/assetLoader', array( + 'css' => ['query-builder.default', 'attack_matrix'], + 'js' => ['doT', 'extendext', 'moment.min', 'query-builder', 'network-distribution-graph'] + )); + echo $this->element( + 'genericElements/SingleViews/single_view', + [ + 'title' => 'Cerebrate view', + 'data' => $event, + 'fields' => [ + [ + 'key' => __('Event ID'), + 'path' => 'Event.id' + ], + [ + 'key' => 'UUID', + 'path' => 'Event.uuid', + 'class' => 'quickSelect', + 'type' => 'uuid', + 'action_buttons' => [ + [ + 'url' => $baseurl . '/events/add/extends:' . h($event['Event']['uuid']), + 'icon' => 'plus-square', + 'style' => 'color:black; font-size:15px;padding-left:2px', + 'title' => __('Extend this event'), + 'requirement' => $isAclAdd + ], + [ + 'url' => $baseurl . '/servers/idTranslator/' . h($event['Event']['id']), + 'icon' => 'server', + 'style' => 'color:black; font-size:15px;padding-left:2px', + 'title' => __('Check this event on different servers'), + 'requirement' => $isSiteAdmin || $hostOrgUser + ] + ] + ], + [ + 'key' => __('Source Organisation'), + 'type' => 'org', + 'path' => 'Orgc', + 'element' => 'org', + 'requirement' => !empty(Configure::read('MISP.showorgalternate')) + ], + [ + 'key' => __('Member Organisation'), + 'type' => 'org', + 'path' => 'Org', + 'element' => 'org', + 'requirement' => !empty(Configure::read('MISP.showorgalternate')) + ], + [ + 'key' => __('Creator org'), + 'type' => 'org', + 'path' => 'Orgc', + 'element' => 'org', + 'requirement' => empty(Configure::read('MISP.showorgalternate')) + ], + [ 'key' => __('Owner org'), - 'html' => sprintf( - '%s', - $baseurl, - h($event['Org']['id']), - h($event['Org']['name']) - ) - ); - } - } - if (!empty($contributors)) { - $contributorsContent = []; - foreach ($contributors as $organisationId => $name) { - $org = ['Organisation' => ['id' => $organisationId, 'name' => $name]]; - if (Configure::read('MISP.log_new_audit')) { - $link = $baseurl . "/audit_logs/eventIndex/" . h($event['Event']['id']) . '/' . h($organisationId); - } else { - $link = $baseurl . "/logs/event_index/" . h($event['Event']['id']) . '/' . h($name); - } - $contributorsContent[] = $this->OrgImg->getNameWithImg($org, $link); - } - $table_data[] = array( - 'key' => __('Contributors'), - 'html' => implode("
    ", $contributorsContent), - ); - } - if (isset($event['User']['email'])) { - $table_data[] = array( - 'key' => __('Creator user'), - 'value' => h($event['User']['email']), - ); - } - $table_data[] = array( - 'key' => __('Tags'), - 'html' => sprintf( - '%s', - $this->element( - 'ajaxTags', - array( - 'event' => $event, - 'tags' => $event['EventTag'], - 'tagAccess' => ($isSiteAdmin || $mayModify), - 'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')), - 'missingTaxonomies' => $missingTaxonomies, - 'tagConflicts' => $tagConflicts - ) - ) - ) - ); - $table_data[] = array( - 'key' => __('Date'), - 'value' => $event['Event']['date'] - ); - if (empty(Configure::read('MISP.disable_threat_level'))) { - $table_data[] = array( - 'key' => __('Threat Level'), - 'key_title' => $eventDescriptions['threat_level_id']['desc'], - 'value' => $event['ThreatLevel']['name'], - 'value_class' => 'threat-level-' . strtolower($event['ThreatLevel']['name']), - ); - } - $sharingGroupHtml = false; - $hideDistributionGraph = false; - if ($event['Event']['distribution'] == 4) { - if (!empty($event['SharingGroup'])) { - $sharingGroupHtml = sprintf( - '%s', - $baseurl . '/sharing_groups/view/', - h($event['SharingGroup']['id']), - h($event['SharingGroup']['name']) - ); - } else { - $sharingGroupHtml = sprintf( - '%s: %s', - __('Undisclosed sharing group'), - __('your organisation is the local owner of this event, however it is not explicitly listed in the sharing group.') - ); - $hideDistributionGraph = true; - } - } - $table_data[] = array( - 'key' => __('Analysis'), - 'key_title' => $eventDescriptions['analysis']['desc'], - 'value' => $analysisLevels[$event['Event']['analysis']] - ); - $table_data[] = array( - 'key' => __('Distribution'), - 'value_class' => ($event['Event']['distribution'] == 0) ? 'privateRedText' : '', - 'html' => sprintf( - '%s %s %s %s', - ($event['Event']['distribution'] == 4) ? - $sharingGroupHtml : - h($distributionLevels[$event['Event']['distribution']]), - $hideDistributionGraph ? '' : sprintf( - '', - h($event['Event']['id']) - ), - $hideDistributionGraph ? '' : sprintf( - '
    %s
    ', - 'useCursorPointer fa fa-info-circle distribution_graph', - h($event['Event']['id']), - $this->element('view_event_distribution_graph') - ), - $hideDistributionGraph ? '' : sprintf( - '', - __('Toggle advanced sharing network viewer'), - 'fa fa-share-alt useCursorPointer' - ) - ) - ); - if (!empty($warnings) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin']))) { - $warningsHtml = ''; - $class = 'published'; - $tempWarnings = []; - foreach ($warnings as $key => $values) { - $values = is_array($values) ? $values : [$values]; - foreach ($values as $value) { - $warningsHtml .= sprintf( - '%s:

    %s

    ', - h($key), - h($value) - ); - } - } - $table_data[] = array( - 'key' => __('Warnings'), - 'class' => !empty($warnings) ? 'background-red bold' : '', - 'class_value' => ($event['Event']['published'] == 0) ? '' : 'green', - 'html' => $warningsHtml - ); - } - $table_data[] = array( - 'key' => __('Info'), - 'value' => $event['Event']['info'] - ); - $table_data[] = array( - 'key' => __('Published'), - 'class' => ($event['Event']['published'] == 0) ? 'background-red bold not-published' : 'published', - 'class_value' => ($event['Event']['published'] == 0) ? '' : 'green', - 'html' => ($event['Event']['published'] == 0) ? __('No') : sprintf('%s', __('Yes')) . ((empty($event['Event']['publish_timestamp'])) ? __('N/A') : ' (' . $this->Time->time($event['Event']['publish_timestamp']) . ')') - ); - $attribute_text = $attribute_count; - $attribute_text .= __n(' (%s Object)', ' (%s Objects)', $object_count, h($object_count)); - $table_data[] = array( - 'key' => __('#Attributes'), - 'value' => $attribute_text - ); - $table_data[] = array( - 'key' => __('First recorded change'), - 'html' => !$oldest_timestamp ? '' : $this->Time->time($oldest_timestamp), - ); - $table_data[] = array( - 'key' => __('Last change'), - 'html' => $this->Time->time($event['Event']['timestamp']), - ); - $table_data[] = array( - 'key' => __('Modification map'), - 'element' => 'sparkline', - 'element_params' => array('scope' => 'modification', 'id' => $event['Event']['id'], 'csv' => $modificationMapCSV) - ); - if (!empty($extendedEvent) || !empty($event['Event']['extends_uuid'])) { - $table_data[] = array( - 'key' => __('Extends'), - 'value_class' => 'break-word', - 'html' => (!empty($extendedEvent) && is_array($extendedEvent)) ? - sprintf( - '%s (%s): %s', - __('Event'), - $baseurl . '/events/view/' . h($extendedEvent[0]['Event']['id']), - h($extendedEvent[0]['Event']['id']), - h($extendedEvent[0]['Event']['info']) - ) : - h($event['Event']['extends_uuid']) - ); - } - $extended_by = ''; - if (!empty($extensions)) { - foreach ($extensions as $extension) { - $extended_by .= sprintf('%s (%s): %s', __('Event'), $baseurl . '/events/view/' . h($extension['Event']['id']), h($extension['Event']['id']), h($extension['Event']['info'])) . '
    '; - } - $table_data[] = array( - 'key' => __('Extended by'), - 'value_class' => 'break-word', - 'html' => sprintf( - '%s %s %s', - $extended_by, - __( - 'Currently in %s view.', - $extended ? __('extended') : __('atomic') - ), - sprintf( - '', - $baseurl, - $event['Event']['id'], - ($extended ? '' : '/extended:1'), - $extended ? __('Switch to atomic view') : __('Switch to extended view') - ) - ) - ); - } - $table_data[] = array( - 'key' => __('Sightings'), - 'element' => '/Events/View/eventSightingValue', - 'element_params' => array( - 'event' => $event, - 'sightingsData' => isset($sightingsData['data']['all']) ? $sightingsData['data']['all'] : [], - ) - ); - if (isset($sightingsData['data']['all'])) { - $table_data[] = array( - 'key' => __('Activity'), - 'element' => 'sparkline', - 'element_params' => array('scope' => 'event', 'id' => $event['Event']['id'], 'csv' => $sightingsData['csv']['all']) - ); - } - if (!empty($delegationRequest)) { - if ($isSiteAdmin || $me['org_id'] == $delegationRequest['EventDelegation']['org_id']) { - if ($isSiteAdmin) { - $message = sprintf( - __('%s has requested that %s take over this event.'), - h($delegationRequest['RequesterOrg']['name']), - h($delegationRequest['Org']['name']) - ); - } else { - $message = sprintf( - __('%s has requested that you take over this event.'), - h($delegationRequest['RequesterOrg']['name']) - ); - } - } else { - $message = sprintf( - __('You have requested that %s take over this event.'), - h($delegationRequest['Org']['name']) - ); - } - $table_data[] = array( - 'key' => __('Delegation request'), - 'class' => 'background-red bold', - 'html' => sprintf( - '%s (%s)', - $message, - sprintf ( - '%s', - sprintf( - "'%s/eventDelegations/view/%s', '#confirmation_box'", - $baseurl, - h($delegationRequest['EventDelegation']['id']) - ), - __('View request details') - ) - ) - ); - } - if (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')) { - $table_data[] = array( - 'key' => __('Correlation'), - 'class' => $event['Event']['disable_correlation'] ? 'background-red bold' : '', - 'html' => sprintf( - '%s%s', - $event['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'), - (!$mayModify && !$isSiteAdmin) ? '' : sprintf( - sprintf( - ' (%s)', - sprintf( - "'%s', 'events', 'toggleCorrelation', '', '#confirmation_box'", - h($event['Event']['id']) - ), - $event['Event']['disable_correlation'] ? 'color:white;' : '', - $event['Event']['disable_correlation'] ? __('enable') : __('disable') - ) - ) - ) - ); - } - - ?> -
    -
    -

    - element('genericElements/viewMetaTable', array('table_data' => $table_data)); ?> -
    -
    - - -
    -

    - '; ?> - %s', $baseurl, h($taxonomy['Taxonomy']['id']), h($taxonomy['Taxonomy']['namespace']), h($taxonomy['Taxonomy']['description'])); - echo '
      '; - if ($taxonomy['Taxonomy']['exclusive']) { - echo sprintf( - '
    • %s
      • ', - sprintf( - ('%s is an exclusive taxonomy. Only one Tag of this taxonomy is allowed on an element.'), - sprintf('%s', h($taxonomy['Taxonomy']['namespace'])) - ) - ); + 'type' => 'org', + 'path' => 'Org', + 'element' => 'org', + 'requirement' => $isSiteAdmin && empty(Configure::read('MISP.showorgalternate')) + ], + [ + 'key' => __('Contributors'), + 'type' => 'custom', + 'function' => function ($data) use($contributors, $baseurl, $event) { + $contributorsContent = []; + foreach ($contributors as $organisationId => $name) { + $org = ['Organisation' => ['id' => $organisationId, 'name' => $name]]; + if (Configure::read('MISP.log_new_audit')) { + $link = $baseurl . "/audit_logs/eventIndex/" . h($event['Event']['id']) . '/' . h($organisationId); } else { - foreach ($taxonomy['TaxonomyPredicate'] as $predicate) { - echo sprintf( - '
    • %s
      • ', - sprintf( - ('%s is an exclusive taxonomy predicate. Only one Tag of this predicate is allowed on an element'), - sprintf('%s', h($predicate['value'])) - ) - ); - } + $link = $baseurl . "/logs/event_index/" . h($event['Event']['id']) . '/' . h($name); } - echo '
    '; + $contributorsContent[] = $this->OrgImg->getNameWithImg($org, $link); } - ?> - ' ?> -
    - - -

    -
    - $display_threshold): - ?> -
    - - element('/Events/View/related_event', array( - 'related' => $relatedEvent['Event'], - 'color_red' => $relatedEvent['Event']['orgc_id'] == $me['org_id'], - 'hide' => $count > $display_threshold, - 'relatedEventCorrelationCount' => $relatedEventCorrelationCount, - 'from_id' => $event['Event']['id'] - )); - ?> - $display_threshold): - ?> - - -
    - -

    - -
    - $relatedFeed['name'], - __('URL') => $relatedFeed['url'], - __('Provider') => $relatedFeed['provider'], + return implode('
    ', $contributorsContent); + }, + 'requirement' => !empty($contributors) + ], + [ + 'key' => __('Creator user'), + 'path' => 'User.email', + 'requirement' => isset($event['User']['email']) + ], + [ + 'key' => __('Tags'), + 'type' => 'custom', + 'function' => function($data) use($event, $isSiteAdmin, $mayModify, $me, $missingTaxonomies, $tagConflicts) { + return sprintf( + '%s', + $this->element( + 'ajaxTags', + [ + 'event' => $event, + 'tags' => $event['EventTag'], + 'tagAccess' => ($isSiteAdmin || $mayModify), + 'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')), + 'missingTaxonomies' => $missingTaxonomies, + 'tagConflicts' => $tagConflicts + ] + ) + ); + } + ], + [ + 'key' => __('Date'), + 'path' => 'Event.date' + ], + [ + 'key' => __('Threat Level'), + 'path' => 'ThreatLevel.name', + 'key_title' => $eventDescriptions['threat_level_id']['desc'], + 'class' => 'threat-level-' . h(strtolower($event['ThreatLevel']['name'])) + ], + [ + 'key' => __('Analysis'), + 'key_title' => h($eventDescriptions['analysis']['desc']), + 'path' => 'Event.analysis', + 'type' => 'mapping', + 'mapping' => $analysisLevels + ], + [ + 'key' => __('Distribution'), + 'path' => 'Event.distribution', + 'sg_path' => 'SharingGroup', + 'event_id_path' => 'Event.id', + 'type' => 'distribution' + ], + [ + 'key' => __('Warnings'), + 'key_class' => !empty($warnings) ? 'background-red bold' : '', + 'class' => !empty($warnings) ? 'background-red bold' : '', + 'green', + 'type' => 'warnings', + 'warnings' => $warnings, + 'requirement' => !empty($warnings) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin'])) + ], + [ + 'key' => __('Info'), + 'path' => 'Event.info' + ], + [ + 'key' => __('Published'), + 'path' => 'Event.published', + 'key_class' => ($event['Event']['published'] == 0) ? 'background-red bold not-published' : 'published', + 'class' => ($event['Event']['published'] == 0) ? 'background-red bold not-published' : 'published', + 'type' => 'custom', + 'function' => function($data) use($event) { + if (!$event['Event']['published']) { + return __('No'); + } else { + return sprintf( + '%s (%s)', + __('Yes'), + empty($event['Event']['publish_timestamp']) ? __('N/A') : $this->Time->time($event['Event']['publish_timestamp']) ); - $popover = ''; - foreach ($relatedData as $k => $v) { - $popover .= '' . h($k) . ': ' . h($v) . '
    '; - } - ?> - - -
    - - -
    - -
    - -     - -
    - - - - here to refresh the page with the feed data loaded.', h(Router::url(null, true)));?> - - -

    Related Server

    - -
    - $relatedServer['name'], 'URL' => $relatedServer['url']); - $popover = ''; - foreach ($relatedData as $k => $v) { - $popover .= '' . h($k) . ': ' . h($v) . '
    '; - } - ?> - -   - - -
    - - - - here to refresh the page with the feed data loaded.', h(Router::url(null, true)));?> - - - -
    -

    - - -

    - $name) { - $links[] = '' . h($name) . ''; } - echo implode('
    ', $links); - ?> -
    - -
    -
    -
    -
    - - - - - - - - - -
    -
    -
    -
    - 1) echo $this->element('pivot'); ?> -
    -
    - - element('galaxyQuickViewNew', [ - 'mayModify' => $mayModify, - 'isAclTagger' => $isAclTagger, - 'data' => $event['Galaxy'], - 'event' => $event, - 'target_id' => $event['Event']['id'], - 'target_type' => 'event' - ]); ?> -
    - - - - - - -
    - element('eventattribute'); ?> -
    -
    -
    -
    - + } + ], + [ + 'key' => __('#Attributes'), + 'raw' => $attribute_count . __n(' (%s Object)', ' (%s Objects)', $object_count, h($object_count)) + ], + [ + 'key' => __('First recorded change'), + 'raw' => !$oldest_timestamp ? '' : $this->Time->time($oldest_timestamp) + ], + [ + 'key' => __('Last change'), + 'raw' => $this->Time->time($event['Event']['timestamp']) + ], + [ + 'key' => __('Modification map'), + 'type' => 'element', + 'element' => 'sparkline', + 'element_params' => [ + 'scope' => 'modification', + 'id' => $event['Event']['id'], + 'csv' => $modificationMapCSV + ] + ], + [ + 'key' => __('Extends'), + 'type' => 'extends', + 'path' => 'Event.extends_uuid', + 'extendedEvent' => isset($extendedEvent) ? $extendedEvent : null, + 'class' => 'break-word', + 'requirement' => !empty($extendedEvent) + ], + [ + 'key' => __('Extended by'), + 'type' => 'extendedBy', + 'path' => 'Event.id', + 'extended_by' => isset($extensions) ? $extensions : null, + 'extended' => $extended, + 'class' => 'break-word', + 'requirement' => !empty($extensions) + ], + [ + 'key' => __('Sightings'), + 'type' => 'element', + 'element' => '/Events/View/eventSightingValue', + 'element_params' => array( + 'event' => $event, + 'sightingsData' => isset($sightingsData['data']['all']) ? $sightingsData['data']['all'] : [], + ) + ], + [ + 'key' => __('Activity'), + 'type' => 'element', + 'element' => 'sparkline', + 'element_params' => [ + 'scope' => 'event', + 'id' => $event['Event']['id'], + 'csv' => $sightingsData['csv']['all'] + ], + 'requirement' => isset($sightingsData['data']['all']) + ], + [ + 'key' => __('Delegation request'), + 'class' => 'background-red bold', + 'type' => 'delegationRequest', + 'delegationRequest' => $delegationRequest, + 'requirement' => !empty($delegationRequest) + ], + [ + 'key' => __('Correlation'), + 'class' => $event['Event']['disable_correlation'] ? 'background-red bold' : '', + 'type' => 'custom', + 'function' => function($data) use($mayModify, $isSiteAdmin) { + return sprintf( + '%s%s', + $data['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'), + (!$mayModify && !$isSiteAdmin) ? '' : sprintf( + sprintf( + ' (%s)', + sprintf( + "'%s', 'events', 'toggleCorrelation', '', '#confirmation_box'", + h($data['Event']['id']) + ), + $data['Event']['disable_correlation'] ? 'color:white;' : '', + $data['Event']['disable_correlation'] ? __('enable') : __('disable') + ) + ) + ); + }, + 'requirement' => (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')) + ] + ], + 'side_panels' => [ + [ + 'type' => 'tagConflicts', + 'requirement' => !empty($warningTagConflicts) + ], + [ + 'type' => 'relatedEvents', + 'requirement' => !empty($event['RelatedEvent']) + ], + [ + 'type' => 'relatedFeeds', + 'requirement' => !empty($event['Feed']) || !empty($event['Event']['FeedCount']) + ], + [ + 'type' => 'relatedServers', + 'requirement' => !empty($event['Server']) || !empty($event['Event']['ServerCount']) + ], + [ + 'type' => 'eventWarnings', + 'requirement' => !empty($event['warnings']) + ] + ], + 'append' => [ + [ + 'element' => '/Events/View/event_contents', + 'element_params' => [ + 'mayModify' => $mayModify + ] + ] + ] + ] + ); +?> From a0ea1b2dcd46fc02dc630d55abae153f116bae4f Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Mon, 7 Mar 2022 08:52:42 +0100 Subject: [PATCH 0100/1366] chg: [installer] Removed python2, fixed kali redis botch --- INSTALL/INSTALL.tpl.sh | 3 -- docs/INSTALL.ubuntu1804.md | 2 +- docs/INSTALL.ubuntu2004.md | 2 +- docs/generic/supportFunctions.md | 75 +++----------------------------- 4 files changed, 8 insertions(+), 74 deletions(-) diff --git a/INSTALL/INSTALL.tpl.sh b/INSTALL/INSTALL.tpl.sh index 9411a2153..69e3c9572 100755 --- a/INSTALL/INSTALL.tpl.sh +++ b/INSTALL/INSTALL.tpl.sh @@ -455,9 +455,6 @@ installMISPonKali () { debug "Restarting mysql.service" sudo systemctl restart mysql.service - debug "Fixing redis rc script on Kali" - fixRedis - debug "git clone, submodule update everything" sudo mkdir ${PATH_TO_MISP} sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP} diff --git a/docs/INSTALL.ubuntu1804.md b/docs/INSTALL.ubuntu1804.md index 05412ccf1..23888adc6 100644 --- a/docs/INSTALL.ubuntu1804.md +++ b/docs/INSTALL.ubuntu1804.md @@ -71,7 +71,7 @@ Once the system is installed you can perform the following steps. installCoreDeps () { debug "Installing core dependencies" # Install the dependencies: (some might already be installed) - sudo apt-get install curl gcc git gpg-agent make python python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 moreutils -qy + sudo apt-get install curl gcc git gpg-agent make python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 moreutils -qy # Install MariaDB (a MySQL fork/alternative) sudo apt-get install mariadb-client mariadb-server -qy diff --git a/docs/INSTALL.ubuntu2004.md b/docs/INSTALL.ubuntu2004.md index 8baf849dd..623ca452e 100644 --- a/docs/INSTALL.ubuntu2004.md +++ b/docs/INSTALL.ubuntu2004.md @@ -73,7 +73,7 @@ Once the system is installed you can perform the following steps. installCoreDeps () { debug "Installing core dependencies" # Install the dependencies: (some might already be installed) - sudo apt-get install curl gcc git gpg-agent make python python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 moreutils -qy + sudo apt-get install curl gcc git gpg-agent make python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 moreutils -qy # Install MariaDB (a MySQL fork/alternative) sudo apt-get install mariadb-client mariadb-server -qy diff --git a/docs/generic/supportFunctions.md b/docs/generic/supportFunctions.md index bd43dc2d6..d18c49e15 100644 --- a/docs/generic/supportFunctions.md +++ b/docs/generic/supportFunctions.md @@ -740,7 +740,7 @@ installDeps () { [[ -n $KALI ]] || [[ -n $UNATTENDED ]] && sudo DEBIAN_FRONTEND=noninteractive apt install -qy postfix || sudo apt install -qy postfix sudo apt install -qy \ - curl gcc git gnupg-agent make openssl redis-server neovim unzip zip libyara-dev python3-yara python3-redis python3-zmq sqlite3 \ + curl gcc git gnupg-agent make openssl redis-server neovim unzip zip libyara-dev python3-yara python3-redis python3-zmq sqlite3 python3-virtualenv \ mariadb-client \ mariadb-server \ apache2 apache2-doc apache2-utils \ @@ -750,74 +750,6 @@ installDeps () { installRNG } -# On Kali, the redis start-up script is broken. This tries to fix it. -fixRedis () { - # As of 20190124 redis-server init.d scripts are broken and need to be replaced - sudo mv /etc/init.d/redis-server /etc/init.d/redis-server_`date +%Y%m%d` - - echo '#! /bin/sh -### BEGIN INIT INFO -# Provides: redis-server -# Required-Start: $syslog -# Required-Stop: $syslog -# Should-Start: $local_fs -# Should-Stop: $local_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: redis-server - Persistent key-value db -# Description: redis-server - Persistent key-value db -### END INIT INFO - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/bin/redis-server -DAEMON_ARGS=/etc/redis/redis.conf -NAME=redis-server -DESC=redis-server -PIDFILE=/var/run/redis.pid - -test -x $DAEMON || exit 0 -test -x $DAEMONBOOTSTRAP || exit 0 - -set -e - -case "$1" in - start) - echo -n "Starting $DESC: " - touch $PIDFILE - chown redis:redis $PIDFILE - if start-stop-daemon --start --quiet --umask 007 --pidfile $PIDFILE --chuid redis:redis --exec $DAEMON -- $DAEMON_ARGS - then - echo "$NAME." - else - echo "failed" - fi - ;; - stop) - echo -n "Stopping $DESC: " - if start-stop-daemon --stop --retry 10 --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON - then - echo "$NAME." - else - echo "failed" - fi - rm -f $PIDFILE - ;; - - restart|force-reload) - ${0} stop - ${0} start - ;; - *) - echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload}" >&2 - exit 1 - ;; -esac - -exit 0' | sudo tee /etc/init.d/redis-server - sudo chmod 755 /etc/init.d/redis-server - sudo /etc/init.d/redis-server start -} - # generate MISP apache conf genApacheConf () { echo " @@ -875,6 +807,11 @@ composer () { ${SUDO_WWW} sh -c "cd ${PATH_TO_MISP}/app ; php composer.phar install --no-dev" } +# Legacy composer function +composer74 () { + sudo mkdir -p /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer + ${SUDO_WWW} sh -c "cd ${PATH_TO_MISP}/app ; php7.4 composer.phar install --no-dev" +} # TODO: FIX somehow the alias of the function does not work # Composer on php 7.0 does not need any special treatment the provided phar works well From c868e92bfd2964ab4ff5b963e63e30660edf83e5 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Mon, 7 Mar 2022 10:07:55 +0100 Subject: [PATCH 0101/1366] fix: [installer] Take into account misp-stix --- INSTALL/INSTALL.tpl.sh | 9 ++++----- docs/generic/upgrading.md | 3 +-- docs/xINSTALL.OpenBSD.md | 10 +++++----- docs/xINSTALL.centos7.md | 4 ++-- docs/xINSTALL.debian10.md | 3 +-- 5 files changed, 13 insertions(+), 16 deletions(-) diff --git a/INSTALL/INSTALL.tpl.sh b/INSTALL/INSTALL.tpl.sh index 69e3c9572..ab533a2b4 100755 --- a/INSTALL/INSTALL.tpl.sh +++ b/INSTALL/INSTALL.tpl.sh @@ -495,14 +495,13 @@ installMISPonKali () { cd ${PATH_TO_MISP}/app/files/scripts/python-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . - debug "Install maec" + debug "Instaling maec" cd ${PATH_TO_MISP}/app/files/scripts/python-maec ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . - # install STIX2.0 library to support STIX 2.0 export - debug "Installing cti-python-stix2" - # install STIX2.0 library to support STIX 2.0 export: - cd ${PATH_TO_MISP}/cti-python-stix2 + # Install misp-stix + debug "Installing misp-stix" + cd ${PATH_TO_MISP}/app/files/scripts/misp-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . debug "Installing mixbox" diff --git a/docs/generic/upgrading.md b/docs/generic/upgrading.md index 24b678c92..060e32202 100644 --- a/docs/generic/upgrading.md +++ b/docs/generic/upgrading.md @@ -46,8 +46,7 @@ sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -U . cd $PATH_TO_MISP/app/files/scripts/python-maec sudo -u www-data git pull sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -U . -# install STIX2.0 library to support STIX 2.0 export: -cd ${PATH_TO_MISP}/cti-python-stix2 +cd ${PATH_TO_MISP}/app/files/scripts/misp-stix sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -I -U . # install mixbox to accommodate the new STIX dependencies: diff --git a/docs/xINSTALL.OpenBSD.md b/docs/xINSTALL.OpenBSD.md index fcfd4eee8..eed6b4009 100644 --- a/docs/xINSTALL.OpenBSD.md +++ b/docs/xINSTALL.OpenBSD.md @@ -353,20 +353,20 @@ cd /var/www/htdocs/MISP/app/files/scripts/python-maec $SUDO_WWW git config core.filemode false doas /usr/local/virtualenvs/MISP/bin/python setup.py install -# install mixbox to accommodate the new STIX dependencies: +# Install mixbox to accommodate the new STIX dependencies: cd /var/www/htdocs/MISP/app/files/scripts/mixbox $SUDO_WWW git config core.filemode false doas /usr/local/virtualenvs/MISP/bin/python setup.py install -# install PyMISP +# Install PyMISP cd /var/www/htdocs/MISP/PyMISP doas /usr/local/virtualenvs/MISP/bin/python setup.py install -# install support for STIX 2.0 -cd /var/www/htdocs/MISP/cti-python-stix2 +# Install misp-stix +cd /var/www/htdocs/MISP/app/files/scripts/misp-stix doas /usr/local/virtualenvs/MISP/bin/python setup.py install -# install python-magic and pydeep +# Install python-magic and pydeep doas /usr/local/virtualenvs/MISP/bin/pip install python-magic doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/pydeep.git ``` diff --git a/docs/xINSTALL.centos7.md b/docs/xINSTALL.centos7.md index 71d01e143..012eb3d54 100644 --- a/docs/xINSTALL.centos7.md +++ b/docs/xINSTALL.centos7.md @@ -200,8 +200,8 @@ cd ${PATH_TO_MISP}/app/files/scripts/mixbox $SUDO_WWW git config core.filemode false ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . -# install STIX2.0 library to support STIX 2.0 export: -cd ${PATH_TO_MISP}/cti-python-stix2 +# Install misp-stix +cd ${PATH_TO_MISP}/app/files/scripts/misp-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . # install PyMISP diff --git a/docs/xINSTALL.debian10.md b/docs/xINSTALL.debian10.md index e607758d3..b0be0f907 100644 --- a/docs/xINSTALL.debian10.md +++ b/docs/xINSTALL.debian10.md @@ -158,8 +158,7 @@ ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . cd ${PATH_TO_MISP}/app/files/scripts/python-maec $SUDO_WWW git config core.filemode false ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . -# install STIX2.0 library to support STIX 2.0 export: -cd ${PATH_TO_MISP}/cti-python-stix2 +cd ${PATH_TO_MISP}/app/files/scripts/misp-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . # install PyMISP From ce788c83df3640baca8adedd893c3171bc874a3f Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Mon, 7 Mar 2022 14:38:49 +0100 Subject: [PATCH 0102/1366] fix: [installer] typo, use legacy composer74 function on Kali --- INSTALL/INSTALL.tpl.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/INSTALL/INSTALL.tpl.sh b/INSTALL/INSTALL.tpl.sh index ab533a2b4..c101b369f 100755 --- a/INSTALL/INSTALL.tpl.sh +++ b/INSTALL/INSTALL.tpl.sh @@ -495,7 +495,7 @@ installMISPonKali () { cd ${PATH_TO_MISP}/app/files/scripts/python-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . - debug "Instaling maec" + debug "Installing maec" cd ${PATH_TO_MISP}/app/files/scripts/python-maec ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . @@ -529,7 +529,7 @@ installMISPonKali () { ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq debug "Installing cake" - composer + composer74 ${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php From 0f24d7666918b1934b79942d2b438ff06851eaf5 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Mon, 7 Mar 2022 14:40:36 +0100 Subject: [PATCH 0103/1366] chg: [installer] Bump to latest version --- INSTALL/INSTALL.sh | 91 ++++++--------------------------------- INSTALL/INSTALL.sh.sha1 | 2 +- INSTALL/INSTALL.sh.sha256 | 2 +- INSTALL/INSTALL.sh.sha384 | 2 +- INSTALL/INSTALL.sh.sha512 | 2 +- 5 files changed, 16 insertions(+), 83 deletions(-) diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index e6f7c3b50..297bc62d3 100755 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -916,7 +916,7 @@ installDeps () { [[ -n $KALI ]] || [[ -n $UNATTENDED ]] && sudo DEBIAN_FRONTEND=noninteractive apt install -qy postfix || sudo apt install -qy postfix sudo apt install -qy \ - curl gcc git gnupg-agent make openssl redis-server neovim unzip zip libyara-dev python3-yara python3-redis python3-zmq sqlite3 \ + curl gcc git gnupg-agent make openssl redis-server neovim unzip zip libyara-dev python3-yara python3-redis python3-zmq sqlite3 python3-virtualenv \ mariadb-client \ mariadb-server \ apache2 apache2-doc apache2-utils \ @@ -926,74 +926,6 @@ installDeps () { installRNG } -# On Kali, the redis start-up script is broken. This tries to fix it. -fixRedis () { - # As of 20190124 redis-server init.d scripts are broken and need to be replaced - sudo mv /etc/init.d/redis-server /etc/init.d/redis-server_`date +%Y%m%d` - - echo '#! /bin/sh -### BEGIN INIT INFO -# Provides: redis-server -# Required-Start: $syslog -# Required-Stop: $syslog -# Should-Start: $local_fs -# Should-Stop: $local_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: redis-server - Persistent key-value db -# Description: redis-server - Persistent key-value db -### END INIT INFO - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/bin/redis-server -DAEMON_ARGS=/etc/redis/redis.conf -NAME=redis-server -DESC=redis-server -PIDFILE=/var/run/redis.pid - -test -x $DAEMON || exit 0 -test -x $DAEMONBOOTSTRAP || exit 0 - -set -e - -case "$1" in - start) - echo -n "Starting $DESC: " - touch $PIDFILE - chown redis:redis $PIDFILE - if start-stop-daemon --start --quiet --umask 007 --pidfile $PIDFILE --chuid redis:redis --exec $DAEMON -- $DAEMON_ARGS - then - echo "$NAME." - else - echo "failed" - fi - ;; - stop) - echo -n "Stopping $DESC: " - if start-stop-daemon --stop --retry 10 --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON - then - echo "$NAME." - else - echo "failed" - fi - rm -f $PIDFILE - ;; - - restart|force-reload) - ${0} stop - ${0} start - ;; - *) - echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload}" >&2 - exit 1 - ;; -esac - -exit 0' | sudo tee /etc/init.d/redis-server - sudo chmod 755 /etc/init.d/redis-server - sudo /etc/init.d/redis-server start -} - # generate MISP apache conf genApacheConf () { echo " @@ -1051,6 +983,11 @@ composer () { ${SUDO_WWW} sh -c "cd ${PATH_TO_MISP}/app ; php composer.phar install --no-dev" } +# Legacy composer function +composer74 () { + sudo mkdir -p /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer + ${SUDO_WWW} sh -c "cd ${PATH_TO_MISP}/app ; php7.4 composer.phar install --no-dev" +} # TODO: FIX somehow the alias of the function does not work # Composer on php 7.0 does not need any special treatment the provided phar works well @@ -1204,7 +1141,7 @@ checkSudoKeeper () { installCoreDeps () { debug "Installing core dependencies" # Install the dependencies: (some might already be installed) - sudo apt-get install curl gcc git gpg-agent make python python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 moreutils -qy + sudo apt-get install curl gcc git gpg-agent make python3 openssl redis-server sudo vim zip unzip virtualenv libfuzzy-dev sqlite3 moreutils -qy # Install MariaDB (a MySQL fork/alternative) sudo apt-get install mariadb-client mariadb-server -qy @@ -3262,9 +3199,6 @@ installMISPonKali () { debug "Restarting mysql.service" sudo systemctl restart mysql.service - debug "Fixing redis rc script on Kali" - fixRedis - debug "git clone, submodule update everything" sudo mkdir ${PATH_TO_MISP} sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP} @@ -3305,14 +3239,13 @@ installMISPonKali () { cd ${PATH_TO_MISP}/app/files/scripts/python-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . - debug "Install maec" + debug "Installing maec" cd ${PATH_TO_MISP}/app/files/scripts/python-maec ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . - # install STIX2.0 library to support STIX 2.0 export - debug "Installing cti-python-stix2" - # install STIX2.0 library to support STIX 2.0 export: - cd ${PATH_TO_MISP}/cti-python-stix2 + # Install misp-stix + debug "Installing misp-stix" + cd ${PATH_TO_MISP}/app/files/scripts/misp-stix ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install . debug "Installing mixbox" @@ -3340,7 +3273,7 @@ installMISPonKali () { ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq debug "Installing cake" - composer + composer74 ${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index 060db4d39..af71c4a67 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -cf8a8bbb37c4a135d8cc51166deed87be0d9a0dc INSTALL.sh +c14654d71a2a369fb5852987b69ecd7774b7111d INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index 70458ecde..f63f48326 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -6bd696907b7e5b7fffb580cc4d67e21ec2b26ab816996a20e86bbad44ebbb207 INSTALL.sh +621dd7fc21cc25631248a685a00d506a3aa1c2e29c11539870cf4efde499dcc9 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index 2a02cd4e0..106433ed5 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -1cbe736a73f717b322150ca3ab9142a909273ad7a970d45314357db0dfe86da33417a9970a188c201a0638c11864a128 INSTALL.sh +f348d5c019fea3c339b6076596ede2e55ea173cd1c25158d7e3d2cbb4d2d90950ac84ab3597bbaa50f199fd9850831db INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index 298b6a223..c1ad7b977 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -20ecaf4a88f00c78f34ba66ee92fe8ef5c26de916969b0f36ff77b5187d01249f4f4e33210d578b41e06bf7a31dcc1c891c7229e4daf04f16953a46b440561c9 INSTALL.sh +499e82451509739bbd5117a942f8a39f847310301c9e4dc0428eaa31560ff6b08bafa958fd22c01a3241afad7fcfedfeb7ae88d25f5fce299e921b49a4d644c1 INSTALL.sh From 90cd99685f2e3b039e74cf4d15f7ea87c3dbac1f Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 7 Mar 2022 17:30:52 +0100 Subject: [PATCH 0104/1366] chg: [sync] Simplify code for sighting pushing --- app/Console/Command/EventShell.php | 2 +- app/Model/Event.php | 11 +- app/Model/Server.php | 188 +++++++++-------------------- app/Model/Sighting.php | 84 +++++++++++++ 4 files changed, 148 insertions(+), 137 deletions(-) diff --git a/app/Console/Command/EventShell.php b/app/Console/Command/EventShell.php index 99a5d1b78..bb402d032 100644 --- a/app/Console/Command/EventShell.php +++ b/app/Console/Command/EventShell.php @@ -439,7 +439,7 @@ class EventShell extends AppShell } $this->Event->Behaviors->unload('SysLogLogable.SysLogLogable'); - $result = $this->Event->publish_sightings($id, $passAlong, $sightingsUuidsToPush); + $result = $this->Event->publishSightings($id, $passAlong, $sightingsUuidsToPush); $count = count($sightingsUuidsToPush); $message = $count === 0 ? "All sightings published" : "$count sightings published"; diff --git a/app/Model/Event.php b/app/Model/Event.php index e1604bc27..5dcc8ba0f 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -4548,7 +4548,7 @@ class Event extends AppModel ); } - return $this->publish_sightings($id, $passAlong, $sightingUuids); + return $this->publishSightings($id, $passAlong, $sightingUuids); } public function publishRouter($id, $passAlong = null, $user) @@ -4577,7 +4577,14 @@ class Event extends AppModel return $this->publish($id, $passAlong); } - public function publish_sightings($id, $passAlong = null, array $sightingsUuidsToPush = []) + /** + * @param int|string $id Event ID or UUID + * @param $passAlong + * @param array $sightingsUuidsToPush + * @return array|bool + * @throws Exception + */ + public function publishSightings($id, $passAlong = null, array $sightingsUuidsToPush = []) { if (is_numeric($id)) { $condition = array('Event.id' => $id); diff --git a/app/Model/Server.php b/app/Model/Server.php index fb0009e1e..5cf5363a1 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -204,11 +204,11 @@ class Server extends AppModel { if ("full" === $technique) { // get a list of the event_ids on the server - $eventIds = $this->getEventIdsFromServer($serverSync, false, false, 'events', $force); + $eventIds = $this->getEventIdsFromServer($serverSync, false, false, $force); // reverse array of events, to first get the old ones, and then the new ones return array_reverse($eventIds); } elseif ("update" === $technique) { - $eventIds = $this->getEventIdsFromServer($serverSync, false, true, 'events', $force); + $eventIds = $this->getEventIdsFromServer($serverSync, false, true, $force); $eventModel = ClassRegistry::init('Event'); $localEventUuids = $eventModel->find('column', array( 'fields' => array('Event.uuid'), @@ -762,7 +762,13 @@ class Server extends AppModel } $filterRules['minimal'] = 1; $filterRules['published'] = 1; - return $serverSync->eventIndex($filterRules)->json(); + $eventIndex = $serverSync->eventIndex($filterRules)->json(); + + // correct $eventArray if just one event, probably this response returns old MISP + if (isset($eventIndex['id'])) { + $eventIndex = [$eventIndex]; + } + return $eventIndex; } /** @@ -771,65 +777,40 @@ class Server extends AppModel * @param ServerSyncTool $serverSync * @param bool $all * @param bool $ignoreFilterRules - * @param string $scope 'events' or 'sightings' * @param bool $force * @return array Array of event UUIDs. * @throws HttpSocketHttpException * @throws HttpSocketJsonException * @throws InvalidArgumentException */ - private function getEventIdsFromServer(ServerSyncTool $serverSync, $all = false, $ignoreFilterRules = false, $scope = 'events', $force = false) + private function getEventIdsFromServer(ServerSyncTool $serverSync, $all = false, $ignoreFilterRules = false, $force = false) { - if (!in_array($scope, ['events', 'sightings'], true)) { - throw new InvalidArgumentException("Scope must be 'events' or 'sightings', '$scope' given."); - } - $eventArray = $this->getEventIndexFromServer($serverSync, $ignoreFilterRules); - // correct $eventArray if just one event - if (isset($eventArray['id'])) { - $eventArray = array($eventArray); - } + if ($all) { - if ($scope === 'sightings') { - // Used when pushing: return just eventUuids that has sightings newer than remote server - $this->Event = ClassRegistry::init('Event'); - $localEvents = $this->Event->find('list', array( - 'fields' => array('Event.uuid', 'Event.sighting_timestamp'), - 'conditions' => array('Event.uuid' => array_column($eventArray, 'uuid')) - )); - - $eventUuids = []; - foreach ($eventArray as $event) { - if (isset($localEvents[$event['uuid']]) && $localEvents[$event['uuid']] > $event['sighting_timestamp']) { - $eventUuids[] = $event['uuid']; - } - } - } else { - $eventUuids = array_column($eventArray, 'uuid'); - } - } else { - if (Configure::read('MISP.enableEventBlocklisting') !== false) { - $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); - $this->EventBlocklist->removeBlockedEvents($eventArray); - } - - if (Configure::read('MISP.enableOrgBlocklisting') !== false) { - $this->OrgBlocklist = ClassRegistry::init('OrgBlocklist'); - $this->OrgBlocklist->removeBlockedEvents($eventArray); - } - - foreach ($eventArray as $k => $event) { - if (1 != $event['published']) { - unset($eventArray[$k]); // do not keep non-published events - } - } - if (!$force) { - $this->Event = ClassRegistry::init('Event'); - $this->Event->removeOlder($eventArray, $scope); - } - $eventUuids = array_column($eventArray, 'uuid'); + return array_column($eventArray, 'uuid'); } - return $eventUuids; + + if (Configure::read('MISP.enableEventBlocklisting') !== false) { + $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); + $this->EventBlocklist->removeBlockedEvents($eventArray); + } + + if (Configure::read('MISP.enableOrgBlocklisting') !== false) { + $this->OrgBlocklist = ClassRegistry::init('OrgBlocklist'); + $this->OrgBlocklist->removeBlockedEvents($eventArray); + } + + foreach ($eventArray as $k => $event) { + if (1 != $event['published']) { + unset($eventArray[$k]); // do not keep non-published events + } + } + if (!$force) { + $this->Event = ClassRegistry::init('Event'); + $this->Event->removeOlder($eventArray); + } + return array_column($eventArray, 'uuid'); } public function serverEventsOverlap() @@ -900,9 +881,11 @@ class Server extends AppModel if (!$server) { throw new NotFoundException('Server not found'); } + $serverSync = new ServerSyncTool($server, $this->setupSyncRequest($server)); + $this->Event = ClassRegistry::init('Event'); $url = $server['Server']['url']; - $push = $this->checkVersionCompatibility($server, $user); + $push = $this->checkVersionCompatibility($server, $user, $serverSync); if (is_array($push) && !$push['canPush'] && !$push['canSight']) { $push = 'Remote instance is outdated or no permission to push.'; } @@ -911,14 +894,14 @@ class Server extends AppModel $this->Log = ClassRegistry::init('Log'); $this->Log->create(); $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Server', - 'model_id' => $id, - 'email' => $user['email'], - 'action' => 'error', - 'user_id' => $user['id'], - 'title' => 'Failed: Push to ' . $url . ' initiated by ' . $user['email'], - 'change' => $message + 'org' => $user['Organisation']['name'], + 'model' => 'Server', + 'model_id' => $id, + 'email' => $user['email'], + 'action' => 'error', + 'user_id' => $user['id'], + 'title' => 'Failed: Push to ' . $url . ' initiated by ' . $user['email'], + 'change' => $message )); if ($jobId) { $job->saveStatus($jobId, false, $message); @@ -1052,7 +1035,8 @@ class Server extends AppModel } if ($push['canPush'] || $push['canSight']) { - $sightingSuccesses = $this->syncSightings($HttpSocket, $server, $user, $this->Event); + $this->Sighting = ClassRegistry::init('Sighting'); + $sightingSuccesses =$this->Sighting->pushSightings($user, $serverSync); } else { $sightingSuccesses = array(); } @@ -1069,14 +1053,14 @@ class Server extends AppModel $this->Log = ClassRegistry::init('Log'); $this->Log->create(); $this->Log->save(array( - 'org' => $user['Organisation']['name'], - 'model' => 'Server', - 'model_id' => $id, - 'email' => $user['email'], - 'action' => 'push', - 'user_id' => $user['id'], - 'title' => 'Push to ' . $url . ' initiated by ' . $user['email'], - 'change' => count($successes) . ' events pushed or updated. ' . count($fails) . ' events failed or didn\'t need an update.' + 'org' => $user['Organisation']['name'], + 'model' => 'Server', + 'model_id' => $id, + 'email' => $user['email'], + 'action' => 'push', + 'user_id' => $user['id'], + 'title' => 'Push to ' . $url . ' initiated by ' . $user['email'], + 'change' => count($successes) . ' events pushed or updated. ' . count($fails) . ' events failed or didn\'t need an update.' )); if ($jobId) { $job->saveStatus($jobId, true, __('Push to server %s complete.', $id)); @@ -1152,70 +1136,6 @@ class Server extends AppModel return $successes; } - /** - * Push sightings to remote server. - * @param HttpSocket $HttpSocket - * @param array $server - * @param array $user - * @param Event $eventModel - * @return array - * @throws Exception - */ - private function syncSightings($HttpSocket, array $server, array $user, Event $eventModel) - { - $successes = array(); - if (!$server['Server']['push_sightings']) { - return $successes; - } - $serverSync = new ServerSyncTool($server, $this->setupSyncRequest($server)); - $this->Sighting = ClassRegistry::init('Sighting'); - try { - $eventUuids = $this->getEventIdsFromServer($serverSync, true, true, 'sightings'); - } catch (Exception $e) { - $this->logException("Could not fetch event IDs from server {$server['Server']['name']}", $e); - return $successes; - } - // now process the $eventIds to push each of the events sequentially - // check each event and push sightings when needed - $fakeSyncUser = [ - 'org_id' => $server['Server']['remote_org_id'], - 'Role' => [ - 'perm_site_admin' => 0, - ], - ]; - - foreach ($eventUuids as $eventUuid) { - $event = $eventModel->fetchEvent($user, ['event_uuid' => $eventUuid, 'metadata' => true]); - if (!empty($event)) { - $event = $event[0]; - - if (empty($this->eventFilterPushableServers($event, [$server]))) { - continue; - } - if (!$eventModel->checkDistributionForPush($event, $server)) { - continue; - } - - // Process sightings in batch to keep memory requirements low - foreach ($this->Sighting->fetchUuidsForEventToPush($event, $fakeSyncUser) as $batch) { - // Filter out sightings that already exists on remote server - $existingSightings = $serverSync->filterSightingUuidsForPush($event, $batch); - $newSightings = array_diff($batch, $existingSightings); - if (empty($newSightings)) { - continue; - } - - $conditions = ['Sighting.uuid' => $newSightings]; - $sightings = $this->Sighting->attachToEvent($event, $fakeSyncUser, null, $conditions, true); - $serverSync->uploadSightings($sightings, $event['Event']['uuid']); - } - - $successes[] = 'Sightings for event ' . $event['Event']['id']; - } - } - return $successes; - } - public function syncProposals($HttpSocket, array $server, $sa_id = null, $event_id = null, $eventModel) { $saModel = ClassRegistry::init('ShadowAttribute'); diff --git a/app/Model/Sighting.php b/app/Model/Sighting.php index a0c5d2e4c..d24aa212b 100644 --- a/app/Model/Sighting.php +++ b/app/Model/Sighting.php @@ -1107,6 +1107,90 @@ class Sighting extends AppModel } } + /** + * Push sightings to remote server. + * @param array $user + * @param ServerSyncTool $serverSync + * @return array + * @throws Exception + */ + public function pushSightings(array $user, ServerSyncTool $serverSync) + { + $server = $serverSync->server(); + + if (!$serverSync->server()['Server']['push_sightings']) { + return []; + } + $this->Server = ClassRegistry::init('Server'); + + try { + $eventArray = $this->Server->getEventIndexFromServer($serverSync); + } catch (Exception $e) { + $this->logException("Could not fetch event IDs from server {$server['Server']['name']}", $e); + return []; + } + + // Fetch local events that has sightings + $localEvents = $this->Event->find('list', [ + 'fields' => ['Event.uuid', 'Event.sighting_timestamp'], + 'conditions' => [ + 'Event.uuid' => array_column($eventArray, 'uuid'), + 'Event.sighting_timestamp >' => 0, + ], + ]); + + // Filter just local events that has sighting_timestamp newer than remote event + $eventUuids = []; + foreach ($eventArray as $event) { + if (isset($localEvents[$event['uuid']]) && $localEvents[$event['uuid']] > $event['sighting_timestamp']) { + $eventUuids[] = $event['uuid']; + } + } + unset($localEvents, $eventArray); + + $fakeSyncUser = [ + 'org_id' => $server['Server']['remote_org_id'], + 'Role' => [ + 'perm_site_admin' => 0, + ], + ]; + + $successes = []; + // now process the $eventUuids to push each of the events sequentially + // check each event and push sightings when needed + foreach ($eventUuids as $eventUuid) { + $event = $this->Event->fetchEvent($user, ['event_uuid' => $eventUuid, 'metadata' => true]); + if (empty($event)) { + continue; + } + $event = $event[0]; + + if (empty($this->Server->eventFilterPushableServers($event, [$server]))) { + continue; + } + if (!$this->Event->checkDistributionForPush($event, $server)) { + continue; + } + + // Process sightings in batch to keep memory requirements low + foreach ($this->fetchUuidsForEventToPush($event, $fakeSyncUser) as $batch) { + // Filter out sightings that already exists on remote server + $existingSightings = $serverSync->filterSightingUuidsForPush($event, $batch); + $newSightings = array_diff($batch, $existingSightings); + if (empty($newSightings)) { + continue; + } + + $conditions = ['Sighting.uuid' => $newSightings]; + $sightings = $this->attachToEvent($event, $fakeSyncUser, null, $conditions, true); + $serverSync->uploadSightings($sightings, $event['Event']['uuid']); + } + + $successes[] = 'Sightings for event ' . $event['Event']['id']; + } + return $successes; + } + /** * @param array $user * @param ServerSyncTool $serverSync From 3d718555290bdd668004e75613ed14c8e03f3287 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Tue, 8 Mar 2022 13:17:41 +0100 Subject: [PATCH 0105/1366] chg: [doc] Added username requirement --- docs/background-jobs-migration-guide.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/docs/background-jobs-migration-guide.md b/docs/background-jobs-migration-guide.md index 988b8bdde..411f04563 100644 --- a/docs/background-jobs-migration-guide.md +++ b/docs/background-jobs-migration-guide.md @@ -23,7 +23,6 @@ Run on your MISP instance the following commands. guzzlehttp/guzzle \ php-http/message \ lstrojny/fxmlrpc - ``` 3. Add the following settings at the bottom of the **Supervisord** conf file, usually located in: @@ -144,12 +143,14 @@ Run on your MISP instance the following commands. 2. Update the `SimpleBackgroundJobs.supervisor_password` with the password you set in the _Install requirements_ section 3. -3. Verify Redis and other settings are correct and then set `SimpleBackgroundJobs.enabled` to `true`. +3. Update the `SimpleBackgroundJobs.supervisor_user` with the supervisord username. (default: supervisor) -4. Use **MISP** normally and visit [Administration -> Jobs](/jobs/index) to check Jobs are running correctly. +4. Verify Redis and other settings are correct and then set `SimpleBackgroundJobs.enabled` to `true`. + +5. Use **MISP** normally and visit [Administration -> Jobs](/jobs/index) to check Jobs are running correctly. If there are any issues check the logs: * /var/www/MISP/app/tmp/logs/misp-workers-errors.log * /var/www/MISP/app/tmp/logs/misp-workers.log ### Notes -Scheduled tasks (TasksController) are not supported with the new backend, however this feature is going to be deprecated, it is recommended to use cron jobs instead. \ No newline at end of file +Scheduled tasks (TasksController) are not supported with the new backend, however this feature is going to be deprecated, it is recommended to use cron jobs instead. From 155bf237765ceeef21b7b2b0087b9b4fec252a01 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Tue, 8 Mar 2022 13:40:15 +0100 Subject: [PATCH 0106/1366] new: [events:restSearch] Added `context` export format The `context` export format includes: - List of used taxonomies - List of used galaxy cluster - List of custom tags - Mitre Att&ck matrix --- app/Lib/Export/ContextExport.php | 163 ++++++++++++++++++ app/Model/Event.php | 1 + app/View/Events/module_views/context_view.ctp | 77 +++++++++ 3 files changed, 241 insertions(+) create mode 100644 app/Lib/Export/ContextExport.php create mode 100644 app/View/Events/module_views/context_view.ctp diff --git a/app/Lib/Export/ContextExport.php b/app/Lib/Export/ContextExport.php new file mode 100644 index 000000000..6adc21189 --- /dev/null +++ b/app/Lib/Export/ContextExport.php @@ -0,0 +1,163 @@ + 1, + 'includeEventTags' => 1, + 'includeGalaxy' => 1, + 'noSightings' => true, + 'noEventReports' => true, + 'noShadowAttributes' => true, + 'sgReferenceOnly' => true, + 'includeEventCorrelations' => false, + ]; + private $__eventTags = []; + private $__eventGalaxies = []; + + private $__aggregatedTags = []; + private $__aggregatedClusters = []; + + private $__taxonomyFetched = []; + private $__galaxyFetched = []; + + public $non_restrictive_export = true; + public $renderView = 'context_view'; + + public function handler($data, $options = array()) + { + $this->__aggregate($data, Hash::extract($data, 'EventTag.{n}.Tag')); + if (!empty($data['Attribute'])) { + foreach ($data['Attribute'] as $attribute) { + $this->__aggregate($attribute, Hash::extract($attribute, 'AttributeTag.{n}.Tag')); + } + } + + $this->__attack_export_tool->handler($data, $options); + return ''; + } + + public function header($options = array()) + { + $this->__TaxonomyModel = ClassRegistry::init('Taxonomy'); + $this->__GalaxyModel = ClassRegistry::init('Galaxy'); + App::uses('AttackExport', 'Export'); + $this->__attack_export_tool = new AttackExport(); + $this->__attack_export_tool->handler($options); + + return ''; + } + + public function footer() + { + $attackFinal = $this->__attack_export_tool->footer(); + $this->__aggregateTagsPerTaxonomy(); + $this->__aggregateClustersPerGalaxy(); + $attackData = json_decode($attackFinal, true); + return json_encode([ + 'attackData' => $attackData, + 'tags' => $this->__aggregatedTags, + 'clusters' => $this->__aggregatedClusters, + ]); + } + + public function separator() + { + $this->__attack_export_tool->separator(); + return ''; + } + + private function __aggregate($entity, $tags) + { + if (!empty($entity['Galaxy'])) { + foreach ($entity['Galaxy'] as $galaxy) { + foreach ($galaxy['GalaxyCluster'] as $galaxyCluster) { + $this->__eventGalaxies[$galaxyCluster['tag_name']] = $galaxyCluster; + $this->fetchGalaxyForTag($galaxyCluster['tag_name']); + } + } + } + if (!empty($tags)) { + foreach ($tags as $tag) { + if (strpos($tag['name'], 'misp-galaxy:') === 0) { + continue; + } + $this->__eventTags[$tag['name']] = $tag; + $this->fetchTaxonomyForTag($tag['name']); + } + } + } + + private function fetchTaxonomyForTag($tagname) + { + $splits = $this->__TaxonomyModel->splitTagToComponents($tagname); + if (!isset($this->__taxonomyFetched[$splits['namespace']])) { + $fetchedTaxonomy = $this->__TaxonomyModel->getTaxonomyForTag($tagname, false, true); + if (!empty($fetchedTaxonomy)) { + $this->__taxonomyFetched[$splits['namespace']]['Taxonomy'] = $fetchedTaxonomy['Taxonomy']; + $this->__taxonomyFetched[$splits['namespace']]['TaxonomyPredicate'] = []; + foreach ($fetchedTaxonomy['TaxonomyPredicate'] as $predicate) { + $this->__taxonomyFetched[$splits['namespace']]['TaxonomyPredicate'][$predicate['value']] = $predicate; + if (!empty($predicate['TaxonomyEntry'])) { + $this->__taxonomyFetched[$splits['namespace']]['TaxonomyPredicate'][$predicate['value']]['TaxonomyEntry'] = []; + foreach ($predicate['TaxonomyEntry'] as $entry) { + $this->__taxonomyFetched[$splits['namespace']]['TaxonomyPredicate'][$predicate['value']]['TaxonomyEntry'][$entry['value']] = $entry; + } + } + } + } + } + } + + private function fetchGalaxyForTag($tagname) + { + $splits = $this->__TaxonomyModel->splitTagToComponents($tagname); + $galaxy = $this->__GalaxyModel->find('first', array( + 'recursive' => -1, + 'conditions' => array('Galaxy.type' => $splits['predicate']) + )); + $this->__galaxyFetched[$splits['predicate']] = $galaxy; + } + + private function __aggregateTagsPerTaxonomy() + { + ksort($this->__eventTags); + foreach ($this->__eventTags as $tagname => $tagData) { + $splits = $this->__TaxonomyModel->splitTagToComponents($tagname); + $taxonomy = []; + if (!empty($this->__taxonomyFetched[$splits['namespace']])) { + $taxonomy = $this->__taxonomyFetched[$splits['namespace']]; + } + if (!empty($taxonomy['TaxonomyPredicate'][$splits['predicate']])) { + $predicate = $taxonomy['TaxonomyPredicate'][$splits['predicate']]; + $entry = null; + if (!empty($splits['value'])) { + $entry = $predicate['TaxonomyEntry'][$splits['value']]; + } + unset($predicate['TaxonomyEntry']); + $this->__aggregatedTags[$splits['namespace']][] = [ + 'Taxonomy' => $taxonomy['Taxonomy'], + 'TaxonomyPredicate' => $predicate, + 'TaxonomyEntry' => $entry, + 'Tag' => $tagData, + ]; + } else { + $this->__aggregatedTags['Custom Tags'][]['Tag'] = $tagData; + } + } + } + + private function __aggregateClustersPerGalaxy() + { + ksort($this->__eventGalaxies); + foreach ($this->__eventGalaxies as $tagname => $cluster) { + $splits = $this->__TaxonomyModel->splitTagToComponents($tagname); + $galaxy = $this->__galaxyFetched[$splits['predicate']]; + $this->__aggregatedClusters[$splits['predicate']][] = [ + 'Galaxy' => $galaxy['Galaxy'], + 'GalaxyCluster' => $cluster, + ]; + } + } +} diff --git a/app/Model/Event.php b/app/Model/Event.php index facdaf451..02d49de40 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -73,6 +73,7 @@ class Event extends AppModel 'attack' => array('html', 'AttackExport', 'html'), 'attack-sightings' => array('json', 'AttackSightingsExport', 'json'), 'cache' => array('txt', 'CacheExport', 'cache'), + 'context' => array('html', 'ContextExport', 'html'), 'count' => array('txt', 'CountExport', 'txt'), 'csv' => array('csv', 'CsvExport', 'csv'), 'hashes' => array('txt', 'HashesExport', 'txt'), diff --git a/app/View/Events/module_views/context_view.ctp b/app/View/Events/module_views/context_view.ctp new file mode 100644 index 000000000..eca88b194 --- /dev/null +++ b/app/View/Events/module_views/context_view.ctp @@ -0,0 +1,77 @@ +
    +

    +

    +
    + $entries) { + $htmlTags .= sprintf('

    %s

    ', h($namespace)); + if (!empty($entries[0]['Taxonomy']['description'])) { + $htmlTags .= sprintf('
    %s
    ', h($entries[0]['Taxonomy']['description'])); + } + $htmlTags .= '
      '; + foreach ($entries as $entry) { + $taxonomyInfo = '
        '; + if (!empty($entry['TaxonomyPredicate'])) { + $taxonomyInfo .= sprintf( + '
      • %s: %s
        • ', + h($entry['TaxonomyPredicate']['value']), + h($entry['TaxonomyPredicate']['expanded']) + ); + } + if (!empty($entry['TaxonomyEntry'])) { + $taxonomyInfo .= sprintf( + '
      • %s: %s
        • ', + h($entry['TaxonomyEntry']['value']), + h($entry['TaxonomyEntry']['expanded']) + ); + } + $taxonomyInfo .= '
      '; + $htmlTags .= sprintf( + '
    • %s
      • %s', + $this->element('tag', ['tag' => $entry]), + $taxonomyInfo + ); + } + $htmlTags .= '
    '; + } + echo $htmlTags; + ?> +
    + +

    +
    + $entries) { + $htmlClusters .= sprintf( + '

    %s %s

    ', + sprintf('', $this->FontAwesome->getClass($entries[0]['Galaxy']['icon'])), + h($entries[0]['Galaxy']['name']) + ); + if (!empty($entries[0]['Galaxy']['description'])) { + $htmlClusters .= sprintf('
    %s
    ', h($entries[0]['Galaxy']['description'])); + } + $htmlClusters .= '
      '; + foreach ($entries as $cluster) { + $htmlClusters .= sprintf( + '
    • %s
      • %s', + $baseurl . '/galaxy_clusters/view/' . h($cluster['GalaxyCluster']['id']), + h($cluster['GalaxyCluster']['value']), + strlen(h($cluster['GalaxyCluster']['description'])) > 300 ? + (substr(h($cluster['GalaxyCluster']['description']), 0, 300) . '...') : h($cluster['GalaxyCluster']['description']), + ); + } + $htmlClusters .= '
    '; + } + echo $htmlClusters; + ?> +
    + +

    +
    + element('view_galaxy_matrix', $attackData); + ?> +
    +
    From 7fae03d22615085fbc02735935617e58604ab68d Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Wed, 9 Mar 2022 12:01:22 +0100 Subject: [PATCH 0107/1366] fix: add default supervisor user to default settings --- app/Config/config.default.php | 2 +- app/Model/Server.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Config/config.default.php b/app/Config/config.default.php index 3c163550f..dea2f9d8a 100644 --- a/app/Config/config.default.php +++ b/app/Config/config.default.php @@ -145,7 +145,7 @@ $config = array( 'max_job_history_ttl' => 86400, 'supervisor_host' => 'localhost', 'supervisor_port' => 9001, - 'supervisor_user' => '', + 'supervisor_user' => 'supervisor', 'supervisor_password' => '', ), // Uncomment the following to enable client SSL certificate authentication diff --git a/app/Model/Server.php b/app/Model/Server.php index fb0009e1e..0488d6707 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -7146,7 +7146,7 @@ class Server extends AppModel 'supervisor_user' => [ 'level' => self::SETTING_CRITICAL, 'description' => __('The user of the Supervisor XML-RPC API.'), - 'value' => '', + 'value' => 'supervisor', 'test' => null, 'type' => 'string' ], From fd43c079528c1855e5b0d1a5013536de08195fda Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Wed, 9 Mar 2022 12:01:22 +0100 Subject: [PATCH 0108/1366] fix: add default supervisor user to default settings --- app/Config/config.default.php | 2 +- app/Model/Server.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Config/config.default.php b/app/Config/config.default.php index 3c163550f..dea2f9d8a 100644 --- a/app/Config/config.default.php +++ b/app/Config/config.default.php @@ -145,7 +145,7 @@ $config = array( 'max_job_history_ttl' => 86400, 'supervisor_host' => 'localhost', 'supervisor_port' => 9001, - 'supervisor_user' => '', + 'supervisor_user' => 'supervisor', 'supervisor_password' => '', ), // Uncomment the following to enable client SSL certificate authentication diff --git a/app/Model/Server.php b/app/Model/Server.php index fb0009e1e..0488d6707 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -7146,7 +7146,7 @@ class Server extends AppModel 'supervisor_user' => [ 'level' => self::SETTING_CRITICAL, 'description' => __('The user of the Supervisor XML-RPC API.'), - 'value' => '', + 'value' => 'supervisor', 'test' => null, 'type' => 'string' ], From 41669eea34b7615cf7d6d6bff780c25d2059b3f5 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 9 Mar 2022 12:39:56 +0100 Subject: [PATCH 0109/1366] chg: [PyMISP] bump --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index a347f0ed4..94a65c578 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit a347f0ed4e32e5135feecc6530be935c11bd5b51 +Subproject commit 94a65c578a641751d9941a58d44b91b0cb7f554f From b6c730f8f46a277ee2cbb0d16e8d2afc86cc231d Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Wed, 9 Mar 2022 17:49:34 +0100 Subject: [PATCH 0110/1366] chg: [events:restSearch] Added `context-markdown` export format --- app/Lib/Export/ContextMarkdownExport.php | 7 +++ app/Model/Event.php | 1 + .../module_views/context_markdown_view.ctp | 63 +++++++++++++++++++ 3 files changed, 71 insertions(+) create mode 100644 app/Lib/Export/ContextMarkdownExport.php create mode 100644 app/View/Events/module_views/context_markdown_view.ctp diff --git a/app/Lib/Export/ContextMarkdownExport.php b/app/Lib/Export/ContextMarkdownExport.php new file mode 100644 index 000000000..c0b5f4e9a --- /dev/null +++ b/app/Lib/Export/ContextMarkdownExport.php @@ -0,0 +1,7 @@ + array('json', 'AttackSightingsExport', 'json'), 'cache' => array('txt', 'CacheExport', 'cache'), 'context' => array('html', 'ContextExport', 'html'), + 'context-markdown' => array('txt', 'ContextMarkdownExport', 'md'), 'count' => array('txt', 'CountExport', 'txt'), 'csv' => array('csv', 'CsvExport', 'csv'), 'hashes' => array('txt', 'HashesExport', 'txt'), diff --git a/app/View/Events/module_views/context_markdown_view.ctp b/app/View/Events/module_views/context_markdown_view.ctp new file mode 100644 index 000000000..6d91e0fe0 --- /dev/null +++ b/app/View/Events/module_views/context_markdown_view.ctp @@ -0,0 +1,63 @@ + $entries) { + $mdTags[] = sprintf('#### %s', h($namespace)); + if (!empty($entries[0]['Taxonomy']['description'])) { + $mdTags[] = sprintf('*%s*', h($entries[0]['Taxonomy']['description'])); + } + foreach ($entries as $entry) { + $taxonomyInfo = []; + if (!empty($entry['TaxonomyPredicate'])) { + $taxonomyInfo[] = sprintf( + ' - **%s**: %s', + h($entry['TaxonomyPredicate']['value']), + h($entry['TaxonomyPredicate']['expanded']) + ); + } + if (!empty($entry['TaxonomyEntry'])) { + $taxonomyInfo[] = sprintf( + ' - **%s**: %s', + h($entry['TaxonomyEntry']['value']), + h($entry['TaxonomyEntry']['expanded']) + ); + } + $mdTags[] = sprintf( + '- %s' . PHP_EOL . '%s', + $this->element('tag', ['tag' => $entry]), + implode(PHP_EOL, $taxonomyInfo) + ); + } + } + $md[] = implode(PHP_EOL, $mdTags); + + $md[] = sprintf('## %s', __('Galaxy Clusters')); + $mdClusters = []; + foreach ($clusters as $tagname => $entries) { + $mdClusters[] = sprintf( + '#### %s %s', + sprintf('', $this->FontAwesome->getClass($entries[0]['Galaxy']['icon'])), + h($entries[0]['Galaxy']['name']) + ); + if (!empty($entries[0]['Galaxy']['description'])) { + $mdClusters[] = sprintf('*%s*', h($entries[0]['Galaxy']['description'])); + } + foreach ($entries as $cluster) { + $mdClusters[] = sprintf( + '- *[%s](%s)*' . PHP_EOL . '%s', + h($cluster['GalaxyCluster']['value']), + $baseurl . '/galaxy_clusters/view/' . h($cluster['GalaxyCluster']['id']), + strlen(h($cluster['GalaxyCluster']['description'])) > 300 ? + (substr(h($cluster['GalaxyCluster']['description']), 0, 300) . '...') : h($cluster['GalaxyCluster']['description']), + ); + } + } + $md[] = implode(PHP_EOL, $mdClusters); + + // $md[] = sprintf('## %s', __('Mitre ATT&CK Matrix')); + // $md[] = $this->element('view_galaxy_matrix', $attackData); + + echo implode(PHP_EOL, $md); From 21997abc5201568857637a4d513828852f881778 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 10 Mar 2022 09:45:47 +0100 Subject: [PATCH 0111/1366] fix: [exports:context] Removed spaces --- app/Lib/Export/ContextExport.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Lib/Export/ContextExport.php b/app/Lib/Export/ContextExport.php index 6adc21189..63d5a820c 100644 --- a/app/Lib/Export/ContextExport.php +++ b/app/Lib/Export/ContextExport.php @@ -45,7 +45,7 @@ class ContextExport App::uses('AttackExport', 'Export'); $this->__attack_export_tool = new AttackExport(); $this->__attack_export_tool->handler($options); - + return ''; } From 3f9629ad0cbe1b5cb7fb8cae8f6f7f0288ce547f Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 10 Mar 2022 10:18:39 +0100 Subject: [PATCH 0112/1366] new: [events:index] Multi-select export of events --- app/Controller/Component/ACLComponent.php | 1 + app/Controller/EventsController.php | 50 +++++++++++++++++++ .../genericElements/SideMenu/side_menu.ctp | 7 +++ .../eventRestSearchExportConfirmationForm.ctp | 26 ++++++++++ .../Events/eventRestSearchExportResult.ctp | 11 ++++ app/View/Events/index.ctp | 7 +++ app/webroot/js/misp.js | 13 +++++ 7 files changed, 115 insertions(+) create mode 100644 app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp create mode 100644 app/View/Events/eventRestSearchExportResult.ctp diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index f1f099522..d00b4386a 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -246,6 +246,7 @@ class ACLComponent extends Component 'reportValidationIssuesEvents' => array(), 'restoreDeletedEvents' => array(), 'restSearch' => array('*'), + 'restSearchExport' => array('*'), 'runTaxonomyExclusivityCheck' => array('*'), 'saveFreeText' => array('perm_add'), 'stix' => array('*'), diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index a95338839..f33f6f667 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -3210,6 +3210,56 @@ class EventsController extends AppController return $difference . " " . $periods[$j] . " ago"; } + public function restSearchExport($id=null) + { + if ($this->request->is('post') || $this->request->is('put')) { + $returnFormat = empty($this->request->data['Event']['returnFormat']) ? 'json' : $this->request->data['Event']['returnFormat']; + $idList = !isset($this->request->data['Event']['id']) ? $id : $this->request->data['Event']['id']; + if (!is_array($idList)) { + if (is_numeric($idList) || Validation::uuid($idList)) { + $idList = array($idList); + } else { + $idList = $this->Event->jsonDecode($idList); + } + } + if (empty($idList)) { + throw new NotFoundException(__('Invalid input.')); + } + $filters = [ + 'eventid' => $idList + ]; + + $elementCounter = 0; + $renderView = false; + $validFormat = $this->Event->validFormats[$returnFormat]; + $responseType = empty($validFormat[0]) ? 'json' : $validFormat[0]; + $final = $this->Event->restSearch($this->Auth->user(), $returnFormat, $filters, false, false, $elementCounter, $renderView); + if (!empty($renderView) && !empty($final)) { + $final = json_decode($final->intoString(), true); + foreach ($final as $key => $data) { + $this->set($key, $data); + } + $this->set('renderView', $renderView); + $this->render('/Events/eventRestSearchExportResult'); + } else { + $filename = $this->RestSearch->getFilename($filters, 'Event', $responseType); + return $this->RestResponse->viewData($final, $responseType, false, true, $filename, array('X-Result-Count' => $elementCounter, 'X-Export-Module-Used' => $returnFormat, 'X-Response-Format' => $responseType)); + } + } else { + if (is_numeric($id)) { + $idList = [$id]; + } else { + $idList = json_decode($id, true); + } + if (empty($idList)) { + throw new NotFoundException(__('Invalid input.')); + } + $this->request->data['Event']['id'] = json_encode($idList); + $this->set('exportFormats', array_keys($this->Event->validFormats)); + $this->render('ajax/eventRestSearchExportConfirmationForm'); + } + } + public function xml($key, $eventid = false, $withAttachment = false, $tags = false, $from = false, $to = false, $last = false) { $this->_legacyAPIRemap(array( diff --git a/app/View/Elements/genericElements/SideMenu/side_menu.ctp b/app/View/Elements/genericElements/SideMenu/side_menu.ctp index 5e1604fa7..927ff93e4 100644 --- a/app/View/Elements/genericElements/SideMenu/side_menu.ctp +++ b/app/View/Elements/genericElements/SideMenu/side_menu.ctp @@ -285,6 +285,13 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); } break; + case 'event_restsearch_export': + echo $this->element('/genericElements/SideMenu/side_menu_link', array( + 'url' => $baseurl . '/events/index', + 'text' => __('List Events') + )); + break; + case 'tag-collections': echo $this->element('/genericElements/SideMenu/side_menu_link', array( 'url' => $baseurl . '/tag_collections/index', diff --git a/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp b/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp new file mode 100644 index 000000000..355229368 --- /dev/null +++ b/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp @@ -0,0 +1,26 @@ +element('genericElements/Form/genericForm', [ + 'form' => $this->Form, + 'data' => [ + 'title' => __('Export the %s selected events into the selected format', count($idArray)), + 'model' => $modelForForm, + 'fields' => [ + [ + 'field' => 'id', + 'type' => 'hidden', + ], + [ + 'field' => 'returnFormat', + 'label' => __('RestSearch Export Format'), + 'class' => 'input span6', + 'div' => 'input clear', + 'type' => 'select', + 'options' => Hash::combine($exportFormats, '{n}', '{n}'), + ], + ], + 'submit' => [ + 'action' => $this->request->params['action'], + ], + ], +]); diff --git a/app/View/Events/eventRestSearchExportResult.ctp b/app/View/Events/eventRestSearchExportResult.ctp new file mode 100644 index 000000000..e2b269233 --- /dev/null +++ b/app/View/Events/eventRestSearchExportResult.ctp @@ -0,0 +1,11 @@ +
    +
    + render('/Events/module_views/' . $renderView, false); + } + ?> +
    +
    +element('/genericElements/SideMenu/side_menu', array('menuList' => 'event_restsearch_export', 'menuItem' => 'result')); diff --git a/app/View/Events/index.ctp b/app/View/Events/index.ctp index 976d4e2a3..ff0cc6770 100644 --- a/app/View/Events/index.ctp +++ b/app/View/Events/index.ctp @@ -68,6 +68,13 @@ 'fa-icon' => 'trash', 'class' => 'hidden mass-select', 'onClick' => 'multiSelectDeleteEvents' + ), + array( + 'id' => 'multi-export-button', + 'title' => __('Export selected events'), + 'fa-icon' => 'file-export', + 'class' => 'hidden mass-select', + 'onClick' => 'multiSelectExportEvents' ) ) ), diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index 1c1d49a14..f19018b79 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -905,6 +905,19 @@ function multiSelectDeleteEvents() { }).fail(xhrFailCallback); } +function multiSelectExportEvents() { + var selected = []; + $(".select").each(function() { + if ($(this).is(":checked")) { + var temp = $(this).data("id"); + if (temp != null) { + selected.push(temp); + } + } + }); + openGenericModal(baseurl + "/events/restSearchExport/" + JSON.stringify(selected)) +} + function multiSelectToggleFeeds(on, cache) { var selected = []; $(".select").each(function() { From c83a7b0b5bc2ae984ce83db3fdcd740f8a8b4c2a Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 10 Mar 2022 12:10:37 +0100 Subject: [PATCH 0113/1366] chg: [events:index] Simplified endpoint --- app/Controller/EventsController.php | 40 ++++++++++--------- .../eventRestSearchExportConfirmationForm.ctp | 16 +++++--- 2 files changed, 33 insertions(+), 23 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index f33f6f667..a67f4968e 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -3210,11 +3210,23 @@ class EventsController extends AppController return $difference . " " . $periods[$j] . " ago"; } - public function restSearchExport($id=null) + public function restSearchExport($id=null, $returnFormat=null) { - if ($this->request->is('post') || $this->request->is('put')) { - $returnFormat = empty($this->request->data['Event']['returnFormat']) ? 'json' : $this->request->data['Event']['returnFormat']; - $idList = !isset($this->request->data['Event']['id']) ? $id : $this->request->data['Event']['id']; + if (is_null($returnFormat)) { + if (is_numeric($id)) { + $idList = [$id]; + } else { + $idList = json_decode($id, true); + } + if (empty($idList)) { + throw new NotFoundException(__('Invalid input.')); + } + $this->set('idList', $idList); + $this->set('exportFormats', array_keys($this->Event->validFormats)); + $this->render('ajax/eventRestSearchExportConfirmationForm'); + } else { + $returnFormat = empty($this->Event->validFormats[$returnFormat]) ? 'json' : $returnFormat; + $idList = $id; if (!is_array($idList)) { if (is_numeric($idList) || Validation::uuid($idList)) { $idList = array($idList); @@ -3232,7 +3244,7 @@ class EventsController extends AppController $elementCounter = 0; $renderView = false; $validFormat = $this->Event->validFormats[$returnFormat]; - $responseType = empty($validFormat[0]) ? 'json' : $validFormat[0]; + $responseType = $validFormat[0]; $final = $this->Event->restSearch($this->Auth->user(), $returnFormat, $filters, false, false, $elementCounter, $renderView); if (!empty($renderView) && !empty($final)) { $final = json_decode($final->intoString(), true); @@ -3243,20 +3255,12 @@ class EventsController extends AppController $this->render('/Events/eventRestSearchExportResult'); } else { $filename = $this->RestSearch->getFilename($filters, 'Event', $responseType); - return $this->RestResponse->viewData($final, $responseType, false, true, $filename, array('X-Result-Count' => $elementCounter, 'X-Export-Module-Used' => $returnFormat, 'X-Response-Format' => $responseType)); + return $this->RestResponse->viewData($final, $responseType, false, true, $filename, [ + 'X-Result-Count' => $elementCounter, + 'X-Export-Module-Used' => $returnFormat, + 'X-Response-Format' => $responseType + ]); } - } else { - if (is_numeric($id)) { - $idList = [$id]; - } else { - $idList = json_decode($id, true); - } - if (empty($idList)) { - throw new NotFoundException(__('Invalid input.')); - } - $this->request->data['Event']['id'] = json_encode($idList); - $this->set('exportFormats', array_keys($this->Event->validFormats)); - $this->render('ajax/eventRestSearchExportConfirmationForm'); } } diff --git a/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp b/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp index 355229368..9401fb041 100644 --- a/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp +++ b/app/View/Events/ajax/eventRestSearchExportConfirmationForm.ctp @@ -3,13 +3,9 @@ $modelForForm = 'Event'; echo $this->element('genericElements/Form/genericForm', [ 'form' => $this->Form, 'data' => [ - 'title' => __('Export the %s selected events into the selected format', count($idArray)), + 'title' => __('Export the selected events into the selected format'), 'model' => $modelForForm, 'fields' => [ - [ - 'field' => 'id', - 'type' => 'hidden', - ], [ 'field' => 'returnFormat', 'label' => __('RestSearch Export Format'), @@ -21,6 +17,16 @@ echo $this->element('genericElements/Form/genericForm', [ ], 'submit' => [ 'action' => $this->request->params['action'], + 'ajaxSubmit' => 'redirectToExportResult()' ], ], ]); +?> + + \ No newline at end of file From 7174b8699946824a9686dcca514575665224822f Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 10 Mar 2022 13:41:22 +0100 Subject: [PATCH 0114/1366] new: [admin API] /servers/ipUser added - requires user IP logging to be enabled - search for a user behind an IP via /servers/ipUser, post a JSON containing the user's IP such as this: { "ip": "8.8.8.8" } --- app/Controller/Component/ACLComponent.php | 1 + app/Controller/ServersController.php | 30 +++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index f1f099522..9359fd605 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -509,6 +509,7 @@ class ACLComponent extends Component 'idTranslator' => ['host_org_user'], 'import' => array(), 'index' => array(), + 'ipUser' => ['perm_site_admin'], 'ondemandAction' => array(), 'postTest' => array('*'), 'previewEvent' => array(), diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 822d48d4d..f494eec4f 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -2726,4 +2726,34 @@ misp.direct_call(relative_path, body) $this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration')); } } + + public function ipUser($ip = false) + { + $params = $this->IndexFilter->harvestParameters(['ip']); + if (!empty($params['ip'])) { + $ip = $params['ip']; + } + $redis = $this->Server->setupRedis(); + if (!filter_var($ip, FILTER_VALIDATE_IP)) { + throw new InvalidArgumentException(__('No valid IP provided.')); + } + $user_id = $redis->get('misp:ip_user:' . $ip); + if (empty($user_id)) { + throw new NotFoundException(__('No hits for the provided IP.')); + } + $this->loadModel('User'); + $user = $this->User->find('first', [ + 'recursive' => -1, + 'conditions' => ['User.id' => $user_id], + 'contain' => ['Organisation.name'] + ]); + if (empty($user)) { + throw new NotFoundException(__('User not found (perhaps it has been removed?).')); + } + $user = [ + 'id' => $user['User']['id'], + 'email' => $user['User']['email'], + ]; + return $this->RestResponse->viewData($user, $this->response->type()); + } } From 86832556a408818ebc25cfef3d74664dba08f9a3 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 10 Mar 2022 13:47:27 +0100 Subject: [PATCH 0115/1366] chg: [ipUser] API now accepts lists of IPs { "ip": ["8.8.8.8", "1.1.1.1"] } --- app/Controller/ServersController.php | 48 ++++++++++++++++------------ 1 file changed, 27 insertions(+), 21 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index f494eec4f..81c5bc2e7 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -2727,33 +2727,39 @@ misp.direct_call(relative_path, body) } } - public function ipUser($ip = false) + public function ipUser($input = false) { $params = $this->IndexFilter->harvestParameters(['ip']); if (!empty($params['ip'])) { - $ip = $params['ip']; + $input = $params['ip']; } $redis = $this->Server->setupRedis(); - if (!filter_var($ip, FILTER_VALIDATE_IP)) { - throw new InvalidArgumentException(__('No valid IP provided.')); + if (!is_array($input)) { + $input = [$input]; } - $user_id = $redis->get('misp:ip_user:' . $ip); - if (empty($user_id)) { - throw new NotFoundException(__('No hits for the provided IP.')); + $users = []; + foreach ($input as $ip) { + if (!filter_var($ip, FILTER_VALIDATE_IP)) { + continue; + } + $user_id = $redis->get('misp:ip_user:' . $ip); + if (empty($user_id)) { + continue; + } + $this->loadModel('User'); + $user = $this->User->find('first', [ + 'recursive' => -1, + 'conditions' => ['User.id' => $user_id], + 'contain' => ['Organisation.name'] + ]); + if (empty($user)) { + throw new NotFoundException(__('User not found (perhaps it has been removed?).')); + } + $users[$ip] = [ + 'id' => $user['User']['id'], + 'email' => $user['User']['email'], + ]; } - $this->loadModel('User'); - $user = $this->User->find('first', [ - 'recursive' => -1, - 'conditions' => ['User.id' => $user_id], - 'contain' => ['Organisation.name'] - ]); - if (empty($user)) { - throw new NotFoundException(__('User not found (perhaps it has been removed?).')); - } - $user = [ - 'id' => $user['User']['id'], - 'email' => $user['User']['email'], - ]; - return $this->RestResponse->viewData($user, $this->response->type()); + return $this->RestResponse->viewData($users, $this->response->type()); } } From 5946ecc52a0ddb4146a17627710ab7387e53dbe6 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:32:44 +0100 Subject: [PATCH 0116/1366] fix: [side panel] relatedFeed panel fixed --- .../SidePanels/Templates/relatedFeeds.ctp | 29 +------------------ 1 file changed, 1 insertion(+), 28 deletions(-) diff --git a/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp b/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp index e0dd7c985..81ab1faa2 100644 --- a/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp +++ b/app/View/Elements/genericElements/SidePanels/Templates/relatedFeeds.ctp @@ -50,35 +50,8 @@ ); } - $total = count($event['RelatedEvent']); - foreach ($event['RelatedEvent'] as $relatedEvent) { - $count++; - if ($count == $display_threshold+1 && $total > $display_threshold) { - $htmlElements[] = sprintf( - '
    %s
    ', - 'no-side-padding correlation-expand-button useCursorPointer linkButton blue', - __('Show (%s more)', $total - ($count-1)), - ); - } - $htmlElements[] = $this->element('/Events/View/related_event', array( - 'related' => $relatedEvent['Event'], - 'color_red' => $relatedEvent['Event']['orgc_id'] == $me['org_id'], - 'hide' => $count > $display_threshold, - 'relatedEventCorrelationCount' => $relatedEventCorrelationCount, - 'from_id' => $event['Event']['id'] - )); - } - if ($total > $display_threshold) { - $htmlElements[] = sprintf( - '', - 'no-side-padding correlation-collapse-button useCursorPointer linkButton blue', - 'display:none', - __('Collapse…') - ); - } - echo sprintf( - '

    %s%s

    %s
    ', + '

    %s %s

    %s
    ', __('Related Feeds'), sprintf( '%s', From b86b8be7f245cb9fc78c4245f18c623c986869dc Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:34:36 +0100 Subject: [PATCH 0117/1366] new: [protected event mode] view elements added --- .../Form/Fields/actionField.ctp | 11 ++++ .../Fields/protectedEventField.ctp | 62 +++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 app/View/Elements/genericElements/Form/Fields/actionField.ctp create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp diff --git a/app/View/Elements/genericElements/Form/Fields/actionField.ctp b/app/View/Elements/genericElements/Form/Fields/actionField.ctp new file mode 100644 index 000000000..fbf35e778 --- /dev/null +++ b/app/View/Elements/genericElements/Form/Fields/actionField.ctp @@ -0,0 +1,11 @@ +%s %s', + empty($fieldData['url']) ? '#' : h($fieldData['url']), + empty($fieldData['class']) ? '' : h($fieldData['class']), + empty($fieldData['style']) ? '' : h($fieldData['style']), + empty($fieldData['title']) ? '' : h($fieldData['title']), + empty($fieldData['onClick']) ? '' : sprintf('onClick="%s"', h($fieldData['onClick'])), + empty($fieldData['icon']) ? '' : sprintf('', h($fieldData['icon'])), + empty($fieldData['text']) ? '#' : h($fieldData['text']) + ); diff --git a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp new file mode 100644 index 000000000..bc95fa5a0 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp @@ -0,0 +1,62 @@ + %s %s %s
    ', + __('Event is in protected mode.'), + !$field['owner'] ? '' : sprintf( + '
    %s', + sprintf( + "openGenericModal('%s/events/unprotect/%s');", + $baseurl, + h($event['id']) + ), + empty($field['text']) ? __('Switch to unprotected mode') : h($field['text']) + ), + !$field['owner'] ? '' : sprintf( + '
    %s', + sprintf( + "openGenericModal('%s/CryptographicKeys/add/%s/%s');", + $baseurl, + h('Event'), + h($event['id']) + ), + empty($field['text']) ? __('Add signing key') : h($field['text']) + ) + ); + foreach ($keys as $key) { + echo sprintf( + '%s (%s) %s
    ', + h($key['type']), + empty($key['fingerprint']) ? '#' . h($key['id']) : h($key['fingerprint']), + sprintf( + "openGenericModal('%s/cryptographicKeys/view/%s');", + $baseurl, + h($key['id']) + ), + __('Inspect key'), + !$field['owner'] ? '' : sprintf( + '', + $baseurl, + h($key['id']), + __('Revoke key') + ) + ); + } + } else { + echo sprintf( + ' %s %s
    ', + __('Event is in unprotected mode.'), + !$field['owner'] ? '' : sprintf( + '
    %s', + sprintf( + "openGenericModal('%s/events/protect/%s');", + $baseurl, + h($event['id']) + ), + empty($field['text']) ? __('Switch to protected mode') : h($field['text']) + ) + ); + } + //echo ; From b80a7af2c3bd05986adc74af4ef935762592edcf Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:35:12 +0100 Subject: [PATCH 0118/1366] new: [cryptographic keys] model and controllers added - sets MISP up for information signing - sign data during synchronisation --- .../CryptographicKeysController.php | 90 +++++++++ app/Model/AppModel.php | 37 +++- app/Model/CryptographicKey.php | 180 ++++++++++++++++++ 3 files changed, 306 insertions(+), 1 deletion(-) create mode 100644 app/Controller/CryptographicKeysController.php create mode 100644 app/Model/CryptographicKey.php diff --git a/app/Controller/CryptographicKeysController.php b/app/Controller/CryptographicKeysController.php new file mode 100644 index 000000000..f8f95b5bb --- /dev/null +++ b/app/Controller/CryptographicKeysController.php @@ -0,0 +1,90 @@ + 60, + 'maxLimit' => 9999 + ); + + public function index($type, $parent_id) + { + if (empty($type) || empty($parent_id)) { + throw new MethodNotAllowedException(__('No type and/or parent_id supplied.')); + } + $params = [ + 'filters' => ['name', 'url', 'uuid'], + 'quickFilters' => ['name'], + 'conditions' => [ + 'CryptographicKey.type' => $type, + 'CryptographicKey.parent_id' => $id + ] + ]; + $this->CRUD->index($params); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + $this->set('menuData', array('menuList' => 'cryptographic_keys', 'menuItem' => 'list_cryptographic_keys')); + } + + public function add($type, $parent_id) + { + if (empty($type) || empty($parent_id)) { + throw new MethodNotAllowedException(__('No type and/or parent_id supplied.')); + } + $params = [ + 'beforeSave' => function ($data) use($type, $parent_id) { + $data['CryptographicKey']['parent_type'] = $type; + $data['CryptographicKey']['parent_id'] = $parent_id; + return $data; + }, + 'redirect' => [ + 'controller' => Inflector::tableize($type), + 'action' => 'view', + $parent_id + ] + ]; + $this->CRUD->add($params); + if ($this->restResponsePayload) { + return $this->restResponsePayload; + } + $instanceKey = FileAccessTool::readFromFile(APP . 'webroot/gpg.asc'); + $this->set('instanceKey', $instanceKey); + $this->set('menuData', array('menuList' => 'cryptographic_keys', 'menuItem' => 'add_cryptographic_key')); + } + + public function delete($id) + { + $this->CRUD->delete($id); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + } + + public function view($id) + { + $key = $this->CryptographicKey->find('first', [ + 'recursive' => -1, + 'fields' => ['id', 'type', 'key_data', 'fingerprint'] + ]); + $this->set('id', $id); + $this->set('title', __('Viewing %s key #%s', h($key['CryptographicKey']['type']), h($key['CryptographicKey']['id']))); + $this->set( + 'html', + sprintf( + '%s', + nl2br(h($key['CryptographicKey']['key_data'])) + ) + ); + $this->layout = 'ajax'; + $this->render('/genericTemplates/display'); + } +} diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index d4cd52e30..99b2f4a07 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -86,7 +86,7 @@ class AppModel extends Model 63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false, 69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false, 75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false, - 81 => false, 82 => false + 81 => false, 82 => false, 83 => false, 84 => false ); public $advanced_updates_description = array( @@ -1642,6 +1642,41 @@ class AppModel extends Model case 82: $sqlArray[] = sprintf("ALTER table organisations MODIFY description text;"); break; + case 83: + $sqlArray[] = "CREATE TABLE IF NOT EXISTS `sharing_group_blueprints` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `uuid` varchar(40) COLLATE utf8_bin NOT NULL , + `name` varchar(191) NOT NULL, + `timestamp` int(11) NOT NULL DEFAULT 0, + `user_id` int(11) NOT NULL, + `org_id` int(11) NOT NULL, + `sharing_group_id` int(11), + `rules` text, + PRIMARY KEY (`id`), + INDEX `uuid` (`uuid`), + INDEX `name` (`name`), + INDEX `org_id` (`org_id`), + INDEX `sharing_group_id` (`sharing_group_id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; + break; + case 84: + $sqlArray[] = sprintf("ALTER table events add `protected` tinyint(1);"); + $sqlArray[] = "CREATE TABLE IF NOT EXISTS `cryptographic_keys` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `uuid` varchar(40) COLLATE utf8_bin NOT NULL, + `type` varchar(40) COLLATE utf8_bin NOT NULL, + `timestamp` int(11) NOT NULL DEFAULT 0, + `parent_id` int(11) NOT NULL, + `parent_type` varchar(40) COLLATE utf8_bin NOT NULL, + `key_data` text, + `revoked` tinyint(1) NOT NULL DEFAULT 0, + `fingerprint` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '', + PRIMARY KEY (`id`), + INDEX `uuid` (`uuid`), + INDEX `type` (`type`), + INDEX `parent_id` (`parent_id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php new file mode 100644 index 000000000..dad0e4273 --- /dev/null +++ b/app/Model/CryptographicKey.php @@ -0,0 +1,180 @@ + [ + 'roleModel' => 'Role', + 'roleKey' => 'role_id', + 'change' => 'full' + ], + 'Containable' + ]; + + public $belongsTo = array( + 'Event' => [ + 'foreignKey' => 'parent_id', + 'conditions' => ['parent_type' => 'Event', 'type' => 'pgp'] + ] + ); + + const ERROR_MALFORMED_SIGNATURE = 'Malformed signature', + ERROR_INVALID_SIGNATURE = 'Invalid signature', + ERROR_WRONG_KEY = 'Wrong key'; + + public $validTypes = [ + 'pgp' + ]; + + public $error = false; + + public $validate = []; + + public function __construct($id = false, $table = null, $ds = null) + { + parent::__construct($id, $table, $ds); + + $this->validate = [ + 'type' => [ + 'rule' => ['inList', $this->validTypes], + 'message' => __('Invalid key type'), + 'required' => 'create' + ], + 'key_data' => [ + 'notBlankKey' => [ + 'rule' => 'notBlank', + 'message' => __('No key data received.'), + 'required' => 'create' + ], + 'validKey' => [ + 'rule' => 'validateKey', + 'message' => __('Invalid key.'), + 'required' => 'create' + ], + 'uniqueKeyForElement' => [ + 'rule' => 'uniqueKeyForElement', + 'message' => __('This key is already assigned to the target.'), + 'required' => 'create' + ] + ] + ]; + } + + public function beforeSave($options = array()) + { + $this->data['CryptographicKey']['timestamp'] = time(); + if (!isset($this->data['CryptographicKey']['id'])) { + $this->data['CryptographicKey']['uuid'] = CakeText::uuid(); + $this->data['CryptographicKey']['fingerprint'] = $this->extractKeyData($this->data['CryptographicKey']['type'], $this->data['CryptographicKey']['key_data']); + } + $existingKeyForObject = $this->find('first', [ + 'recursive' + ]); + return true; + } + + public function signWithInstanceKey($data) + { + $file = new File(APP . '/webroot/gpg.asc'); + $instanceKey = $file->read(); + try { + $this->gpg = GpgTool::initializeGpg(); + $this->gpg->importKey($instanceKey); + } catch (Crypt_GPG_NoDataException $e) { + throw new MethodNotAllowedException("Could not import the instance key.."); + } + $this->gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password')); + $signature = $this->gpg->sign($data, Crypt_GPG::SIGN_MODE_DETACHED); + return $signature; + } + + public function verifySignature($data, $signature, $key) + { + $this->error = false; + $fingerprint = $this->__extractPGPKeyData($key); + $verifiedSignature = $this->gpg->verify($data, $signature); + if (empty($verifiedSignature)) { + $this->error = ERROR_MALFORMED_SIGNATURE; + return false; + } + if (!$verifiedSignature[0]->isValid()) { + $this->error = ERROR_INVALID_SIGNATURE; + return false; + } + if ($verifiedSignature[0]->getKeyFingerprint() === $fingerprint) { + return true; + } else { + $this->error = ERROR_WRONG_KEY; + return false; + } + } + + public function extractKeyData($type, $data) + { + $fingerprint = ''; + if ($type === 'pgp') { + $fingerprint = $this->__extractPGPKeyData($data); + } + return $fingerprint; + + } + + private function __extractPGPKeyData($data) + { + try { + $gpgTool = new GpgTool(GpgTool::initializeGpg()); + } catch (Exception $e) { + $this->logException("GPG couldn't be initialized, GPG encryption and signing will be not available.", $e, LOG_NOTICE); + return ''; + } + try { + return $gpgTool->validateGpgKey($data); + } catch (Exception $e) { + $this->logException("Could not validate PGP key.", $e, LOG_NOTICE); + return ''; + } + } + + public function validateKey($check) + { + if ($this->data['CryptographicKey']['type'] === 'pgp') { + return $this->validateGpgKey($check); + } + return true; + } + + public function validateGpgKey($data) + { + return !empty($this->__extractPGPKeyData($data['key_data'])); + } + + public function uniqueKeyForElement($data) + { + $existingKey = $this->find('first', [ + 'recursive' => -1, + 'conditions' => [ + 'parent_type' => $this->data['CryptographicKey']['parent_type'], + 'parent_id' => $this->data['CryptographicKey']['parent_id'], + 'key_data' => $this->data['CryptographicKey']['key_data'], + 'type' => $this->data['CryptographicKey']['type'] + ], + 'fields' => ['id'] + ]); + return empty($existingKey); + } + + public function validateProtectedEvent($raw_data, $user, $pgp_signature, $event) + { + foreach ($event['Event']['CryptographicKey'] as $supplied_key) { + if ($this->verifySignature($raw_data, $pgp_signature, $supplied_key)) { + return true; + } + } + $this->Log->createLogEntry($user['email'], 'add', 'Event', $server['Server']['id'], $message); + return false; + } +} From 09a9e5589618a0146b8a5033461883b52ba26845 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:35:58 +0100 Subject: [PATCH 0119/1366] new: [protected mode] functionalities added to the events controller - protect/unprotect events - include pgp signature in event on load when applicable --- app/Controller/EventsController.php | 75 +++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index f06cddd43..ec2130fcf 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1608,6 +1608,7 @@ class EventsController extends AppController $this->set('object_count', $objectCount); $this->set('warnings', $this->Event->generateWarnings($event)); $this->set('menuData', array('menuList' => 'event', 'menuItem' => 'viewEvent')); + $this->set('mayModify', $this->__canModifyEvent($event)); $this->__eventViewCommon($user); } @@ -2086,6 +2087,24 @@ class EventsController extends AppController // Distribution, reporter for the events pushed will be the owner of the authentication key $this->request->data['Event']['user_id'] = $this->Auth->user('id'); } + if ( + !empty($this->request->data['Event']['protected']) && + $this->Auth->user('Role')['perm_sync'] && + !$this->Auth->user('Role')['perm_site_admin'] + ) { + $pgp_signature = $this->request->header('x-pgp-signature'); + $raw_data = $this->request->input(); + if ( + !$this->CryptographicKey->validateProtectedEvent( + $raw_data, + $this->Auth->user(), + $pgp_signature, + $this->request->data + ) + ) { + throw new MethodNotAllowedException(__('Protected event failed signature validation.')); + } + } if (!empty($this->data)) { if (!isset($this->request->data['Event']['distribution'])) { $this->request->data['Event']['distribution'] = Configure::read('MISP.default_event_distribution') ?: 0; @@ -6014,4 +6033,60 @@ class EventsController extends AppController } return $this->RestResponse->viewData($tmpFile, $format, false, true); } + + public function protect($id) + { + $this->__toggleProtect($id, true); + } + + public function unprotect($id) + { + $this->__toggleProtect($id, false); + } + + private function __toggleProtect($id, $protect) + { + $id = $this->Toolbox->findIdByUuid($this->Event, $id); + $event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id, ['contain' => ['Orgc']]); + if (!$event) { + throw new NotFoundException(__('Invalid event')); + } + if (!$this->__canModifyEvent($event)) { + throw new NotFoundException(__('Invalid event')); + } + if ($this->request->is('post')) { + $event['Event']['protected'] = $protect; + $event['Event']['timestamp'] = time(); + $event['Event']['published'] = false; + if ($this->Event->save($event)) { + $message = __('Event switched to %s mode.', $protect ? __('protected') : __('unprotected')); + if ($this->_isRest()) { + return $this->RestResponse->saveSuccessResponse('events', $protect ? 'protect' : 'unprotect', $id, false, $message); + } else { + $this->Flash->success($message); + $this->redirect(['controller' => 'events', 'action' => 'view', $id]); + } + } else { + $message = __('Something went wrong - could not switch event to %s mode.', $protect ? __('protected') : __('unprotected')); + if ($this->_isRest()) { + return $this->RestResponse->saveFailResponse('Events', $protect ? 'protect' : 'unprotect', false, $message, $this->response->type()); + } else { + $this->Flash->error($message); + $this->redirect(['controller' => 'events', 'action' => 'view', $id]); + } + } + } else { + $this->set('id', $id); + $this->set('title', $protect ? __('Protect event') : __('Remove event protection')); + $this->set( + 'question', + $protect ? + __('Are you sure you want switch the event to protected mode? The event and its subsequent modifications will be rejected by MISP instances that you synchronise with, unless the hop through which the event is propagated has their signing key in the list of event signing keys.'): + __('Are you sure you want to switch the event to unprotected mode? Unprotected mode is the default behaviour of MISP events, with creation and modification being purely limited by the distribution mechanism and eligible sync users.') + ); + $this->set('actionName', $protect ? __('Switch to protected mode') : __('Remove protected mode')); + $this->layout = 'ajax'; + $this->render('/genericTemplates/confirm'); + } + } } From d165b092f3e4f2540d1c267beb2e726b5b234664 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:37:02 +0100 Subject: [PATCH 0120/1366] new: [event signing] sign events function added --- app/Model/Event.php | 65 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 55 insertions(+), 10 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index e1604bc27..aa8f0d5dd 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -288,7 +288,14 @@ class Event extends AppModel 'EventReport' => array( 'className' => 'EventReport', 'dependent' => true, - ) + ), + 'CryptographicKey' => [ + 'foreignKey' => 'parent_id', + 'conditions' => [ + 'parent_type' => 'Event' + ], + 'dependent' => true + ] ); public function __construct($id = false, $table = null, $ds = null) @@ -960,13 +967,11 @@ class Event extends AppModel if (empty($push['canPush'])) { return 'The remote user is not a sync user - the upload of the event has been blocked.'; } - if (!empty($server['Server']['unpublish_event'])) { $event['Event']['published'] = 0; } - try { - $this->restfulEventToServer($event, $server, $HttpSocket); + $this->restfulEventToServer($event, $server, $HttpSocket, $push); } catch (Exception $e) { $errorMessage = $e->getMessage(); if ($e instanceof HttpException && $e->getCode() == 403) { @@ -1050,7 +1055,7 @@ class Event extends AppModel * @return array * @throws JsonException */ - private function restfulEventToServer(array $event, array $server, HttpSocket $HttpSocket) + private function restfulEventToServer(array $event, array $server, HttpSocket $HttpSocket, array $connectionStatus) { // TODO: Replace by __updateEventForSync method in future $event = $this->__prepareForPushToServer($event, $server); @@ -1070,8 +1075,18 @@ class Event extends AppModel } catch (Exception $e) { $this->logException("Could not check if event {$event['Event']['uuid']} exists on remote server {$server['Server']['id']}", $e, LOG_NOTICE); } - $data = json_encode($event); + if (!empty($event['Event']['protected'])) { + if (empty($connectionStatus['protectedMode'])) { + $message = "Attempted to synchronise a protected event, but the remote is not protected Mode aware. Aborted."; + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new MethodNotAllowedException($message); + } + $request = $this->__signEvent($data, $server, $request, $HttpSocket); + } + throw new Exception(); + if (!empty(Configure::read('Security.sync_audit'))) { $pushLogEntry = sprintf( "==============================================================\n\n[%s] Pushing Event #%d to Server #%d:\n\n%s\n\n", @@ -1082,7 +1097,6 @@ class Event extends AppModel ); file_put_contents(APP . 'files/scripts/tmp/debug_server_' . $server['Server']['id'] . '.log', $pushLogEntry, FILE_APPEND); } - if ($exists) { $url = "$serverUrl/events/edit/{$event['Event']['uuid']}/metadata:1"; } else { @@ -1111,6 +1125,32 @@ class Event extends AppModel return $this->jsonDecode($response->body); } + private function __signEvent($data, $server, $request, $HttpSocket) + { + $signature = $this->CryptographicKey->signWithInstanceKey($data); + $request['header']['x-pgp-signature'] = base64_encode($signature); + $this->Log = ClassRegistry::init('Log'); + if (empty($signature)) { + $message = "Invalid signing key. This should never happen."; + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new Exception($message); + } + $response = $HttpSocket->get($server['Server']['url'] . '/servers/getVersion.json', null, $request); + if (!$response->isOk()) { + $message = "Could not fetch remote version to negotiate protected event synchronisation."; + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new HttpException($response->body, $response->code); + } + $version = json_decode($response->body(), true)['version']; + if (version_compare($version, '2.4.155') < 0) { + $message = __('Remote instance is not protected event aware yet (< 2.4.156), aborting.'); + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new MethodNotAllowedException($message); + } + return $request; + } + private function __rearrangeEventStructureForSync($event) { // rearrange things to be compatible with the Xml::fromArray() @@ -1863,7 +1903,8 @@ class Event extends AppModel 'noShadowAttributes', // do not fetch proposals, 'limit', 'page', - 'order' + 'order', + 'protected' ); if (!isset($options['excludeLocalTags']) && !empty($user['Role']['perm_sync']) && empty($user['Role']['perm_site_admin'])) { $options['excludeLocalTags'] = 1; @@ -1997,6 +2038,9 @@ class Event extends AppModel if ($options['event_uuid']) { $conditions['AND'][] = array('Event.uuid' => $options['event_uuid']); } + if ($options['protected']) { + $conditions['AND'][] = array('Event.protected' => $options['protected']); + } if (!empty($options['includeRelatedTags'])) { $options['includeGranularCorrelations'] = 1; } @@ -2080,7 +2124,7 @@ class Event extends AppModel // $conditions['AND'][] = array('Event.published =' => 1); // do not expose all the data ... - $fields = array('Event.id', 'Event.orgc_id', 'Event.org_id', 'Event.date', 'Event.threat_level_id', 'Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.user_id', 'Event.locked', 'Event.publish_timestamp', 'Event.sharing_group_id', 'Event.disable_correlation', 'Event.extends_uuid'); + $fields = array('Event.id', 'Event.orgc_id', 'Event.org_id', 'Event.date', 'Event.threat_level_id', 'Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.user_id', 'Event.locked', 'Event.publish_timestamp', 'Event.sharing_group_id', 'Event.disable_correlation', 'Event.extends_uuid', 'Event.protected'); $fieldsAtt = array('Attribute.id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.event_id', 'Attribute.distribution', 'Attribute.timestamp', 'Attribute.comment', 'Attribute.sharing_group_id', 'Attribute.deleted', 'Attribute.disable_correlation', 'Attribute.object_id', 'Attribute.object_relation', 'Attribute.first_seen', 'Attribute.last_seen'); $fieldsShadowAtt = array('ShadowAttribute.id', 'ShadowAttribute.type', 'ShadowAttribute.category', 'ShadowAttribute.value', 'ShadowAttribute.to_ids', 'ShadowAttribute.uuid', 'ShadowAttribute.event_uuid', 'ShadowAttribute.event_id', 'ShadowAttribute.old_id', 'ShadowAttribute.comment', 'ShadowAttribute.org_id', 'ShadowAttribute.proposal_to_delete', 'ShadowAttribute.timestamp', 'ShadowAttribute.first_seen', 'ShadowAttribute.last_seen'); $fieldsOrg = array('id', 'name', 'uuid', 'local'); @@ -2113,7 +2157,8 @@ class Event extends AppModel 'EventReport' => array( 'conditions' => $conditionsEventReport, 'order' => false - ) + ), + 'CryptographicKey' ) ); if (!empty($options['excludeLocalTags'])) { From 37fb2943bf09719b8801e3ca617180af378675ed Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:37:30 +0100 Subject: [PATCH 0121/1366] chg: [check remote MISP version] added flag for protectedMode awareness --- app/Model/Server.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/Model/Server.php b/app/Model/Server.php index fb0009e1e..2840cc074 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -2580,6 +2580,13 @@ class Server extends AppModel return $message; } $localVersion = $this->checkMISPVersion(); + $localVersionString = sprintf( + '%s.%s.%s', + $localVersion['major'], + $localVersion['minor'], + $localVersion['hotfix'] + ); + $protectedMode = version_compare($localVersionString, '2.4.156') >= 0; $response = false; $success = false; $issueLevel = "warning"; @@ -2623,6 +2630,7 @@ class Server extends AppModel 'canEditGalaxyCluster' => $canEditGalaxyCluster, 'supportEditOfGalaxyCluster' => $supportEditOfGalaxyCluster, 'version' => $remoteVersion, + 'protectedMode' => $protectedMode, ]; } From a15dff4da50770c0093f51bf1fd79d1706fc121c Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:37:57 +0100 Subject: [PATCH 0122/1366] chg: [logo] update --- app/View/Users/login.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Users/login.ctp b/app/View/Users/login.ctp index 70daf488d..3ba71a716 100644 --- a/app/View/Users/login.ctp +++ b/app/View/Users/login.ctp @@ -19,7 +19,7 @@ - + Date: Sun, 13 Mar 2022 12:38:17 +0100 Subject: [PATCH 0123/1366] chg: [event view] missing changes added - fixed event view main header - added padlock sign for locked events --- app/View/Events/view.ctp | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 661a89170..6805fc9c0 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -10,12 +10,21 @@ echo $this->element( 'genericElements/SingleViews/single_view', [ - 'title' => 'Cerebrate view', + 'title' => ($extended ? '[' . __('Extended view') . '] ' : '') . h(nl2br($event['Event']['info'])), 'data' => $event, 'fields' => [ [ 'key' => __('Event ID'), - 'path' => 'Event.id' + 'path' => 'Event.id', + 'action_buttons' => [ + [ + 'url' => '#', + 'icon' => 'lock', + 'style' => 'color:red; font-size:15px;padding-left:2px', + 'title' => __('This is a protected event'), + 'requirement' => !empty($event['Event']['protected']) + ] + ] ], [ 'key' => 'UUID', @@ -90,6 +99,17 @@ 'path' => 'User.email', 'requirement' => isset($event['User']['email']) ], + [ + 'key' => __('Protected Event'), + 'path' => 'CryptographicKey', + 'event_path' => 'Event', + 'owner' => ( + (int)$me['org_id'] === (int)$event['Event']['orgc_id'] && + (int)$me['org_id'] === (int)Configure::read('MISP.host_org_id') && + !$event['Event']['locked'] + ), + 'type' => 'protectedEvent' + ], [ 'key' => __('Tags'), 'type' => 'custom', @@ -136,12 +156,12 @@ ], [ 'key' => __('Warnings'), - 'key_class' => !empty($warnings) ? 'background-red bold' : '', - 'class' => !empty($warnings) ? 'background-red bold' : '', + 'key_class' => !empty($event['warnings']) ? 'background-red bold' : '', + 'class' => !empty($event['warnings']) ? 'background-red bold' : '', 'green', 'type' => 'warnings', - 'warnings' => $warnings, - 'requirement' => !empty($warnings) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin'])) + 'warnings' => $event['warnings'], + 'requirement' => !empty($event['warnings']) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin'])) ], [ 'key' => __('Info'), From b1b32fe1f9b2a24b2cff608f6796dad1304a6755 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:39:05 +0100 Subject: [PATCH 0124/1366] new: [cryptographic keys] views added --- app/View/CryptographicKeys/add.ctp | 48 +++++++++++++++++++++++++++++ app/View/CryptographicKeys/view.ctp | 18 +++++++++++ 2 files changed, 66 insertions(+) create mode 100644 app/View/CryptographicKeys/add.ctp create mode 100644 app/View/CryptographicKeys/view.ctp diff --git a/app/View/CryptographicKeys/add.ctp b/app/View/CryptographicKeys/add.ctp new file mode 100644 index 000000000..ffa4f2ec4 --- /dev/null +++ b/app/View/CryptographicKeys/add.ctp @@ -0,0 +1,48 @@ +'; + echo $this->element('genericElements/Form/genericForm', [ + 'data' => [ + 'description' => __('Add a signing key to be used to validate the origin of event updates. By putting an event into protected mode, the event cannot reliably be propagated to / updated at instances beyond the reach of those that can sign with the listed keys below.'), + 'model' => 'CryptographicKey', + 'title' => __('Add Cryptographic key'), + 'fields' => [ + [ + 'field' => 'type', + 'class' => 'span6', + 'type' => 'dropdown', + 'options' => [ + 'pgp' => 'PGP' + ] + ], + [ + 'field' => 'instance_key', + 'type' => 'action', + 'class' => 'btn btn-inverse', + 'icon' => 'key', + 'text' => __('Use the instance\'s signing key'), + 'onClick' => 'insertInstanceKey();' + ], + [ + 'field' => 'key_data', + 'label' => __('Key contents'), + 'type' => 'textarea', + 'class' => 'input span6' + ], + ], + 'submit' => [ + 'action' => $this->request->params['action'], + 'ajaxSubmit' => 'submitGenericFormInPlace();' + ] + ] + ]); + + if (!$ajax) { + echo $this->element('/genericElements/SideMenu/side_menu', $menuData); + } +?> + diff --git a/app/View/CryptographicKeys/view.ctp b/app/View/CryptographicKeys/view.ctp new file mode 100644 index 000000000..5d80dbbbb --- /dev/null +++ b/app/View/CryptographicKeys/view.ctp @@ -0,0 +1,18 @@ +element( + 'genericElements/SingleViews/single_view', + [ + 'title' => 'Cryptographic key view', + 'data' => $data, + 'fields' => [ + [ + 'key' => __('type'), + 'path' => 'CryptographicKey.type' + ], + [ + 'key' => __('key_data'), + 'path' => 'CryptographicKey.key_data' + ] + ] + ] +); From 4c9a6b21e83fe0d30fd46f6272ec17ee0b035c2d Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:39:29 +0100 Subject: [PATCH 0125/1366] chg: [logo] new logo added --- app/webroot/img/misp-logo-s-u.png | Bin 0 -> 12230 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 app/webroot/img/misp-logo-s-u.png diff --git a/app/webroot/img/misp-logo-s-u.png b/app/webroot/img/misp-logo-s-u.png new file mode 100644 index 0000000000000000000000000000000000000000..fa8583a1496420d9413ec6307391d825e1008997 GIT binary patch literal 12230 zcmcJVWmHsc`0htB5D8xx0cnwL>CU0M8>EpC>7k_^5Rh(AknV1f9BGk~F6r)u^UQyp zwa&Nm=^T~|Tr+!S@BKV?T-Wd32o)u1EDRzH2n2#9D+5!5Kpvp}---SN{Pxs0egOVF zau%1>KnFkG=;ogx5DJJaOiTlwwmatz*B_tbJ#encv*;zNU2Qp+BZ;zO|3yLNUycFA zV9vIvb&#JScUZD;#j*BJ_>=H3xb}q`MUZH29o~LRsCn;ng1M~rpYi>uMJ>7*F7F)1 zsr6$)LBWQVv@)(%{_`~FVM$0egUTiDdxOifTcXW$KT7_DaRpP)ecF)cnJu>Iqs$yGRT}R%-FF zpZV#>kmBG=vv5Bo2>FjxnYSHZvRF)psy*S2yR~}jsa2MQ|6Ta_MGICq-kd!Q`5z0L zYFAR6gW%~OCcR_ktd&nJNI`eMU<=Rk@D1LM2Q*=XG4S0^Wd_1)GHQP8Upz+wp&m-% z@BKG;51!yjetEIiyeeSRYwt(Fk4*=;|68-ws$I^(@ubV)uX_vkZbsXGq)(xQCX`wF zB>Oh6`LP8{8VBm8zv?<34s}Yq!jKOhhq|1okXUjNBO=jQsj|>MB_x*L_B0_PA7GHR zofU$YA1Ieg{Q%FO*YcV!C$zttKY)iUby;hQMgZ8n3DdDb{$&59##Y`MvDs0 zE``digonqr5HQ915Ilf(-K?xWM?+0Jj{Avt{;&gB zrxKVoOd+g4f40j<)$EWreO<->#D!Cn`KHB(>uFSBKJr7tl^iYvve=QPwEC1)u=~UP z;Y9pId|%^*`$5l#m@+DmD*1Zc&*uLs%6+ea&EZX6rC^FD+xFjjDEs{G?Yna*3Y1|} zE!KQcy8d~J$+9Q;x=%~(rNc(zVq~J*|#+ z9`6rcE3aweEu*qw!F6MYyt5CCSU9G`FGN~%YC(bKs_&}A zZ--S#HFz58P#~j|4d$0C=Fj3Mr19iN(fC;Y{#cI49{(mOV_vy{_8)HV$Orb~>ed2~2TuA%v2^#>5qj=HkzT#L$m%3#J9Z#m>A8U4S=$!qB-X8*f<;2$7eYF-J-qXVem=t)eb zXclP7pS~x2&Fmp7d6)J1wal}J3uSatGjs|3gHK3D9D~qq7Q1m1`-7oqK^kIKxTF{- znm^RoyGt_@pE@xG)5>AG3&H~jrwBt-tX+zq*Wi*O^+Mvl{`whg(w>HAv(6cvmar-CtC|+n9Eye46-GhD{%YHiUtE}cDErev2Pm7N?#ZYx zqd~-r{eo`E#XK5WOl|91^q3M`U>JmrSIRc`=@;dDBcMWMX@>9l$|WC2lKvp1V3RE- zK}DM&>I3;mh5(gKOo$yLL!gFKZev=-3@nl+QP159fsIB0suktVY@sJ4MVvoTk5$2i za7+$za~{}{IyOP}SGpoB=;*N}IbD%1$^Hi{ccI^X?ZOyz%eZ?&PPA$PUjr0ze@{PR z71Daf9@~%hlkj&%-03VlZ`EERNg_b&KXB{Ryun;EH>91j>G}asw66DWOX+0GapJ~{ z|9R7${S*$B&e*1*4LlH4b^2YDN z9|n9}uAC{Bc`Lf1pYy6cqyOt#e9&vE*`N529|b?l%l8dEEa{2$CnF!cg{l%0J}P;F zo~+Q`nEoK*9n3lF6F3W0iY0Hh3##S7J}vlMg;(s;SmKh`e7=}LINH(ee?NUg{An)8Qc zJ%LJ|Cf-$TszS#FNU%9Z4ofx7X%cDqZho#*-k+aH$j@ZeWKuE&20WC`QCopgI!4Ga zl@f$^xr#^Uhe&02KlN;V-bum@9p5}{G#bD0u97RUQ7zIK#1EH5Sf!y3>R+;4*3G3& z>|d>(*_DDyVz~*}h^mf#n%;d9I`;v?s)e!p>l##7>C4%J7u^U-X6D-$M#0QXgdwM% zw_$lzSCk1d+;2B9Uz1sUr?XL^TT{9eVBzB0g#=Lii=U{o)=g6{(qLv}2DS6Wqt`h< ze(bT*F*UQ&(|gbcz#aNZgL=(V)W8Kfhc&3NJGwJp9gj4e_FwJH{!e@Eq$#@$ zkNvsq;3ey!9^`R&S?kq1T5-yyN~e0QqTQ>5z;lKhQuqFnI^AA#cAuQnK?UWu`)&eS z?YKC44F+0~w#AHqfB*;Qj+^bBA(Oh)9whSaEidmyfKuKrb`B;bUN8^CxcBkJ#f1nB zZO^?$jh-e9iMRXFurzbfGA}_}L)h(m%kEQn!gC0u#?_T|F`mja8WvM;F}gNb24fdv z`mR!t)_fDtbbR!DFC#P4frN+zZsO#$%#7LjTLu|G5G`ZCh>Ni0(QvpZQDC{QE~+|y zR-^Yg({UMXPjO;7YdLgf<+2-|ker_GTm-)O@i4pD<75R(4eiMr%i(#SJcJBxMwhAM z?HaSbu?T$QW0Vf%6wF1CG5D)YTwL7P?e&@QxQ2Gyp|T6Vp{R?(2>Ln9AG|f)ctvo? z5C!6(vAHjt8p;swyqeLH7Zw&y{zP@+kc0r)KhxxXKQ%qwxL%;akhlTY!Vr6* zW@L0{7+S{1o)#bP1Hu%RT0W5dRfa0{u#v2!Q16^Gu>Hk~sus9&y5e*JcTzk=R}F9# zm{e`w4rZR>7>?4$=k8GR6AJ#`JP8`quWdEbFgP;IGDFaqq<*aN^*LpI&&lscZ9zqa zKDoL|FdL|?P!Ry59H}*~SZUE|m^H1MDiCnnyZTB@kSO881TQF^KiEDx3cIJ~kF@@; z7S{fb4W_w0A%wSei5~FPW_!yR6ZzY?nvsFQmyS=j5%`gSk@2a+AV(9EIAA|CRCP~b zva#l{`Y%{NU!;wG*?h9fK#XgDg0o0nCyR?tJ#3Iu@?Jmmx(P{Lxok#=Qe zCHsu*i_A0ItokvAzZb}N`i~jyBf2VGw(}me+#zYHs5DjypuPf0&IcO{pCuJ&80i@W*0sR7q|D4Z4K1tQrvU3DONBeR zx=t`F??M6#lSwEpF7^!THGkqF(hBxDET32ldqnzoe}xCk|U{riWXEBVl(V=^)vnMd9}>U+nASzF6p zmdvVbU|_(K$x8QzA3Fvy+t(>YV38s;;4PLXkPl8lj;u5(K^z7Z0y) zSu+Ea9sZV9?UEFSk*#V&D0{GE-YDJ%X2{oGb2+e-T(P}!7&&$z;H#{Z=Kg);#Xk(= z!8bQIHz3$*VX0urI#(K-7;iafzuu2GBXpZ03Sh#Q*Hcx!gj1~`Xh^VW@uHeE9@M)y z&mSsB+H)r>sP|9y4#t6q>%#5Lt*$^H`aKVNQPFPKn+X+6?34TUs^d8E94B5o zCH~Y-+4YaSn^d@n5cihNSIN@+{4Axt4KM#wgbEsYn>af5o_l&W`mHsTc}fgApvpqb zAq)>coVmNG7=bwCxut#vx@htjJepWXQ#-qpnuN97>py?~;H<8$F2u*BHKSeB-^BJ> zifr!hd*PSqNQ}(SpZVmCZXSCSX)tiHfFiTk0TNkW=)?{21MinX={jT}RWLrgX{NApT?ez?A*TO(401{LprO-XQL18v~vz`#i;HFb{2 z=kV};YRX7!({7K=hMRx@uj8ZR{RwMMf`64$$`dSuFVOSbM>=NIhq3%XaG5Zyrt$}H}&F<~ptSG02deSQiWm?K^0 z?25~VGyxP;-&J&&p%_K|eT-z1s$*ujMs&wRf?83Dah8})|^J3o;_Tfo3ADz zAKzcqfb=iZU>Ih28CC^)lPMc>q|Wzo8-B14AxLv>(7NGWP+N3Ey-1K2=*7Z?G_J{t zx$i;Df5hCr6we;HEGT&YR84&p8v^;%xx`kqww@X%*R30Dx_5GO;~i)fYRQzvK`7pA z*{sJD?hKE^vz^!>iW_;-$>!o@y1bw}HC6ZGC0ek!2`x44zJi?6Jcvn9B0TL}PR2(@ zqP4$Btq`g@mc;2$l_HCZySpX%j4Zlik{Zh1F%uGQ+zXAotv9RUdk?}b%E)=wHCuac z%1e$i+Kz@lSB0r2>EK<3&V+gRLz*zUEUhBFY**@yuC5>UUT1qEUfq%D`=RX0fpi`o zm+njBa#d4yL_j>i<6hbVgTT%_ICw6Qu0%ZIcoCD5;&$2|80yv6&*=Lwt2h%$3R)FD zKE9BOzW%wOk;RaLvfn4L@=wlGVXtcR#;0e;;KMzNsrOPYOsy1DxH(ysTlW_a#ilNu ztsKHb))UnV#(1$qQ&HQ58`N=ndHMK!Q7DcN}GPQX4JAxc3PwKjocL_nf6g0DiMgrx~Q4JY7<{5nLT2F?k+T9 z`mJq$N;%4}nVE<@f13p;C6($rU#*9d_Kic4;Ua)gQ7$FW<>ux_Dk&clg^;A;TM;h6EFLZU*#^L4V<-1fqqXNDt2vQ=bR*dGG%!%|%*bX4Zok_^9_ zohlpdU8T(~7^b1+*~fm-Es@*Ko~#hNK9t_@7&hf22K(tVW@c`FQI?#n%fqaQW<(G2 ziieQfXTJgiz z*Jw&q0~7w1C}Jg(?B4v^#t$m?t%F@~`tRS5lkF0rUi455+Z+olZ0sAcoD_$iH>Km& zBX$|2BqVU(j~^F3AS}#0Nl9__%&IZfnlVZB@xA6WQtV`8QQ9xI5gpc?kv^U`E4!9e z9w8e#S&}-q!M)~b8yocp)~>FD4q94~?~j&)&$wEQfQ-s51M42{?|--O^vF&*P)y_< z+s4z7Cr^!mZz79IWR0f!pa^m;Ixem`Rw?g!$1B$GL8WI_mrLCI{6}(LUNh(RT16?~ zG_rqb46shlMN*TaT?1993ZK<{L6y;LlL_+Ztu3BAJ^_LC36!*GY~;_}*xtR=WLvp> z5@_-ZbY3hRoR%O8bb2wm;shFbcUt)z?J(G~UbEJnQHN!f`XLjm8s?K*QFXHwA-SAo zrjZI*cKO`)l2b!@$jcMvFA))~42k_pi=^62^vsO+j%SHcgjBJ;UkVFdhYeg87lTz| z%lcP4#uzl^wYAq{Grhg-Mnx8Gq{Xd}-N*y)4|K8r{l#0#3I@&7?)`_x{lN1D#!%Ug zx^ktZiEUROp*cel=CXWmrle!g1ibZa`#YDy81aAPSsAEn*6h&_?|KWjxh%965#`a) zE)aoDGNC5_0P2IGVY)I%>C67qW~~9sDw_j3+BA@Z#N_0DW-cI#h$7Y~M-ICJ$``gr zfUr{VlG)~ zZ~xv-fJ90eKX(;R0A@i)_2-8ydwlv3lYFJ3T`k+OU80&s!)(>M?USq4@%n$pyum`M z?+8PQO_ z+)P2#vXyCMOj_5F`g^~Up~7Y6Vckz{G{^Wn0VIx*FeM(+axTI#)LXZ#xqc6RJNIFf?F{ zwA&m}(~oqMH|s%Yr)--ka_Ib* zIeYqsj#eQ!q}AF8N~rfrTx%&KCB@sy#^xv=h}8(J^}Q}<%XdtGH55)kuia^tl$Bcq zxVSvP#eF+?ZP##zl6ZPEdgK!}HR-T!QO=c)j*W^ak;3h*EpK+M*qlMjQBI!Qx?uDY zr66jI@a`-^l8t*b)l=!`1R;F<0xWm`Vxyw$G5+oSwl=NMfr2^*zt;01Ti1I?4uMi@ z6ke|32*b-v;qVRWEVE}pQ+6rf6K1Kd{DwFq6{1T|@g$*+yd-P?BgOoj?D|hm#+pVv z`Lcin={9{1Ac8kU1**mnzaA&I%7+~qn_;YSu{%54>=5GBo-F#eSj!bvoTR0t@31E} z(h_ShKx4OLPtHZv`#)2Thlj;GJE_l~hwrT)KemXD?EFy2iYg=%;4NC)%hLH8Ofa%p zbm3=4iT@}}oHnKx=zZNWU4yt4=CQzeKufLO*Bh|deNggs0up3jT|IW6KYi%4NDodJ z86b&-C0a8%<2FqRQeSvUltOfvrsx1XKy=4M7_jh!i+?W!4)URzL3{Oe0vjlgy`-nVb>hT{|P&~Xv4?9t7K{OQr6d84g2B8K1(9&kXW z(j%;scICt%2mjh>)wI7O44W8IM-QO*KmQ(ns(;!?3CzcwbN0B6X36Q(yW+>dA$NWo z4bGT(GxCb;J#Z;NLFMnwsEmCORZWe|PZD3M;>ql`%u}I{KC&z<1w` z-li2i&lGaL%9V-06m8EQu@)p_ZT;N2^rMO|&4oXmMO0P8p~^_FdD5I)anrSt%x_!G z+|t}=-@YPa(#R*cb~;4(d}q!tq<_`2$zdDSKu{Zu2&0Dz<8}93DYBy4#hMYv{#%gLuBEi9uI4b#L7Jh<2muv%G1P-aF zT3J@cCm>jbBhe(u(muY-=C+?dN?GsIDJfybVLn+&r3(@t2{CLc6BNrHf%}svgPVUS zCY~euRfSKG^8{A`T7=f@1wBH@<@DH3HSP|I#y+a{Y{!56Pkp@cbogV#ER(}Epb*2$ zS-K%6N$CJbIn~b&sN_bLxhX1QovY9rw-|(X2mkP)2|ELY>bDm#W%lGek*Vs&ZJU)= z9|r~peMaWSFMpJ=D;B-;`Bg)u8dE>+oT^u116FnnYhH>@hbe)Ri~07QrR78fF2YbGO*22Rrz80V|}s)L%e{H z(CG(T`QyO(K3qUN{=~)kfb~h}Hm6p7&zUh7$->0K(zhPpcdV|iE`920xZvdX90AKZ zybMrl{bbw|MG)81-M#u}gHt#{Dm+j1z2LyA6EBHd)rd98qzxwlEltn;=Jr~_z(6sv zhoDh=;;PZvyll=NAs3>E{f3sjyz9L7(yxj%v9IJ^8*CkHuUpGZ27nEi`n~w`IZDBn z>oC2~mzV=L$SfjqzxTs@ljTX^Ydyf*!2Zu~78JN!R8Fn*r}wWMVqAEO(F2>m(v2iw z2fQyHT+oR1A)qNF*r8LVx@n^})#<1<<9q3G+EDuhXrkW!mYb z1L3o}wl)`?kl~xuZJPIYH(xAo^b|NR4r5_P+<;8zY2hlhULJUsK;+s|}mWqSden!c@QLo>ScfIx5@QO^Rj2?%ExrvY>HtvTzc zqM)ERdr&drT(3kc{`xKIDsppkNKZ6FG*T+185E~h8d}=g_UqbdFi?#hE-R%#qmKLQ z^1Com<+t*URuo^Fy?s5HxcBwt#-;*P@lkb-r}pzWo8r7&po=ueom=DgC5;YdGR;G+zd z?8bo;leI9ZvL%~3oc>xp8iqGtbVQ_b-$!(tQa9~`(#lX(<@`Z$_!qAe$~k!X8qHSd z6#v_uac_PDMcB;N9bevn9EkJjrp~!{UOOou29UDFiUiQGSDNX`AT`|1#^0 zC{+g&N@fB)DPP8mFYQdXT-RHnh6JCyUH|B!RN<{Qsr6w76^n=f2jh0G&ovGwNAf_| zJ5xO+V9{%u%4V+{torF<1}sP8>Y8Nx85zhE<kC*?cY@a>B^aO3yX#LjD@!bsBj^m^`?LEF%$m6@Y@IsiXj>gS93S(@bS`uSYJTs%nRwosZ&3S?*o5;%_nzJ{A0Ai2+Hks#x0?H3%!oS$UyU^mVEnB2Zz zb((qx*g$oe2M)N#Y5*bqZsQ49l=4Pv7cCSA0FTZ}Z*uc<>crxq=XRLC(lb##3hG<@hA9ytwNfws)?JS!(Igc zzT4XlZubf$8nW-F-uO4yz5%#W2fA-!VGzjF$ zldH_weoGNa87dnSlaX6g+zUqa_71h!yIHPfi}vZKID9fmGDLwGt-M{D*XYT^1aS@J z_jfiEV`I1T9J1f&3Pt?(b|w=``5r(h7zM5q6p4B62XD1CneZpq|NWca+ZF5AE6FuO z5e@_b;pd@`8G>ASX*XYadK&a-iT`}}F`xl%2F(Ze30LOef-+JwGCTp!+S=y1n>yC^ z@%G+{0E^71s0SRQ+{(RXqk*5_f&-9nEu~YSq~KLnRyp+c4YfXo05Qe&%c61xRn$<9 zopejR6X@;SqM~Ej60OnR@Re0f4K1OiDLtSkp3&16T(=A^8*-*vA$yQUKAsFGUOdPTs;*HG8wK!71h3QauWqbd65a?K`SZuS?fO{Qys9dbgx`Dj(>fbzXlE~au0d=sr^nS8 zfix%4>ErWVKtcg5G)0)l*5&HT%a7jf$v%WYdXPOv$}iB1Q25_%;eVj~FzhvOmcPua zGMNZcfl9Kov%Z+{FTyc$Sy1|}#)oSDp!Ysr{FDFZPb-)xh{OoZi`3}N@dLHi=j8g> z3~qgpQ#??dN`**_@`Y!OST}ze7$9b6=Ww7i&i5{EC^(#N;JaLJA6o|$gPi<2-?tz> zM}uz2x@Nlcf3jY1V&-}u$WVv2+kF>M%`Xc(fnFpU%4~Xr8c%^%>ApZ4EyMjZg$@FF zXX$x$d%QmE(|Oz)kuwZ6QcAyD{xxuNaxH(KFgWDvG;vAS5WD*5-QTkO+Pwy;Sl$CXPdD+R`xMBU@R8?LZ_gmpR z%Wv^m*jTL_9`w0@&7p|H&^zx{8g}FTHm{g(Y6Xs9b`afbE<>o0+vOvS7MA5X3|pGo ztS2cNFXZ<+I~kmpa%*<24v{NRNpn=jg&15JFvRyc)6>&m&(?W)DK1|gcF*^naP#wV zab1=gmF-7GMX?^u5@;e!Jw3OC9NM06rz);A3?2tok)$h4z5$fhaF4K6RAsLr0t{wK zh2ej<(LQ){jR4({y#5(8yjyN)sJDfghi8B2o$wd%OwgrCBqwI)PC6+8IWaNmrI)AF zn(OA~<|KM>mdy*%W6#czX{%NCsXYJE+1>5S94&CVOW$kHdq9E&-f$dW0cRtCw)6E4 zhbV&Vz*Y!oep9MFm$TE9zjhP-ZFnbTtu#QJuar2LCTqpY185X^1vBAJ&TY2GIVJK! zv^4svz1=908Hw(^zd%LB0OTQUbSa>=NC-z-C zgg@|m@6&qkf2%^FUuW;vuO0KT!5|43C7mt8wU4~7=B4T$u5Lg7!ed;97+tzQeCF0P zw_z{fk-TJu5x;d>MWl)7AV_?Ev6F@ogx7g<_EX;gc{_y3g4e~S@unah3`*$MCh~{x| zgEZ%BjjbK-zZ%r&BXWFo%G_~hHa}c}@d=2i8oP5>P{=A%;;;U zB8?iFC0Hw+5D3|sH86Sn1!xDDMPq^D2 zLExK*FOQG=LPCz$TbFiI(m()#5ss@U>E*k(9XW0dW;4)r;vt_mYNyP=L^d`xWt`PUfr%9r0->K6(>0rR<2+n2 zRHUoyJ~^8G=8fO6dzu3GHDYr3d;e+xqNDTT;xE9i*ZIOpQ(svUpQ9er$Vj(@KqgUR z7WJlxAhVJFj zSNc?nl_x$}UE6(9-OMbzjKzImXJ?>dG_SSZt)}Fxg#@@TTWel-X=mqAcM`XzUgtJ| zGk11&;5Wy^%0|2P!vERSu?D$pnt+=#OeeixZ!pXo^+@mDp#E4id3-ugTamAEJUAbD zo?BLTJ~@wH`t08M@5uy@qa*Asi~=-hr_Y}{Y(e*wZ}jj+f*zVURCn4a0%HJsM^&KX#F$rihZPl*dAT$T;8|cW^%d#2Z1cp4od4El z$Nc;_%VR>nc%DDD<<-W%*U(G{R|Zm-Il;r>G-+^NJ2yB;V%}e+`8IIwb=A zmX9x~#iQ#JK;$S$t)Rl@IOmyxqoZR(Vz*@t9l{elwt&3ETec6xr#Bqb%yn>f-_^mkz>g?v9%%3$t$u$CVHz{4jP zWakb~Cqk~Q=H=#+9=N$5pyD*y?u-{a8&w@rK9$A^{4M^k3eT3({ek3Bo`;Zi)T7tk zfB$Y2l`s$DWYHCZM~N!i@F>v3?1A#NV<$qY3N!+S_jo?z1`s3=Fm6Dqw2h37eLO$- g{ab#obNQaUU50VDIB*ld1_(q}QVCWn{x0Bu0oZ39H2?qr literal 0 HcmV?d00001 From 816c1212f81bc84c6661d094bfe295e6a700d208 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 12:40:48 +0100 Subject: [PATCH 0126/1366] new: [generic template] for simple displaying of information added --- app/View/genericTemplates/display.ctp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 app/View/genericTemplates/display.ctp diff --git a/app/View/genericTemplates/display.ctp b/app/View/genericTemplates/display.ctp new file mode 100644 index 000000000..1d542d493 --- /dev/null +++ b/app/View/genericTemplates/display.ctp @@ -0,0 +1,14 @@ + From cd3efdf225a5b7f254393810a3e16e6bfd572ff6 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 15:12:05 +0100 Subject: [PATCH 0127/1366] chg: [JSONconvertertool] include cryptographic key --- app/Lib/Tools/JSONConverterTool.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/app/Lib/Tools/JSONConverterTool.php b/app/Lib/Tools/JSONConverterTool.php index 6c7e222cf..15b614991 100644 --- a/app/Lib/Tools/JSONConverterTool.php +++ b/app/Lib/Tools/JSONConverterTool.php @@ -21,7 +21,7 @@ class JSONConverterTool public static function convertObject($object, $isSiteAdmin = false, $raw = false) { - $toRearrange = array('SharingGroup', 'Attribute', 'ShadowAttribute', 'Event'); + $toRearrange = array('SharingGroup', 'Attribute', 'ShadowAttribute', 'Event', 'CryptographicKey'); foreach ($toRearrange as $element) { if (isset($object[$element])) { $object['Object'][$element] = $object[$element]; @@ -40,7 +40,7 @@ class JSONConverterTool public static function convert($event, $isSiteAdmin=false, $raw = false) { - $toRearrange = array('Org', 'Orgc', 'SharingGroup', 'Attribute', 'ShadowAttribute', 'RelatedAttribute', 'RelatedEvent', 'Galaxy', 'Object', 'EventReport'); + $toRearrange = array('Org', 'Orgc', 'SharingGroup', 'Attribute', 'ShadowAttribute', 'RelatedAttribute', 'RelatedEvent', 'Galaxy', 'Object', 'EventReport', 'CryptographicKey'); foreach ($toRearrange as $object) { if (isset($event[$object])) { $event['Event'][$object] = $event[$object]; @@ -112,7 +112,6 @@ class JSONConverterTool yield json_encode($event, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); return; } - yield '{"Event":{'; $firstKey = key($event['Event']); foreach ($event['Event'] as $key => $value) { From 951e95ed5d15f1139a3b8adf4358b23864665b27 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 15:12:30 +0100 Subject: [PATCH 0128/1366] new: [cryptographic key] capture mechanism added - capture new keys - remove keys no longer in the data set - revoke keys if needed --- app/Model/CryptographicKey.php | 51 ++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index dad0e4273..4119f465e 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -177,4 +177,55 @@ class CryptographicKey extends AppModel $this->Log->createLogEntry($user['email'], 'add', 'Event', $server['Server']['id'], $message); return false; } + + public function captureCryptographicKeyUpdate($cryptographicKeys, $parent_id, $type) + { + $existingKeys = $this->find('first', [ + 'recursive' => -1, + 'fields' => 1, + 'conditions' => [ + 'parent_type' => $cryptographicKey['type'], + 'parent_id' => $cryptographicKey['parent_id'] + ], + 'fields' => [ + 'id', + 'type', + 'parent_type', + 'parent_id', + 'revoked', + 'fingerprint' + ] + ]); + $toAdd = []; + $toRemove = []; + foreach ($existingKeys as $k => $existingKey) { + foreach ($cryptographicKeys as $k2 => $cryptographicKey) { + if ($existingKey['CryptographicKey']['fingerprint'] === $cryptographicKey['fingerprint']) { + $found = true; + if ($cryptographicKey['revoked'] && !$existingKey['CryptographicKey']['revoked']) { + $existingKey['CryptographicKey']['revoked'] = 1; + $this->save($existingKey['CryptographicKey']); + } + unset($cryptographicKeys[$k2]); + continue 2; + } + } + $toRemove[] = $existingKey['CryptographicKey']['id']; + } + foreach ($cryptographicKeys as $cryptographicKey) { + $this->create(); + $this->save( + [ + 'uuid' => $cryptoGraphicKey['uuid'], + 'key_data' => $cryptoGraphicKey['key_data'], + 'fingerprint' => $cryptoGraphicKey['fingerprint'], + 'revoked' => $cryptoGraphicKey['revoked'], + 'parent_type' => $cryptoGraphicKey['parent_type'], + 'parent_id' => $cryptoGraphicKey['parent_id'], + 'type' => $cryptoGraphicKey['type'] + ] + ); + } + $this->deleteaAll(['CryptoGraphicKey.id' => $toRemove]); + } } From 4c381157a698e81def1686a082e24de7b139d976 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 15:13:32 +0100 Subject: [PATCH 0129/1366] chg: [cryptographickey] execute key update on add() --- app/Model/Event.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index aa8f0d5dd..c09e4a319 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3478,9 +3478,10 @@ class Event extends AppModel if (isset($event['distribution']) && $event['distribution'] == 4) { $event = $this->captureSGForElement($event, $user, $server); } + if (!empty($event['Attribute'])) { foreach ($event['Attribute'] as $k => $a) { - unset($event['Attribute']['id']); + unset($event['Attribute'][$k]['id']); if (isset($a['distribution']) && $a['distribution'] == 4) { $event['Attribute'][$k] = $this->captureSGForElement($a, $user, $server); } @@ -3945,6 +3946,12 @@ class Event extends AppModel $result = $this->EventReport->captureReport($user, $report, $this->id); } } + + // capture new keys, update existing, remove those no longer in the pushed data + if (!empty($data['Event']['CryptographicKey'])) { + $this->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); + } + // zeroq: check if sightings are attached and add to event if (isset($data['Sighting']) && !empty($data['Sighting'])) { $this->Sighting->captureSightings($data['Sighting'], null, $this->id, $user); From 6a64dc35e46e1fe1810564f54b31df630e42a931 Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 16:42:07 +0100 Subject: [PATCH 0130/1366] chg: [event edit] execute validation for signing keys if applicable --- app/Controller/EventsController.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index ec2130fcf..39e0dcb7f 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -2593,6 +2593,24 @@ class EventsController extends AppController $this->redirect(array('controller' => 'events', 'action' => 'index')); } } + if ( + !empty($event['Event']['protected']) && + $this->Auth->user('Role')['perm_sync'] && + !$this->Auth->user('Role')['perm_site_admin'] + ) { + $pgp_signature = $this->request->header('x-pgp-signature'); + $raw_data = $this->request->input(); + if ( + !$this->CryptographicKey->validateProtectedEvent( + $raw_data, + $this->Auth->user(), + $pgp_signature, + $this->request->data + ) + ) { + throw new MethodNotAllowedException(__('Protected event failed signature validation.')); + } + } if (!$this->_isRest()) { $this->Event->insertLock($this->Auth->user(), $id); } From c42800718a68e0a049a8e525ccf9e03a276f234e Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 17:02:11 +0100 Subject: [PATCH 0131/1366] chg: [cryptographickey] capturing - add summary to logs --- app/Model/CryptographicKey.php | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 4119f465e..219d0ab3d 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -169,11 +169,17 @@ class CryptographicKey extends AppModel public function validateProtectedEvent($raw_data, $user, $pgp_signature, $event) { + if (empty($event['Event']['CryptographicKey'])) { + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry($user['email'], 'add', 'Event', $server['Server']['id'], $message); + return false; + } foreach ($event['Event']['CryptographicKey'] as $supplied_key) { if ($this->verifySignature($raw_data, $pgp_signature, $supplied_key)) { return true; } } + $this->Log = ClassRegistry::init('Log'); $this->Log->createLogEntry($user['email'], 'add', 'Event', $server['Server']['id'], $message); return false; } @@ -196,8 +202,8 @@ class CryptographicKey extends AppModel 'fingerprint' ] ]); - $toAdd = []; $toRemove = []; + $results = ['add' => [], 'remove' => []]; foreach ($existingKeys as $k => $existingKey) { foreach ($cryptographicKeys as $k2 => $cryptographicKey) { if ($existingKey['CryptographicKey']['fingerprint'] === $cryptographicKey['fingerprint']) { @@ -211,6 +217,7 @@ class CryptographicKey extends AppModel } } $toRemove[] = $existingKey['CryptographicKey']['id']; + $results['remove'][$existingKey['CryptographicKey']['id']] = $existingKey['CryptographicKey']['fingerprint']; } foreach ($cryptographicKeys as $cryptographicKey) { $this->create(); @@ -225,7 +232,19 @@ class CryptographicKey extends AppModel 'type' => $cryptoGraphicKey['type'] ] ); + $results['add'][$cryptoGraphicKey['id']] = $cryptoGraphicKey['fingerprint']; } + $message = __( + 'Added %s (%s) and removed %s (%s) keys for %s #%s.', + count($results['add']), + implode (',', $results['add']), + count($results['remove']), + implode (',', $results['remove']), + $cryptographicKey['parent_type'], + $cryptographicKey['parent_id'] + ); $this->deleteaAll(['CryptoGraphicKey.id' => $toRemove]); + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry($user['email'], 'updateCryptoKeys', $cryptoGraphicKey['parent_type'], $cryptoGraphicKey['parent_id'], $message); } } From 8e96e2fd0005e5b7bba0bb0d55e172f001d2068f Mon Sep 17 00:00:00 2001 From: iglocska Date: Sun, 13 Mar 2022 17:02:50 +0100 Subject: [PATCH 0132/1366] chg: [cryptographic key] move capture function to a bulk delta function --- app/Model/Event.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index c09e4a319..8dca3fcbf 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -463,6 +463,7 @@ class Event extends AppModel $this->logException('Delete of event file directory failed.', $e); throw new InternalErrorException('Delete of event file directory failed. Please report to administrator.'); } + $this->CryptographicKey->deleteAll(['CryptographicKey.parent_type' => 'Event', 'CryptographicKey.parent_id' => $this->id]); } public function beforeValidate($options = array()) @@ -3949,7 +3950,7 @@ class Event extends AppModel // capture new keys, update existing, remove those no longer in the pushed data if (!empty($data['Event']['CryptographicKey'])) { - $this->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); + $this->CryptoGraphicKey->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); } // zeroq: check if sightings are attached and add to event @@ -4129,6 +4130,12 @@ class Event extends AppModel $eventLock->insertLockBackgroundJob($data['Event']['id'], $jobId); } $validationErrors = array(); + + // capture new keys, update existing, remove those no longer in the pushed data + if (!empty($data['Event']['CryptographicKey'])) { + $this->CryptoGraphicKey->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); + } + if (isset($data['Event']['Attribute'])) { $data['Event']['Attribute'] = array_values($data['Event']['Attribute']); foreach ($data['Event']['Attribute'] as $attribute) { From 114ac4d66cc2ea19ea1e069a830e5f3d6b2df48d Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:29:43 +0100 Subject: [PATCH 0133/1366] chg: [signing] sign contents on restresponse if applicable --- app/Controller/Component/RestResponseComponent.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index 417d422af..33bf6e28d 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -18,6 +18,8 @@ class RestResponseComponent extends Component ) ); + public $signContents = false; + private $__setup = false; /** @var array */ @@ -592,9 +594,19 @@ class RestResponseComponent extends Component if ($response instanceof TmpFileTool) { App::uses('CakeResponseFile', 'Tools'); $cakeResponse = new CakeResponseFile(['status' => $code, 'type' => $type]); - $cakeResponse->file($response); + if ($this->signContents) { + $this->CryptographicKey = ClassRegistry::init('CryptographicKey'); + $data = $response->intoString(); + $headers['x-pgp-signature'] = base64_encode($this->CryptographicKey->signWithInstanceKey($data)); + $cakeResponse = new CakeResponse(array('body' => $data, 'status' => $code, 'type' => $type)); + } else { + $cakeResponse->file($response); + } } else { $cakeResponse = new CakeResponse(array('body' => $response, 'status' => $code, 'type' => $type)); + if ($this->signContents) { + $headers['x-pgp-signature'] = base64_encode($this->CryptographicKey->signWithInstanceKey($response)); + } } if (Configure::read('Security.allow_cors')) { From 0f9645f20e054ce6784ae33e26787808ce6ea03a Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:30:44 +0100 Subject: [PATCH 0134/1366] fix: [signing] generating event signature fixes --- app/Controller/EventsController.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 39e0dcb7f..0e6a13a86 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1807,6 +1807,7 @@ class EventsController extends AppController } if ($this->_isRest()) { + $this->RestResponse->signContents = true; return $this->__restResponse($event); } @@ -2093,10 +2094,13 @@ class EventsController extends AppController !$this->Auth->user('Role')['perm_site_admin'] ) { $pgp_signature = $this->request->header('x-pgp-signature'); + if (empty($pgp_signature)) { + throw new MethodNotAllowedException(__('Protected event failed signature validation as no key was provided.')); + } $raw_data = $this->request->input(); if ( - !$this->CryptographicKey->validateProtectedEvent( - $raw_data, + !$this->Event->CryptographicKey->validateProtectedEvent( + trim($raw_data), $this->Auth->user(), $pgp_signature, $this->request->data @@ -2599,9 +2603,12 @@ class EventsController extends AppController !$this->Auth->user('Role')['perm_site_admin'] ) { $pgp_signature = $this->request->header('x-pgp-signature'); + if (empty($pgp_signature)) { + throw new MethodNotAllowedException(__('Protected event failed signature validation as no key was provided.')); + } $raw_data = $this->request->input(); if ( - !$this->CryptographicKey->validateProtectedEvent( + !$this->Event->CryptographicKey->validateProtectedEvent( $raw_data, $this->Auth->user(), $pgp_signature, @@ -6031,7 +6038,7 @@ class EventsController extends AppController if ($this->request->is('json')) { App::uses('JSONConverterTool', 'Tools'); - if ($this->RestResponse->isAutomaticTool()) { + if ($this->RestResponse->isAutomaticTool() && empty($event['Event']['protected'])) { foreach (JSONConverterTool::streamConvert($event) as $part) { $tmpFile->write($part); } From 2cfa89d492f9416e92b4562662080153fd8ce853 Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:31:36 +0100 Subject: [PATCH 0135/1366] chg: [tmpfiletool] allow reading into string without closing the file --- app/Lib/Tools/TmpFileTool.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/app/Lib/Tools/TmpFileTool.php b/app/Lib/Tools/TmpFileTool.php index 4dbd2c32a..39a90f9ed 100644 --- a/app/Lib/Tools/TmpFileTool.php +++ b/app/Lib/Tools/TmpFileTool.php @@ -144,17 +144,20 @@ class TmpFileTool } /** + * @param boolean $close * @return string * @throws Exception */ - public function intoString() + public function intoString($close = true) { $this->rewind(); $string = stream_get_contents($this->tmpfile); if ($string === false) { throw new Exception('Could not read from temporary file.'); } - $this->close(); + if ($close) { + $this->close(); + } return $string; } From be34b3899e9501d278d41b98f3fff084d455cf54 Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:32:18 +0100 Subject: [PATCH 0136/1366] fix: [cryptographickey model] internal fixes - incorrect variable names fixed - logging target fixes - error messages were lacking the actual message --- app/Model/CryptographicKey.php | 54 ++++++++++++++++++++++------------ 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 219d0ab3d..e707ffec4 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -77,7 +77,7 @@ class CryptographicKey extends AppModel return true; } - public function signWithInstanceKey($data) + private function __ingestInstanceKey() { $file = new File(APP . '/webroot/gpg.asc'); $instanceKey = $file->read(); @@ -88,7 +88,22 @@ class CryptographicKey extends AppModel throw new MethodNotAllowedException("Could not import the instance key.."); } $this->gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password')); - $signature = $this->gpg->sign($data, Crypt_GPG::SIGN_MODE_DETACHED); + } + + public function signWithInstanceKey($data) + { + $this->__ingestInstanceKey(); + file_put_contents('/var/www/MISP2/app/tmp/foo', $data); + file_put_contents('/var/www/MISP2/app/tmp/foo2', trim($data)); + $signature = $this->gpg->sign(trim($data), Crypt_GPG::SIGN_MODE_DETACHED); + file_put_contents('/var/www/MISP2/app/tmp/foo.sig', $signature); + return $signature; + } + + public function signFileWithInstanceKey($path) + { + $this->__ingestInstanceKey(); + $signature = $this->gpg->signFile($path, Crypt_GPG::SIGN_MODE_DETACHED); return $signature; } @@ -96,19 +111,20 @@ class CryptographicKey extends AppModel { $this->error = false; $fingerprint = $this->__extractPGPKeyData($key); - $verifiedSignature = $this->gpg->verify($data, $signature); + $this->gpg = GpgTool::initializeGpg(); + $verifiedSignature = $this->gpg->verify(trim($data), $signature); if (empty($verifiedSignature)) { - $this->error = ERROR_MALFORMED_SIGNATURE; + $this->error = $this::ERROR_MALFORMED_SIGNATURE; return false; } if (!$verifiedSignature[0]->isValid()) { - $this->error = ERROR_INVALID_SIGNATURE; + $this->error = $this::ERROR_INVALID_SIGNATURE; return false; } if ($verifiedSignature[0]->getKeyFingerprint() === $fingerprint) { return true; } else { - $this->error = ERROR_WRONG_KEY; + $this->error = $this::ERROR_WRONG_KEY; return false; } } @@ -170,17 +186,19 @@ class CryptographicKey extends AppModel public function validateProtectedEvent($raw_data, $user, $pgp_signature, $event) { if (empty($event['Event']['CryptographicKey'])) { + $message = __('No valid signatures found for validating the signature.'); $this->Log = ClassRegistry::init('Log'); - $this->Log->createLogEntry($user['email'], 'add', 'Event', $server['Server']['id'], $message); + $this->Log->createLogEntry($user, 'validateSig', 'Event', $event['Event']['id'], $message); return false; } foreach ($event['Event']['CryptographicKey'] as $supplied_key) { - if ($this->verifySignature($raw_data, $pgp_signature, $supplied_key)) { + if ($this->verifySignature($raw_data, base64_decode($pgp_signature), $supplied_key['key_data'])) { return true; } } $this->Log = ClassRegistry::init('Log'); - $this->Log->createLogEntry($user['email'], 'add', 'Event', $server['Server']['id'], $message); + $message = __('Could not validate the signature.'); + $this->Log->createLogEntry($user, 'validateSig', 'Event', $event['Event']['id'], $message); return false; } @@ -223,16 +241,16 @@ class CryptographicKey extends AppModel $this->create(); $this->save( [ - 'uuid' => $cryptoGraphicKey['uuid'], - 'key_data' => $cryptoGraphicKey['key_data'], - 'fingerprint' => $cryptoGraphicKey['fingerprint'], - 'revoked' => $cryptoGraphicKey['revoked'], - 'parent_type' => $cryptoGraphicKey['parent_type'], - 'parent_id' => $cryptoGraphicKey['parent_id'], - 'type' => $cryptoGraphicKey['type'] + 'uuid' => $cryptographickey['uuid'], + 'key_data' => $cryptographickey['key_data'], + 'fingerprint' => $cryptographickey['fingerprint'], + 'revoked' => $cryptographickey['revoked'], + 'parent_type' => $cryptographickey['parent_type'], + 'parent_id' => $cryptographickey['parent_id'], + 'type' => $cryptographickey['type'] ] ); - $results['add'][$cryptoGraphicKey['id']] = $cryptoGraphicKey['fingerprint']; + $results['add'][$cryptographickey['id']] = $cryptographickey['fingerprint']; } $message = __( 'Added %s (%s) and removed %s (%s) keys for %s #%s.', @@ -245,6 +263,6 @@ class CryptographicKey extends AppModel ); $this->deleteaAll(['CryptoGraphicKey.id' => $toRemove]); $this->Log = ClassRegistry::init('Log'); - $this->Log->createLogEntry($user['email'], 'updateCryptoKeys', $cryptoGraphicKey['parent_type'], $cryptoGraphicKey['parent_id'], $message); + $this->Log->createLogEntry($user, 'updateCryptoKeys', $cryptographickey['parent_type'], $cryptographickey['parent_id'], $message); } } From 0774086ad224a0c68690e5e88c4c4021a3076f4f Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:33:41 +0100 Subject: [PATCH 0137/1366] fix: [event model] fixes - fixed class name typo - removed placeholder exception / breakpoint --- app/Model/Event.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 8dca3fcbf..0467bdcee 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -1086,7 +1086,6 @@ class Event extends AppModel } $request = $this->__signEvent($data, $server, $request, $HttpSocket); } - throw new Exception(); if (!empty(Configure::read('Security.sync_audit'))) { $pushLogEntry = sprintf( @@ -1103,7 +1102,6 @@ class Event extends AppModel } else { $url = "$serverUrl/events/add/metadata:1"; } - $response = $HttpSocket->post($url, $data, $request); // Maybe the check if event exists was not correct, try to create a new event @@ -3950,7 +3948,7 @@ class Event extends AppModel // capture new keys, update existing, remove those no longer in the pushed data if (!empty($data['Event']['CryptographicKey'])) { - $this->CryptoGraphicKey->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); + $this->CryptographicKey->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); } // zeroq: check if sightings are attached and add to event From 4ca607ea4c3206175557785ec951f0be4e13e556 Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:34:19 +0100 Subject: [PATCH 0138/1366] fix: [log] added 2 new actions for the signing system --- app/Model/Log.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/Model/Log.php b/app/Model/Log.php index 0111c5659..7d6c224f6 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -69,8 +69,10 @@ class Log extends AppModel 'update', 'update_database', 'update_db_worker', + 'updateCryptoKeys', 'upgrade_24', 'upload_sample', + 'validateSig', 'version_warning', 'warning', 'wipe_default' From 4a65714fe904eb2a2ed125228a7c0ae0d4f766b1 Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 00:34:44 +0100 Subject: [PATCH 0139/1366] fix: [sync] version comparison fixes - for determining the right version to compare to when deciding if protected events can be synced --- app/Model/Server.php | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 2840cc074..9b5eee142 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -2573,6 +2573,7 @@ class Server extends AppModel $canSight = isset($remoteVersion['perm_sighting']) ? $remoteVersion['perm_sighting'] : false; $supportEditOfGalaxyCluster = isset($remoteVersion['perm_galaxy_editor']); $canEditGalaxyCluster = isset($remoteVersion['perm_galaxy_editor']) ? $remoteVersion['perm_galaxy_editor'] : false; + $remoteVersionString = $remoteVersion['version']; $remoteVersion = explode('.', $remoteVersion['version']); if (!isset($remoteVersion[0])) { $message = __('Error: Server didn\'t send the expected response. This may be because the remote server version is outdated.'); @@ -2580,13 +2581,7 @@ class Server extends AppModel return $message; } $localVersion = $this->checkMISPVersion(); - $localVersionString = sprintf( - '%s.%s.%s', - $localVersion['major'], - $localVersion['minor'], - $localVersion['hotfix'] - ); - $protectedMode = version_compare($localVersionString, '2.4.156') >= 0; + $protectedMode = version_compare($remoteVersionString, '2.4.156') >= 0; $response = false; $success = false; $issueLevel = "warning"; From c5d6e4a07cc7a09c2823b2c0332ed0db6b57c18b Mon Sep 17 00:00:00 2001 From: iglocska Date: Mon, 14 Mar 2022 15:54:24 +0100 Subject: [PATCH 0140/1366] fix: [signing] canonisation support by culling whitespaces --- app/Controller/EventsController.php | 2 +- app/Model/CryptographicKey.php | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 0e6a13a86..870c878a9 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -2100,7 +2100,7 @@ class EventsController extends AppController $raw_data = $this->request->input(); if ( !$this->Event->CryptographicKey->validateProtectedEvent( - trim($raw_data), + $raw_data, $this->Auth->user(), $pgp_signature, $this->request->data diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index e707ffec4..59e57943a 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -93,10 +93,8 @@ class CryptographicKey extends AppModel public function signWithInstanceKey($data) { $this->__ingestInstanceKey(); - file_put_contents('/var/www/MISP2/app/tmp/foo', $data); - file_put_contents('/var/www/MISP2/app/tmp/foo2', trim($data)); - $signature = $this->gpg->sign(trim($data), Crypt_GPG::SIGN_MODE_DETACHED); - file_put_contents('/var/www/MISP2/app/tmp/foo.sig', $signature); + $data = preg_replace("/\s+/", "", $data); + $signature = $this->gpg->sign($data, Crypt_GPG::SIGN_MODE_DETACHED); return $signature; } @@ -112,7 +110,8 @@ class CryptographicKey extends AppModel $this->error = false; $fingerprint = $this->__extractPGPKeyData($key); $this->gpg = GpgTool::initializeGpg(); - $verifiedSignature = $this->gpg->verify(trim($data), $signature); + $data = preg_replace("/\s+/", "", $data); + $verifiedSignature = $this->gpg->verify($data, $signature); if (empty($verifiedSignature)) { $this->error = $this::ERROR_MALFORMED_SIGNATURE; return false; From e5c7e50fcf882f9b0d19d50a0ab50c3d6bbe3ce0 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 07:16:19 +0100 Subject: [PATCH 0141/1366] fix: [internal] event rearranging before push fixed - some elements were at a misaligned level in the array --- app/Model/Event.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 0467bdcee..c55b6f550 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -1153,7 +1153,19 @@ class Event extends AppModel private function __rearrangeEventStructureForSync($event) { // rearrange things to be compatible with the Xml::fromArray() - $objectsToRearrange = array('Attribute', 'Object', 'Orgc', 'SharingGroup', 'EventTag', 'Org', 'ShadowAttribute', 'EventReport'); + $objectsToRearrange = array( + 'Attribute', + 'Object', + 'Orgc', + 'SharingGroup', + 'EventTag', + 'Org', + 'ShadowAttribute', + 'EventReport', + 'CryptographicKey', + 'ThreatLevel', + 'Galaxy' + ); foreach ($objectsToRearrange as $o) { if (isset($event[$o])) { $event['Event'][$o] = $event[$o]; @@ -1161,10 +1173,10 @@ class Event extends AppModel } } // cleanup the array from things we do not want to expose - foreach (array('Org', 'org_id', 'orgc_id', 'proposal_email_lock', 'org', 'orgc') as $field) { + foreach (array('Org', 'org_id', 'orgc_id', 'proposal_email_lock', 'org', 'orgc', 'locked') as $field) { unset($event['Event'][$field]); } - return $event; + return ['Event' => $event['Event']]; } // since we fetch the event and filter on tags after / server, we need to cull all of the non exportable tags From 364eaa50c227391901875b20a896ff83133b372c Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 09:30:56 +0100 Subject: [PATCH 0142/1366] new: [event warnings] made modular - app/Lib/EventWarning contains default warnings - app/Lib/EventWarning/Custom can be used to just drop event warnings - use app/Lib/EventWarning/DefaultWarning as a template --- .gitignore | 2 + app/Lib/EventWarning/Custom/empty | 1 + app/Lib/EventWarning/DefaultWarning.php | 65 +++++++++++++++++++++ app/Model/Behavior/EventWarningBehavior.php | 63 ++++++-------------- 4 files changed, 85 insertions(+), 46 deletions(-) create mode 100644 app/Lib/EventWarning/Custom/empty create mode 100644 app/Lib/EventWarning/DefaultWarning.php diff --git a/.gitignore b/.gitignore index 03a9483ae..29f582b27 100755 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,8 @@ tools/mkdocs /app/tmp/cache/misp_feed* /app/files/* /app/tmp/cache/feeds/*.cache +app/Lib/EventWarning/Custom/* +!app/Lib/EventWarning/Custom/empty !/app/files/feed-metadata !/app/files/empty !/app/files/scripts/ diff --git a/app/Lib/EventWarning/Custom/empty b/app/Lib/EventWarning/Custom/empty new file mode 100644 index 000000000..8b1378917 --- /dev/null +++ b/app/Lib/EventWarning/Custom/empty @@ -0,0 +1 @@ + diff --git a/app/Lib/EventWarning/DefaultWarning.php b/app/Lib/EventWarning/DefaultWarning.php new file mode 100644 index 000000000..772388c88 --- /dev/null +++ b/app/Lib/EventWarning/DefaultWarning.php @@ -0,0 +1,65 @@ +name = __('Default'); + $this->description = __('The default set of warnings included with MISP'); + } + + public function emptyEventCheck(array $event, array &$warnings) + { + if (empty($event['Attribute']) && empty($event['objects'])) { + $warnings[__('Content')][] = __('Your event has neither attributes nor objects, whilst this can have legitimate reasons (such as purely creating an event with an event report or galaxy clusters), in most cases it\'s a sign that the event has yet to be fleshed out.'); + } + } + + public function contextCheck(array $event, array &$warnings) + { + if (empty($event['Galaxy']) && empty($event['EventTag'])) { + $warnings[__('Contextualisation')][] = __('Your event has neither tags nor galaxy clusters attached - generally adding context to an event allows for quicker decision making and more accurate filtering, it is highly recommended that you label your events to the best of your ability.'); + } + } + + public function tlpDistributionCheck(array $event, array &$warnings) + { + if (!empty($event['EventTag'])) { + foreach ($event['EventTag'] as $eT) { + $tagName = $eT['Tag']['name']; + $this->__tlpTaxonomyCheck($tagName, $warnings); + if ($tagName === 'tlp:white' && $event['Event']['distribution'] != Event::DISTRIBUTION_ALL) { + $warnings[__('Distribution')][] = __('The event is tagged as tlp:white, yet the distribution is not set to all. Change the distribution setting to something more lax if you wish for the event to propagate further.'); + } else if ($tagName === 'tlp:green' && !in_array($event['Event']['distribution'], [Event::DISTRIBUTION_COMMUNITY, Event::DISTRIBUTION_CONNECTED, Event::DISTRIBUTION_ALL])) { + $warnings[__('Distribution')][] = __('The event is tagged as tlp:green, yet the distribution is not set to community, connected communities or all. tlp:green assumes sharing with your entire community - make sure that the selected distribution setting covers that.'); + } else if (in_array($tagName, ['tlp:amber', 'tlp:red'], true) && $event['Event']['distribution'] == Event::DISTRIBUTION_ALL) { + $warnings[__('Distribution')][] = __('The event is tagged as %s, yet the distribution is set to all, be aware of potential information leakage.', $tagName); + } + } + } + } + + /** + * @param string $tagName + * @return void + */ + private function __tlpTaxonomyCheck($tagName, array &$warnings) + { + $lowerTagName = trim(strtolower($tagName)); + if (substr($lowerTagName, 0, 4) === 'tlp:') { + if (!in_array($lowerTagName, ['tlp:white', 'tlp:green', 'tlp:amber', 'tlp:red', 'tlp:ex:chr'], true)) { + $warnings['TLP'][] = __('Unknown TLP tag, please refer to the TLP taxonomy as to what is valid, otherwise filtering rules created by your partners may miss your intent.'); + } else if ($lowerTagName !== $tagName) { + $warnings['TLP'][] = __('TLP tag with invalid formatting: Make sure that you only use TLP tags from the taxonomy. Custom tags with invalid capitalisation, white spaces or other artifacts will break synchronisation and filtering rules intended for the correct taxonomy derived tags.'); + } + } + } +} diff --git a/app/Model/Behavior/EventWarningBehavior.php b/app/Model/Behavior/EventWarningBehavior.php index 8846bf628..8b63e5538 100644 --- a/app/Model/Behavior/EventWarningBehavior.php +++ b/app/Model/Behavior/EventWarningBehavior.php @@ -5,7 +5,7 @@ */ class EventWarningBehavior extends ModelBehavior { - private $__warnings = []; + private $__warningPackages = []; /** * @param Model $Model @@ -14,56 +14,27 @@ class EventWarningBehavior extends ModelBehavior */ public function generateWarnings(Model $Model, array $event) { - $this->__tlpDistributionCheck($event); - $this->__contextCheck($event); - $this-> __emptyEventCheck($event); - return $this->__warnings; - } - - private function __emptyEventCheck(array $event) - { - if (empty($event['Attribute']) && empty($event['objects'])) { - $this->__warnings[__('Content')][] = __('Your event has neither attributes nor objects, whilst this can have legitimate reasons (such as purely creating an event with an event report or galaxy clusters), in most cases it\'s a sign that the event has yet to be fleshed out.'); - } - } - - private function __contextCheck(array $event) - { - if (empty($event['Galaxy']) && empty($event['EventTag'])) { - $this->__warnings[__('Contextualisation')][] = __('Your event has neither tags nor galaxy clusters attached - generally adding context to an event allows for quicker decision making and more accurate filtering, it is highly recommended that you label your events to the best of your ability.'); - } - } - - private function __tlpDistributionCheck(array $event) - { - if (!empty($event['EventTag'])) { - foreach ($event['EventTag'] as $eT) { - $tagName = $eT['Tag']['name']; - $this->__tlpTaxonomyCheck($tagName); - if ($tagName === 'tlp:white' && $event['Event']['distribution'] != Event::DISTRIBUTION_ALL) { - $this->__warnings[__('Distribution')][] = __('The event is tagged as tlp:white, yet the distribution is not set to all. Change the distribution setting to something more lax if you wish for the event to propagate further.'); - } else if ($tagName === 'tlp:green' && !in_array($event['Event']['distribution'], [Event::DISTRIBUTION_COMMUNITY, Event::DISTRIBUTION_CONNECTED, Event::DISTRIBUTION_ALL])) { - $this->__warnings[__('Distribution')][] = __('The event is tagged as tlp:green, yet the distribution is not set to community, connected communities or all. tlp:green assumes sharing with your entire community - make sure that the selected distribution setting covers that.'); - } else if (in_array($tagName, ['tlp:amber', 'tlp:red'], true) && $event['Event']['distribution'] == Event::DISTRIBUTION_ALL) { - $this->__warnings[__('Distribution')][] = __('The event is tagged as %s, yet the distribution is set to all, be aware of potential information leakage.', $tagName); - } + $warnings = []; + $this->__loadCustomWarningSystems(); + $this->__loadCustomWarningSystems('Custom'); + foreach ($this->__warningPackages as $packageName => $package) { + foreach ($package->functions as $function) { + $package->$function($event, $warnings); } } + return $warnings; } - /** - * @param string $tagName - * @return void - */ - private function __tlpTaxonomyCheck($tagName) + private function __loadCustomWarningSystems($subdir = false) { - $lowerTagName = trim(strtolower($tagName)); - if (substr($lowerTagName, 0, 4) === 'tlp:') { - if (!in_array($lowerTagName, ['tlp:white', 'tlp:green', 'tlp:amber', 'tlp:red', 'tlp:ex:chr'], true)) { - $this->__warnings['TLP'][] = __('Unknown TLP tag, please refer to the TLP taxonomy as to what is valid, otherwise filtering rules created by your partners may miss your intent.'); - } else if ($lowerTagName !== $tagName) { - $this->__warnings['TLP'][] = __('TLP tag with invalid formatting: Make sure that you only use TLP tags from the taxonomy. Custom tags with invalid capitalisation, white spaces or other artifacts will break synchronisation and filtering rules intended for the correct taxonomy derived tags.'); - } + $subDirPath = $subdir ? ('/' . $subdir) : ''; + $dir = new Folder(APP . 'Lib/EventWarning' . $subDirPath); + $files = $dir->find('.*Warning\.php'); + foreach ($files as $file) { + $className = substr($file, 0, -4); + $path = 'EventWarning/Custom'; + App::uses($className, $path); + $this->__warningPackages[$className] = new $className(); } } } From 3c8d07ca757de22ff6a447693bd7e922feddf09b Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 15 Mar 2022 09:55:50 +0100 Subject: [PATCH 0143/1366] fix: [oidc] Throw exception if user email is empty --- app/Plugin/OidcAuth/Lib/Oidc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/Plugin/OidcAuth/Lib/Oidc.php b/app/Plugin/OidcAuth/Lib/Oidc.php index aeb188a11..afe859f87 100644 --- a/app/Plugin/OidcAuth/Lib/Oidc.php +++ b/app/Plugin/OidcAuth/Lib/Oidc.php @@ -26,6 +26,12 @@ class Oidc $claims = $oidc->getVerifiedClaims(); $mispUsername = $claims->email ?? $oidc->requestUserInfo('email'); + + if (empty($mispUsername)) { + $sub = $claims->sub ?? 'UNKNOWN'; + throw new Exception("OIDC user $sub doesn't have email address, that is required by MISP."); + } + $this->log($mispUsername, "Trying login."); $sub = $claims->sub; // sub is required From b69c2c49188e5360b27ab0a920460e1f3a4ce566 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 15 Mar 2022 09:59:06 +0100 Subject: [PATCH 0144/1366] fix: [php] Support for PHP 7.2 --- app/View/Events/module_views/context_markdown_view.ctp | 2 +- app/View/Events/module_views/context_view.ctp | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/app/View/Events/module_views/context_markdown_view.ctp b/app/View/Events/module_views/context_markdown_view.ctp index 6d91e0fe0..11055ef63 100644 --- a/app/View/Events/module_views/context_markdown_view.ctp +++ b/app/View/Events/module_views/context_markdown_view.ctp @@ -51,7 +51,7 @@ h($cluster['GalaxyCluster']['value']), $baseurl . '/galaxy_clusters/view/' . h($cluster['GalaxyCluster']['id']), strlen(h($cluster['GalaxyCluster']['description'])) > 300 ? - (substr(h($cluster['GalaxyCluster']['description']), 0, 300) . '...') : h($cluster['GalaxyCluster']['description']), + (substr(h($cluster['GalaxyCluster']['description']), 0, 300) . '...') : h($cluster['GalaxyCluster']['description']) ); } } diff --git a/app/View/Events/module_views/context_view.ctp b/app/View/Events/module_views/context_view.ctp index eca88b194..937ed6100 100644 --- a/app/View/Events/module_views/context_view.ctp +++ b/app/View/Events/module_views/context_view.ctp @@ -59,7 +59,7 @@ $baseurl . '/galaxy_clusters/view/' . h($cluster['GalaxyCluster']['id']), h($cluster['GalaxyCluster']['value']), strlen(h($cluster['GalaxyCluster']['description'])) > 300 ? - (substr(h($cluster['GalaxyCluster']['description']), 0, 300) . '...') : h($cluster['GalaxyCluster']['description']), + (substr(h($cluster['GalaxyCluster']['description']), 0, 300) . '...') : h($cluster['GalaxyCluster']['description']) ); } $htmlClusters .= ''; @@ -70,8 +70,6 @@

    - element('view_galaxy_matrix', $attackData); - ?> + element('view_galaxy_matrix', $attackData); ?>
    From 0783bda85bcd00a61376e184a1178436235d3c37 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 15 Mar 2022 10:07:49 +0100 Subject: [PATCH 0145/1366] fix: [oidc] Specify correct column for user fetch --- app/Plugin/OidcAuth/Lib/Oidc.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/Plugin/OidcAuth/Lib/Oidc.php b/app/Plugin/OidcAuth/Lib/Oidc.php index afe859f87..a8d99232e 100644 --- a/app/Plugin/OidcAuth/Lib/Oidc.php +++ b/app/Plugin/OidcAuth/Lib/Oidc.php @@ -37,10 +37,10 @@ class Oidc $sub = $claims->sub; // sub is required // Try to find user by `sub` field, that is unique - $user = $this->_findUser($settings, ['sub' => $sub]); + $user = $this->_findUser($settings, ['User.sub' => $sub]); if (!$user) { // User by sub not found, try to find by email - $user = $this->_findUser($settings, ['email' => $mispUsername]); + $user = $this->_findUser($settings, ['User.email' => $mispUsername]); if ($user && $user['sub'] !== null && $user['sub'] !== $sub) { $this->log($mispUsername, "User sub doesn't match ({$user['sub']} != $sub), could not login."); return false; @@ -134,7 +134,7 @@ class Oidc $this->log($mispUsername, "Saved in database with ID {$this->User->id}"); $this->log($mispUsername, 'Logged in.'); - $user = $this->_findUser($settings, ['id' => $this->User->id]); + $user = $this->_findUser($settings, ['User.id' => $this->User->id]); if ($user['User']['sub'] !== $sub) { // just to be sure that we have the correct user throw new Exception("User {$user['email']} sub doesn't match ({$user['sub']} != $sub)"); From 7c3181837b5c4cd83dee222147d8c2294f2dda77 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 12:54:55 +0100 Subject: [PATCH 0146/1366] fix: [eventwarning] path fixed - as spotted by @chrisr3d --- app/Model/Behavior/EventWarningBehavior.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Model/Behavior/EventWarningBehavior.php b/app/Model/Behavior/EventWarningBehavior.php index 8b63e5538..e6f26170b 100644 --- a/app/Model/Behavior/EventWarningBehavior.php +++ b/app/Model/Behavior/EventWarningBehavior.php @@ -32,7 +32,7 @@ class EventWarningBehavior extends ModelBehavior $files = $dir->find('.*Warning\.php'); foreach ($files as $file) { $className = substr($file, 0, -4); - $path = 'EventWarning/Custom'; + $path = 'EventWarning' . $subDirPath; App::uses($className, $path); $this->__warningPackages[$className] = new $className(); } From f4fbc62aae2205e20114f82a5ba118dbf37a3385 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 22:58:09 +0100 Subject: [PATCH 0147/1366] fix: [cryptographicKey] various fixes - typoes fixed - take parent ID from the local ID rather than the synced one --- app/Model/CryptographicKey.php | 35 +++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 59e57943a..36c8d425f 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -77,7 +77,7 @@ class CryptographicKey extends AppModel return true; } - private function __ingestInstanceKey() + public function ingestInstanceKey() { $file = new File(APP . '/webroot/gpg.asc'); $instanceKey = $file->read(); @@ -88,11 +88,12 @@ class CryptographicKey extends AppModel throw new MethodNotAllowedException("Could not import the instance key.."); } $this->gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password')); + return $this->gpg->getFingerprint(Configure::read('GnuPG.email')); } public function signWithInstanceKey($data) { - $this->__ingestInstanceKey(); + $this->ingestInstanceKey(); $data = preg_replace("/\s+/", "", $data); $signature = $this->gpg->sign($data, Crypt_GPG::SIGN_MODE_DETACHED); return $signature; @@ -100,7 +101,7 @@ class CryptographicKey extends AppModel public function signFileWithInstanceKey($path) { - $this->__ingestInstanceKey(); + $this->ingestInstanceKey(); $signature = $this->gpg->signFile($path, Crypt_GPG::SIGN_MODE_DETACHED); return $signature; } @@ -201,14 +202,14 @@ class CryptographicKey extends AppModel return false; } - public function captureCryptographicKeyUpdate($cryptographicKeys, $parent_id, $type) + public function captureCryptographicKeyUpdate($user, $cryptographicKeys, $parent_id, $type) { $existingKeys = $this->find('first', [ 'recursive' => -1, 'fields' => 1, 'conditions' => [ - 'parent_type' => $cryptographicKey['type'], - 'parent_id' => $cryptographicKey['parent_id'] + 'parent_type' => $type, + 'parent_id' => $parent_id ], 'fields' => [ 'id', @@ -240,16 +241,16 @@ class CryptographicKey extends AppModel $this->create(); $this->save( [ - 'uuid' => $cryptographickey['uuid'], - 'key_data' => $cryptographickey['key_data'], - 'fingerprint' => $cryptographickey['fingerprint'], - 'revoked' => $cryptographickey['revoked'], - 'parent_type' => $cryptographickey['parent_type'], - 'parent_id' => $cryptographickey['parent_id'], - 'type' => $cryptographickey['type'] + 'uuid' => $cryptographicKey['uuid'], + 'key_data' => $cryptographicKey['key_data'], + 'fingerprint' => $cryptographicKey['fingerprint'], + 'revoked' => $cryptographicKey['revoked'], + 'parent_type' => $cryptographicKey['parent_type'], + 'parent_id' => $parent_id, + 'type' => $cryptographicKey['type'] ] ); - $results['add'][$cryptographickey['id']] = $cryptographickey['fingerprint']; + $results['add'][$cryptographicKey['id']] = $cryptographicKey['fingerprint']; } $message = __( 'Added %s (%s) and removed %s (%s) keys for %s #%s.', @@ -258,10 +259,10 @@ class CryptographicKey extends AppModel count($results['remove']), implode (',', $results['remove']), $cryptographicKey['parent_type'], - $cryptographicKey['parent_id'] + $parent_id ); - $this->deleteaAll(['CryptoGraphicKey.id' => $toRemove]); + $this->deleteAll(['CryptographicKey.id' => $toRemove]); $this->Log = ClassRegistry::init('Log'); - $this->Log->createLogEntry($user, 'updateCryptoKeys', $cryptographickey['parent_type'], $cryptographickey['parent_id'], $message); + $this->Log->createLogEntry($user, 'updateCryptoKeys', $cryptographicKey['parent_type'], $cryptographicKey['parent_id'], $message); } } From 26de0a8b0cedf93c6acc2bfee77172a8691d7cd7 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 22:59:52 +0100 Subject: [PATCH 0148/1366] new: [events] index and view signing checks added - exclude events that can't be signed with a valid key as required by the event from the index for automaticTools (MISP + PyMISP) - sign the data only for automaticTools (MISP + PyMISP) --- app/Controller/EventsController.php | 58 ++++++++++++++++++++++++----- 1 file changed, 49 insertions(+), 9 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 870c878a9..fd51637a9 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -767,19 +767,26 @@ class EventsController extends AppController */ private function __indexRestResponse(array $passedArgs) { + $isSync = $skipProtected = false; + if (!empty($this->request->header('misp-version'))) { + $isSync = true; + if (version_compare($this->request->header('misp-version'), '2.4.156') < 0) { + $skipProtected = true; + } + } $fieldNames = $this->Event->schema(); $minimal = !empty($passedArgs['searchminimal']) || !empty($passedArgs['minimal']); if ($minimal) { $rules = [ 'recursive' => -1, - 'fields' => array('id', 'timestamp', 'sighting_timestamp', 'published', 'uuid'), - 'contain' => array('Orgc.uuid'), + 'fields' => array('id', 'timestamp', 'sighting_timestamp', 'published', 'uuid', 'protected'), + 'contain' => array('Orgc.uuid', 'CryptographicKey.fingerprint'), ]; } else { // Remove user ID from fetched fields unset($fieldNames['user_id']); $rules = [ - 'contain' => ['EventTag'], + 'contain' => ['EventTag', 'CryptographicKey.fingerprint'], 'fields' => array_keys($fieldNames), ]; } @@ -829,9 +836,8 @@ class EventsController extends AppController $events = $absolute_total === 0 ? [] : $this->Event->find('all', $rules); } - $isCsvResponse = $this->response->type() === 'text/csv'; - + $instanceFingerprint = $this->Event->CryptographicKey->ingestInstanceKey(); if (!$minimal) { // Collect all tag IDs that are events $tagIds = []; @@ -874,11 +880,25 @@ class EventsController extends AppController // Fetch all org and sharing groups that are in events $orgIds = []; $sharingGroupIds = []; - foreach ($events as $event) { + foreach ($events as $k => $event) { + if ($event['Event']['protected']) { + if ($skipProtected) { + unset($events[$k]); + continue; + } + foreach ($event['CryptographicKey'] as $cryptoKey) { + if ($instanceFingerprint === $cryptoKey['fingerprint']) { + continue 2; + } + } + unset($events[$k]); + continue; + } $orgIds[$event['Event']['org_id']] = true; $orgIds[$event['Event']['orgc_id']] = true; $sharingGroupIds[$event['Event']['sharing_group_id']] = true; } + $events = array_values($events); if (!empty($orgIds)) { $orgs = $this->Event->Org->find('all', [ 'conditions' => ['Org.id' => array_keys($orgIds)], @@ -901,7 +921,6 @@ class EventsController extends AppController unset($sharingGroupIds); $sharingGroups = array_column(array_column($sharingGroups, 'SharingGroup'), null, 'id'); } - foreach ($events as $key => $event) { $temp = $event['Event']; $temp['Org'] = $orgs[$temp['org_id']]; @@ -923,10 +942,30 @@ class EventsController extends AppController $events = array('Event' => $events); } } else { + // We do not want to allow instances to pull our data that can't make sense of protected mode events + $skipProtected = ( + !empty($this->request->header('misp-version')) && + version_compare($this->request->header('misp-version'), '2.4.156') < 0 + ); foreach ($events as $key => $event) { + if ($event['Event']['protected']) { + if ($skipProtected) { + unset($events[$key]); + continue; + } + foreach ($event['CryptographicKey'] as $cryptoKey) { + if ($instanceFingerprint === $cryptoKey['fingerprint']) { + continue 2; + } + } + unset($events[$key]); + continue; + } $event['Event']['orgc_uuid'] = $event['Orgc']['uuid']; + unset($event['Event']['protected']); $events[$key] = $event['Event']; } + $events = array_values($events); } if ($isCsvResponse) { @@ -1805,9 +1844,10 @@ class EventsController extends AppController if (isset($namedParams['galaxyAttachedAttributes']) && $namedParams['galaxyAttachedAttributes'] !== '') { $this->__applyQueryString($event, $namedParams['galaxyAttachedAttributes'], 'Tag.name'); } - if ($this->_isRest()) { - $this->RestResponse->signContents = true; + if ($this->RestResponse->isAutomaticTool()) { + $this->RestResponse->signContents = true; + } return $this->__restResponse($event); } From 7f7d5f0f0c8ca3236a41ae312f35ec32ca95e674 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 23:09:27 +0100 Subject: [PATCH 0149/1366] chg: [version] bump --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index 2c02d74b1..082dd3217 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1 +1 @@ -{"major":2, "minor":4, "hotfix":155} +{"major":2, "minor":4, "hotfix":156} From f592053f5a51965f851efc6edb9b22cb4f085a88 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 23:10:09 +0100 Subject: [PATCH 0150/1366] fix: [event] include the protected field in the saving to allow syncing of protected events --- app/Model/Event.php | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 0467bdcee..5d3dee45c 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -1141,7 +1141,7 @@ class Event extends AppModel throw new HttpException($response->body, $response->code); } $version = json_decode($response->body(), true)['version']; - if (version_compare($version, '2.4.155') < 0) { + if (version_compare($version, '2.4.156') < 0) { $message = __('Remote instance is not protected event aware yet (< 2.4.156), aborting.'); $this->Log = ClassRegistry::init('Log'); $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); @@ -3868,7 +3868,8 @@ class Event extends AppModel 'sharing_group_id', 'locked', 'disable_correlation', - 'extends_uuid' + 'extends_uuid', + 'protected' ); $saveResult = $this->save(array('Event' => $data['Event']), array('fieldList' => $fieldList)); if ($saveResult) { @@ -3939,7 +3940,6 @@ class Event extends AppModel } } } - if (!empty($data['Event']['EventReport'])) { foreach ($data['Event']['EventReport'] as $report) { $result = $this->EventReport->captureReport($user, $report, $this->id); @@ -3948,7 +3948,12 @@ class Event extends AppModel // capture new keys, update existing, remove those no longer in the pushed data if (!empty($data['Event']['CryptographicKey'])) { - $this->CryptographicKey->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); + $this->CryptographicKey->captureCryptographicKeyUpdate( + $user, + $data['Event']['CryptographicKey'], + $this->id, + 'Event' + ); } // zeroq: check if sightings are attached and add to event @@ -4131,7 +4136,12 @@ class Event extends AppModel // capture new keys, update existing, remove those no longer in the pushed data if (!empty($data['Event']['CryptographicKey'])) { - $this->CryptoGraphicKey->captureCryptographicKeyUpdate($data['Event']['CryptographicKey'], $data['Event']['id'], 'Event'); + $this->CryptographicKey->captureCryptographicKeyUpdate( + $user, + $data['Event']['CryptographicKey'], + $existingEvent['Event']['id'], + 'Event' + ); } if (isset($data['Event']['Attribute'])) { From 312297485330f32ce54832e55e7cd3d55204276e Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 23:10:51 +0100 Subject: [PATCH 0151/1366] chg: [pull] signing validation WiP --- app/Model/Server.php | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 9b5eee142..635497b8d 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -413,15 +413,17 @@ class Server extends AppModel return false; } - private function __checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, &$successes, &$fails, Event $eventModel, $server, $user, $jobId, $force = false) + private function __checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, &$successes, &$fails, Event $eventModel, $server, $user, $jobId, $force = false, $headers = false, $body = false) { // check if the event already exist (using the uuid) $existingEvent = $eventModel->find('first', [ 'conditions' => ['Event.uuid' => $event['Event']['uuid']], 'recursive' => -1, - 'fields' => ['id', 'locked'], + 'fields' => ['id', 'locked', 'protected'], ]); $passAlong = $server['Server']['id']; + debug($body); + throw new Exception(); if (!$existingEvent) { // add data for newly imported events $result = $eventModel->_add($event, true, $user, $server['Server']['org_id'], $passAlong, true, $jobId); @@ -438,6 +440,10 @@ class Server extends AppModel if (!$existingEvent['Event']['locked'] && !$server['Server']['internal']) { $fails[$eventId] = __('Blocked an edit to an event that was created locally. This can happen if a synchronised event that was created on this instance was modified by an administrator on the remote side.'); } else { + if ($existingEvent['Event']['protected']) { + debug($headers); + validateProtectedEvent($raw_data, $user, $headers['x-pgp-signature'], $event); + } $result = $eventModel->_edit($event, $user, $existingEvent['Event']['id'], $jobId, $passAlong, $force); if ($result === true) { $successes[] = $eventId; @@ -466,9 +472,11 @@ class Server extends AppModel if (empty($serverSync->server()['Server']['internal'])) { $params['excludeLocalTags'] = 1; } - try { - $event = $serverSync->fetchEvent($eventId, $params)->json(); + $event = $serverSync->fetchEvent($eventId, $params); + $headers = $event->headers; + $body = $event->body; + $event = $event->json(); } catch (Exception $e) { $this->logException("Failed downloading the event $eventId from remote server {$serverSync->serverId()}", $e); $fails[$eventId] = __('failed downloading the event'); @@ -481,13 +489,12 @@ class Server extends AppModel } $pullRulesEmptiedEvent = false; $this->__updatePulledEventBeforeInsert($event, $serverSync->server(), $user, $serverSync->pullRules(), $pullRulesEmptiedEvent); - if (!$this->__checkIfEventSaveAble($event)) { if (!$pullRulesEmptiedEvent) { // The event is empty because of the filtering rule. This is not considered a failure $fails[$eventId] = __('Empty event detected.'); } } else { - $this->__checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, $successes, $fails, $eventModel, $serverSync->server(), $user, $jobId, $force); + $this->__checkIfPulledEventExistsAndAddOrUpdate($event, $eventId, $successes, $fails, $eventModel, $serverSync->server(), $user, $jobId, $force, $headers, $body); } } else { // error @@ -4500,7 +4507,6 @@ class Server extends AppModel $uri = $server['Server']['url'] . $relativeUri; $response = $HttpSocket->get($uri, array(), $request); - if ($response->code == 404) { // intentional != throw new NotFoundException(__("Fetching the '%s' failed with HTTP error 404: Not Found", $uri)); } else if ($response->code == 405) { // intentional != From 5cd07f6ff09ab2a94231aef6d8f06747de260c96 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 15 Mar 2022 23:51:43 +0100 Subject: [PATCH 0152/1366] fix: [warning] merge fixes --- app/View/Events/view.ctp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 6805fc9c0..0669dae21 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -156,12 +156,12 @@ ], [ 'key' => __('Warnings'), - 'key_class' => !empty($event['warnings']) ? 'background-red bold' : '', - 'class' => !empty($event['warnings']) ? 'background-red bold' : '', + 'key_class' => !empty($warnings) ? 'background-red bold' : '', + 'class' => !empty($warnings) ? 'background-red bold' : '', 'green', 'type' => 'warnings', - 'warnings' => $event['warnings'], - 'requirement' => !empty($event['warnings']) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin'])) + 'warnings' => $warnings, + 'requirement' => !empty($warnings) && ($me['org_id'] === $event['Event']['orgc_id'] || !empty($me['Role']['perm_site_admin'])) ], [ 'key' => __('Info'), From 29ea45b4fd72cb95c31b89d550b303b1e5270c6b Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:27:11 +0100 Subject: [PATCH 0153/1366] chg: [ACL] added the cryptographicKeys functions --- app/Controller/Component/ACLComponent.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index f1f099522..a627ddef6 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -93,6 +93,12 @@ class ACLComponent extends Component 'generateTopCorrelations' => [], 'top' => [] ], + 'cryptographicKeys' => [ + 'add' => ['perm_add'], + 'delete' => ['perm_add'], + 'index' => ['*'], + 'view' => ['*'] + ], 'dashboards' => array( 'getForm' => array('*'), 'index' => array('*'), @@ -234,6 +240,7 @@ class ACLComponent extends Component 'nids' => array('*'), 'populate' => array('perm_add'), 'proposalEventIndex' => array('*'), + 'protect' => ['perm_add'], 'publish' => array('perm_publish'), 'publishSightings' => array('perm_sighting'), 'pushEventToZMQ' => array('perm_publish_zmq'), @@ -252,6 +259,7 @@ class ACLComponent extends Component 'stix2' => array('*'), 'strposarray' => array(), 'toggleCorrelation' => array('perm_add'), + 'unprotect' => ['perm_add'], 'unpublish' => array('perm_modify'), 'updateGraph' => array('*'), 'upload_analysis_file' => array('perm_add'), From 9e90513881289fc0fbf154ccdf912bc32acf2e71 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:27:42 +0100 Subject: [PATCH 0154/1366] new: [CRUD] delete - added the beforeDelete hook --- app/Controller/Component/CRUDComponent.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/Controller/Component/CRUDComponent.php b/app/Controller/Component/CRUDComponent.php index 022b6eb1a..7b9697b7c 100644 --- a/app/Controller/Component/CRUDComponent.php +++ b/app/Controller/Component/CRUDComponent.php @@ -287,6 +287,12 @@ class CRUDComponent extends Component } } } + if (isset($params['beforeDelete'])) { + $data = $params['beforeDelete']($data); + if (empty($data)) { + throw new MethodNotAllowedException('Something went wrong, delete action failed.'); + } + } if ($validationError === null && $this->Controller->request->is('post') || $this->Controller->request->is('delete')) { if (!empty($params['modelFunction'])) { $result = $this->Controller->$modelName->{$params['modelFunction']}($id); From 4f706aa331df321c4dbf3e117aa09428498f0615 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:28:09 +0100 Subject: [PATCH 0155/1366] fix: [ACL] Cryptokey add / delete key from parent received ACL checks --- .../CryptographicKeysController.php | 34 ++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/app/Controller/CryptographicKeysController.php b/app/Controller/CryptographicKeysController.php index f8f95b5bb..b16bd024c 100644 --- a/app/Controller/CryptographicKeysController.php +++ b/app/Controller/CryptographicKeysController.php @@ -40,6 +40,20 @@ class CryptographicKeysController extends AppController if (empty($type) || empty($parent_id)) { throw new MethodNotAllowedException(__('No type and/or parent_id supplied.')); } + if ($type === 'Event') { + $existingEvent = $this->CryptographicKey->Event->fetchSimpleEvent( + $this->Auth->user(), + $parent_id, + [ + 'conditions' => [ + 'Event.orgc_id' => $this->Auth->user('org_id') + ] + ] + ); + if (empty($existingEvent)) { + throw new MethodNotAllowedException(__('Invalid Event.')); + } + } $params = [ 'beforeSave' => function ($data) use($type, $parent_id) { $data['CryptographicKey']['parent_type'] = $type; @@ -63,7 +77,25 @@ class CryptographicKeysController extends AppController public function delete($id) { - $this->CRUD->delete($id); + $user = $this->Auth->user(); + $this->CRUD->delete($id, [ + 'beforeDelete' => function ($data) use($user) { + $parent_type = $data['CryptographicKey']['parent_type']; + $tempModel = ClassRegistry::init($parent_type); + $existingData = $tempModel->find('first', [ + 'conditions' => [ + $parent_type . '.id' => $data['CryptographicKey']['parent_id'] + ], + 'recursive' => -1 + ]); + if ($parent_type === 'Event') { + if (!$user['Role']['perm_site_admin'] && $existingData['Event']['orgc_id'] !== $user['org_id']) { + return false; + } + } + return $data; + } + ]); if ($this->IndexFilter->isRest()) { return $this->restResponsePayload; } From ab54f9cbfdee009e22fb6cec99af4b0379aa2553 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:28:59 +0100 Subject: [PATCH 0156/1366] fix: [ACL] event protect/unprotect received ACL checks --- app/Controller/EventsController.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index fd51637a9..fcb347717 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1845,7 +1845,7 @@ class EventsController extends AppController $this->__applyQueryString($event, $namedParams['galaxyAttachedAttributes'], 'Tag.name'); } if ($this->_isRest()) { - if ($this->RestResponse->isAutomaticTool()) { + if ($this->RestResponse->isAutomaticTool() && $event['Event']['protected']) { $this->RestResponse->signContents = true; } return $this->__restResponse($event); @@ -6113,10 +6113,11 @@ class EventsController extends AppController { $id = $this->Toolbox->findIdByUuid($this->Event, $id); $event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id, ['contain' => ['Orgc']]); - if (!$event) { - throw new NotFoundException(__('Invalid event')); - } - if (!$this->__canModifyEvent($event)) { + if ( + (!$this->_isSiteAdmin && $event['Event']['orgc_id'] !== $this->Auth->user('org_id')) || + !$event || + !$this->__canModifyEvent($event) + ) { throw new NotFoundException(__('Invalid event')); } if ($this->request->is('post')) { From f6b5c7b7e34f1e266b51377926fce27ccb172283 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:29:44 +0100 Subject: [PATCH 0157/1366] chg: [gpgtool] validateGpgKey now also imports the key --- app/Lib/Tools/GpgTool.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Lib/Tools/GpgTool.php b/app/Lib/Tools/GpgTool.php index 406b9b6e0..82af45273 100644 --- a/app/Lib/Tools/GpgTool.php +++ b/app/Lib/Tools/GpgTool.php @@ -102,6 +102,7 @@ class GpgTool if (empty($primaryKey)) { throw new Exception("No primary key found"); } + $this->gpg->importKey($keyData); return $primaryKey->getFingerprint(); } From 828a07a12857c8af5fe10fb8112e821f19d8758b Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:31:16 +0100 Subject: [PATCH 0158/1366] chg: [cryptographicKey] - load and initialise gpg on class construction --- app/Model/CryptographicKey.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 36c8d425f..160f28099 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -37,7 +37,7 @@ class CryptographicKey extends AppModel public function __construct($id = false, $table = null, $ds = null) { parent::__construct($id, $table, $ds); - + $this->gpg = GpgTool::initializeGpg(); $this->validate = [ 'type' => [ 'rule' => ['inList', $this->validTypes], @@ -82,7 +82,6 @@ class CryptographicKey extends AppModel $file = new File(APP . '/webroot/gpg.asc'); $instanceKey = $file->read(); try { - $this->gpg = GpgTool::initializeGpg(); $this->gpg->importKey($instanceKey); } catch (Crypt_GPG_NoDataException $e) { throw new MethodNotAllowedException("Could not import the instance key.."); @@ -110,9 +109,13 @@ class CryptographicKey extends AppModel { $this->error = false; $fingerprint = $this->__extractPGPKeyData($key); - $this->gpg = GpgTool::initializeGpg(); $data = preg_replace("/\s+/", "", $data); - $verifiedSignature = $this->gpg->verify($data, $signature); + try { + $verifiedSignature = $this->gpg->verify($data, $signature); + } catch (Exception $e) { + $this->error = $this::ERROR_WRONG_KEY; + return false; + } if (empty($verifiedSignature)) { $this->error = $this::ERROR_MALFORMED_SIGNATURE; return false; @@ -142,7 +145,7 @@ class CryptographicKey extends AppModel private function __extractPGPKeyData($data) { try { - $gpgTool = new GpgTool(GpgTool::initializeGpg()); + $gpgTool = new GpgTool($this->gpg); } catch (Exception $e) { $this->logException("GPG couldn't be initialized, GPG encryption and signing will be not available.", $e, LOG_NOTICE); return ''; @@ -196,6 +199,7 @@ class CryptographicKey extends AppModel return true; } } + throw new Exception(); $this->Log = ClassRegistry::init('Log'); $message = __('Could not validate the signature.'); $this->Log->createLogEntry($user, 'validateSig', 'Event', $event['Event']['id'], $message); @@ -224,7 +228,7 @@ class CryptographicKey extends AppModel $results = ['add' => [], 'remove' => []]; foreach ($existingKeys as $k => $existingKey) { foreach ($cryptographicKeys as $k2 => $cryptographicKey) { - if ($existingKey['CryptographicKey']['fingerprint'] === $cryptographicKey['fingerprint']) { + if ($existingKey['fingerprint'] === $cryptographicKey['fingerprint']) { $found = true; if ($cryptographicKey['revoked'] && !$existingKey['CryptographicKey']['revoked']) { $existingKey['CryptographicKey']['revoked'] = 1; From d431ee2d311b74aac877dc16944f4fd7b04ab009 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 01:32:01 +0100 Subject: [PATCH 0159/1366] new: [pull] added protected mode checks and calling the validation functions if a protected event is found - also removed leftover breakpoints --- app/Model/Server.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 635497b8d..7988eeed8 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -422,10 +422,14 @@ class Server extends AppModel 'fields' => ['id', 'locked', 'protected'], ]); $passAlong = $server['Server']['id']; - debug($body); - throw new Exception(); if (!$existingEvent) { // add data for newly imported events + if ($event['Event']['protected']) { + if (!$eventModel->CryptographicKey->validateProtectedEvent($body, $user, $headers['x-pgp-signature'], $event)) { + $fails[$eventId] = __('Event failed the validation checks. The remote instance claims that the event can be signed with a valid key which is sus.'); + return false; + } + } $result = $eventModel->_add($event, true, $user, $server['Server']['org_id'], $passAlong, true, $jobId); if ($result) { $successes[] = $eventId; @@ -441,8 +445,9 @@ class Server extends AppModel $fails[$eventId] = __('Blocked an edit to an event that was created locally. This can happen if a synchronised event that was created on this instance was modified by an administrator on the remote side.'); } else { if ($existingEvent['Event']['protected']) { - debug($headers); - validateProtectedEvent($raw_data, $user, $headers['x-pgp-signature'], $event); + if (!$eventModel->CryptographicKey->validateProtectedEvent($body, $user, $headers['x-pgp-signature'], $event)) { + $fails[$eventId] = __('Event failed the validation checks. The remote instance claims that the event can be signed with a valid key which is sus.'); + } } $result = $eventModel->_edit($event, $user, $existingEvent['Event']['id'], $jobId, $passAlong, $force); if ($result === true) { From 259a19a374eea81da3a75b37e03c640f36084d4f Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 16 Mar 2022 15:36:58 +0100 Subject: [PATCH 0160/1366] fix: [sync] removed newly added locked field as a sanitized sync field - ends up creating unlocked events on the remote, preventing future edits --- app/Model/Event.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index ed5e5a5c1..e9c3989c5 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -1103,7 +1103,6 @@ class Event extends AppModel $url = "$serverUrl/events/add/metadata:1"; } $response = $HttpSocket->post($url, $data, $request); - // Maybe the check if event exists was not correct, try to create a new event if ($exists && $response->code == '404') { $url = "$serverUrl/events/add/metadata:1"; @@ -1173,7 +1172,7 @@ class Event extends AppModel } } // cleanup the array from things we do not want to expose - foreach (array('Org', 'org_id', 'orgc_id', 'proposal_email_lock', 'org', 'orgc', 'locked') as $field) { + foreach (array('Org', 'org_id', 'orgc_id', 'proposal_email_lock', 'org', 'orgc') as $field) { unset($event['Event'][$field]); } return ['Event' => $event['Event']]; From 8eff854fce1fea1521f33fffc2440df5b7e5c410 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:41:55 +0100 Subject: [PATCH 0161/1366] fix: [signing validation] use the existing event rather than the incoming event for edits - the ground truth for allowing edits is in the LOCAL version of the event - prevents tampering attempts - also cleanup of repetive file upload code --- app/Controller/DecayingModelController.php | 20 +------------- app/Controller/GalaxiesController.php | 20 +------------- app/Lib/Tools/FileAccessTool.php | 32 ++++++++++++++++++++++ app/Model/Server.php | 3 +- 4 files changed, 36 insertions(+), 39 deletions(-) diff --git a/app/Controller/DecayingModelController.php b/app/Controller/DecayingModelController.php index 299391e19..3b0ac6377 100644 --- a/app/Controller/DecayingModelController.php +++ b/app/Controller/DecayingModelController.php @@ -43,25 +43,7 @@ class DecayingModelController extends AppController { if ($this->request->is('post') || $this->request->is('put')) { $data = $this->request->data['DecayingModel']; - if ($data['submittedjson']['name'] != '' && $data['json'] != '') { - throw new MethodNotAllowedException(__('Only one import field can be used')); - } - if ($data['submittedjson']['size'] > 0) { - $filename = basename($data['submittedjson']['name']); - $file = new File($data['submittedjson']['tmp_name']); - $file_content = $file->read(); - $file->close(); - if ((isset($data['submittedjson']['error']) && $data['submittedjson']['error'] == 0) || - (!empty($data['submittedjson']['tmp_name']) && $data['submittedjson']['tmp_name'] != '') - ) { - if (!$file_content) { - throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?')); - } - } - $text = $file_content; - } else { - $text = $data['json']; - } + $text = FileAccessTool::getTempUploadedFile($data['submittedjson'], $data['json']); $json = json_decode($text, true); if ($json === null) { throw new MethodNotAllowedException(__('Error while decoding JSON')); diff --git a/app/Controller/GalaxiesController.php b/app/Controller/GalaxiesController.php index 459dee312..a2569649f 100644 --- a/app/Controller/GalaxiesController.php +++ b/app/Controller/GalaxiesController.php @@ -216,25 +216,7 @@ class GalaxiesController extends AppController $clusters = $this->request->data; } else { $data = $this->request->data['Galaxy']; - if ($data['submittedjson']['name'] != '' && $data['json'] != '') { - throw new MethodNotAllowedException(__('Only one import field can be used at a time')); - } - if ($data['submittedjson']['size'] > 0) { - $filename = basename($data['submittedjson']['name']); - $file = new File($data['submittedjson']['tmp_name']); - $file_content = $file->read(); - $file->close(); - if ((isset($data['submittedjson']['error']) && $data['submittedjson']['error'] == 0) || - (!empty($data['submittedjson']['tmp_name']) && $data['submittedjson']['tmp_name'] != '') - ) { - if (!$file_content) { - throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?')); - } - } - $text = $file_content; - } else { - $text = $data['json']; - } + $text = FileAccessTool::getTempUploadedFile($data['submittedjson'], $data['json']); $clusters = json_decode($text, true); if ($clusters === null) { throw new MethodNotAllowedException(__('Error while decoding JSON')); diff --git a/app/Lib/Tools/FileAccessTool.php b/app/Lib/Tools/FileAccessTool.php index 0419d235f..d6857cb94 100644 --- a/app/Lib/Tools/FileAccessTool.php +++ b/app/Lib/Tools/FileAccessTool.php @@ -168,4 +168,36 @@ class FileAccessTool return true; } } + + /** + * @param array $submittedFile + * @param string $alternate + * @return string + */ + public static function getTempUploadedFile($submittedFile, $alternate = false) + { + if ($submittedFile['name'] != '' && $alternate != '') { + throw new MethodNotAllowedException(__('Only one import field can be used')); + } + if ($submittedFile['size'] > 0) { + $filename = basename($submittedFile['name']); + if (!is_uploaded_file($submittedFile['tmp_name'])) { + throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?')); + } + $file = new File($submittedFile['tmp_name']); + $file_content = $file->read(); + $file->close(); + if ((isset($submittedFile['error']) && $submittedFile['error'] == 0) || + (!empty($submittedFile['tmp_name']) && $submittedFile['tmp_name'] != '') + ) { + if (!$file_content) { + throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?')); + } + } + $text = $file_content; + } else { + $text = $alternate ? $alternate : ''; + } + return $text; + } } diff --git a/app/Model/Server.php b/app/Model/Server.php index c4b985f0a..a65dc6eb5 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -420,6 +420,7 @@ class Server extends AppModel 'conditions' => ['Event.uuid' => $event['Event']['uuid']], 'recursive' => -1, 'fields' => ['id', 'locked', 'protected'], + 'contain' => ['CryptographicKey'] ]); $passAlong = $server['Server']['id']; if (!$existingEvent) { @@ -445,7 +446,7 @@ class Server extends AppModel $fails[$eventId] = __('Blocked an edit to an event that was created locally. This can happen if a synchronised event that was created on this instance was modified by an administrator on the remote side.'); } else { if ($existingEvent['Event']['protected']) { - if (!$eventModel->CryptographicKey->validateProtectedEvent($body, $user, $headers['x-pgp-signature'], $event)) { + if (!$eventModel->CryptographicKey->validateProtectedEvent($body, $user, $headers['x-pgp-signature'], $existingEvent)) { $fails[$eventId] = __('Event failed the validation checks. The remote instance claims that the event can be signed with a valid key which is sus.'); } } From 2263f4b194f60881120688faf04450520afb683b Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:43:27 +0100 Subject: [PATCH 0162/1366] chg: [event index] include a lock sign for protected events --- app/View/Elements/Events/eventIndexTable.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Elements/Events/eventIndexTable.ctp b/app/View/Elements/Events/eventIndexTable.ctp index c73d1a7a0..cd1248dbb 100644 --- a/app/View/Elements/Events/eventIndexTable.ctp +++ b/app/View/Elements/Events/eventIndexTable.ctp @@ -69,8 +69,8 @@ OrgImg->getOrgLogo($event['Org'], 24) ?> - - " class="dblclickActionElement threat-level-" title=""> + + " class="dblclickActionElement threat-level-" title=""> ', __('Protected event')) : ''?> From 57199cabd84c91ec5d457d62fb050cf2ee60697a Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:44:07 +0100 Subject: [PATCH 0163/1366] new: [protected event field] in the event view - added tooltips with explanations - added a warning if the instance's signing key is not included --- .../Fields/protectedEventField.ctp | 27 ++++++++++++++++--- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp index bc95fa5a0..29fe0eace 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp @@ -6,12 +6,13 @@ ' %s %s %s
    ', __('Event is in protected mode.'), !$field['owner'] ? '' : sprintf( - '
    %s', + '
    %s', sprintf( "openGenericModal('%s/events/unprotect/%s');", $baseurl, h($event['id']) ), + __('Revert the event to an unprotected mode event. It will no longer be restricted to be shared by instances that have their signing key listed in the event\'s signing key list. Signing and validation of the event will be disabled.'), empty($field['text']) ? __('Switch to unprotected mode') : h($field['text']) ), !$field['owner'] ? '' : sprintf( @@ -25,9 +26,18 @@ empty($field['text']) ? __('Add signing key') : h($field['text']) ) ); + $foundInstanceKey = false; foreach ($keys as $key) { + $isInstanceKey = $key['fingerprint'] === $field['instanceFingerprint']; + if ($isInstanceKey) { + $foundInstanceKey = true; + } echo sprintf( - '%s (%s) %s
    ', + '%s%s (%s) %s
    ', + !$isInstanceKey ? '' : sprintf( + ' ', + __('This is the instance signing key. When synchronising the instance, this will be the key used to validate the event.') + ), h($key['type']), empty($key['fingerprint']) ? '#' . h($key['id']) : h($key['fingerprint']), sprintf( @@ -40,21 +50,30 @@ '', $baseurl, h($key['id']), - __('Revoke key') + __('Detach key from the event. This key will no longer be used to sign and validate this event.') ) ); } + if (!$foundInstanceKey) { + echo sprintf( + '%s: %s ', + __('Warning'), + __('Instance key not attached to the event. Further synchronisation not supported.'), + __("In protected mode, the current instance's signing key is used to sign and on the receiving side validate the event. If the current signing key is not attached to the event, MISP by default will not propagate the event further.\n\nIf you feel this is an error, contact the event's creator to add your instance's signing key to the event's signing key list.\n\nWarning: This restriction does NOT constitue a release control, merely a tamper protection for the recipients."), + ); + } } else { echo sprintf( ' %s %s
    ', __('Event is in unprotected mode.'), !$field['owner'] ? '' : sprintf( - '
    %s', + '
    %s', sprintf( "openGenericModal('%s/events/protect/%s');", $baseurl, h($event['id']) ), + __('Convert the event to a protected event. Event signing keys can then be attached to the event, allowing instances to sign the event prior to synchronising it. This allows the recipient instances to validate updates to the event in the future to be only issued by organisations that can sign the event using the listed keys.'), empty($field['text']) ? __('Switch to protected mode') : h($field['text']) ) ); From 0ceeaf5242c992e3dcb751cde304ed1419157d4a Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:45:11 +0100 Subject: [PATCH 0164/1366] new: [single view factory] added key_info constructor key for meta fields - will display a font awesome info icon with a configurable title text --- .../Elements/genericElements/SingleViews/single_view.ctp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/SingleViews/single_view.ctp b/app/View/Elements/genericElements/SingleViews/single_view.ctp index 6e1b29faf..53d38da3d 100644 --- a/app/View/Elements/genericElements/SingleViews/single_view.ctp +++ b/app/View/Elements/genericElements/SingleViews/single_view.ctp @@ -47,10 +47,14 @@ } } $listElements .= sprintf( - '%s%s %s', + '%s%s%s %s', empty($field['key_class']) ? '' : h($field['key_class']), empty($field['key_title']) ? '' : h($field['key_title']), h($field['key']), + empty($field['key_info']) ? '' : sprintf( + ' ', + h($field['key_info']) + ), empty($field['class']) ? '' : h($field['class']), empty($field['title']) ? '' : h($field['title']), $this->element( From f8efe5a01ebbda28495c81719108389abd3fc793 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:46:23 +0100 Subject: [PATCH 0165/1366] chg: [event view] added more information about the protected event status --- app/View/Events/view.ctp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 0669dae21..f4bf5b9a1 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -20,7 +20,7 @@ [ 'url' => '#', 'icon' => 'lock', - 'style' => 'color:red; font-size:15px;padding-left:2px', + 'style' => 'color:green;', 'title' => __('This is a protected event'), 'requirement' => !empty($event['Event']['protected']) ] @@ -100,7 +100,10 @@ 'requirement' => isset($event['User']['email']) ], [ - 'key' => __('Protected Event'), + 'key' => __('Protected Event (experimental)'), + 'key_info' => __( + "Protected events carry a list of cryptographic keys used to sign and validate the information in transit.\n\nWhat this means in practice, a protected event shared with another instance will only be able to receive updates via the synchronisation mechanism from instances that are able to provide a valid signature from the event\'s list of signatures.\n\nFor highly critical events in broader MISP networks, this can provide an additional layer of tamper proofing to ensure that the original source of the information maintains control over modifications. Whilst this feature has its uses, it is not required in most scenarios." + ), 'path' => 'CryptographicKey', 'event_path' => 'Event', 'owner' => ( @@ -108,6 +111,7 @@ (int)$me['org_id'] === (int)Configure::read('MISP.host_org_id') && !$event['Event']['locked'] ), + 'instanceFingerprint' => $instanceFingerprint, 'type' => 'protectedEvent' ], [ From 17adbc26ae35af05c4efa44b082c0194f15a4139 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:47:06 +0100 Subject: [PATCH 0166/1366] chg: [signing validation] fixes - correctly handle edits in regards to tamper proofing events - handle an edge case of missing organisation data loaded for displaying if an event is removed by failing the validation --- app/Controller/EventsController.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index fcb347717..776ec9f81 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -881,6 +881,9 @@ class EventsController extends AppController $orgIds = []; $sharingGroupIds = []; foreach ($events as $k => $event) { + $orgIds[$event['Event']['org_id']] = true; + $orgIds[$event['Event']['orgc_id']] = true; + $sharingGroupIds[$event['Event']['sharing_group_id']] = true; if ($event['Event']['protected']) { if ($skipProtected) { unset($events[$k]); @@ -888,15 +891,13 @@ class EventsController extends AppController } foreach ($event['CryptographicKey'] as $cryptoKey) { if ($instanceFingerprint === $cryptoKey['fingerprint']) { + continue 2; } } unset($events[$k]); continue; } - $orgIds[$event['Event']['org_id']] = true; - $orgIds[$event['Event']['orgc_id']] = true; - $sharingGroupIds[$event['Event']['sharing_group_id']] = true; } $events = array_values($events); if (!empty($orgIds)) { @@ -910,7 +911,6 @@ class EventsController extends AppController } else { $orgs = []; } - unset($sharingGroupIds[0]); if (!empty($sharingGroupIds)) { $sharingGroups = $this->Event->SharingGroup->find('all', [ @@ -1648,6 +1648,7 @@ class EventsController extends AppController $this->set('warnings', $this->Event->generateWarnings($event)); $this->set('menuData', array('menuList' => 'event', 'menuItem' => 'viewEvent')); $this->set('mayModify', $this->__canModifyEvent($event)); + $this->set('instanceFingerprint', $this->Event->CryptographicKey->ingestInstanceKey()); $this->__eventViewCommon($user); } @@ -2622,7 +2623,7 @@ class EventsController extends AppController if ($this->request->is('get') && $this->_isRest()) { return $this->RestResponse->describe('Events', 'edit', false, $this->response->type()); } - $event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id, ['contain' => ['Orgc']]); + $event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id, ['contain' => ['Orgc', 'CryptographicKey']]); if (!$event) { throw new NotFoundException(__('Invalid event')); } @@ -2652,7 +2653,7 @@ class EventsController extends AppController $raw_data, $this->Auth->user(), $pgp_signature, - $this->request->data + $event ) ) { throw new MethodNotAllowedException(__('Protected event failed signature validation.')); From f8957cd62e641c89fd7f35b0ec658064bf6df781 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:53:02 +0100 Subject: [PATCH 0167/1366] new: [instance key ingestion] added caching - cache the fingerprint of the instance for 5 minutes - avoid an unnecesary overhead by caching the value for 5 minutes --- app/Model/CryptographicKey.php | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 160f28099..2b35adb25 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -79,6 +79,18 @@ class CryptographicKey extends AppModel public function ingestInstanceKey() { + try { + $redis = $this->setupRedis(); + } catch (Exception $e) { + $redis = false; + } + if ($redis) { + $redisKey = "misp:instance_fingerprint"; + $instance_fingerprint = $redis->get($redisKey); + if (!empty($instance_fingerprint)) { + return $instance_fingerprint; + } + } $file = new File(APP . '/webroot/gpg.asc'); $instanceKey = $file->read(); try { @@ -87,7 +99,11 @@ class CryptographicKey extends AppModel throw new MethodNotAllowedException("Could not import the instance key.."); } $this->gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password')); - return $this->gpg->getFingerprint(Configure::read('GnuPG.email')); + $fingerprint = $this->gpg->getFingerprint(Configure::read('GnuPG.email')); + if ($redis) { + $redis->setEx($redisKey, 300, $fingerprint); + } + return $fingerprint; } public function signWithInstanceKey($data) @@ -199,7 +215,6 @@ class CryptographicKey extends AppModel return true; } } - throw new Exception(); $this->Log = ClassRegistry::init('Log'); $message = __('Could not validate the signature.'); $this->Log->createLogEntry($user, 'validateSig', 'Event', $event['Event']['id'], $message); From 8ea0b2cb561f7e211ff022dc11ec74f3ad0ced4f Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 00:57:41 +0100 Subject: [PATCH 0168/1366] chg: [unused endpoint] removed --- .../CryptographicKeysController.php | 20 ------------------- app/Model/Event.php | 14 ++++++++++--- 2 files changed, 11 insertions(+), 23 deletions(-) diff --git a/app/Controller/CryptographicKeysController.php b/app/Controller/CryptographicKeysController.php index b16bd024c..23b5f27f7 100644 --- a/app/Controller/CryptographicKeysController.php +++ b/app/Controller/CryptographicKeysController.php @@ -15,26 +15,6 @@ class CryptographicKeysController extends AppController 'maxLimit' => 9999 ); - public function index($type, $parent_id) - { - if (empty($type) || empty($parent_id)) { - throw new MethodNotAllowedException(__('No type and/or parent_id supplied.')); - } - $params = [ - 'filters' => ['name', 'url', 'uuid'], - 'quickFilters' => ['name'], - 'conditions' => [ - 'CryptographicKey.type' => $type, - 'CryptographicKey.parent_id' => $id - ] - ]; - $this->CRUD->index($params); - if ($this->IndexFilter->isRest()) { - return $this->restResponsePayload; - } - $this->set('menuData', array('menuList' => 'cryptographic_keys', 'menuItem' => 'list_cryptographic_keys')); - } - public function add($type, $parent_id) { if (empty($type) || empty($parent_id)) { diff --git a/app/Model/Event.php b/app/Model/Event.php index e9c3989c5..adef212bc 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -973,6 +973,16 @@ class Event extends AppModel } try { $this->restfulEventToServer($event, $server, $HttpSocket, $push); + } catch (Crypt_GPG_KeyNotFoundException $e) { + $errorMessage = sprintf( + 'Could not push event %s to remote server #%s. Reason: %s', + $event['Event']['uuid'], + $server['Server']['id'], + $e->getMessage() + ); + $this->logException($errorMessage, $e); + $this->__logUploadResult($server, $event, $errorMessage); + return false; } catch (Exception $e) { $errorMessage = $e->getMessage(); if ($e instanceof HttpException && $e->getCode() == 403) { @@ -985,7 +995,6 @@ class Event extends AppModel } } } - $this->logException("Could not push event '{$event['Event']['uuid']}' to remote server #{$server['Server']['id']}", $e); $this->__logUploadResult($server, $event, $errorMessage); return false; @@ -1065,7 +1074,6 @@ class Event extends AppModel } $request = $this->setupSyncRequest($server); $serverUrl = $server['Server']['url']; - $exists = false; try { // Check if event exists on remote server to use proper endpoint @@ -1076,6 +1084,7 @@ class Event extends AppModel } catch (Exception $e) { $this->logException("Could not check if event {$event['Event']['uuid']} exists on remote server {$server['Server']['id']}", $e, LOG_NOTICE); } + $data = json_encode($event); if (!empty($event['Event']['protected'])) { if (empty($connectionStatus['protectedMode'])) { @@ -1086,7 +1095,6 @@ class Event extends AppModel } $request = $this->__signEvent($data, $server, $request, $HttpSocket); } - if (!empty(Configure::read('Security.sync_audit'))) { $pushLogEntry = sprintf( "==============================================================\n\n[%s] Pushing Event #%d to Server #%d:\n\n%s\n\n", From 20fffac92b5ac61b93a250490986de0de13cf2fe Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 01:44:33 +0100 Subject: [PATCH 0169/1366] chg: [signing validation] re-added to the new ServerSyncTool --- app/Lib/Tools/ServerSyncTool.php | 42 +++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/app/Lib/Tools/ServerSyncTool.php b/app/Lib/Tools/ServerSyncTool.php index 4bde444d6..353765ef5 100644 --- a/app/Lib/Tools/ServerSyncTool.php +++ b/app/Lib/Tools/ServerSyncTool.php @@ -365,6 +365,7 @@ class ServerSyncTool */ private function post($url, $data, $logMessage = null) { + $protectedMode = !empty($data['Event']['protected']); $data = json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); if ($logMessage && !empty(Configure::read('Security.sync_audit'))) { @@ -378,7 +379,7 @@ class ServerSyncTool } $request = $this->request; - if (strlen($data) > 1024) { // do not compress small body + if (strlen($data) > 1024 && !$protectedMode) { // do not compress small body if ($this->isSupported(self::FEATURE_BR) && function_exists('brotli_compress')) { $request['header']['Content-Encoding'] = 'br'; $data = brotli_compress($data, 1, BROTLI_TEXT); @@ -389,6 +390,9 @@ class ServerSyncTool } $url = $this->server['Server']['url'] . $url; $start = microtime(true); + if ($protectedMode) { + $request = $this->signEvent($data, $this->server, $request, $this->socket); + } $response = $this->socket->post($url, $data, $request); $this->log($start, 'POST', $url, $response); if (!$response->isOk()) { @@ -397,6 +401,42 @@ class ServerSyncTool return $response; } + /** + * @param string $data + * @param array $server + * @param array $request + * @param HttpSocket $HttpSocket + * @return array + * @throws Exception + * @throws HttpException + * @throws MethodNotAllowedException + */ + private function signEvent($data, $server, $request, $socket) + { + $this->CryptographicKey = ClassRegistry::init('CryptographicKey'); + $signature = $this->CryptographicKey->signWithInstanceKey($data); + $request['header']['x-pgp-signature'] = base64_encode($signature); + $this->Log = ClassRegistry::init('Log'); + if (empty($signature)) { + $message = __("Invalid signing key. This should never happen."); + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new Exception($message); + } + $response = $socket->get($server['Server']['url'] . '/servers/getVersion.json', null, $request); + if (!$response->isOk()) { + $message = __("Could not fetch remote version to negotiate protected event synchronisation."); + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new HttpException($response->body, $response->code); + } + $version = json_decode($response->body(), true)['version']; + if (version_compare($version, '2.4.156') < 0) { + $message = __('Remote instance is not protected event aware yet (< 2.4.156), aborting.'); + $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); + throw new MethodNotAllowedException($message); + } + return $request; + } + /** * @param string $key * @return array From a63a628a1a574e1b649309650bd818675c74f0e0 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 01:44:58 +0100 Subject: [PATCH 0170/1366] fix: [cryptograhicKey] instance key fingreprint caching fixed --- app/Model/CryptographicKey.php | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 2b35adb25..57dd8051d 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -86,23 +86,22 @@ class CryptographicKey extends AppModel } if ($redis) { $redisKey = "misp:instance_fingerprint"; - $instance_fingerprint = $redis->get($redisKey); - if (!empty($instance_fingerprint)) { - return $instance_fingerprint; + $fingerprint = $redis->get($redisKey); + } + if (empty($fingerprint)) { + $file = new File(APP . '/webroot/gpg.asc'); + $instanceKey = $file->read(); + try { + $this->gpg->importKey($instanceKey); + } catch (Crypt_GPG_NoDataException $e) { + throw new MethodNotAllowedException("Could not import the instance key.."); + } + $fingerprint = $this->gpg->getFingerprint(Configure::read('GnuPG.email')); + if ($redis) { + $redis->setEx($redisKey, 300, $fingerprint); } } - $file = new File(APP . '/webroot/gpg.asc'); - $instanceKey = $file->read(); - try { - $this->gpg->importKey($instanceKey); - } catch (Crypt_GPG_NoDataException $e) { - throw new MethodNotAllowedException("Could not import the instance key.."); - } $this->gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password')); - $fingerprint = $this->gpg->getFingerprint(Configure::read('GnuPG.email')); - if ($redis) { - $redis->setEx($redisKey, 300, $fingerprint); - } return $fingerprint; } From 47a997363c3c6fbd75c60f327cd3604949ea9bbb Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 02:09:22 +0100 Subject: [PATCH 0171/1366] chg: [CI] make the tests happy - trailing comma after the last parameter in a function is not allowed in some PHP versions --- .../genericElements/SidePanels/Templates/relatedEvents.ctp | 2 +- .../genericElements/SidePanels/Templates/tagConflicts.ctp | 2 +- .../genericElements/SingleViews/Fields/protectedEventField.ctp | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp b/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp index fabaa077a..12fa965b9 100644 --- a/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp +++ b/app/View/Elements/genericElements/SidePanels/Templates/relatedEvents.ctp @@ -9,7 +9,7 @@ $htmlElements[] = sprintf( '
    %s
    ', 'no-side-padding correlation-expand-button useCursorPointer linkButton blue', - __('Show (%s more)', $total - ($count-1)), + __('Show (%s more)', $total - ($count-1)) ); } $htmlElements[] = $this->element('/Events/View/related_event', array( diff --git a/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp b/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp index 87512be8c..ddb9980b8 100644 --- a/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp +++ b/app/View/Elements/genericElements/SidePanels/Templates/tagConflicts.ctp @@ -6,7 +6,7 @@ $baseurl, h($taxonomy['Taxonomy']['id']), h($taxonomy['Taxonomy']['description']), - h($taxonomy['Taxonomy']['namespace']), + h($taxonomy['Taxonomy']['namespace']) ); $conflictHtmlInternal = []; if ($taxonomy['Taxonomy']['exclusive']) { diff --git a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp index 29fe0eace..6e05343e9 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp @@ -59,7 +59,7 @@ '%s: %s ', __('Warning'), __('Instance key not attached to the event. Further synchronisation not supported.'), - __("In protected mode, the current instance's signing key is used to sign and on the receiving side validate the event. If the current signing key is not attached to the event, MISP by default will not propagate the event further.\n\nIf you feel this is an error, contact the event's creator to add your instance's signing key to the event's signing key list.\n\nWarning: This restriction does NOT constitue a release control, merely a tamper protection for the recipients."), + __("In protected mode, the current instance's signing key is used to sign and on the receiving side validate the event. If the current signing key is not attached to the event, MISP by default will not propagate the event further.\n\nIf you feel this is an error, contact the event's creator to add your instance's signing key to the event's signing key list.\n\nWarning: This restriction does NOT constitue a release control, merely a tamper protection for the recipients.") ); } } else { From 26ea06f2d9714f8148a4afcf9dbef58f8d01a0ee Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 02:31:45 +0100 Subject: [PATCH 0172/1366] fix: [gpg key] handle the lack of an instance key more gracefully --- app/Controller/CryptographicKeysController.php | 2 +- app/Model/CryptographicKey.php | 11 +++++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/app/Controller/CryptographicKeysController.php b/app/Controller/CryptographicKeysController.php index 23b5f27f7..8d68f3b27 100644 --- a/app/Controller/CryptographicKeysController.php +++ b/app/Controller/CryptographicKeysController.php @@ -50,7 +50,7 @@ class CryptographicKeysController extends AppController if ($this->restResponsePayload) { return $this->restResponsePayload; } - $instanceKey = FileAccessTool::readFromFile(APP . 'webroot/gpg.asc'); + $instanceKey = file_exists(APP . 'webroot/gpg.asc') ? FileAccessTool::readFromFile(APP . 'webroot/gpg.asc') : ''; $this->set('instanceKey', $instanceKey); $this->set('menuData', array('menuList' => 'cryptographic_keys', 'menuItem' => 'add_cryptographic_key')); } diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 57dd8051d..0adeaea59 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -88,6 +88,9 @@ class CryptographicKey extends AppModel $redisKey = "misp:instance_fingerprint"; $fingerprint = $redis->get($redisKey); } + if (!file_exists(APP . '/webroot/gpg.asc')) { + return false; + } if (empty($fingerprint)) { $file = new File(APP . '/webroot/gpg.asc'); $instanceKey = $file->read(); @@ -107,7 +110,9 @@ class CryptographicKey extends AppModel public function signWithInstanceKey($data) { - $this->ingestInstanceKey(); + if (!$this->ingestInstanceKey()) { + return false; + } $data = preg_replace("/\s+/", "", $data); $signature = $this->gpg->sign($data, Crypt_GPG::SIGN_MODE_DETACHED); return $signature; @@ -115,7 +120,9 @@ class CryptographicKey extends AppModel public function signFileWithInstanceKey($path) { - $this->ingestInstanceKey(); + if (!$this->ingestInstanceKey()) { + return false; + } $signature = $this->gpg->signFile($path, Crypt_GPG::SIGN_MODE_DETACHED); return $signature; } From a0e6be2cdd728c77831df4ada8730ce23fa3b258 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 17 Mar 2022 09:25:27 +0100 Subject: [PATCH 0173/1366] chg: [PyMISP] updated --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index 94a65c578..c5646d746 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 94a65c578a641751d9941a58d44b91b0cb7f554f +Subproject commit c5646d7463932f5c58b9569a7d771cdb8b2c048a From ff39069bbc1a981224bd0d76c8d403f63347d7f0 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 17 Mar 2022 09:29:02 +0100 Subject: [PATCH 0174/1366] fix: [oidc] Undefined index --- app/Plugin/OidcAuth/Lib/Oidc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Plugin/OidcAuth/Lib/Oidc.php b/app/Plugin/OidcAuth/Lib/Oidc.php index a8d99232e..eef0951eb 100644 --- a/app/Plugin/OidcAuth/Lib/Oidc.php +++ b/app/Plugin/OidcAuth/Lib/Oidc.php @@ -136,7 +136,7 @@ class Oidc $this->log($mispUsername, 'Logged in.'); $user = $this->_findUser($settings, ['User.id' => $this->User->id]); - if ($user['User']['sub'] !== $sub) { // just to be sure that we have the correct user + if ($user['sub'] !== $sub) { // just to be sure that we have the correct user throw new Exception("User {$user['email']} sub doesn't match ({$user['sub']} != $sub)"); } return $user; From bcf8e4965448c5114e70d9836e2e77f841cb797e Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 17 Mar 2022 10:27:36 +0100 Subject: [PATCH 0175/1366] chg: [misp-objects] updated to the latest version --- app/files/misp-objects | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/misp-objects b/app/files/misp-objects index a6d51a91b..9515ae332 160000 --- a/app/files/misp-objects +++ b/app/files/misp-objects @@ -1 +1 @@ -Subproject commit a6d51a91b9cc45ac3062492b5e602f68392d63d6 +Subproject commit 9515ae332e45d9ac306eaaaa802b605c1090cf5c From 188153ffe93a806da0506fa7350f2e34e599489d Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 17 Mar 2022 11:50:06 +0100 Subject: [PATCH 0176/1366] chg: [events] Typo in protected description --- app/View/Events/view.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index f4bf5b9a1..6be98b930 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -102,7 +102,7 @@ [ 'key' => __('Protected Event (experimental)'), 'key_info' => __( - "Protected events carry a list of cryptographic keys used to sign and validate the information in transit.\n\nWhat this means in practice, a protected event shared with another instance will only be able to receive updates via the synchronisation mechanism from instances that are able to provide a valid signature from the event\'s list of signatures.\n\nFor highly critical events in broader MISP networks, this can provide an additional layer of tamper proofing to ensure that the original source of the information maintains control over modifications. Whilst this feature has its uses, it is not required in most scenarios." + "Protected events carry a list of cryptographic keys used to sign and validate the information in transit.\n\nWhat this means in practice, a protected event shared with another instance will only be able to receive updates via the synchronisation mechanism from instances that are able to provide a valid signature from the event's list of signatures.\n\nFor highly critical events in broader MISP networks, this can provide an additional layer of tamper proofing to ensure that the original source of the information maintains control over modifications. Whilst this feature has its uses, it is not required in most scenarios." ), 'path' => 'CryptographicKey', 'event_path' => 'Event', From b92d8ddb8fac48990b69b25082c0415373c135e7 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 17 Mar 2022 11:50:49 +0100 Subject: [PATCH 0177/1366] chg: [events:index] Check for not empty instead --- app/View/Elements/Events/eventIndexTable.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Elements/Events/eventIndexTable.ctp b/app/View/Elements/Events/eventIndexTable.ctp index cd1248dbb..ea07d9fb5 100644 --- a/app/View/Elements/Events/eventIndexTable.ctp +++ b/app/View/Elements/Events/eventIndexTable.ctp @@ -70,7 +70,7 @@ - " class="dblclickActionElement threat-level-" title=""> ', __('Protected event')) : ''?> + " class="dblclickActionElement threat-level-" title=""> ', __('Protected event')) : ''?> From 9307a0776030991ea7e720b6cd1a4151fc41395d Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 17 Mar 2022 12:38:19 +0100 Subject: [PATCH 0178/1366] fix: [events:edit] Correctly collects saved cryptographic keys when pushing an edit --- app/Model/CryptographicKey.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 0adeaea59..edf07daad 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -210,13 +210,19 @@ class CryptographicKey extends AppModel public function validateProtectedEvent($raw_data, $user, $pgp_signature, $event) { - if (empty($event['Event']['CryptographicKey'])) { + $eventCryptoGraphicKey = []; + if (!empty($event['Event']['CryptographicKey'])) { // Depending if $event comes from fetchEvent or from pushed data + $eventCryptoGraphicKey = $event['Event']['CryptographicKey']; + } else if (!empty($event['CryptographicKey'])) { + $eventCryptoGraphicKey = $event['CryptographicKey']; + } + if (empty($eventCryptoGraphicKey)) { $message = __('No valid signatures found for validating the signature.'); $this->Log = ClassRegistry::init('Log'); $this->Log->createLogEntry($user, 'validateSig', 'Event', $event['Event']['id'], $message); return false; } - foreach ($event['Event']['CryptographicKey'] as $supplied_key) { + foreach ($eventCryptoGraphicKey as $supplied_key) { if ($this->verifySignature($raw_data, base64_decode($pgp_signature), $supplied_key['key_data'])) { return true; } From b365be8e36b0885144e3613772bdba24dfbf0987 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 17 Mar 2022 13:42:40 +0100 Subject: [PATCH 0179/1366] chg: [misp-galaxy] updated --- app/files/misp-galaxy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/misp-galaxy b/app/files/misp-galaxy index f49b54281..18069ce5f 160000 --- a/app/files/misp-galaxy +++ b/app/files/misp-galaxy @@ -1 +1 @@ -Subproject commit f49b54281b7645b703663a99613f6909ebc7a989 +Subproject commit 18069ce5f3d0747752307cd2a54da2998055234d From ca036781ca5108726764abe95815518297338038 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 17 Mar 2022 13:43:29 +0100 Subject: [PATCH 0180/1366] chg: [taxonomies] updated to the latest version --- app/files/taxonomies | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/taxonomies b/app/files/taxonomies index 6da2a75fc..92d74aa5f 160000 --- a/app/files/taxonomies +++ b/app/files/taxonomies @@ -1 +1 @@ -Subproject commit 6da2a75fc41afb401d5c16635dfcd48d43372a88 +Subproject commit 92d74aa5fc76080ddfd6cbaa7bdce18e30d11634 From f208c656ea0c5ac25383b3011f17407996c57909 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 17 Mar 2022 13:58:25 +0100 Subject: [PATCH 0181/1366] chg: [cryptograhicKey] Simplified code for event pushing --- app/Lib/Tools/ServerSyncTool.php | 51 +++++++++++++------------------- app/Model/CryptographicKey.php | 1 - app/Model/Event.php | 16 +++------- 3 files changed, 24 insertions(+), 44 deletions(-) diff --git a/app/Lib/Tools/ServerSyncTool.php b/app/Lib/Tools/ServerSyncTool.php index 353765ef5..ffeca4e7b 100644 --- a/app/Lib/Tools/ServerSyncTool.php +++ b/app/Lib/Tools/ServerSyncTool.php @@ -8,7 +8,8 @@ class ServerSyncTool FEATURE_ORG_RULE = 'org_rule', FEATURE_FILTER_SIGHTINGS = 'filter_sightings', FEATURE_PROPOSALS = 'proposals', - FEATURE_POST_TEST = 'post_test'; + FEATURE_POST_TEST = 'post_test', + FEATURE_PROTECTED_EVENT = 'protected_event'; /** @var array */ private $server; @@ -325,6 +326,9 @@ class ServerSyncTool case self::FEATURE_POST_TEST: $version = explode('.', $info['version']); return $version[0] == 2 && $version[1] == 4 && $version[2] > 68; + case self::FEATURE_PROTECTED_EVENT: + $version = explode('.', $info['version']); + return $version[0] == 2 && $version[1] == 4 && $version[2] > 155; default: throw new InvalidArgumentException("Invalid flag `$flag` provided"); } @@ -379,7 +383,12 @@ class ServerSyncTool } $request = $this->request; - if (strlen($data) > 1024 && !$protectedMode) { // do not compress small body + + if ($protectedMode) { + $request['header']['x-pgp-signature'] = $this->signEvent($data); + } + + if (strlen($data) > 1024) { // do not compress small body if ($this->isSupported(self::FEATURE_BR) && function_exists('brotli_compress')) { $request['header']['Content-Encoding'] = 'br'; $data = brotli_compress($data, 1, BROTLI_TEXT); @@ -390,9 +399,6 @@ class ServerSyncTool } $url = $this->server['Server']['url'] . $url; $start = microtime(true); - if ($protectedMode) { - $request = $this->signEvent($data, $this->server, $request, $this->socket); - } $response = $this->socket->post($url, $data, $request); $this->log($start, 'POST', $url, $response); if (!$response->isOk()) { @@ -402,39 +408,22 @@ class ServerSyncTool } /** - * @param string $data - * @param array $server - * @param array $request - * @param HttpSocket $HttpSocket - * @return array + * @param string $data Data to sign + * @return string base64 encoded signature * @throws Exception - * @throws HttpException - * @throws MethodNotAllowedException */ - private function signEvent($data, $server, $request, $socket) + private function signEvent($data) { + if (!$this->isSupported(self::FEATURE_PROTECTED_EVENT)) { + throw new Exception(__('Remote instance is not protected event aware yet (< 2.4.156), aborting.')); + } + $this->CryptographicKey = ClassRegistry::init('CryptographicKey'); $signature = $this->CryptographicKey->signWithInstanceKey($data); - $request['header']['x-pgp-signature'] = base64_encode($signature); - $this->Log = ClassRegistry::init('Log'); if (empty($signature)) { - $message = __("Invalid signing key. This should never happen."); - $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); - throw new Exception($message); + throw new Exception(__("Invalid signing key. This should never happen.")); } - $response = $socket->get($server['Server']['url'] . '/servers/getVersion.json', null, $request); - if (!$response->isOk()) { - $message = __("Could not fetch remote version to negotiate protected event synchronisation."); - $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); - throw new HttpException($response->body, $response->code); - } - $version = json_decode($response->body(), true)['version']; - if (version_compare($version, '2.4.156') < 0) { - $message = __('Remote instance is not protected event aware yet (< 2.4.156), aborting.'); - $this->Log->createLogEntry('SYSTEM', 'push', 'Server', $server['Server']['id'], $message); - throw new MethodNotAllowedException($message); - } - return $request; + return base64_encode($signature); } /** diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index 0adeaea59..14212a900 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -231,7 +231,6 @@ class CryptographicKey extends AppModel { $existingKeys = $this->find('first', [ 'recursive' => -1, - 'fields' => 1, 'conditions' => [ 'parent_type' => $type, 'parent_id' => $parent_id diff --git a/app/Model/Event.php b/app/Model/Event.php index 91f84339a..bba4bb0ca 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -6173,18 +6173,10 @@ class Event extends AppModel $newTextBody = JsonTool::encode($newTextBody); } - $this->Log = ClassRegistry::init('Log'); - $this->Log->create(); - $this->Log->save(array( - 'org' => 'SYSTEM', - 'model' => 'Server', - 'model_id' => $server['Server']['id'], - 'email' => 'SYSTEM', - 'action' => 'warning', - 'user_id' => 0, - 'title' => 'Uploading Event (' . $event['Event']['id'] . ') to Server (' . $server['Server']['id'] . ')', - 'change' => 'Returned message: ' . $newTextBody, - )); + $title = 'Uploading Event (' . $event['Event']['id'] . ') to Server (' . $server['Server']['id'] . ')'; + $change = 'Returned message: ' . $newTextBody; + + $this->loadLog()->createLogEntry('SYSTEM', 'warning', 'Server', $server['Server']['id'], $title, $change); } /** From 61d4d3670593b78e4dab7a11eb620b7a372f30e6 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 14:10:09 +0100 Subject: [PATCH 0182/1366] fix: [security] stored XSS in the user add/edit forms - a malicious site administrator could store an XSS payload in the custom auth name which would be executed each time the administrator modifies a user - as reported by Ianis BERNARD - NATO Cyber Security Centre --- app/View/Users/admin_add.ctp | 2 +- app/View/Users/admin_edit.ctp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Users/admin_add.ctp b/app/View/Users/admin_add.ctp index 97390a92a..504057f57 100644 --- a/app/View/Users/admin_add.ctp +++ b/app/View/Users/admin_add.ctp @@ -13,7 +13,7 @@ $password = false; } else { $userType = Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : 'External authentication'; - echo $this->Form->input('external_auth_required', array('type' => 'checkbox', 'label' => $userType . ' user')); + echo $this->Form->input('external_auth_required', array('type' => 'checkbox', 'label' => h($userType) . ' user')); } echo sprintf( '
    %s
    ', diff --git a/app/View/Users/admin_edit.ctp b/app/View/Users/admin_edit.ctp index 934b53ef6..d2a91ad0d 100644 --- a/app/View/Users/admin_edit.ctp +++ b/app/View/Users/admin_edit.ctp @@ -16,7 +16,7 @@ $password = false; } else { $userType = Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : 'External authentication'; - echo $this->Form->input('external_auth_required', array('type' => 'checkbox', 'label' => $userType . ' user')); + echo $this->Form->input('external_auth_required', array('type' => 'checkbox', 'label' => h($userType) . ' user')); } echo sprintf( '
    %s
    ', From 48752ba62491f014dd1254398426a6c7699c9309 Mon Sep 17 00:00:00 2001 From: Nils Kuhnert <3c7@users.noreply.github.com> Date: Thu, 17 Mar 2022 14:12:32 +0100 Subject: [PATCH 0183/1366] Update OidcAuth readme Replaced required dependency. --- app/Plugin/OidcAuth/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Plugin/OidcAuth/README.md b/app/Plugin/OidcAuth/README.md index e736dfb9c..f4e47fcd3 100644 --- a/app/Plugin/OidcAuth/README.md +++ b/app/Plugin/OidcAuth/README.md @@ -10,7 +10,7 @@ to login with passwords stored in MISP. ``` cd app -php composer.phar require jumbojett/openid-connect-php +php composer.phar require jakub-onderka/openid-connect-php:1.0.0-rc1 ``` 2. Enable in `app/Config/config.php` From c42d34faac4e6e92c25579fe0ced9e17e6c58432 Mon Sep 17 00:00:00 2001 From: Hendrik Baecker Date: Thu, 17 Mar 2022 14:23:24 +0100 Subject: [PATCH 0184/1366] [chg] LinOTP error exceptions up to the ui --- .../Controller/Component/Auth/LinOTPAuthenticate.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php b/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php index fea46305a..6b0e22c31 100644 --- a/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php +++ b/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php @@ -131,7 +131,7 @@ class LinOTPAuthenticate extends BaseAuthenticate if (!$linOTP_baseUrl || $linOTP_baseUrl === "") { CakeLog::error("LinOTP: Please configure baseUrl."); if ($mixedauth) { - throw new CakeException(__d('cake_dev', 'LinOTP: Missing "baseUrl" configuration - access denied!', 'authenticate()')); + throw new ForbiddenException(__('LinOTP: Missing "baseUrl" configuration - access denied!')); } else { return false; } @@ -150,7 +150,7 @@ class LinOTPAuthenticate extends BaseAuthenticate } else { // Enforce OTP token by Authentication Form if (!$otp || $otp === "") { - throw new CakeException(__d('cake_dev', 'Missing OTP Token.', 'authenticate()')); + throw new ForbiddenException(__('Missing OTP Token.')); } $response = $this->_linotp_verify( @@ -200,7 +200,7 @@ class LinOTPAuthenticate extends BaseAuthenticate // Don't fall back to FormAuthenticate in mixedauth mode. // This enforces the second factor. if ($mixedauth && !self::$user) { - throw new CakeException(__d('cake_dev', 'User could not be authenticated by LinOTP.', 'authenticate()')); + throw new UnauthorizedException(__('User could not be authenticated by LinOTP.')); } return self::$user; } From 2d14113de9ff0db3ba6feb550b29be35fc322c61 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 17 Mar 2022 14:25:40 +0100 Subject: [PATCH 0185/1366] chg: [events:view] Removed duplicated lockpad icon --- app/View/Events/view.ctp | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 6be98b930..eb14b8b7a 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -15,16 +15,7 @@ 'fields' => [ [ 'key' => __('Event ID'), - 'path' => 'Event.id', - 'action_buttons' => [ - [ - 'url' => '#', - 'icon' => 'lock', - 'style' => 'color:green;', - 'title' => __('This is a protected event'), - 'requirement' => !empty($event['Event']['protected']) - ] - ] + 'path' => 'Event.id' ], [ 'key' => 'UUID', From 0ada3e9bb5d081904049bb2656547f11daf47396 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 14:28:56 +0100 Subject: [PATCH 0186/1366] fix: [signing] add try/catch around the gpg initialisation - otherwise instances without gpg set up will fail when viewing events --- app/Model/CryptographicKey.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/Model/CryptographicKey.php b/app/Model/CryptographicKey.php index edf07daad..2c428b3bb 100644 --- a/app/Model/CryptographicKey.php +++ b/app/Model/CryptographicKey.php @@ -37,7 +37,11 @@ class CryptographicKey extends AppModel public function __construct($id = false, $table = null, $ds = null) { parent::__construct($id, $table, $ds); - $this->gpg = GpgTool::initializeGpg(); + try { + $this->gpg = GpgTool::initializeGpg(); + } catch (Exception $e) { + $this->gpg = null; + } $this->validate = [ 'type' => [ 'rule' => ['inList', $this->validTypes], From 08a07a38ae81f3b55d81cfcd4501ac1eb1c9c4dc Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 17 Mar 2022 14:36:07 +0100 Subject: [PATCH 0187/1366] new: add setting for allowing svg org logos --- app/Config/config.default.php | 1 + app/Controller/OrganisationsController.php | 6 ++++++ app/Model/Server.php | 8 ++++++++ app/View/Organisations/admin_add.ctp | 2 +- 4 files changed, 16 insertions(+), 1 deletion(-) diff --git a/app/Config/config.default.php b/app/Config/config.default.php index dea2f9d8a..eee991773 100644 --- a/app/Config/config.default.php +++ b/app/Config/config.default.php @@ -17,6 +17,7 @@ $config = array( 'user_monitoring_enabled' => false, 'authkey_keep_session' => false, 'disable_local_feed_access' => false, + 'enable_svg_logos' => false, //'auth' => array('CertAuth.Certificate'), // additional authentication methods //'auth' => array('ShibbAuth.ApacheShibb'), //'auth' => array('AadAuth.AadAuthenticate'), diff --git a/app/Controller/OrganisationsController.php b/app/Controller/OrganisationsController.php index 78ca7dc79..7d9f6345d 100644 --- a/app/Controller/OrganisationsController.php +++ b/app/Controller/OrganisationsController.php @@ -483,6 +483,12 @@ class OrganisationsController extends AppController if ($logo['size'] > 0 && $logo['error'] == 0) { $extension = pathinfo($logo['name'], PATHINFO_EXTENSION); $filename = $orgId . '.' . ($extension === 'svg' ? 'svg' : 'png'); + + if ($extension === 'svg' && !Configure::read('Security.enable_svg_logos')) { + $this->Flash->error(__('Invalid file extension, SVG images are not allowed.')); + return false; + } + if (!empty($logo['tmp_name']) && is_uploaded_file($logo['tmp_name'])) { return move_uploaded_file($logo['tmp_name'], APP . 'webroot/img/orgs/' . $filename); } diff --git a/app/Model/Server.php b/app/Model/Server.php index 0c05bdf51..9b987bb6a 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -6136,6 +6136,14 @@ class Server extends AppModel 'tlsv1_3' => 'TLSv1.3', ], ], + 'enable_svg_logos' => [ + 'level' => self::SETTING_OPTIONAL, + 'description' => __('When enabled, orgnisation logos in svg format are allowed.'), + 'value' => false, + 'test' => 'testBool', + 'type' => 'boolean', + 'null' => true + ] ), 'SecureAuth' => array( 'branch' => 1, diff --git a/app/View/Organisations/admin_add.ctp b/app/View/Organisations/admin_add.ctp index 97d51fc43..202745e86 100644 --- a/app/View/Organisations/admin_add.ctp +++ b/app/View/Organisations/admin_add.ctp @@ -50,7 +50,7 @@ echo $this->element('genericElements/Form/genericForm', [ 'type' => 'file', 'field' => 'logo', 'error' => array('escape' => false), - 'label' => __('Logo (48×48 PNG or SVG)'), + 'label' => __('Logo (48×48 %s)', Configure::read('Security.enable_svg_logos')? 'PNG or SVG' : 'PNG'), ], [ 'field' => 'nationality', From f16d83c60ca757b8cf3f67fc166493f407be438d Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 14:38:06 +0100 Subject: [PATCH 0188/1366] fix: [event view] distribution field fixed - didn't display the sharing groups --- .../genericElements/SingleViews/Fields/distributionField.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp index 5118f0dec..8c68b7991 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/distributionField.ctp @@ -3,7 +3,7 @@ $distribution = Hash::extract($data, $field['path'])[0]; $event_id_path = Hash::extract($data, $field['event_id_path'])[0]; if ($distribution == 4) { try{ - $sg = Hash::extract($data, $field['path']); + $sg = Hash::extract($data, $field['sg_path']); } catch (Exception $e) { $sg = null; } From 2bd4a5b30c310a20f82ddc4100650a327a9e7cfc Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 17 Mar 2022 14:36:07 +0100 Subject: [PATCH 0189/1366] fix: [security] a malicious site administrator could store an XSS payload in a svg org logo which would be executed if someone opens the direct link to the image, as reported by Ianis BERNARD - NATO Cyber Security Centre --- app/Config/config.default.php | 1 + app/Controller/OrganisationsController.php | 6 ++++++ app/Model/Server.php | 8 ++++++++ app/View/Organisations/admin_add.ctp | 2 +- 4 files changed, 16 insertions(+), 1 deletion(-) diff --git a/app/Config/config.default.php b/app/Config/config.default.php index dea2f9d8a..eee991773 100644 --- a/app/Config/config.default.php +++ b/app/Config/config.default.php @@ -17,6 +17,7 @@ $config = array( 'user_monitoring_enabled' => false, 'authkey_keep_session' => false, 'disable_local_feed_access' => false, + 'enable_svg_logos' => false, //'auth' => array('CertAuth.Certificate'), // additional authentication methods //'auth' => array('ShibbAuth.ApacheShibb'), //'auth' => array('AadAuth.AadAuthenticate'), diff --git a/app/Controller/OrganisationsController.php b/app/Controller/OrganisationsController.php index 78ca7dc79..7d9f6345d 100644 --- a/app/Controller/OrganisationsController.php +++ b/app/Controller/OrganisationsController.php @@ -483,6 +483,12 @@ class OrganisationsController extends AppController if ($logo['size'] > 0 && $logo['error'] == 0) { $extension = pathinfo($logo['name'], PATHINFO_EXTENSION); $filename = $orgId . '.' . ($extension === 'svg' ? 'svg' : 'png'); + + if ($extension === 'svg' && !Configure::read('Security.enable_svg_logos')) { + $this->Flash->error(__('Invalid file extension, SVG images are not allowed.')); + return false; + } + if (!empty($logo['tmp_name']) && is_uploaded_file($logo['tmp_name'])) { return move_uploaded_file($logo['tmp_name'], APP . 'webroot/img/orgs/' . $filename); } diff --git a/app/Model/Server.php b/app/Model/Server.php index 0c05bdf51..9b987bb6a 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -6136,6 +6136,14 @@ class Server extends AppModel 'tlsv1_3' => 'TLSv1.3', ], ], + 'enable_svg_logos' => [ + 'level' => self::SETTING_OPTIONAL, + 'description' => __('When enabled, orgnisation logos in svg format are allowed.'), + 'value' => false, + 'test' => 'testBool', + 'type' => 'boolean', + 'null' => true + ] ), 'SecureAuth' => array( 'branch' => 1, diff --git a/app/View/Organisations/admin_add.ctp b/app/View/Organisations/admin_add.ctp index 97d51fc43..202745e86 100644 --- a/app/View/Organisations/admin_add.ctp +++ b/app/View/Organisations/admin_add.ctp @@ -50,7 +50,7 @@ echo $this->element('genericElements/Form/genericForm', [ 'type' => 'file', 'field' => 'logo', 'error' => array('escape' => false), - 'label' => __('Logo (48×48 PNG or SVG)'), + 'label' => __('Logo (48×48 %s)', Configure::read('Security.enable_svg_logos')? 'PNG or SVG' : 'PNG'), ], [ 'field' => 'nationality', From d65ef9c966dcdcf4566d563e2322f7e52c089eca Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 17 Mar 2022 14:43:01 +0100 Subject: [PATCH 0190/1366] chg: [cryptographicKeys] Indexed more column and bumped db_schema --- app/Model/AppModel.php | 6 +- db_schema.json | 149 ++++++++++++++++++++++++++++++++++++++++- 2 files changed, 153 insertions(+), 2 deletions(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 99b2f4a07..2a839969e 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -86,7 +86,7 @@ class AppModel extends Model 63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false, 69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false, 75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false, - 81 => false, 82 => false, 83 => false, 84 => false + 81 => false, 82 => false, 83 => false, 84 => false, 85 => false, ); public $advanced_updates_description = array( @@ -1677,6 +1677,10 @@ class AppModel extends Model INDEX `parent_id` (`parent_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; break; + case 85: + $this->__addIndex('cryptographic_keys', 'parent_type'); + $this->__addIndex('cryptographic_keys', 'fingerprint'); + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/db_schema.json b/db_schema.json index 50a4d49d1..641796099 100644 --- a/db_schema.json +++ b/db_schema.json @@ -1058,6 +1058,107 @@ "extra": "" } ], + "cryptographic_keys": [ + { + "column_name": "id", + "is_nullable": "NO", + "data_type": "int", + "character_maximum_length": null, + "numeric_precision": "10", + "collation_name": null, + "column_type": "int(11)", + "column_default": null, + "extra": "auto_increment" + }, + { + "column_name": "uuid", + "is_nullable": "NO", + "data_type": "varchar", + "character_maximum_length": "40", + "numeric_precision": null, + "collation_name": "utf8_bin", + "column_type": "varchar(40)", + "column_default": null, + "extra": "" + }, + { + "column_name": "type", + "is_nullable": "NO", + "data_type": "varchar", + "character_maximum_length": "40", + "numeric_precision": null, + "collation_name": "utf8_bin", + "column_type": "varchar(40)", + "column_default": null, + "extra": "" + }, + { + "column_name": "timestamp", + "is_nullable": "NO", + "data_type": "int", + "character_maximum_length": null, + "numeric_precision": "10", + "collation_name": null, + "column_type": "int(11)", + "column_default": "0", + "extra": "" + }, + { + "column_name": "parent_id", + "is_nullable": "NO", + "data_type": "int", + "character_maximum_length": null, + "numeric_precision": "10", + "collation_name": null, + "column_type": "int(11)", + "column_default": null, + "extra": "" + }, + { + "column_name": "parent_type", + "is_nullable": "NO", + "data_type": "varchar", + "character_maximum_length": "40", + "numeric_precision": null, + "collation_name": "utf8_bin", + "column_type": "varchar(40)", + "column_default": null, + "extra": "" + }, + { + "column_name": "key_data", + "is_nullable": "YES", + "data_type": "text", + "character_maximum_length": "65535", + "numeric_precision": null, + "collation_name": "utf8mb4_unicode_ci", + "column_type": "text", + "column_default": "NULL", + "extra": "" + }, + { + "column_name": "revoked", + "is_nullable": "NO", + "data_type": "tinyint", + "character_maximum_length": null, + "numeric_precision": "3", + "collation_name": null, + "column_type": "tinyint(1)", + "column_default": "0", + "extra": "" + }, + { + "column_name": "fingerprint", + "is_nullable": "NO", + "data_type": "varchar", + "character_maximum_length": "255", + "numeric_precision": null, + "collation_name": "utf8_bin", + "column_type": "varchar(255)", + "column_default": "''", + "extra": "" + } + ], "dashboards": [ { "column_name": "id", @@ -1592,6 +1693,17 @@ "column_type": "varchar(40)", "column_default": "", "extra": "" + }, + { + "column_name": "protected", + "is_nullable": "YES", + "data_type": "tinyint", + "character_maximum_length": null, + "numeric_precision": "3", + "collation_name": null, + "column_type": "tinyint(1)", + "column_default": "NULL", + "extra": "" } ], "event_blocklists": [ @@ -6256,6 +6368,30 @@ "extra": "" } ], + "system_settings": [ + { + "column_name": "setting", + "is_nullable": "NO", + "data_type": "varchar", + "character_maximum_length": "255", + "numeric_precision": null, + "collation_name": "utf8mb4_unicode_ci", + "column_type": "varchar(255)", + "column_default": null, + "extra": "" + }, + { + "column_name": "value", + "is_nullable": "NO", + "data_type": "blob", + "character_maximum_length": "65535", + "numeric_precision": null, + "collation_name": null, + "column_type": "blob", + "column_default": null, + "extra": "" + } + ], "tags": [ { "column_name": "id", @@ -7937,6 +8073,14 @@ "id": true, "value": true }, + "cryptographic_keys": { + "id": true, + "uuid": false, + "type": false, + "parent_id": false, + "parent_type": false, + "fingerprint": false + }, "dashboards": { "id": true, "name": false, @@ -8237,6 +8381,9 @@ "source": false, "type": false }, + "system_settings": { + "setting": true + }, "tags": { "id": true, "name": true, @@ -8322,5 +8469,5 @@ "id": true } }, - "db_version": "82" + "db_version": "85" } \ No newline at end of file From 90d232bde2a7a5ac3c0ef37c8d34584419b75f59 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 14:50:14 +0100 Subject: [PATCH 0191/1366] fix: [signing] removed colour coding of protected/unprotected events - gave the idea that one is "right" and one is "wrong", whilst they're just for different use-cases --- app/View/Elements/Events/eventIndexTable.ctp | 2 +- .../SingleViews/Fields/protectedEventField.ctp | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/View/Elements/Events/eventIndexTable.ctp b/app/View/Elements/Events/eventIndexTable.ctp index ea07d9fb5..050777019 100644 --- a/app/View/Elements/Events/eventIndexTable.ctp +++ b/app/View/Elements/Events/eventIndexTable.ctp @@ -70,7 +70,7 @@ - " class="dblclickActionElement threat-level-" title=""> ', __('Protected event')) : ''?> + " class="dblclickActionElement threat-level-" title=""> ', __('Protected event')) : ''?> diff --git a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp index 6e05343e9..9415e231c 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp @@ -3,8 +3,8 @@ $event = Hash::extract($data, $field['event_path']); if ($event['protected']) { echo sprintf( - ' %s %s %s
    ', - __('Event is in protected mode.'), + ' %s %s %s
    ', + __('Event is in protected mode. (Limited distribution)'), !$field['owner'] ? '' : sprintf( '
    %s', sprintf( @@ -64,7 +64,7 @@ } } else { echo sprintf( - ' %s %s
    ', + ' %s %s
    ', __('Event is in unprotected mode.'), !$field['owner'] ? '' : sprintf( '
    %s', From eb7a1301bb6e9938a36986a0b4660587feff76b7 Mon Sep 17 00:00:00 2001 From: Hendrik Baecker Date: Thu, 17 Mar 2022 15:19:58 +0100 Subject: [PATCH 0192/1366] [chg] LinOTP now with enable/disable as config feature --- app/Model/Server.php | 6 ++++++ .../Controller/Component/Auth/LinOTPAuthenticate.php | 7 +++++++ app/View/Users/login.ctp | 6 +++--- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 0488d6707..0c7066a8d 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -7177,6 +7177,12 @@ class Server extends AppModel ), 'LinOTPAuth' => array( 'branch' => 1, + 'enabled' => array( + 'level' => 2, + 'description' => __('Enable / Disable LinOTP'), + 'value' => true, + 'type' => 'boolean', + ), 'baseUrl' => array( 'level' => 2, 'description' => __('The default LinOTP URL.'), diff --git a/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php b/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php index fea46305a..543601546 100644 --- a/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php +++ b/app/Plugin/LinOTPAuth/Controller/Component/Auth/LinOTPAuthenticate.php @@ -123,6 +123,13 @@ class LinOTPAuthenticate extends BaseAuthenticate CakeLog::debug("getUser email: ${email}"); + $linOTP_enabled = Configure::read("LinOTPAuth.enabled"); + if (is_null($linOTP_enabled)) { + $linOTP_enabled = TRUE; + } + if (!$linOTP_enabled) { + return false; + } $linOTP_baseUrl = rtrim(Configure::read("LinOTPAuth.baseUrl"), "/"); $linOTP_realm = Configure::read("LinOTPAuth.realm"); $linOTP_verifyssl = Configure::read("LinOTPAuth.verifyssl"); diff --git a/app/View/Users/login.ctp b/app/View/Users/login.ctp index 70daf488d..e89bc5f1d 100644 --- a/app/View/Users/login.ctp +++ b/app/View/Users/login.ctp @@ -39,7 +39,7 @@ Form->input('email', array('autocomplete' => 'off', 'autofocus')); echo $this->Form->input('password', array('autocomplete' => 'off')); - if (!empty(Configure::read('LinOTPAuth'))) { + if (!empty(Configure::read('LinOTPAuth')) && Configure::read('LinOTPAuth.enabled')!== FALSE) { echo $this->Form->input('otp', array('autocomplete' => 'off', 'type' => 'password', 'label' => 'OTP')); echo "
    "; echo sprintf( @@ -92,7 +92,7 @@ function submitLoginForm() { var url = $form.attr('action') var email = $form.find('#UserEmail').val() var password = $form.find('#UserPassword').val() - if (!empty(Configure::read('LinOTPAuth'))) { + if (!empty(Configure::read('LinOTPAuth')) && Configure::read('LinOTPAuth.enabled')) { var otp = $form.find('#UserOtp').val() } if (!$form[0].checkValidity()) { @@ -107,7 +107,7 @@ function submitLoginForm() { var $tmpForm = $('#temp form#UserLoginForm') $tmpForm.find('#UserEmail').val(email) $tmpForm.find('#UserPassword').val(password) - if (!empty(Configure::read('LinOTPAuth'))) { + if (!empty(Configure::read('LinOTPAuth')) && Configure::read('LinOTPAuth.enabled')) { $tmpForm.find('#UserOtp').val(otp) } $tmpForm.submit() From 1b5edc99cfa7d3cff181a34e61628c04a988f2ff Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 15:22:02 +0100 Subject: [PATCH 0193/1366] fix: [event index] minimal mode fixed for signed events --- app/Controller/EventsController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 1f54dcef0..ad237d367 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -955,6 +955,9 @@ class EventsController extends AppController } foreach ($event['CryptographicKey'] as $cryptoKey) { if ($instanceFingerprint === $cryptoKey['fingerprint']) { + $event['Event']['orgc_uuid'] = $event['Orgc']['uuid']; + unset($event['Event']['protected']); + $events[$key] = $event['Event']; continue 2; } } From 8cc93687dcd68e1774b55a5c4e8125c0c8ddc288 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 17 Mar 2022 15:36:15 +0100 Subject: [PATCH 0194/1366] fix: [security] lfi via custom terms file setting, as reported by Ianis BERNARD - NATO Cyber Security Centre --- app/View/Users/terms.ctp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/View/Users/terms.ctp b/app/View/Users/terms.ctp index f431b30e9..8000b7b8d 100644 --- a/app/View/Users/terms.ctp +++ b/app/View/Users/terms.ctp @@ -5,7 +5,8 @@ if (!Configure::read('MISP.terms_file')) { $termsFile = APP ."View/Users/terms"; } else { - $termsFile = APP . 'files' . DS . 'terms' . DS . Configure::read('MISP.terms_file'); + $customTermsFile = basename(realpath(Configure::read('MISP.terms_file'))); + $termsFile = APP . 'files' . DS . 'terms' . DS . $customTermsFile; } if (!(file_exists($termsFile))) { echo "

    " . __("Terms and Conditions file not found.") . "

    "; From 965b382faad06e60c6a5eae316ec2f96ef91deac Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 15:37:22 +0100 Subject: [PATCH 0195/1366] fix: [cryptographic key view] fixed - was just grabbing the first key --- app/Controller/CryptographicKeysController.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Controller/CryptographicKeysController.php b/app/Controller/CryptographicKeysController.php index 8d68f3b27..ef0aa648a 100644 --- a/app/Controller/CryptographicKeysController.php +++ b/app/Controller/CryptographicKeysController.php @@ -85,7 +85,8 @@ class CryptographicKeysController extends AppController { $key = $this->CryptographicKey->find('first', [ 'recursive' => -1, - 'fields' => ['id', 'type', 'key_data', 'fingerprint'] + 'fields' => ['id', 'type', 'key_data', 'fingerprint'], + 'conditions' => ['CryptographicKey.id' => $id] ]); $this->set('id', $id); $this->set('title', __('Viewing %s key #%s', h($key['CryptographicKey']['type']), h($key['CryptographicKey']['id']))); From 8dcf414340c5ddedfebbc972601646d38e1d0717 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 17 Mar 2022 15:55:10 +0100 Subject: [PATCH 0196/1366] fix: [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre --- app/Model/Server.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index 33667507d..f5d66192d 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -5867,7 +5867,8 @@ class Server extends AppModel 'value' => false, 'test' => 'testBool', 'type' => 'boolean', - 'null' => true + 'null' => true, + 'cli_only' => 1 ), 'rest_client_baseurl' => array( 'level' => 1, From ff9cd402219f60f9829abe5f19ed46321e0660d9 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 17 Mar 2022 16:12:13 +0100 Subject: [PATCH 0197/1366] chg: [queryversion] bumped --- app/Controller/AppController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 4abebe06e..4d7e2d74d 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -34,7 +34,7 @@ class AppController extends Controller public $helpers = array('OrgImg', 'FontAwesome', 'UserName'); - private $__queryVersion = '136'; + private $__queryVersion = '137'; public $pyMispVersion = '2.4.155'; public $phpmin = '7.2'; public $phprec = '7.4'; From ae0e335a058f59f3d958f4b1c003704e49b0abe4 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Fri, 18 Mar 2022 09:14:10 +0100 Subject: [PATCH 0198/1366] chg: [events:restSearchExport] Format export based on the responseType --- app/Controller/EventsController.php | 2 ++ app/View/Events/eventRestSearchExportResult.ctp | 15 +++++++++------ 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 1f54dcef0..b535cb8b6 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -3337,6 +3337,8 @@ class EventsController extends AppController foreach ($final as $key => $data) { $this->set($key, $data); } + $this->set('responseType', $responseType); + $this->set('returnFormat', $returnFormat); $this->set('renderView', $renderView); $this->render('/Events/eventRestSearchExportResult'); } else { diff --git a/app/View/Events/eventRestSearchExportResult.ctp b/app/View/Events/eventRestSearchExportResult.ctp index e2b269233..87b27c243 100644 --- a/app/View/Events/eventRestSearchExportResult.ctp +++ b/app/View/Events/eventRestSearchExportResult.ctp @@ -1,10 +1,13 @@ +
    -
    - render('/Events/module_views/' . $renderView, false); - } - ?> +
    +render('/Events/module_views/' . $renderView, false); +} +?>
    Date: Fri, 18 Mar 2022 10:11:29 +0100 Subject: [PATCH 0199/1366] fix: [signing] fail gracefully if pgp not configured on event index - return the index, but set fingerprint as null rather than throwing an exception --- app/Controller/EventsController.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index ad237d367..cb84a85c2 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -837,7 +837,11 @@ class EventsController extends AppController $events = $absolute_total === 0 ? [] : $this->Event->find('all', $rules); } $isCsvResponse = $this->response->type() === 'text/csv'; - $instanceFingerprint = $this->Event->CryptographicKey->ingestInstanceKey(); + try { + $instanceFingerprint = $this->Event->CryptographicKey->ingestInstanceKey(); + } catch (Exception $e) { + $instanceFingerprint = null; + } if (!$minimal) { // Collect all tag IDs that are events $tagIds = []; From 205ddb0b5a013cf84e0f203a92eaa4eacda5eff8 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 18 Mar 2022 13:54:31 +0100 Subject: [PATCH 0200/1366] fix: [event view] make having a valid PGP setup optional for viewing events - don't throw an exception, rather set an empty key --- app/Controller/EventsController.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index a0ad2c047..9e3dd257b 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1655,7 +1655,12 @@ class EventsController extends AppController $this->set('warnings', $this->Event->generateWarnings($event)); $this->set('menuData', array('menuList' => 'event', 'menuItem' => 'viewEvent')); $this->set('mayModify', $this->__canModifyEvent($event)); - $this->set('instanceFingerprint', $this->Event->CryptographicKey->ingestInstanceKey()); + try { + $instanceKey = $this->Event->CryptographicKey->ingestInstanceKey(); + } catch (Exception $e) { + $instanceKey = null; + } + $this->set('instanceFingerprint', $instanceKey); $this->__eventViewCommon($user); } From 9d8fc81678f7dae3a0541fb040acdedd3bbe2b85 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Mar 2022 12:31:55 +0100 Subject: [PATCH 0201/1366] chg: [internal] Throw exception if Redis class not found --- app/Lib/Tools/BackgroundJobsTool.php | 22 ++++++++++++++++------ app/Lib/Tools/PubSubTool.php | 5 +++++ app/Model/AppModel.php | 2 +- 3 files changed, 22 insertions(+), 7 deletions(-) diff --git a/app/Lib/Tools/BackgroundJobsTool.php b/app/Lib/Tools/BackgroundJobsTool.php index f97160e05..14f764218 100644 --- a/app/Lib/Tools/BackgroundJobsTool.php +++ b/app/Lib/Tools/BackgroundJobsTool.php @@ -94,7 +94,7 @@ class BackgroundJobsTool /** * Initialize - * + * * Settings should have the following format: * [ * 'enabled' => true, @@ -111,6 +111,7 @@ class BackgroundJobsTool * ] * * @param array $settings + * @throws Exception */ public function __construct(array $settings) { @@ -233,8 +234,6 @@ class BackgroundJobsTool * Get the job status. * * @param string $jobId Background Job Id. - * - * */ public function getJob(string $jobId) { @@ -366,9 +365,10 @@ class BackgroundJobsTool /** * Start worker by queue * - * @param string $name + * @param string $queue Queue name * @param boolean $waitForRestart * @return boolean + * @throws Exception */ public function startWorkerByQueue(string $queue, bool $waitForRestart = false): bool { @@ -401,6 +401,7 @@ class BackgroundJobsTool * @param string|int $id * @param boolean $waitForRestart * @return boolean + * @throws Exception */ public function stopWorker($id, bool $waitForRestart = false): bool { @@ -428,6 +429,7 @@ class BackgroundJobsTool * * @param boolean $waitForRestart * @return void + * @throws Exception */ public function restartWorkers(bool $waitForRestart = false) { @@ -440,6 +442,7 @@ class BackgroundJobsTool * * @param boolean $waitForRestart * @return void + * @throws Exception */ public function restartDeadWorkers(bool $waitForRestart = false) { @@ -499,6 +502,7 @@ class BackgroundJobsTool * Return true if Supervisor process is running. * * @return boolean + * @throws Exception */ public function getSupervisorStatus(): bool { @@ -508,8 +512,8 @@ class BackgroundJobsTool /** * Validate queue * + * @param string $queue * @return boolean - * @throws InvalidArgumentException */ private function validateQueue(string $queue): bool { @@ -529,8 +533,8 @@ class BackgroundJobsTool /** * Validate command * + * @param string $command * @return boolean - * @throws InvalidArgumentException */ private function validateCommand(string $command): bool { @@ -569,9 +573,14 @@ class BackgroundJobsTool /** * @return Redis + * @throws Exception */ private function createRedisConnection(): Redis { + if (!class_exists('Redis')) { + throw new Exception("Class Redis doesn't exists. Please install redis extension for PHP."); + } + $redis = new Redis(); $redis->connect($this->settings['redis_host'], $this->settings['redis_port']); $redis->setOption(Redis::OPT_SERIALIZER, Redis::SERIALIZER_JSON); @@ -591,6 +600,7 @@ class BackgroundJobsTool /** * @return \Supervisor\Supervisor + * @throws Exception */ private function getSupervisor() { diff --git a/app/Lib/Tools/PubSubTool.php b/app/Lib/Tools/PubSubTool.php index 6d6729e02..ef4cef1d3 100644 --- a/app/Lib/Tools/PubSubTool.php +++ b/app/Lib/Tools/PubSubTool.php @@ -251,9 +251,14 @@ class PubSubTool /** * @param array $settings * @return Redis + * @throws Exception */ private function createRedisConnection(array $settings) { + if (!class_exists('Redis')) { + throw new Exception("Class Redis doesn't exists. Please install redis extension for PHP."); + } + $redis = new Redis(); $redis->connect($settings['redis_host'], $settings['redis_port']); $redisPassword = $settings['redis_password']; diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 2a839969e..08cdccd58 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -2539,7 +2539,7 @@ class AppModel extends Model } if (!class_exists('Redis')) { - throw new Exception("Class Redis doesn't exists."); + throw new Exception("Class Redis doesn't exists. Please install redis extension for PHP."); } $host = Configure::read('MISP.redis_host') ?: '127.0.0.1'; From f3ed07fefceef317529109b528922a33a59fbab7 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 19 Mar 2022 13:14:10 +0100 Subject: [PATCH 0202/1366] fix: [api] Validate attribute type to avoid warnings --- app/Model/Attribute.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 7cad86e60..a3b065f6f 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -580,7 +580,13 @@ class Attribute extends AppModel $this->validationErrors['type'] = ['No type set.']; return false; } + $type = $attribute['type']; + if (!isset($this->typeDefinitions[$type])) { + $this->validationErrors['type'] = ['Invalid type.']; + return false; + } + if (is_array($attribute['value'])) { $this->validationErrors['value'] = ['Value is an array.']; return false; From d133f705ac8e4be9f2e5d9007336187b63dbc8c8 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 20 Mar 2022 08:43:49 +0100 Subject: [PATCH 0203/1366] fix: [UI] Undefined variable --- app/View/Events/view.ctp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index eb14b8b7a..0eb80753f 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -243,7 +243,7 @@ 'key' => __('Delegation request'), 'class' => 'background-red bold', 'type' => 'delegationRequest', - 'delegationRequest' => $delegationRequest, + 'delegationRequest' => isset($delegationRequest) ? $delegationRequest : null, 'requirement' => !empty($delegationRequest) ], [ @@ -254,7 +254,7 @@ return sprintf( '%s%s', $data['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'), - (!$mayModify && !$isSiteAdmin) ? '' : sprintf( + (!$mayModify && !$isSiteAdmin) ? '' : sprintf( ' (%s)', sprintf( @@ -264,7 +264,6 @@ $data['Event']['disable_correlation'] ? 'color:white;' : '', $data['Event']['disable_correlation'] ? __('enable') : __('disable') ) - ) ); }, 'requirement' => (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')) @@ -302,4 +301,3 @@ ] ] ); -?> From ec0fae0c9426a640c572a4c15f1d2f6853c511f4 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 20 Mar 2022 09:34:53 +0100 Subject: [PATCH 0204/1366] fix: [internal] Code style --- app/Controller/CryptographicKeysController.php | 12 +++++------- app/Model/Event.php | 1 + .../genericElements/ListTopBar/element_simple.ctp | 3 +-- .../genericElements/SingleViews/single_view.ctp | 4 ++-- app/View/Events/view.ctp | 2 +- 5 files changed, 10 insertions(+), 12 deletions(-) diff --git a/app/Controller/CryptographicKeysController.php b/app/Controller/CryptographicKeysController.php index ef0aa648a..fcb916146 100644 --- a/app/Controller/CryptographicKeysController.php +++ b/app/Controller/CryptographicKeysController.php @@ -1,18 +1,16 @@ 60, - 'maxLimit' => 9999 + 'limit' => 60, + 'maxLimit' => 9999 ); public function add($type, $parent_id) diff --git a/app/Model/Event.php b/app/Model/Event.php index bba4bb0ca..4cfcc336e 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -17,6 +17,7 @@ App::uses('ProcessTool', 'Tools'); * @property ThreatLevel $ThreatLevel * @property Sighting $Sighting * @property Organisation $Org + * @property CryptographicKey $CryptographicKey */ class Event extends AppModel { diff --git a/app/View/Elements/genericElements/ListTopBar/element_simple.ctp b/app/View/Elements/genericElements/ListTopBar/element_simple.ctp index 528ae929f..d89c4235b 100644 --- a/app/View/Elements/genericElements/ListTopBar/element_simple.ctp +++ b/app/View/Elements/genericElements/ListTopBar/element_simple.ctp @@ -13,7 +13,7 @@ } $onClickParams = implode(',', $onClickParams); $onClick = sprintf( - 'onClick="%s%s"', + 'onclick="%s%s"', (empty($data['url'])) ? 'event.preventDefault();' : '', (!empty($data['onClick']) ? sprintf( '%s(%s)', @@ -54,4 +54,3 @@ empty($data['badge']) ? '' : sprintf('%s', empty($data['badge']['type']) ? 'info' : $data['badge']['type'], h($data['badge']['text'])) ); } -?> diff --git a/app/View/Elements/genericElements/SingleViews/single_view.ctp b/app/View/Elements/genericElements/SingleViews/single_view.ctp index 53d38da3d..98af35a31 100644 --- a/app/View/Elements/genericElements/SingleViews/single_view.ctp +++ b/app/View/Elements/genericElements/SingleViews/single_view.ctp @@ -82,7 +82,7 @@ ); } } - $ajaxLists = '
    '; + $ajaxLists = '
    '; if (!empty($children)) { foreach ($children as $child) { $ajaxLists .= $this->element( @@ -131,4 +131,4 @@ $appendHtml, $ajax ? '' : $this->element('/genericElements/SideMenu/side_menu', $menuData) ); -?> + diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index 0eb80753f..bfda87709 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -70,7 +70,7 @@ [ 'key' => __('Contributors'), 'type' => 'custom', - 'function' => function ($data) use($contributors, $baseurl, $event) { + 'function' => function ($data) use ($contributors, $baseurl, $event) { $contributorsContent = []; foreach ($contributors as $organisationId => $name) { $org = ['Organisation' => ['id' => $organisationId, 'name' => $name]]; From f6d1015f95a3ac509bf729d712a96b9a841f6763 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 20 Mar 2022 09:36:21 +0100 Subject: [PATCH 0205/1366] chg: [UI] Open modal without onclick --- .../genericElements/SideMenu/side_menu.ctp | 20 ++++++---------- .../SideMenu/side_menu_link.ctp | 3 +++ .../Fields/protectedEventField.ctp | 24 +++++++++---------- app/View/Roles/index.ctp | 10 ++------ app/webroot/js/misp.js | 8 ++++++- 5 files changed, 30 insertions(+), 35 deletions(-) diff --git a/app/View/Elements/genericElements/SideMenu/side_menu.ctp b/app/View/Elements/genericElements/SideMenu/side_menu.ctp index 927ff93e4..c1d7bece5 100644 --- a/app/View/Elements/genericElements/SideMenu/side_menu.ctp +++ b/app/View/Elements/genericElements/SideMenu/side_menu.ctp @@ -27,26 +27,20 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); echo $this->element('/genericElements/SideMenu/side_menu_link', array( 'element_id' => 'dashboardImport', 'text' => __('Import Config JSON'), - 'onClick' => array( - 'function' => 'openGenericModal', - 'params' => array($baseurl . '/dashboards/import') - ), + 'url' => $baseurl . '/dashboards/import', + 'link_class' => 'modal-open', )); echo $this->element('/genericElements/SideMenu/side_menu_link', array( 'element_id' => 'dashboardExport', 'text' => __('Export Config JSON'), - 'onClick' => array( - 'function' => 'openGenericModal', - 'params' => array($baseurl . '/dashboards/export') - ), + 'url' => $baseurl . '/dashboards/export', + 'link_class' => 'modal-open', )); echo $this->element('/genericElements/SideMenu/side_menu_link', array( 'element_id' => 'dashboardSave', 'text' => __('Save Dashboard Config'), - 'onClick' => array( - 'function' => 'openGenericModal', - 'params' => array($baseurl . '/dashboards/saveTemplate') - ), + 'url' => $baseurl . '/dashboards/saveTemplate', + 'link_class' => 'modal-open', )); echo $this->element('/genericElements/SideMenu/side_menu_link', array( 'element_id' => 'dashboardTemplateIndex', @@ -55,7 +49,7 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); )); break; case 'event': - $eventId = intval($event['Event']['id']); + $eventId = (int)$event['Event']['id']; echo ''; if (in_array($menuItem, array('editEvent', 'addAttribute', 'addObject', 'addAttachment', 'addIOC', 'addThreatConnect', 'populateFromTemplate', 'merge'))) { // we can safely assume that mayModify is true if coming from these actions, as they require it in the controller and the user has already passed that check diff --git a/app/View/Elements/genericElements/SideMenu/side_menu_link.ctp b/app/View/Elements/genericElements/SideMenu/side_menu_link.ctp index cdaee3bbd..331fd9139 100644 --- a/app/View/Elements/genericElements/SideMenu/side_menu_link.ctp +++ b/app/View/Elements/genericElements/SideMenu/side_menu_link.ctp @@ -29,6 +29,9 @@ if (empty($url)) { if (!empty($title)) { $a .= ' title="' . h($title) . '"'; } +if (!empty($link_class)) { + $a .= ' class="' . h($link_class) . '"'; +} if (!empty($onClick)) { $params = ''; foreach ($onClick['params'] as $param) { diff --git a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp index 9415e231c..01dddb522 100644 --- a/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp +++ b/app/View/Elements/genericElements/SingleViews/Fields/protectedEventField.ctp @@ -3,12 +3,12 @@ $event = Hash::extract($data, $field['event_path']); if ($event['protected']) { echo sprintf( - ' %s %s %s
    ', + ' %s %s %s
    ', __('Event is in protected mode. (Limited distribution)'), !$field['owner'] ? '' : sprintf( - '
    %s', + '
    %s', sprintf( - "openGenericModal('%s/events/unprotect/%s');", + '%s/events/unprotect/%s', $baseurl, h($event['id']) ), @@ -16,11 +16,10 @@ empty($field['text']) ? __('Switch to unprotected mode') : h($field['text']) ), !$field['owner'] ? '' : sprintf( - '
    %s', + '
    %s', sprintf( - "openGenericModal('%s/CryptographicKeys/add/%s/%s');", + "%s/CryptographicKeys/add/Event/%s", $baseurl, - h('Event'), h($event['id']) ), empty($field['text']) ? __('Add signing key') : h($field['text']) @@ -33,7 +32,7 @@ $foundInstanceKey = true; } echo sprintf( - '%s%s (%s) %s
    ', + '%s%s (%s) %s
    ', !$isInstanceKey ? '' : sprintf( ' ', __('This is the instance signing key. When synchronising the instance, this will be the key used to validate the event.') @@ -41,13 +40,13 @@ h($key['type']), empty($key['fingerprint']) ? '#' . h($key['id']) : h($key['fingerprint']), sprintf( - "openGenericModal('%s/cryptographicKeys/view/%s');", + "%s/cryptographicKeys/view/%s", $baseurl, h($key['id']) ), __('Inspect key'), !$field['owner'] ? '' : sprintf( - '', + '', $baseurl, h($key['id']), __('Detach key from the event. This key will no longer be used to sign and validate this event.') @@ -64,12 +63,12 @@ } } else { echo sprintf( - ' %s %s
    ', + ' %s %s
    ', __('Event is in unprotected mode.'), !$field['owner'] ? '' : sprintf( - '
    %s', + '
    %s', sprintf( - "openGenericModal('%s/events/protect/%s');", + "%s/events/protect/%s", $baseurl, h($event['id']) ), @@ -78,4 +77,3 @@ ) ); } - //echo ; diff --git a/app/View/Roles/index.ctp b/app/View/Roles/index.ctp index c96a3875a..5c1e33424 100644 --- a/app/View/Roles/index.ctp +++ b/app/View/Roles/index.ctp @@ -116,14 +116,8 @@ echo $this->element('genericElements/IndexTable/scaffold', [ 'type' => 'simple', 'text' => __('Add role'), 'fa-icon' => 'plus', - 'class' => 'btn btn-primary', - 'onClick' => 'openGenericModal', - 'onClickParams' => [ - sprintf( - '%s/admin/roles/add', - $baseurl - ) - ], + 'class' => 'btn-primary modal-open', + 'url' => "$baseurl/admin/roles/add", 'requirement' => $isSiteAdmin, ] ] diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index f19018b79..71eb975d1 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -4766,7 +4766,7 @@ $(document.body).on('click', '.quickSelect', function() { selection.addRange(range); }); -// Any link with data-paginator attribute will be treat as AJAX paginator +// Any link with data-paginator attribute will be treated as AJAX paginator $(document.body).on('click', 'a[data-paginator]', function (e) { e.preventDefault(); var paginatorTarget = $(this).attr('data-paginator'); @@ -4782,6 +4782,12 @@ $(document.body).on('click', 'a[data-paginator]', function (e) { }); }); +// Any link with modal-open class will be treated as generic modal +$(document.body).on('click', 'a.modal-open', function (e) { + e.preventDefault(); + openGenericModal($(this).attr('href')); +}); + function queryEventLock(event_id, timestamp) { if (!document.hidden) { $.ajax({ From 5ccab0d15790a934499cfb06f040f7f91c723185 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 20 Mar 2022 13:54:15 +0100 Subject: [PATCH 0206/1366] fix: [UI] Undefined variable debugMode --- app/View/Elements/global_menu.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Elements/global_menu.ctp b/app/View/Elements/global_menu.ctp index 28ffe8b81..876353694 100755 --- a/app/View/Elements/global_menu.ctp +++ b/app/View/Elements/global_menu.ctp @@ -544,7 +544,7 @@ ); } ?> -