From 78581b853dd36728b77417442dff3c9179da4ab0 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 14 Aug 2023 10:43:41 +0200 Subject: [PATCH 01/29] chg: [cakephp] 2.x updated to include latest version of the CA bundle --- app/Lib/cakephp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Lib/cakephp b/app/Lib/cakephp index c31bb4b4b..cbd482740 160000 --- a/app/Lib/cakephp +++ b/app/Lib/cakephp @@ -1 +1 @@ -Subproject commit c31bb4b4be00d2a0db22c9a038f9fad8a5950efe +Subproject commit cbd482740f9b472296e01622a3cebb34edf39623 From 184c0320ee4d88ab761f32726ec292fcfad131ff Mon Sep 17 00:00:00 2001 From: Johan Nilsson Date: Tue, 15 Aug 2023 12:51:40 +0200 Subject: [PATCH 02/29] chg: [doc] Fix 404 file not found. --- CONTRIBUTING.md | 2 +- docs/generic/hardening.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b28a54213..cbfe40e39 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,7 +2,7 @@ MISP project is a large free software project composed of multiple sub-projects which are contributed by different contributors who are generally active users of the MISP project. MISP project fully supports the [Contributor Covenant Code of Conduct](https://github.com/MISP/MISP/blob/2.4/code_of_conduct.md) to foster an open and dynamic environment for contributing and the exchange in the threat intelligence and information exchange field. -The [MISP roadmap](/roadmap.md) is mostly based on the user communities (e.g. private communities, CSIRTs communities, security researchers, ISACs - Information Sharing and Analysis Center, security providers, governmental or military organisations) relying on MISP to perform their duties of information sharing and analysis. +The [MISP roadmap](/ROADMAP.md) is mostly based on the user communities (e.g. private communities, CSIRTs communities, security researchers, ISACs - Information Sharing and Analysis Center, security providers, governmental or military organisations) relying on MISP to perform their duties of information sharing and analysis. Participating in the MISP project is easy and everyone can contribute following their ability. Get familiar with [how we use GitHub at MISP Project](/GITWORKFLOW.md), then read on for details on some ways you can contribute: diff --git a/docs/generic/hardening.md b/docs/generic/hardening.md index 9f14007e1..945aad5fd 100644 --- a/docs/generic/hardening.md +++ b/docs/generic/hardening.md @@ -16,7 +16,7 @@ Nevertheless here is a very rough **food for thoughts** bulletpoint list for you - Do we need to encrypt the partitions where some data is stored? - Are we redundant in case one MISP instance might fail? - Is the database server and any other servers running on the machine bound to **localhost**? Do we need to expose because our setup is more complex? -- Do we have enough storage? What about [MISP and size estimation](https://misp-project.org/MISP-sizer/) anyways? +- Do we have enough storage? What about [MISP and size estimation](https://www.misp-project.org/sizing-your-misp-instance/) anyways? - Do we care about BIOS updates? - Do we care about physical access to the servers? (Disabling USB ports etc...) - Is any fancy management engine à la [IME](https://en.wikipedia.org/wiki/Intel_Management_Engine) in use? @@ -52,7 +52,7 @@ index f9f69d4..2e8fd78 100644 ## Resources -[IT Security Guidelines for TLS by NCSC.nl](https://www.ncsc.nl/english/current-topics/factsheets/it-security-guidelines-for-transport-layer-security-tls.html) +[IT Security Guidelines for TLS by NCSC.nl](https://english.ncsc.nl/publications/publications/2021/january/19/it-security-guidelines-for-transport-layer-security-2.1) [Weak Diffie-Hellman and the Logjam Attack](https://weakdh.org/sysadmin.html) From 6c8202126138ed34245995291bf45ddcbfbade71 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Wed, 16 Aug 2023 13:29:30 +0200 Subject: [PATCH 03/29] fix: allow import of json event without the key --- app/Model/Event.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Model/Event.php b/app/Model/Event.php index 06bb7bf7e..9a9fb88e3 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3573,6 +3573,9 @@ class Event extends AppModel if (isset($dataArray['Event'])) { $dataArray['response']['Event'] = $dataArray['Event']; unset($dataArray['Event']); + } else { + // Accept an event not containing the `Event` key + $dataArray['response']['Event'] = $dataArray; } if (!isset($dataArray['response']) || !isset($dataArray['response']['Event'])) { $exception = $isXml ? __('This is not a valid MISP XML file.') : __('This is not a valid MISP JSON file.'); From f05f1d15dd071d3d14299295f24dcbb614b42dd9 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Wed, 16 Aug 2023 14:00:44 +0200 Subject: [PATCH 04/29] fix: import event json with key --- app/Model/Event.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 9a9fb88e3..51db00da0 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3573,7 +3573,7 @@ class Event extends AppModel if (isset($dataArray['Event'])) { $dataArray['response']['Event'] = $dataArray['Event']; unset($dataArray['Event']); - } else { + } elseif (!isset($dataArray['response'])){ // Accept an event not containing the `Event` key $dataArray['response']['Event'] = $dataArray; } From 4d9125d64e6e08dc4f3fd2c2571b4fe57201b302 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 21 Aug 2023 08:56:48 +0200 Subject: [PATCH 05/29] fix: [feed] tools updated to configure export path and certificate validation --- tools/misp-feed/feed-list.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tools/misp-feed/feed-list.py b/tools/misp-feed/feed-list.py index 78a132855..30db368ed 100644 --- a/tools/misp-feed/feed-list.py +++ b/tools/misp-feed/feed-list.py @@ -6,13 +6,15 @@ # This tool is part of the MISP core project and released under the GNU Affero # General Public License v3.0 # -# Copyright (C) 2017 Alexandre Dulaunoy +# Copyright (C) 2017-2023 Alexandre Dulaunoy # Copyright (C) 2023 Christophe Vandeplas import json import requests default_feed = '../../app/files/feed-metadata/defaults.json' +misp_website_path = '../../../misp-website-new/content/feeds.md' +verify_certificate = False with open(default_feed) as feed_file: feedlist = json.load(feed_file) @@ -25,7 +27,7 @@ for feed in feedlist: items.append(output) # try to download the feed headers = {"Range": "bytes=0-0"} - res = requests.get(feed['Feed']['url'], headers=headers) + res = requests.get(feed['Feed']['url'], headers=headers, verify=verify_certificate) if (res.status_code >= 200 and res.status_code < 300)\ or res.status_code == 403: continue @@ -38,7 +40,7 @@ items = sorted(items, key=lambda s: s.casefold()) print("Updating misp-website feed.md file.") start_header_seen = False inserted = False -with open('../../../misp-website/content/feeds.md', 'r') as f: +with open(misp_website_path, 'r') as f: data_new = [] for line in f: if start_header_seen and line.startswith('- ') and not inserted: # first item @@ -56,5 +58,5 @@ with open('../../../misp-website/content/feeds.md', 'r') as f: start_header_seen = True -with open('../../../misp-website/content/feeds.md', 'w') as f: +with open(misp_website_path, 'w') as f: f.write('\n'.join(data_new)) From 0e89fd0124ef80789211178efe9152cba581ac56 Mon Sep 17 00:00:00 2001 From: TomOgs <72506922+TomOgs@users.noreply.github.com> Date: Tue, 22 Aug 2023 21:04:37 +0800 Subject: [PATCH 06/29] fix: prevent push_rules from being required in API requests to /server/edit endpoint --- app/Controller/ServersController.php | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 67699cbf4..93a30882a 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -503,7 +503,6 @@ class ServersController extends AppController $this->Flash->error($error_msg); } } - if (!$fail && !empty($this->request->data['Server']['push_rules']) && !JsonTool::isValid($this->request->data['Server']['push_rules'])) { $fail = true; $error_msg = __('The push filter rules must be in valid JSON format.'); @@ -512,17 +511,22 @@ class ServersController extends AppController } else { $this->Flash->error($error_msg); } - } - $pushRules = $this->_jsonDecode($this->request->data['Server']['push_rules']); - $this->loadModel('Tag'); - foreach ($pushRules['tags'] as $operator => $list) { - foreach ($list as $i => $tagName) { - if (!is_numeric($tagName)) { // tag added from freetext - $tag_id = $this->Tag->captureTag(['name' => $tagName], $this->Auth->user()); - $list[$i] = $tag_id; + } + if (!$fail && !empty($this->request->data['Server']['push_rules'])) { + $pushRules = $this->_jsonDecode($this->request->data['Server']['push_rules']); + if (!empty($pushRules['tags'])) { + $this->loadModel('Tag'); + foreach ($pushRules['tags'] as $operator => $list) { + foreach ($list as $i => $tagName) { + if (!is_numeric($tagName)) { // tag added from freetext + $tag_id = $this->Tag->captureTag(['name' => $tagName], $this->Auth->user()); + $list[$i] = $tag_id; + } + } } } } + if (!$fail) { // say what fields are to be updated $fieldList = array('id', 'url', 'push', 'pull', 'push_sightings', 'push_galaxy_clusters', 'pull_galaxy_clusters', 'caching_enabled', 'unpublish_event', 'publish_without_email', 'remote_org_id', 'name' ,'self_signed', 'remove_missing_tags', 'cert_file', 'client_cert_file', 'push_rules', 'pull_rules', 'internal', 'skip_proxy'); From 0e17317e99e9e2c7fed46eeda879fc5f853e9a6b Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Tue, 22 Aug 2023 17:19:37 +0200 Subject: [PATCH 07/29] chg: [installer] Update to latest Kali --- INSTALL/INSTALL.tpl.sh | 3 ++- docs/generic/supportFunctions.md | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/INSTALL/INSTALL.tpl.sh b/INSTALL/INSTALL.tpl.sh index c6b6a1712..0d237b3d1 100755 --- a/INSTALL/INSTALL.tpl.sh +++ b/INSTALL/INSTALL.tpl.sh @@ -850,11 +850,12 @@ x86_64-ubuntu-bionic x86_64-ubuntu-focal x86_64-ubuntu-hirsute x86_64-ubuntu-jammy -x86_64-kali-2021.4 x86_64-kali-2022.1 x86_64-kali-2022.2 x86_64-kali-2022.3 x86_64-kali-2022.4 +x86_64-kali-2023.1 +x86_64-kali-2023.2 armv6l-raspbian-stretch armv7l-raspbian-stretch armv7l-raspbian-buster diff --git a/docs/generic/supportFunctions.md b/docs/generic/supportFunctions.md index d18c49e15..f823b2488 100644 --- a/docs/generic/supportFunctions.md +++ b/docs/generic/supportFunctions.md @@ -519,8 +519,9 @@ kaliOnTheR0ckz () { overlay=$(df -kh |grep overlay; echo $?) # if 1 overlay NOT present if [[ ${totalRoot} -lt 3059034 ]]; then - echo "(If?) You run Kali in LiveCD mode and we need more overlay disk space." - echo "This is defined by the total memory, you have: ${totalMem}kB which is not enough." + echo "(If?) You run Kali in LiveCD mode, you need more overlay disk space." + echo "This is defined by the total memory setting in you VM config." + echo "You currently have: ${totalMem}kB which is not enough." echo "6-8Gb should be fine. (need >3Gb overlayFS)" exit 1 fi From 9f4dc6a671535d01b37033da1611463945ee4582 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Tue, 22 Aug 2023 17:22:46 +0200 Subject: [PATCH 08/29] chg: [installer] Update installer checksums --- INSTALL/INSTALL.sh | 8 +++++--- INSTALL/INSTALL.sh.sfv | 6 +++--- INSTALL/INSTALL.sh.sha1 | 2 +- INSTALL/INSTALL.sh.sha256 | 2 +- INSTALL/INSTALL.sh.sha384 | 2 +- INSTALL/INSTALL.sh.sha512 | 2 +- 6 files changed, 12 insertions(+), 10 deletions(-) diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index 4e01e2c20..6d5e1e2f2 100755 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -699,8 +699,9 @@ kaliOnTheR0ckz () { overlay=$(df -kh |grep overlay; echo $?) # if 1 overlay NOT present if [[ ${totalRoot} -lt 3059034 ]]; then - echo "(If?) You run Kali in LiveCD mode and we need more overlay disk space." - echo "This is defined by the total memory, you have: ${totalMem}kB which is not enough." + echo "(If?) You run Kali in LiveCD mode, you need more overlay disk space." + echo "This is defined by the total memory setting in you VM config." + echo "You currently have: ${totalMem}kB which is not enough." echo "6-8Gb should be fine. (need >3Gb overlayFS)" exit 1 fi @@ -3602,11 +3603,12 @@ x86_64-ubuntu-bionic x86_64-ubuntu-focal x86_64-ubuntu-hirsute x86_64-ubuntu-jammy -x86_64-kali-2021.4 x86_64-kali-2022.1 x86_64-kali-2022.2 x86_64-kali-2022.3 x86_64-kali-2022.4 +x86_64-kali-2023.1 +x86_64-kali-2023.2 armv6l-raspbian-stretch armv7l-raspbian-stretch armv7l-raspbian-buster diff --git a/INSTALL/INSTALL.sh.sfv b/INSTALL/INSTALL.sh.sfv index 1e88b1879..9239dcd0c 100644 --- a/INSTALL/INSTALL.sh.sfv +++ b/INSTALL/INSTALL.sh.sfv @@ -1,5 +1,5 @@ -; Generated by RHash v1.4.2 on 2023-07-01 at 17:15.04 +; Generated by RHash v1.4.4 on 2023-08-22 at 17:22.35 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/ ; -; 160686 17:15.04 2023-07-01 INSTALL.sh -INSTALL.sh 9576C31EC5BD942E1C9B12413E6408E4623252F7 78B708FE1FC6B39BE081B9F05C6AA5E1478F8762CAF5A8A7671A12EBA4D3C1C5 27991471FB5788F42AF3BBF86FC80A95341AA17AE9487016EEC94961A48437172702EB8E2D6CB300387E87D9E8E0E3E5 C1C21FD491AEFD662C87C3EF62837D769E63E9CF2446B9BD607CCEF8AFD72528824A8F408C6892FD51109390104010EF90DA7F4828950A8671D2986A6B8E216F +; 160749 17:22.35 2023-08-22 INSTALL.sh +INSTALL.sh 06BE6B05BBAD5007BDDDB73DBA2F090A3F4552B1 A4A53EB3EC60FFAD773E8E1D76278315B40042E1B2E62971E73D3F66E9327143 98072442A60BE33F9CCF8C205E4CB2A894CB060566ED9CB835DD4B38C6EDD66B2A94ABE860EFEBD9980EE6C1EF4A5B06 EE56B1BF53930F16CCF13B9C308D55E74D52CF65C1BFB03B890E06476A84F30B2C0AF0F488E34A7A22666B3C1F49866598A35B1EB9F3ADE57427DC56E772B7C9 diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index e1db6c05b..afb8272be 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -9576c31ec5bd942e1c9b12413e6408e4623252f7 INSTALL.sh +06be6b05bbad5007bdddb73dba2f090a3f4552b1 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index 6622f0558..711217d87 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -78b708fe1fc6b39be081b9f05c6aa5e1478f8762caf5a8a7671a12eba4d3c1c5 INSTALL.sh +a4a53eb3ec60ffad773e8e1d76278315b40042e1b2e62971e73d3f66e9327143 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index 0f9ebbe68..cbe9ca779 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -27991471fb5788f42af3bbf86fc80a95341aa17ae9487016eec94961a48437172702eb8e2d6cb300387e87d9e8e0e3e5 INSTALL.sh +98072442a60be33f9ccf8c205e4cb2a894cb060566ed9cb835dd4b38c6edd66b2a94abe860efebd9980ee6c1ef4a5b06 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index fa8fc6529..4dc9d26cb 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -c1c21fd491aefd662c87c3ef62837d769e63e9cf2446b9bd607ccef8afd72528824a8f408c6892fd51109390104010ef90da7f4828950a8671d2986a6b8e216f INSTALL.sh +ee56b1bf53930f16ccf13b9c308d55e74d52cf65c1bfb03b890e06476a84f30b2c0af0f488e34a7a22666b3c1f49866598a35b1eb9f3ade57427dc56e772b7c9 INSTALL.sh From 97ccb4810d52f34b6c2f525dd27ce931b4411a2d Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 23 Aug 2023 13:54:33 +0200 Subject: [PATCH 09/29] chg: [misp-galaxy] updated to the latest version --- app/files/misp-galaxy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/misp-galaxy b/app/files/misp-galaxy index f5729ac23..34b86e4ab 160000 --- a/app/files/misp-galaxy +++ b/app/files/misp-galaxy @@ -1 +1 @@ -Subproject commit f5729ac23a7dcb8fc9dc3194a3e125484c515742 +Subproject commit 34b86e4abc47d3dfbafaa813f01e22be0387168a From 5d60e9ffbba21986aca617cfadc83b418d07ca14 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 23 Aug 2023 13:55:01 +0200 Subject: [PATCH 10/29] chg: [misp-objects] updated to the latest version --- app/files/misp-objects | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/misp-objects b/app/files/misp-objects index 4da05293d..8b6489815 160000 --- a/app/files/misp-objects +++ b/app/files/misp-objects @@ -1 +1 @@ -Subproject commit 4da05293d723ad6f9db4a3e349e140daa5d2a28d +Subproject commit 8b648981573f77c9526df5322c52902ae1a81859 From 24458a1c8e9de43edc4c5b51693414bea3556a74 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 23 Aug 2023 13:55:36 +0200 Subject: [PATCH 11/29] chg: [warning-lists] updated --- app/files/warninglists | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/warninglists b/app/files/warninglists index 11101527c..07a1e6609 160000 --- a/app/files/warninglists +++ b/app/files/warninglists @@ -1 +1 @@ -Subproject commit 11101527c0e55810613d3d753f2e770219895c39 +Subproject commit 07a1e66092a8216574b103c650b423e816a1091a From 98e8a19f020a6094f74bd24d794f3b7e25f5af8b Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 23 Aug 2023 13:56:00 +0200 Subject: [PATCH 12/29] chg: [taxonomies] updated to the latest version --- app/files/taxonomies | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/taxonomies b/app/files/taxonomies index 59ec473a5..8d8433399 160000 --- a/app/files/taxonomies +++ b/app/files/taxonomies @@ -1 +1 @@ -Subproject commit 59ec473a5f7a44755a6098890a1ee290487bfc53 +Subproject commit 8d8433399f0d00651238237be091fe63768a924f From 3bdc5b8eeec0f9527bd75def2eab250e53797172 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 23 Aug 2023 13:56:50 +0200 Subject: [PATCH 13/29] chg: [misp-workflow-blueprints] updated to the latest version --- app/files/misp-workflow-blueprints | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/misp-workflow-blueprints b/app/files/misp-workflow-blueprints index 7df546216..2337bdeb8 160000 --- a/app/files/misp-workflow-blueprints +++ b/app/files/misp-workflow-blueprints @@ -1 +1 @@ -Subproject commit 7df546216a1d2b4073714476fd92434cc166e516 +Subproject commit 2337bdeb8c0aa7125db3a410fdb6a54ec50d6865 From 6ac212311df4531d0812110fd972cdbc71fc61be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 23 Aug 2023 14:01:02 +0200 Subject: [PATCH 14/29] chg: [PyMISP] Bump --- PyMISP | 2 +- app/Controller/AppController.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PyMISP b/PyMISP index 94983c01e..a2566f028 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 94983c01ecced6086df28133a38a297111534142 +Subproject commit a2566f0282b9f3f83b7785e9fdac3f7aa95fd88b diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index f3a9f9672..3550c0fec 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -34,7 +34,7 @@ class AppController extends Controller public $helpers = array('OrgImg', 'FontAwesome', 'UserName'); private $__queryVersion = '155'; - public $pyMispVersion = '2.4.174'; + public $pyMispVersion = '2.4.175'; public $phpmin = '7.2'; public $phprec = '7.4'; public $phptoonew = '8.0'; From eb12f89a2dd2612b8bb45a4135370754d1b6b6ab Mon Sep 17 00:00:00 2001 From: Christian Studer Date: Wed, 23 Aug 2023 15:52:48 +0200 Subject: [PATCH 15/29] chg: [misp-stix] Bumped latest version --- app/files/scripts/misp-stix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/scripts/misp-stix b/app/files/scripts/misp-stix index a12d40a4f..ebe8ed4be 160000 --- a/app/files/scripts/misp-stix +++ b/app/files/scripts/misp-stix @@ -1 +1 @@ -Subproject commit a12d40a4ff8a19c0a6b9f4d719c9549e805108c5 +Subproject commit ebe8ed4be1b72065ecafd03b0578682557227fcc From 930333f69d4760531a256ec7e4063bbab0437fed Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 24 Aug 2023 09:36:19 +0200 Subject: [PATCH 16/29] Update bug-form.yml describe first the actual behaviour --- .github/ISSUE_TEMPLATE/bug-form.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug-form.yml b/.github/ISSUE_TEMPLATE/bug-form.yml index 329ab8a76..828002132 100644 --- a/.github/ISSUE_TEMPLATE/bug-form.yml +++ b/.github/ISSUE_TEMPLATE/bug-form.yml @@ -9,18 +9,18 @@ body: Please read the [FAQ](https://www.circl.lu/doc/misp/faq/) before opening an issue. If you would like to report a bug, please fill the template bellow: - - type: textarea - id: expected-behavior - attributes: - label: Expected behavior - validations: - required: true - type: textarea id: actual-behavior attributes: label: Actual behavior validations: required: true + - type: textarea + id: expected-behavior + attributes: + label: Expected behavior + validations: + required: true - type: textarea id: steps-to-reproduce attributes: From 225b74bf9377277433cb3a22580d01db0b449bd4 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 24 Aug 2023 11:07:38 +0200 Subject: [PATCH 17/29] chg: skip if email disabled, avoids logging exception on each email attempt fixes #9251 --- app/Model/User.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Model/User.php b/app/Model/User.php index 929aaaa25..f2a5403fb 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -845,6 +845,10 @@ class User extends AppModel */ public function sendEmail(array $user, $body, $bodyNoEnc = false, $subject, $replyToUser = false) { + if (Configure::read('MISP.disable_emailing')) { + return true; + } + if ($user['User']['disabled'] || !$this->checkIfUserIsValid($user['User'])) { return true; } From 7c3914a4be626f7d311c857e8ca16f2762fcd767 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Thu, 24 Aug 2023 11:58:28 +0200 Subject: [PATCH 18/29] fix: event audit log pagination bug, fixes #9245 --- app/Controller/AuditLogsController.php | 1 + app/View/AuditLogs/event_index.ctp | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/app/Controller/AuditLogsController.php b/app/Controller/AuditLogsController.php index 4199c748f..a58135d42 100644 --- a/app/Controller/AuditLogsController.php +++ b/app/Controller/AuditLogsController.php @@ -158,6 +158,7 @@ class AuditLogsController extends AppController } $this->paginate['conditions'] = $this->__createEventIndexConditions($event); + $this->set('passedArgsArray', ['eventId' => $eventId, 'org' => $org]); $params = $this->IndexFilter->harvestParameters(['created', 'org']); if ($org) { diff --git a/app/View/AuditLogs/event_index.ctp b/app/View/AuditLogs/event_index.ctp index b78afc18b..3a9bacacf 100644 --- a/app/View/AuditLogs/event_index.ctp +++ b/app/View/AuditLogs/event_index.ctp @@ -50,7 +50,8 @@ echo $this->element('genericElements/IndexTable/index_table', [ 'element_path' => 'AuditLog/change' ] ], - 'title' => __('Audit logs for event #%s', intval($event['Event']['id'])) + 'title' => __('Audit logs for event #%s', intval($event['Event']['id'])), + 'persistUrlParams' => ['eventId', 'org'] ] ]); echo ''; From 18833664901ea9641545e8f7dcc9ffa047bd4056 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Thu, 24 Aug 2023 13:49:24 +0200 Subject: [PATCH 19/29] fix: [CRUD-IndexFilter] correct index page filtering for REST requests. fix #9265 --- app/Controller/Component/IndexFilterComponent.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/Component/IndexFilterComponent.php b/app/Controller/Component/IndexFilterComponent.php index 8d78351aa..15fc73924 100644 --- a/app/Controller/Component/IndexFilterComponent.php +++ b/app/Controller/Component/IndexFilterComponent.php @@ -54,7 +54,7 @@ class IndexFilterComponent extends Component private function __massageData($data, $request, $paramArray) { $data = array_filter($data, function($paramName) use ($paramArray) { - return !empty($paramArray[$paramName]); + return in_array($paramName, $paramArray); }, ARRAY_FILTER_USE_KEY); if (!empty($paramArray)) { From 31130ef2e5690513a950fb58f9d30f3c7dbe93ad Mon Sep 17 00:00:00 2001 From: Christian Studer Date: Thu, 24 Aug 2023 14:26:45 +0200 Subject: [PATCH 20/29] chg: [misp-stix] Bumped latest version --- app/files/scripts/misp-stix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/scripts/misp-stix b/app/files/scripts/misp-stix index ebe8ed4be..ae29d14f5 160000 --- a/app/files/scripts/misp-stix +++ b/app/files/scripts/misp-stix @@ -1 +1 @@ -Subproject commit ebe8ed4be1b72065ecafd03b0578682557227fcc +Subproject commit ae29d14f5870232340bf36deff3f1db47f7df78b From 02453d1a19c812a7231419c9849afe853a7a1521 Mon Sep 17 00:00:00 2001 From: Christian Studer Date: Thu, 24 Aug 2023 14:47:19 +0200 Subject: [PATCH 21/29] fix: [misp-stix] Bumped latest version including a quick fix --- app/files/scripts/misp-stix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/scripts/misp-stix b/app/files/scripts/misp-stix index ae29d14f5..6771e5cd9 160000 --- a/app/files/scripts/misp-stix +++ b/app/files/scripts/misp-stix @@ -1 +1 @@ -Subproject commit ae29d14f5870232340bf36deff3f1db47f7df78b +Subproject commit 6771e5cd9ec22d0d24ec9f657d78d385a3c5ef80 From 22f87aa9b0dd058f59b05c11fec3d4c0ddf98486 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 24 Aug 2023 15:17:56 +0200 Subject: [PATCH 22/29] chg: [version] bump --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index 1f1c3a0c9..859814823 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1 +1 @@ -{"major":2, "minor":4, "hotfix":174} +{"major":2, "minor":4, "hotfix":175} From f8321602e326364b2440812cfa91474e8425bd47 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Fri, 25 Aug 2023 09:04:29 +0200 Subject: [PATCH 23/29] fix: unable to enrich individual attribute, fixes #9267 --- app/View/Elements/Events/View/row_attribute.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Elements/Events/View/row_attribute.ctp b/app/View/Elements/Events/View/row_attribute.ctp index 73bc0f3c8..55150866b 100644 --- a/app/View/Elements/Events/View/row_attribute.ctp +++ b/app/View/Elements/Events/View/row_attribute.ctp @@ -358,12 +358,12 @@ if ($isSiteAdmin || $mayModify): if (isset($modules) && isset($modules['types'][$object['type']])): ?> -   +   - + From fd44c008201aafd6021d824ab1c4ba7621fe4e75 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Fri, 25 Aug 2023 09:04:29 +0200 Subject: [PATCH 24/29] fix: unable to enrich individual attribute, fixes #9267 --- app/View/Elements/Events/View/row_attribute.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Elements/Events/View/row_attribute.ctp b/app/View/Elements/Events/View/row_attribute.ctp index 73bc0f3c8..55150866b 100644 --- a/app/View/Elements/Events/View/row_attribute.ctp +++ b/app/View/Elements/Events/View/row_attribute.ctp @@ -358,12 +358,12 @@ if ($isSiteAdmin || $mayModify): if (isset($modules) && isset($modules['types'][$object['type']])): ?> -   +   - + From a9cc6f4ba728fa0c8926b15b537886c9608a0670 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Fri, 25 Aug 2023 09:20:53 +0200 Subject: [PATCH 25/29] fix: unable to enrich individual shadow attribute --- app/View/Elements/Events/View/row_attribute.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Elements/Events/View/row_attribute.ctp b/app/View/Elements/Events/View/row_attribute.ctp index 55150866b..e8a5da7b0 100644 --- a/app/View/Elements/Events/View/row_attribute.ctp +++ b/app/View/Elements/Events/View/row_attribute.ctp @@ -338,12 +338,12 @@ if ($isAclAdd && ($isSiteAdmin || !$mayModify)): if (isset($modules) && isset($modules['types'][$object['type']])): ?> -   +   - + From c4a3682849f7fab620c34e4cdb66119ca6eed4aa Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Fri, 25 Aug 2023 09:20:53 +0200 Subject: [PATCH 26/29] fix: unable to enrich individual shadow attribute --- app/View/Elements/Events/View/row_attribute.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/View/Elements/Events/View/row_attribute.ctp b/app/View/Elements/Events/View/row_attribute.ctp index 55150866b..e8a5da7b0 100644 --- a/app/View/Elements/Events/View/row_attribute.ctp +++ b/app/View/Elements/Events/View/row_attribute.ctp @@ -338,12 +338,12 @@ if ($isAclAdd && ($isSiteAdmin || !$mayModify)): if (isset($modules) && isset($modules['types'][$object['type']])): ?> -   +   - + From 4b6c6240ef8dda06b0f9048dd52dace48df9bda2 Mon Sep 17 00:00:00 2001 From: Christian Studer Date: Fri, 25 Aug 2023 09:27:30 +0200 Subject: [PATCH 27/29] fix: [stix2 import] Fixed debugging message for errors and warnings when the `debug` option is set --- app/files/scripts/stix2/stix2misp.py | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/app/files/scripts/stix2/stix2misp.py b/app/files/scripts/stix2/stix2misp.py index 3d80f2f42..ed5fa15ef 100644 --- a/app/files/scripts/stix2/stix2misp.py +++ b/app/files/scripts/stix2/stix2misp.py @@ -33,6 +33,17 @@ from misp_stix_converter import ( from stix2.parsing import parse as stix2_parser +def _handle_return_message(traceback): + if isinstance(traceback, dict): + messages = [] + for key, values in traceback.items(): + messages.append(f'- {key}') + for value in values: + messages.append(f' - {value}') + return '\n '.join(messages) + return '\n - '.join(traceback) + + def _process_stix_file(args: argparse.ArgumentParser): try: with open(args.input, 'rt', encoding='utf-8') as f: @@ -63,11 +74,10 @@ def _process_stix_file(args: argparse.ArgumentParser): if args.debug: for feature in ('errors', 'warnings'): if getattr(parser, feature): - print(getattr(parser, feature), file=sys.stderr) - message = '\n - '.join(getattr(parser, feature).values()) + message = _handle_return_message(getattr(parser, feature)) print( f'{feature.title()} encountered while importing ' - f'STIX {stix_version} content:\n - {message}', + f'STIX {stix_version} content:\n {message}', file=sys.stderr ) except Exception as e: From 910fc39806430c89195b0db34e11f14f6cdfd469 Mon Sep 17 00:00:00 2001 From: Luciano Righetti Date: Wed, 30 Aug 2023 15:24:18 +0200 Subject: [PATCH 28/29] fix: [restSearch] exact match for values starting with %, fixes #9258 --- app/Model/AppModel.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index b62cadca0..d14b0717e 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -3299,6 +3299,7 @@ class AppModel extends Model $temp[] = array($key . ' NOT LIKE' => $f); } else { $temp[] = array($key . ' LIKE' => $f); + $temp[] = array($key => $f); } } } else { From c7d95759088ebb0b7bea37e08727efebf8935d6e Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 6 Sep 2023 09:01:21 +0200 Subject: [PATCH 29/29] new: [UI] show which attributes/objects are new and awaiting publication still --- app/View/Elements/Events/View/row_attribute.ctp | 5 ++++- app/View/Elements/Events/View/row_object.ctp | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/app/View/Elements/Events/View/row_attribute.ctp b/app/View/Elements/Events/View/row_attribute.ctp index 73bc0f3c8..1fe472c3a 100644 --- a/app/View/Elements/Events/View/row_attribute.ctp +++ b/app/View/Elements/Events/View/row_attribute.ctp @@ -11,6 +11,9 @@ } else { $attributeEvent = $event; } + + $isNew = $object['timestamp'] > $event['Event']['publish_timestamp']; + $editScope = $mayModify ? 'Attribute' : 'ShadowAttribute'; if (!empty($child)) { if ($child === 'last' && empty($object['ShadowAttribute'])) { @@ -69,7 +72,7 @@ element('/Events/View/seen_field', array('object' => $object)); ?> - Time->date($object['timestamp']) ?> + >Time->date($object['timestamp']) . ($isNew ? '*' : '') ?> diff --git a/app/View/Elements/Events/View/row_object.ctp b/app/View/Elements/Events/View/row_object.ctp index 55369843b..e8d7a2f91 100644 --- a/app/View/Elements/Events/View/row_object.ctp +++ b/app/View/Elements/Events/View/row_object.ctp @@ -7,6 +7,7 @@ } else { $objectEvent = $event; } + $isNew = $object['timestamp'] > $event['Event']['publish_timestamp']; if ($object['deleted']) $tr_class .= ' lightBlueRow'; else $tr_class .= ' blueRow'; if (!empty($k)) { @@ -33,7 +34,7 @@ $objectId = intval($object['id']); element('/Events/View/seen_field', array('object' => $object)); ?> - Time->date($object['timestamp']) ?> + >Time->date($object['timestamp']) . ($isNew ? '*' : '') ?>