MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
15,527 Commits
41 Branches
370 Tags
181 MiB
Commit Graph

12156 Commits (1a573e9b50195023a781de349a5beb31d8b12efd)

Author SHA1 Message Date
iglocska 1a573e9b50
fix: [acl] Added event block rule 2020-06-30 13:15:58 +02:00
iglocska 77049b1cb7
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-06-30 10:46:20 +02:00
iglocska 3ec5fcba0b
new: [event block rule system] added 
- add simple tag filters to block events from being added.
- it will not stop a manual creation of an event with subsequent adding of the tag in a later stage
- it will however block synced events
 2020-06-30 10:45:36 +02:00
Andras Iklody a8521242d4
Merge pull request #6077 from JakubOnderka/contact-acl 
fix: [security] Check event ACL before allowing user to send event contact form
 2020-06-30 09:19:43 +02:00
Jakub Onderka b0be3b07fe fix: [security] Check event ACL before allowing user to send event contact form 2020-06-30 09:01:55 +02:00
chrisr3d d52aee3fb1 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2020-06-29 21:33:41 +02:00
chrisr3d c87f3b13f0
fix: [stix2 export] Fixed first_seen/last_seen field parsing 2020-06-29 21:32:58 +02:00
iglocska 54543eb866
fix: [returnAttributes] remap small cleanup 
- no need to set xml as returnformat, it's the default based on the injected params
 2020-06-29 21:14:26 +02:00
iglocska 3eee52c92f
fix: [security] deprecated function with lacking ACL removed 
- replaced deprecated, sharing group unaware, broken function with one that follows the documentation of the deprecated endpoint
- keeping it alive until we purge the deprecated ones in the move to MISP 3/next whatever

- Thanks to Jakub Onderka for reporting it!
 2020-06-29 21:09:47 +02:00
chrisr3d c3fd67329d Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2020-06-29 20:51:16 +02:00
chrisr3d f02c8df8a1
fix: [stix2] Fixed conversion of object relations containing dots into custom object values 
- Also includes changes to support the import of
  custom objects into MISP objects containing
  object relations with dots, to avoid issues or
  changes on the mapping
 2020-06-29 20:50:39 +02:00
chrisr3d f79331fe37
fix: [stix2] Fixed issue with custom object created from MISP object with underscore in the name 
- Includes fix to export the objects into custom
  objects, and to import custom objects into MISP
  objects back
- Should fix #6046
 2020-06-29 19:38:40 +02:00
mokaddem d14ce7de70
fix: [security] Insufficient ACL checks in the attachment downloader fixed 
- Thanks to Jakub Onderka for reporting it
 2020-06-29 14:10:23 +02:00
mokaddem 6321e02e34
chg: [users:resgister] Use the trimmed data instead 2020-06-29 10:18:20 +02:00
mokaddem bbd3b802be
fix: [tag:checkForOverride] Catch if tag didn't have a numerical value 
before the override
 2020-06-29 10:14:44 +02:00
mokaddem 89adde7e0b
fix: [user:registration] Report field validations to the user. Fix #6072 
and #6073
 2020-06-29 10:12:22 +02:00
Andras Iklody 26ae7faa53
Merge pull request #6063 from JakubOnderka/patch-118 
fix: [UI] Fetching from not enabled feed should be error
 2020-06-27 10:42:34 +02:00
Andras Iklody 34ade27ddf
Merge pull request #6062 from JakubOnderka/feed-incorect-call 
fix: [feed] Incorrect call in Feed::__saveEvent
 2020-06-27 10:41:50 +02:00
Andras Iklody a7e424b3c4
Merge pull request #6064 from obert01/fix-diag-accessibility 
Accessibility: ARIA properties for the "fix" button in the DB diagnostic tables
 2020-06-27 10:40:14 +02:00
Olivier BERT 9caa9f2a7f Added proper ARIA properties for the "fix" button in the DB index and DB schema diagnostic tables. 2020-06-26 16:04:55 +02:00
Jakub Onderka be4dd7792f
fix: [UI] Fetching from not enabled feed should be error 2020-06-26 15:52:49 +02:00
Jakub Onderka cb3608b009 fix: [feed] Incorrect call in Feed::__saveEvent 2020-06-26 14:56:38 +02:00
Andras Iklody e02816e4af
Merge pull request #6061 from JakubOnderka/list-sightings-ui 
fix: [internal] Do not create empty link for anonymized org sighting
 2020-06-26 12:22:19 +02:00
Jakub Onderka 35704f1cd6 fix: [internal] Do not create empty link for anonymized org sighting 2020-06-26 12:08:54 +02:00
Andras Iklody fd8acaace9
Merge pull request #6060 from JakubOnderka/correlation-expand-fi 
fix: [UI] Expanding attribute correlations on other pages
 2020-06-26 10:15:19 +02:00
Jakub Onderka 7a50616226 fix: [UI] Expanding attribute correlations on other pages 2020-06-26 10:12:00 +02:00
Raphaël Vinot 9dfd5ad882 ch: Bump warninglists 2020-06-25 14:08:50 +02:00
Raphaël Vinot bf4f56f914 ch: Bump misp-objects 2020-06-25 14:03:18 +02:00
chrisr3d 364ca9d9d8
fix: [stix2 export] Fixed datetime issue with the 'created' field of some stix objects 
- Following some changes on the python stix2
  library, that caused an issue with the previous
  way we created the 'created' field
 2020-06-24 15:23:49 +02:00
Andras Iklody 1d94458b49
Merge pull request #5985 from vaclavbartos/2.4 
fix: [mail] Fix body of passwordReset/newUser emails
 2020-06-23 23:46:39 +02:00
Andras Iklody 317d9f3661
Merge pull request #6026 from JakubOnderka/save-sightings-optimisation 
Save sightings optimisation
 2020-06-23 23:39:46 +02:00
Andras Iklody d8e6367d07
Merge pull request #6043 from StefanKelm/2.4 
Update side_menu.ctp
 2020-06-23 23:34:22 +02:00
Andras Iklody 7d812adb80
Merge pull request #6045 from JakubOnderka/sightings-loading-optim 
chg: [internal] Faster loading sightings if the same attribute is req…
 2020-06-23 23:33:52 +02:00
Andras Iklody 2d8b2f82b9
Merge pull request #6049 from JakubOnderka/patch-116 
fix: [internal] HTML code fix
 2020-06-23 23:32:16 +02:00
iglocska a2c4b5ae38
chg: [statistics shell] added total commit count 2020-06-23 21:08:59 +02:00
iglocska 28048871b7
new: [statistics] shell added for the git codebase's contributor counters 
- to be extended with other similar tasks
 2020-06-23 21:05:08 +02:00
Jakub Onderka 35dd366fc6
fix: [internal] HTML code fix 2020-06-23 14:02:45 +02:00
Jakub Onderka ce47d32df1 chg: [internal] Move getting sightings range to one place 2020-06-23 08:44:55 +02:00
Jakub Onderka ea5a819064 chg: [internal] Faster loading sightings if the same attribute is requested 2020-06-23 08:37:14 +02:00
StefanKelm 1e97f16c3c
Update side_menu.ctp 
Adjusts menu to be in line with "Global Actions"
 2020-06-22 16:06:43 +02:00
Raphaël Vinot 688585b323 chg: [PyMISP] Bump 2020-06-22 14:34:49 +02:00
iglocska 6b95047c1e
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-06-22 11:11:31 +02:00
iglocska 2eccb31636
fix: [ACL] unpublished_private global setting tightened to include correlations 
- Thanks to Jakub Onderka for reporting and providing a fix to this!
 2020-06-22 11:10:25 +02:00
iglocska 609bfbd450
fix: [security] missing ACL lookup on attribute correlations 
- attribute correlation ACL checks are skipped when querying the attribute restsearch API revealing metadata about a correlating but unreachable attribute.

- Thanks to Jakub Onderka for his tireless work and for reporting this!
 2020-06-22 11:00:56 +02:00
chrisr3d 6c7c481419
fix: [stix2 import] Quick issues fixing 
- Fixed issue that could happen sometimes during
  an external pattern parsing when we split the
  identifier of the pattern from the value.
  We now make sure the identifier is stripped, so
  we avoid issues with the mapping dictionaries
  that could not recognize it
- Also displaying  a warning message when we have
  no attributes resulting from the parsing of an
  external pattern or observable object
 2020-06-19 15:59:26 +02:00
chrisr3d 6611b957fe
fix: [stix2 import] Small update on the mapping to work with some external patterns seen recently 2020-06-19 15:54:16 +02:00
chrisr3d a06405f643
fix: [stix2 import] Fixed some external observable objects import 2020-06-19 14:07:00 +02:00
chrisr3d b0cfb39a61
fix: [stix2 import] Fixed no longer existing variable in the mapping script 2020-06-19 13:59:02 +02:00
chrisr3d a08d3e8e4d
fix: [stix2 import] Added the function to parse external email-address observable objects, that was missing 2020-06-19 13:48:51 +02:00
chrisr3d eec2a26950
chg: [stix2 import] Parsing external pattern made with 'OR' separators the same way we do for pattern with 'AND' 
- Also slight update of some mapping dictionaries
  to go with the changes introduced with this
  commit on the main script
 2020-06-19 13:45:31 +02:00