MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
21,574 Commits
34 Branches
365 Tags
189 MiB
Commit Graph

21574 Commits (205ddb0b5a013cf84e0f203a92eaa4eacda5eff8)

Author SHA1 Message Date
iglocska 205ddb0b5a
fix: [event view] make having a valid PGP setup optional for viewing events 
- don't throw an exception, rather set an empty key
 2022-03-18 13:54:31 +01:00
Alexandre Dulaunoy ab1305cc18
Merge pull request #8218 from righel/org-svg-logo-setting 
new: add setting for allowing svg org logos
 2022-03-18 11:01:14 +01:00
iglocska dddcc1dcff
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-18 10:12:39 +01:00
iglocska df1eb43b2c
Merge branch '2.4' into develop 2022-03-18 10:12:25 +01:00
iglocska 891572be9f
fix: [signing] fail gracefully if pgp not configured on event index 
- return the index, but set fingerprint as null rather than throwing an exception
 2022-03-18 10:11:29 +01:00
Sami Mokaddem b0a4660a88
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-18 09:14:29 +01:00
Sami Mokaddem ae0e335a05
chg: [events:restSearchExport] Format export based on the responseType 2022-03-18 09:14:10 +01:00
Jakub Onderka 2d23e0125b
Merge pull request #8215 from JakubOnderka/pgp-signature-optim 
chg: [cryptograhicKey] Simplified code for event pushing
 2022-03-17 17:03:40 +01:00
iglocska 615ef1a6e7
Merge branch 'develop' into 2.4 2022-03-17 16:15:11 +01:00
iglocska 68d1e16fb2
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 16:12:42 +01:00
iglocska ff9cd40221
chg: [queryversion] bumped 2022-03-17 16:12:13 +01:00
Luciano Righetti 8dcf414340 fix: [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 15:55:21 +01:00
iglocska 07b091778a
Merge branch '2.4' into develop 2022-03-17 15:51:06 +01:00
Alexandre Dulaunoy bb82bd710c
Merge pull request #8216 from 3c7/patch-1 
Update OidcAuth readme
 2022-03-17 15:49:19 +01:00
Alexandre Dulaunoy 78d6f8b93f
Merge pull request #8217 from DCSO/linotp_errormessages 
[chg] LinOTP error exceptions up to the ui
 2022-03-17 15:48:35 +01:00
Andras Iklody 440d692bfa
Merge pull request #8219 from DCSO/linotp_on_off_config 
[chg] LinOTP now with enable/disable as config feature
 2022-03-17 15:47:20 +01:00
iglocska 83f1397f96
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 15:37:43 +01:00
iglocska 965b382faa
fix: [cryptographic key view] fixed 
- was just grabbing the first key
 2022-03-17 15:37:22 +01:00
Luciano Righetti 8cc93687dc fix: [security] lfi via custom terms file setting, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 15:36:35 +01:00
iglocska 1b5edc99cf
fix: [event index] minimal mode fixed for signed events 2022-03-17 15:22:02 +01:00
Hendrik Baecker eb7a1301bb [chg] LinOTP now with enable/disable as config feature 2022-03-17 15:19:58 +01:00
iglocska c4cb313f61
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 14:51:34 +01:00
iglocska 90d232bde2
fix: [signing] removed colour coding of protected/unprotected events 
- gave the idea that one is "right" and one is "wrong", whilst they're just for different use-cases
 2022-03-17 14:50:14 +01:00
Luciano Righetti c2456c8ce3 Merge branch 'org-svg-logo-setting' of github.com:righel/MISP into org-svg-logo-setting 2022-03-17 14:49:59 +01:00
Sami Mokaddem 4af6a4d1aa
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 14:43:27 +01:00
Sami Mokaddem d65ef9c966
chg: [cryptographicKeys] Indexed more column and bumped db_schema 2022-03-17 14:43:01 +01:00
Luciano Righetti 2bd4a5b30c fix: [security] a malicious site administrator could store an XSS payload in a svg org logo which would be executed if someone opens the direct link to the image, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 14:42:49 +01:00
iglocska f16d83c60c
fix: [event view] distribution field fixed 
- didn't display the sharing groups
 2022-03-17 14:38:06 +01:00
Luciano Righetti 08a07a38ae new: add setting for allowing svg org logos 2022-03-17 14:36:07 +01:00
iglocska 63bc2ff77b
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 14:29:39 +01:00
iglocska 0ada3e9bb5
fix: [signing] add try/catch around the gpg initialisation 
- otherwise instances without gpg set up will fail when viewing events
 2022-03-17 14:28:56 +01:00
Sami Mokaddem 6862f1a9d8
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 14:25:51 +01:00
Sami Mokaddem 2d14113de9
chg: [events:view] Removed duplicated lockpad icon 2022-03-17 14:25:40 +01:00
Hendrik Baecker c42d34faac [chg] LinOTP error exceptions up to the ui 2022-03-17 14:23:24 +01:00
Nils Kuhnert 48752ba624
Update OidcAuth readme 
Replaced required dependency.
 2022-03-17 14:12:32 +01:00
iglocska 61d4d36705
fix: [security] stored XSS in the user add/edit forms 
- a malicious site administrator could store an XSS payload in the custom auth name which would be executed each time the administrator modifies a user

- as reported by Ianis BERNARD - NATO Cyber Security Centre
 2022-03-17 14:10:09 +01:00
Jakub Onderka f208c656ea chg: [cryptograhicKey] Simplified code for event pushing 2022-03-17 13:58:25 +01:00
Alexandre Dulaunoy ca036781ca
chg: [taxonomies] updated to the latest version 2022-03-17 13:43:29 +01:00
Alexandre Dulaunoy b365be8e36
chg: [misp-galaxy] updated 2022-03-17 13:42:40 +01:00
iglocska dc63cb772c
Merge branch '2.4' into develop 2022-03-17 13:25:05 +01:00
Sami Mokaddem 9307a07760
fix: [events:edit] Correctly collects saved cryptographic keys when pushing an edit 2022-03-17 12:38:19 +01:00
Sami Mokaddem b92d8ddb8f
chg: [events:index] Check for not empty instead 2022-03-17 11:50:49 +01:00
Sami Mokaddem 188153ffe9
chg: [events] Typo in protected description 2022-03-17 11:50:06 +01:00
Alexandre Dulaunoy bcf8e49654
chg: [misp-objects] updated to the latest version 2022-03-17 10:27:36 +01:00
Jakub Onderka 72b8daa7a5
Merge pull request #8213 from JakubOnderka/oidc_undefined_index 
fix: [oidc] Undefined index
 2022-03-17 09:57:09 +01:00
Jakub Onderka ff39069bbc fix: [oidc] Undefined index 2022-03-17 09:29:02 +01:00
Alexandre Dulaunoy a0e6be2cdd
chg: [PyMISP] updated 2022-03-17 09:25:27 +01:00
iglocska 26ea06f2d9
fix: [gpg key] handle the lack of an instance key more gracefully 2022-03-17 02:31:45 +01:00
iglocska 47a997363c
chg: [CI] make the tests happy 
- trailing comma after the last parameter in a function is not allowed in some PHP versions
 2022-03-17 02:09:22 +01:00
iglocska a63a628a1a
fix: [cryptograhicKey] instance key fingreprint caching fixed 2022-03-17 01:44:58 +01:00