MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
21,710 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

5681 Commits (274e427ce3d2f620e6989b5ee92ac9a21fb9b3fa)

Author SHA1 Message Date
Jakub Onderka 274e427ce3 chg: [internal] Better logging for taxonomies 2022-04-11 14:18:23 +02:00
Jakub Onderka c419fb69ea fix: [UI] REST client 2022-04-10 15:04:48 +02:00
Jakub Onderka ff150b8834 chg: [internal] Do not generate export array when initializing Event class 2022-04-10 09:49:21 +02:00
Jakub Onderka 9e8608b3d3 chg: [jsonTool] Properly handle invalid JSON for PHP 7.2 and older 2022-04-10 09:38:25 +02:00
Sami Mokaddem bd24e875ee
chg: [feed] Show filtering on type only for server 2022-04-04 13:53:09 +02:00
Sami Mokaddem 8d5f6e6662
chg: [feed:pullRules] Added hints suggestions for url_params 2022-04-04 12:01:59 +02:00
Sami Mokaddem 671c5588f4
fix: [feed] Apply url_param filtering rules 
Currently only support timestamp and publish_timestamp
 2022-04-04 12:00:15 +02:00
Sami Mokaddem 077b43c33e
fix: [feed:filterEventIndex] Correctly filter out events based on the tag's filter rule 2022-04-04 11:56:55 +02:00
Sami Mokaddem 6c258015a1
chg: [servers:getAllTypes] Moved the type and object collection action for filtering in the model 2022-04-04 11:52:47 +02:00
iglocska 861a9af713
Merge branch '2.4' into develop 2022-03-28 17:49:28 +02:00
Jakub Onderka dc80aaabbb
Merge pull request #8245 from JakubOnderka/advaced_authkeys_non_exists_user 
new: [test] advanced_authkeys_non_exists_user
 2022-03-27 19:23:30 +02:00
Jakub Onderka 5167e4090f chg: [galaxy] Simplify code for fetching galaxy cluster 2022-03-27 19:15:10 +02:00
Jakub Onderka 4af34a999c chg [galaxy] Simplify saving galaxies 2022-03-27 18:45:32 +02:00
Jakub Onderka 67fd15f543 chg: [warninglist] Insert in bigger chunks 2022-03-27 18:45:32 +02:00
Jakub Onderka 1a589c64f8 chg [authkeys] Add validation 2022-03-27 18:45:32 +02:00
Jakub Onderka 8636c1f903 chg: [syslog] Remove duplicate date and log type from log 2022-03-27 13:05:33 +02:00
Jakub Onderka 6af7503b36 fix: [sign] Remove unused method 2022-03-26 13:16:51 +01:00
Jakub Onderka a07625294b chg: [sign] Return signature in binary format 2022-03-26 12:10:26 +01:00
Jakub Onderka f1dd24933c fix: [sign] Allow to sign event by key stored in gpg homedir 2022-03-26 12:10:26 +01:00
Jakub Onderka 5253ada680 chg: [sign] Simplified key handling 2022-03-26 08:41:09 +01:00
Luciano Righetti 34df13af81 fix: typo 2022-03-25 16:32:32 +01:00
iglocska f4e390ae27
new: [event locks] have an option to disable them 
- it's annoying and causes headaches
- as discussed in #8204
 2022-03-25 08:52:51 +01:00
iglocska 08ccdf23e2
chg: [server sync] update to the previous fix to include the recursive condition 
- instead of just replacing the condition with the contain list, include both to get the performance gains back
 2022-03-24 16:11:29 +01:00
iglocska b1f1b4d2cd
Merge branch '2.4' into develop 2022-03-24 15:37:21 +01:00
iglocska 15820bb5af
fix: [sync] publishing sharing group events fail to sync - fixed 
- code cleanup removed related models, including remote org which is needed to check if the remote is to receive an event

- as reported by @treyka
 2022-03-24 15:36:11 +01:00
iglocska d928363523
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-21 11:32:58 +01:00
iglocska 0480794dcf
fix: [cryptographic signing] added more graceful failures when GPG isn't configured 2022-03-21 11:31:58 +01:00
Jakub Onderka 611f75026f fix: [UI] Do not log exception for invalid key 2022-03-20 14:21:32 +01:00
Jakub Onderka ec0fae0c94 fix: [internal] Code style 2022-03-20 14:21:31 +01:00
Jakub Onderka ebef28b8cc
Merge pull request #8228 from JakubOnderka/validate-attribute-type 
fix: [api] Validate attribute type to avoid warnings
 2022-03-20 14:18:31 +01:00
Jakub Onderka f3ed07fefc fix: [api] Validate attribute type to avoid warnings 2022-03-19 13:14:10 +01:00
Jakub Onderka 9d8fc81678 chg: [internal] Throw exception if Redis class not found 2022-03-19 12:31:55 +01:00
Alexandre Dulaunoy ab1305cc18
Merge pull request #8218 from righel/org-svg-logo-setting 
new: add setting for allowing svg org logos
 2022-03-18 11:01:14 +01:00
Jakub Onderka 2d23e0125b
Merge pull request #8215 from JakubOnderka/pgp-signature-optim 
chg: [cryptograhicKey] Simplified code for event pushing
 2022-03-17 17:03:40 +01:00
Luciano Righetti 8dcf414340 fix: [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 15:55:21 +01:00
iglocska 07b091778a
Merge branch '2.4' into develop 2022-03-17 15:51:06 +01:00
Hendrik Baecker eb7a1301bb [chg] LinOTP now with enable/disable as config feature 2022-03-17 15:19:58 +01:00
Sami Mokaddem 4af6a4d1aa
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-03-17 14:43:27 +01:00
Sami Mokaddem d65ef9c966
chg: [cryptographicKeys] Indexed more column and bumped db_schema 2022-03-17 14:43:01 +01:00
Luciano Righetti 2bd4a5b30c fix: [security] a malicious site administrator could store an XSS payload in a svg org logo which would be executed if someone opens the direct link to the image, as reported by Ianis BERNARD - NATO Cyber Security Centre 2022-03-17 14:42:49 +01:00
iglocska 0ada3e9bb5
fix: [signing] add try/catch around the gpg initialisation 
- otherwise instances without gpg set up will fail when viewing events
 2022-03-17 14:28:56 +01:00
Jakub Onderka f208c656ea chg: [cryptograhicKey] Simplified code for event pushing 2022-03-17 13:58:25 +01:00
Sami Mokaddem 9307a07760
fix: [events:edit] Correctly collects saved cryptographic keys when pushing an edit 2022-03-17 12:38:19 +01:00
iglocska 26ea06f2d9
fix: [gpg key] handle the lack of an instance key more gracefully 2022-03-17 02:31:45 +01:00
iglocska a63a628a1a
fix: [cryptograhicKey] instance key fingreprint caching fixed 2022-03-17 01:44:58 +01:00
iglocska e8dcb31623
Merge branch 'feature/protected_mode' into develop 2022-03-17 01:43:44 +01:00
iglocska 8ea0b2cb56
chg: [unused endpoint] removed 2022-03-17 00:57:41 +01:00
iglocska f8957cd62e
new: [instance key ingestion] added caching 
- cache the fingerprint of the instance for 5 minutes
- avoid an unnecesary overhead by caching the value for 5 minutes
 2022-03-17 00:53:02 +01:00
iglocska 8eff854fce
fix: [signing validation] use the existing event rather than the incoming event for edits 
- the ground truth for allowing edits is in the LOCAL version of the event
- prevents tampering attempts

- also cleanup of repetive file upload code
 2022-03-17 00:41:55 +01:00
iglocska 259a19a374
fix: [sync] removed newly added locked field as a sanitized sync field 
- ends up creating unlocked events on the remote, preventing future edits
 2022-03-16 15:36:58 +01:00