Jakub Onderka
|
274e427ce3
|
chg: [internal] Better logging for taxonomies
|
2022-04-11 14:18:23 +02:00 |
Jakub Onderka
|
c419fb69ea
|
fix: [UI] REST client
|
2022-04-10 15:04:48 +02:00 |
Jakub Onderka
|
ff150b8834
|
chg: [internal] Do not generate export array when initializing Event class
|
2022-04-10 09:49:21 +02:00 |
Jakub Onderka
|
9e8608b3d3
|
chg: [jsonTool] Properly handle invalid JSON for PHP 7.2 and older
|
2022-04-10 09:38:25 +02:00 |
Sami Mokaddem
|
bd24e875ee
|
chg: [feed] Show filtering on type only for server
|
2022-04-04 13:53:09 +02:00 |
Sami Mokaddem
|
8d5f6e6662
|
chg: [feed:pullRules] Added hints suggestions for url_params
|
2022-04-04 12:01:59 +02:00 |
Sami Mokaddem
|
671c5588f4
|
fix: [feed] Apply url_param filtering rules
Currently only support timestamp and publish_timestamp
|
2022-04-04 12:00:15 +02:00 |
Sami Mokaddem
|
077b43c33e
|
fix: [feed:filterEventIndex] Correctly filter out events based on the tag's filter rule
|
2022-04-04 11:56:55 +02:00 |
Sami Mokaddem
|
6c258015a1
|
chg: [servers:getAllTypes] Moved the type and object collection action for filtering in the model
|
2022-04-04 11:52:47 +02:00 |
iglocska
|
861a9af713
|
Merge branch '2.4' into develop
|
2022-03-28 17:49:28 +02:00 |
Jakub Onderka
|
dc80aaabbb
|
Merge pull request #8245 from JakubOnderka/advaced_authkeys_non_exists_user
new: [test] advanced_authkeys_non_exists_user
|
2022-03-27 19:23:30 +02:00 |
Jakub Onderka
|
5167e4090f
|
chg: [galaxy] Simplify code for fetching galaxy cluster
|
2022-03-27 19:15:10 +02:00 |
Jakub Onderka
|
4af34a999c
|
chg [galaxy] Simplify saving galaxies
|
2022-03-27 18:45:32 +02:00 |
Jakub Onderka
|
67fd15f543
|
chg: [warninglist] Insert in bigger chunks
|
2022-03-27 18:45:32 +02:00 |
Jakub Onderka
|
1a589c64f8
|
chg [authkeys] Add validation
|
2022-03-27 18:45:32 +02:00 |
Jakub Onderka
|
8636c1f903
|
chg: [syslog] Remove duplicate date and log type from log
|
2022-03-27 13:05:33 +02:00 |
Jakub Onderka
|
6af7503b36
|
fix: [sign] Remove unused method
|
2022-03-26 13:16:51 +01:00 |
Jakub Onderka
|
a07625294b
|
chg: [sign] Return signature in binary format
|
2022-03-26 12:10:26 +01:00 |
Jakub Onderka
|
f1dd24933c
|
fix: [sign] Allow to sign event by key stored in gpg homedir
|
2022-03-26 12:10:26 +01:00 |
Jakub Onderka
|
5253ada680
|
chg: [sign] Simplified key handling
|
2022-03-26 08:41:09 +01:00 |
Luciano Righetti
|
34df13af81
|
fix: typo
|
2022-03-25 16:32:32 +01:00 |
iglocska
|
f4e390ae27
|
new: [event locks] have an option to disable them
- it's annoying and causes headaches
- as discussed in #8204
|
2022-03-25 08:52:51 +01:00 |
iglocska
|
08ccdf23e2
|
chg: [server sync] update to the previous fix to include the recursive condition
- instead of just replacing the condition with the contain list, include both to get the performance gains back
|
2022-03-24 16:11:29 +01:00 |
iglocska
|
b1f1b4d2cd
|
Merge branch '2.4' into develop
|
2022-03-24 15:37:21 +01:00 |
iglocska
|
15820bb5af
|
fix: [sync] publishing sharing group events fail to sync - fixed
- code cleanup removed related models, including remote org which is needed to check if the remote is to receive an event
- as reported by @treyka
|
2022-03-24 15:36:11 +01:00 |
iglocska
|
d928363523
|
Merge branch 'develop' of github.com:MISP/MISP into develop
|
2022-03-21 11:32:58 +01:00 |
iglocska
|
0480794dcf
|
fix: [cryptographic signing] added more graceful failures when GPG isn't configured
|
2022-03-21 11:31:58 +01:00 |
Jakub Onderka
|
611f75026f
|
fix: [UI] Do not log exception for invalid key
|
2022-03-20 14:21:32 +01:00 |
Jakub Onderka
|
ec0fae0c94
|
fix: [internal] Code style
|
2022-03-20 14:21:31 +01:00 |
Jakub Onderka
|
ebef28b8cc
|
Merge pull request #8228 from JakubOnderka/validate-attribute-type
fix: [api] Validate attribute type to avoid warnings
|
2022-03-20 14:18:31 +01:00 |
Jakub Onderka
|
f3ed07fefc
|
fix: [api] Validate attribute type to avoid warnings
|
2022-03-19 13:14:10 +01:00 |
Jakub Onderka
|
9d8fc81678
|
chg: [internal] Throw exception if Redis class not found
|
2022-03-19 12:31:55 +01:00 |
Alexandre Dulaunoy
|
ab1305cc18
|
Merge pull request #8218 from righel/org-svg-logo-setting
new: add setting for allowing svg org logos
|
2022-03-18 11:01:14 +01:00 |
Jakub Onderka
|
2d23e0125b
|
Merge pull request #8215 from JakubOnderka/pgp-signature-optim
chg: [cryptograhicKey] Simplified code for event pushing
|
2022-03-17 17:03:40 +01:00 |
Luciano Righetti
|
8dcf414340
|
fix: [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre
|
2022-03-17 15:55:21 +01:00 |
iglocska
|
07b091778a
|
Merge branch '2.4' into develop
|
2022-03-17 15:51:06 +01:00 |
Hendrik Baecker
|
eb7a1301bb
|
[chg] LinOTP now with enable/disable as config feature
|
2022-03-17 15:19:58 +01:00 |
Sami Mokaddem
|
4af6a4d1aa
|
Merge branch 'develop' of github.com:MISP/MISP into develop
|
2022-03-17 14:43:27 +01:00 |
Sami Mokaddem
|
d65ef9c966
|
chg: [cryptographicKeys] Indexed more column and bumped db_schema
|
2022-03-17 14:43:01 +01:00 |
Luciano Righetti
|
2bd4a5b30c
|
fix: [security] a malicious site administrator could store an XSS payload in a svg org logo which would be executed if someone opens the direct link to the image, as reported by Ianis BERNARD - NATO Cyber Security Centre
|
2022-03-17 14:42:49 +01:00 |
iglocska
|
0ada3e9bb5
|
fix: [signing] add try/catch around the gpg initialisation
- otherwise instances without gpg set up will fail when viewing events
|
2022-03-17 14:28:56 +01:00 |
Jakub Onderka
|
f208c656ea
|
chg: [cryptograhicKey] Simplified code for event pushing
|
2022-03-17 13:58:25 +01:00 |
Sami Mokaddem
|
9307a07760
|
fix: [events:edit] Correctly collects saved cryptographic keys when pushing an edit
|
2022-03-17 12:38:19 +01:00 |
iglocska
|
26ea06f2d9
|
fix: [gpg key] handle the lack of an instance key more gracefully
|
2022-03-17 02:31:45 +01:00 |
iglocska
|
a63a628a1a
|
fix: [cryptograhicKey] instance key fingreprint caching fixed
|
2022-03-17 01:44:58 +01:00 |
iglocska
|
e8dcb31623
|
Merge branch 'feature/protected_mode' into develop
|
2022-03-17 01:43:44 +01:00 |
iglocska
|
8ea0b2cb56
|
chg: [unused endpoint] removed
|
2022-03-17 00:57:41 +01:00 |
iglocska
|
f8957cd62e
|
new: [instance key ingestion] added caching
- cache the fingerprint of the instance for 5 minutes
- avoid an unnecesary overhead by caching the value for 5 minutes
|
2022-03-17 00:53:02 +01:00 |
iglocska
|
8eff854fce
|
fix: [signing validation] use the existing event rather than the incoming event for edits
- the ground truth for allowing edits is in the LOCAL version of the event
- prevents tampering attempts
- also cleanup of repetive file upload code
|
2022-03-17 00:41:55 +01:00 |
iglocska
|
259a19a374
|
fix: [sync] removed newly added locked field as a sanitized sync field
- ends up creating unlocked events on the remote, preventing future edits
|
2022-03-16 15:36:58 +01:00 |