iglocska
69031ab35e
Fixed an issue where PGP keys that are set to never expire show up as expired
2015-11-12 09:46:33 +01:00
iglocska
3a540542ed
Merge branch 'hotfix-2.3.156'
2015-11-11 17:04:49 +01:00
iglocska
675ceb2e0e
Better verification of PGP keys
...
- checks whether the key can be used to encrypt and whether it's expired
2015-11-11 17:03:59 +01:00
iglocska
6baa3bea00
Merge branch 'hotfix-2.3.155'
2015-11-10 15:23:29 +01:00
iglocska
6548297b80
Merge branch 'hotfix-2.3.154' into hotfix-2.3.155
...
Conflicts:
VERSION.json
2015-11-10 15:22:10 +01:00
iglocska
9f85c40145
Fix to a security issue
...
- as reported by RichieB2B
- Trying to view an event that doesn't exist and one that the user has no access to resulted in different error messages
2015-11-10 15:18:33 +01:00
iglocska
c46922be12
Fix to a security issue in the PGP fetching tool
...
- reported by RichieB2B
- The scraped URL for the PGP fetching tool was not sanitised before being echoed
2015-11-10 15:17:15 +01:00
iglocska
db2d7dc8de
Merge branch 'hotfix-2.3.154'
2015-11-10 13:47:01 +01:00
iglocska
0d758de89b
Fixed an issue where a linebreak in an event info would break the CSV export, fixes #710
...
- also added comment field for attributes
- until now multi line fields were both escaped and the line breaks removed
- this was overkill, linebreaks are now kept intact
2015-11-10 13:45:40 +01:00
iglocska
596ec80ac9
Merge branch 'master' of https://github.com/MISP/MISP
2015-11-09 23:21:11 +01:00
iglocska
ce99344895
Merge branch 'hotfix-2.3.153'
2015-11-09 23:20:59 +01:00
iglocska
8f485ef98a
Fixed a bug with the attribute search API
2015-11-09 23:18:51 +01:00
Alexandre Dulaunoy
7b631c56cd
Updated PyMISP to the latest version
2015-11-09 21:28:09 +01:00
iglocska
a3661fdcbd
Merge branch 'hotfix-2.3.152'
2015-11-08 22:57:17 +01:00
iglocska
c83b1e2dd0
Fix to the CSV export, fixes #710
2015-11-08 22:56:00 +01:00
iglocska
16e7974fc0
Improved logging, fixes #695
...
- Added logging of failed login attempts
- Added (optional) logging of successful authentications
- admin setting that has to be enabled
- will log all API calls (both HTTP method and target url)
- optional logging of user IP address for all logs
- each log entry created while this setting is enabled will log the IP address of the client
- disabling it also hides the IPs from the interface
- added new IP field for the log search (only if enabled)
2015-11-08 22:35:46 +01:00
iglocska
c3ebc18afa
Merge branch 'develop'
2015-11-03 17:07:19 +01:00
iglocska
8f1363df37
Merge branch 'hotfix-2.3.151' into develop
2015-11-03 17:07:12 +01:00
iglocska
42ad040d3c
Removed obsolete gitignore files, fixes #704
2015-11-03 17:06:21 +01:00
iglocska
5f06e87b6c
Merge branch 'hotfix-2.3.150' into develop
2015-10-31 00:29:59 +01:00
iglocska
4b24cf0c65
Documentation changes
2015-10-31 00:29:15 +01:00
iglocska
9c00d56ed4
View all proposals via the API
...
- Proposals that can be accepted / discarded via the API
- Can restrict the index to the proposals of a single event
2015-10-31 00:18:05 +01:00
iglocska
e12d70c5c3
Merge branch 'hotfix-2.3.149' into develop
2015-10-30 16:30:34 +01:00
iglocska
70eb812060
Merge branch 'hotfix-2.3.149'
2015-10-30 16:29:32 +01:00
iglocska
345e898f5f
Tagging added to the API
...
- Create / Edit / Remove / index / view tags via the API
2015-10-30 16:28:51 +01:00
Iglocska
fdd75f4ae4
Merge branch 'hotfix-2.3.148' into develop
2015-10-28 23:34:58 +01:00
Iglocska
70e776eff1
Merge branch 'hotfix-2.3.148'
2015-10-28 23:34:13 +01:00
Iglocska
059a8aa43a
Added API for proposals
...
- APIs for the following actions:
- Add new proposed attribute to an event
- Add proposed change to an attribute
- View a proposal
- Accept a proposal
- Discard a proposal
- new APIs described on the automation page
2015-10-28 23:32:30 +01:00
Iglocska
f3e1654310
Merge branch 'hotfix-2.3.147'
2015-10-27 15:18:31 +01:00
Iglocska
80f29c1f33
More details on the PGP validation tool
2015-10-27 15:18:04 +01:00
Iglocska
e759803334
Merge branch 'hotfix-2.3.147' into develop
2015-10-27 14:02:01 +01:00
Iglocska
a9df8e4c91
Merge branch 'hotfix-2.3.147'
2015-10-27 14:01:11 +01:00
Iglocska
f9da3f2d2c
Small fix to the pgp key validation tool
...
- doesn't break on completely invalid keys anymore
2015-10-27 14:00:31 +01:00
iglocska
f7f3142a91
Merge branch 'hotfix-2.3.146' into develop
2015-10-27 08:36:14 +01:00
iglocska
ddd51c3a0f
Merge branch 'hotfix-2.3.146'
2015-10-27 08:35:10 +01:00
iglocska
aede05bdc6
Version bump
2015-10-27 08:34:59 +01:00
iglocska
7d651f094b
Fix to a vulnerability found in attributescontroller
...
- vulnerability reported by Airbus Group CERT
- Deprecated ajax attribute view had inverse access control logic
- removed ajax path
- added XML/JSON view
2015-10-27 08:31:48 +01:00
iglocska
679bef35f0
Merge branch 'hotfix-2.3.145' into develop
2015-10-22 09:57:18 +02:00
iglocska
07f411c71f
Merge branch 'hotfix-2.3.145'
2015-10-22 09:52:04 +02:00
iglocska
6fa27d659a
Reverted change in proposal file storage path that wasn't needed
2015-10-22 09:51:31 +02:00
iglocska
35661f24f8
Merge branch 'hotfix-2.3.144' into develop
2015-10-21 23:52:46 +02:00
iglocska
fa55f7fa9d
Merge branch 'hotfix-2.3.144'
2015-10-21 23:51:50 +02:00
iglocska
f4f4f0f069
Version bump
2015-10-21 23:51:36 +02:00
iglocska
26a4705bb3
Removed junk
2015-10-21 23:50:55 +02:00
iglocska
61e865956b
Fixes to several issues, fixes #693
...
- Fixed a critical bug in the XML export
- As of recently XML exports include relations as they were missing before
- the sanitisation of the event info field in related attributes was incorrectly sanitized of unicode characters
- this can lead to the XML export breaking and also for affected events to be blocked from synchronisation
- Proposal fixes
- fixed an invalid uuid generation that lead to an exception
- fixed the attachments for proposals still using the old attachment system that disallows most filenames
- added the automatic creation of hashes for attachment proposals
2015-10-21 23:44:07 +02:00
Iglocska
8abe186661
Merge branch 'hotfix-2.3.143' into develop
2015-10-15 17:45:17 +02:00
Iglocska
1aedfebf33
Merge branch 'hotfix-2.3.143'
2015-10-15 17:45:03 +02:00
Iglocska
4a358c9fee
Removed junk
2015-10-15 17:44:33 +02:00
Iglocska
d3ef52d54c
Merge branch 'hotfix-2.3.143' into develop
2015-10-15 17:41:07 +02:00
Iglocska
136daa1be1
Merge branch 'hotfix-2.3.143'
2015-10-15 17:40:53 +02:00