From 1562503b6315b8c9c9c03b8adf53b4cd3e1e9fa1 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 5 Apr 2024 15:23:30 +0200 Subject: [PATCH] chg: [changelog] updated --- static/Changelog-PyMISP.txt | 9 ++ static/Changelog-misp-galaxy.txt | 22 +++- static/Changelog-misp-objects.txt | 51 ++++++++ static/Changelog-misp-taxonomies.txt | 8 +- static/Changelog-misp-warninglists.txt | 11 ++ static/Changelog.txt | 163 +++++++++++++++++++++++++ 6 files changed, 262 insertions(+), 2 deletions(-) diff --git a/static/Changelog-PyMISP.txt b/static/Changelog-PyMISP.txt index 5e4ac01..aa16a99 100644 --- a/static/Changelog-PyMISP.txt +++ b/static/Changelog-PyMISP.txt @@ -2,6 +2,15 @@ Changelog ========= +%%version%% (unreleased) +------------------------ + +Changes +~~~~~~~ +- [data] describeTypes file updated. [Alexandre Dulaunoy] +- Bump deps. [Raphaël Vinot] + + v2.4.188 (2024-03-22) --------------------- diff --git a/static/Changelog-misp-galaxy.txt b/static/Changelog-misp-galaxy.txt index 2b18e59..8a9d3e4 100644 --- a/static/Changelog-misp-galaxy.txt +++ b/static/Changelog-misp-galaxy.txt @@ -1,10 +1,30 @@ # Changelog -## %%version%% (unreleased) +## v2.4.189 (2024-04-05) ### Other +* Merge pull request #957 from gregWDumont/NACE_CODE_valid. [Alexandre Dulaunoy] + + [Sector] Add NACE_CODE to cluster + +* [Sector] Add NACE_CODE to cluster. [gregWDumont] + +* Merge pull request #953 from Mathieu4141/threat-actors/d9ef3240-7f58-453c-926b-7757caf17f1a. [Alexandre Dulaunoy] + + [threat actors] 4 new actors and 1 alias + +* [threat-actors] Add UNC5174. [Mathieu4141] + +* [threat-actors] Add Saad Tycoon. [Mathieu4141] + +* [threat-actors] Add Edalat-e Ali. [Mathieu4141] + +* [threat-actors] Add SilitNetwork. [Mathieu4141] + +* [threat-actors] Add Lazarus Group aliases. [Mathieu4141] + * Merge pull request #952 from Delta-Sierra/main. [Alexandre Dulaunoy] add Germany as target for several Threat actors diff --git a/static/Changelog-misp-objects.txt b/static/Changelog-misp-objects.txt index 6d72229..7ce2b5b 100644 --- a/static/Changelog-misp-objects.txt +++ b/static/Changelog-misp-objects.txt @@ -1,6 +1,57 @@ # Changelog +## v2.4.189 (2024-04-05) + +### New + +* [cert-pl-phishing] first draft of a template for the CERT.PL phishing system. [Alexandre Dulaunoy] + +### Changes + +* [cert-pl-phishing] fixed. [Alexandre Dulaunoy] + +* [cert-pl-phishing] fixed. [Alexandre Dulaunoy] + +* [schema] add the new 'integer' attribute type in the JSON schema. [Alexandre Dulaunoy] + +* [pe] Using the new `integer` attribute type. [Christian Studer] + +* [pe] Added `characteristics` & `machine-type` enumerations. [Christian Studer] + + - Characteristics are usually in a list, so we + have now both the list of characteristics with + their name, and the hex value of the addition + of all the characteristics numeric values + - We represent the machine type with its name + +* [ddos] object type alone authorized if the source/target cannot be disclosed. [Alexandre Dulaunoy] + +### Fix + +* [pe] Removing the `disable_correlation` flag for a `size-in-bytes` attribute type. [Christian Studer] + +* [pe] typo fixed. [Alexandre Dulaunoy] + +* [pe] Sizes in the PE format should be in bytes. [Christian Studer] + +* [pe] `counter` makes more sense here. [Christian Studer] + +### Other + +* Add: [readme] Added `pe-optional-header` description. [Christian Studer] + +* Add: [pe-optional-header] New object template for PE optional headers. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + +* Add: [pe] Added some PE fields as available with `lief` API. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + + ## v2.4.188 (2024-03-20) ### Changes diff --git a/static/Changelog-misp-taxonomies.txt b/static/Changelog-misp-taxonomies.txt index 48ded7b..14390f5 100644 --- a/static/Changelog-misp-taxonomies.txt +++ b/static/Changelog-misp-taxonomies.txt @@ -1,14 +1,20 @@ # Changelog -## %%version%% (unreleased) +## v2.4.189 (2024-04-05) ### Changes +* [priority-taxonomy] update reference url. [Jeroen Pinoy] + * [malware_classification] add `Stalkerware` from #275. [Alexandre Dulaunoy] ### Other +* Merge pull request #278 from Wachizungu/update-priority-taxonomy-reference-url. [Alexandre Dulaunoy] + + chg: [priority-taxonomy] update reference url + * Merge pull request #277 from cudeso/main. [Alexandre Dulaunoy] Add review-relevance and review-completeness to workflow taxonomy diff --git a/static/Changelog-misp-warninglists.txt b/static/Changelog-misp-warninglists.txt index cc7eeeb..97115c0 100644 --- a/static/Changelog-misp-warninglists.txt +++ b/static/Changelog-misp-warninglists.txt @@ -1,6 +1,17 @@ # Changelog +## v2.4.189 (2024-04-05) + +### New + +* [warning-lists] add the check-host.net source of IP addresses. [Alexandre Dulaunoy] + +### Changes + +* [warning-lists] updated. [Alexandre Dulaunoy] + + ## v2.4.188 (2024-03-20) ### Changes diff --git a/static/Changelog.txt b/static/Changelog.txt index 3b6ef25..ba29971 100755 --- a/static/Changelog.txt +++ b/static/Changelog.txt @@ -2,6 +2,169 @@ Changelog ========= +v2.4.189 (2024-04-05) +--------------------- + +New +~~~ +- [sighting sync] blocklisting added. [iglocska] + + - block organisations' sightings from being created / pulled + - Added a new option to the restsearch of sightings too which this feature uses if available + - if it isn't, the system will block the insertion on the beforeValidate() level + + - Outcome of the JTAN hackathon on 04.04.2024 in Luxembourg +- [attribute] new attribute type added `integer` [Alexandre Dulaunoy] + + Initially, we utilised a counter type across numerous objects. + + However, the semantic significance of this type became unclear when establishing relationships with integers in various objects. +- [analyst-data] Added Inbound Relationship to all views. [Sami + Mokaddem] + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [GeoOpen] updated to the latest version. [Alexandre Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [taxonomies] updated. [Alexandre Dulaunoy] +- [warninglists] updated. [Alexandre Dulaunoy] +- [misp-galaxy] updated. [Alexandre Dulaunoy] +- [schema] updated. [iglocska] +- [ACL] entries added. [iglocska] +- [setting] added for the sighting blocklisting. [iglocska] +- [sighting restsearch] added org negations. [iglocska] + + - the org_id filter now allows for the use of a prepended '!' character for negations +- [test] Check if MISP and STIX2 are valid in build-test.sh. [Jakub + Onderka] +- [internal] Log exception when importing stix file. [Jakub Onderka] +- [internal] Update misp-stix. [Jakub Onderka] +- [PyMISP] updated. [Alexandre Dulaunoy] +- [internal] Speedup sighting rest search. [Jakub Onderka] +- [UI] event view now only load analyst data for objects/attributes + actually shown via pagination. [iglocska] +- [curl client] added option for timeout. [iglocska] +- [internal] Remove possible empty lines from output. [Jakub Onderka] +- [docs:new-background-workers] add rhel specific steps to migration + guide. [Jeroen Pinoy] +- [test] Check attribute search. [Jakub Onderka] +- [internal] Better error handling when fetching sightings. [Jakub + Onderka] + +Fix +~~~ +- [junk] removed. [iglocska] +- [internal] Try to fix STIX import. [Jakub Onderka] +- [sync] Avoid problem with duplicate sightings UUID. [Jakub Onderka] +- [analyst-data:attachData] Make sure to also load child notes and + opinions. [Sami Mokaddem] + + Changed the old behavior: Before we were loading 3 children. Now, we only load 1 by default. +- [analyst-data:UI] Added missing entries for view elements. [Sami + Mokaddem] +- [analystdata] added to events as the previous commits purged it. + [iglocska] +- [analyst data chunk size] increased. [iglocska] +- [internal] Attribute.php code style fix. [Jakub Onderka] +- [sync] Drop support for zstd from CurlClient. [Jakub Onderka] +- [oidc] Use the same handling of org also for Oidc::isUserValid. [Jakub + Onderka] +- [search] Attribute search error 500 because of force index search. + [Jakub Onderka] +- [UI] Showing event logo in correlation graph. [Jakub Onderka] +- [internal] Check if values is not empty for MysqlExtended. [Jakub + Onderka] +- [internal] Undefined index in error message during sync. [Jakub + Onderka] +- [doc:rhel-installer] Correct conditional addition of httpd Listen 443 + line. [Jeroen Pinoy] +- [API] Cleanup compression marks added by Apache from Etag. [Jakub + Onderka] + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge pull request #9553 from jloehel/fix-9552. [Andras Iklody] + + fix [INSTALL/MySQL]: Create table `user_login_profiles` only if it not exists +- Fix [INSTALL/MySQL]: Create table `user_login_profiles` only if it not + exists. [Jürgen Löhel] + + fixes: #9552 +- Merge pull request #9662 from JakubOnderka/build-test-json-valid. + [Jakub Onderka] + + chg: [test] Check if MISP and STIX2 are valid in build-test.sh +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge pull request #9658 from JakubOnderka/stix-exception-logging. + [Jakub Onderka] + + chg: [internal] Log exception when importing stix file +- Merge pull request #9660 from JakubOnderka/duplicate-sighting-uuid. + [Jakub Onderka] + + fix: [sync] Avoid problem with duplicate sightings UUID +- Merge pull request #9661 from JakubOnderka/misp-stix-update. [Jakub + Onderka] + + chg: [internal] Update misp-stix +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge pull request #8760 from JakubOnderka/sightings-conditions- + simplify. [Jakub Onderka] + + chg: [internal] Speedup sighting rest search +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Alexandre Dulaunoy] +- Merge pull request #9657 from JakubOnderka/remove-php-ends. [Jakub + Onderka] + + chg: [internal] Remove possible empty lines from output +- Merge pull request #9652 from JakubOnderka/curl-zstd-drop. [Jakub + Onderka] + + fix: [sync] Drop support for zstd from CurlClient +- Merge pull request #9649 from JakubOnderka/oidc-is-user-valid-fix. + [Jakub Onderka] + + fix: [oidc] Use the same handling of org also for Oidc::isUserValid +- Merge pull request #9641 from Wachizungu/chg-background-jobs- + migration-guide-add-rhel. [Alexandre Dulaunoy] + + chg: [docs:new-background-workers] add rhel specific steps to migrati… +- Merge pull request #9642 from JakubOnderka/attibute-search-500. [Jakub + Onderka] + + chg: [test] Check attribute search +- Merge pull request #9640 from JakubOnderka/event-log-correlation- + graph. [Jakub Onderka] + + fix: [UI] Showing event logo in correlation graph +- Merge pull request #9637 from JakubOnderka/undefined-index-fixes. + [Jakub Onderka] + + Undefined index fixes +- Merge pull request #9636 from Wachizungu/fix-rhel-httpd-listen-config. + [Alexandre Dulaunoy] + + fix: [doc:rhel-installer] Correct conditional addition of httpd Liste… +- Merge pull request #9635 from JakubOnderka/error-handling-sighting. + [Jakub Onderka] + + chg: [internal] Better error handling when fetching sightings +- Merge pull request #9634 from JakubOnderka/response-etag. [Jakub + Onderka] + + fix: [API] Cleanup compression marks added by Apache from Etag + + v2.4.188 (2024-03-22) ---------------------