mirror of https://github.com/MISP/misp-website
chg: [blog] MISP 2.4.123 release
parent
ebeba307c3
commit
1704d0aa2a
209
Changelog.txt
209
Changelog.txt
|
@ -1,6 +1,215 @@
|
|||
Changelog
|
||||
=========
|
||||
|
||||
v2.4.123 (2020-03-10)
|
||||
---------------------
|
||||
|
||||
New
|
||||
~~~
|
||||
- [dashboard] added template delete functionality. [iglocska]
|
||||
- [dashboard] persistence package. [iglocska]
|
||||
|
||||
- export dashboard state
|
||||
- import dashboard state
|
||||
- save dashboard state
|
||||
- make it available to others on the instance on demand
|
||||
- admins can set a default password for users that don't have anything configured yet
|
||||
- load another template based on what the community has shared
|
||||
- added Whoami widget which was an outcome of the ESDC training
|
||||
- various improvements, new fields for genericElements, etc
|
||||
- [workers] restart all dead workers. [iglocska]
|
||||
- [widgets] Whoami widget added. [iglocska]
|
||||
- [dashboard] various fixes / improvements. [iglocska]
|
||||
|
||||
- simple list now accepts arrays for values
|
||||
- fixed margin issues
|
||||
- fixed empty sync test issues
|
||||
- [dashboard] added a way to auto reload widgets. [iglocska]
|
||||
|
||||
- has to be defined in the code of the widget
|
||||
- [widget] World map widget added. [iglocska]
|
||||
- [dashboard] Resource widget added. [iglocska]
|
||||
- [favourite] glow orange when on the page that is already bookmarked.
|
||||
[iglocska]
|
||||
|
||||
- thanks to @mokaddem (graphman) for the idea
|
||||
- [dashboard] Added cachelifetimg setting as opposed to hard-coded
|
||||
value. [iglocska]
|
||||
- [dashboard] Added server resource module and some fixes. [iglocska]
|
||||
- [Dashboard] added hook to check for permissions on module load.
|
||||
[iglocska]
|
||||
|
||||
- allows for modules to have role / host org restrictions
|
||||
- [Dashboard] system. [iglocska]
|
||||
|
||||
- Dashboard
|
||||
- modular similar to restSearch
|
||||
- build your own widgets
|
||||
- use a set of visualisation options (more coming!)
|
||||
- full access to internal functions for queries
|
||||
- auto discover core and 3rd party widgets
|
||||
- rearrange / configure widgets for each user individually
|
||||
- rearrange / resize widgets
|
||||
- settings can be configured by a site-admin on behalf of others
|
||||
- modules have a self-explain mode to guide users
|
||||
- caching mechanism for the modules / org
|
||||
|
||||
- set homepage / user
|
||||
- various other fixes
|
||||
- [API] object level restSearch added. [iglocska]
|
||||
|
||||
still WiP
|
||||
|
||||
Changes
|
||||
~~~~~~~
|
||||
- [stix2] Bumped latest stix2 python library version. [chrisr3d]
|
||||
- Bump PyMISP. [Raphaël Vinot]
|
||||
- [version] bump. [iglocska]
|
||||
- [cleanup] removed alert. [iglocska]
|
||||
- [misp-warninglists] updated to the latest version. [Alexandre
|
||||
Dulaunoy]
|
||||
- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- [misp-taxonimies] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- [dashboard] world map scale parameterised. [iglocska]
|
||||
- [widget:worldmap] Reusage of declated variable. [mokaddem]
|
||||
- [widget:worldmap] Various JS and UI Improvements. [mokaddem]
|
||||
|
||||
- Variables and function have their own scope, not overridin each other
|
||||
- Scale color ranges from blue to red
|
||||
- Tooltip picks the correct data instead of the latest declared one
|
||||
- PHP no longuer printed in JS, avoiding the need of `eval` command
|
||||
- Widget redraw itself after a page resize
|
||||
- [login] Display last time the user logged in. [mokaddem]
|
||||
- [response header] Added `X-XSS-Protection` header. [mokaddem]
|
||||
|
||||
- As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB)
|
||||
- [server:rest] Query builder gets loaded with body after the POST.
|
||||
[mokaddem]
|
||||
|
||||
fix #5680
|
||||
- Removed unwanted indentation. [mokaddem]
|
||||
- [dashboard] show owner email of template to site owners and the owner
|
||||
themselves. [iglocska]
|
||||
- [dashboard] cleanup. [iglocska]
|
||||
|
||||
prevent @mokaddem's and @rommelfs's eyes from bleeding
|
||||
- [misp-object] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- [dashboard] Allow for the use of subdirectories in
|
||||
/app/Lib/Dashboard/Custom to be able to git clone repos. [iglocska]
|
||||
- [querystring] bumped. [iglocska]
|
||||
- [dashboard] views for widgets updated. [iglocska]
|
||||
- [clenaup] removed old dashboard. [iglocska]
|
||||
- [dashboard] Custom dir added. [iglocska]
|
||||
- [wip] test. [iglocska]
|
||||
- [misp-object] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
|
||||
- Make contact reporter gender neutral. [Raphaël Vinot]
|
||||
- [i18n] Updated: Simplified Chinese, German, Italian, Spanish, Russian.
|
||||
[Steve Clement]
|
||||
- [i18n] Updated pot files. [Steve Clement]
|
||||
|
||||
Fix
|
||||
~~~
|
||||
- [travis] ANTLR 4.8 works again. [Raphaël Vinot]
|
||||
- [ACL] added deleteTemplate. [iglocska]
|
||||
- [dashboards:edit] Prevent overriding the edited template with data
|
||||
stored in user-settings. [mokaddem]
|
||||
- [dashboard:saveTemplate] Prevent array re-indexing causing issue with
|
||||
HTML select's option value. [mokaddem]
|
||||
- [dashboard] grid scope fix. [iglocska]
|
||||
- [sfv] Checksums wrong. [Steve Clement]
|
||||
- [dashboard] several small fixes. [iglocska]
|
||||
|
||||
- fixed issue of first few updates failing right after adding a self updating widget
|
||||
- don't try to reload a removed widget
|
||||
- fixed the internal random parametrised widget refresh to something more sane
|
||||
- [user:resetAuthkey] Allows the function to be called. [mokaddem]
|
||||
- [flashErrorMessage] Sanitized error message printed by session that
|
||||
should never contains user-made text. [mokaddem]
|
||||
|
||||
- Better safe than sorry
|
||||
- [user:edit] Prevent password change with the current password.
|
||||
[mokaddem]
|
||||
|
||||
- As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB)
|
||||
- [user:edit] Correctly re-insert form data wipping password
|
||||
information. [mokaddem]
|
||||
- [security] Fixed presistent xss in the sighting popover tool.
|
||||
[mokaddem]
|
||||
|
||||
- As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB)
|
||||
- [user:resetauthkey] Method can only be accessed via POST request.
|
||||
[mokaddem]
|
||||
|
||||
- As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB)
|
||||
- [security] Fix reflected xss via unsanitized URL parameters.
|
||||
[mokaddem]
|
||||
|
||||
- As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB)
|
||||
- [settings] `require_password_confirmation` set to true by default.
|
||||
[mokaddem]
|
||||
- [attribute:validation] Better validation of IPv6-[dst/src] and
|
||||
improved display. [mokaddem]
|
||||
|
||||
fix #5682
|
||||
- [logs] pagination settings are lost when flipping pages after a
|
||||
search. [iglocska]
|
||||
- [widgets] worldmap fixed. [iglocska]
|
||||
- [dashboards] fixed invalid recall of dashboard template. [iglocska]
|
||||
- [ACL] added new function to ACL. [iglocska]
|
||||
- [js] fixed invalid defaults passed from php. [iglocska]
|
||||
- [cleanup] removed disabling the caching of dashboard widgets for debug
|
||||
purposes. [iglocska]
|
||||
- [dashboard] Some widget visualisation fixes. [iglocska]
|
||||
- [cleanup] [iglocska]
|
||||
- [synctool] tests improved. [iglocska]
|
||||
- [CLI] change authkey description fixed. [iglocska]
|
||||
- [homepage] redirects fixed. [iglocska]
|
||||
- [user settings] fixed unlocking of API routes. [iglocska]
|
||||
- [dashboard] fixed an issue when adding a widget with an empty config.
|
||||
[iglocska]
|
||||
- [API] Json converter fixed. [iglocska]
|
||||
- [dashboard] fixed multiple adds failing. [iglocska]
|
||||
- [dashboard] Fixed adding widgets losing their config settings.
|
||||
[iglocska]
|
||||
- [dashboard] custom routing fixed. [iglocska]
|
||||
- [i18n] Various edits and small __('') addeage. [Steve Clement]
|
||||
|
||||
Other
|
||||
~~~~~
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
|
||||
- Bumped db_version. [Sami Mokaddem]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre
|
||||
Dulaunoy]
|
||||
- Merge pull request #5687 from MISP/feature-widget-improvement. [Andras
|
||||
Iklody]
|
||||
|
||||
chg: [widget:worldmap] Various JS and UI Improvements
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
|
||||
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre
|
||||
Dulaunoy]
|
||||
- Merge branch 'feature/dashboard' into 2.4. [iglocska]
|
||||
- Merge branch '2.4' into feature/dashboard. [iglocska]
|
||||
- Merge pull request #5670 from SteveClement/i18n. [Steve Clement]
|
||||
|
||||
chg: [i18n] Updated: Simplified Chinese, German, Italian, Spanish, Russian
|
||||
- Merge pull request #5669 from SteveClement/i18n. [Steve Clement]
|
||||
|
||||
chg: [i18n] Updated pot files
|
||||
- Merge branch '2.4' into i18n. [Steve Clement]
|
||||
- Merge pull request #5668 from SteveClement/i18n. [Steve Clement]
|
||||
|
||||
fix: [i18n] Various edits and small __('') addeage.
|
||||
|
||||
|
||||
v2.4.122 (2020-02-26)
|
||||
---------------------
|
||||
|
||||
|
|
Loading…
Reference in New Issue