MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

MISP 2.4.99 release added

pull/8/head
Alexandre Dulaunoy 2018-12-06 15:21:13 +01:00
parent bbfc53635d
commit 3c1692bff2
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
_posts/2018-12-06-MISP.2.4.99.released.md Executable file
View File

@ -0,0 +1,29 @@
---
title: MISP 2.4.99 released (aka API/UI fixes and critical security vulnerability fixed)
layout: post
featured: /assets/images/misp-small.png
---
A new version of MISP ([2.4.99](https://github.com/MISP/MISP/tree/v2.4.99)) has been released with improvements in the UI, API, STIX import and a critical security vulnerability was fixed.
Thanks to Francois-Xavier Stellamans from NCI Agency Cyber Security who reported a critical vulnerability in the STIX 1 import code. The vulnerability allows a malicious authenticated user can inject command in an incorrectly escaped variable name (the original final of the STIX file). We strongly urge users to update their MISP instance to the latest version. We also replaced the mechanism of adding original filename as a default internal MISP function to limit further risk in the future. CVE allocation is pending (the page will be updated when we'll receive it).
This release includes the following changes:
- The following attribute types were added x509-fingerprint-md5 and x509 -fingerprint-sha256 to the network activity category.
- A new CLI interface to cleanup the brute-force protection entries from MISP.
- Some warning messages inconsistencies were fixed in the UI.
- Added a warning when a site administrator is trying to edit an event not belonging to the organisation of the site admin.
- [API] Object edit has been fixed to return the object in the correct format.
- When editing an object to add new attributes, correctly set the default distribution if nothing is set.
- Many fixes and improvement in the STIX 1 and STIX 2.0 import.
- XML MISP export has been fixed.
We would like to thank all the contributors, reporters and users who helped us in the past days to improve MISP.
MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were extended by many contributors. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.
A detailed and [complete changelog is available](http://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements.
Don't hesitate to have a look at our [events page](http://www.misp-project.org/events/) to see our next activities to improve threat intelligence, analytics and automation.