MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [blog] MISP 2.4.145 ans 2.4.146 released

pull/48/head
Alexandre Dulaunoy 2021-07-05 07:45:38 +02:00
parent dcb658f480
commit 59c6c2d240
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
_posts/2021-07-05-MISP.2.4.145-and-2.4.146.released.md Normal file
View File

@ -0,0 +1,54 @@
---
title: MISP 2.4.145 and 2.4.146 released (Improved warning-lists)
layout: post
featured: /assets/images/misp/blog/misp-openapi.png
---
# MISP 2.4.145 and 2.4.146 released
MISP 2.4.145 and 2.4.146 released including a massive update to the MISP warning-lists, various improvements and security fixes.
# MISP warning-lists improvements.
[Warning lists](https://github.com/misp/misp-warninglists) system has been significantly improved (thanks to Jakub Onderka).
- Custom warning lists can be created and managed in the MISP user-interface
- Warning lists can be now imported via API
- Warning lists changes are exported in the ZMQ channel
- Warning lists include new categories to describe the scope
# New features
## Summary email notification
New event summaries only added as a new setting. This feature publish the normal alert reports excluding attributes and object to only describe a summary of the alert. This can
be used when encryption cannot be enabled and organisations still require email alerting.
## Documentation
A new documentation has been added to describe the session and cookie handling in MISP.
## API
- Read only authentication keys feature has been added. (don't forget to enable the advanced authentication key feature)
# Security Fixes
- Various fixes regarding XSS and potential escaping issues including [CVE-2021-35502](https://cvepremium.circl.lu/cve/CVE-2021-35502).
Thanks to the reporters including Nicolas Vidal from TEHTRIS.
# Various improvements
- [OpenAPI] - Missing return formats added to the documentation
- [server caching] only push data to redis / logs if there's something to push
- [attribute] validation tightened for empty strings. A value containing only control characters will now be blocked from entry.
- [feeds] Added 3 daily feeds (ssh bruteforce, telnet bruteforce, URLs seen) from the APNIC Community Honeynet Project
# Acknowledgement
We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html)
.
As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements.