chg: [static] updated

2023-08-01 15:31:59 +02:00 · 2023-08-01 15:31:59 +02:00 · 67cc309fff
parent 8ce55090d2
commit 67cc309fff
12 changed files with 144852 additions and 99843 deletions
--- a/static/Changelog-PyMISP.txt
+++ b/static/Changelog-PyMISP.txt
@ -2,6 +2,24 @@ Changelog
 =========


+v2.4.174 (2023-07-31)
+---------------------
+
+Changes
+~~~~~~~
+- Bump changelog. [Raphaël Vinot]
+- Bump version, templates. [Raphaël Vinot]
+- Bump deps, fix code accordingly. [Raphaël Vinot]
+
+Fix
+~~~
+- Push code changes related to deps upgrade... [Raphaël Vinot]
+
+Other
+~~~~~
+- Git: Bump deps. [Raphaël Vinot]
+
+
 v2.4.173 (2023-07-10)
 ---------------------

--- a/static/Changelog-misp-galaxy.txt
+++ b/static/Changelog-misp-galaxy.txt
@ -1,10 +1,32 @@
 # Changelog


-## %%version%% (unreleased)
+## v2.4.174 (2023-07-31)
+
+### Changes
+
+* [sigma] updated to the latest version. [Alexandre Dulaunoy]
+
+* [sigma] updated to the latest version. [Alexandre Dulaunoy]
+
+* [threat-actor] added references, origin country, aliases to `Sea Turtle` [Rony]
+
+* [sigma] updated to the latest rules. [Alexandre Dulaunoy]

 ### Other

+* Merge pull request #855 from r0ny123/Sea-Turtle. [Alexandre Dulaunoy]
+
+  Update to `Sea Turtle`
+
+* Merge branch 'MISP:main' into Sea-Turtle. [Rony]
+
+* Merge pull request #854 from nyx0/main. [Alexandre Dulaunoy]
+
+  upd: Add Worok TA and update APT-Q-12 to APT-C-60 as it was the first
+
+* Upd: Add Worok TA and update APT-Q-12 to APT-C-60 as it was the first name mention in an article. [Thomas Dupuy]
+
 * Merge pull request #853 from Delta-Sierra/main. [Alexandre Dulaunoy]

  add SmugX & RedDelta
--- a/static/Changelog-misp-modules.txt
+++ b/static/Changelog-misp-modules.txt
@ -1,10 +1,28 @@
 # Changelog


-## %%version%% (unreleased)
+## v2.4.174 (2023-07-31)
+
+### Changes
+
+* [expansion:extract_url_components] Better support in case attributes are not defined. [Sami Mokaddem]
+
+* [action:mattermost] Improved support of hostname/url. [Sami Mokaddem]
+
+### Fix
+
+* [google_safe_browsing] Added pysafebrowsing in REQUIREMENTS. [Sami Mokaddem]

 ### Other

+* Merge branch 'main' of github.com:MISP/misp-modules into main. [Sami Mokaddem]
+
+* Merge pull request #629 from TinyHouseHippos/abuseipdb_googlesafebrowsing. [Sami Mokaddem]
+
+  Added the new attribute and tags for AbuseIPDB and added the google s…
+
+* Added the new attribute and tags for AbuseIPDB and added the google safe browsing expansion module. [Steph S]
+
 * Merge pull request #627 from hyasinfosec/main. [Alexandre Dulaunoy]

  Added User Agent
--- a/static/Changelog-misp-objects.txt
+++ b/static/Changelog-misp-objects.txt
@ -1,7 +1,7 @@
 # Changelog


-## %%version%% (unreleased)
+## v2.4.174 (2023-07-31)

 ### New

@ -9,10 +9,70 @@

 ### Changes

+* [malware-config] to add attachment and description of the malware config. [Alexandre Dulaunoy]
+
+* [scan-results] jq all the things. [Alexandre Dulaunoy]
+
+* [ja3s] Add domain and hostname attributes. [417190e5c48babc7]
+
+* [relationships] Added some relationships defined in STIX 2.1 & updated some opposite relationships in consequence. [Christian Studer]
+
 * [hhhash] newline fixed. [Alexandre Dulaunoy]

+### Fix
+
+* [malware-config] typo fixed. [Alexandre Dulaunoy]
+
+* [impacts] Typo. [Christian Studer]
+
+* [confidentiality-impact] JQed. [Christian Studer]
+
 ### Other

+* Merge pull request #401 from mFaou/main. [Alexandre Dulaunoy]
+
+  Fix for https://github.com/MISP/misp-objects/issues/390
+
+* Removed line break. [Matthieu Faou]
+
+* Added internet scanning tools to scan-result. [Matthieu Faou]
+
+* Merge pull request #400 from 417190e5c48babc7/ja3s-hostname-and-domain-attributes. [Alexandre Dulaunoy]
+
+  chg: [ja3s] Add domain and hostname attributes
+
+* Merge pull request #396 from MISP/chrisr3d_patch. [Alexandre Dulaunoy]
+
+  New object templates to support new STIX 2.1 Incident extension objects
+
+* Add: [incident] Added the score attribute. [Christian Studer]
+
+  - We will probably parse scores and build the
+    attribute value the following way:
+    "{name} - {description}: {score}"
+
+* Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch. [Christian Studer]
+
+* Wip: [task] New object template for tasks as described in STIX 2.1 Incident object extensions. [Christian Studer]
+
+* Wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions. [Christian Studer]
+
+* Wip: [event] New object template to describe events that can happen during an incident. [Christian Studer]
+
+* Add: [incident] Added the required object relation. [Christian Studer]
+
+* Add: [incident] Incident object based on the STIX 2.1 Incident object as well as its core extension. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch. [Christian Studer]
+
+* Merge pull request #399 from TinyHouseHippos/abuseipdb_googlesafebrowsing. [Sami Mokaddem]
+
+  Added a is-malicious attribute for abuseipdb and added a google-safe-…
+
+* Fixed json formatting. [Steph S]
+
+* Added a is-malicious attribute for abuseipdb and added a google-safe-browsing object for the google-safe-browsing expansion module. [Steph S]
+
 * Merge pull request #397 from GeekWeekSteph/abuseipdb. [Alexandre Dulaunoy]

  Added AbuseIPDB object template for the AbuseIPDB expansion module
--- a/static/Changelog-misp-stix.txt
+++ b/static/Changelog-misp-stix.txt
@ -1,6 +1,131 @@
 # Changelog


+## v2.4.174 (2023-07-31)
+
+### Changes
+
+* [poetry] Bumped lock file. [Christian Studer]
+
+* [stix import] Simplified data path. [Christian Studer]
+
+* [tests] Updated tests for sightings import. [Christian Studer]
+
+  - Also changed some sample to have different order
+    with Identity objects in order to test properly
+    our recent changes on loading and converting the
+    sightings, which purpose was to avoid issues
+    with the STIX objects order
+
+* [stix2 import] Updated the External STIX 2 Identity objects mapping to MISP `organization` objects following recent updates on that template. [Christian Studer]
+
+* [readme] Updated MISP collections to STIX 1 export example. [Christian Studer]
+
+* [readme] Updated usage documentation following recent changes on the command-line feature and some helper methods. [Christian Studer]
+
+* [poetry] Bumped latest dependencies. [Christian Studer]
+
+### Fix
+
+* [stix2 import] Differenciating between internal and external stix content regarding the external references handling. [Christian Studer]
+
+* [tests] Fixed tests for vulnerability cluster import following recent changes on the meta fields. [Christian Studer]
+
+* [stix2 import] Fixed vulnerability cluster meta fields parsing. [Christian Studer]
+
+* [tests] Fixed the vulnerability clusters meta tests according to the latest changes on the external id (cve) field parsing. [Christian Studer]
+
+* [stix2 export] Fixed vulnerability clusters meta fields parsing. [Christian Studer]
+
+* [stix2 export] Fixed `malware_types` fields & added missing method for `threat_actor_types` parsing. [Christian Studer]
+
+* [stix2 import] Added missing `annotation` object metadata parsing. [Christian Studer]
+
+* [tests] Removed some results writing in files which were used at some point for debugging purposes and forgotten in the code vastness. [Christian Studer]
+
+* [stix2 import] Shorter obervable types extraction while still including the recent fix to avoid issues with observables that are of `dict` type. [Christian Studer]
+
+* [stix1 export] Fixed backward compatibility with old object templates. [Christian Studer]
+
+* [stix2 export] Fixed backward compatibility with old object templates. [Christian Studer]
+
+* [stix import] Sanitised the import variables declaration to avoid issue with wrong value format. [Christian Studer]
+
+* [command-line] Fixed results message. [Christian Studer]
+
+* Observable type access for dict type. [Sura De Silva]
+
+* [stix2 import] Typo within the Opinion objects loading method. [Christian Studer]
+
+* [stix2 import] Better handling of MISP Sightings import. [Christian Studer]
+
+  - Storing `Sighting` & `Opinion` objects instead
+    of converting them to MISP Sightings while
+    loading them, because in some cases we need the
+    information of the related org, which is not
+    always already loaded when the need its info
+  - We convert the STIX objects to Sightings at the
+    end while we loop over the different references
+
+* [stix2 import] Better `Identity` object's identity class field handling. [Christian Studer]
+
+* [stix2 import] Using the Galaxy Cluster adding method to add cluster instead of appending it the the list of clusters. [Christian Studer]
+
+### Other
+
+* Merge branch 'main' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'dev' of github.com:misp/misp-stix. [Christian Studer]
+
+* Merge pull request #45 from SYNchroACK/fix/wrong-import. [Christian Studer]
+
+  Fix wrong stix observables import
+
+* Fix wrong stix observables import. [Tomas Lima]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix into dev. [Christian Studer]
+
+* Wip: [stix2 import] Updated the import conversion of internal STIX 2.x Identity objects to better support recent changes on the `organization` template. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge pull request #46 from dragsu/fix-observable-access-dict-type. [Christian Studer]
+
+  fix: `type` access for dict type Observables
+
+* Merge branch 'main' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Add: [stix2 import] Importing Identity objects with `identity_class` set to organization as `organization` object. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix into dev. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix into dev. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+* Add: [stix2 import] Adding relations between galaxy clusters. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-stix into dev. [Christian Studer]
+
+* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer]
+
+
 ## v2.4.172 (2023-06-09)

 ### Changes
--- a/static/Changelog-misp-taxonomies.txt
+++ b/static/Changelog-misp-taxonomies.txt
@ -1,7 +1,15 @@
 # Changelog


-## %%version%% (unreleased)
+## v2.4.174 (2023-07-31)
+
+### Changes
+
+* [misp-workflow] Added more entries related to curation. [Sami Mokaddem]
+
+### Fix
+
+* [misp-workflow] Bumped version. [Sami Mokaddem]

 ### Other

--- a/static/Changelog-misp-warninglists.txt
+++ b/static/Changelog-misp-warninglists.txt
@ -1,6 +1,20 @@
 # Changelog


+## v2.4.174 (2023-07-31)
+
+### Changes
+
+* [lists] warning-lists updated. [Alexandre Dulaunoy]
+
+* [tools] CRL tool updated to support latest version of dnspython. [Alexandre Dulaunoy]
+
+  Add exception handling for some CRL (in China) returning incorrect DNS
+  response from their authoritative servers.
+
+* [lists] updated to the latest version. [Alexandre Dulaunoy]
+
+
 ## v2.4.173 (2023-07-04)

 ### Changes
--- a/static/Changelog.txt
+++ b/static/Changelog.txt
@ -2,6 +2,241 @@ Changelog
 =========


+v2.4.174 (2023-07-31)
+---------------------
+
+New
+~~~
+- [Authkeys] Add setting to mandate IP allowlist for advanced authkeys.
+  [Jeroen Pinoy]
+- [workflow:editor] Added support of frame nodes in editor and drawflow
+  lib. [Sami Mokaddem]
+- [workflow:editor] Added min/max-imize support for module sidebar.
+  [Sami Mokaddem]
+- [workflow:editor] Added hash-path picker helper functionality. [Sami
+  Mokaddem]
+- [workflow:editor] Added support of quick insert on link. [Sami
+  Mokaddem]
+- [workflow-module] Added debug function to send custom request to debug
+  endpoint. [Sami Mokaddem]
+- [workflow-modules:tag_replacement] Added tag generic module and
+  support for TLP and PAP. [Sami Mokaddem]
+- [workflow-modules:assign_country_from_enrichment] Added module that
+  tags using the country galaxy based on the provided hash path. [Sami
+  Mokaddem]
+- [workflow-modules:attribute_comment_operation] Added new module to set
+  the comment of an Attribute. [Sami Mokaddem]
+
+Changes
+~~~~~~~
+- [version] bump. [iglocska]
+- [misp-stix] Bumped latest version. [Christian Studer]
+- [PyMISP] Bump. [Raphaël Vinot]
+- [misp-galaxy] version 2.4.174. [Alexandre Dulaunoy]
+- [taxonomies] updated to the latest version 2.4.174. [Alexandre
+  Dulaunoy]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [warninglists] updated to the latest version. [Alexandre Dulaunoy]
+- Bumped queryVersion. [Sami Mokaddem]
+- [event:publishSightingsRouter] Change from prio worker to default.
+  [Sami Mokaddem]
+
+  There is no need to keep this task in prio as sightings are not sync inline anymore.
+- Do not show last button when using light paginator. [Luciano Righetti]
+- [workflow:editor] Make frame node padding configurable. [Sami
+  Mokaddem]
+- [workflow:editor] Small refactoring of drawflow lib. [Sami Mokaddem]
+- [workflow:editor] Moved styling in a class rather than in drawflow
+  lib. [Sami Mokaddem]
+- [workflow:editor] Usage of proxy function to delete nodes. [Sami
+  Mokaddem]
+- [workflow:editor] Improved description in hashpath picker for quick
+  link. [Sami Mokaddem]
+- [workflow:editor] Added support of collapse in hashpath picker. [Sami
+  Mokaddem]
+- [workflow-modules] Replace param type for hashpath input to `hashpath`
+  [Sami Mokaddem]
+- [workflow:logging] Changed logging behavior to be less verbose when
+  debug is not enabled. [Sami Mokaddem]
+
+  - When debug is enabled, it will log eveything as it used to be but also include successfull node execution
+  - When debug is disabled, it will only log execution errors
+- [workflow:editor] Added support of chosen options and disabled inputs.
+  [Sami Mokaddem]
+- [workflow:editor] Add class if node expect MISP core format. [Sami
+  Mokaddem]
+- [workflow-modules:assign_country] Improved behavior when dealing with
+  scopes. [Sami Mokaddem]
+- [workflow-modules:tag_replacement] Improved behavior and added `all`
+  scope. [Sami Mokaddem]
+- [workflow:auditLog] Removed auditlog behavior as it's blocking large
+  workflows to be saved. [Sami Mokaddem]
+- [workflow-modules:assign_country_from_enrichment] Moved from app/Lib
+  to app/Model. [Sami Mokaddem]
+- [workflow-module:generic_filter] Added support of picker_create_new in
+  value list. [Sami Mokaddem]
+- [workflow:matchingItems] Improved any_value and any_value_from for
+  IF::Generic and Filter::Generic. [Sami Mokaddem]
+- [workflow:editor] Added support of list of value for display_on
+  parameter. [Sami Mokaddem]
+- [workflow:editor] Added support of new option `picker_create_new`
+  [Sami Mokaddem]
+- [workflow-modules:generic_filter] Added support of operator
+  `any_value_in` [Sami Mokaddem]
+- [workflow-modules:edition] General improvements, fixed modified data
+  not being reflected in rData and small refactoring. [Sami Mokaddem]
+- [workflow-modules:attach_enrichment] Enable selection of multiple
+  modules and added support of module not accepting misp_format. [Sami
+  Mokaddem]
+
+Fix
+~~~
+- [event:publishSightingsRouter] Make sure to use correct queue for
+  publishSightingsRouter. [Sami Mokaddem]
+
+  Fix bug introduced in 64580168622aeea59997cea5739cf0b8dbcf8bda where workers were set to default but not the queue
+- [workflow] Removed trailing comma in function call. [Sami Mokaddem]
+- Revert loginAction override. [Luciano Righetti]
+- [totp] generate a new totp secret each time a the totp_new endpoint is
+  queried via a GET request, fixes #9220. [iglocska]
+- Light pagination bug in /attributes/search/results see #9157. [Luciano
+  Righetti]
+- [proposal] index should also include the "deleted" field. [iglocska]
+- [proposal] proposal index fix as described 2 commits ago. [iglocska]
+- [debug reverted] reverted erroneously committed debug / exception.
+  [iglocska]
+- [proposal] sync fixes. [iglocska]
+
+  - include disable correlation / proposal to delete fields in the proposal index
+  - this is used on pulls, causing these fields to not be included
+    - especially the proposal to delete field's absence is nasty, as it changes the meaning of the proposal
+- [background workers] speculative fix for issues with publishing.
+  [iglocska]
+
+  - job object not found or not retrieved correctly
+- [proposal accept] fixed for deletions. [iglocska]
+
+  - soft delete rather than hard delete or the propagation will fail
+- [sightings] only pushed via full push to avoid congestion. [iglocska]
+
+  - the old behaviour can be re-enabled via Sightings.enable_realtime_publish
+  - massive performance gain on heavily interconnected instances
+- [stix export] Avoiding issues in the case of empty input. [Christian
+  Studer]
+
+  - With no input, the python script called to
+    convert the MISP input used to barf because
+    there is no input.
+  - Should fix MISP/misp-stix#44
+- [taxii_push] Passing standard MISP JSON format to the `taxii_push`
+  script and by extension to misp-stix. [Christian Studer]
+- [taxii_push] The path `resolve` method needs to be called. [Christian
+  Studer]
+- [security] otp reset otp_secret on logout. [iglocska]
+
+  - changing users within the same session can otherwise lead to the creation of the same otp seed for multiple users
+- [restsearch] searching for ipv6s fails due to compression not being
+  applied, fixes #9042. [iglocska]
+
+  - compress ipv6 addresses in value searches to match the behaviour of automatic compression on saving attributes
+- [authkeys] allow admin read-only key to access audit logs (#9191)
+  [Jeroen Pinoy]
+
+  fix #9190
+- [UI] use acl to determine whether to show "audit logs" and "search
+  logs" buttons (#9192) [Jeroen Pinoy]
+
+  fix #8949
+- [attributes:validation] Allow telfhash to be either 70 or 72 chars
+  long. [Sami Mokaddem]
+- [acl] sighting restsearch should be open to all, fixes #9116. [Andras
+  Iklody]
+- [otp] autofocus added. [iglocska]
+- [taxii_push] Passing standard MISP JSON format to the `taxii_push`
+  script and by extension to misp-stix. [Christian Studer]
+- [workflow:editor] Typo in css rule. [Sami Mokaddem]
+- [workflow:triggers] Fixed typo in column description. [Sami Mokaddem]
+- [workflow:editor] Avoid duplicating labels when path merges on one
+  node. [Sami Mokaddem]
+- [workflow-modules] Prevent exception if no match. [Sami Mokaddem]
+- [event:attachTagsdToEventAndTouch] Make sure to continue adding tag in
+  case of success. [Sami Mokaddem]
+- [workflow:editor] Prevent Run workflow popover after closing. [Sami
+  Mokaddem]
+- [workflow-modules:tag_replacement_generic] Provide tag locality for
+  deletion. [Sami Mokaddem]
+- [workflow-modules:attach_enrichment] Make sure to include selected
+  module config. [Sami Mokaddem]
+- [workflow-modules:generic_filter] Set a default filtering label for
+  new dragged modules. [Sami Mokaddem]
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Merge pull request #9218 from referefref/2.4. [Alexandre Dulaunoy]
+
+  Added James Brine Bruteforce IPs to feed-metadata defaults json
+- Changed feed type to csv and added field identifier value and
+  delimiter. [ref]
+- Added James Brine Bruteforce IPs to feed-metadata defaults json. [ref]
+
+  Added freetext feed endpoint for Bruteforce IPV4 addresses
+- Merge branch 'develop' of github.com:MISP/MISP into
+  feature_workflows/enrichment-improvements. [Sami Mokaddem]
+- Merge pull request #9221 from Wachizungu/add-mandate-ip-allowlist-for-
+  advanced-authkeys-setting. [Alexandre Dulaunoy]
+
+  new: [Authkeys] Add setting to mandate IP allowlist for advanced auth…
+- Merge branch 'develop' of github.com:MISP/MISP into
+  feature_workflows/enrichment-improvements. [Sami Mokaddem]
+- Merge pull request #9211 from righel/fix-attr-search-pagination-9157.
+  [Luciano Righetti]
+
+  fix: light pagination bug in /attributes/search/results see #9157
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'loginAction' into develop. [iglocska]
+- Explicitly set loginAction with baseurl. [Mathieu Rollet]
+- Merge branch 'sighting_push_fix' into develop. [iglocska]
+- Merge branch 'misp-stix' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into misp-stix.
+  [Christian Studer]
+- Merge branch 'misp-stix' of github.com:MISP/MISP into misp-stix.
+  [Christian Studer]
+- Merge branch 'develop' into misp-stix. [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into misp-stix.
+  [Christian Studer]
+- Merge branch '2.4' of github.com:MISP/MISP into misp-stix. [Christian
+  Studer]
+- Merge branch 'misp-stix' of github.com:MISP/MISP into misp-stix.
+  [chrisr3d]
+- Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix.
+  [chrisr3d]
+- Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix.
+  [chrisr3d]
+- Merge branch '2.4' of github.com:MISP/MISP into misp-stix. [chrisr3d]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian
+  Studer]
+- Merge pull request #9194 from MISP/JakubOnderka-patch-1. [Alexandre
+  Dulaunoy]
+
+  NATO MISP only for cyber defense
+- NATO MISP only for cyber defense. [Jakub Onderka]
+
+  According to NATO MISP terms of use, NATO MISP is open only for cyber defense related governmental entities, not to all governmental entities.
+
+
 v2.4.173 (2023-07-11)
 ---------------------

--- a/static/objects.html
+++ b/static/objects.html
--- a/static/objects.pdf
+++ b/static/objects.pdf
--- a/static/taxonomies.html
+++ b/static/taxonomies.html
@ -4,7 +4,7 @@
 <meta charset="UTF-8">
 <meta http-equiv="X-UA-Compatible" content="IE=edge">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
-<meta name="generator" content="Asciidoctor 2.0.18">
+<meta name="generator" content="Asciidoctor 2.0.20">
 <title>MISP taxonomies and classification as machine tags</title>
 <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700">
 <style>
@ -208,13 +208,10 @@ table.tableblock.fit-content>caption.title{white-space:nowrap;width:0}
 .admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #dddddf;color:rgba(0,0,0,.6);word-wrap:anywhere}
 .admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
 .exampleblock>.content{border:1px solid #e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;border-radius:4px}
-.exampleblock>.content>:first-child{margin-top:0}
-.exampleblock>.content>:last-child{margin-bottom:0}
 .sidebarblock{border:1px solid #dbdbd6;margin-bottom:1.25em;padding:1.25em;background:#f3f3f2;border-radius:4px}
-.sidebarblock>:first-child{margin-top:0}
-.sidebarblock>:last-child{margin-bottom:0}
 .sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
-.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
+.exampleblock>.content>:first-child,.sidebarblock>.content>:first-child{margin-top:0}
+.exampleblock>.content>:last-child,.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
 .literalblock pre,.listingblock>.content>pre{border-radius:4px;overflow-x:auto;padding:1em;font-size:.8125em}
@media screen and (min-width:768px){.literalblock pre,.listingblock>.content>pre{font-size:.90625em}}
@media screen and (min-width:1280px){.literalblock pre,.listingblock>.content>pre{font-size:1em}}
@ -393,7 +390,7 @@ b.conum *{color:inherit!important}
 dt,th.tableblock,td.content,div.footnote{text-rendering:optimizeLegibility}
 h1,h2,p,td.content,span.alt,summary{letter-spacing:-.01em}
 p strong,td.content strong,div.footnote strong{letter-spacing:-.005em}
-p,blockquote,dt,td.content,span.alt,summary{font-size:1.0625rem}
+p,blockquote,dt,td.content,td.hdlist1,span.alt,summary{font-size:1.0625rem}
 p{margin-bottom:1.25rem}
 .sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
 .exampleblock>.content{background:#fffef7;border-color:#e0e0dc;box-shadow:0 1px 4px #e0e0dc}
@ -67221,7 +67218,7 @@ pentest namespace available in JSON format at <a href="https://github.com/MISP/m
 <div class="sect3">
 <h4 id="_pentestwebcsrf">pentest:web="CSRF"</h4>
 <div class="paragraph">
-<p>Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they&#8217;re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request.(<a href="https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)" class="bare">https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)</a>)</p>
+<p>Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they&#8217;re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request.(<a href="https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF" class="bare">https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF</a>))</p>
 </div>
 </div>
 <div class="sect3">
@ -86859,7 +86856,7 @@ Exclusive flag set which means the values or predicate below must be set exclusi
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2023-07-28 11:23:08 +0200
+Last updated 2023-08-01 15:30:46 +0200
 </div>
 </div>
 </body>
--- a/static/taxonomies.pdf
+++ b/static/taxonomies.pdf