From 687213403e1d0f7ea2942067586a4579ae60c8ff Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 10 Mar 2021 18:07:59 +0100 Subject: [PATCH] chg: [blog] MISP 2.4.140 released --- _posts/2021-03-10-MISP.2.4.140.released.md | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/_posts/2021-03-10-MISP.2.4.140.released.md b/_posts/2021-03-10-MISP.2.4.140.released.md index 4f91dcf..006a491 100644 --- a/_posts/2021-03-10-MISP.2.4.140.released.md +++ b/_posts/2021-03-10-MISP.2.4.140.released.md @@ -1,5 +1,5 @@ --- -title: MISP 2.4.140 released (Authentication and general improvement release) +title: MISP 2.4.140 released (OpenID support, cross object references in extended events and many improvements) layout: post featured: /assets/images/misp/blog/dashb.png --- @@ -10,9 +10,9 @@ We have released 2.4.140, the latest release for MISP, introducing a host of new # Manage my identity! -MISP already had a host of integration options with various IDPs, but this release will give you some additional options, in the shape of OpenID Connect authentication and Azure Active Directory Authentication integrations. Have a look at the various authentication plugins' configuration in the MISP/app/Plugin directory. +MISP already had a host of integration options with various IDPs, but this release will give you some additional options, in the shape of [OpenID Connect authentication](https://github.com/MISP/MISP/tree/2.4/app/Plugin/OidcAuth) and [Azure Active Directory Authentication](https://github.com/MISP/MISP/tree/2.4/app/Plugin/AadAuth) integrations. Have a look at the various authentication plugins' configuration in the MISP/app/Plugin directory. -# Built in security report +# Built in security report of your MISP instance As of this release, you can get some guidance on the security posture and potential security impacting misconfigurations and best practices via the new security audit tool, locate in the diagnostics section of the server settings. Make sure you go through the tools findings and make any changes you find appropriate from the suggestions offered. When in doubt, feel free to start a discussion on the [support chat](https://gitter.im/MISP/Support) hosted on gitter. @@ -26,10 +26,18 @@ Whilst extended events were the most flexible way of creating counter analyses i # CLI improvements -We want to make scripting and using the CLI in general a bit more straight-forward. Since the phasing out of the build in task scheduler, we find that there has been a massive uptick in the usage of these tools so expect more improvements in the future. For now, we have added tools to list the connectd servers directly from the CLI, to be able to automate the sync process per connected server. +We want to make scripting and using the CLI in general a bit more straight-forward. Since the phasing out of the build in task scheduler, we find that there has been a massive uptick in the usage of these tools so expect more improvements in the future. For now, we have added tools to list the connect servers directly from the CLI, to be able to automate the sync process per connected server. Additionally, a new set of CLI tools is being built for developers, to ease our lives when trying to modify MISP. The first tool for this toolkit allows us to massage the direct feed description dumps to the expected format for easier modification. +# New types added in MISP + +New full-name, dkim and dkim-signature attribute types were added to MISP. Associated to [DKIM objects](https://www.misp-project.org/objects.html#_dkim) were included to support tools such as Farsight Security dnsdb to add DKIM information in your investigations. + +# Security Vulnerability + +An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors. Thanks to Jeroen Pinoy for the report. The vulnerability has [CVE-2021-27904](https://cvepremium.circl.lu/cve/CVE-2021-27904) assigned. + # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html)