chg: [changelogs] updated

static/Changelog

@@ -2,6 +2,611 @@ Changelog
 =========
 
 
+v2.4.168 (2023-02-01)
+---------------------
+
+New
+~~~
+- [indexTable] added 3 new simple elements. [iglocska]
+
+  - custom_element -> loop the data through an element set via element_path
+  - model -> for the various log indeces, format the log entry's model entry as MODEL #MODEL_ID
+  - time -> loop the data through the time helper's time() function
+
+Changes
+~~~~~~~
+- [auth] group  authentication code. [Christophe Vandeplas]
+- [misp-stix] Bumped latest version. [Christian Studer]
+- [misp-warninglists] updated to the latest version. [Alexandre
+  Dulaunoy]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+- [PyMISP] Bump. [Raphaël Vinot]
+- [PyMISP] updated. [Alexandre Dulaunoy]
+- [misp-objects] updated. [Alexandre Dulaunoy]
+- [servers:testConnection] Prematurely close the session allowing
+  concurrent requests. [Sami Mokaddem]
+- [taxonomies] updated. [Alexandre Dulaunoy]
+- [logs:event_index] Added notice about displayed data and usage of
+  LightPaginator. [Sami Mokaddem]
+- [warning-lists] updated. [Alexandre Dulaunoy]
+- [event index] changed to the indextable generator. [iglocska]
+- [indexTable] added option for the generic Field to set a default
+  value, if the referenced value is empty. [iglocska]
+
+  - via the key 'empty'
+- [README.md] phrasing. [Andras Iklody]
+- [README.md] added a missing comma. [Andras Iklody]
+
+  Just testing mail filters.... :)
+- [internal] allow site admins ability to view event_creator_email for
+  all events in export. [goodlandsecurity]
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+
+Fix
+~~~
+- [VERSION] bump. [iglocska]
+- [misp-galaxy] Bumped latest version. [Christian Studer]
+- [shadowAttribute:accept] Restored accepting functionality. [Sami
+  Mokaddem]
+
+  Replace cake's magic finder by the standard way to fetch data
+- [security] Prevent unauthorized access to decaying import function.
+  [Sami Mokaddem]
+
+  - as reported by Cyber Controls from SIX Group
+- [security] XSS in eventgraph preview payload. [Sami Mokaddem]
+
+  - as reported by Cyber Controls from SIX Group
+- [security] XSS through network history name. [Sami Mokaddem]
+
+  - as reported by Cyber Controls from SIX Group
+- [tags:relationship] Fixed synchronisation of relationship_type. [Sami
+  Mokaddem]
+- [feed:edit] Make sure to keep orgc_id to its saved value. [Sami
+  Mokaddem]
+- [doc] New year - copyrights updated. [Alexandre Dulaunoy]
+- [README.md] typo fixed. [Andras Iklody]
+
+  testing mail filters further
+- [tags:relationship] Fixed synchronisation of relationship_type. [Sami
+  Mokaddem]
+- [querystring] bumped. [Andras Iklody]
+- [postTest] speculative fix for case sensitivity of headers. [iglocska]
+
+  - as reported by @DavoDirty
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian
+  Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Minor code cosmetic fix. [Christophe Vandeplas]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- [security] XSS in authkey add. [Sami Mokaddem]
+
+  - as reported by Dawid Czarnecki from Zigrin Security
+- Merge pull request #8870 from goodlandsecurity/fix-event-creator-
+  email. [Andras Iklody]
+
+  chg: [internal] allow site admins ability to view event_creator_email for all events in export
+- Merge pull request #8543 from nandelson/2.4. [Alexandre Dulaunoy]
+
+  Fix markdown formatting in INSTALL.rhel7.md
+- Update INSTALL.rhel7.md. [Dan Nelson]
+
+
+v2.4.167 (2022-12-22)
+---------------------
+
+New
+~~~
+- [UI] Show similar objects when creating object from freetext. [Jakub
+  Onderka]
+- [UI] Allow to create object from freetext. [Jakub Onderka]
+- [UI] Preparation for creating object from freetext. [Jakub Onderka]
+- [event-timeline] Added Timestamp distribution chart when the timeline
+  cannot show all items. [Sami Mokaddem]
+- [UI] Add ability to disable discussion. [Jakub Onderka]
+- [log] Access log retention command. [Jakub Onderka]
+- [log] Add ability to log sql queries for access log. [Jakub Onderka]
+- Show highlighted tags in event index. [Luciano Righetti]
+- Add support for highligting certains taxonomies in event view.
+  [Luciano Righetti]
+- Show highlighted tags in event index. [Luciano Righetti]
+- [session killswitch] added endpoint to kill existing sessions for a
+  user. [iglocska]
+
+  - required for integration in MeliCERTes II
+
+Changes
+~~~~~~~
+- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [warning-lists] updated to the latest version. [Alexandre Dulaunoy]
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+- [version] bump. [iglocska]
+- [runaway function] split into easier to comprehend ones. [iglocska]
+- [PyMISP] Re-bump. [Raphaël Vinot]
+- [cleanup] indexfilter unused leftover functionality reworked.
+  [iglocska]
+- [internal] Add blackhole exception logging. [Jakub Onderka]
+- [UI] Add titles for attribute actions. [Jakub Onderka]
+- [UI] Show exception message to user when importing MISP file. [Jakub
+  Onderka]
+- [import] Do not put same comment to all attribute in object. [Jakub
+  Onderka]
+- [internal] Simplify importChoice. [Jakub Onderka]
+- [internal] Move finding object similarities from controller to model.
+  [Jakub Onderka]
+- [internal] Simplify
+  ObjectTemplate::checkTemplateConformityBasedOnTypes method. [Jakub
+  Onderka]
+- [UI] Cleanup for resolved_attributes template. [Jakub Onderka]
+- [internal] Add object code cleanup. [Jakub Onderka]
+- [UI] Nicer user edit for notifications. [Jakub Onderka]
+- [mail] Allow to unsubscribe from notification emails. [Jakub Onderka]
+- [UI] Nicer user view for notifications. [Jakub Onderka]
+- [internal] Keep connection to OIDC when sending emails. [Jakub
+  Onderka]
+- [UI] Simplify global administration menu. [Jakub Onderka]
+- [UI] Rename Tag event to Attach cluster to event for in attack matrix
+  view. [Jakub Onderka]
+- [internal] Remove unused to_ids from
+  AttributesController::fetchViewValue. [Jakub Onderka]
+- [internal] PivotHelper code cleanup. [Jakub Onderka]
+- [UI] Show SightingDB field just when SightingDB is enabled. [Jakub
+  Onderka]
+- [UI] Small fixes. [Jakub Onderka]
+- [UI] Remove dashboard from side menu. [Jakub Onderka]
+- [ACL] Warninglist::checkValue is available for all. [Jakub Onderka]
+- [UI] Add warning when downloading malware-sample. [Jakub Onderka]
+- [UI] Import module cleanup. [Jakub Onderka]
+- [UI] Put sparkline data into HTML. [Jakub Onderka]
+- [UI] Change event alert field. [Jakub Onderka]
+- [UI] Nicer attribute search form. [Jakub Onderka]
+- [UI] For quick edit offer just valid types. [Jakub Onderka]
+- [UI] Move Add object button close to Add attribute button. [Jakub
+  Onderka]
+- [UI] Hide org column if not required. [Jakub Onderka]
+- [UI] Simplify Sync Actions global menu. [Jakub Onderka]
+- [UI] Add extra class to dropdown just when necessary. [Jakub Onderka]
+- [UI] Replace 'Populate using a template' button with 'Add object'
+  button. [Jakub Onderka]
+- [UI] Hide popover when pressing ESC on closed chosen. [Jakub Onderka]
+- [UI] Use chosen when adding object. [Jakub Onderka]
+- [internal] Fetch just necessary fields for fetching taxonomy tags.
+  [Jakub Onderka]
+- [UI] Add description to batch import. [Jakub Onderka]
+- [UI] Use same logic for sharing group change also for feeds. [Jakub
+  Onderka]
+- [PyMISP] Bump version. [Raphaël Vinot]
+- [graph.js] Updated to version 4.1.1. [Sami Mokaddem]
+- [taxonomy:checkIfNewTagAllowed] Add the `tlp` edge-case when adding
+  new tags. [Sami Mokaddem]
+
+  - Now, after removing all mirrors, I can go about my day without constantly being reminded of my existence.
+- [roles] set default role to User if none is set. [Christophe
+  Vandeplas]
+- [internal] Better error message for FileAccessTool::writeToFile.
+  [Jakub Onderka]
+- [internal] Move rest response SQL output. [Jakub Onderka]
+- [test] Show application logs. [Jakub Onderka]
+- Show short tags for highlighted tags. [Luciano Righetti]
+- [redistool] allow for using sockets. [iglocska]
+- [logs] user can see own logs. [Christophe Vandeplas]
+
+Fix
+~~~
+- [security] XSS in the template file uploads. [iglocska]
+
+  - as reported by Dawid Czarnecki from Zigrin Security
+- [index actions] urlencode the parameter values, otherwise certain
+  functionalities passing for example tag names around won't work.
+  [iglocska]
+
+  - fixes #8820
+- [UI] Fix user sorting. [Jakub Onderka]
+- [UI] Prevent default action when showing sightings. [Jakub Onderka]
+- [UI] Do not show model ID in audit log if it is zero. [Jakub Onderka]
+- [UI] Undefined shortDist array. [Jakub Onderka]
+- [UI] Warnings when user don't have permission to see sharing group
+  orgs. [Jakub Onderka]
+- [UI] Galaxy cluster distribution levels. [Jakub Onderka]
+- [UI] View action should be last. [Jakub Onderka]
+- [UI] Galaxy cluster UI cleanup. [Jakub Onderka]
+- [UI] Use correct menu for categories_and_types page. [Jakub Onderka]
+- [UI] Remove duplicate autoalert field in user profile. [Jakub Onderka]
+- [UI] Show user column for auth keys just for admins. [Jakub Onderka]
+- [UI] Correctly fetch data from resolved MISP format. [Jakub Onderka]
+- [UI] Show correct message when creating event when
+  MISP.unpublishedprivate is enabled. [Jakub Onderka]
+- [UI] Margin fixes for resolved_misp_format.ctp. [Jakub Onderka]
+- [UI] To IDS checkbox for attribute search. [Jakub Onderka]
+- [internal] Simplify regexp. [Jakub Onderka]
+- [UI] Change margin for notice message. [Jakub Onderka]
+- [UI] Remove unnecessary prevent default from ListTopBar. [Jakub
+  Onderka]
+- [UI] Correct message for fail callback. [Jakub Onderka]
+- [internal] Try to fix undefined index user_id when adding object.
+  [Jakub Onderka]
+- [UI] Quick edit of distribution. [Jakub Onderka]
+- [UI] Show add object attribute button just when user has permission.
+  [Jakub Onderka]
+- [UI] Error message when trying to add invalid attribute to object.
+  [Jakub Onderka]
+- [internal] Remove duplicate attribute fetching. [Jakub Onderka]
+- [UI] Description for attributes. [Jakub Onderka]
+- [attribute] IP address was considered as valid AS number. [Jakub
+  Onderka]
+- [internal] Taxonomy code cleanup. [Jakub Onderka]
+- [UI] Taxonomy tags invalid link. [Jakub Onderka]
+- [UI] Small fixes. [Jakub Onderka]
+- [UI] Do not show publish buttons for users without privilege. [Jakub
+  Onderka]
+- [UI] Communities. [Jakub Onderka]
+- [UI] Disable correlating field for non correlating attributes when
+  adding object. [Jakub Onderka]
+- [internal] Remove warning when using populate by template. [Jakub
+  Onderka]
+- [UI] Remove duplicate onclick. [Jakub Onderka]
+- [UI] Pagination for audit log. [Jakub Onderka]
+- [UI] Attribute correlation popover. [Jakub Onderka]
+- [UI] Attribute correlations. [Jakub Onderka]
+- [internal] Migration 105. [Jakub Onderka]
+- Db_version in db_schema.json. [Jakub Onderka]
+- [UI] Add missing space after tag. [Jakub Onderka]
+- [dashboard:*SightingsWidget] Updated to support the correct response
+  type. [Sami Mokaddem]
+- [auth][log] log correct org/userid with failed login fixes #8807.
+  [Christophe Vandeplas]
+- [log] filter user logs on user_id not email. [Christophe Vandeplas]
+- [dashboard] sort dashboard widgets. [Christophe Vandeplas]
+- [log] remote IP header clarify prefix is needed. [Christophe
+  Vandeplas]
+- [log] Fetching remote IP address. [Jakub Onderka]
+
+  Fixes #8795 and #8788
+- [log] Condition for old access log. [Jakub Onderka]
+- [log] Request time. [Jakub Onderka]
+- [UI] Consider Database/MysqlExtended as valid data source. [Jakub
+  Onderka]
+- [log] Undefined index. [Jakub Onderka]
+- [db_schema] Update to 104. [Jakub Onderka]
+- [db] Duplicate migration. [Jakub Onderka]
+- [workflow:getUserForWorkflow] Give all perms to workflow user. [Sami
+  Mokaddem]
+- [internal] Cleanup for log controller. [Jakub Onderka]
+- [test] Update after log change. [Jakub Onderka]
+- [internal] Attaching clusters. [Jakub Onderka]
+- Undefined index. [Luciano Righetti]
+- Css. [Luciano Righetti]
+- Undefined. [Luciano Righetti]
+- Undefined index. [Luciano Righetti]
+- Cs. [Luciano Righetti]
+- Cs. [Luciano Righetti]
+- Add new db version. [Luciano Righetti]
+- Support short tags setting. [Luciano Righetti]
+- Add missing views. [Luciano Righetti]
+- Support short tags setting. [Luciano Righetti]
+- Add missing views. [Luciano Righetti]
+- Conflics and update db_schema.json. [Luciano Righetti]
+- [logs] only allow for perm_audit & promote the perm to all.
+  [Christophe Vandeplas]
+- [log] Minor cosmetic fixes. [Christophe Vandeplas]
+- [ACL] added admin_destroy. [iglocska]
+
+Other
+~~~~~
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
+- Merge pull request #8812 from StefanKelm/2.4. [Alexandre Dulaunoy]
+
+  Update correlations.ctp
+- Update correlations.ctp. [StefanKelm]
+
+  tiny typo
+- [fix] Properly configure dependabot for composer. [Raphaël Vinot]
+- Merge pull request #8784 from
+  MISP/dependabot/github_actions/actions/checkout-3. [Raphaël Vinot]
+
+  build(deps): bump actions/checkout from 2 to 3
+- Build(deps): bump actions/checkout from 2 to 3. [dependabot[bot]]
+
+  Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
+  - [Release notes](https://github.com/actions/checkout/releases)
+  - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
+  - [Commits](https://github.com/actions/checkout/compare/v2...v3)
+
+  ---
+  updated-dependencies:
+  - dependency-name: actions/checkout
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+  ...
+- Merge pull request #8783 from
+  MISP/dependabot/github_actions/github/codeql-action-2. [Raphaël Vinot]
+
+  build(deps): bump github/codeql-action from 1 to 2
+- Build(deps): bump github/codeql-action from 1 to 2. [dependabot[bot]]
+
+  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
+  - [Release notes](https://github.com/github/codeql-action/releases)
+  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
+  - [Commits](https://github.com/github/codeql-action/compare/v1...v2)
+
+  ---
+  updated-dependencies:
+  - dependency-name: github/codeql-action
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+  ...
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8613 from JakubOnderka/fix-ui. [Jakub Onderka]
+
+  Fix UI
+- Merge pull request #8828 from JakubOnderka/fix-migration-105. [Jakub
+  Onderka]
+
+  fix: [internal] Migration 105
+- Merge pull request #8826 from JakubOnderka/fix-tag-view. [Jakub
+  Onderka]
+
+  fix: [UI] Add missing space after tag
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Update correlations.ctp. [StefanKelm]
+
+  tiny typo
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge pull request #8751 from JakubOnderka/disable-discussion. [Jakub
+  Onderka]
+
+  new: [UI] Add ability to disable discussion
+- Merge pull request #8757 from JakubOnderka/sql-logging. [Jakub
+  Onderka]
+
+  SQL logging
+- Fixup! fix: [db_schema] Update to 104. [Jakub Onderka]
+- Merge pull request #8799 from JakubOnderka/duplicate-migration. [Jakub
+  Onderka]
+
+  fix: [db] Duplicate migration
+- Merge pull request #8796 from JakubOnderka/fix-cluster-attach. [Jakub
+  Onderka]
+
+  fix: [internal] Attaching clusters
+- Merge pull request #8794 from righel/highlighted-tags. [Luciano
+  Righetti]
+
+  new: highlighted tags
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+
+
+v2.4.166 (2022-11-28)
+---------------------
+
+New
+~~~
+- [maintenance] Dependabot config. [Raphaël Vinot]
+- [restsearch] added optional ordering. [iglocska]
+
+  - available on event/attribute restsearch
+  - uses the new findOrder() internal function to have consistent filtering
+- [security setting] disable admin file management. [iglocska]
+
+  - for compliance reasons, disable the upload of images for the various logos / decorations
+  - setting can be enabled/disabled via CLI only
+- [news] Show the latest news in nicer view. [Jakub Onderka]
+- [CLI] Command for recompressing data stored in audit logs table.
+  [Jakub Onderka]
+- [logging] Access log. [Jakub Onderka]
+- [attribute type] azure-application-id added. [iglocska]
+
+  - En taro @xg5_datafiend
+- [docs] added taxii flowchart. [Andras Iklody]
+- [taxii integration] wip. [iglocska]
+
+  - all MISP side code implemented for being able to have filtered pushes
+  - still missing proper result handling as we need a working test implementation of the python scripts first
+  - some assumptions made that need to be revisited
+- [docs] added taxii flowchart. [Andras Iklody]
+- [taxii integration] wip. [iglocska]
+
+  - all MISP side code implemented for being able to have filtered pushes
+  - still missing proper result handling as we need a working test implementation of the python scripts first
+  - some assumptions made that need to be revisited
+
+Changes
+~~~~~~~
+- [version] bump. [iglocska]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [PyMISP] Bump version. [Raphaël Vinot]
+- [rearrange parameters] improve the way we allow users to rearrange
+  data. [iglocska]
+
+  - tie more endpoints into the new findOrder() functionality
+  - allow for new context specific ordering rules
+- [attribute] rearranging fixed. [iglocska]
+- [decayingModels:enable/disable] Return a better API response. [Sami
+  Mokaddem]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+- [ACL] added entries for taxii. [iglocska]
+- [github action] Added taxii branch. [Andras Iklody]
+- [misp-workflow-blueprints] updated. [Alexandre Dulaunoy]
+- [AadAuth] use proxy settings if present. [Luciano Righetti]
+- [internal] Remove stream request decompression, because it was broken.
+  [Jakub Onderka]
+- [log] Support for encoded request in access logs. [Jakub Onderka]
+- [periodic_summary] Rephrased correlation text to make it more
+  understandable. [Sami Mokaddem]
+- [periodic_summary] Added explanation about the "new correlation"
+  section. [Sami Mokaddem]
+- [misp-workflow-blueprints] updated. [Alexandre Dulaunoy]
+- [logs] Add SQL queries count to access log. [Jakub Onderka]
+- [log] Better filtering for access logs. [Jakub Onderka]
+- [log] Multipart support for access log. [Jakub Onderka]
+- [log] Tune compression for audit and access logs. [Jakub Onderka]
+- [log] Store memory usage compressed in database. [Jakub Onderka]
+- [logs] Move filterSearch to misp.js. [Jakub Onderka]
+- [cli] Show stats for access logs. [Jakub Onderka]
+- [logging] ZSTD compression for audit log. [Jakub Onderka]
+- [PyMISP] Bump. [Raphaël Vinot]
+- [attribute restsearch] x-result-count calculation reworked. [iglocska]
+
+  - show a fake number that still forces tools to keep pagination until needed
+  - massive performance gain
+  - fake it till you make it
+- [taxii] Added the required auth to the TAXII server. [Christian
+  Studer]
+
+Fix
+~~~
+- [remote_ip] respect MISP.log_client_ip_header everywhere fixes #8781.
+  [Christophe Vandeplas]
+- [logs] reverted action=request based exclusions in the logging.
+  [iglocska]
+
+  - we can once again receive these logs in the /logs/ logging system
+  - simply reintroduced the old exceptions
+- [logs] reverted the removal of api logs from the /logs/ logging system
+  unless confirmed. [iglocska]
+
+  - breaks logging with existing configurations
+- [updates] fixed invalid numbering. [iglocska]
+- [AuditLog] warn admin when audit log is not enabled. [Christophe
+  Vandeplas]
+- [UI] added  Search Log in global_menu. [Christophe Vandeplas]
+- [internal] Database schema. [Jakub Onderka]
+- [taxii push] console log messages removed. [iglocska]
+- [side menu] merge fix. [iglocska]
+- [AadAuth] undefined. [Luciano Righetti]
+- [log] Encode request part of access log as it can contains non unicode
+  chars. [Jakub Onderka]
+- [taxonomy:TagConflict] Strop generate notices for the `tlp:white` and
+  `tlp:clear` tags. [Sami Mokaddem]
+
+  - we had to remove all mirrors from the office after implementing this
+- [UI] Side menu requirement. [Jakub Onderka]
+- [internal] Method name. [Jakub Onderka]
+- [ACL] Event report permission. [Jakub Onderka]
+- [sync] Pulling sighting new way. [Jakub Onderka]
+- [correlations] Prevent Trying to access array offset on value of type
+  null error. [Jakub Onderka]
+- [log] Handle empty body. [Jakub Onderka]
+- [logs] Remove support for elastic logging for auditlog, as it was
+  broken and didnt work. [Jakub Onderka]
+- [UI] Popup top offset. [Jakub Onderka]
+- [internal] Undefined index: user_id and orgc_id for event. [Jakub
+  Onderka]
+- [docs] small change. [Andras Iklody]
+- [docs] small change. [Andras Iklody]
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'develop' of https://github.com/MISP/MISP into develop.
+  [Christophe Vandeplas]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8778 from JakubOnderka/fix-database-schema. [Jakub
+  Onderka]
+
+  fix: [internal] Database schema
+- Merge branch 'taxii' into develop. [iglocska]
+- Merge branch '2.4' into taxii. [iglocska]
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre
+  Dulaunoy]
+- Merge branch 'develop' into taxii. [iglocska]
+- Merge pull request #8765 from righel/objects-restsearch-openapi-doc.
+  [Luciano Righetti]
+
+  add: [OpenAPI] objects restsearch endpoint docs
+- Add: [OpenAPI] objects restsearch endpoint docs. [Luciano Righetti]
+- Merge pull request #8762 from righel/aad-auth-support-proxy. [Luciano
+  Righetti]
+
+  Aad auth support proxy
+- Merge pull request #8752 from JakubOnderka/access-log-fixes. [Jakub
+  Onderka]
+
+  fix: [log] Encode request part of access log as it can contains non u…
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge pull request #8753 from JakubOnderka/fix-event-report-acl.
+  [Jakub Onderka]
+
+  fix: [ACL] Event report permission
+- Merge pull request #8754 from JakubOnderka/fix-pull-sighting-new-way.
+  [Jakub Onderka]
+
+  fix: [sync] Pulling sighting new way
+- Merge pull request #8603 from JakubOnderka/code-fixes. [Jakub Onderka]
+
+  News view
+- Merge pull request #8749 from JakubOnderka/access-log. [Jakub Onderka]
+
+  new: [logging] Access log in database
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8747 from MISP/2.4. [Jakub Onderka]
+
+  2.4 into develop
+- Merge pull request #8745 from jsman/fix-galaxy-cluster-sync. [Jakub
+  Onderka]
+
+  fix: [sync] galaxy clusters stopped being pushed to remote servers
+- Reverse logic on permission check. [J. Sman]
+- Merge pull request #8746 from JakubOnderka/fix-event-userid. [Jakub
+  Onderka]
+
+  fix: [internal] Undefined index: user_id and orgc_id for event
+- Merge branch 'taxii' of github.com:MISP/MISP into taxii. [iglocska]
+- Merge pull request #8167 from chisholm/taxii_contrib. [Andras Iklody]
+
+  Contribute TAXII push script
+- Change --api_root commandline parameter to --collection, since a TAXII
+  collection URL is required as a target to push STIX content to.
+  [Michael Chisholm]
+- Initial commit of script to push MISP content to a TAXII 2.1 server.
+  [Michael Chisholm]
+- Change --api_root commandline parameter to --collection, since a TAXII
+  collection URL is required as a target to push STIX content to.
+  [Michael Chisholm]
+- Initial commit of script to push MISP content to a TAXII 2.1 server.
+  [Michael Chisholm]
+
+
 v2.4.165 (2022-11-09)
 ---------------------
 

static/Changelog-misp-galaxy.txt

@@ -1,5 +1,75 @@
 # Changelog
 
+## v2.4.168 (2023-01-23)
+
+### New
+
+* [tools] Sigma export tool added based on https://github.com/jstnk9/MISP/pull/1. [Alexandre Dulaunoy]
+
+### Changes
+
+* [sigma] updated. [Alexandre Dulaunoy]
+
+* [sigma] updated. [Alexandre Dulaunoy]
+
+* [country] Clarified the US cluster value. [Christian Studer]
+
+* [sigma] version must be an integer. [Alexandre Dulaunoy]
+
+* [tools] sigma tools updated. [Alexandre Dulaunoy]
+
+* [sigma] new version of the cluster. [Alexandre Dulaunoy]
+
+* [sigma] updated with latest version + new relationship script. [Alexandre Dulaunoy]
+
+* [threat-actor] added the missing synonyms. [Alexandre Dulaunoy]
+
+* [sigma] regenerated from the test script (also updated the script to ensure UUID consistency for the galaxy) [Alexandre Dulaunoy]
+
+* [sigma] jq all the things. [Alexandre Dulaunoy]
+
+* [ransomware] Extends the entry for JCrypt. [Jürgen Löhel]
+
+  * Add the reference to MafiaWare666 based on the latest research from
+    the Avast Threat Lab: https://decoded.avast.io/threatresearch/decrypted-mafiaware666-ransomware/
+  * Add more infos from Andrew Ivanovs the great blog post: https://id-ransomware.blogspot.com/2020/12/jcrypt-ransomware.html
+
+### Fix
+
+* [sigma] version must be an int. [Alexandre Dulaunoy]
+
+### Other
+
+* Add: [country] Manually added the missing relations to some `country` cluster values. [Christian Studer]
+
+  - The previous commit (071ecb8) that added the
+    mahority of relations between countries and
+    regions were automatically added based on the
+    country names specified in the `region` cluster.
+    The relations added here are the remaining
+    countries that are not litterally defined the
+    same way they are in the `region` cluster
+
+* Add: [country] Added references between `country` cluster values and the related region they're located in, from the `region` galaxy cluster. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-galaxy. [Christian Studer]
+
+* Merge branch 'jstnk9-main' into main. [Alexandre Dulaunoy]
+
+* Merge branch 'main' of https://github.com/jstnk9/misp-galaxy into jstnk9-main. [Alexandre Dulaunoy]
+
+* Merge branch 'MISP:main' into main. [jstnk9]
+
+* Galaxy for sigma rules. [jstnk9]
+
+* Merge pull request #805 from jloehel/mafiaware666. [Alexandre Dulaunoy]
+
+  chg: [ransomware] Extends the entry for JCrypt
+
+* Merge branch 'main' of github.com:MISP/misp-galaxy. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-galaxy. [Christian Studer]
+
 
 ## v2.4.167 (2022-12-22)
 

static/Changelog-misp-objects.txt

@@ -1,12 +1,37 @@
 # Changelog
 
+## v2.4.168 (2023-01-23)
 
-## %%version%% (unreleased)
+### New
+
+* Add legal sector. [Thomas Dupuy]
+
+### Changes
+
+* [doc] updated. [Alexandre Dulaunoy]
+
+* [typosquatting] jq_all_the_things. [David Cruciani]
 
 ### Fix
 
+* [victim] jq run. [Alexandre Dulaunoy]
+
+* [vehicle] jq all the things. [Alexandre Dulaunoy]
+
 * [language] Turning french fries into freedom fries. [Andras Iklody]
 
+### Other
+
+* Merge pull request #381 from DavidCruciani/main. [Christian Studer]
+
+  add: [object] typosquatting-finder
+
+* Add: [object] typosquatting-finder. [David Cruciani]
+
+* Merge pull request #380 from nyx0/main. [Alexandre Dulaunoy]
+
+  new: Add legal sector.
+
 
 ## v2.4.167 (2022-12-22)
 

static/Changelog-misp-taxonomies.txt

@@ -1,6 +1,19 @@
 # Changelog
 
 
+## v2.4.168 (2023-01-23)
+
+### Changes
+
+* [MANIFEST] updated. [Alexandre Dulaunoy]
+
+* [doc] updated. [Alexandre Dulaunoy]
+
+* [aviation] fix criticality value. [Alexandre Dulaunoy]
+
+* [aviation] updated by Eurocontrol. [Alexandre Dulaunoy]
+
+
 ## v2.4.167 (2022-12-22)
 
 ### New

static/Changelog-misp-warninglists.txt

@@ -1,6 +1,50 @@
 # Changelog
 
 
+## v2.4.168 (2023-01-23)
+
+### New
+
+* [google-chrome-crux-1million] added. [Alexandre Dulaunoy]
+
+* [generate-chrome-crux-1m] New generator added for the Cached Chrome Top Million Websites. [Alexandre Dulaunoy]
+
+  "Recent research showed that the top million most popular websites published by Google Chrome via their UX Report (CrUX) is significantly more accurate than other top lists like the Alexa Top Million and Tranco Top Million.
+
+  This repository caches a CSV version of the Chrome top sites, queried
+  from the CrUX data in Google BigQuery. You can browse all of the cached
+  lists here. The most up-to-date top million global websites can be
+  downloaded directly at:
+  https://raw.githubusercontent.com/zakird/crux-top-lists/main/data/global/current.csv.gz."
+
+### Changes
+
+* [lists] updated to the latest version. [Alexandre Dulaunoy]
+
+* [lists] updated. [Alexandre Dulaunoy]
+
+* [lists] updated. [Alexandre Dulaunoy]
+
+* [warning-lists] updated. [Alexandre Dulaunoy]
+
+* [generate_all] add generate-chrome-crux-1m.py. [Alexandre Dulaunoy]
+
+* [doc] updated warning-list lists. [Alexandre Dulaunoy]
+
+* [generator] add an option to handle gzip file. [Alexandre Dulaunoy]
+
+  - It doesn't change the default behavior assuming it's a non-gzip file
+  - If the `gzip_enable` is set to `True` then the destination file is uncompressed
+
+### Other
+
+* Merge pull request #243 from czenek/vpn-ipv4. [Alexandre Dulaunoy]
+
+  generator-vpn.py
+
+* Generator-vpn.py did not saved the generated list because of incorrect destination folder name. [csandera]
+
+
 ## v2.4.167 (2022-12-22)
 
 ### Changes

static/Changelog.txt

@@ -2,6 +2,115 @@ Changelog
 =========
 
 
+v2.4.168 (2023-02-01)
+---------------------
+
+New
+~~~
+- [indexTable] added 3 new simple elements. [iglocska]
+
+  - custom_element -> loop the data through an element set via element_path
+  - model -> for the various log indeces, format the log entry's model entry as MODEL #MODEL_ID
+  - time -> loop the data through the time helper's time() function
+
+Changes
+~~~~~~~
+- [auth] group  authentication code. [Christophe Vandeplas]
+- [misp-stix] Bumped latest version. [Christian Studer]
+- [misp-warninglists] updated to the latest version. [Alexandre
+  Dulaunoy]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+- [PyMISP] Bump. [Raphaël Vinot]
+- [PyMISP] updated. [Alexandre Dulaunoy]
+- [misp-objects] updated. [Alexandre Dulaunoy]
+- [servers:testConnection] Prematurely close the session allowing
+  concurrent requests. [Sami Mokaddem]
+- [taxonomies] updated. [Alexandre Dulaunoy]
+- [logs:event_index] Added notice about displayed data and usage of
+  LightPaginator. [Sami Mokaddem]
+- [warning-lists] updated. [Alexandre Dulaunoy]
+- [event index] changed to the indextable generator. [iglocska]
+- [indexTable] added option for the generic Field to set a default
+  value, if the referenced value is empty. [iglocska]
+
+  - via the key 'empty'
+- [README.md] phrasing. [Andras Iklody]
+- [README.md] added a missing comma. [Andras Iklody]
+
+  Just testing mail filters.... :)
+- [internal] allow site admins ability to view event_creator_email for
+  all events in export. [goodlandsecurity]
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+
+Fix
+~~~
+- [VERSION] bump. [iglocska]
+- [misp-galaxy] Bumped latest version. [Christian Studer]
+- [shadowAttribute:accept] Restored accepting functionality. [Sami
+  Mokaddem]
+
+  Replace cake's magic finder by the standard way to fetch data
+- [security] Prevent unauthorized access to decaying import function.
+  [Sami Mokaddem]
+
+  - as reported by Cyber Controls from SIX Group
+- [security] XSS in eventgraph preview payload. [Sami Mokaddem]
+
+  - as reported by Cyber Controls from SIX Group
+- [security] XSS through network history name. [Sami Mokaddem]
+
+  - as reported by Cyber Controls from SIX Group
+- [tags:relationship] Fixed synchronisation of relationship_type. [Sami
+  Mokaddem]
+- [feed:edit] Make sure to keep orgc_id to its saved value. [Sami
+  Mokaddem]
+- [doc] New year - copyrights updated. [Alexandre Dulaunoy]
+- [README.md] typo fixed. [Andras Iklody]
+
+  testing mail filters further
+- [tags:relationship] Fixed synchronisation of relationship_type. [Sami
+  Mokaddem]
+- [querystring] bumped. [Andras Iklody]
+- [postTest] speculative fix for case sensitivity of headers. [iglocska]
+
+  - as reported by @DavoDirty
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian
+  Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Minor code cosmetic fix. [Christophe Vandeplas]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- [security] XSS in authkey add. [Sami Mokaddem]
+
+  - as reported by Dawid Czarnecki from Zigrin Security
+- Merge pull request #8870 from goodlandsecurity/fix-event-creator-
+  email. [Andras Iklody]
+
+  chg: [internal] allow site admins ability to view event_creator_email for all events in export
+- Merge pull request #8543 from nandelson/2.4. [Alexandre Dulaunoy]
+
+  Fix markdown formatting in INSTALL.rhel7.md
+- Update INSTALL.rhel7.md. [Dan Nelson]
+
+
 v2.4.167 (2022-12-22)
 ---------------------