diff --git a/static/Changelog-PyMISP.txt b/static/Changelog-PyMISP.txt index f0e0174..5bf234e 100644 --- a/static/Changelog-PyMISP.txt +++ b/static/Changelog-PyMISP.txt @@ -2,6 +2,53 @@ Changelog ========= +v2.4.182 (2023-12-14) +--------------------- + +Changes +~~~~~~~ +- Bump changelog. [Raphaël Vinot] +- Bump version. [Raphaël Vinot] +- Bump objects. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] + +Fix +~~~ +- Avoid exception when the malware file name contains a "|" [Raphaël + Vinot] + +Other +~~~~~ +- Build(deps): bump github/codeql-action from 2 to 3. [dependabot[bot]] + + Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. + - [Release notes](https://github.com/github/codeql-action/releases) + - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) + - [Commits](https://github.com/github/codeql-action/compare/v2...v3) + + --- + updated-dependencies: + - dependency-name: github/codeql-action + dependency-type: direct:production + update-type: version-update:semver-major + ... +- Build(deps): bump actions/setup-python from 4 to 5. [dependabot[bot]] + + Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. + - [Release notes](https://github.com/actions/setup-python/releases) + - [Commits](https://github.com/actions/setup-python/compare/v4...v5) + + --- + updated-dependencies: + - dependency-name: actions/setup-python + dependency-type: direct:production + update-type: version-update:semver-major + ... + + v2.4.179 (2023-11-23) --------------------- diff --git a/static/Changelog-misp-galaxy.txt b/static/Changelog-misp-galaxy.txt index 3a1fd23..c053664 100644 --- a/static/Changelog-misp-galaxy.txt +++ b/static/Changelog-misp-galaxy.txt @@ -1,6 +1,71 @@ # Changelog +## v2.4.182 (2023-12-14) + +### New + +* [disarm] Initial DISARM galaxy #783. [Christophe Vandeplas] + +### Changes + +* [cluster] Sigma rules updated. [Alexandre Dulaunoy] + +* [sigma] updated to the latest version. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #905 from Mathieu4141/threat-actors/dd7fd198-7ead-48ee-b763-50f2f9faa1c5. [Alexandre Dulaunoy] + + [threat-actors] Add 10 actors + +* [threat-actors] jq. [Mathieu Beligon] + +* [threat-actors] Add UNC2630. [Mathieu Beligon] + +* [threat-actors] Add UAC-0050. [Mathieu Beligon] + +* [threat-actors] Add UAC-0118. [Mathieu Beligon] + +* [threat-actors] Add DEV-0569. [Mathieu Beligon] + +* [threat-actors] Add UNC215. [Mathieu Beligon] + +* [threat-actors] Add RomCom aliases. [Mathieu Beligon] + +* [threat-actors] Add UNC2447. [Mathieu Beligon] + +* [threat-actors] Add WIP19. [Mathieu Beligon] + +* [threat-actors] Add AeroBlade. [Mathieu Beligon] + +* [threat-actors] Add UNC2659. [Mathieu Beligon] + +* [threat-actors] Add UNC2717. [Mathieu Beligon] + +* Merge pull request #904 from Mathieu4141/threat-actor/scattered-spider-65667349-6932-4ae5-a356-356f71a6a1f5. [Alexandre Dulaunoy] + + [threat-actors] Add Scattered Spider aliases + +* [threat-actors] Update Scattered Spider. [Mathieu Beligon] + +* Merge pull request #903 from Mathieu4141/threat-actors/harmonize-ref-field. [Alexandre Dulaunoy] + + [threat-actors] harmonize reference field + +* [threat-actors] hormonize reference field. [Mathieu Beligon] + +* Merge pull request #902 from Mathieu4141/threat-actors/97bd510f-7f92-4d35-b389-3c269c47094b. [Alexandre Dulaunoy] + + [threat actors] Add 3 actors + +* [threat-actors] Add Daixin Team. [Mathieu4141] + +* [threat-actors] Add ScamClub. [Mathieu4141] + +* [threat-actors] Add TunnelSnake. [Mathieu4141] + + ## v2.4.180 (2023-11-30) ### Fix diff --git a/static/Changelog-misp-modules.txt b/static/Changelog-misp-modules.txt index a79b0d8..c7d2ac1 100644 --- a/static/Changelog-misp-modules.txt +++ b/static/Changelog-misp-modules.txt @@ -1,6 +1,29 @@ # Changelog +## v2.4.182 (2023-12-14) + +### Changes + +* [mkdocs] mkdocs_material. [Alexandre Dulaunoy] + +* [documentation] updated. [Alexandre Dulaunoy] + +* [doc] updated. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #645 from ip2location/main. [Alexandre Dulaunoy] + + Add IP2Location.io expansion module + +* Removed ip2locationio from joe_parser lib. [ip2location] + +* Update ip2locationiopy and add documentations. [ip2location] + +* Add IP2Location.io module. [ip2location] + + ## v2.4.179 (2023-11-23) ### Other diff --git a/static/Changelog-misp-objects.txt b/static/Changelog-misp-objects.txt index fda23b2..a75cbda 100644 --- a/static/Changelog-misp-objects.txt +++ b/static/Changelog-misp-objects.txt @@ -1,6 +1,39 @@ # Changelog +## v2.4.182 (2023-12-14) + +### Changes + +* [shadowserver-malware-url-report] resource path added to improve correlation aspects. [Alexandre Dulaunoy] + +* [cs-beacon-config] updated to add details requested by ShadowServer. [Alexandre Dulaunoy] + +* [shadowserver-malware-url-report] sane default added for severity. [Alexandre Dulaunoy] + +* [shadowserver-malware-url-report] sane_default added. [Alexandre Dulaunoy] + +* [shadowserver-malware-url-report] severity added. [Alexandre Dulaunoy] + +* [report] `title` field added to the report object template. [Alexandre Dulaunoy] + +### Fix + +* [report] typo fixed. [Alexandre Dulaunoy] + +* [shadowserver-malware-url-report] `port` field added. [Alexandre Dulaunoy] + +* [victim] object updated. [Alexandre Dulaunoy] + +### Other + +* Merge branch 'mFaou-main' into main. [Alexandre Dulaunoy] + +* Changed academic research to academia - university to align with the sector cluster. [Matthieu Faou] + +* Added 5 sectors to the victim object. [Matthieu Faou] + + ## v2.4.179 (2023-11-23) ### New diff --git a/static/Changelog-misp-stix.txt b/static/Changelog-misp-stix.txt index 16fec75..04a3f41 100644 --- a/static/Changelog-misp-stix.txt +++ b/static/Changelog-misp-stix.txt @@ -1,6 +1,406 @@ # Changelog +## v2.4.182 (2023-12-14) + +### Changes + +* [poetry, package] Bumped latest versions. [Christian Studer] + +### Fix + +* [stix2 import] Some quick clean-up. [Christian Studer] + +* [stix2 import] Added missing cluster distribution argument. [Christian Studer] + +* [stix2 import] Avoiding issue with custom labels. [Christian Studer] + +* [stix2 import] Avoiding issues with custom labels. [Christian Studer] + +* [stix2 import] Avoiding issues with custom labels. [Christian Studer] + +* [stix2 import] Added missing entry for identity objects in the conversion mapping. [Christian Studer] + +* [stix2 import] Fixed `identity` objects import conversion. [Christian Studer] + +* [stix2 import] Making sure the Location object has a `region` field before calling it to define a Galaxy Cluster value. [Christian Studer] + +* [stix2 import] Fixed Location objects conversion when it should be converted to `country` or `region` Galaxy Cluster. [Christian Studer] + +* [stix2 import] Fixed wrong Location object field. [Christian Studer] + +* [stix2 import] Removed unnecessary mapping layer. [Christian Studer] + +* [stix2 import] Some clean-up. [Christian Studer] + +* [stix2 import] The ObservedData converter is not ready yet. [Christian Studer] + +* [stix2 import] Added `intrusion-set` to the STIX 2.x objects conversion mapping to MISP. [Christian Studer] + +* [documentation] Updated description of STIX 2 objects exported from Galaxy clusters. [Christian Studer] + +* [documentation] Fixed documentation for `intrusion-set` objects export as STIX 2.0 & 2.1. [Christian Studer] + +* [tests] Removed debugging print. [Christian Studer] + +* [tests] A simple clean-up on a MISP event sample definition. [Christian Studer] + +* [stix2 import] Cleaned up unnecessary mapping. [Christian Studer] + +* [stix2 import] Fixed inheritance between the Observable object conversion classes. [Christian Studer] + +### Other + +* Add: [stix2 import] Handling clusters sharing group id for content converter from external STIX 2.x. [Christian Studer] + +* Add: [stix2 import] Added cluster distribution argument to the external STIX 2 to MISP parser. [Christian Studer] + + - We can now define a distribution value for + clusters, the same we have been already able to + do for events distribution + +* Add: [tests] Tests for internal STIX 2.x content with custom labels. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [tests] Tests for `identity` objects import from STIX 2.x. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [tests] Tests for `person` object import from internal STIX 2.x. [Christian Studer] + +* Wip: [stix2 import] Converting `person` objects from Internal STIX 2.x Identity objects. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Converting STIX 2.x Identity objects from converters. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Importing MISP `annotation` objects from STIX 2.1 Note objects. [Christian Studer] + + - /!\ From STIX content generated from MISP only /!\ + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Parsing STIX 2.x Custom objects from converters. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Converting STIX 2.x Location objects from converters. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Converting STIX 2.x Vulnerability objects from converters. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Parsing STIX 2.x Tool objects from converters. [Christian Studer] + +* Wip: [stix2 import] Parsing STIX 2.x Threat Actor objects from converters. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [tests] Tests for `intrusion-set` object import from STIX 2.x. [Christian Studer] + +* Add: [tests] Added a `resource_level` attribute to the tests for intrusion-set objects export as STIX 2.0 & 2.1. [Christian Studer] + +* Wip: [stix2 import] Converting Intrusion Set objects from the converters side. [Christian Studer] + +* Merge branch 'main' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'dev' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Add: [documentation] Regenerated documentation with the latest changes. [Christian Studer] + +* Add: [documentation] Added documentation for `intrusion-set` objects export as STIX 2.0 & 2.1. [Christian Studer] + +* Add: [tests] Added tests for `intrusion-set` objects export as STIX 2.0 & 2.1. [Christian Studer] + +* Add: [stix2 export] Exporting `intrusion-set` MISP objects to STIX 2.0 & 2.1. [Christian Studer] + +* Add: [documentation] Regenerated documentation with the latest changes. [Christian Studer] + +* Add: [documentation] Added documentation for `intrusion-set` objects export as STIX 2.0 & 2.1. [Christian Studer] + +* Add: [tests] Added tests for `intrusion-set` objects export as STIX 2.0 & 2.1. [Christian Studer] + +* Add: [stix2 export] Exporting `intrusion-set` MISP objects to STIX 2.0 & 2.1. [Christian Studer] + +* Wip: [stix2 import] Converting Campaign objects from the converters. [Christian Studer] + +* Wip: [stix2 import] Converting Course of Action objects from converters & cleaned up a few no longer used parsing methods that are now supported in converters too. [Christian Studer] + +* Wip: [stix2 import] Using a generic STIX 2 objects parsing method. [Christian Studer] + + +## v2.4.178 (2023-11-06) + +### Changes + +* [poetry] Bumped latest python versions & library version. [Christian Studer] + +* [stix2 import] Split the Observable objects conversion/parsing from the Observable objects handling. [Christian Studer] + +* [stix2 import] Slight change on the single attributes dict creation. [Christian Studer] + +* [tests] Removed the galaxy description from the STIX objects description field. [Christian Studer] + +* [stix2 export] Using the cluster description only to generate a STIX 2 SDO description. [Christian Studer] + + - The generic galaxy description is no longer used + - Should fix #37 + +### Fix + +* [stix2 import] Fixed non existing variable. [Christian Studer] + +* [stix2 import] Avoiding issues with standalone observable objects conversion. [Christian Studer] + + - Reordered the list of observable object types as + some require some special parsing with their + references. The referenced types are parsed + afterwards as they are 'lower priority' + +* [stix2 import] Added missing network-traffic observable type in the observable objects mapping. [Christian Studer] + +* [stix2 import] Added missing internal reference from Directory objects to the actual MISP object. [Christian Studer] + + - when the directory is converted as the `path` attribute of a MISP file object + +* [stix2 import] Fixed some typing. [Christian Studer] + +* [stix2 import] Properly testing when a standalone Observable object already was converted. [Christian Studer] + +* [stix2 import] Added missing types for some artifact objects attributes mapping. [Christian Studer] + +* [tests] Fixed the different tests for cluster descriptions. [Christian Studer] + +* [stix2 import] Extended changes on the generic galaxy description. [Christian Studer] + + - Removing the STIX objects description parsing as + the value doesn't contain the galaxy description + anymore but only the cluster description + - Galaxies definitions are now stored in a small + JSON data file that is generated from the + official `misp-galaxy` repo and used as they are + defined there since we don't need to get the + galaxy description from the STIX object anymore + +* [tests] Fixed the galaxies export as STIX 2 tests to include the change on the description field. [Christian Studer] + +* [stix2 import] Various common utility methods added or fixed. [Christian Studer] + +* [stix2 import] Fixed MISP Attribute add method name. [Christian Studer] + +* [stix2 import] Fixed file hashes mapping naming to avoid a confusion that somehow raised an issue for some reason. [Christian Studer] + +* [stix2 import] Added missing checking methods and made some mapping variables exclusive to the external conversion class. [Christian Studer] + +* [stix2 import] Uncommented try/except statement that was commented to debug errors. [Christian Studer] + +* [stix2 import] Mapping methods are class methods and should be called. [Christian Studer] + +### Other + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Converting standalon X509 objects. [Christian Studer] + +* Wip: [stix2 import] Converting standalone URL objects to url MISP attributes. [Christian Studer] + +* Wip: [stix2 import] Converting Registry key standalone objects. [Christian Studer] + +* Wip: [stix2 import] Converting standalone Process objects and their references. [Christian Studer] + +* Wip: [stix2 import] Converting MACAddress & Mutex standalone observable objects as MISP Attributes. [Christian Studer] + +* Wip: [stix2 import] Converting UserAccount & EmailAddress objects. [Christian Studer] + +* Wip: [stix2 import] Converting Email Message objects and their references. [Christian Studer] + +* Wip: [stix2 import] Converting Directory objects, their references and File objects references. [Christian Studer] + +* Wip: [stix2 import] Parsing Autonomous System objects and their potential references from IP address objects. [Christian Studer] + +* Wip: [stix2 import] Yielding object attributes to already have a more generic way to handle the Attribute VS Object situation that happens in some cases. [Christian Studer] + +* Wip: [stix2 import] Supporting the full chain of standalone Domain resolving IP address(es) resovling MAC address(es) [Christian Studer] + +* Wip: [stix2 import] Converting standalone IP address objects. [Christian Studer] + +* Wip: [stix2 import] Added `kwargs` to the attribute creation parameters to be able to set some attribute fields. [Christian Studer] + +* Wip: [stix2 import] Supporting embedded references between network traffic objects. [Christian Studer] + +* Wip; [stix2 import] Converting standalone DomainName observable objects and their references. [Christian Studer] + +* Wip: [stix2 import] Converting NetworkTraffic references observable objects. [Christian Studer] + +* Wip: [stix2 import] Added the Network Traffic conversion methods that handle the different cases, and harmonised the observable objects conversion method names. [Christian Studer] + +* Wip: [stix2 import] Some network-traffic observables conversion methods. [Christian Studer] + + - Also added the correct method to populate object + attributes from the observable fields and values + +* Wip: [stix2 import] Better support of references fields in email message patterns. [Christian Studer] + +* Merge branch 'main' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Merge pull request #51 from MISP/dev. [Christian Studer] + + Removing Galaxies generic descriptions from the STIX 2.x objects description field + +* Wip: [stix2 import] Porting the changes on Galaxies description to the converters. [Christian Studer] + +* Merge branch 'dev' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Catching errors due to unknown pattern type. [Christian Studer] + +* Wip: [stix2 import] Using the Indicators converter from the main parser classes. [Christian Studer] + +* Wip: [stix2 import] Reuse, deduplication & definition of the different mappings used for indicators (& others) parsing. [Christian Studer] + +* Wip: [stix2 import] Parsing external pattern from the converter class. [Christian Studer] + +* Wip: [stix2 import] Reorganising/Reusing conversion methods. [Christian Studer] + +* Wip: [stix2 import] Added missing mapping common methods. [Christian Studer] + +* Wip: [stix2 import] Fixed patterns conversion as MISP objects. [Christian Studer] + + - Avoiding unmapped fields errors + - Added missing mappping methods + +* Wip: [stix2 import] Enhancing internal STIX patterns mapping and conversion. [Christian Studer] + +* Wip: [stix2 import] Indicators converter. [Christian Studer] + + - Improved from the internal & external STIX 2 to + MISP parsers in order to have the conversion + ability in the converter classes + +* Merge branch 'main' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Merge branch 'main' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Merge branch 'dev' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + + +## v2.4.177 (2023-09-22) + +### Changes + +* [package] New version bump. [Christian Studer] + +* [poetry] Updated dependencies & bumped lock file. [Christian Studer] + +### Fix + +* [stix2 import] Variable name typo. [Christian Studer] + +* [stix2 import] Removing the `LIKE` comparison operator from the list of forbidden pattern operators. [Christian Studer] + +* [stix2 import] STIX 2 Patterns parser cleanup. [Christian Studer] + +* [stix2 import] Custom opinion objects parsing method typo. [Christian Studer] + +* Comment typo. [Christian Studer] + +* [stix2 import] Custom opinion objects parsing method typo. [Christian Studer] + +* Comment typo. [Christian Studer] + +* [stix2 export] Avoiding issues with Opinion & Sighting objects having references to custom objects. [Christian Studer] + + - Should fix #49 + +### Other + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'dev' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Wip: [stix2 import] Finished supporting the last multiple values in patterns. [Christian Studer] + +* Wip: [stix2 import] Handling more 'multiple' pattern values after `IN` comparison operator. [Christian Studer] + + - Went through some types of patterns that did not + have this kind of additional handling because + they are not supposed to be MISP objects with + multiple attributes + - To avoid losing data or raising issues, it + could then sometimes push multiple attributes + even though they are not supposed to be in the + MISP object template definition + +* Wip: [stix2 import] Pattern values after an `IN` comparison operator should always be tuples. [Christian Studer] + +* Wip: [stix2 import] Supporting multiple IP values in pattern with an `IN` comparison operator. [Christian Studer] + +* Wip: [stix2 import] Improved more types of patterns by checking whether the values are in a list or tuple. [Christian Studer] + + - Which is the case where the comparison operator is `IN` + - Will continue applying the same improvement to more patterns + +* Wip: [stix2 import] Better pattern values parsing. [Christian Studer] + + - When the pattern comparison operator is `IN`, we + most probably have a pattern value being a tuple + - We convert the pattern values being tuple in str + to actual tuples so we can loop over the values + +* Wip: [stix2 import] Better pattern comparison operator parsing. [Christian Studer] + + - We do not only support pattern with `=` operator + but also open up for `LIKE` and will continue + working on an improvement to support more + different operators soon + +* Merge branch 'dev' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix into dev. [Christian Studer] + +* Merge branch 'main' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + +* Merge branch 'parser_feature' of github.com:MISP/misp-stix. [Christian Studer] + +* Merge branch 'dev' of github.com:misp/misp-stix into parser_feature. [Christian Studer] + + ## v2.4.176 (2023-09-14) ### Changes diff --git a/static/Changelog-misp-warninglists.txt b/static/Changelog-misp-warninglists.txt index 345cbf7..57d5c86 100644 --- a/static/Changelog-misp-warninglists.txt +++ b/static/Changelog-misp-warninglists.txt @@ -1,6 +1,17 @@ # Changelog +## v2.4.182 (2023-12-14) + +### Changes + +* [warning-lists] updated to the latest version. [Alexandre Dulaunoy] + +* [findip-host] updated. [Alexandre Dulaunoy] + +* [findip] new addresses added. [Alexandre Dulaunoy] + + ## v2.4.180 (2023-11-30) ### Changes diff --git a/static/Changelog.txt b/static/Changelog.txt index 2ab00d0..54676f2 100755 --- a/static/Changelog.txt +++ b/static/Changelog.txt @@ -2,6 +2,111 @@ Changelog ========= +v2.4.182 (2023-12-14) +--------------------- + +New +~~~ +- [event:view] Added new option `show_server_correlations_for_all_users` + allowing non-privileged users to view server correlations. [Sami + Mokaddem] + +Changes +~~~~~~~ +- [Version] bump. [iglocska] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [misp-stix] Bumped latest version. [Christian Studer] +- [warning-lists] updated to the latest version. [Alexandre Dulaunoy] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [Geo-Open] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] Bump. [Raphaël Vinot] +- [CLI] runUpdates updated to purge any pending db lock first. + [iglocska] +- [event reports] content field size changed to mediumtext. [Andras + Iklody] +- [logging] fail silently if logging entry can't be saved. [iglocska] + + - can happen when the log change is too large for example + - no need to roll back / break sync for example if a log entry is too large, just fail silently. +- [events:event-graph] Allow expansion of nodes by double-clicking. + [Sami Mokaddem] + + In response to significant demand from Terrtia and subsequent evaluation by adulau +- [feed:attachFeedCorrelations] Added comment. [Sami Mokaddem] +- [event:view] Show feed meta-information as popup. [Sami Mokaddem] +- [misp-stix] Bump. [Jakub Onderka] + +Fix +~~~ +- [db_schema] dump. [iglocska] +- [correlation] exclusion cleaning was broken for noacl correlations, + fixes #8899. [iglocska] +- [eventReport:editReport] Generate an UUID if new report added from + pull. [Sami Mokaddem] +- [workflows:editor] Prepend baseurl to url. [Lukasz Rzasik] +- [TOTP] allow deletion of TOTP from edit page. [Christophe Vandeplas] +- [security] new audit logs lack of ACL controls. [iglocska] + + - added proper ACL handling to the new audit logs + - as reported by fukusuket(Fukusuke Takahashi) +- [case sensitivity] fix. [iglocska] +- [login_history] fixes str_contains #9433. [Christophe Vandeplas] +- [login_history] fixes str_contains #9433. [Christophe Vandeplas] +- [password reset] required current password for token based reset. + [iglocska] +- [diag] diagnostics page loading issue. [Michael Hirt] +- [openapi] add version to match spec. fixes #9058. [Luciano Righetti] +- [caching] remove uuid validation from the feed caching. [iglocska] + + - not really needed and it breaks the entire caching if a single old event has an invalid uuid +- [attribute bulk update] separate out tag deletion as it builds a + ridiculously large query at times. [iglocska] +- [caching] remove uuid validation from the feed caching. [iglocska] + + - not really needed and it breaks the entire caching if a single old event has an invalid uuid + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Alexandre Dulaunoy] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch 'lukaszrzasik_fix-workflows-editor-url' into develop. + [Sami Mokaddem] +- Merge branch 'develop' of github.com:MISP/MISP into lukaszrzasik_fix- + workflows-editor-url. [Sami Mokaddem] +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' into develop. [iglocska] +- Merge remote-tracking branch 'origin/2.4' into develop. [Sami + Mokaddem] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9413 from mdhirt/fix-diagnostics-issue#9411. + [Jakub Onderka] + + fix: [diag] diagnostics page loading issue +- Merge pull request #9432 from JakubOnderka/update-misp-stix. + [Christian Studer] + + chg: [misp-stix] Bump +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] +- Merge branch '2.4' into develop. [iglocska] + + v2.4.181 (2023-12-01) --------------------- @@ -18,6 +123,10 @@ Changes Fix ~~~ +- [Alert on suspicious logins] disabled by default. [iglocska] + + - requires logs table to be better indexed currently to not be a bottleneck (user_id and action fields) + - Will be made default in an upcoming version once the performance issues are resolved - [tests] fix path in logs_tests.sh. [Christophe Vandeplas] - [tests] fixes path of logs_tests. [Christophe Vandeplas] - [userloginprofiles] undefined variable #9424. [Christophe Vandeplas] @@ -25,10 +134,13 @@ Fix Other ~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] +- Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge remote-tracking branch 'origin/develop' into 2.4. [Christophe Vandeplas]