chg: [changelog] updated for v2.4.154

static/Changelog

@@ -1,6 +1,209 @@
 Changelog
 =========
 
+v2.4.154 (2022-03-02)
+---------------------
+
+New
+~~~
+- [bgjobs] Allow to set Redis read timeout. [Jakub Onderka]
+- [test] Creating custom warninglist. [Jakub Onderka]
+- [sharing group blueprints] [iglocska]
+
+  - create a rule based blueprint that is used to create and update a sharing group
+  - nest sharing groups
+  - filter organisations by metadata fields
+  - nested via boolean operators
+  - CLI exposed
+  - API exposed
+  - Lightweight ownership model (only blueprint owner can see and edit the blueprint)
+- [json field] added to single view factory. [iglocska]
+- [test] Search index by eventid. [Jakub Onderka]
+- [test] CSP report. [Jakub Onderka]
+- [oidc] Check user validity. [Jakub Onderka]
+- [event warnings] include them in the event view. [iglocska]
+- [behaviour] event warning behaviour added. [iglocska]
+
+  - inspects an event in MISP's internal raw format for discrepencies
+  - creates a list of warnings
+- [populate event view] added. [iglocska]
+
+  - paste a JSON with misp data (objects, attributes, galaxies, tags, eventreports) and it will edit the elements into the event
+- [event population] added. [iglocska]
+- [oidc] Support for setting code challenge method. [Jakub Onderka]
+
+Changes
+~~~~~~~
+- [composer] Crypt_GPG updated. [Alexandre Dulaunoy]
+- [VERSION] bump. [iglocska]
+- [oidc] Do not log changes for OIDC user setting. [Jakub Onderka]
+- [internal] Simplify logging when pulling events. [Jakub Onderka]
+- [bgjobs] Add command name to logs. [Jakub Onderka]
+- [internal] Simplify code for deleting multiple attributes. [Jakub
+  Onderka]
+- [test] Better custom warninglist test. [Jakub Onderka]
+- [internal] Use FileAccessTool. [Jakub Onderka]
+- [composer] Crypt_GPG updated. [Alexandre Dulaunoy]
+- [warning-lists] updated. [Alexandre Dulaunoy]
+- [ACL] updated. [iglocska]
+- [internal] Limit size of CSP report. [Jakub Onderka]
+- [doc] changelog replaced with the official one. [Alexandre Dulaunoy]
+- [changelog] replaced with the official one. [Alexandre Dulaunoy]
+- [warninglists] updated to the latest version. [Alexandre Dulaunoy]
+- [menu] added the MISP event JSON population to the populate from...
+  menu. [iglocska]
+- [cli] Use more entropy when generating new encryption key. [Jakub
+  Onderka]
+- [UI] Fix setting placeholder for user setting. [Jakub Onderka]
+- [user_setting] Switch OIDC to internal setting. [Jakub Onderka]
+- [oidc] Move OIDC to different class. [Jakub Onderka]
+- [oidc] Check user org when checking if user is valid. [Jakub Onderka]
+- [oidc] Remove support for Jumbojett\OpenIDConnectClient. [Jakub
+  Onderka]
+- [oidc] Check user role when checking if user is valid. [Jakub Onderka]
+- [internal] Speedup when no events found. [Jakub Onderka]
+- [menu] added the MISP event JSON population to the populate from...
+  menu. [iglocska]
+- [event warnings] load the new behaviour and set the view variable with
+  the contents. [iglocska]
+- [proposal alert] emails now include the event uuid. [iglocska]
+
+  - for easier lookup on your own instance, rather than the remote.
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+- [community-metadata] adding missing communities. [Christophe
+  Vandeplas]
+- [community-metadata] adding missing communities. [Christophe
+  Vandeplas]
+
+Fix
+~~~
+- [internal] Append variable just when not null. [Jakub Onderka]
+- [bgjobs] Try to avoid deadlock. [Jakub Onderka]
+- [bgjobs] First read STDERR, then STDOUT. [Jakub Onderka]
+- [bgjobs] Try to close pipes before proc_close. [Jakub Onderka]
+- [warnignlist] Update cache after warninglist edit. [Jakub Onderka]
+- [security] Do not allow to fetch value of redacted setting. [Jakub
+  Onderka]
+- [JSON field] fixes. [iglocska]
+
+  - do not sanitise data that is to be json encoded
+  - decode json if a simple string is used
+- [sharing group] authorise sharing group if the user's organisation is
+  not contained in the sharing group but is rather the creator
+  organisation. [iglocska]
+- [singleview factory] modelField element now handles empty data fields
+  gracefully. [iglocska]
+- [internal] Event ID translator. [Jakub Onderka]
+- [security] Do not allow to fetch value of redacted setting. [Jakub
+  Onderka]
+- [UI] Event warning - distribution can be string. [Jakub Onderka]
+- [internal] CIDR validation. [Jakub Onderka]
+- [ACL] added events/populate. [iglocska]
+- [UI] Homepage icon link. [Jakub Onderka]
+- [internal] Do not convert to JSON. [Jakub Onderka]
+- [UI] User setting view is not implemented. [Jakub Onderka]
+- [sync] fixed several issues with the sync attribute filters causing
+  issues. [iglocska]
+
+  - if no negative sync filters defined, errors thrown due to check against null
+- [stix2 import] Fixed description fields from STIX objects parsing as
+  comment field for external STIX data. [chrisr3d]
+- [ACL] added events/populate. [iglocska]
+- [forms] larger text input  # Please enter the commit message for your
+  changes. Lines starting. [iglocska]
+- [user:getClientIp] Typo in variable name. [Sami Mokaddem]
+- [stix2 import] Importing description field of STIX objects as comment
+  field in the converted MISP attribute or object. [chrisr3d]
+- [tmpdir] default value change missing. [iglocska]
+
+  - Thanks @Wachizungu for spotting my fail
+- [tmpdir] default reverted to MISP/app/tmp. [iglocska]
+
+  - too many access errors for users with /tmp as the default
+- [tool] update gen_website_communities script. [Christophe Vandeplas]
+- [tool] update gen_website_communities script. [Christophe Vandeplas]
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8178 from JakubOnderka/oidc_log_change. [Jakub
+  Onderka]
+
+  chg: [oidc] Do not log changes for OIDC user setting
+- Merge pull request #8155 from JakubOnderka/bg-jobs-read-timeout.
+  [Jakub Onderka]
+
+  new: [bgjobs] Allow to set Redis read timeout
+- Merge pull request #8165 from JakubOnderka/delete-selected. [Jakub
+  Onderka]
+
+  chg: [internal] Simplify code for deleting multiple attributes
+- Merge pull request #8177 from JakubOnderka/test_custom_warninglist-
+  vol2. [Jakub Onderka]
+
+  chg: [test] Better custom warninglist test
+- Merge pull request #8176 from JakubOnderka/test_custom_warninglist.
+  [Jakub Onderka]
+
+  Test custom warninglist
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Merge pull request #8174 from JakubOnderka/fetch-redacted-setting.
+  [Jakub Onderka]
+
+  fix: [security] Do not allow to fetch value of redacted setting
+- Merge pull request #8173 from JakubOnderka/fix-id-translator. [Jakub
+  Onderka]
+
+  fix: [internal] Event ID translator
+- Merge pull request #8163 from MISP/2.4. [Jakub Onderka]
+
+  Merge 2.4 into develop
+- Merge pull request #8162 from JakubOnderka/csp-report-limit. [Jakub
+  Onderka]
+
+  chg: [internal] Limit size of CSP report
+- Merge pull request #8141 from folbricht-stripe/preserve-session-
+  config. [Andras Iklody]
+
+  Preserve Session.* configuration in serverSettingsSaveValue
+- Preserve Session.* configuration in serverSettingsSaveValue. [Frank
+  Olbricht]
+- Merge pull request #8152 from JakubOnderka/fix-event-warning. [Jakub
+  Onderka]
+
+  fix: [UI] Event warning - distribution can be string
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8153 from JakubOnderka/more-entropy. [Jakub
+  Onderka]
+
+  chg: [cli] Use more entropy when generating new encryption key
+- Merge pull request #8144 from JakubOnderka/oidc-check-validity. [Jakub
+  Onderka]
+
+  new: [oidc] Check user validity
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
+- Merge branch '2.4' of https://github.com/MISP/MISP into develop.
+  [chrisr3d]
+- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4.
+  [chrisr3d]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Alexandre Dulaunoy]
+- Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge pull request #8132 from JakubOnderka/oidc-ccm. [Jakub Onderka]
+
+  new: [oidc] Support for setting code challenge method
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+
 
 v2.4.153 (2022-02-04)
 ---------------------

static/Changelog-PyMISP.txt

@@ -2,6 +2,42 @@ Changelog
 =========
 
 
+%%version%% (unreleased)
+------------------------
+
+New
+~~~
+- [dep] Use pydeep2 instead of pydeep. [Jakub Onderka]
+
+Changes
+~~~~~~~
+- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
+- [FIPS] no clean way to support OpenSSL hashlib interface for FIPS.
+  [Alexandre Dulaunoy]
+- [FIPS] falling back on older version of Python not having
+  usedforsecurity. [Alexandre Dulaunoy]
+- [FIPS] in some cases, the `usedforsecurity` is not used. So fail if
+  the FIPS compliance is required and then the `usedforsecurity` is
+  disabled. [Alexandre Dulaunoy]
+- [feeds] FIPS: when MD5 hashes are generated for fast-lookup it's not
+  for security. [Alexandre Dulaunoy]
+
+  hashlib provides an option to tell if the hash is used for security or
+  not. By default, it's set to True. For the feed cache generation, it's
+  not. Then usedforsecurity=False
+- Bump deps. [Raphaël Vinot]
+- Bump deps, objects. [Raphaël Vinot]
+
+Fix
+~~~
+- [mispevent] cannot type. [Alexandre Dulaunoy]
+- Make mypy happy. [Raphaël Vinot]
+
+Other
+~~~~~
+- Add feed option for local tag exclusion #817. [deku]
+
+
 v2.4.152 (2021-12-22)
 ---------------------
 

static/Changelog-misp-galaxy.txt

@@ -1,6 +1,53 @@
 # Changelog
 
 
+## v2.4.154 (2022-03-02)
+
+### Other
+
+* Merge pull request #683 from Delta-Sierra/main. [Alexandre Dulaunoy]
+
+  add TA2541
+
+* Merge https://github.com/MISP/misp-galaxy into main. [Delta-Sierra]
+
+* Merge pull request #682 from danielplohmann/patch-13. [Alexandre Dulaunoy]
+
+  adding ACTINIUM as MSFT name for Gamaredon
+
+* Another Gamaredon ref and version bump. [Daniel Plohmann]
+
+* Adding ACTINIUM as MSFT name for Gamaredon. [Daniel Plohmann]
+
+* Merge pull request #681 from Delta-Sierra/main. [Alexandre Dulaunoy]
+
+  add DDG botnet and more
+
+* Jq. [Delta-Sierra]
+
+* Add TA2541. [Delta-Sierra]
+
+* Fix duplicate. [Delta-Sierra]
+
+* Merge https://github.com/MISP/misp-galaxy into main. [Delta-Sierra]
+
+* Merge pull request #680 from richardweiss80/antlion. [Alexandre Dulaunoy]
+
+  added antlion APT group
+
+* Added antlion APT group. [rwe]
+
+* Add DDG botnet and more. [Delta-Sierra]
+
+* Merge https://github.com/MISP/misp-galaxy into main. [Delta-Sierra]
+
+* Merge. [Delta-Sierra]
+
+* Add Milan Rat, Shark tool and Lyceum synonyms. [Delta-Sierra]
+
+* Add Lyceum synonyms/sources. [Delta-Sierra]
+
+
 ## v2.4.153 (2022-02-04)
 
 ### New

static/Changelog-misp-modules.txt

@@ -1,6 +1,115 @@
 # Changelog
 
 
+## v2.4.154 (2022-03-02)
+
+### New
+
+* Add mmdb lookup expansion module. [Jeroen Pinoy]
+
+### Changes
+
+* [doc] mmdb documention updated. [Alexandre Dulaunoy]
+
+* [doc] update mmdb_lookup documentation. [Jeroen Pinoy]
+
+* [doc] updated. [Alexandre Dulaunoy]
+
+* [apivoid] Add handling with email verify API. [Jeroen Pinoy]
+
+* [mmdb_lookup] Add handling of ASN details. [Jeroen Pinoy]
+
+* [lib] latest stix2misp.py updated. [Alexandre Dulaunoy]
+
+### Fix
+
+* Allow email-src and email-dst as input for apivoid module. [Jeroen Pinoy]
+
+### Other
+
+* Merge pull request #556 from Wachizungu/chg-add-edit-mmdb-lookup-documentation. [Alexandre Dulaunoy]
+
+  chg:[doc] update mmdb_lookup documentation
+
+* Merge pull request #555 from Wachizungu/fix-add-extra-email-input-types-for-apivoid-module. [Alexandre Dulaunoy]
+
+  fix: Allow email-src and email-dst as input for apivoid module
+
+* Merge pull request #554 from RamboV/main. [Alexandre Dulaunoy]
+
+  IPQualityScore MISP Expansion Module Integration
+
+* Merge branch 'main' into main. [Alexandre Dulaunoy]
+
+* Merge branch 'main' of github.com:MISP/misp-modules into main. [Alexandre Dulaunoy]
+
+* Merge pull request #552 from Wachizungu/add-email-verify-to-apivoid-module. [Alexandre Dulaunoy]
+
+  chg:[apivoid] Add handling with email verify API
+
+* Merge pull request #551 from Wachizungu/add-asn-handling-to-mmdb-lookup. [Alexandre Dulaunoy]
+
+  chg: [mmdb_lookup] Add handling of ASN details.
+
+* Merge pull request #550 from Wachizungu/add-mmdb-lookup-expansion-module. [Alexandre Dulaunoy]
+
+  new: Add mmdb lookup expansion module
+
+* Merge pull request #549 from JakubOnderka/3-7. [Alexandre Dulaunoy]
+
+  Update dependencies, require Python 3.7
+
+* Update dependencies, require Python 3.7. [Jakub Onderka]
+
+* Merge branch 'chisholm-taxii21_import_contrib' into main. [Alexandre Dulaunoy]
+
+* Merge branch 'taxii21_import_contrib' of https://github.com/chisholm/misp-modules into chisholm-taxii21_import_contrib. [Alexandre Dulaunoy]
+
+* Added some library requirements for the taxii21 import module. [Michael Chisholm]
+
+* Add workaround for PyMISP bug regarding conversion of objects to JSON-serializable values. [Michael Chisholm]
+
+* Contribute a TAXII 2.1 import style misp-module. [Michael Chisholm]
+
+* Updated to add the latest modules. [Rambatla Venkat Rao]
+
+* Update __init__.py. [Rambatla Venkat Rao]
+
+* Update __init__.py. [Rambatla Venkat Rao]
+
+* Update ipqs_fraud_and_risk_scoring.py. [Rambatla Venkat Rao]
+
+* Update test_expansions.py. [Rambatla Venkat Rao]
+
+* Update test_expansions.py. [Rambatla Venkat Rao]
+
+* Update test_expansions.py. [Rambatla Venkat Rao]
+
+* Update test_expansions.py. [Rambatla Venkat Rao]
+
+* Update test_expansions.py. [Rambatla Venkat Rao]
+
+* Update ipqs_fraud_and_risk_scoring.py. [Rambatla Venkat Rao]
+
+* Update ipqs_fraud_and_risk_scoring.json. [Rambatla Venkat Rao]
+
+* Added documentation. [Rambatla Venkat Rao]
+
+* Added IPQS logo. [Rambatla Venkat Rao]
+
+* Update ipqs_fraud_and_risk_scoring.py. [Rambatla Venkat Rao]
+
+* Added ipqs_fraud_and_risk_scoring to modules list. [Rambatla Venkat Rao]
+
+* Initial Commit for IPQualityScore Expansion Module. [Rambatla Venkat Rao]
+
+* Delete. [Rambatla Venkat Rao]
+
+* Added ipqualityscore to All list. [Rambatla Venkat Rao]
+
+* Initial Commit for IPQualityScore Expansion Module. [Rambatla Venkat Rao]
+
+
 ## v2.4.153 (2022-02-04)
 
 ### New

static/Changelog-misp-objects.txt

@@ -1,6 +1,42 @@
 # Changelog
 
 
+## v2.4.154 (2022-03-02)
+
+### New
+
+* [error-message] new template to create error-message from MISP processing scripts. [Alexandre Dulaunoy]
+
+* [language-content] New object template language-content based on 7.1 (STIX 2.1) [Alexandre Dulaunoy]
+
+* [infrastructure] infrastructure object added (STIX 2.1 - 4.8) [Alexandre Dulaunoy]
+
+* [software] software template object added based 6.14 (STIX 2.1) [Alexandre Dulaunoy]
+
+* Add apivoid email verification API result object. [Jeroen Pinoy]
+
+### Changes
+
+* [ddos] Updated DDoS object template to include more details and clarification. [Alexandre Dulaunoy]
+
+  - Clarify that the field of pps/bps are peak values;
+  - New fields for total number of packets or bytes;
+  - Type of DDoS added in the object;
+  - How the capture of the DDoS evidences were collected;
+
+* [relationships] fixed `hosted-by` opposite. [Alexandre Dulaunoy]
+
+* [relationships] fix. [Alexandre Dulaunoy]
+
+* [relationships] updated for stix 2.1. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge pull request #345 from Wachizungu/add-apivoid-email-verification-result-object. [Alexandre Dulaunoy]
+
+  new: Add apivoid email verification API result object
+
+
 ## v2.4.153 (2022-02-04)
 
 ### New

static/Changelog-misp-taxonomies.txt

@@ -1,6 +1,74 @@
 # Changelog
 
 
+## v2.4.154 (2022-03-02)
+
+### New
+
+* [tools] add a skip list for large taxonomies or specific topic. [Alexandre Dulaunoy]
+
+  A new option has been added `--disable-skip-list` to disable it if
+  required
+
+* [social-engineering-attack-vectors] new taxonomy describing technical and non-technical social engineering techniques. [Alexandre Dulaunoy]
+
+### Changes
+
+* [script] typo fixed. [Alexandre Dulaunoy]
+
+### Fix
+
+* [machinetag] skip_list supported for the listing of directory. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge pull request #230 from matthijsvp/ransomwareroles. [Alexandre Dulaunoy]
+
+  Ransomwareroles
+
+* Merge branch 'ransomwareroles' of github.com:matthijsvp/misp-taxonomies into ransomwareroles. [matthijsvp]
+
+* Delete accidentally added DS_Store file. [Matthijs van P]
+
+* Fixed MANIFEST.json. [matthijsvp]
+
+* Merge branch 'ransomwareroles' of github.com:matthijsvp/misp-taxonomies into ransomwareroles. [matthijsvp]
+
+* Merge branch 'MISP:main' into ransomwareroles. [Matthijs van P]
+
+* Merge pull request #229 from M2O2/main. [Alexandre Dulaunoy]
+
+  Adding Death Possibilities Taxonomy, jq file launched
+
+* Midification du namespace du JSON pour corrspondre au nom du dossier. [osboxes.org]
+
+* Manifest updatet and jq all things run. [osboxes.org]
+
+* Json corrected. [osboxes.org]
+
+* .jq all runned. [osboxes.org]
+
+* Manifest updated. [osboxes.org]
+
+* Merge pull request #1 from M2O2/M2O2-Pull-Request-Death-Possibilities-Taxonomy. [M2O2]
+
+  Intégration de la taxonomie sur les causes de mort
+
+* Add files via upload. [M2O2]
+
+* Manifest mis. [osboxes.org]
+
+* Fixed reference, validated and jq'ed again. [matthijsvp]
+
+* Validated and jq'ed. [matthijsvp]
+
+* Improved descriptions. [matthijsvp]
+
+* Initial commit of seven ransomware roles. [matthijsvp]
+
+* Initial commit, adding first two roles. [matthijsvp]
+
+
 ## v2.4.153 (2022-02-04)
 
 ### Changes

static/Changelog-misp-warninglists.txt

@@ -1,6 +1,23 @@
 # Changelog
 
 
+## v2.4.154 (2022-03-02)
+
+### Changes
+
+* [warning-lists] updated. [Alexandre Dulaunoy]
+
+* [warning-lists] updated. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge pull request #206 from drewm27/main. [Alexandre Dulaunoy]
+
+  Another sinkhole acquired from abuseat.com
+
+* Another sinkhole acquired from abuseat.com. [Drew Middlesworth]
+
+
 ## v2.4.153 (2022-02-04)
 
 ### Changes

static/Changelog.txt

@@ -2,6 +2,210 @@ Changelog
 =========
 
 
+v2.4.154 (2022-03-02)
+---------------------
+
+New
+~~~
+- [bgjobs] Allow to set Redis read timeout. [Jakub Onderka]
+- [test] Creating custom warninglist. [Jakub Onderka]
+- [sharing group blueprints] [iglocska]
+
+  - create a rule based blueprint that is used to create and update a sharing group
+  - nest sharing groups
+  - filter organisations by metadata fields
+  - nested via boolean operators
+  - CLI exposed
+  - API exposed
+  - Lightweight ownership model (only blueprint owner can see and edit the blueprint)
+- [json field] added to single view factory. [iglocska]
+- [test] Search index by eventid. [Jakub Onderka]
+- [test] CSP report. [Jakub Onderka]
+- [oidc] Check user validity. [Jakub Onderka]
+- [event warnings] include them in the event view. [iglocska]
+- [behaviour] event warning behaviour added. [iglocska]
+
+  - inspects an event in MISP's internal raw format for discrepencies
+  - creates a list of warnings
+- [populate event view] added. [iglocska]
+
+  - paste a JSON with misp data (objects, attributes, galaxies, tags, eventreports) and it will edit the elements into the event
+- [event population] added. [iglocska]
+- [oidc] Support for setting code challenge method. [Jakub Onderka]
+
+Changes
+~~~~~~~
+- [composer] Crypt_GPG updated. [Alexandre Dulaunoy]
+- [VERSION] bump. [iglocska]
+- [oidc] Do not log changes for OIDC user setting. [Jakub Onderka]
+- [internal] Simplify logging when pulling events. [Jakub Onderka]
+- [bgjobs] Add command name to logs. [Jakub Onderka]
+- [internal] Simplify code for deleting multiple attributes. [Jakub
+  Onderka]
+- [test] Better custom warninglist test. [Jakub Onderka]
+- [internal] Use FileAccessTool. [Jakub Onderka]
+- [composer] Crypt_GPG updated. [Alexandre Dulaunoy]
+- [warning-lists] updated. [Alexandre Dulaunoy]
+- [ACL] updated. [iglocska]
+- [internal] Limit size of CSP report. [Jakub Onderka]
+- [doc] changelog replaced with the official one. [Alexandre Dulaunoy]
+- [changelog] replaced with the official one. [Alexandre Dulaunoy]
+- [warninglists] updated to the latest version. [Alexandre Dulaunoy]
+- [menu] added the MISP event JSON population to the populate from...
+  menu. [iglocska]
+- [cli] Use more entropy when generating new encryption key. [Jakub
+  Onderka]
+- [UI] Fix setting placeholder for user setting. [Jakub Onderka]
+- [user_setting] Switch OIDC to internal setting. [Jakub Onderka]
+- [oidc] Move OIDC to different class. [Jakub Onderka]
+- [oidc] Check user org when checking if user is valid. [Jakub Onderka]
+- [oidc] Remove support for Jumbojett\OpenIDConnectClient. [Jakub
+  Onderka]
+- [oidc] Check user role when checking if user is valid. [Jakub Onderka]
+- [internal] Speedup when no events found. [Jakub Onderka]
+- [menu] added the MISP event JSON population to the populate from...
+  menu. [iglocska]
+- [event warnings] load the new behaviour and set the view variable with
+  the contents. [iglocska]
+- [proposal alert] emails now include the event uuid. [iglocska]
+
+  - for easier lookup on your own instance, rather than the remote.
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+- [community-metadata] adding missing communities. [Christophe
+  Vandeplas]
+- [community-metadata] adding missing communities. [Christophe
+  Vandeplas]
+
+Fix
+~~~
+- [internal] Append variable just when not null. [Jakub Onderka]
+- [bgjobs] Try to avoid deadlock. [Jakub Onderka]
+- [bgjobs] First read STDERR, then STDOUT. [Jakub Onderka]
+- [bgjobs] Try to close pipes before proc_close. [Jakub Onderka]
+- [warnignlist] Update cache after warninglist edit. [Jakub Onderka]
+- [security] Do not allow to fetch value of redacted setting. [Jakub
+  Onderka]
+- [JSON field] fixes. [iglocska]
+
+  - do not sanitise data that is to be json encoded
+  - decode json if a simple string is used
+- [sharing group] authorise sharing group if the user's organisation is
+  not contained in the sharing group but is rather the creator
+  organisation. [iglocska]
+- [singleview factory] modelField element now handles empty data fields
+  gracefully. [iglocska]
+- [internal] Event ID translator. [Jakub Onderka]
+- [security] Do not allow to fetch value of redacted setting. [Jakub
+  Onderka]
+- [UI] Event warning - distribution can be string. [Jakub Onderka]
+- [internal] CIDR validation. [Jakub Onderka]
+- [ACL] added events/populate. [iglocska]
+- [UI] Homepage icon link. [Jakub Onderka]
+- [internal] Do not convert to JSON. [Jakub Onderka]
+- [UI] User setting view is not implemented. [Jakub Onderka]
+- [sync] fixed several issues with the sync attribute filters causing
+  issues. [iglocska]
+
+  - if no negative sync filters defined, errors thrown due to check against null
+- [stix2 import] Fixed description fields from STIX objects parsing as
+  comment field for external STIX data. [chrisr3d]
+- [ACL] added events/populate. [iglocska]
+- [forms] larger text input  # Please enter the commit message for your
+  changes. Lines starting. [iglocska]
+- [user:getClientIp] Typo in variable name. [Sami Mokaddem]
+- [stix2 import] Importing description field of STIX objects as comment
+  field in the converted MISP attribute or object. [chrisr3d]
+- [tmpdir] default value change missing. [iglocska]
+
+  - Thanks @Wachizungu for spotting my fail
+- [tmpdir] default reverted to MISP/app/tmp. [iglocska]
+
+  - too many access errors for users with /tmp as the default
+- [tool] update gen_website_communities script. [Christophe Vandeplas]
+- [tool] update gen_website_communities script. [Christophe Vandeplas]
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8178 from JakubOnderka/oidc_log_change. [Jakub
+  Onderka]
+
+  chg: [oidc] Do not log changes for OIDC user setting
+- Merge pull request #8155 from JakubOnderka/bg-jobs-read-timeout.
+  [Jakub Onderka]
+
+  new: [bgjobs] Allow to set Redis read timeout
+- Merge pull request #8165 from JakubOnderka/delete-selected. [Jakub
+  Onderka]
+
+  chg: [internal] Simplify code for deleting multiple attributes
+- Merge pull request #8177 from JakubOnderka/test_custom_warninglist-
+  vol2. [Jakub Onderka]
+
+  chg: [test] Better custom warninglist test
+- Merge pull request #8176 from JakubOnderka/test_custom_warninglist.
+  [Jakub Onderka]
+
+  Test custom warninglist
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Merge pull request #8174 from JakubOnderka/fetch-redacted-setting.
+  [Jakub Onderka]
+
+  fix: [security] Do not allow to fetch value of redacted setting
+- Merge pull request #8173 from JakubOnderka/fix-id-translator. [Jakub
+  Onderka]
+
+  fix: [internal] Event ID translator
+- Merge pull request #8163 from MISP/2.4. [Jakub Onderka]
+
+  Merge 2.4 into develop
+- Merge pull request #8162 from JakubOnderka/csp-report-limit. [Jakub
+  Onderka]
+
+  chg: [internal] Limit size of CSP report
+- Merge pull request #8141 from folbricht-stripe/preserve-session-
+  config. [Andras Iklody]
+
+  Preserve Session.* configuration in serverSettingsSaveValue
+- Preserve Session.* configuration in serverSettingsSaveValue. [Frank
+  Olbricht]
+- Merge pull request #8152 from JakubOnderka/fix-event-warning. [Jakub
+  Onderka]
+
+  fix: [UI] Event warning - distribution can be string
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8153 from JakubOnderka/more-entropy. [Jakub
+  Onderka]
+
+  chg: [cli] Use more entropy when generating new encryption key
+- Merge pull request #8144 from JakubOnderka/oidc-check-validity. [Jakub
+  Onderka]
+
+  new: [oidc] Check user validity
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
+- Merge branch '2.4' of https://github.com/MISP/MISP into develop.
+  [chrisr3d]
+- Merge branch '2.4' of https://github.com/MISP/MISP into 2.4.
+  [chrisr3d]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Alexandre Dulaunoy]
+- Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge pull request #8132 from JakubOnderka/oidc-ccm. [Jakub Onderka]
+
+  new: [oidc] Support for setting code challenge method
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+
+
 v2.4.153 (2022-02-04)
 ---------------------