diff --git a/static/Changelog-PyMISP.txt b/static/Changelog-PyMISP.txt index b97936c..5e4ac01 100644 --- a/static/Changelog-PyMISP.txt +++ b/static/Changelog-PyMISP.txt @@ -2,11 +2,42 @@ Changelog ========= -%%version%% (unreleased) ------------------------- +v2.4.188 (2024-03-22) +--------------------- + +New +~~~ +- Support X-MISP-AUTH Header. [Raphaël Vinot] + + Also, improve HTTP headers init + + Fix #1179 Changes ~~~~~~~ +- Bump changelog. [Raphaël Vinot] +- Bump changelog. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] +- Bump changelog. [Raphaël Vinot] +- Bump version, templates. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] + +Fix +~~~ +- Strip API key before setting it. [Raphaël Vinot] +- Python 3.8 support & typing. [Raphaël Vinot] +- Typing for Python < 3.10. [Raphaël Vinot] +- Avoid issue when payload ist a list. [Raphaël Vinot] + + +v2.4.187 (2024-03-07) +--------------------- + +Changes +~~~~~~~ +- Bump changelog. [Raphaël Vinot] +- Bump templates, version. [Raphaël Vinot] +- Bump deps. [Raphaël Vinot] - Bump extract-msg. [Raphaël Vinot] diff --git a/static/Changelog-misp-galaxy.txt b/static/Changelog-misp-galaxy.txt index 483f6ad..2b18e59 100644 --- a/static/Changelog-misp-galaxy.txt +++ b/static/Changelog-misp-galaxy.txt @@ -5,6 +5,245 @@ ### Other +* Merge pull request #952 from Delta-Sierra/main. [Alexandre Dulaunoy] + + add Germany as target for several Threat actors + +* Merge. [Delta-Sierra] + +* Merge pull request #951 from Mathieu4141/threat-actors/13974650-c2bd-47da-ac93-48b80420210b. [Alexandre Dulaunoy] + + [threat actors] 3 new actors, 1 added aliases + +* [threat-actors] Add Earth Krahang. [Mathieu4141] + +* [threat-actors] Add MuddyWater aliases. [Mathieu4141] + +* [threat-actors] Add Earth Kapre. [Mathieu4141] + +* [threat-actors] Add UNC5325. [Mathieu4141] + +* Add Germany as target for several Threat actors. [Delta-Sierra] + + +## v2.4.188 (2024-03-20) + +### New + +* [tmss] Add Threat Matrix for Storage Services fixes #947. [Christophe Vandeplas] + + new: [tmss] Add Threat Matrix for Storage Services fixes #947 + +* [tmss] Add Threat Matrix for Storage Services fixes #947. [Christophe Vandeplas] + +* [tools] generator for Threat Matrix for Storage Services #947. [Christophe Vandeplas] + +### Changes + +* [doc] Index of clusters updated. [Alexandre Dulaunoy] + +* [atrm] changed namespace to microsoft. [Christophe Vandeplas] + +* [tools] rename gen_atrm.py to gen_ms_atrms.py. [Christophe Vandeplas] + +* [disarm] New Version 1.4 of Red Framework. [Christophe Vandeplas] + +* [doc] README updated with the recent changes. [Alexandre Dulaunoy] + +* [tools] add requirements file for IntelAgencies. [Alexandre Dulaunoy] + +* [intel] use UUIDv5 for clusters. [niclas] + +### Fix + +* [tmss] remove duplicate author entry. [Christophe Vandeplas] + +* [tools] add external_id to TMSS. [Christophe Vandeplas] + +* [threat-actor] fix #942. [Alexandre Dulaunoy] + + `Hyppo Team` was present in two clusters. We just kept the alias + for `Turla`. + +### Other + +* Merge branch 'main' of https://github.com/MISP/misp-galaxy. [Christophe Vandeplas] + +* Merge pull request #949 from cvandeplas/main. [Christophe Vandeplas] + + chg: [disarm] New Version 1.4 of Red Framework + +* Merge pull request #948 from NMD03/main. [Alexandre Dulaunoy] + + Add buttons for editing and hiding TOC + Nav + +* Add [index] navigation buttons. [niclas] + +* Add [graph + table] scaling based on window. [niclas] + +* Add [toc] optional hiding. [niclas] + +* Add [website] edit button. [niclas] + +* Merge pull request #946 from NMD03/intel. [Alexandre Dulaunoy] + + Inteligence Agencies + +* Chg [intel] mistakes on wikipedia got fixed. [niclas] + +* Fix [cluster] duplicates. [niclas] + +* Update. [niclas] + +* Add [cluster] authors. [niclas] + +* Fix [synonyms] [niclas] + +* Add [cluster] country code. [niclas] + +* Add [synonyms] and fixed indivdual mistakes. [niclas] + +* Add [agencies] refs. [niclas] + +* Add [intel-agencies] build script. [niclas] + +* Merge pull request #945 from danielplohmann/patch-38. [Alexandre Dulaunoy] + + adding aliases from UA's H1'2023 report + +* Adding aliases from UA's H1'2023 report. [Daniel Plohmann] + + +## v2.4.187 (2024-03-07) + +### Other + +* Merge pull request #944 from Delta-Sierra/main. [Alexandre Dulaunoy] + + update producers + +* Merge https://github.com/MISP/misp-galaxy. [Delta-Sierra] + +* Update producers. [Delta-Sierra] + +* Merge pull request #943 from NMD03/main. [Alexandre Dulaunoy] + + Fix [relations] add uuid to header to get unique parent node + +* Fix [relations] add uuid to header to get unique parent node. [niclas] + +* Merge pull request #941 from NMD03/main. [Alexandre Dulaunoy] + + Add [galaxies] Tidal Cyber + +* Fix [galaxies] typo. [niclas] + +* Fix [config] uuids. [niclas] + +* Fix [config] typo. [niclas] + +* Fix [tidal] check for existing sub clusters. [niclas] + +* Fix [duplicates] list. [niclas] + +* Add [techniques] codeblock for duplicates. [niclas] + +* Chg [tidal] add associated to name. [niclas] + +* Chg [groups] change name for Volt Typhoon duplicate. [niclas] + +* Fix [references] no empty refs. [niclas] + +* Fix [software] type as array. [niclas] + +* Fix [galaxies] add version. [niclas] + +* Fix [graph] typo. [niclas] + +* Fix [clusters] authors. [niclas] + +* Fix [tidal] exclude empty meta fields. [niclas] + +* Add [galaxies] Cyber Tidal. [niclas] + +* Add [tidal] sub option. [niclas] + +* Add [graph] cluster description. [niclas] + +* Merge pull request #6 from NMD03/visual. [Niclas Dauster] + + Visual + +* Add [graph] pre filtering for large data. [niclas] + +* Add [graph] opacity adjustment. [niclas] + +* Add [graph] galaxy visualisation while hovering. [niclas] + +* Add [graph] node enlargement while hovering. [niclas] + +* Fix [graph] replace . from galaxy class names. [niclas] + +* Add [graph] legend. [niclas] + +* Chg [tool] code formatting. [niclas] + +* Merge pull request #5 from NMD03/refactor. [Niclas Dauster] + + Refactor + +* Add [tool] multithreading. [niclas] + +* Add [tool] statistics. [niclas] + +* Fix [tool] file creation. [niclas] + +* Update. [niclas] + +* Merge pull request #4 from NMD03/icon. [Niclas Dauster] + + Add [tidal] icons + +* Add [tidal] icons. [niclas] + +* Merge pull request #3 from NMD03/parallel. [Niclas Dauster] + + Galaxy filtering + +* Fix [graph] parent node bug. [niclas] + +* Add [graph] galaxy filtering. [niclas] + +* Ref [cluster] remove duplicates. [niclas] + +* Refactor [generator] [niclas] + +* Merge branch 'MISP:main' into main. [Niclas Dauster] + +* Merge pull request #2 from NMD03/tidal. [Niclas Dauster] + + Tidal + +* Add [tidal] relations for associated objects. [niclas] + +* Add [tidal] relation enrichment with mitre. [niclas] + +* Add [technique] subtechnique. [niclas] + +* Refactor [tool] code. [niclas] + +* Add [config] optional "private" relations. [niclas] + +* Fix [config] metadata mapping. [niclas] + +* Chg [config] external config file. [niclas] + +* Refactor [creation] script. [niclas] + +* Chg [tidal] only generate set metadata. [niclas] + +* Add [tidal] scipts to create new galaxies. [niclas] + * Merge pull request #940 from Mathieu4141/threat-actors/1f1d97d1-e00f-4dea-a6b7-00e0118ca5e0. [Alexandre Dulaunoy] [threat actors] add 5 new actors diff --git a/static/Changelog-misp-modules.txt b/static/Changelog-misp-modules.txt index dc56c6c..840b9a3 100644 --- a/static/Changelog-misp-modules.txt +++ b/static/Changelog-misp-modules.txt @@ -1,6 +1,34 @@ # Changelog +## v2.4.188 (2024-03-20) + +### Changes + +* [history] save from session to db. [David Cruciani] + +* [config] queries limit. [David Cruciani] + +* [query] query with same parameters. [David Cruciani] + +* [history_session] save new query in tree. [David Cruciani] + + +## v2.4.187 (2024-03-07) + +### Changes + +* [conf] generate password if empty. [David Cruciani] + +* [website] admin user. [David Cruciani] + +### Fix + +* [website] default admin password. [David Cruciani] + +* [website] readme images. [David Cruciani] + + ## v2.4.186 (2024-02-27) ### Changes diff --git a/static/Changelog-misp-objects.txt b/static/Changelog-misp-objects.txt index 4024e31..6d72229 100644 --- a/static/Changelog-misp-objects.txt +++ b/static/Changelog-misp-objects.txt @@ -1,6 +1,68 @@ # Changelog +## v2.4.188 (2024-03-20) + +### Changes + +* [command-line] added sane_default. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #421 from sebdraven/main. [Alexandre Dulaunoy] + + Add software impacted by exploit + +* Add software impacted by exploit. [Sebastien Larinier] + +* Merge branch 'sebdraven-main' [Alexandre Dulaunoy] + +* Merge branch 'main' of https://github.com/sebdraven/misp-objects into sebdraven-main. [Alexandre Dulaunoy] + +* Fix typo of description. [Sebastien Larinier] + +* Add software for cmd line and change type. [Sebastien Larinier] + +* Merge pull request #420 from goodlandsecurity/stairwell. [Alexandre Dulaunoy] + + adding stairwell object + +* Fixed parse error. [goodlandsecurity] + +* Forgot multiple flag on two attributes. [goodlandsecurity] + +* Adding stairwell object. [goodlandsecurity] + + +## v2.4.187 (2024-03-07) + +### Changes + +* [person/organization] `impersonated` added to the role of person and organization templates. [Alexandre Dulaunoy] + + Thanks to NRC Cyber Security for the idea. + +### Fix + +* [cs-beacon-config] Partial info from CS beacon are possible. [Alexandre Dulaunoy] + + Fix #417 - Thanks to @sebdraven + +### Other + +* Merge pull request #419 from sebdraven/crowdsec. [Alexandre Dulaunoy] + + change type of ans name + +* Change type of ans name. [Sebastien Larinier] + +* Merge pull request #416 from arvchristos/intelmq_disable_correlation. [Alexandre Dulaunoy] + + Disable correlation for IntelMQ time fields + +* Disable correlation for IntelMQ time fields. [Christos Arvanitis] + + ## v2.4.185 (2024-02-16) ### Fix diff --git a/static/Changelog-misp-taxonomies.txt b/static/Changelog-misp-taxonomies.txt index c6d22ab..48ded7b 100644 --- a/static/Changelog-misp-taxonomies.txt +++ b/static/Changelog-misp-taxonomies.txt @@ -5,6 +5,39 @@ ### Changes +* [malware_classification] add `Stalkerware` from #275. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #277 from cudeso/main. [Alexandre Dulaunoy] + + Add review-relevance and review-completeness to workflow taxonomy + +* Add review-relevance and review-completeness to workflow taxonomy. [Koen Van Impe] + +* Merge branch 'main' [Alexandre Dulaunoy] + +* Merge pull request #275 from vxsh4d0w/patch-5. [Alexandre Dulaunoy] + + Update machinetag.json + +* Update machinetag.json. [V] + + Added Stalkerware, ad defined by Kaspersky "commercially available software that can be discreetly installed on smartphone devices, enabling a perpetrator to monitor an individual’s private life without their knowledge" + +* Merge pull request #266 from vxsh4d0w/master. [Alexandre Dulaunoy] + + Update Cryptocurrency Threat Taxonomy + +* Update machinetag.json. [V] + +* Update machinetag.json. [V] + + +## v2.4.187 (2024-03-07) + +### Changes + * [MANIFEST] updated. [Alexandre Dulaunoy] * [tools] clean-up python script to generate the asciidoctor files. [Alexandre Dulaunoy] diff --git a/static/Changelog-misp-warninglists.txt b/static/Changelog-misp-warninglists.txt index 0785bef..cc7eeeb 100644 --- a/static/Changelog-misp-warninglists.txt +++ b/static/Changelog-misp-warninglists.txt @@ -1,7 +1,52 @@ # Changelog -## %%version%% (unreleased) +## v2.4.188 (2024-03-20) + +### Changes + +* [warning-lists] updated. [Alexandre Dulaunoy] + +* [link-in-bio] renamed. [Alexandre Dulaunoy] + +* [link-in-bio] lower-case the name and update the description. [Alexandre Dulaunoy] + +### Other + +* Merge branch 'karenyousefi-main' into main. [Alexandre Dulaunoy] + +* Update README.md. [Karen Yousefi] + + add List of known Link in Bio domains + +* Create List of known Link in Bio domains. [Karen Yousefi] + + List of known Link in Bio domains + +* Merge pull request #267 from karenyousefi/main. [Alexandre Dulaunoy] + + V12 url shortener + +* V12. [Karen Yousefi] + + update to V12 + +* Merge pull request #266 from karenyousefi/main. [Alexandre Dulaunoy] + + Update url shortener list + +* Merge pull request #1 from karenyousefi/karenyousefi-patch-1. [Karen Yousefi] + + Update url shortener list + +* Update list url shortener. [Karen Yousefi] + + add new url shortener + + update to V11 + + +## v2.4.187 (2024-03-07) ### Other diff --git a/static/Changelog.txt b/static/Changelog.txt index df41213..3b6ef25 100755 --- a/static/Changelog.txt +++ b/static/Changelog.txt @@ -2,6 +2,259 @@ Changelog ========= +v2.4.188 (2024-03-22) +--------------------- + +New +~~~ +- [datasource] improvements. [iglocska] + + - Some datasources updated with the ignoreIndexHint parameter + - mysqlExtended + - mysqlObserverExtended + + - Also fixed forceIndexHint +- [settings] added setting to (temporarily) disable the loading of + sightings via the API. [iglocska] + + - affected endpoints: restsearch and /events/view + - temporarily skips the loading of sightings + + - helps alleviate absolutely massive sighting data sets from killing server performance + - temporary measure, doesn't prevent the creation of sightings / viewing of sightings via the UI + +Changes +~~~~~~~ +- [PyMISP] Bump, again. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] +- [version] bump. [iglocska] +- [CI] Mark BadRequestException as fail log. [Jakub Onderka] +- [internal] Better error handling. [Jakub Onderka] +- [tests] trying to fix the failing test. [iglocska] +- [PyMISP] Bump. [Raphaël Vinot] +- [misp-galaxy] updated. [Alexandre Dulaunoy] +- [misp-object] updated. [Alexandre Dulaunoy] +- [warning-lists] updated. [Alexandre Dulaunoy] +- [version] bump. [iglocska] +- [attribute search] rework. [iglocska] + + - Massive performance improvement when using MysqlExtended or MysqlObserverExtended data sources + - event level lookup moved to subqueries, allowing for simpler, much faster indexed queries + - Ignoring the deleted index as it slows things down +- [openapi:analyst_data] Added content for analyst-data. [Sami Mokaddem] +- [openapi:event_report] Added content for event-reports. [Sami + Mokaddem] +- [misp-galaxy] updated. [Alexandre Dulaunoy] +- [sightings:getLastSighting] Added support of sighting policy. [Sami + Mokaddem] + + Fix #8660 +- [internal] Add title to alert template. [Jakub Onderka] +- [attribute:restSearch] Improved performance of `includeDecayScore` by + a factor of 5. [Sami Mokaddem] +- [attribute fetch] slightly refactored. [iglocska] + + - simplify conditions + - don't load acl conditions twice + +Fix +~~~ +- [attribute search] enforce unpublishedprivate directive. [iglocska] +- [internal] Error handling for error message in AttachmentScan. [Jakub + Onderka] +- [curlclient] HEAD failing. [iglocska] + + - added CURLOPT_NOBODY for HEAD requests, as described in https://www.php.net/manual/en/function.curl-setopt.php +- [CLI] Fix redisReady for dragonfly. [Jakub Onderka] +- [ECS] Change type from Exception to Throwable. [Jakub Onderka] +- [OIDC] Default organisation handling if not provided by OIDC. [Jakub + Onderka] +- [publish] don't pop the list of failed servers before generating the + error array. [iglocska] +- [sync] if push rules don't have the type_attributes set, don't throw + an error. [iglocska] +- [attempt] fix for the etag test. [iglocska] +- [performance] load analyst data in bulk. [iglocska] + + speeds up event loading dramatically +- [performance] load analyst data in bulk. [iglocska] + + speeds up event loading dramatically +- [UI] Add missing `MISP.email_reply_to` to server config. [Jakub + Onderka] + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Chg, fix: [misp-stix] Bumped latest version. [Christian Studer] + + - Fixing an issue where the custom Galaxy Clusters + generated with the conversion from STIX 2.x were + not correctly built to generate the Galaxy + elements after the validation of the content +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge pull request #9631 from JakubOnderka/attachment-scan-error. + [Jakub Onderka] + + fix: [internal] Error handling for error message in AttachmentScan +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge pull request #9630 from JakubOnderka/oidc-default-org-handling. + [Jakub Onderka] + + fix: [OIDC] Default organisation handling if not provided by OIDC +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'pr-9589' into develop. [Sami Mokaddem] +- Merge remote-tracking branch 'origin/develop' into pr-9589. [Sami + Mokaddem] +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9615 from vincenzocaputo/fix-accept-delegation- + attachments. [Alexandre Dulaunoy] + + fix: Attachments deletion when accepting a delegation request +- Add include attachments option when fetching event in + EventDelegation.php. [Vincenzo Caputo] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9616 from cudeso/2.4. [Alexandre Dulaunoy] + + Add ICS-CSIRT.io community +- Add ICS-CSIRT.io community. [Koen Van Impe] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge pull request #9613 from JakubOnderka/alert-email-title. [Jakub + Onderka] + + chg: [internal] Add title to alert template +- Fix key error on shadow attribute's id. [Vincenzo Caputo] +- Change trigger's icon. [Vincenzo Caputo] +- Change scope to 'shadow-attribute' [Vincenzo Caputo] +- Remove newline in overhead message. [Vincenzo Caputo] +- Add overhead message. [Vincenzo Caputo] +- Add call to trigger before saving shadow attribute. [Vincenzo Caputo] +- Add shadow attribute before save trigger. [Vincenzo Caputo] + + +v2.4.187 (2024-03-07) +--------------------- + +New +~~~ +- [cli] added org list to the shell commands. [iglocska] + + - and some fixes to the roles +- [CLI] New command to change user role. [Jakub Onderka] +- [oidc] New option OidcAuth.update_user_role to disable role changes + from OIDC. [Jakub Onderka] + +Changes +~~~~~~~ +- [Version] bump. [iglocska] +- [PyMISP] Update. [Raphaël Vinot] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [misp-warninglists] updated to the latest version. [Alexandre + Dulaunoy] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [taxonomies] 2.4.187. [Alexandre Dulaunoy] +- [internal] Add ext-zstd to suggested PHP extension. [Jakub Onderka] +- [analyst-data:add] Fixed non-focusable relationship dropdown search + field. [Sami Mokaddem] + +Fix +~~~ +- [events:restsearch] Correctly unset variable by reference after + looping. [Sami Mokaddem] + + - This avoid attributes being overridden others when using `includeAnalystData` parameter +- [CLI] added some new functionalities. [iglocska] + + - list roles + - create user +- [sync] pulls should continue after an event save failure. [iglocska] + + - fixes #9558 +- [database update] fix. [Andras Iklody] + + - for older mysql versions +- [db update] added IF NOT EXISTS clauses to create table calls. + [iglocska] +- [API consistency] [iglocska] + + - represent the local field for tags as a boolean rather than an int +- [pull] Fix pulling from remote server when analyst data is not + supported. [Jakub Onderka] +- [logging] fixed using removeTagFromObject() [iglocska] + + - no longer creates erroneous log entries when unpublishing the event +- [security] properly check for valid logo upload. [iglocska] + + - as kindly reported by Rémi Matasse and Raphael Lob from Synacktiv (https://www.synacktiv.com) +- [security] properly check for valid file upload. [iglocska] + + - as kindly reported by Rémi Matasse and Raphael Lob from Synacktiv (https://www.synacktiv.com) +- [oidc] Setting checking if variable is false. [Jakub Onderka] +- [Galaxies:toggle] Display correct message when disabling a galaxy. + [Sami Mokaddem] + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge branch '2.4' into develop. [iglocska] +- Merge pull request #9602 from karenyousefi/2.4. [Andras Iklody] + + Update Event.php +- Update Event.php. [Karen Yousefi] + + fix error Undefined offset: 0 in [/var/www/MISP/app/Model/Event.php, line 3682] +- Update AppModel.php. [Andras Iklody] + + fix: [analyst data] update script + + - remove default current_timestamp() on older versions of v121 of the db updates + - avoids chicken and egg problem on ancient mysql versions +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge pull request #9605 from JakubOnderka/fix-pull-analyst. [Jakub + Onderka] + + fix: [pull] Fix pulling from remote server when analyst data is not s… +- Merge pull request #9606 from JakubOnderka/cli-role-change. [Jakub + Onderka] + + new: [CLI] New command to change user role +- Merge pull request #9607 from JakubOnderka/oidc-fix-update-role. + [Jakub Onderka] + + fix: [oidc] Setting checking if variable is false +- Merge pull request #9604 from JakubOnderka/ext-zstd-suggested. [Jakub + Onderka] + + chg: [internal] Add ext-zstd to suggested PHP extension +- Merget branch 'develop' of github.com:MISP/MISP into develop. [Sami + Mokaddem] +- Merge pull request #9600 from JakubOnderka/oidc-update-user-role. + [Jakub Onderka] + + new: [oidc] New option OidcAuth.update_user_role to disable role chan… + + v2.4.186 (2024-02-29) ---------------------