chg: [changelog] updated for release v2.4.167

static/Changelog-misp-galaxy.txt

@@ -1,6 +1,31 @@
 # Changelog
 
 
+## v2.4.167 (2022-12-22)
+
+### Other
+
+* Merge pull request #804 from Delta-Sierra/main. [Alexandre Dulaunoy]
+
+  add Malteiro, TAG-53
+
+* Add Malteiro. [Delta-Sierra]
+
+* Add TAG-53. [Delta-Sierra]
+
+* Merge pull request #801 from Delta-Sierra/main. [Alexandre Dulaunoy]
+
+  Update Ransomwares & others small updates
+
+* Version Update. [Delta-Sierra]
+
+* Merge https://github.com/MISP/misp-galaxy. [Delta-Sierra]
+
+* Fix Duplicate. [Delta-Sierra]
+
+* Update several RAT & Ransomwares. [Delta-Sierra]
+
+
 ## v2.4.166 (2022-11-28)
 
 ### Changes

static/Changelog-misp-objects.txt

@@ -1,6 +1,66 @@
 # Changelog
 
 
+## %%version%% (unreleased)
+
+### Fix
+
+* [language] Turning french fries into freedom fries. [Andras Iklody]
+
+
+## v2.4.167 (2022-12-22)
+
+### Changes
+
+* [doc] list updated. [Alexandre Dulaunoy]
+
+* [groups->thaicert-group-cards] to make it more logical. [Alexandre Dulaunoy]
+
+* [doc] list of object updated. [Alexandre Dulaunoy]
+
+* [github workflow] removed older version of Python. [Alexandre Dulaunoy]
+
+* [jq_all_the_things] display if an UUID is invalid. [Alexandre Dulaunoy]
+
+### Fix
+
+* [jq] all. [Alexandre Dulaunoy]
+
+* [thaicert-group-cards] name is singular has a single value which can be multiple. [Alexandre Dulaunoy]
+
+* [objects] jq all the things. [Alexandre Dulaunoy]
+
+* [github workflow] version are not float but str. [Alexandre Dulaunoy]
+
+* [jq] JSON fixed. [Alexandre Dulaunoy]
+
+* [mactim-timeline-analysis] invalid UUID fixed. [Alexandre Dulaunoy]
+
+* [fail2ban] incorrect UUID fixed. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge branch 'th3r3d-main' into main. [Alexandre Dulaunoy]
+
+* Create definition. [th3r3d]
+
+  Faked persnona template inspired by MITRE
+
+* Create definition in groups. [th3r3d]
+
+  Inspired by threat actor group cards
+
+* Created definition for ADS. [th3r3d]
+
+  For ADS framework - create
+
+* Merge pull request #374 from lgtm-migrator/codeql. [Alexandre Dulaunoy]
+
+  Add CodeQL workflow for GitHub code scanning
+
+* Add CodeQL workflow for GitHub code scanning. [LGTM Migrator]
+
+
 ## v2.4.166 (2022-11-28)
 
 ### Fix

static/Changelog-misp-taxonomies.txt

@@ -1,6 +1,21 @@
 # Changelog
 
 
+## v2.4.167 (2022-12-22)
+
+### New
+
+* [aviation] new proposal taxonomy for the aviation sector. [Alexandre Dulaunoy]
+
+### Changes
+
+* Bump python version in tests. [Raphaël Vinot]
+
+### Fix
+
+* Reorder entries to make tests happy. [Raphaël Vinot]
+
+
 ## v2.4.166 (2022-11-28)
 
 ### Other

static/Changelog-misp-warninglists.txt

@@ -1,6 +1,45 @@
 # Changelog
 
 
+## v2.4.167 (2022-12-22)
+
+### Changes
+
+* [warning-lists] updated. [Alexandre Dulaunoy]
+
+* [global] MISP warning-list updated. [Alexandre Dulaunoy]
+
+* [doc] updated. [Alexandre Dulaunoy]
+
+### Fix
+
+* [github workflow] fix Python version. [Alexandre Dulaunoy]
+
+* [microsoft-azure-appid] Remove azure-application-id from schema. [Jakub Onderka]
+
+* [microsoft-azure-appid] Correct type. [Jakub Onderka]
+
+* [tools] typo fixed. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge pull request #236 from lgtm-migrator/codeql. [Alexandre Dulaunoy]
+
+  Add CodeQL workflow for GitHub code scanning
+
+* Add CodeQL workflow for GitHub code scanning. [LGTM Migrator]
+
+* Merge pull request #241 from JakubOnderka/patch-1. [Alexandre Dulaunoy]
+
+  fix: [microsoft-azure-appid] Correct type
+
+* Merge branch 'ekamioka-main' into main. [Alexandre Dulaunoy]
+
+* Hopla :) [ekamioka]
+
+* Initial suggestion of public IPFS gateways - thanks to https://ipfs.github.io/public-gateway-checker/ [ekamioka]
+
+
 ## v2.4.166 (2022-11-28)
 
 ### New

static/Changelog.txt

@@ -2,6 +2,296 @@ Changelog
 =========
 
 
+v2.4.167 (2022-12-22)
+---------------------
+
+New
+~~~
+- [UI] Show similar objects when creating object from freetext. [Jakub
+  Onderka]
+- [UI] Allow to create object from freetext. [Jakub Onderka]
+- [UI] Preparation for creating object from freetext. [Jakub Onderka]
+- [event-timeline] Added Timestamp distribution chart when the timeline
+  cannot show all items. [Sami Mokaddem]
+- [UI] Add ability to disable discussion. [Jakub Onderka]
+- [log] Access log retention command. [Jakub Onderka]
+- [log] Add ability to log sql queries for access log. [Jakub Onderka]
+- Show highlighted tags in event index. [Luciano Righetti]
+- Add support for highligting certains taxonomies in event view.
+  [Luciano Righetti]
+- Show highlighted tags in event index. [Luciano Righetti]
+- [session killswitch] added endpoint to kill existing sessions for a
+  user. [iglocska]
+
+  - required for integration in MeliCERTes II
+
+Changes
+~~~~~~~
+- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [warning-lists] updated to the latest version. [Alexandre Dulaunoy]
+- [taxonomies] updated to the latest version. [Alexandre Dulaunoy]
+- [version] bump. [iglocska]
+- [runaway function] split into easier to comprehend ones. [iglocska]
+- [PyMISP] Re-bump. [Raphaël Vinot]
+- [cleanup] indexfilter unused leftover functionality reworked.
+  [iglocska]
+- [internal] Add blackhole exception logging. [Jakub Onderka]
+- [UI] Add titles for attribute actions. [Jakub Onderka]
+- [UI] Show exception message to user when importing MISP file. [Jakub
+  Onderka]
+- [import] Do not put same comment to all attribute in object. [Jakub
+  Onderka]
+- [internal] Simplify importChoice. [Jakub Onderka]
+- [internal] Move finding object similarities from controller to model.
+  [Jakub Onderka]
+- [internal] Simplify
+  ObjectTemplate::checkTemplateConformityBasedOnTypes method. [Jakub
+  Onderka]
+- [UI] Cleanup for resolved_attributes template. [Jakub Onderka]
+- [internal] Add object code cleanup. [Jakub Onderka]
+- [UI] Nicer user edit for notifications. [Jakub Onderka]
+- [mail] Allow to unsubscribe from notification emails. [Jakub Onderka]
+- [UI] Nicer user view for notifications. [Jakub Onderka]
+- [internal] Keep connection to OIDC when sending emails. [Jakub
+  Onderka]
+- [UI] Simplify global administration menu. [Jakub Onderka]
+- [UI] Rename Tag event to Attach cluster to event for in attack matrix
+  view. [Jakub Onderka]
+- [internal] Remove unused to_ids from
+  AttributesController::fetchViewValue. [Jakub Onderka]
+- [internal] PivotHelper code cleanup. [Jakub Onderka]
+- [UI] Show SightingDB field just when SightingDB is enabled. [Jakub
+  Onderka]
+- [UI] Small fixes. [Jakub Onderka]
+- [UI] Remove dashboard from side menu. [Jakub Onderka]
+- [ACL] Warninglist::checkValue is available for all. [Jakub Onderka]
+- [UI] Add warning when downloading malware-sample. [Jakub Onderka]
+- [UI] Import module cleanup. [Jakub Onderka]
+- [UI] Put sparkline data into HTML. [Jakub Onderka]
+- [UI] Change event alert field. [Jakub Onderka]
+- [UI] Nicer attribute search form. [Jakub Onderka]
+- [UI] For quick edit offer just valid types. [Jakub Onderka]
+- [UI] Move Add object button close to Add attribute button. [Jakub
+  Onderka]
+- [UI] Hide org column if not required. [Jakub Onderka]
+- [UI] Simplify Sync Actions global menu. [Jakub Onderka]
+- [UI] Add extra class to dropdown just when necessary. [Jakub Onderka]
+- [UI] Replace 'Populate using a template' button with 'Add object'
+  button. [Jakub Onderka]
+- [UI] Hide popover when pressing ESC on closed chosen. [Jakub Onderka]
+- [UI] Use chosen when adding object. [Jakub Onderka]
+- [internal] Fetch just necessary fields for fetching taxonomy tags.
+  [Jakub Onderka]
+- [UI] Add description to batch import. [Jakub Onderka]
+- [UI] Use same logic for sharing group change also for feeds. [Jakub
+  Onderka]
+- [PyMISP] Bump version. [Raphaël Vinot]
+- [graph.js] Updated to version 4.1.1. [Sami Mokaddem]
+- [taxonomy:checkIfNewTagAllowed] Add the `tlp` edge-case when adding
+  new tags. [Sami Mokaddem]
+
+  - Now, after removing all mirrors, I can go about my day without constantly being reminded of my existence.
+- [roles] set default role to User if none is set. [Christophe
+  Vandeplas]
+- [internal] Better error message for FileAccessTool::writeToFile.
+  [Jakub Onderka]
+- [internal] Move rest response SQL output. [Jakub Onderka]
+- [test] Show application logs. [Jakub Onderka]
+- Show short tags for highlighted tags. [Luciano Righetti]
+- [redistool] allow for using sockets. [iglocska]
+- [logs] user can see own logs. [Christophe Vandeplas]
+
+Fix
+~~~
+- [security] XSS in the template file uploads. [iglocska]
+
+  - as reported by Dawid Czarnecki from Zigrin Security
+- [index actions] urlencode the parameter values, otherwise certain
+  functionalities passing for example tag names around won't work.
+  [iglocska]
+
+  - fixes #8820
+- [UI] Fix user sorting. [Jakub Onderka]
+- [UI] Prevent default action when showing sightings. [Jakub Onderka]
+- [UI] Do not show model ID in audit log if it is zero. [Jakub Onderka]
+- [UI] Undefined shortDist array. [Jakub Onderka]
+- [UI] Warnings when user don't have permission to see sharing group
+  orgs. [Jakub Onderka]
+- [UI] Galaxy cluster distribution levels. [Jakub Onderka]
+- [UI] View action should be last. [Jakub Onderka]
+- [UI] Galaxy cluster UI cleanup. [Jakub Onderka]
+- [UI] Use correct menu for categories_and_types page. [Jakub Onderka]
+- [UI] Remove duplicate autoalert field in user profile. [Jakub Onderka]
+- [UI] Show user column for auth keys just for admins. [Jakub Onderka]
+- [UI] Correctly fetch data from resolved MISP format. [Jakub Onderka]
+- [UI] Show correct message when creating event when
+  MISP.unpublishedprivate is enabled. [Jakub Onderka]
+- [UI] Margin fixes for resolved_misp_format.ctp. [Jakub Onderka]
+- [UI] To IDS checkbox for attribute search. [Jakub Onderka]
+- [internal] Simplify regexp. [Jakub Onderka]
+- [UI] Change margin for notice message. [Jakub Onderka]
+- [UI] Remove unnecessary prevent default from ListTopBar. [Jakub
+  Onderka]
+- [UI] Correct message for fail callback. [Jakub Onderka]
+- [internal] Try to fix undefined index user_id when adding object.
+  [Jakub Onderka]
+- [UI] Quick edit of distribution. [Jakub Onderka]
+- [UI] Show add object attribute button just when user has permission.
+  [Jakub Onderka]
+- [UI] Error message when trying to add invalid attribute to object.
+  [Jakub Onderka]
+- [internal] Remove duplicate attribute fetching. [Jakub Onderka]
+- [UI] Description for attributes. [Jakub Onderka]
+- [attribute] IP address was considered as valid AS number. [Jakub
+  Onderka]
+- [internal] Taxonomy code cleanup. [Jakub Onderka]
+- [UI] Taxonomy tags invalid link. [Jakub Onderka]
+- [UI] Small fixes. [Jakub Onderka]
+- [UI] Do not show publish buttons for users without privilege. [Jakub
+  Onderka]
+- [UI] Communities. [Jakub Onderka]
+- [UI] Disable correlating field for non correlating attributes when
+  adding object. [Jakub Onderka]
+- [internal] Remove warning when using populate by template. [Jakub
+  Onderka]
+- [UI] Remove duplicate onclick. [Jakub Onderka]
+- [UI] Pagination for audit log. [Jakub Onderka]
+- [UI] Attribute correlation popover. [Jakub Onderka]
+- [UI] Attribute correlations. [Jakub Onderka]
+- [internal] Migration 105. [Jakub Onderka]
+- Db_version in db_schema.json. [Jakub Onderka]
+- [UI] Add missing space after tag. [Jakub Onderka]
+- [dashboard:*SightingsWidget] Updated to support the correct response
+  type. [Sami Mokaddem]
+- [auth][log] log correct org/userid with failed login fixes #8807.
+  [Christophe Vandeplas]
+- [log] filter user logs on user_id not email. [Christophe Vandeplas]
+- [dashboard] sort dashboard widgets. [Christophe Vandeplas]
+- [log] remote IP header clarify prefix is needed. [Christophe
+  Vandeplas]
+- [log] Fetching remote IP address. [Jakub Onderka]
+
+  Fixes #8795 and #8788
+- [log] Condition for old access log. [Jakub Onderka]
+- [log] Request time. [Jakub Onderka]
+- [UI] Consider Database/MysqlExtended as valid data source. [Jakub
+  Onderka]
+- [log] Undefined index. [Jakub Onderka]
+- [db_schema] Update to 104. [Jakub Onderka]
+- [db] Duplicate migration. [Jakub Onderka]
+- [workflow:getUserForWorkflow] Give all perms to workflow user. [Sami
+  Mokaddem]
+- [internal] Cleanup for log controller. [Jakub Onderka]
+- [test] Update after log change. [Jakub Onderka]
+- [internal] Attaching clusters. [Jakub Onderka]
+- Undefined index. [Luciano Righetti]
+- Css. [Luciano Righetti]
+- Undefined. [Luciano Righetti]
+- Undefined index. [Luciano Righetti]
+- Cs. [Luciano Righetti]
+- Cs. [Luciano Righetti]
+- Add new db version. [Luciano Righetti]
+- Support short tags setting. [Luciano Righetti]
+- Add missing views. [Luciano Righetti]
+- Support short tags setting. [Luciano Righetti]
+- Add missing views. [Luciano Righetti]
+- Conflics and update db_schema.json. [Luciano Righetti]
+- [logs] only allow for perm_audit & promote the perm to all.
+  [Christophe Vandeplas]
+- [log] Minor cosmetic fixes. [Christophe Vandeplas]
+- [ACL] added admin_destroy. [iglocska]
+
+Other
+~~~~~
+- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
+- Merge pull request #8812 from StefanKelm/2.4. [Alexandre Dulaunoy]
+
+  Update correlations.ctp
+- Update correlations.ctp. [StefanKelm]
+
+  tiny typo
+- [fix] Properly configure dependabot for composer. [Raphaël Vinot]
+- Merge pull request #8784 from
+  MISP/dependabot/github_actions/actions/checkout-3. [Raphaël Vinot]
+
+  build(deps): bump actions/checkout from 2 to 3
+- Build(deps): bump actions/checkout from 2 to 3. [dependabot[bot]]
+
+  Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
+  - [Release notes](https://github.com/actions/checkout/releases)
+  - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
+  - [Commits](https://github.com/actions/checkout/compare/v2...v3)
+
+  ---
+  updated-dependencies:
+  - dependency-name: actions/checkout
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+  ...
+- Merge pull request #8783 from
+  MISP/dependabot/github_actions/github/codeql-action-2. [Raphaël Vinot]
+
+  build(deps): bump github/codeql-action from 1 to 2
+- Build(deps): bump github/codeql-action from 1 to 2. [dependabot[bot]]
+
+  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
+  - [Release notes](https://github.com/github/codeql-action/releases)
+  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
+  - [Commits](https://github.com/github/codeql-action/compare/v1...v2)
+
+  ---
+  updated-dependencies:
+  - dependency-name: github/codeql-action
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+  ...
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge pull request #8613 from JakubOnderka/fix-ui. [Jakub Onderka]
+
+  Fix UI
+- Merge pull request #8828 from JakubOnderka/fix-migration-105. [Jakub
+  Onderka]
+
+  fix: [internal] Migration 105
+- Merge pull request #8826 from JakubOnderka/fix-tag-view. [Jakub
+  Onderka]
+
+  fix: [UI] Add missing space after tag
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Update correlations.ctp. [StefanKelm]
+
+  tiny typo
+- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
+  Mokaddem]
+- Merge pull request #8751 from JakubOnderka/disable-discussion. [Jakub
+  Onderka]
+
+  new: [UI] Add ability to disable discussion
+- Merge pull request #8757 from JakubOnderka/sql-logging. [Jakub
+  Onderka]
+
+  SQL logging
+- Fixup! fix: [db_schema] Update to 104. [Jakub Onderka]
+- Merge pull request #8799 from JakubOnderka/duplicate-migration. [Jakub
+  Onderka]
+
+  fix: [db] Duplicate migration
+- Merge pull request #8796 from JakubOnderka/fix-cluster-attach. [Jakub
+  Onderka]
+
+  fix: [internal] Attaching clusters
+- Merge pull request #8794 from righel/highlighted-tags. [Luciano
+  Righetti]
+
+  new: highlighted tags
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+
+
 v2.4.166 (2022-11-28)
 ---------------------