diff --git a/_posts/2019-03-28-MISP.2.4.105.released.md b/_posts/2019-03-28-MISP.2.4.105.released.md index 9d36ec9..fc58c73 100644 --- a/_posts/2019-03-28-MISP.2.4.105.released.md +++ b/_posts/2019-03-28-MISP.2.4.105.released.md @@ -4,9 +4,9 @@ layout: post featured: /assets/images/misp/blog/distribution-graph.png --- -A new version of MISP ([2.4.105](https://github.com/MISP/MISP/tree/v2.4.105)) has been released to fix a security vulnerability (CVE-2019-10254) in addition to some minor improvements and a fix for the STIX 1.1 import, enabling the import of files with additional namespaces (such as [CISCP](https://www.dhs.gov/cisa/cyber-information-sharing-and-collaboration-program-ciscp)). +A new version of MISP ([2.4.105](https://github.com/MISP/MISP/tree/v2.4.105)) has been released to fix a security vulnerability ([CVE-2019-10254](https://cve.circl.lu/cve/CVE-2019-10254)) in addition to some minor improvements and a fix for the STIX 1.1 import, enabling the import of files with additional namespaces (such as [CISCP](https://www.dhs.gov/cisa/cyber-information-sharing-and-collaboration-program-ciscp)). -This release includes a security fix for a reflected XSS (CVE-2019-10254) vulnerability in the default layout template as reported by Tuscany Internet eXchange - Misp Team - TIX CyberSecurity (Thanks to them!). We strongly recommend that everyone update their MISPs to the latest version. +This release includes a security fix for a reflected XSS ([CVE-2019-10254](https://cve.circl.lu/cve/CVE-2019-10254)) vulnerability in the default layout template as reported by Tuscany Internet eXchange - Misp Team - TIX CyberSecurity (Thanks to them!). We strongly recommend that everyone update their MISPs to the latest version. The STIX 1.1 import can now import STIX files using additional, non-standard namespaces (such as [CISCP](https://www.dhs.gov/cisa/cyber-information-sharing-and-collaboration-program-ciscp)).