MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-website/content/blog/MISP.2.4.192.released.md

41 lines
2.0 KiB
Markdown
Raw Blame History

---
title: MISP 2.4.192 released with many performance improvement, fixes and updates.
date: 2024-05-07
layout: post
tags: ["MISP", "Threat Intelligence", "release" ]
banner: /img/blog/opinion-view.png
---
### New Features
- **Security Enhancements:**
- Ability to disable TOTP/HTOTP when linked to an identity provider with strong authentication.
- Introduced Fast API Authentication with temporary storage of hashed API keys in Redis to enhance endpoint performance.
- **Logging and Tracking:**
- Enhanced detailed tracking sent to Sentry as breadcrumbs.
- **User Interface Improvements:**
- Addition of missing views for analyst data to enhance UI functionality.
### Changes
- **Performance and Functionality Improvements:**
- Updated CRUD operations to support afterFind in the delete function.
- Removal of redundant UI elements and dependencies, streamlined distribution settings, and enhanced event view loading.
- Upgraded warning lists, MISP galaxies, and MISP objects to the latest versions.
- Simplified JSON structure updates and UI enhancements, including a nicer menu design.
- **Configuration and Security Settings:**
- Improved role management with OIDC and adjusted security settings to disable password resetting when changes are disabled.
### Fixes
- **Security and Stability Fixes:**
- Addressed various security concerns including fixing redirect loops, removing redundant security tests, and patching stored XSS vulnerabilities. CVE-2024-33855
- Restored and fixed the Email OTP feature and ensured the proper functioning of external authentication.
- Made several critical fixes in the handling of analyst data and UI operations, like pagination in logs and event view configurations.
- **Optimization and Error Corrections:**
- Fixed issues in SQL logs, benchmarking, and handling of event indexes related to tags and threat levels.
For a complete list of updates, please refer to the [changelog pages](https://www.misp-project.org/Changelog.txt).
Reference in New Issue View Git Blame Copy Permalink