diff --git a/CHANGELOG.md b/CHANGELOG.md
index 43bbd5e..1aa1678 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,32 @@ MONARC Changelog
 ================
 
 
+## 2.8.2 (2019-05-28)
+
+### New
+
+- the MONARC core objects (assets, threats, vulnerabilities and risks) are now
+  identified with UUIDs. We published the objects on the
+  [MONARC objects sharing platform](https://objects.monarc.lu). Risks from
+  the CASES models are also [available](https://objects.monarc.lu/schema/16);
+- Assets, threats, vulnerabilities, risks and referentials can be imported
+  in the knowledge base of your analysis from MOSP without leaving the MONARC
+  user interface.
+
+### Enhancement
+
+- Adding referential afterwards does not update the knowledge base
+  [#156](https://github.com/monarc-project/MonarcAppFO/issues/156).
+
+### Fix
+
+- Import analysis in 2.81, exported from 2.72, gives errors [#152](https://github.com/monarc-project/MonarcAppFO/issues/152);
+- Edit label of added Referentials does not work [#153](https://github.com/monarc-project/MonarcAppFO/issues/153);
+- Problem generating deliverable [#157](https://github.com/monarc-project/MonarcAppFO/issues/157);
+- Categories are duplicated in import [#158](https://github.com/monarc-project/MonarcAppFO/issues/158);
+- Getting prob & impacts on operational risks [#161](https://github.com/monarc-project/MonarcAppFO/issues/161).
+
+
 ## 2.8.1 (2019-04-24)
 
 ### New
diff --git a/INSTALL/INSTALL.rhel7.md b/INSTALL/INSTALL.rhel7.md
index f1a9fa7..d382618 100644
--- a/INSTALL/INSTALL.rhel7.md
+++ b/INSTALL/INSTALL.rhel7.md
@@ -121,4 +121,11 @@ Set file ownership for monarc installation
         Require all granted
     </Directory>
 
+    <IfModule mod_headers.c>
+       Header always set X-Content-Type-Options nosniff
+       Header always set X-XSS-Protection "1; mode=block"
+       Header always set X-Robots-Tag none
+       Header always set X-Frame-Options SAMEORIGIN
+    </IfModule>
+
     SetEnv APPLICATION_ENV "development"
diff --git a/INSTALL/INSTALL.ubuntu1604.md b/INSTALL/INSTALL.ubuntu1604.md
index 4789206..c74d409 100644
--- a/INSTALL/INSTALL.ubuntu1604.md
+++ b/INSTALL/INSTALL.ubuntu1604.md
@@ -42,6 +42,13 @@ Especially by setting a strong root password.
             Require all granted
         </Directory>
 
+        <IfModule mod_headers.c>
+           Header always set X-Content-Type-Options nosniff
+           Header always set X-XSS-Protection "1; mode=block"
+           Header always set X-Robots-Tag none
+           Header always set X-Frame-Options SAMEORIGIN
+        </IfModule>
+
         SetEnv APPLICATION_ENV "development"
     </VirtualHost>
 
diff --git a/INSTALL/INSTALL.ubuntu1804.md b/INSTALL/INSTALL.ubuntu1804.md
index fd09ee9..156f409 100644
--- a/INSTALL/INSTALL.ubuntu1804.md
+++ b/INSTALL/INSTALL.ubuntu1804.md
@@ -5,7 +5,7 @@ Installation on Ubuntu 18.04
 
 ## Install the dependencies
 
-    $ sudo apt-get install vim zip unzip git gettext curl
+    $ sudo apt-get install vim zip unzip git gettext curl gsfonts
 
 Some might already be installed.
 
@@ -42,6 +42,13 @@ Especially by setting a strong root password.
             Require all granted
         </Directory>
 
+        <IfModule mod_headers.c>
+           Header always set X-Content-Type-Options nosniff
+           Header always set X-XSS-Protection "1; mode=block"
+           Header always set X-Robots-Tag none
+           Header always set X-Frame-Options SAMEORIGIN
+        </IfModule>
+
         SetEnv APPLICATION_ENV "development"
     </VirtualHost>
 
diff --git a/README.md b/README.md
index d203476..7010bcb 100644
--- a/README.md
+++ b/README.md
@@ -92,4 +92,3 @@ These objects are available through the
 [MONARC Objects Sharing Plarform](https://objects.monarc.lu).
 If a specific author wants to license an object under a different license,
 a pull request can be requested.
-
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..c346842
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+Last stable version of MONARC always provides security updates.
+
+## Reporting a Vulnerability
+
+If you think you have found a potential security issue in MONARC, do not open
+directly a GitHub issue. Please email us. You can contact
+[info@cases.lu](mailto:info@cases.lu).
+
+You can also specify how you would like to be credited for your finding
+(commit message, release notes or blog post for the new release). We will
+respect your privacy and will only publicize your involvement if you
+grant us permission.
diff --git a/VERSION.json b/VERSION.json
index 9dfaa94..219c9da 100644
--- a/VERSION.json
+++ b/VERSION.json
@@ -1 +1 @@
-{"major":2, "minor":8, "hotfix":1}
+{"major":2, "minor":8, "hotfix":2}
diff --git a/config/autoload/local.php.dist b/config/autoload/local.php.dist
index cb698c8..4448862 100644
--- a/config/autoload/local.php.dist
+++ b/config/autoload/local.php.dist
@@ -93,6 +93,8 @@ return array(
         'from' => 'info@monarc.lu',
     ],
 
+    'mospApiUrl' => 'https://objects.monarc.lu/api/v1/',
+
     'terms' => 'https://my.monarc.lu/terms.html',
 
     'monarc' => array(
diff --git a/deliveries/cases/DE/3.docx b/deliveries/cases/DE/3.docx
index d080b63..34e7b57 100644
Binary files a/deliveries/cases/DE/3.docx and b/deliveries/cases/DE/3.docx differ
diff --git a/deliveries/cases/EN/2.docx b/deliveries/cases/EN/2.docx
index d3f23cb..0b4911e 100644
Binary files a/deliveries/cases/EN/2.docx and b/deliveries/cases/EN/2.docx differ
diff --git a/deliveries/cases/EN/3.docx b/deliveries/cases/EN/3.docx
index 7975161..0bcad13 100644
Binary files a/deliveries/cases/EN/3.docx and b/deliveries/cases/EN/3.docx differ
diff --git a/deliveries/cases/FR/3.docx b/deliveries/cases/FR/3.docx
index 2b30489..88f6a0f 100755
Binary files a/deliveries/cases/FR/3.docx and b/deliveries/cases/FR/3.docx differ
diff --git a/deliveries/cases/FR/4.docx b/deliveries/cases/FR/4.docx
index 5bea0d2..5f0a571 100644
Binary files a/deliveries/cases/FR/4.docx and b/deliveries/cases/FR/4.docx differ
diff --git a/deliveries/cases/FR/5.docx b/deliveries/cases/FR/5.docx
index b4618cd..7d14c50 100644
Binary files a/deliveries/cases/FR/5.docx and b/deliveries/cases/FR/5.docx differ
diff --git a/deliveries/cases/NE/2.docx b/deliveries/cases/NE/2.docx
index 99e1d46..75da813 100644
Binary files a/deliveries/cases/NE/2.docx and b/deliveries/cases/NE/2.docx differ
diff --git a/deliveries/cases/NE/3.docx b/deliveries/cases/NE/3.docx
index 7f64680..ead41b2 100644
Binary files a/deliveries/cases/NE/3.docx and b/deliveries/cases/NE/3.docx differ
diff --git a/package.json b/package.json
index 00d662d..4999fc4 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "MONARC",
-  "version": "2.8.1",
+  "version": "2.8.2",
   "description": "MONARC Frontoffice App",
   "private": true,
   "repository": {
@@ -10,8 +10,8 @@
   "author": "CASES",
   "license": "GNU Affero General Public License version 3",
   "dependencies": {
-    "ng_anr": "https://github.com/monarc-project/ng-anr#master",
-    "ng_client": "https://github.com/monarc-project/ng-client#master"
+    "ng_anr": "git+https://github.com/monarc-project/ng-anr.git#master",
+    "ng_client": "git+https://github.com/monarc-project/ng-client.git#master"
   },
   "devDependencies": {
     "grunt": "~1.0.3",
diff --git a/scripts/update-all.sh b/scripts/update-all.sh
index 6d0736c..3c36902 100755
--- a/scripts/update-all.sh
+++ b/scripts/update-all.sh
@@ -61,6 +61,11 @@ fi
 
 $gitcommand pull
 
+if [ $? != 0 ]; then
+       echo "A problem occurred while retrieving remote files from repository."
+       exit 1
+fi
+
 composercommand=`command -v composer`
 if [[ -z "$composercommand" ]]; then
 	if [[ ! -f "composer.phar" ]]; then
diff --git a/vagrant/bootstrap.sh b/vagrant/bootstrap.sh
index 3f55dbe..5b3062c 100644
--- a/vagrant/bootstrap.sh
+++ b/vagrant/bootstrap.sh
@@ -36,7 +36,7 @@ echo -e "\n--- Updating packages list… ---\n"
 apt-get update
 
 echo -e "\n--- Install base packages… ---\n"
-apt-get -y install vim zip unzip git gettext curl > /dev/null
+apt-get -y install vim zip unzip git gettext curl gsfonts > /dev/null
 
 echo -e "\n--- Install MariaDB specific packages and settings… ---\n"
 # echo "mysql-server mysql-server/root_password password $DBPASSWORD_ADMIN" | debconf-set-selections
@@ -82,6 +82,7 @@ done
 echo -e "\n--- Enabling mod-rewrite and ssl… ---\n"
 a2enmod rewrite > /dev/null 2>&1
 a2enmod ssl > /dev/null 2>&1
+a2enmod headers > /dev/null 2>&1
 
 echo -e "\n--- Allowing Apache override to all ---\n"
 sudo sed -i "s/AllowOverride None/AllowOverride All/g" /etc/apache2/apache2.conf
@@ -162,6 +163,13 @@ cat > /etc/apache2/sites-enabled/000-default.conf <<EOF
         Require all granted
     </Directory>
 
+    <IfModule mod_headers.c>
+       Header always set X-Content-Type-Options nosniff
+       Header always set X-XSS-Protection "1; mode=block"
+       Header always set X-Robots-Tag none
+       Header always set X-Frame-Options SAMEORIGIN
+    </IfModule>
+
     SetEnv APPLICATION_ENV $ENVIRONMENT
     SetEnv APP_DIR $PATH_TO_MONARC
 </VirtualHost>
@@ -230,9 +238,11 @@ return array(
             'from' => 'info@monarc.lu',
     ],
 
+    'mospApiUrl' => 'https://objects.monarc.lu/api/v1/',
+
     'monarc' => array(
         'ttl' => 60, // timeout
-        'salt' => '', // salt privé pour chiffrement pwd
+        'salt' => '', // private salt for password encryption
     ),
 );
 EOF