MISP 2.4.130 released
A new version of MISP (2.4.130) has been released with performance improvements, multiple bugs fixed and new features.
- [internal] cache tags instead of loading them over and over via the
event fetcher, fixes #6201.
- should speed things up for exports of datasets that have a lot of recurring tags
- moved the caching of some internals to the appmodel level to make it more generic
- [internal] Update correlations in one query.
Before, for every event saving action, four queries for updating correlations were generated
- [correlations] Faster loading related attributes.
- [sync] drop the republishing of events when the modification is merely
a timestamp bump.
- due to an already fixed issue still lingering, invalid event edits keep getting synchronised between instances
- these events still generate publish alerts erroneously
- this fix compares the previous state of the event to the modification, if there are no material changes (attributes, objects, object relations, event tags added/updated) then the publishing is dropped.
- Allow tag deletion for an event on update
- Allow for attribute tag deletion via Event or Attribute edit. Clean and return the attribute tags on response from editing an attribute, update code to remove legacy
- [opendata export] Parsing portal url parameter + slight parameters
- As the possibility of specifying the url of the
Open data portal to use instead of the default
one, we support here this parameter and adapt
the way we build the command that will launch
the python script
- Slight changes to replace some isset tests by
empty tests to make sure the concerned fields
are not only set, but also contain a value
- [UI] Show event preview when merging.
- [attribute] Add support for IDN domains.
- New: [freetext] Convert
- [widgets] Additional widgets for sharing statistics and layouts.
- [CLI] Allow to fetch remove event by UUID.
- [stix import] Fixed port in ip-port objects import to lose src and dst
- [stix export] Fixed the slight difference between parsing x509
fingerprint attributes and x509 objects.
- [stix export] Fixed x509 fingerprint attributes export & moved mapping
dictionaries to the mapping script
- Only the x509-fingerprint-sha1 attribute was
exported, and as a standard sha1 attribute,
which was a loss of context, now the x509
fingerprint attributes (md5, sha1 & sha256) are
exported as expected within a x509 observable
- Also moved the mapping dictionaries with the
appropriate indent to the mapping script, where
they should belong
Many bugs fixed and small improvements
Many other improvements are documented in the complete changelog is available.
We would like to thank all the contributors, reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in misp-objects, misp-taxonomies and misp-galaxy.
As always, a detailed and complete changelog is available with all the fixes, changes and improvements.