Changelog ========= %%version%% (unreleased) ------------------------ Fix ~~~ - [Warninglists] make it API friendly. [iglocska] v2.4.198 (2024-09-13) --------------------- New ~~~ - [attribute type] `dom-hash` is a structural fingerprint of HTML's Document Object Model. [Alexandre Dulaunoy] `dom-hash` is a structural fingerprint of the HTML's Document Object Model (DOM) originaly developed by CERT.PL The fingerprint is calculated by extracting all the tag names (ignoring the content and attribute of the HTML Page). The tag names are concatenated with a pipe value `|`, hash with the SHA-256 algorithm and truncated with the first 32 characters. Software like LookyLoo[1] implemented the algorithm which can be used in MISP to share and correlate information about similar web pages (e.g. phishing pages). [1] https://github.com/Lookyloo/lookyloo/commit/466a3c56148f2ddb911620fd24e4f0c9d602a6a3 Changes ~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [internal] Simplify cake.php and load dispatcher from absolute path. [Jakub Onderka] - [internal] Server sync debug message when pushing events. [Jakub Onderka] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [ui] Better description for server setting. [Jakub Onderka] Fix ~~~ - [event-report:edit] Take first Attribute value from an object if unable to get the priority value. [Sami Mokaddem] - [event-report:edit] Take first Attribute value from an object if unable to get the priority value. [Sami Mokaddem] - [security] Ensure proper sanitization of sensitive fields in user- login-profiles. [Sami Mokaddem] Prevent other org-admins (from the same org) to view sensitive fields of other org-admins when they confirmed their login session - As reported by Sharad Kumar Dahal of Green Tick Nepal Pvt. Ltd - [users:view_login_history] Column not found error while not being a site-admin. [Sami Mokaddem] By ensuring the user's Role is included in the result - [users:index] Redact autkey visibility to other org-admin in the same organisation. [Sami Mokaddem] - Since by design, org admins can already change the password of other org-admins (from the same org), this is considered as a fix. - [security] ACL ignored on GUI attribute search. [iglocska] - as reported by KZ-CERT, the National CERT Team of Kazakhstan - [attribute search] fixes for invalid returns on deleted = [0,1], fixes #9866. [iglocska] - object level deleted field check would block the inclusion of non object attributes - [feed] old path replaced with official misp-website path. [Alexandre Dulaunoy] - [baseurl] preference changed to MISP.baseurl, fixes #9895. [iglocska] - external_baseurl no longer used as a prefered source - meant to be informational only for sharing groups - [internal] Throw exception in GpgTool if GnuPG.homedir is empty. [Jakub Onderka] - [internal] Throw exception in EncryptedValue invalid state. [Jakub Onderka] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'fix/authkey-visibility' into develop. [Sami Mokaddem] - Merge pull request #9903 from JakubOnderka/shell-dispatcher. [Jakub Onderka] chg: [internal] Simplify cake.php and load dispatcher from absolute path - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9685 from JakubOnderka/push-server-sync-debug. [Jakub Onderka] chg: [internal] Server sync debug message when pushing events - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9890 from JakubOnderka/log-unpublished. [Jakub Onderka] chg: [ui] Better description for server setting - Merge pull request #9896 from JakubOnderka/encrypt-exception. [Jakub Onderka] Encrypt exception - Merge pull request #9897 from MISP/2.4. [Jakub Onderka] Merge 2.4 into develop v2.4.197 (2024-09-02) --------------------- New ~~~ - Add config option user_org_uuid_in_response_header, allowing to include a response header with the requesting user's org UUID. [Jeroen Pinoy] - [build] Show required STIX dependencies versions. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - [warning-list] updated. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [internal] Log when event will not be published. [Jakub Onderka] - [global_menu:bookmark] Added comment field as dropdown element's title. [Sami Mokaddem] - [db:bookmark] Added DB upgrade to support bookmarks' comment. [Sami Mokaddem] - [bookmark:view] Added missing comma for new comment function. [Jan Z.] Added a missing comma for the new comment function - [bookmark:View] Added field for Comment. [Jan Z.] Added a field for comments for bookmarks - [bookmark:index] Added a field for Comment. [Jan Z.] Added a field to display comment to the Bookmarks - [bookmark:add] Added a comment field. [Jan Z.] Added a field to add and edit comments for bookmarks. - [misp-object] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [UI/footer] Avoid confusion for some users. [Alexandre Dulaunoy] Verse 1 I was sittin' at my desk, feeling mighty fine, Encryption's my jam, yeah, it’s my time to shine. But then I hit a wall, a digital brick, I mixed up my keys, oh what a trick! Pre-Chorus Sent my own key to the server’s side, Now my secrets ain’t safe, and I wanna hide. What a mix-up, what a shame, Who’s to blame in this encryption game? Chorus Oh, PGP, don’t play tricks on me, Keep my secrets locked, let my mind be free. I sent my own key, oh what a fuss, When I needed the server’s, now I’m outta luck! Verse 2 I tried to decrypt, but nothing would show, I thought it was the server, but now I know. My own key’s sittin' there, feelin' so right, But it’s not the one I need to lock up tight. Pre-Chorus Sent my secrets into the cloud, But they bounced right back, I ain’t so proud. What a mix-up, what a twist, In the encryption dance, I must persist! Chorus Oh, PGP, don’t play tricks on me, Keep my secrets locked, let my mind be free. I sent my own key, oh what a fuss, When I needed the server’s, now I’m outta luck! Bridge Next time I’ll check, I’ll double-click twice, Make sure the right key’s rollin’ the dice. No more confusion, no more regret, I’ll get this encryption thing down just yet! Chorus Oh, PGP, don’t play tricks on me, Keep my secrets locked, let my mind be free. I sent my own key, oh what a fuss, When I needed the server’s, now I’m outta luck! Outro So here’s my lesson, loud and clear, In the world of keys, gotta steer clear. Of mix-ups and mess-ups, it’s a tricky ride, But I’ll master this PGP with pride! - [ioc import] Check if provided XML is valid. [Jakub Onderka] - [schema] Schema version. [Jakub Onderka] - [ui] Returned data are already parsed for tag popover. [Jakub Onderka] - [bookmarks:add] Lower-cased comment field. [Sami Mokaddem] - [sighting] Correctly pull sightings per requested event. [Tom King] - [bookmarks] fix an issue with overly verbose returns from bookmarks when shared with the org. [iglocska] - as reported by Sharad Kumar Dahal of Green Tick Nepal Pvt. Ltd. - [feed] Feed pull, check events against rules if rules specified. [Benni0] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into pr-9893. [Sami Mokaddem] - Merge branch 'develop' into pr-9885. [Sami Mokaddem] - Merge pull request #9889 from JakubOnderka/log-unpublished. [Jakub Onderka] chg: [internal] Log when event will not be published - Merge pull request #9888 from JakubOnderka/tag-popover-fix. [Jakub Onderka] fix: [ui] Returned data are already parsed for tag popover - Merge branch 'pr-9841' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9876 from tomking2/bug/sighting_rest_search. [Andras Iklody] Fixes performance of sightings restSearch when performing MISP sync - Merge pull request #9875 from JakubOnderka/stixtest-build. [Jakub Onderka] new: [build] Show required STIX dependencies versions - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #9881 from andrewdhicks/fix-sightings-rest-search- org. [Andras Iklody] Fix sightings rest search by org uuid - Merge branch 'MISP:2.4' into fix-sightings-rest-search-org. [Andrew Hicks] - Fix negation of org id for sightings restSearch. [Andrew Hicks] v2.4.196 (2024-08-21) --------------------- New ~~~ - [decaying model] Add a DecayingModel based on true positive and false positive sightings. [Marcel Slotema] - [log search] added optional hh:mm:ss accuracy. [iglocska] - also some refactoring to deal with the boat-load of copy-pasta ░░░░░░░░░░░░ ░░ ░░░░ ░░░░ ░░░░░░░░░░ ░░▒▒▓▓██████░░ ░░▒▒██████░░ ░░ ░░░░░░░░░░ ░░████ ██░░░░░░██ ██░░ ░░░░░░░░░░░░ ▒▒████ ████░░░░▒▒██ ████░░ ░░░░░░░░░░ ▒▒██▓▓ ██░░░░▒▒██ ██░░ ░░░░░░░░ ▒▒████████░░ ▒▒████████▒▒ ░░░░ ░░ ░░ ░░ ▒▒▒▒██░░██████░░▒▒██░░▓▓▓▓░░ ░░░░ ░░ ░░▒▒████████████░░░░██████ ▓▓██████▒▒ ░░░░░░░░ ▒▒████▒▒░░ ░░░░██░░██░░░░░░████▒▒ ▒▒▓▓ ░░░░░░ ░░▒▒██░░██▒▒▓▓████░░░░██░░░░██░░██▒▒ ▒▒██▓▓░░██ ░░░░ ░░░░▒▒██▒▒██░░ ▓▓██▒▒██ ░░████░░██░░ ▒▒▓▓▒▒▓▓████░░░░▒▒░░ ░░ ░░▒▒██████░░░░ ▓▓▓▓▒▒▒▒▒▒██░░░░░░░░██████▓▓▒▒▒▒▒▒▓▓██▒▒▓▓██████ ▒▒██░░▓▓████████▓▓▒▒▒▒▒▒▒▒██████████░░██▓▓▒▒▒▒▒▒▒▒▒▒██████░░░░██ ░░▒▒▓▓▒▒░░▓▓██▒▒██▓▓▒▒▒▒▒▒▒▒▒▒██░░░░░░██░░▓▓▓▓▒▒▒▒▒▒▒▒▒▒██ ░░████ ░░▒▒██░░▓▓▓▓██░░▒▒██▓▓████████░░░░██████░░░░▒▒██▒▒▒▒▒▒██░░░░██ ░░▒▒██░░██░░▒▒██░░░░██▒▒ ░░░░██████▒▒ ██▓▓▒▒████████░░████░░ ░░▒▒██▒▒██▒▒▒▒██████░░▓▓████░░░░██░░██░░██▓▓ ░░██▒▒████░░ ░░▒▒██████████░░▒▒▒▒██████░░██░░░░████░░ ░░██░░ ██░░ ░░░░▒▒▓▓██▒▒░░░░████░░░░░░██░░██░░██▓▓██░░░░████ ██▒▒░░ ░░░░▒▒██░░██████▓▓▒▒██████▒▒░░██░░██▓▓██ ░░████░░ ██░░ ░░░░▒▒██▓▓▒▒▒▒▒▒▒▒██░░░░░░░░██░░░░██▓▓████ ██▓▓██ ██░░ ░░░░░░▒▒▒▒ ░░▒▒██▒▒░░▓▓██████ ██▓▓▒▒████ ██▓▓██░░▓▓▓▓ ░░░░░░░░░░░░░░▒▒██░░████████░░██▒▒▒▒████▒▒██▓▓▒▒██░░██▓▓ ░░░░░░░░ ▒▒████░░░░▓▓▓▓▓▓████░░▒▒▒▒██▒▒▒▒██▓▓██░░▓▓▓▓ ░░░░░░░░▒▒▒▒████░░ ██▓▓▒▒██▓▓░░░░▒▒██▒▒▒▒██▒▒██░░▒▒▓▓ ░░░░░░░░▒▒██░░░░▒▒██▓▓░░░░░░░░░░░░ ████▓▓▒▒▒▒██░░▓▓▓▓ ░░░░░░░░▒▒████████░░░░ ░░░░░░░░░░ ░░██████░░ - [review user logs] made the button useful. [iglocska] - was linking to the log index without any filters before - now links to any changes affecting the user (model = User, model_id = user_id) - is aware of the use of the new audit log system, linking to the most useful logs - future improvements: add a secondary button for searches on the user email address in the logs by creation Changes ~~~~~~~ - [PyMISP] Bump. [Raphaël Vinot] - [version] bump. [iglocska] - [decaying-model-formulas] Catches undefined indexes. [Sami Mokaddem] - [decaying tool] Update sliders when a textbox is changed. [Marcel Slotema] - [attributes:restSearch] Added X-Skipped-Elements-Count Header. [Benni0] Added the X-Skipped-Elements-Count header, which should indicate how many items are skipped due to postprocessing. With this header, the client should be able to do proper pagination and can stop iteration when the amount of items, including the skipped items, is lower than the limit - [internal] Include in logged message subject and e-mail address when sending e-mail. [Jakub Onderka] - [misp-stix] Bumped latest tagged version. [Christian Studer] - [baseurl handling] fixed for reverse proxies. [iglocska] - no more weird redirects that drop ports / externally requested baseurls from redirect links - Thanks to @github-germ (Mitch Germansky) for the long, in-depth debug session and testing all the hacky attempts at fixing it - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-stix] Bumped latest submodule version. [Christian Studer] - [misp-stix] Bumped latest submodule version including some fixes. [Christian Studer] - [Attributes restSearch] added sort support for publish_timestamp. [Benni0] Fix ~~~ - [misp-stix] Bumped fixed version. [Christian Studer] - [stix2 import] Updated STIX 2 parsers usage following recent changes on misp-stix. [Christian Studer] - [priority order in beforefilter] move the baseurl view var setting further up in the chain. [iglocska] - redis errors with benchmarking enabled could throw a notice error about the baseurl not being set for the views otherwise - [image helper] allow for variable width org logos without overlapping the text. [iglocska] - [misp-stix] Bumped latest version including recent fixes. [Christian Studer] - [workflow:getEnabledModules] Make sure to return the correct type if redis fails to load. [Sami Mokaddem] - [cli setting change] in the previous commit fixed. [iglocska] - Thanks @ostefano for noticing my fuckup - [workflow:getEnabledModules] Make sure to return the correct type if redis fails to load. [Sami Mokaddem] - [settings] multiple fixes to changing settings on the instance. [iglocska] - fix an issue with simplebackgroundjobs setting changes barfing - add a proper CLI check rather than that puzzling fileOnly shit we've had before - [attribute search ordering fix] [iglocska] - [attribute search] id based sliding window reverted. [iglocska] - sadly the ordering is more expensive than the gain it looks like... Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'env_dependencies' into develop. [iglocska] - Merge branch 'develop' into env_dependencies. [iglocska] - Merge branch 'attributeRestsearchOrder' into develop. [iglocska] - Merge branch 'develop' into attributeRestsearchOrder. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'pr-9849' into develop. [Sami Mokaddem] - Merge branch 'x-skipped-elements-count' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9865 from JakubOnderka/log-exception-email. [Andras Iklody] chg: [internal] Include in logged message subject and e-mail address … - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'dependencies' into develop. [iglocska] - Default to env dependencies, and fallback to submodules' [Stefano Ortolani] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9862 from kdrypr/patch-3. [Alexandre Dulaunoy] Update defaults.json - Update defaults.json. [Kadir YAPAR] changed company and community - Merge pull request #9859 from ostefano/openapi. [Andras Iklody] Fix openapi specification - Fix openapi specification. [Stefano Ortolani] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - [chg] Modified Attributes to support mutlicolumn and Model.publish_timestamp sorting. [Benni0] - [chg:AppModel] Modified findOrder to support multicolumn sorting. [Benni0] v2.4.195 (2024-07-26) --------------------- New ~~~ - [legacy attribute search] internals added for some edge cases. [iglocska] - new setting allows an admin to flip the search strategy to one that mimics the old behaviour - refrains from using subqueries - [attribute search and correlation] improvements. [iglocska] - added correlationRules system - create rules for non correlating events (such as events from the same org, events with a certain string in the event info field, or just manually chosen event IDs) - should help combat recurring data in certain feeds / providers causing slowdowns - rework of the attribute pagination - use the memory limit based bucketing also when limits are set - better handling of offsets (ordering + using lowest IDs for the next batch instead of mysql offsets) - [logging] Added more data to logging entry and new option to log used authkeys in clear-text. [Sami Mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] fix issue with buggy template. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [db schema] bumped. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [workflow:webhook] Correctly send JSON data if content_type is set to application/json. [Sami Mokaddem] - [docs] add an example of S/MIME self-signed key for your MISP. [Alexandre Dulaunoy] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - let's see if this fixes the tests - [PyMISP] Test search & publish. [Raphaël Vinot] - [logos] added CCB's logo as per request to the defaults. [iglocska] - also fixed a gitignore snafu - [PyMISP] Bump changelog. [Raphaël Vinot] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - Unify event create/update response. [Luciano Righetti] - Openapi path parameters are required. [Luciano Righetti] - Wrong parameter id in taxonomy endpoints. [Luciano Righetti] - Analyst data openapi spec. [Luciano Righetti] - [restClient:queryBuilder] Stop prefixing the scope for the fields in restSearch context. [Sami Mokaddem] - [index hint] using mysql extended may be wrong. [iglocska] - if attributes.deleted isn't indexed it would barf before - added a check for the existence of the index - [publishing] if the publish timestamp can't be updated, throw an error during the in-line publishing. [iglocska] - [fetchEvent] defaulting out conditions to null rather than false. [iglocska] - enabled the false behaviour that false would simply be ignored - this caused published = false via the API to default to the published flag not being set at all - new behaviour works same as 0/1 values for booleans - [Bookmark view] typo fixed. [Alexandre Dulaunoy] - [internal] more fixes to the deleted flag. [iglocska] - this sure wouldn't be such a clusterfuck if the office had an AC and we weren't sitting in 28.3C - [deleted filter] fix for the previous commit. [iglocska] - modify a local variable rather than the passed-by-reference params array - [event] Making sure we attach Analyst Data to Event Reports when fetching Events. [Christian Studer] - [internal filtering] handle deleted cases better across the various search endpoints. [iglocska] - object restSearch() was not correcty adhering to the deleted:1 parameter among others - Unify event create/update response. [Luciano Righetti] - Openapi path parameters are required. [Luciano Righetti] - Wrong parameter id in taxonomy endpoints. [Luciano Righetti] - Analyst data openapi spec. [Luciano Righetti] - [ACL] user add always accessible to site admins. [Andras Iklody] - [issue] Update config.yml. [Alexandre Dulaunoy] Removal of the discussion which is a source of issues. Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'correlation_rules' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'pr-9744' into develop. [Sami Mokaddem] - Merge branch 'develop' into pr-9744. [Sami Mokaddem] - Merge branch 'feature/cleartext-logging' into develop. [Sami Mokaddem] - Merge branch 'develop' into feature/cleartext-logging. [Sami Mokaddem] - Merge remote-tracking branch 'refs/remotes/origin/develop' into develop. [Sami Mokaddem] - Merge pull request #9826 from righel/fix-openapi-spec-params. [Luciano Righetti] Fix openapi spec params - Fix OpenAPI spec. [Stefano Ortolani] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Update class properties. [Vincenzo Caputo] - Update module description. [Vincenzo Caputo] - Add attach decay score module. [Vincenzo Caputo] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9805 from ostefano/openapi. [Luciano Righetti] Fix OpenAPI spec - Fix OpenAPI spec. [Stefano Ortolani] - Merge pull request #9792 from cudeso/2.4. [Alexandre Dulaunoy] Adding Threatview.io MISP feeds - Adding Threatview.io MISP feeds. [Koen Van Impe] v2.4.194 (2024-06-21) --------------------- New ~~~ - [bookmark] Added bookmark functionality. [Sami Mokaddem] - Allow any user to create a bookmark - Bookmarks can be shared to all users belonging to the bookmark organisation - [heartbeat] added. [iglocska] - new endpoint, /users/heartbeat - accessible unauthed, simply returns a 200 response if the instance is operational - No checks are done on live status, version, etc. The idea is to simply see if the instance is up - Skips most of beforefilter() altogether, making it very fast. - [skip otp requirement] role permission added to exclude certain roles from the otp requirement. [iglocska] - handy for filtered, local service accounts - [users api] added new boolean field to the output indicating whether totp is set for the user. [iglocska] - A simple boolean field to show whether totp has been set up for the given account - works for /users/view, /admin/users/view, /admin/users/index Changes ~~~~~~~ - [misp-stix] Bumped latest version. [Christian Studer] - [schema] bump. [iglocska] - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [bookmark:index] Added title acting as doc for exposed_to_org field. [Sami Mokaddem] - [bookmarks:index] Improved support of quick search. [Sami Mokaddem] - [warning-lists] updated. [Alexandre Dulaunoy] - [ACL] added heartbeat to the ACL component. [iglocska] - [schema and mysql.sql] updated. [iglocska] - it's been long overdue Fix ~~~ - [default roles] delegation permission added to sync user and publisher. [iglocska] - [default role] readded. [iglocska] - [PyMISP] Mistake in tests. [Raphaël Vinot] - [roles] defaults fixed. [iglocska] - [event report markdown editor] not displaying tags, fixes #9774. [iglocska] - garbage response type bites us in the arse again - [feed ingestion] include a user agent to circumvent issues with feeds requiring it, fixes #9773. [iglocska] - [galaxycluster blocklist] editing missing view, fixes #9766. [iglocska] - [missing org logo] in decaying model readded, fixes #9768. [iglocska] - went fubar after the move to base64 encoded org images - [decaying tool] JSON response fixes, fixes #9769. [iglocska] - AJAX queries shouldn't receive the responses back as text/html when we're dealing with JSON responses - [object references links] fixed, fixes #9787. [iglocska] - Clicking on a referenced object didn't refocus the view as it does for attributes - moved to using data fields for referencing the correct object - The code handling this was an eldritch nightmare that only worked when enough sheep have been sacirificed to the wicked javascript deity on the last full moon - [server edit] view - notice error fixed. [iglocska] - url_params in the pull rules may not exist on old server objects - [bookmark:index] Fixed typo in description. [Sami Mokaddem] - [mysql.sql] default role settings fixed. [iglocska] memory_limit / max_execution_time should be NULL not 0 - [openapi] local flag in EventTags should be boolean. [iglocska] - [doc] correct filenames in rhel background worker migration guide steps. [Jeroen Pinoy] - [sighting sync] raised tiny chunk size to improve performance. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'bookmarks' into develop. [iglocska] - Merge branch 'develop' into bookmarks. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Update README.md. [Andras Iklody] - Merge pull request #9782 from mdhirt/mdhirt-fix-#9781. [Andras Iklody] Update eventattributetoolbar.ctp - Update eventattributetoolbar.ctp. [Mike] Fixed invalid object _( on lines 266 and 274 - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9771 from Wachizungu/fix-rhel-background-workers- migration-guide. [Alexandre Dulaunoy] fix: [doc] correct filenames in rhel background worker migration guid… v2.4.193 (2024-06-11) --------------------- New ~~~ - [attributes/enrich] endpoint added. [iglocska] - simply post a list of modules you wish to enrich the attribute by - url: /attributes/enrich/[attrribute_id|attribute_uuid] - post body in the format of `{"dns":1, "foo_bar_baz": 1}` listing all modules to execute - [misp-community] MISP-LEA information sharing community added. [Alexandre Dulaunoy] - [events:view] New UI feature allowing to collapse Attributes contained inside an object. [Sami Mokaddem] - This comes with an MISP setting to configure this behavior at an instance-wide level - [fatal error] logging added. [iglocska] - helps administrators to easily see what went wrong in terms of timeouts / oom issues - [feed acl] changed for feeds that have visibility set to 1. [iglocska] - any user can now use open feeds to: - browse the data - preview individual events - search the feed caches for the given feeds - run overlap comparisons on them - For any feeds/server correlations that do not allow for users to see the contents - correctly show the server wide opt-in correlations on local events as text, rather than non-functional links - [feed] sync pull rule checks on manifest, fixes #9728. [iglocska] - added a new set of checks to rule out events from MISP feed pulls that do not match the filter rules - should speed things up considerably Changes ~~~~~~~ - [recorrelation] added new functionality to set the recorrelation chunk size. [iglocska] - recorrelate in configurable chunk sizes (rather than the old hard coded value of 500) - immediately execute the saving of correlations after each chunk (should drastically reduce memory usage for massive events) - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [misp-stix] Bumped latest version. [Christian Studer] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [diagnostics] add Database/MysqlObserverExtended to valid data sources list. [Jeroen Pinoy] - [attributes/enrich] added to ACL. [iglocska] - [community] misp-lea.org is actually vetted by us. [Alexandre Dulaunoy] - [PyMISP] Bump for testing. [Raphaël Vinot] - [event:view] Small UI improvement for attribute's type in the object row. [Sami Mokaddem] - [events:view] Small UI tweak to prevent object name to wrap. [Sami Mokaddem] - [galaxy:galaxy-matrix] Respect order of tabs based on kill_chain_order definition. [Sami Mokaddem] - [analyst-data:relationship] Prevent self-referencing relationships. [Sami Mokaddem] - [analyst-data:view] Always return attached analyst-data. [Sami Mokaddem] - [analyst-data:capture] Recursively capture nested analyst-data. [Sami Mokaddem] - [component:CRUD] Added support of afterFind in the delete function. [Sami Mokaddem] Fix ~~~ - [feed settings] unpublish_event setting had the inverted effect, fixes #9739. [iglocska] - [JS] invalid comparison fixed. [iglocska] - 2jsirl4jsirl - [tag search] fixed. [iglocska] - [modules] /queryEnrichment endpoint fixed in modules controller - correctly pass module data. [iglocska] - fixes #9758 - [event fetcher] pop the tag filter after the first round of lookups. [iglocska] - no need to add the - in effect same - condition twice. The set_tag_filters() function already returns the conditions on multiple hierarchical levels - [tag search] fixes #1. [iglocska] - correctly break the execution for AND ed tag searches if at least one of the tags in the list doesn't exist - correctly compare against the event_id field in the attribute_tags table, rather than the copy pasta error of Event.id - [API] don't html encode JSON documents. [iglocska] - earlier fix broke shit - sometimes we pass the type as json sometimes as application/json to the response class, which handles it cleanly - but the check only accounted for one case - [security] changed menu_custom_right_link to CLI only. [iglocska] - allows a malicious / hijacked admin account to embed malicious js in a global menu link otherwise - as reported by Nils Putnins and Jeroen Pinoy from NCIA NCSC - [galaxyClusters:restSearch] filter on org_id and orgc_id if param set. [Jeroen Pinoy] - [security] rest client additional sanitisation for non json responses. [iglocska] - escape non json response bodies - as reported by Nils Putnins from NCIA NCSC - [security] changed menu_custom_right_link_html to CLI only. [iglocska] - allows a malicious / hijacked admin account to embed malicious js in every page otherwise - as reported by Nils Putnins from NCIA NCSC - [PyMISP] Fix the tests. [Raphaël Vinot] - [Collections] path pluralisation fix inb acl check for collections, fixes #9745. [iglocska] - no longer breaks collections index - [event:view] Correctly handle first click on toggle attribute visibility. [Sami Mokaddem] - [audit-logs:eventIndex] Fixed pagination issue while viewing event history. [Sami Mokaddem] Fix #9726 - [event-report:publishing] Do not reset the event timestamp when updating an event report. [Sami Mokaddem] - [feeds] function name change not handled everywhere. [iglocska] - [ACL] private function name convention not kept for a new function. [iglocska] - causes the ACL self-test to complain about an accessible endpoint (which is a private function) - [correlation] small fix for the preview_event. [iglocska] - [server correlation UI] fixed link to index preview. [iglocska] - [password reset] ACL fix. [iglocska] - [ACL] fixed pre-auth dynamic function calls. [iglocska] - [server/feed] correlation bug. [iglocska] - too many correlating events makes MISP barf - [bruteforceProtection] Avoid failing when wrong user name is used. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9764 from Wachizungu/add-mysqlobserverextended- validdatasource. [Andras Iklody] chg: [diagnostics] add Database/MysqlObserverExtended to valid data s… - Merge branch 'event_view_collapse' into develop. [iglocska] - Merge branch 'develop' into event_view_collapse. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9717 from Wachizungu/fix-galaxyclusters-org-orgc- restsearch-param. [Andras Iklody] fix: [galaxyClusters:restSearch] filter on org_id and orgc_id if para… - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #9741 from schatzistogias/2.4. [Alexandre Dulaunoy] Updated git link - Updated git link. [Stelios Chatzistogias] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'visible_feeds' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9720 from schatzistogias/patch-1. [Alexandre Dulaunoy] Add Infoblox feed to defaults.json - Add Infoblox feed to defaults.json. [schatzistogias] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] v2.4.192 (2024-05-03) --------------------- New ~~~ - [analyst data] missing views added. [iglocska] - [test] Security test for OTP disabled. [Jakub Onderka] - [test] Security test for forget password. [Jakub Onderka] - [security] Make possible to disable (T/H)OTP. [Jakub Onderka] This is useful if MISP is connected to identity provider that already provides strong authentication - [fast api auth] added. [iglocska] - added a new optional functionality to temporarily store hashed API keys in redis - The duration of the temporary storage is controllable by a setting (defaults to 3 minutes) - the hashing function used is an hmac sha-512 function, with the key being stored in a generated file on the instance - this cuts the query times of extremely fast endpoints down drastically on heavy repeated use (such as warninglists/checkValue) - [fast api auth] added. [iglocska] - added a new optional functionality to temporarily store hashed API keys in redis - The duration of the temporary storage is controllable by a setting (defaults to 3 minutes) - the hashing function used is an hmac sha-512 function, with the key being stored in a generated file on the instance - this cuts the query times of extremely fast endpoints down drastically on heavy repeated use (such as warninglists/checkValue) - [internal] Send more logs to sentry as breadcrumbs. [Jakub Onderka] Changes ~~~~~~~ - [component:CRUD] Added support of afterFind in the delete function. [Sami Mokaddem] - [schema] fix. [iglocska] - [VERSION] bump. [iglocska] - [analyst-data:view] Removed the redundant UUID popover button from the UUID field. [Sami Mokaddem] - [analyst-data:beforeSave] Make sure to set distribution to default value if not provided. [Sami Mokaddem] - [analyst-data:UI] Removed dep libraries. [Sami Mokaddem] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [test] Avoid sleep for 6 seconds. [Jakub Onderka] - [acl] Move site admin check as last check. [Jakub Onderka] - [security] Disable resetting password when password change is disabled. [Jakub Onderka] - [analyst-data] Added support of capturing analyst-data nested in attributes, events, eventreports and objects. [Sami Mokaddem] - [ls22shell] Improvement for LS24 adding support of analyst-data & detection/mitigation rules + some tweaks. [Sami Mokaddem] - [UI] clicking on your user name should bring up the user profile, fixes #9708. [iglocska] - Set BrowscapPHP logging from default DEBUG to INFO. [Bradley Logan] - [behavior:analystDataParent] Prevent double nesting analyst data when bulk fetching. [Sami Mokaddem] - [CLI] Simplify updating JSON structures. [Jakub Onderka] - [UI] Make menu little bit nicer. [Jakub Onderka] - [internal] Remove outdated code from beforeFilter. [Jakub Onderka] - [internal] Remove old way for putting API key to rest search. [Jakub Onderka] Fix ~~~ - [redirect loops] fixed for users that haven't done multiple mandatory tasks during login yet. [iglocska] - such as email OTP, change PW, read the news, etc. - [news UI] fixed notice error. [iglocska] - [security tests] removed otp_disabled check for email otp endpoint. [iglocska] - the two are distinct features - [OTP] restored. [iglocska] - [Email OTP] invalid ACL check reverted, allowing the feature to function again. [iglocska] - [evnet view] excluding correlations should also exclude over_correlated attributes, fixes #9366. [iglocska] - [external auth] fixed auth logging generating notices, fixes #9445. [iglocska] - [workflow:workflow-shell] Make sure a user is set when using non- blocking workflow. [Sami Mokaddem] - Fix #9722 - Thanks to @microblag for the proposed fix - [analystdata] don't include the parent via the viewAnalystData endpoints. [iglocska] - [UI] added missing views. [iglocska] - [UI] removed dumb check. [iglocska] - [analystdata] ui fixes. [iglocska] - [oidc] Fix issuer if not set. [Jakub Onderka] - [logs] Fixed bug in paginating logs. [Sami Mokaddem] - [analyst data] UI changes to make the loading on demand in the event view. [iglocska] - [event add] default value of threat level ID correctly injected into the form, fixes #9714. [iglocska] - [freetext] ip-src/ip-dst meta-type didn't have a valid category list. [iglocska] - [user registration] pgp key not saved from the registration. [iglocska] - [logs:index] Fixed UI pagination in application logs. [Sami Mokaddem] - [galaxy_clusters] Add orgc filter option for index, set it as default for galaxy view 'My Clusters' [Jeroen Pinoy] - [sql logs] captured when benchmarking is enabled but debug level is < 2. [iglocska] - [security] stored XSS in the correlation top list. [iglocska] - if an attribute with an XSS payload as its value ends up being in the top list of correlations, then an administrator viewing the top correlations would execute the XSS - as reported by Grzegorz Misiun - [workflow:ui] Make sure to use full available width. [Sami Mokaddem] - [benchmarking] speculative fix for using db settings and benchmarking, fixes #9702. [iglocska] - causes issues for some users, couldn't reproduce it, but addressed the potential issues - [events:index] Fixed `tags` index filtering parameter to correctly support list. [Sami Mokaddem] - [internal] Normalize extension for image helper. [Jakub Onderka] Fixes #9692 - [analyst-data:fetchAnalystDataBulk] Make sure to include all analyst- data type. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'feature/analyst-data-api' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature/analyst- data-api. [Sami Mokaddem] - Merge pull request #9690 from JakubOnderka/opt_disabled. [Jakub Onderka] new: [security] Make possible to disable (T/H)OTP - Merge pull request #9700 from JakubOnderka/oidc-issuer-fix. [Jakub Onderka] fix: [oidc] Fix issuer if not set - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9697 from Wachizungu/add-orgc-filter-for-galaxy- clusters-index. [Andras Iklody] fix: [galaxy_clusters] Add orgc filter option for index, set it as de… - Merge branch 'browscap_default' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Sami Mokaddem] - Revert "Revert "new: [event:index] Added support of ANDed tag filtering in the backend"" [Sami Mokaddem] This reverts commit 7cf9bcc94c0765e38aa8a4c8a69afaf46258857a. - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9696 from JakubOnderka/json-update. [Jakub Onderka] chg: [CLI] Simplify updating JSON structures - Merge pull request #8673 from JakubOnderka/menu-ui. [Jakub Onderka] chg: [UI] Make menu little bit nicer - Merge pull request #8464 from JakubOnderka/restsearch-key-fetch. [Jakub Onderka] chg: [internal] Remove old way for putting API key to rest search - Merge pull request #9686 from JakubOnderka/sentry-breadcrumb. [Jakub Onderka] new: [internal] Send more logs to sentry as breadcrumbs - Merge pull request #9693 from JakubOnderka/image-helper-fix-vol2. [Jakub Onderka] fix: [internal] Normalize extension for image helper v2.4.191 (2024-04-22) --------------------- Changes ~~~~~~~ - [version bump] [iglocska] - [config] Allow Oidc roles as string. [christianmg99] - [config] Allow Oidc roles as string. [christianmg99] - [config] Set Oidc issuer. [Christian Morales Guerrero] Fix ~~~ - [analyst-data:fetchAnalystDataBulk] Make sure to include all analyst- data type. [Sami Mokaddem] - [analyst-data:thread] Make sure to link the add_analyst_* buttons to the correct element. [Sami Mokaddem] Other ~~~~~ - Merge pull request #9695 from christianmg99/allow-oidc-roles-string. [Jakub Onderka] chg: [config] Allow Oidc roles as string - Revert "new: [event:index] Added support of ANDed tag filtering in the backend" [Sami Mokaddem] This reverts commit fc922910929e7bbaf2a89c2e3387c3f743910549. - Merge pull request #9694 from christianmg99/set-oidc-issuer. [Jakub Onderka] chg: [config] Set Oidc issuer v2.4.190 (2024-04-18) --------------------- New ~~~ - [feed:pullEvents] Added support of tag collection in feed configuration. [Sami Mokaddem] This allow to specify a tag collection for which all the tags will be applied on the pulled Events - [workflowMouldes:stop-execution] Added message paramter to allow user to provide a reason why the execution was stopped. [Sami Mokaddem] - [event:index] Added support of ANDed tag filtering in the backend. [Sami Mokaddem] In addition of the OR filtering using searchtag:1|2, /events/index now supports AND filtering with searchtag:1&2. The UI has not been updated yet. - [feed] Added unpublish_event setting to ensure pulled events are in the unpublished state. [Sami Mokaddem] - [benchmarking suite] added. [iglocska] - collect metrics about the usage of MISP - stored in redis - per endpoint / user / user-agent collection - collection of execution time, php memory use, sql execution time, sql query count - the collection happens on a daily basis - Searchable / filterable interface for the collected data - Dashboard widget for the collected data Changes ~~~~~~~ - [PyMISP] Bump. [Raphaël Vinot] - [warninglists] updated to the latest version. [Alexandre Dulaunoy] - [taxonomy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [version] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [db_schema] Bumped version. [Sami Mokaddem] - [feed] Added support of tag_collection_id when dealing with feeds. [Sami Mokaddem] - [syslog] output slightly changed. [iglocska] - always have a consistent number of fields conveyed, include delimited ( -- ) fields even if no data is passed to a field - Avoid linebreaks in content - [README] add the CLA FREE logo. [Alexandre Dulaunoy] - [workflow:editor] Show 100 entry max in picker. [Sami Mokaddem] - [internal] Log content type when JSON could not be parsed. [Jakub Onderka] - [sync] Reduce default timeout for remote HTTP request to 300 seconds (5 mins) [Jakub Onderka] - [sync] Change way how event index is cached in Redis to save memory. [Jakub Onderka] - [sync] Try to reduce memory usage when fetching event index from Redis. [Jakub Onderka] - [sync] Enable garbage collector when pulling events from remote server. [Jakub Onderka] - [sync] Try to save memory when fetching sightings. [Jakub Onderka] - [internal] Ltrim response in HttpSocketHttpException. [Jakub Onderka] - [CI] Split logs in CI. [Jakub Onderka] - [internal] Server sync debug messages. [Jakub Onderka] - [openapi] STIX export is also supported at attribute level. [Alexandre Dulaunoy] - [workflowModules:distribution-if] Allow choosing `sharing-group` and keeping the selected sharing-group list empty. [Sami Mokaddem] This enables users to simply check that the sharing-group distribution was used - [ui:galaxy_matrix] Resize matrix header on load. [Sami Mokaddem] - [analystData:API] Automatically encapsulate request's data into the analystType. [Sami Mokaddem] - [eventReports:extractAllFromReport] Expose functionality to API. [Sami Mokaddem] - [statistics] (R)etrieval (o)f (m)ember (m)etrics (e)valuation (l)ist (f)or (s)tatistics changed. [iglocska] - will include soft deleted attributes too - [attribute search] by uuid updated. [iglocska] - pre-checks if the passed UUID is actually an event UUID before going with the slow query against both tables - [statistics] (R)etrieval (o)f (m)ember (m)etrics (e)valuation (l)ist (f)or (s)tatistics changed. [iglocska] - will include soft deleted attributes too - [comment] added to the previous fix to make it clear what it does. [iglocska] - [sync] Move blocklist fetching out of ServerSyncTool and reduce sightings fetched in one fetch. [Jakub Onderka] Fix ~~~ - [feed] Added tag_collection_id as column. [Sami Mokaddem] - [analyst-data:thread] Only render the HTML when opening the popover. [Sami Mokaddem] - [eventreport] import from url api fixed. [iglocska] - [workflow:evaluateConfition] Fixed bug in `in_and` operator to make it order independant. [Sami Mokaddem] - [users:statistics] Division by 0 when no events or no orgs. [Sami Mokaddem] - [analystData:editableField] Made getEditableFields inheritance aware. [Sami Mokaddem] - [eventreports:transformFreeTextIntoSuggestion] Add to_ids fallback value. [Sami Mokaddem] - [tagCollection:removeTag] Fixed incorrect permission check. [Sami Mokaddem] - [component:restSearch] Restored behavior of searching for org and cluster metadata. [Sami Mokaddem] - [dashboard:updating] Prevent sending multiple time the same save request[1;5D. [Sami Mokaddem] - [widget:EventEvolutionWidget] Fixed filtering on organisation not working as expected. [Sami Mokaddem] - [dashboard:widgetAdd] Improved error handling for invalid JSON config. [Sami Mokaddem] - [status widget] ignore index hint for deleted field. [iglocska] - [index] Don't load analyst data by default. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9529 from obert01/fix-hover-enrich-accessibility. [Andras Iklody] - Accessibility: Added the possibility to focus the hover enrichment icon on attributes. [Olivier BERT] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'feed_tag_collections' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9639 from JakubOnderka/http-json-content-type. [Jakub Onderka] chg: [internal] Log content type when JSON could not be parsed - Merge pull request #9659 from JakubOnderka/curl-timeout-5-mins. [Jakub Onderka] chg: [sync] Reduce default timeout for remote HTTP request to 300 sec… - Merge pull request #9651 from JakubOnderka/server-sync-debug. [Jakub Onderka] Server sync debug - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9678 from TheDr1ver/patch-1. [Andras Iklody] Define $relationshipsInbound before call - Define $relationshipsInbound before call. [Nick Driver] Debug.log was showing the following error otherwise: ``` 2024-04-12 14:11:52 Notice: Notice (8): Undefined variable: relationshipsInbound in [/var/www/MISP/app/View/Elements/Events/View/row_object.ctp, line 40] Trace: ErrorHandler::handleError() - APP/Lib/cakephp/lib/Cake/Error/ErrorHandler.php, line 230 include - APP/View/Elements/Events/View/row_object.ctp, line 40 View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971 View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933 View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224 View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418 include - APP/View/Elements/eventattribute.ctp, line 148 View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971 View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933 View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224 View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418 include - APP/View/Elements/Events/View/event_contents.ctp, line 64 View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971 View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933 View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224 View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418 include - APP/View/Elements/genericElements/SingleViews/single_view.ctp, line 113 View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971 View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933 View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224 View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418 include - APP/View/Events/view.ctp, line 296 View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971 View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933 View::render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 473 Controller::render() - APP/Lib/cakephp/lib/Cake/Controller/Controller.php, line 968 Dispatcher::_invoke() - APP/Lib/cakephp/lib/Cake/Routing/Dispatcher.php, line 200 Dispatcher::dispatch() - APP/Lib/cakephp/lib/Cake/Routing/Dispatcher.php, line 167 [main] - APP/webroot/index.php, line 101 ``` - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Fix [event:view] Missing variable definition in row_object. [Sami Mokaddem] - Merge branch '2.4' into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9665 from JakubOnderka/sightings-fetching-cleanup. [Jakub Onderka] chg: [sync] Move blocklist fetching out of ServerSyncTool v2.4.189 (2024-04-05) --------------------- New ~~~ - [sighting sync] blocklisting added. [iglocska] - block organisations' sightings from being created / pulled - Added a new option to the restsearch of sightings too which this feature uses if available - if it isn't, the system will block the insertion on the beforeValidate() level - Outcome of the JTAN hackathon on 04.04.2024 in Luxembourg - [attribute] new attribute type added `integer` [Alexandre Dulaunoy] Initially, we utilised a counter type across numerous objects. However, the semantic significance of this type became unclear when establishing relationships with integers in various objects. - [analyst-data] Added Inbound Relationship to all views. [Sami Mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - [GeoOpen] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [warninglists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [schema] updated. [iglocska] - [ACL] entries added. [iglocska] - [setting] added for the sighting blocklisting. [iglocska] - [sighting restsearch] added org negations. [iglocska] - the org_id filter now allows for the use of a prepended '!' character for negations - [test] Check if MISP and STIX2 are valid in build-test.sh. [Jakub Onderka] - [internal] Log exception when importing stix file. [Jakub Onderka] - [internal] Update misp-stix. [Jakub Onderka] - [PyMISP] updated. [Alexandre Dulaunoy] - [internal] Speedup sighting rest search. [Jakub Onderka] - [UI] event view now only load analyst data for objects/attributes actually shown via pagination. [iglocska] - [curl client] added option for timeout. [iglocska] - [internal] Remove possible empty lines from output. [Jakub Onderka] - [docs:new-background-workers] add rhel specific steps to migration guide. [Jeroen Pinoy] - [test] Check attribute search. [Jakub Onderka] - [internal] Better error handling when fetching sightings. [Jakub Onderka] Fix ~~~ - [junk] removed. [iglocska] - [internal] Try to fix STIX import. [Jakub Onderka] - [sync] Avoid problem with duplicate sightings UUID. [Jakub Onderka] - [analyst-data:attachData] Make sure to also load child notes and opinions. [Sami Mokaddem] Changed the old behavior: Before we were loading 3 children. Now, we only load 1 by default. - [analyst-data:UI] Added missing entries for view elements. [Sami Mokaddem] - [analystdata] added to events as the previous commits purged it. [iglocska] - [analyst data chunk size] increased. [iglocska] - [internal] Attribute.php code style fix. [Jakub Onderka] - [sync] Drop support for zstd from CurlClient. [Jakub Onderka] - [oidc] Use the same handling of org also for Oidc::isUserValid. [Jakub Onderka] - [search] Attribute search error 500 because of force index search. [Jakub Onderka] - [UI] Showing event logo in correlation graph. [Jakub Onderka] - [internal] Check if values is not empty for MysqlExtended. [Jakub Onderka] - [internal] Undefined index in error message during sync. [Jakub Onderka] - [doc:rhel-installer] Correct conditional addition of httpd Listen 443 line. [Jeroen Pinoy] - [API] Cleanup compression marks added by Apache from Etag. [Jakub Onderka] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9553 from jloehel/fix-9552. [Andras Iklody] fix [INSTALL/MySQL]: Create table `user_login_profiles` only if it not exists - Fix [INSTALL/MySQL]: Create table `user_login_profiles` only if it not exists. [Jürgen Löhel] fixes: #9552 - Merge pull request #9662 from JakubOnderka/build-test-json-valid. [Jakub Onderka] chg: [test] Check if MISP and STIX2 are valid in build-test.sh - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9658 from JakubOnderka/stix-exception-logging. [Jakub Onderka] chg: [internal] Log exception when importing stix file - Merge pull request #9660 from JakubOnderka/duplicate-sighting-uuid. [Jakub Onderka] fix: [sync] Avoid problem with duplicate sightings UUID - Merge pull request #9661 from JakubOnderka/misp-stix-update. [Jakub Onderka] chg: [internal] Update misp-stix - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8760 from JakubOnderka/sightings-conditions- simplify. [Jakub Onderka] chg: [internal] Speedup sighting rest search - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #9657 from JakubOnderka/remove-php-ends. [Jakub Onderka] chg: [internal] Remove possible empty lines from output - Merge pull request #9652 from JakubOnderka/curl-zstd-drop. [Jakub Onderka] fix: [sync] Drop support for zstd from CurlClient - Merge pull request #9649 from JakubOnderka/oidc-is-user-valid-fix. [Jakub Onderka] fix: [oidc] Use the same handling of org also for Oidc::isUserValid - Merge pull request #9641 from Wachizungu/chg-background-jobs- migration-guide-add-rhel. [Alexandre Dulaunoy] chg: [docs:new-background-workers] add rhel specific steps to migrati… - Merge pull request #9642 from JakubOnderka/attibute-search-500. [Jakub Onderka] chg: [test] Check attribute search - Merge pull request #9640 from JakubOnderka/event-log-correlation- graph. [Jakub Onderka] fix: [UI] Showing event logo in correlation graph - Merge pull request #9637 from JakubOnderka/undefined-index-fixes. [Jakub Onderka] Undefined index fixes - Merge pull request #9636 from Wachizungu/fix-rhel-httpd-listen-config. [Alexandre Dulaunoy] fix: [doc:rhel-installer] Correct conditional addition of httpd Liste… - Merge pull request #9635 from JakubOnderka/error-handling-sighting. [Jakub Onderka] chg: [internal] Better error handling when fetching sightings - Merge pull request #9634 from JakubOnderka/response-etag. [Jakub Onderka] fix: [API] Cleanup compression marks added by Apache from Etag v2.4.188 (2024-03-22) --------------------- New ~~~ - [datasource] improvements. [iglocska] - Some datasources updated with the ignoreIndexHint parameter - mysqlExtended - mysqlObserverExtended - Also fixed forceIndexHint - [settings] added setting to (temporarily) disable the loading of sightings via the API. [iglocska] - affected endpoints: restsearch and /events/view - temporarily skips the loading of sightings - helps alleviate absolutely massive sighting data sets from killing server performance - temporary measure, doesn't prevent the creation of sightings / viewing of sightings via the UI Changes ~~~~~~~ - [PyMISP] Bump, again. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [version] bump. [iglocska] - [CI] Mark BadRequestException as fail log. [Jakub Onderka] - [internal] Better error handling. [Jakub Onderka] - [tests] trying to fix the failing test. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-object] updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [attribute search] rework. [iglocska] - Massive performance improvement when using MysqlExtended or MysqlObserverExtended data sources - event level lookup moved to subqueries, allowing for simpler, much faster indexed queries - Ignoring the deleted index as it slows things down - [openapi:analyst_data] Added content for analyst-data. [Sami Mokaddem] - [openapi:event_report] Added content for event-reports. [Sami Mokaddem] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [sightings:getLastSighting] Added support of sighting policy. [Sami Mokaddem] Fix #8660 - [internal] Add title to alert template. [Jakub Onderka] - [attribute:restSearch] Improved performance of `includeDecayScore` by a factor of 5. [Sami Mokaddem] - [attribute fetch] slightly refactored. [iglocska] - simplify conditions - don't load acl conditions twice Fix ~~~ - [attribute search] enforce unpublishedprivate directive. [iglocska] - [internal] Error handling for error message in AttachmentScan. [Jakub Onderka] - [curlclient] HEAD failing. [iglocska] - added CURLOPT_NOBODY for HEAD requests, as described in https://www.php.net/manual/en/function.curl-setopt.php - [CLI] Fix redisReady for dragonfly. [Jakub Onderka] - [ECS] Change type from Exception to Throwable. [Jakub Onderka] - [OIDC] Default organisation handling if not provided by OIDC. [Jakub Onderka] - [publish] don't pop the list of failed servers before generating the error array. [iglocska] - [sync] if push rules don't have the type_attributes set, don't throw an error. [iglocska] - [attempt] fix for the etag test. [iglocska] - [performance] load analyst data in bulk. [iglocska] speeds up event loading dramatically - [performance] load analyst data in bulk. [iglocska] speeds up event loading dramatically - [UI] Add missing `MISP.email_reply_to` to server config. [Jakub Onderka] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Chg, fix: [misp-stix] Bumped latest version. [Christian Studer] - Fixing an issue where the custom Galaxy Clusters generated with the conversion from STIX 2.x were not correctly built to generate the Galaxy elements after the validation of the content - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9631 from JakubOnderka/attachment-scan-error. [Jakub Onderka] fix: [internal] Error handling for error message in AttachmentScan - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9630 from JakubOnderka/oidc-default-org-handling. [Jakub Onderka] fix: [OIDC] Default organisation handling if not provided by OIDC - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'pr-9589' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into pr-9589. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9615 from vincenzocaputo/fix-accept-delegation- attachments. [Alexandre Dulaunoy] fix: Attachments deletion when accepting a delegation request - Add include attachments option when fetching event in EventDelegation.php. [Vincenzo Caputo] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9616 from cudeso/2.4. [Alexandre Dulaunoy] Add ICS-CSIRT.io community - Add ICS-CSIRT.io community. [Koen Van Impe] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9613 from JakubOnderka/alert-email-title. [Jakub Onderka] chg: [internal] Add title to alert template - Fix key error on shadow attribute's id. [Vincenzo Caputo] - Change trigger's icon. [Vincenzo Caputo] - Change scope to 'shadow-attribute' [Vincenzo Caputo] - Remove newline in overhead message. [Vincenzo Caputo] - Add overhead message. [Vincenzo Caputo] - Add call to trigger before saving shadow attribute. [Vincenzo Caputo] - Add shadow attribute before save trigger. [Vincenzo Caputo] v2.4.187 (2024-03-07) --------------------- New ~~~ - [cli] added org list to the shell commands. [iglocska] - and some fixes to the roles - [CLI] New command to change user role. [Jakub Onderka] - [oidc] New option OidcAuth.update_user_role to disable role changes from OIDC. [Jakub Onderka] Changes ~~~~~~~ - [Version] bump. [iglocska] - [PyMISP] Update. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] 2.4.187. [Alexandre Dulaunoy] - [internal] Add ext-zstd to suggested PHP extension. [Jakub Onderka] - [analyst-data:add] Fixed non-focusable relationship dropdown search field. [Sami Mokaddem] Fix ~~~ - [events:restsearch] Correctly unset variable by reference after looping. [Sami Mokaddem] - This avoid attributes being overridden others when using `includeAnalystData` parameter - [CLI] added some new functionalities. [iglocska] - list roles - create user - [sync] pulls should continue after an event save failure. [iglocska] - fixes #9558 - [database update] fix. [Andras Iklody] - for older mysql versions - [db update] added IF NOT EXISTS clauses to create table calls. [iglocska] - [API consistency] [iglocska] - represent the local field for tags as a boolean rather than an int - [pull] Fix pulling from remote server when analyst data is not supported. [Jakub Onderka] - [logging] fixed using removeTagFromObject() [iglocska] - no longer creates erroneous log entries when unpublishing the event - [security] properly check for valid logo upload. [iglocska] - as kindly reported by Rémi Matasse and Raphael Lob from Synacktiv (https://www.synacktiv.com) - [security] properly check for valid file upload. [iglocska] - as kindly reported by Rémi Matasse and Raphael Lob from Synacktiv (https://www.synacktiv.com) - [oidc] Setting checking if variable is false. [Jakub Onderka] - [Galaxies:toggle] Display correct message when disabling a galaxy. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9602 from karenyousefi/2.4. [Andras Iklody] Update Event.php - Update Event.php. [Karen Yousefi] fix error Undefined offset: 0 in [/var/www/MISP/app/Model/Event.php, line 3682] - Update AppModel.php. [Andras Iklody] fix: [analyst data] update script - remove default current_timestamp() on older versions of v121 of the db updates - avoids chicken and egg problem on ancient mysql versions - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9605 from JakubOnderka/fix-pull-analyst. [Jakub Onderka] fix: [pull] Fix pulling from remote server when analyst data is not s… - Merge pull request #9606 from JakubOnderka/cli-role-change. [Jakub Onderka] new: [CLI] New command to change user role - Merge pull request #9607 from JakubOnderka/oidc-fix-update-role. [Jakub Onderka] fix: [oidc] Setting checking if variable is false - Merge pull request #9604 from JakubOnderka/ext-zstd-suggested. [Jakub Onderka] chg: [internal] Add ext-zstd to suggested PHP extension - Merget branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9600 from JakubOnderka/oidc-update-user-role. [Jakub Onderka] new: [oidc] New option OidcAuth.update_user_role to disable role chan… v2.4.186 (2024-02-29) --------------------- New ~~~ - [UI] Show dragonfly version in diagnostics. [Jakub Onderka] - [Event:_edit] Added support of recursive update of analyst data. [Sami Mokaddem] - [Event:_add] Added support of recursive capture of analyst data. [Sami Mokaddem] - [singleView:sidePanels] Added new `html` side panel template to feed any HTML into the view. [Sami Mokaddem] - [collections] feature added. Still missing sync integration - WiP. [iglocska] - [analyst-notes:UI] Started UI for analyst notes - WiP. [Sami Mokaddem] - [analystdata] wip. [iglocska] - [db] tables added for notes. [iglocska] Changes ~~~~~~~ - [schema] dumped. [iglocska] - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [misp-stix] Bumped latest version. [Christian Studer] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-stix] Bumped latest version with the changes on the organisation uuid argument. [Christian Studer] - [analyst-data:edit] Added support of editable fields. [Sami Mokaddem] - [analyst-data:UI] Added highlight on note opener button. [Sami Mokaddem] - As request by gallypette - [analyst-data:UI] Added highlight on note opener button. [Sami Mokaddem] - As request by gallypette - [analyst-data:thread] Gracefully catch cases where the related object is not found when generating link URL. [Sami Mokaddem] - [analyst-data:datetimes] Moved datetime manamgent of created and modified field from the DB to the app. [Sami Mokaddem] - This change is to enforce the usage of UTC time as using MySQL's CURRENT_TIMESTAMP uses the TZ of the server - [misp-stix] Bumped latest version. [Christian Studer] - [tests:testlive_sync] Trying to understand why it fails. [Sami Mokaddem] - [db_schema] Updated to latest. [Sami Mokaddem] - [event:restSearch] Added support of `includeAnalystData` options. [Sami Mokaddem] Also export analyst data using the event `Download as` function by default - [analyst-data:UI] Reduced number of inline asset ressources inclusion. [Sami Mokaddem] - [analyst-data:thread-view] Added possibility to fetch data having a deeper depth. [Sami Mokaddem] - [analyst-data] Added many improvements for UI and fixed infite loop due to recursion. [Sami Mokaddem] - [app:queryVersion] Bumped version. [Sami Mokaddem] - [analyst-data:edit] Fetch referenced element for analyst-data relationships by default. [Sami Mokaddem] - [analyst-data:add] Added support of author field and prefill it with current user's email address. [Sami Mokaddem] - [analyst-data:global_menu] Added entry in the global menu. [Sami Mokaddem] - [analyst-data:crud] Do not recursively fetch child analyst-data in REST context. [Sami Mokaddem] - [analyst-data:beforeValidate] Do not override authors field if already set. [Sami Mokaddem] - [analyst-data:CRUD] Allow viewing, editing and deleting any analyst- data by their UUIDs. [Sami Mokaddem] - [collection-elements:addElementToCollection] Redirect to collection creation if there no collections. [Sami Mokaddem] - [analyst-data:pull] Refactored condition building function for PULL sync rules. [Sami Mokaddem] - [analyst-note:pull] Started adding support of PULL sync filtering rule - WiP. [Sami Mokaddem] - [analyst-data:push] Added support of sync-filtering rules. [Sami Mokaddem] - [analyst-data:identifyForPush] Removed commented code. [Sami Mokaddem] - [analyst-data] Allow fetching analyst-data by UUID. [Sami Mokaddem] - [analyst-data] Added missing ACL entries and improved pre-filtering before negotiation starts. [Sami Mokaddem] - [analyst-data:push] Simplified filtering logic during negotiation. [Sami Mokaddem] - [analyst-data] Renamed bunch of synchronisation functions. [Sami Mokaddem] - [component:CRUD] Added support of parameter as a list. [Sami Mokaddem] - [analyst-data:pull] Change in pull strategy + few improvements. [Sami Mokaddem] - [analyst-data:pull] Continuation implementation of pull - WiP. [Sami Mokaddem] - [analyst-data:pull] Started implementation of pull - WiP. [Sami Mokaddem] - [analyst-data:delete] Make deletion `hard` by default. [Sami Mokaddem] - [analyst-data] Added `locked` flag, support of orgc/org, analyst-data- blocklist and most implementation of push synchronisation - WiP. [Sami Mokaddem] - [server:sync/analyst-data] Started integration of server synchronisation - WiP. [Sami Mokaddem] - [permission:analyst-data] Added new permission `perm_analyst_data` [Sami Mokaddem] - [galaxyClusters:view] Added analystData support in /galaxyClusters/view. [Sami Mokaddem] - [eventReport:view] Added analystData support in /eventReports/view. [Sami Mokaddem] - [analyst-data:ACL] Enforced ACL and reflected the change in the UI. [Sami Mokaddem] - [analyst-data:index] Improved UI for related element. [Sami Mokaddem] - [analyst-data:UI] Improved UI, better support of opinions in CRUD views and added single/index fields for opinion scale. [Sami Mokaddem] - [analyst-data:event-report] Added support of analyst-data to event reports. [Sami Mokaddem] - [analyst-data:ACL] Added ACL rules and fixed side-menu to support ACL. [Sami Mokaddem] - [analyst-data:view] Display fields based on note model and slightly improved UI. [Sami Mokaddem] - [galaxyCluster] Added support of analyst-note in the UI. [Sami Mokaddem] - [analyst-data:sideMenu] Added support of analyst-data in the side menu. [Sami Mokaddem] - [analyst-data:UI] Separated notes&opinions threads into their own file. [Sami Mokaddem] - [analyst-data:add] Added support of picker for relationship type and improved UI for sharing-group. [Sami Mokaddem] - [analyst-data:add] toggle sharing group input depending on the distribution setting. [Sami Mokaddem] - [analyst-data:UI-generic] Removed debugging string. [Sami Mokaddem] - [analyst-note] Added support of opinion on relationships. [Sami Mokaddem] - [analyst-data:UI] Added support of relation for object + refactoring + fixes. [Sami Mokaddem] - [analyst-data:ui-generic] Removed debugging string. [Sami Mokaddem] - [analyst-data:index] Added missing fields in the indexes. [Sami Mokaddem] - [analyst-data] Added support of fetching & displaying of related object + refacto + fixes - WiP. [Sami Mokaddem] - [analyst-data] Linked CRUD and UI together - WiP. [Sami Mokaddem] - Added dynamic association binding - Recursive notes and opinions injection - few improvements - fixes -> Still need to link CRUD for relationships and UI -> Still need to refactor for performance notes/opinions loading - [collections] added db changes. [iglocska] - [analyst-notes:ui] Added support of relationship and bootstrap tabs. [Sami Mokaddem] - [uuid field] update. [iglocska] - [analystdata wip] [iglocska] - [analyst-notes:ui] Few improvements. [Sami Mokaddem] - [analyst-notes:ui] Removed unused code. [Sami Mokaddem] - [analyst-notes:ui] Started integration in events/view. [Sami Mokaddem] - [analyst-notes:ui] Add fallback for passing data. [Sami Mokaddem] - To be removed later on - [analyst-notes:ui] Move the popover position a bit less. [Sami Mokaddem] - To be fixed later on - [analyst-notes:ui] Removed leftover code when opinions were using stars. [Sami Mokaddem] - [analyst-notes:ui] Improved UI of opinion notes. [Sami Mokaddem] - Based on the valuable feedback from @adulau - [analyst-notes:ui] Added support of permissions, callbacks and improved UI - WiP. [Sami Mokaddem] - [upload_stix] Casting distributions and sharing group IDs type. [Christian Studer] - [misp-stix] Bumped latest version. [Christian Studer] Fix ~~~ - [schema] fixed. [iglocska] - [event:_mergeExtension] Include analyst data on extension if originally requested in the request. [Sami Mokaddem] - [analyst-data:hasMoreNotesOrOpinions] Use correct model to fetch additional opinions. [Sami Mokaddem] - [analystdata] push and pull fixes. [iglocska] - push: check sharing group data correctly - pull: Don't throw errors if not all 3 types of notes exist on the remote - [UI] Fix MISP logo display on object templates index. [Jeroen Pinoy] - [stix2 import] Making the organisation uuid argument specific to external STIX 2 import. [Christian Studer] - [analystdata] removed invalid field from the change before the last. [iglocska] - [analyst data blocklist] removed unused edit button. [iglocska] - [analystdata] restrict what to display in associated models. [iglocska] - [analystdata] fixed editing of context specific editable fields. [iglocska] - [analyst data] zero out sharing group ID when other distribution setting is selected. [iglocska] - [analystdata] clarified hover text. [iglocska] - [analystdata ui] oversanitisation of relationships fixed. [iglocska] - [stix2 import] Added missing `organisation_uuid` argument. [Christian Studer] - [upload_stix] Fixed naive copy paste failing after an arbitrary variable name change. [Christian Studer] - [upload_stix] Fixed undefined index `cluster_sharing_group_id` when uploading stix file. [Christian Studer] - [UI] Catch exception when custom file is not readable. [Jakub Onderka] - [users:login401] Usage of Image->base64 to follow what users:login does. [Sami Mokaddem] - [user:login] Make sure welcome_logos exists before trying to render them. [Sami Mokaddem] - [users:login] Check file existence in the correct location. [Sami Mokaddem] - [UI] Custom logos. [Jakub Onderka] - [users:login] Check file existence in the correct location. [Sami Mokaddem] - [processtool] make old versions happy. [iglocska] - proc_open only started accepting $command as an array in 7.4 - [users:login401] Usage of Image->base64 to follow what users:login does. [Sami Mokaddem] - [user:login] Make sure welcome_logos exists before trying to render them. [Sami Mokaddem] - [eventReports:view/analystData] Load assets before trying to render notes. [Sami Mokaddem] - [internal] exif_imagetype is not standard part of PHP. [Jakub Onderka] - [UI] Catch exception when custom file is not readable. [Jakub Onderka] - [UI] correct encoding for the notes. [iglocska] - [notes] changed timestamp output to not include timezone. [iglocska] - doesn't work on all versions of mariadb/mysql - [users:login] Check file existence in the correct location. [Sami Mokaddem] - [login:UI] Reverted change that swapped `main_logo` with `home_logo` [Sami Mokaddem] - [db_schema] Bumped db_version. [Sami Mokaddem] - [galaxyCluster:view/analystData] Load assets before trying to render notes. [Sami Mokaddem] - [stix2 import] Setting the `single_event` argument to avoid skipping content in case of multiple reports or groupings. [Christian Studer] - [UI] Custom logos. [Jakub Onderka] - [workflowModules:attributeEditionOperation] Make sure to call Attribute->editAttribute on data to be saved. [Sami Mokaddem] - [workflow] fix attribute edit module actions. [Jeroen Pinoy] - [analyst-data:relationship] Make sure to rearrange data only when the referrenced element exists. [Sami Mokaddem] - [analyst-data:view] Fixed analyst-data/view/all endpoint. [Sami Mokaddem] - [db_schema] Bumped db_version. [Sami Mokaddem] - [app] Fixed error while merging in db_change number. [Sami Mokaddem] - [analyst-data:pull] Return early if there is nothing to pull. [Sami Mokaddem] - [test:testlive_sync] Adapted message to adhere to server change. [Sami Mokaddem] - [object:editObject] Call function from the correct model. [Sami Mokaddem] - [object:editObject] Avoid un-nesting object when not applicable. [Sami Mokaddem] - [aclComponent] Make queryACL not complaining. [Sami Mokaddem] - [eventReport:editReport] Call function from the correct model. [Sami Mokaddem] - [attribute:editAttributePostProcessing] Call function from the correct model. [Sami Mokaddem] - [analyst-data:add] Allow not providing a language when creating a note. [Sami Mokaddem] - [analyst-data:recursive-fetch] Second tentative to prevent recursion in relationship. [Sami Mokaddem] - [analystData:fetchChildNotesAndOpinions] Added support of depth. [Sami Mokaddem] - [analyst-data:add] Added missing field `related_object_type` in form. [Sami Mokaddem] - [console:serverShell] Set `CurrentUserId` to the ID of the user being used. [Sami Mokaddem] - [collection] Enforce cascade on delete. [Sami Mokaddem] - [analyst-data:pull] Make sure to correctly decode returned data. [Sami Mokaddem] - [analyst-data:indexMinimal] Use the organisation name instead of UUID. [Sami Mokaddem] - This is because PULL sync filter rules relies on organisation names of the remote - This change is to avoid rewriting the regular sync path that relies on the org name - [analyst-data] Various fixes regarding ACL and recursive fetching. [Sami Mokaddem] - [analyst-data:push] Correctly adjust locked flag for push. [Sami Mokaddem] - [analyst-data:pull] Correctly adjust distribution level and locked flag when pulling. [Sami Mokaddem] - [analyst-data:edit] Bump `modified` field before updating. [Sami Mokaddem] - [analyst-data:pushAnalystData] Typo in success reporting log line. [Sami Mokaddem] - [analyst-data:CRUD] Make sure to return the data in the afterFind function. [Sami Mokaddem] - [analyst-data:db-migration] Fixed typo in create table instruction. [Sami Mokaddem] - [events:view/analyst-data] Added missing relationship_path. [Sami Mokaddem] - [analyst-data:ui-generic] Make sure to always show analyst-data. [Sami Mokaddem] - [analyst-data:afterFind] Only rearrange key sharing-group key if they distribution exists. [Sami Mokaddem] - [analyst-data:view] Use correct model to access element property. [Sami Mokaddem] - [analyst-data] Fixed sharing group associations. [Sami Mokaddem] - [analyst-data-behavior:afterFind] Restored behavior that fetched child notes and opinions in the analyst-data afterFind method. [Sami Mokaddem] Might be reverted later on - [analyst-data:ui-generic] Fixed template overriding the $seed leading to weird behaviors with bootstrap tabs. [Sami Mokaddem] - [analyst-data:ui-generic] Small refacto + fixed style not being generated for first-level opinions. [Sami Mokaddem] - [analystdata] added behavior to objects. [iglocska] - [CRUD] more accurate results in save functions (show the state after the save) [iglocska] - [UI] uuid length for the display fixed. [iglocska] - [events:getThreads] Removed fake unused function. [Sami Mokaddem] - [analyst-notes:ui] Small fix on the vbar for opinion's comment. [Sami Mokaddem] - [upload_stix] Avoiding issues with sharing group arguments being null. [Christian Studer] - [stix2 import] Fixed STIX2 parser name. [Christian Studer] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [Sami Mokaddem] - Merge branch 'develop' into 2.4. [iglocska] - Merge remote-tracking branch 'origin/develop' into 2.4. [Sami Mokaddem] - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #9508 from JakubOnderka/redis-info. [Jakub Onderka] new: [UI] Show dragonfly version in diagnostics - Merge pull request #9594 from Wachizungu/fix-object-templates-misp- logo-display. [Jakub Onderka] fix: [UI] Fix MISP logo display on object templates index - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9588 from vincenzocaputo/fix-workflow-tag- replacement-module-description. [Alexandre Dulaunoy] Fix Tag replacement workflow module description - Fix Tag replacement workflow module description. [Vincenzo Caputo] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9440 from chrisr3d/develop. [Christian Studer] Handling clusters distribution and sharing group for content imported from STIX 2.x - Add: [stix2 import] Added organisation UUID parameter to be used when generating custom Galaxy Clusters UUID. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branch 'fix/custom-image-rendering' into 2.4. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9582 from cudeso/2.4. [Alexandre Dulaunoy] Minor documentation changes; add example to create users via REST API - Minor documentation changes; add example to create users via REST API. [Koen Van Impe] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Revert "fix: [users:login] Check file existence in the correct location" [Sami Mokaddem] This reverts commit a1bba71204cbb54de21eac5d324ff14288e89574. - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9583 from JakubOnderka/image-helper-fix. [Jakub Onderka] fix: [UI] Catch exception when custom file is not readable - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9575 from JakubOnderka/fix-custom-logos. [Jakub Onderka] fix: [UI] Custom logos - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into notes. [Sami Mokaddem] - Ichg: [analyst-note:pull] Continuation of adding support of PULL sync filtering rule - WiP. [Sami Mokaddem] - Merge branch 'feature/analyst-data' into notes. [Sami Mokaddem] - Merge branch 'notes' of github.com:MISP/MISP into notes. [iglocska] - Chf: [notes] wip. [iglocska] - Merge branch 'feature/analyst-notes' into notes. [Sami Mokaddem] - Merge remote-tracking branch 'mokaddem/feature/analyst-note-ui' into feature/analyst-notes. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Add: [upload_stix] Handling cluster distribution and sharing group for content imported from STIX 2.x. [Christian Studer] v2.4.185 (2024-02-16) --------------------- Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump version. [Raphaël Vinot] - [doc/openapi] clarify 'deleted' restsearch filter (#9485) [Jeroen Pinoy] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] fix a few regressions. [Raphaël Vinot] - [servers:getVersion] Include the remote instance UUID if user has perm_sync permission. [Sami Mokaddem] - [develop] merge back the Curl option issue. [Alexandre Dulaunoy] Fix ~~~ - [missing images] re-added. [iglocska] - [db_schema] bump. [iglocska] - Fix objects restsearch first_seen filter. [Jeroen Pinoy] - [sighting sync] speculative fix for critical sync issue. [iglocska] - pulls from an instance with extremely high numbers of sightings (~300M+) can lead to the pulled instance becoming unusable - This fix addresses multiple issues: - The use of last:0 as a sighting pull filter parameter lead to a search using an unindexed field - Internally searching for sighting IDs across 500 events in one shot can lead to massive data-sets - Internally searching for sighting IDs by Event.uuid on a joined table is extremely slow compared to searching on the sighting table alone - Fix object_name, object_template_uuid and object_template_version object restsearch filters. [Jeroen Pinoy] - CurlClient doesn't use correct Proxy settings. [Benni0] - [security] Org image upload moved out of webroot. [iglocska] - images will no longer be accessible directly, only via inclusion via file-read/b64 encoding - The new store for org images is MISP/app/files/img/orgs - As reported by Yusuke Nakajima Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9564 from Wachizungu/fix-objects-restsearch-first- seen. [Andras Iklody] fix: fix objects restsearch first_seen filter - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9563 from Wachizungu/fix-object-restsearch- filters. [Andras Iklody] fix: fix object_name, object_template_uuid and object_template_versio… - Merge pull request #9551 from Benni0/2.4. [Alexandre Dulaunoy] fix: CurlClient doesn't use correct Proxy settings - Merge pull request #9544 from pswapneel/2.4. [Alexandre Dulaunoy] Added Shreshta Newly registered domain names 1-week and 1-month community policy feeds - Added Shreshta NRD 1 week and 1 month community feeds. [Swapneel Patnekar] v2.4.184 (2024-02-02) --------------------- New ~~~ - [internal] Binary cache plugin. [Jakub Onderka] - [CLI] User::ip_country. [Jakub Onderka] - [internal] Code cleanup for ApcuCacheTool. [Jakub Onderka] - [internal] Store browscap cache in apcu. [Jakub Onderka] - [test] Check if includeUuid works for sighting rest search. [Jakub Onderka] - [test] test_restsearch_sightings. [Jakub Onderka] - [CLI] cake User init command. [Jakub Onderka] Deprecate cake UserInit - [test] Add test for RPZ export. [Jakub Onderka] - [CLI] AdminShell isEncryptionKeyValid command. [Jakub Onderka] - [zmq] Example Python client. [Jakub Onderka] - [zmq] Allow to manager ZMQ process by supervisor. [Jakub Onderka] - [curl] Add support for zstd encoding. [Jakub Onderka] - [sync] Experimental curl client. [Jakub Onderka] - [CLI] Add ability to show running jobs. [Jakub Onderka] - [CLI] Worker shell. [Jakub Onderka] - [CLI] IP address normalization script. [Jakub Onderka] - [event:publication] Added new setting to block event publication if the user is the creator. [Sami Mokaddem] Enabling this setting will change the behavior of MISP so that it will block the publication of an Event if the publisher is the same as the event creator. Changes ~~~~~~~ - [GeoOpen] updated. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] bumped. [iglocska] - [appcontroller] versions bump. [iglocska] - [submodules] updated. [iglocska] - [VERSION] bump. [iglocska] - [PyMISP] Bump to preliminary release with strict typing - take 9. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - take 8. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - take 7. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - take 6. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - take 5. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - take 4. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - third fix. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - second fix. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing - first fix. [Raphaël Vinot] - [PyMISP] Bump to preliminary release with strict typing. [Raphaël Vinot] - [PyMISP] Update back to 2.4.183. [Jakub Onderka] - [develop] merge back 2.4. [Alexandre Dulaunoy] - [events:export] Make setting `MISP.disable_cached_exports` enabled by default. [Sami Mokaddem] Since the /events/export has been marked deprecated for a years started the process to phase it out by first disabling the endpoint by default. - [internal] Faster freetext parsing. [Jakub Onderka] - [internal] Faster check for session destruction. [Jakub Onderka] - [internal] Use Attribute::fetchAttributesInChunks for correlations. [Jakub Onderka] - [internal] ssdeep correlation speedup. [Jakub Onderka] - [internal] Use iterator_to_array. [Jakub Onderka] - [internal] Use array_push($array, ...) instead of slower array_merge. [Jakub Onderka] - [internal] Remove unused and broken method. [Jakub Onderka] - [internal] Detect serialization format in RedisTool. [Jakub Onderka] - [internal] Use compressed version of browscap and update to latest version. [Jakub Onderka] - [export] Fix notice in NISD export. [Jakub Onderka] - [test] Small cleanup. [Jakub Onderka] - [test] Test snort rule without msg. [Jakub Onderka] - [export] NidsExport code cleanup. [Jakub Onderka] - [test] Do not run test twice and disable not necessary output. [Jakub Onderka] - [test] Add snort attribute to test. [Jakub Onderka] - [internal] Faster checking if array is list. [Jakub Onderka] - [internal] Slightly optimise Mysql::insertMulti. [Jakub Onderka] - [test] Do not show progressbar for curl commands. [Jakub Onderka] - [test] Remove unused travis test definition. [Jakub Onderka] - [test] Try to avoid sudo. [Jakub Onderka] - [internal] Simplify getting current repo commit. [Jakub Onderka] - [internal] Log exceptions when doing diagnostics. [Jakub Onderka] - [CLI] Better warning messages for cake user authkey_valid. [Jakub Onderka] - [CLI] Better error messages for cake admin isEncryptionKeyValid. [Jakub Onderka] - [oidc] More verbose log messages. [Jakub Onderka] - [CLI] Optimise cake user authkey_valid. [Jakub Onderka] - [test] Try to avoid zmq warnings in logs. [Jakub Onderka] - [CLI] Be more strict for setSetting accepted values. [Jakub Onderka] - [CLI] More clear warning message. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [internal] PHP 7.4 is required, so we can remove hacks for older versions vol. 2. [Jakub Onderka] - [internal] PHP 7.4 is required, so we can remove hacks for older versions. [Jakub Onderka] - [internal] Cleanup code for RPZ export. [Jakub Onderka] - [internal] Log errors for git. [Jakub Onderka] - [internal] Better error messages. [Jakub Onderka] - [CLI] Track worker process ID. [Jakub Onderka] - [CLI] Show deprecated message for all deprecated commands. [Jakub Onderka] - [internal] Add support for orjson for zmq. [Jakub Onderka] - [module] Keep connection between requests. [Jakub Onderka] - [internal] Try to close CURL connection. [Jakub Onderka] - [curl] Better error message. [Jakub Onderka] - [internal] Use curl when possible. [Jakub Onderka] - [galaxies] Allow to update galaxy fields when doing update. [Jakub Onderka] - [internal] Track running jobs. [Jakub Onderka] - [auth] Do not log auth_fail for JSON requests. [Jakub Onderka] - [CLI] Log exception if file was not found during attachment scan. [Jakub Onderka] - [CLI] Deprecate LiveShell. [Jakub Onderka] - [CLI] Better logging for workers. [Jakub Onderka] - [internal] Do not scan attachment that are bigger than 25 MB. [Jakub Onderka] - [internal] Move attachment scanning to prio queue. [Jakub Onderka] - [totp] add clarifications to totp setup view. [Jeroen Pinoy] - [UI] More sane Sync Actions menu. [Jakub Onderka] - [internal] Optimise reportValidationIssuesAttributes. [Jakub Onderka] - [validation] Remove CIDR from /32 IPv4 and /128 IPv6 to normalize values. [Jakub Onderka] - [tools:misp-delegation] Added support of log-level as script parameter and improved logging. [Sami Mokaddem] - [event:publish] Reverse condition for readability and consistency with _add. [Sami Mokaddem] - [event:publish] Exempt sync users from MISP.block_publishing_for_same_creator. [Sami Mokaddem] - [event:publish] Prevent publication if publishing is coming from /add or /edit. [Sami Mokaddem] - [events:publish] Improved phrasing on the publication blocking if creator == publisher. [Sami Mokaddem] - [garbage collection] added cached exports. [iglocska] Fix ~~~ - [tests] remove useless call. [Raphaël Vinot] - [tests] Disable a couple tests. [Raphaël Vinot] - [tests] just messin' around. [Raphaël Vinot] - [tests] use more lenient internal call... [Raphaël Vinot] - Return the right thing in test. [Raphaël Vinot] - Avoid call on internal method... [Raphaël Vinot] - [log] Do not save to database big changes. [Jakub Onderka] - [security] auditlogs's fullChange lack of ACL controls. [Sami Mokaddem] Added proper ACL handling - As reported by Jeroen Pinoy - [internal] Raise size for access_logs action column. [Jakub Onderka] - [security] Improved security checks for organisation logo upload. [Sami Mokaddem] - As reported by Andrei Agape / Teliacompany Checks are: - Maximum file size of 250K since the recommanded picture size is 48x48. - File extension check - File mime type checks - [security] Enforce usage of POST to start an export generation process. [Sami Mokaddem] As reported by Andrei Agape / Teliacompany - [organisation:orgMerge] Added missing models for organisation handover. [Sami Mokaddem] - [organisation:orgMerge] Make sure to serialize array before insertion. [Sami Mokaddem] - [admin] Show logos in SVG format in admin. [Jakub Onderka] - Incorrect foreing key. [Luciano Righetti] - [internal] Email new login sending. [Jakub Onderka] - [GalaxyClusters] fix tag_name restsearch filter (#9512) [Jeroen Pinoy] - [internal] More explaining error message. [Jakub Onderka] - [internal] Fetching latest remote Git version. [Jakub Onderka] - [appController:harvestParameters] Always support page and limit parameters while harvesting parameters. [Sami Mokaddem] There is not point in not always supporting these two parameters - [CLI] Do not load config twice. [Jakub Onderka] - [test] Delete event after test pass. [Jakub Onderka] - [API] Return proper exception for rest search. [Jakub Onderka] - [objects] restsearch first/last seen filters added. [iglocska] - also a fix for the allowedlists generating notice errors / not firing correctly - [API] Missing includeUuid param for Sighting rest search. [Jakub Onderka] - [API] Missing UUID param for Sighting rest search. [Jakub Onderka] - [internal] Rate limiting. [Jakub Onderka] - [internal] Access log errors from test. [Jakub Onderka] - [internal] Try to cleanup memory when fetching feed. [Jakub Onderka] - [internal] Fix error code when fetching sightings. [Jakub Onderka] - [internal] Attachment scanning. [Jakub Onderka] - [tools:event_timeline] Fixed typo in the getTimline function for objectAttributes. [Sami Mokaddem] - [UI] Remove double dot. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [internal] Do not use deprecated method. [Jakub Onderka] - [internal] Remove unused variables. [Jakub Onderka] - [security] auditlogs's fullChange lack of ACL controls. [Sami Mokaddem] Added proper ACL handling - As reported by Jeroen Pinoy - [appController:harvestParameters] Always support page and limit parameters while harvesting parameters. [Sami Mokaddem] There is not point in not always supporting these two parameters - [tools:event_timeline] Fixed typo in the getTimline function for objectAttributes. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #9543 from JakubOnderka/audit-log-skip-big-change. [Jakub Onderka] fix: [log] Do not save to database big changes - Merge pull request #9538 from JakubOnderka/access-log-action-column. [Jakub Onderka] fix: [internal] Raise size for access_logs action column - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9534 from JakubOnderka/speedup-vol2. [Jakub Onderka] chg: [internal] Faster check for session destruction - Merge pull request #9532 from JakubOnderka/svg-logos. [Jakub Onderka] fix: [admin] Show logos in SVG format in admin - Revert "fix: incorrect foreing key" [Luciano Righetti] This reverts commit 6a36d7a3cdf1a7ecd32b43c3a10da6122418501d. - Merge pull request #9528 from JakubOnderka/binary-file-cache. [Jakub Onderka] new: [internal] Binary cache plugin - Merge pull request #9530 from JakubOnderka/fix-9526. [Jakub Onderka] fix: [internal] Email new login sending - Merge pull request #9525 from JakubOnderka/speedup. [Jakub Onderka] chg: [internal] Use Attribute::fetchAttributesInChunks for correlations - Merge pull request #9524 from JakubOnderka/speedup. [Jakub Onderka] Speedup - Merge pull request #9510 from JakubOnderka/redis-serialization-format. [Jakub Onderka] chg: [internal] Detect serialization format in RedisTool - Merge pull request #9523 from JakubOnderka/browscap-apcu-cache. [Jakub Onderka] Browscap apcu cache - Merge pull request #9522 from JakubOnderka/browscap-apcu-cache. [Jakub Onderka] new: [internal] Store browscap cache in apcu - Merge pull request #9521 from JakubOnderka/snort-fix. [Jakub Onderka] chg: [test] Add snort attribute to test - Merge pull request #9520 from JakubOnderka/test-cleanup. [Jakub Onderka] Test cleanup - Merge pull request #9519 from JakubOnderka/exception-logging. [Jakub Onderka] Exception logging - Merge pull request #9506 from JakubOnderka/small-fixes. [Jakub Onderka] Small fixes - Merge pull request #9499 from JakubOnderka/oidc-messages. [Jakub Onderka] chg: [oidc] More verbose log messages - Merge pull request #9498 from JakubOnderka/optimise-authkey-valid. [Jakub Onderka] chg: [CLI] Optimise cake user authkey_valid - Merge pull request #9497 from JakubOnderka/rate-limit-fix. [Jakub Onderka] fix: [internal] Rate limiting - Merge pull request #9496 from JakubOnderka/fix-access-log-errors. [Jakub Onderka] fix: [internal] Access log errors from test - Merge pull request #9495 from JakubOnderka/cleanup-php74. [Jakub Onderka] chg: [internal] PHP 7.4 is required, so we can remove hacks for older… - Merge pull request #9494 from JakubOnderka/cleanup-php74. [Jakub Onderka] chg: [internal] PHP 7.4 is required, so we can remove hacks for older PHP - Merge pull request #9493 from JakubOnderka/rpz. [Jakub Onderka] new: [test] Add test for RPZ export - Merge pull request #9492 from JakubOnderka/error-handling. [Jakub Onderka] chg: [internal] Log errors for git - Merge pull request #9479 from JakubOnderka/cleanup. [Jakub Onderka] new: [CLI] AdminShell isEncryptionKeyValid command - Merge pull request #9491 from JakubOnderka/zmq-supervisor. [Jakub Onderka] Zmq supervisor - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8717 from JakubOnderka/experimental-curl-client. [Jakub Onderka] new: [sync] Experimental curl client - Merge pull request #9100 from JakubOnderka/galaxy-improt-update. [Jakub Onderka] chg: [galaxies] Allow to update galaxy fields when doing update - Merge pull request #9480 from JakubOnderka/attachment-scan. [Jakub Onderka] Attachment scan - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9481 from Wachizungu/add-totp-setup- clarifications. [Alexandre Dulaunoy] chg: [totp] add clarifications to totp setup view - Merge pull request #8831 from JakubOnderka/ui-fixes. [Jakub Onderka] Better UI - Merge pull request #9431 from JakubOnderka/remove-ip-cidr. [Jakub Onderka] chg: [validation] Remove CIDR from /32 IPv4 and /128 IPv6 to normalize - Merge branch 'feature/publication-blocking-same-user' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9477 from JakubOnderka/cleanup. [Jakub Onderka] Cleanup v2.4.183 (2024-01-05) --------------------- New ~~~ - [internal] New option `Security.ecs_log` to enable ECS logging. [Jakub Onderka] - [internal] Add more metadata to ECS log. [Jakub Onderka] - [internal] Add more metadata to ECS log. [Jakub Onderka] - [internal] Add support for MISP ECS logs. [Jakub Onderka] - [internal] Add support for ECS logs for debug and error log. [Jakub Onderka] - [garbage collection] added for temporary files. [iglocska] - [sg blueprint] encode as sync rule functionality added. [iglocska] Changes ~~~~~~~ - [misp-stix] Bumped latest version. [Christian Studer] - [VERSION] bump. [iglocska] - [internal] Refactor UserController::_postlogin. [Jakub Onderka] - [internal] Add 'Security.alert_on_suspicious_logins' to security audit. [Jakub Onderka] - [internal] Do not log in audit log last_api_access. [Jakub Onderka] - [scan] Skip empty files. [Jakub Onderka] - [log] Proper exception logging. [Jakub Onderka] - [sentry] Capture exception with message. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-stix] Bumped latest version. [Christian Studer] - Including changes on the requirements - [PyMISP] Bump version. [Raphaël Vinot] - [internal] Better logging for Oidc. [Jakub Onderka] - [internal] ECS: Log if there is problem with converting log to JSON. [Jakub Onderka] - [internal] Handle GeoIp2 exceptions. [Jakub Onderka] - [internal] Add logging for UserShell::authkey_valid. [Jakub Onderka] - [internal] Move field description to controller. [Jakub Onderka] - [UI] Show choosen when importing STIX. [Jakub Onderka] - [internal] Error handling when converting MISP2STIX. [Jakub Onderka] - [internal] Error handling when converting STIX2MISP. [Jakub Onderka] - [internal] Code cleanup for UserLoginProfile. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [install] support jammy - see #9153. [Christophe Vandeplas] - [install] support jammy - see #9153. [Christophe Vandeplas] - [internal] ECS: Add specific log for emails. [Jakub Onderka] - [internal] ECS: Do not cache IP address. [Jakub Onderka] - [internal] Code cleanup for logging. [Jakub Onderka] - [internal] Code cleanup for user login profile. [Jakub Onderka] - [addTag] functions changed to also work with uuids, rather than just local IDs. [iglocska] - as reported by @0x3c7 - [event:view] Added option to mass local cluster tag. [Sami Mokaddem] - [tools] mention the communities json page. [Christophe Vandeplas] - [communities] added SecureGRID community. [Christophe Vandeplas] Fix ~~~ - [cleanup] removed copy pasta junk. [iglocska] - [internal] Fix view user login history. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [internal] Review user logins fix. [Jakub Onderka] - [internal] ECS session start. [Jakub Onderka] - [internal] Session destroy. [Jakub Onderka] - Missing deps for tests. [Raphaël Vinot] - Searching events by event_tags. [Stefano Ortolani] - [internal] Correctly handle X-Forwarded-For header values. [Jakub Onderka] - [internal] Undefined index sharing_group_id when uploading stix file. [Jakub Onderka] - [internal] OIDC log. [Jakub Onderka] - [internal] ECS: Log errors when executing external processes. [Jakub Onderka] - [internal] ECS: Add support for handling PHP errors and exceptions. [Jakub Onderka] - [internal] ECS: Reliable logging. [Jakub Onderka] - [internal] ECS: Avoid double JSON encoding. [Jakub Onderka] - [internal] ECS: URL query field. [Jakub Onderka] - [internal] Code cleanup for IP logging. [Jakub Onderka] - [internal] ECS: Timestamp with microseconds. [Jakub Onderka] - [internal] ECS: Invalid port checking in metadata. [Jakub Onderka] - [feeds] broken JSON fixed for the meta feeds. [Alexandre Dulaunoy] - [install] fix install script invalid checksum. [Christophe Vandeplas] - [install] fix install script invalid checksum. [Christophe Vandeplas] - [datasource] added to valid datasources list. [iglocska] - [datasource] added mashup of mysqlobserver and mysqlextended. [iglocska] - [events:view] Typo in attributeToolbar for mass cluster tag. [Sami Mokaddem] - Openapi spec version not supported by redoc. [Luciano Righetti] - Openapi spec version not supported by redoc. [Luciano Righetti] - [servers] custom cert file not written when cert folder does not exist. [Christophe Vandeplas] - [workflow-modules:Organisation_if] Make sure to convert operator to support new version of the module. [Sami Mokaddem] Shoud fix #9423 - [communities] fixed SecureGRID community link. [Christophe Vandeplas] Other ~~~~~ - Merge branch 'develop' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9473 from JakubOnderka/logging. [Jakub Onderka] chg: [internal] Do not log in audit log last_api_access - Merge pull request #9476 from JakubOnderka/session-destroy. [Jakub Onderka] fix: [internal] Session destroy - Merge pull request #9106 from JakubOnderka/sentry-nicer. [Jakub Onderka] chg: [sentry] Capture exception with message - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9474 from ostefano/dev. [Andras Iklody] fix: searching events by event_tags - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9472 from JakubOnderka/logging. [Jakub Onderka] fix: [internal] Correctly handle X-Forwarded-For header values - Merge pull request #9471 from JakubOnderka/logging. [Jakub Onderka] fix: [internal] OIDC log - Merge pull request #9470 from JakubOnderka/logging. [Jakub Onderka] fix: [internal] ECS: Reliable logging - Merge pull request #9466 from JakubOnderka/logging. [Jakub Onderka] fix: [internal] ECS: Invalid port checking in metadata - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9465 from JakubOnderka/logging. [Jakub Onderka] ECS logging - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9153 from nyx0/2.4. [Andras Iklody] upd: add jammy release for arm64. - Upd: add jammy release for arm64. [Thomas Dupuy] - Merge pull request #9457 from threatintelBB/2.4. [Andras Iklody] Banco do Brasil public feed - Banco do Brasil public feed. [kali] - Banco do Brasil public feed. [kali] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] v2.4.182 (2023-12-14) --------------------- New ~~~ - [event:view] Added new option `show_server_correlations_for_all_users` allowing non-privileged users to view server correlations. [Sami Mokaddem] Changes ~~~~~~~ - [Version] bump. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-stix] Bumped latest version. [Christian Studer] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [Geo-Open] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [CLI] runUpdates updated to purge any pending db lock first. [iglocska] - [event reports] content field size changed to mediumtext. [Andras Iklody] - [logging] fail silently if logging entry can't be saved. [iglocska] - can happen when the log change is too large for example - no need to roll back / break sync for example if a log entry is too large, just fail silently. - [events:event-graph] Allow expansion of nodes by double-clicking. [Sami Mokaddem] In response to significant demand from Terrtia and subsequent evaluation by adulau - [feed:attachFeedCorrelations] Added comment. [Sami Mokaddem] - [event:view] Show feed meta-information as popup. [Sami Mokaddem] - [misp-stix] Bump. [Jakub Onderka] Fix ~~~ - [db_schema] dump. [iglocska] - [correlation] exclusion cleaning was broken for noacl correlations, fixes #8899. [iglocska] - [eventReport:editReport] Generate an UUID if new report added from pull. [Sami Mokaddem] - [workflows:editor] Prepend baseurl to url. [Lukasz Rzasik] - [TOTP] allow deletion of TOTP from edit page. [Christophe Vandeplas] - [security] new audit logs lack of ACL controls. [iglocska] - added proper ACL handling to the new audit logs - as reported by fukusuket(Fukusuke Takahashi) - [case sensitivity] fix. [iglocska] - [login_history] fixes str_contains #9433. [Christophe Vandeplas] - [login_history] fixes str_contains #9433. [Christophe Vandeplas] - [password reset] required current password for token based reset. [iglocska] - [diag] diagnostics page loading issue. [Michael Hirt] - [openapi] add version to match spec. fixes #9058. [Luciano Righetti] - [caching] remove uuid validation from the feed caching. [iglocska] - not really needed and it breaks the entire caching if a single old event has an invalid uuid - [attribute bulk update] separate out tag deletion as it builds a ridiculously large query at times. [iglocska] - [caching] remove uuid validation from the feed caching. [iglocska] - not really needed and it breaks the entire caching if a single old event has an invalid uuid Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'lukaszrzasik_fix-workflows-editor-url' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into lukaszrzasik_fix- workflows-editor-url. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9413 from mdhirt/fix-diagnostics-issue#9411. [Jakub Onderka] fix: [diag] diagnostics page loading issue - Merge pull request #9432 from JakubOnderka/update-misp-stix. [Christian Studer] chg: [misp-stix] Bump - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] v2.4.181 (2023-12-01) --------------------- Changes ~~~~~~~ - [tools:misp-delegation] Do not use self-documented expression in f-string anymore. [Sami Mokaddem] - [version] bump. [iglocska] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [tests] search for errors in logs. [Christophe Vandeplas] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [Alert on suspicious logins] disabled by default. [iglocska] - requires logs table to be better indexed currently to not be a bottleneck (user_id and action fields) - Will be made default in an upcoming version once the performance issues are resolved - [tests] fix path in logs_tests.sh. [Christophe Vandeplas] - [tests] fixes path of logs_tests. [Christophe Vandeplas] - [userloginprofiles] undefined variable #9424. [Christophe Vandeplas] - [customauth] missing Class init fixes #9425. [Christophe Vandeplas] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge remote-tracking branch 'origin/develop' into 2.4. [Christophe Vandeplas] - Merge remote-tracking branch 'origin/develop' into 2.4. [Christophe Vandeplas] v2.4.180 (2023-11-30) --------------------- New ~~~ - [api] added X-MISP-AUTH as an alternative header to Authorization, fixes #9418. [iglocska] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [workflows] restored 7.2 and 7.3. [iglocska] - [user login profile] old version compatibility. [iglocska] - [event index] hover over ID will show the info field, generally more useful than the threat level. [iglocska] Fix ~~~ - [login] fixes bad fix and catches first login after update. [Christophe Vandeplas] - [revert] dumb check. [iglocska] - [compatibility] make the ancient gods happy. [iglocska] - [user login profile] skip checks for ancient php versions. [iglocska] - [Attribute:EditPostProcessing] Make sure the ID is set. [Sami Mokaddem] - [attribute:editPostProcessing] Fixed typo in condition preventing tags to be detached. [Sami Mokaddem] - [attributes] type field added to editable fields. [iglocska] - [RPZ] export custom parameters ingored, fixes #9420. [iglocska] - [Attribute:editPostProcessing] Fixed sighting capture. [Sami Mokaddem] - [Attribute:EditPostProcessing] Make sure the ID is set. [Sami Mokaddem] - [attribute:validation] Typo in function name. [Sami Mokaddem] - [attribute:editPostProcessing] Fixed typo in condition preventing tags to be detached. [Sami Mokaddem] Other ~~~~~ - Merge remote-tracking branch 'origin/develop' into 2.4. [Christophe Vandeplas] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Revert "chg: [workflows] restored 7.2 and 7.3" [iglocska] This reverts commit 206d2af439ae22c35a41568b4dc79562f2cb29e4. - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Feature/user login profiles2 (#9379) [Christophe Vandeplas, iglocska] * new: [userloginprofiles] start over with previous code * fix: [user_login_profiles] fixes catching up the backlog * chg: [userloginprofile] email to org_admin for suspicious login * chg: [userloginprofile] only inform new device * chg: [userloginprofiles] view_login_history instead of view_auth_history * chg: [userloginprofile] make login history visually better * chg: [userloginprofile] inform admins of malicious report * fix: [userloginprofile] cleanup * fix: [userloginprofile] fixes Attribute include in Console * fix: [userloginprofile] db schema and changes * chg: [CI] log emails * chg: [PyMISP] branch change * chg: [test] test * fix: [userloginprofile] unique rows * fix: [userloginprofile] unique rows * chg: [cleanup] * Revert "chg: [PyMISP] branch change" This reverts commit 3f6fb46fee9745437998fc013a97af874679c87b. * fix: [userloginprofile] fix worksers with monolog=1.25 browcap=5.1 * fix: [db] dump schema version * fix: [CI] newer php versions * fix: [composer] php version * fix: [php] revert to normal php7.4 tests --------- - Merge branch '2.4' into develop. [iglocska] v2.4.179 (2023-11-25) --------------------- New ~~~ - [WiP] edit refactor. [iglocska] - [event edit] skip validation hooks on demand. [iglocska] - WiP for bulk ingestion of minor changes - [tools/misp-delegation] Added misp-delegation tool. [Sami Mokaddem] MISP-Delegation is a customisable tool to help sending events on a remote MISP instance and create a delegation request. - [sightings:view] Added endpoint sightings/view to get sightings by ID or UUID. [Sami Mokaddem] - [event report] fetch from url now detects other formats. [iglocska] - pdf, xlsx, pptx, ods, odt, docx extension documents are now imported via the given module - [eventreport:sendToLLM] Added draft of feature. [Sami Mokaddem] - [llm] settings. [iglocska] - [workflow-modules:count_if] New module `IF :: Count` that counts the amount of entry in the provided path and compare it with a value. [Sami Mokaddem] - [workflow:editor] Added jinja icon for param supporting jinja templating. [Sami Mokaddem] Changes ~~~~~~~ - [bulk update] simplified. [iglocska] - [bulksave] tuning. [iglocska] - [VERSION] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [disable_seen_ips] enable by default, switch to opt-out. [iglocska] - [fast_update] Only run recorrelation on attributes that need to be recorrelated. [iglocska] - [cleanup] of temporary paths. [iglocska] - [fast_update] recalculate attribute count + regenerate correlations. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [widget:worldmap] Added more colour scale in the code and changed the default. [Sami Mokaddem] - [authkey:add] Clarified authkey `read_only` field. [Sami Mokaddem] - [statistics shell] added new statistics on PRs. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [tools] gen_website_communities now downloads logos. [Christophe Vandeplas] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [eventReport:sendToLLM] Added loading text. [Sami Mokaddem] - [eventReport:sendToLLM] Stop debugging. [Sami Mokaddem] - [llm tests] apikey header name change. [iglocska] - [EventReport:sendToLLM] Added support of settings. [Sami Mokaddem] - [requirements] PyMISP version updated. [Alexandre Dulaunoy] - [workflow:normalizeData] More broad error catching. [Sami Mokaddem] - [workflow:normalizeData] Gracefully cath exception and provide more feedback when supplying wrong input data. [Sami Mokaddem] Fix #9344 - [worflow-trigger:sighting_after_save] Change name to after-save and make it misp_core_format compatible. [Sami Mokaddem] - [workflow-modules:add_to_warninglist] Added some improvements and small refactoring. [Sami Mokaddem] - [workflow-modules:webhook] Added support of jinja templating in URL and Headers. [Sami Mokaddem] - [workflow] Jinja template rendering is done automatically based on param options. [Sami Mokaddem] - [workflow-module:organisation_if] Allow providing more than one org at a time. [Sami Mokaddem] - [workflow-module:attach_warninglist] Allow providing more than one list at a time. [Sami Mokaddem] Fix ~~~ - [bulksave] valiadate only only works with saveAll() [iglocska] - [bulksave] doesn't save with a single invalid attribute. [iglocska] - [workflow-modules:attribute_edit_operation] Removed leftover code. [Sami Mokaddem] - [fast_update] recorrelation typo. [iglocska] - [pull] duplicate detection fixed. [iglocska] - allow duplicates for deleted attributes, not for live ones - [bulk update] objects fixed. [iglocska] - [bulk edit] fixes. [iglocska] - [cleanup] missed a correction. [iglocska] - [login] action replaced with hard coded route to baseurl . /users/login. [iglocska] - [sync] fixed pull deduplication causing potential attribute loss. [iglocska] - The validation for duplicates on pull was too tight for attributes, leading for soft-deleted attributes with an equal value-type-category tuple from blocking incoming non-deleted attributes with the same tuple. - [overorrelation] truncation should only happen on full recorrelations. [iglocska] - [console] minor syntax fix. [Christophe Vandeplas] - [authkeys] AuthKey IP logging enabled by default #9339. [Christophe Vandeplas] - [sighting:anonymisation] Anonymize sightings if and only if anonymization is set in the settings. [Sami Mokaddem] - Taxonomy view filter is not kept when switching pages, fixes #8875. [Luciano Righetti] - [internal] ACL. [Jakub Onderka] - [internal] Schema version. [Jakub Onderka] - [build] Build test fix. [Jakub Onderka] - Api order not working because of dropped param/incorrect handling, related to #9359. [Luciano Righetti] - [stix1 import] Fixed SocketAddress properties parsing to avoid issue when there is no port field. [Christian Studer] - [error handling] added to LLM push. [iglocska] - [dashboard] Fixed full group by issue with eventEvolution and orgEvolution. [Sami Mokaddem] - [sightings:view] Added missing entry in ACL Component. [Sami Mokaddem] - [openapi] Fix minimums of restsearch page and limit params. fix #9334. [Jeroen Pinoy] - Event timestamp sort bug, fixes #9359. [Luciano Righetti] - [UsernameHelper] resolved confusion. [Andras Iklody] Based on etymological discoveries, this long standing issue has been resolved. - [upload analysis file] removed JS to make it work. [iglocska] - [internal] mactime template uuid fix and saveObject improvement. [iglocska] - [user search] in index, removed old style authkey as a valid search field. [iglocska] - [llm test] should work nao. [iglocska] - [eventReport:sendToLLM] Fixed condition and encode data to be sent. [Sami Mokaddem] - [eventReport:sendToLLM] Adapted the setting. Again. [Sami Mokaddem] - [llm tests] tests changed for settings. [iglocska] - [llm tests] I need sleep. [iglocska] - [eventreport:sendToLLM] Adapted settings after a change. [Sami Mokaddem] - [llm settings] again. [iglocska] - [llm tests] setting naming. [iglocska] - [llm test] setting name fix. [iglocska] - [llm setting] name. [iglocska] - [ui:global_menu] Make sure right_menu is defined. [Sami Mokaddem] - [ui:global_menu] Make sure right_menu is defined. [Sami Mokaddem] - [events:view] Remove any tooltip upon closing the popover form. [Sami Mokaddem] This will make @iglocska happy. - [workflow:editor] Refresh picker with value selected by default on load. [Sami Mokaddem] - Make sure chosen knows about the selected value when the first one in the list is picked on page load - [warninglist:crud] Nicer error message when trying to save no values. [Sami Mokaddem] Fix #9179 thanks to @vincenzocaputo for the initial work! - Update requirements.txt to match app/Controller/AppController.php, add test. [Raphaël Vinot] - [workflow:editor] Prevent crashing if module param changed to multi- select. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'richtag' into develop. [iglocska] - Accessibility: added a "role" attribute so the global/local nature of tags are read correctly by all screen readers. [Olivier BERT] - Merge branch 'tmpfiletool' into develop. [iglocska] - Rreally proper place to import TmpFileTool. [Marek Zpevacek] - Fix import of TmpFileTool in RestResponseComponent. [Marek Zpevacek] - Merge branch 'nohooks' into develop. [iglocska] - Security: [event:event-timeline] Fixed XSS in the event timeline widget. [Sami Mokaddem] As reported by fukusuket(Fukusuke Takahashi) - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9370 from JakubOnderka/build-test-fix-vol2. [Jakub Onderka] fix: [build] Build test fix - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9337 from Wachizungu/fix-openapi-page-and-limit- minimums. [Andras Iklody] fix: [openapi] Fix minimums of restsearch page and limit params. fix … - Merge branch '2.4' into develop. [iglocska] - Merge branch 'disable_ip_retention' into develop. [iglocska] - Remove spread operator for php 7.2 compatability. [James Garratt] - Add localization string placeholders. [Sid Odgers] - Add support for disabling the retention of IP addresses used to access API via an AuthKey. [Sid Odgers] - Merge branch 'llm_tests' into develop. [iglocska] - Merge branch 'llm_tests' of github.com:MISP/MISP into llm_tests. [iglocska] - Merge branch 'llm_tests' of github.com:MISP/MISP into llm_tests. [iglocska] - Merge branch 'llm_tests' of github.com:MISP/MISP into llm_tests. [iglocska] - Merge branch 'llm_tests' of github.com:MISP/MISP into llm_tests. [Sami Mokaddem] - Merge branch 'llm_tests' of github.com:MISP/MISP into llm_tests. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'vincenzocaputo_add-sighting-publish-trigger' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into vincenzocaputo_add-sighting-publish-trigger. [Sami Mokaddem] - Merge branch 'vincenzocaputo_add-to-warninglist-workflow-module' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into vincenzocaputo_add-to-warninglist-workflow-module. [Sami Mokaddem] - Fix include filename for parent class. [vincenzocaputo] - Add workflow module for adding attributes to a non-default warninglist. [vincenzocaputo] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:VincenzoCaputo/MISP into add- sighting-publish-trigger. [Vincenzo Caputo] - Change trigger overhead to high. [Vincenzo Caputo] - Add sighting publish workflow trigger. [vincenzocaputo] v2.4.178 (2023-10-24) --------------------- New ~~~ - [workflow-modules:add-eventblocklist-entry] Added new action module. [Sami Mokaddem] - [workflow-trigger:event-before-save] Added trigger. [Sami Mokaddem] - [workflow-module:publish-event] Added draft of module. [Sami Mokaddem] - [workflow:editor] Added option to provide a custom JSON in the hashpath picker helper. [Sami Mokaddem] - [RestClient] Add user totp_delete to query builder. [Jeroen Pinoy] - [OpenApi] add doc for user totp_delete endpoint. [Jeroen Pinoy] - [User] Add setting to limit site admin roles to instance's host org. [Jeroen Pinoy] Changes ~~~~~~~ - [version] bump. [iglocska] - [submodule] update. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [event:restSearch] Added support of orgc_id as valid filter. [Sami Mokaddem] - [misp-stix] Bumped latest version. [Christian Studer] - [dashboard-widget:worldmap] Added support of custom scale in widget config. [Sami Mokaddem] - [eventtimeline:doubleclick] Change the location to the object being double-clicked. [Sami Mokaddem] - [misp-galaxy] various updates. [Alexandre Dulaunoy] - [installer] Update to latest installer. [Steve Clement] - [installer] Support Debian 12. [Steve Clement] - [layout] Improved UI in special case. [Sami Mokaddem] - [workflow:executeNode] Correctly interpret execution result for logic module when logging. [Sami Mokaddem] - [workflow-module:generic_filter] Improved support of quick hashpath filter. [Sami Mokaddem] - [workflow:editor] Improved quick hashpath picker. [Sami Mokaddem] - [workfowModules:webhook] Added support of self-signed certificates. [Sami Mokaddem] - [workflow] Improved logging and debugging of workflow execution. [Sami Mokaddem] - [workflow-module:webhook] Added support of request_method, headers and payload. [Sami Mokaddem] Partially fix #9321 - [tools:misp-workflows/webhook_listener] Print headers on stdout. [Sami Mokaddem] - [workflows:infoModal] Added link to jinja2 official documentation. [Sami Mokaddem] - [RestClient] use http_method value from template if available. [Jeroen Pinoy] - [user] Update store api access time setting description (#9313) [Jeroen Pinoy] Api access time is stored once per hour by default (since commit a5f5a4e113872a77d4e6c2b1a125f03ee89773c2), making the old description of this setting incorrect. - [event restsearch] exposed includeGranularCorrelations. [iglocska] - and also made it visible in the JSON output - [misp-objects] updated. [Alexandre Dulaunoy] - [upload_stix] Properly getting the changes on the Galaxies handling option from the form. [Christian Studer] - [upload_stix] Visual improvement with descriptions added. [Christian Studer] - More information on the different options to handle galaxies and clusters while importing STIX 2 content - More information on the debugging options - [Command:TrainingShell] Only override org_id if org_uuid is provided. [Sami Mokaddem] - [console:TrainingShell] Added wipeAllAuthkeys function. [Sami Mokaddem] - [Command:TrainingShell] Only override org_id if org_uuid is provided. [Sami Mokaddem] Fix ~~~ - [PyMISP] Another fix in tests. [Raphaël Vinot] - [PyMISP] missing changes in testsuite. [Raphaël Vinot] - [objects:edit] Restored behavior of upgrading object to newer template. [Sami Mokaddem] - [workflow-module:publish-event] Extend correct class and use event id. [Sami Mokaddem] - [sighting:attachOrgToSightings] Stopped double unpacking. [Sami Mokaddem] - [attribute] Log entry with the correct action. [Sami Mokaddem] - [user search] in index, removed old style authkey as a valid search field. [iglocska] - [warninglists] default to matching types ALL if nothing is set. [iglocska] - [Taxonomies] fix enabling of individual taxonomy tags for tags with special chars. fixes ##9300. [Jeroen Pinoy] - [misp-zmq] Include ZMQ support for connecting to Redis over TLS. [peritz] - [installer] Kali Linux hack. [Steve Clement] - [eventreport:extractEntities] Enforced minimum amount of char for valid replacement. [Sami Mokaddem] - [security] XSS in selectGalaxy. [Sami Mokaddem] - As reported by Zigrin Security - [workflowModules:webhook] Gracefully handle case with empty headers. [Sami Mokaddem] - Wrong param order fixes #9319. [Luciano Righetti] - [workflow:baseModule] Only build fast lookup array if trigger is using the MISP core format. [Sami Mokaddem] - [restsearch] granular correlation parameter fixes. [iglocska] - [Attribute REST] Add sharinggroup as an allowed parameter for attribute filtering. [Tom King] - [eventreport:extractEntities] Enforced minimum amount of char for valid replacement. [Sami Mokaddem] - [search] pagination fix. [iglocska] - [Console:EventShell] Correctly interpret returned data. [Sami Mokaddem] - [console:EventShell] Fixed parameter parsing and typo. [Sami Mokaddem] - [security] XSS in selectGalaxy. [Sami Mokaddem] - As reported by Zigrin Security - [Console:EventShell] Correctly interpret returned data. [Sami Mokaddem] - [console:EventShell] Fixed parameter parsing and typo. [Sami Mokaddem] - [misp-vagrant] submodule removed. [Alexandre Dulaunoy] - [console:TrainingShell] Typo in authkey condition. [Sami Mokaddem] - [AuthKeys] Allow users to edit own authkeys, fix #9292 (#9293) [Jeroen Pinoy] - [console:TrainingShell] Typo in datasource model. [Sami Mokaddem] -- Seriously.. - [console:TrainingShell] Typo in authkey condition. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'feature/workflow-trigger-before-save' into develop. [Sami Mokaddem] - Merge branch 'feature/workflow-module/publish-event' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9347 from vincenzocaputo/fix-telegram-workflow- module. [Alexandre Dulaunoy] Fix API url in Telegram workflow module - Fix API url in Telegram workflow module. [Vincenzo Caputo] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9308 from Wachizungu/fix-enabling-of-individual- taxonomy-tags. [Andras Iklody] fix: [Taxonomies] fix enabling of individual taxonomy tags for tags w… - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9304 from ostefano/reqfix. [Alexandre Dulaunoy] Split requirements file and pin minimum version of Python deps - Split requirements file and pin minimum version of Python deps. [Stefano Ortolani] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9329 from peritz/fix-zmq-tls-redis. [Alexandre Dulaunoy] fix: [misp-zmq] Include ZMQ support for connecting to Redis over TLS - Merge pull request #9327 from SteveClement/guides. [Steve Clement] chg: [installer] Support Debian 12 - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9305 from Kagee/cleanups. [Alexandre Dulaunoy] doc: Update README.md with new badges, toc, install tips - Doc: Update README.md with new badges, toc, install tips. [Anders Einar Hilden] - Merge pull request #9314 from Wachizungu/restclient-use-template-http- method-value. [Alexandre Dulaunoy] chg: [RestClient] use http_method value from template if available - Merge pull request #9315 from Wachizungu/add-user-totp-delete-to- restclient. [Alexandre Dulaunoy] new: [RestClient] Add user totp_delete to query builder - Merge pull request #9316 from Wachizungu/add-totp-delete-openapi-doc. [Alexandre Dulaunoy] new: [OpenApi] add doc for user totp_delete endpoint - Merge pull request #9310 from tomking2/bug/attribute_sharinggroup_filter. [Andras Iklody] Regression - Rest search with 'attributes' controller no longer filters by sharing group ID - Merge pull request #9312 from Wachizungu/add-option-to-limit-site- admins-to-host-org. [Andras Iklody] new: [User] Add setting to limit site admin roles to instance's host … - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - [users] fix user view totp delete checks (#9301) [Jeroen Pinoy] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - [users:totp] set correct rest response action for totp_delete (#9303) [Jeroen Pinoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] v2.4.177 (2023-09-25) --------------------- New ~~~ - [dev] added a shell script to generate the restsearch parameters. [iglocska] - it's dumb but it should get the job done - [CLI] add command to expire active AuthKeys that do not have an IP allowlist set. [Jeroen Pinoy] - [cli] Add command to trigger password change on next login for users with old pw. [Jeroen Pinoy] - [Users] add last password change timestamp for users. [Jeroen Pinoy] - [workflowModules:event_distribution_operation] Added action module. [Sami Mokaddem] Changes ~~~~~~~ - [tests] testing disabling the timestamp greater as old timestamp for password changes. [iglocska] - [tests] make em happy with re-including a filter parameter that worked before, albeit unintentionally. [iglocska] - [CI] Enable debug and timing, take 4. [Raphaël Vinot] - [CI] Enable debug and timing, take 3. [Raphaël Vinot] - [CI] Enable debug and timing, take 2. [Raphaël Vinot] - [CI] Enable debug and timing. [Raphaël Vinot] - [PyMISP] disable some tests. [Raphaël Vinot] - [misp-stix] BUmped latest version. [Christian Studer] - [warning-lists] updated. [Alexandre Dulaunoy] - [PyMISP] Keep messing with tests. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] - Check test files are there. [Raphaël Vinot] - Yet another attempt to clone a repo. [Raphaël Vinot] - [version] bump. [iglocska] - [escaping] added to event ID. [iglocska] - Attempt to fix git clone from the test suite. [Raphaël Vinot] - [feeds] change name to Community version. [Ayush Tomar] - [config:customAuth_header] Default to upper case. [Sami Mokaddem] - See $_SERVER make passed headers upper case - [console:TrainingShell] Allow overriding existing user data. [Sami Mokaddem] - [Console:trainingShell] Provide correct filters for wiping data. [Sami Mokaddem] - [console:trainingShell] Added wipeUsers and wipeOrgs functions. [Sami Mokaddem] - [posts:crud] Prevent readonly users to create posts. [Sami Mokaddem] - [config:config.default] Disabled warning_for_all by default for new install. [Sami Mokaddem] Fix ~~~ - [misp-stix] Bumped latest version with a fix on the file patterns parsing. [Christian Studer] - [tests] added some sleeps to avoid timestamps of follow up tests being within 1 second of the previous test. [iglocska] - [API] filter parameters added. [iglocska] - [PyMISP/CI] Disavle search logs for now. [Raphaël Vinot] - [ibternal] invalid ; instead of , [iglocska] - Me not think good. - [restsearch] parameters fixed. [iglocska] - [taxonomy] enable/disable creating junk taxonomies on invalid ID, fixes #9273. [iglocska] - [console:trainingShell] More typo in model name.. [Sami Mokaddem] - [console:trainingShell] Typos in model names. [Sami Mokaddem] - [RestSearch] allow filtering on eventinfo for events and attributes. [Jeroen Pinoy] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'tag_scope' into develop. [iglocska] - Show object's attributes if they are tagged. [vincenzocaputo] - Fix event graph tag scope view. [vincenzocaputo] - Merge branch 'discussion_view' into develop. [iglocska] - Fix event hyperlink in discussion view page. [vincenzocaputo] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'cli_reset' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9282 from elliotechayush/feature/EllioFeed. [Andras Iklody] chg: [feeds] change name to Community version - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9255 from Wachizungu/add-cli-cmd-trigger-pw- change-for-old-pws. [Andras Iklody] Add cli cmd to trigger pw change for old pws - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge pull request #9291 from ostefano/pymispfix. [Andras Iklody] Update pymisp to 2.4.176 - Update pymisp to 2.4.176. [Stefano Ortolani] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9296 from Wachizungu/fix-restsearchcomponent- filter-on-eventinfo. [Andras Iklody] fix: [RestSearch] allow filtering on eventinfo for events and attributes again - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] v2.4.176 (2023-09-15) --------------------- New ~~~ - [logs] add time based filter. [iglocska] - [Tests] add tests related to user's last password change timestamp. [Jeroen Pinoy] - [Users] add last password change timestamp for users. [Jeroen Pinoy] - [UI] show which attributes/objects are new and awaiting publication still. [iglocska] - [console:TrainingShell] Added deleteAllSyncs function. [Sami Mokaddem] - [feeds] add Ellio threat list. [Ayush Tomar] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-stix] Bumped latest version. [Christian Studer] - [helper] Added param sanity check helper function. [Andras Iklody] - [restsearch internal] sanity check erroneous filters. [iglocska] - [workflows:infodModal] Added jinja2 examples. [Sami Mokaddem] - [Console:Training] Added function to create & set parameters from a config file. [Sami Mokaddem] - [dashboard:worldmap] Added scale on the geo map. [Sami Mokaddem] - [objects:validation] Allow empty description during edition. [Sami Mokaddem] - [Console:Training] Added function to create & set parameters from a config file. [Sami Mokaddem] Fix ~~~ - [internal] improved parameter parsing. [iglocska] - Properly filter out query parameters. [Luciano Righetti] - Method call on null. [Luciano Righetti] - Fixed invalid ordering errors. [Luciano Righetti] - Do not require jobId for AdminShell jobGenerateCorrelation, create a new job if jobId is null. fixes #9206. [Luciano Righetti] - [dashboard:organisationMapWidget] Do not require the config to have start and end date. [Sami Mokaddem] - [restSearch] exact match for values starting with %, fixes #9258. [Luciano Righetti] - Unable to enrich individual shadow attribute. [Luciano Righetti] - Unable to enrich individual attribute, fixes #9267. [Luciano Righetti] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9275 from oivindoh/small-ui-fix. [Andras Iklody] Disable submodule update section when MISP.self_update is disabled, to allow not carrying git dependencies in docker - Expand on https://github.com/MISP/MISP/commit/a8b2aec6ea28d672e68df4ac 4013870aea7843fc to hide submodule section that causes several git commands to fire for no purpose. [Øivind Hoel] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'pythondeps' into develop. [iglocska] - Pin python dependencies. [Stefano Ortolani] - Merge branch 'pw_change_time' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9278 from elliotechayush/feature/EllioFeed. [Alexandre Dulaunoy] new: [feeds] add Ellio threat list - Update feature-request-form.yml. [Luciano Righetti] v2.4.175 (2023-08-25) --------------------- New ~~~ - [dashboard:widgets] Added support of start_date and end_date options for vairous widgets + fixed few bugs. [Sami Mokaddem] - [user:periodicReporting] Allow setting the number of days to look back (UI only) [Sami Mokaddem] - [dashboard:orgWidget] Added support of `first_half_year` and `second_half_year` time frames. [Sami Mokaddem] - [dashboard:export] Added CSV export functionality. [Sami Mokaddem] - Allow user to enrich objects. [Luciano Righetti] Changes ~~~~~~~ - [version] bump. [iglocska] - [misp-stix] Bumped latest version. [Christian Studer] - Skip if email disabled, avoids logging exception on each email attempt fixes #9251. [Luciano Righetti] - [misp-stix] Bumped latest version. [Christian Studer] - [PyMISP] Bump. [Raphaël Vinot] - [misp-workflow-blueprints] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [installer] Update installer checksums. [Steve Clement] - [installer] Update to latest Kali. [Steve Clement] - [doc] Fix 404 file not found. [Johan Nilsson] - [cakephp] 2.x updated to include latest version of the CA bundle. [Alexandre Dulaunoy] - [dashbord:loginWidget] Added doc for `start_date` and `end_date` [Sami Mokaddem] - [dashboardWidget:barChart] Added option `forceLogarithm` [Sami Mokaddem] - [feeds] fix typo in the feed. [Alexandre Dulaunoy] - [dashboard:exportcsv] Small refactoring. [Sami Mokaddem] - [meta] CERT-PL/NASK malicious domain list added. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [doc] Fix python naming swap (based on example and practice) and stray whitespace. [Anders Einar Hilden] - [doc] Remove symlink to non-exsisting ubuntu 16.04 docs. [Anders Einar Hilden] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [stix2 import] Fixed debugging message for errors and warnings when the `debug` option is set. [Christian Studer] - Unable to enrich individual shadow attribute. [Luciano Righetti] - Unable to enrich individual attribute, fixes #9267. [Luciano Righetti] - [misp-stix] Bumped latest version including a quick fix. [Christian Studer] - [CRUD-IndexFilter] correct index page filtering for REST requests. fix #9265. [Jeroen Pinoy] - Prevent push_rules from being required in API requests to /server/edit endpoint. [TomOgs] - Event audit log pagination bug, fixes #9245. [Luciano Righetti] - [feed] tools updated to configure export path and certificate validation. [Alexandre Dulaunoy] - Import event json with key. [Luciano Righetti] - Allow import of json event without the key. [Luciano Righetti] - [dashboard:apiActivity] Do not initialize variable if not needed. [Sami Mokaddem] - [dashboard:apiActivityWidget] Fixed mixing datetime condition format. [Sami Mokaddem] - [dashboard:loginsWidget] Fixed mixing datetime condition format. [Sami Mokaddem] - [security] reflected xss on dashboard edit. [Luciano Righetti] - [dashboard:widgets] Reverted `only_full_group_by` fix as it returns incorrect data. [Sami Mokaddem] Will need to fix this later on - [Galaxies] fix galaxy view, galaxy clusters search. fix #9224. [Jeroen Pinoy] - Not supported. [Luciano Righetti] - /taxonomies/view filter fixes #8875. [Luciano Righetti] - [users:periodicReport] Update URL based on the selected number of days. [Sami Mokaddem] - [dashboard:csvExport] Quote elements and correctly apply line break. [Sami Mokaddem] - [security] XSS in event index. [Sami Mokaddem] - As reported by Marcos Rrodriguez S-V - [dashboard:widget] Additional comma in function parameters breaks older PHP version. [Sami Mokaddem] - [dashboard:trendingTagsWidget] Correctly use fallback value. [Sami Mokaddem] - [dashboard:usageDataWidget] Handle division by 0. [Sami Mokaddem] - [dashboard:widgets] Correctly group to fix `only_full_group_by` issues. [Sami Mokaddem] - Only show object enrichment icon if theres an available enrichment for the template. [Luciano Righetti] - [server settings] online version check and self-update default behaviour changed. [iglocska] - [attribute search] when adding multiple value filters via the && syntax, don't treat each empty value as a separate entry. [iglocska] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Update bug-form.yml. [Luciano Righetti] describe first the actual behaviour - Merge pull request #9266 from Wachizungu/fix-indexfilter-massage. [Luciano Righetti] fix: [CRUD-IndexFilter] correct index page filtering for REST request… - Merge pull request #9259 from TomOgs/ServerEditIssue. [Luciano Righetti] fix: check for existence of push_rules in /server/edit requests before parsing JSON - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9262 from SteveClement/guides. [Steve Clement] chg: [installer] Update to latest Kali - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9250 from jn9999/fix-404. [Alexandre Dulaunoy] chg: [doc] Fix 404 file not found. - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - 10.64.247.201Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9225 from Wachizungu/fix-galaxy-view-galaxy- clusters-search. [Alexandre Dulaunoy] fix: [Galaxies] fix galaxy view, galaxy clusters index search. fix #9224 - Merge pull request #9233 from righel/fix-8875. [Alexandre Dulaunoy] Fix /taxonomies/view string filter - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branches 'develop' and 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #9187 from righel/allow-enrich-objects. [Luciano Righetti] new: allow user to enrich objects - Merge branch 'develop' into allow-enrich-objects. [Luciano Righetti] - Merge branch 'selfupdate' into develop. [iglocska] - New [diag]: Improve diagnostics when instance does not have internet or does not use self-update. [Anders Einar Hilden] Introduces two new settings: * `MISP.self_update` allows to enable/disable the GUI button for MISP self-update on the Diagnostics page. * `MISP.online_version_check` allows to enable/disable the online MISP version check when loading the Diagnostics page. These settings are useful for 1. container installations that should not be updated using self-update, and 2. installation that have no direct or proxy internet access. There are also improvements on the Diagnostics page, primarily the MISP version area. Font color has been replace with classes, this allows the use of the `bold` class, not just colors, and possible combination with the red/green/orange colour classes. The info/status/warning/error texts have been changed to take into account the status of `MISP.self_update` and `MISP.online_version_check`. - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9229 from Kagee/kagee-remove-dead-symlink. [Andras Iklody] Kagee remove dead symlink - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] v2.4.174 (2023-07-31) --------------------- New ~~~ - [Authkeys] Add setting to mandate IP allowlist for advanced authkeys. [Jeroen Pinoy] - [workflow:editor] Added support of frame nodes in editor and drawflow lib. [Sami Mokaddem] - [workflow:editor] Added min/max-imize support for module sidebar. [Sami Mokaddem] - [workflow:editor] Added hash-path picker helper functionality. [Sami Mokaddem] - [workflow:editor] Added support of quick insert on link. [Sami Mokaddem] - [workflow-module] Added debug function to send custom request to debug endpoint. [Sami Mokaddem] - [workflow-modules:tag_replacement] Added tag generic module and support for TLP and PAP. [Sami Mokaddem] - [workflow-modules:assign_country_from_enrichment] Added module that tags using the country galaxy based on the provided hash path. [Sami Mokaddem] - [workflow-modules:attribute_comment_operation] Added new module to set the comment of an Attribute. [Sami Mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - [misp-stix] Bumped latest version. [Christian Studer] - [PyMISP] Bump. [Raphaël Vinot] - [misp-galaxy] version 2.4.174. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version 2.4.174. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warninglists] updated to the latest version. [Alexandre Dulaunoy] - Bumped queryVersion. [Sami Mokaddem] - [event:publishSightingsRouter] Change from prio worker to default. [Sami Mokaddem] There is no need to keep this task in prio as sightings are not sync inline anymore. - Do not show last button when using light paginator. [Luciano Righetti] - [workflow:editor] Make frame node padding configurable. [Sami Mokaddem] - [workflow:editor] Small refactoring of drawflow lib. [Sami Mokaddem] - [workflow:editor] Moved styling in a class rather than in drawflow lib. [Sami Mokaddem] - [workflow:editor] Usage of proxy function to delete nodes. [Sami Mokaddem] - [workflow:editor] Improved description in hashpath picker for quick link. [Sami Mokaddem] - [workflow:editor] Added support of collapse in hashpath picker. [Sami Mokaddem] - [workflow-modules] Replace param type for hashpath input to `hashpath` [Sami Mokaddem] - [workflow:logging] Changed logging behavior to be less verbose when debug is not enabled. [Sami Mokaddem] - When debug is enabled, it will log eveything as it used to be but also include successfull node execution - When debug is disabled, it will only log execution errors - [workflow:editor] Added support of chosen options and disabled inputs. [Sami Mokaddem] - [workflow:editor] Add class if node expect MISP core format. [Sami Mokaddem] - [workflow-modules:assign_country] Improved behavior when dealing with scopes. [Sami Mokaddem] - [workflow-modules:tag_replacement] Improved behavior and added `all` scope. [Sami Mokaddem] - [workflow:auditLog] Removed auditlog behavior as it's blocking large workflows to be saved. [Sami Mokaddem] - [workflow-modules:assign_country_from_enrichment] Moved from app/Lib to app/Model. [Sami Mokaddem] - [workflow-module:generic_filter] Added support of picker_create_new in value list. [Sami Mokaddem] - [workflow:matchingItems] Improved any_value and any_value_from for IF::Generic and Filter::Generic. [Sami Mokaddem] - [workflow:editor] Added support of list of value for display_on parameter. [Sami Mokaddem] - [workflow:editor] Added support of new option `picker_create_new` [Sami Mokaddem] - [workflow-modules:generic_filter] Added support of operator `any_value_in` [Sami Mokaddem] - [workflow-modules:edition] General improvements, fixed modified data not being reflected in rData and small refactoring. [Sami Mokaddem] - [workflow-modules:attach_enrichment] Enable selection of multiple modules and added support of module not accepting misp_format. [Sami Mokaddem] Fix ~~~ - [event:publishSightingsRouter] Make sure to use correct queue for publishSightingsRouter. [Sami Mokaddem] Fix bug introduced in 64580168622aeea59997cea5739cf0b8dbcf8bda where workers were set to default but not the queue - [workflow] Removed trailing comma in function call. [Sami Mokaddem] - Revert loginAction override. [Luciano Righetti] - [totp] generate a new totp secret each time a the totp_new endpoint is queried via a GET request, fixes #9220. [iglocska] - Light pagination bug in /attributes/search/results see #9157. [Luciano Righetti] - [proposal] index should also include the "deleted" field. [iglocska] - [proposal] proposal index fix as described 2 commits ago. [iglocska] - [debug reverted] reverted erroneously committed debug / exception. [iglocska] - [proposal] sync fixes. [iglocska] - include disable correlation / proposal to delete fields in the proposal index - this is used on pulls, causing these fields to not be included - especially the proposal to delete field's absence is nasty, as it changes the meaning of the proposal - [background workers] speculative fix for issues with publishing. [iglocska] - job object not found or not retrieved correctly - [proposal accept] fixed for deletions. [iglocska] - soft delete rather than hard delete or the propagation will fail - [sightings] only pushed via full push to avoid congestion. [iglocska] - the old behaviour can be re-enabled via Sightings.enable_realtime_publish - massive performance gain on heavily interconnected instances - [stix export] Avoiding issues in the case of empty input. [Christian Studer] - With no input, the python script called to convert the MISP input used to barf because there is no input. - Should fix MISP/misp-stix#44 - [taxii_push] Passing standard MISP JSON format to the `taxii_push` script and by extension to misp-stix. [Christian Studer] - [taxii_push] The path `resolve` method needs to be called. [Christian Studer] - [security] otp reset otp_secret on logout. [iglocska] - changing users within the same session can otherwise lead to the creation of the same otp seed for multiple users - [restsearch] searching for ipv6s fails due to compression not being applied, fixes #9042. [iglocska] - compress ipv6 addresses in value searches to match the behaviour of automatic compression on saving attributes - [authkeys] allow admin read-only key to access audit logs (#9191) [Jeroen Pinoy] fix #9190 - [UI] use acl to determine whether to show "audit logs" and "search logs" buttons (#9192) [Jeroen Pinoy] fix #8949 - [attributes:validation] Allow telfhash to be either 70 or 72 chars long. [Sami Mokaddem] - [acl] sighting restsearch should be open to all, fixes #9116. [Andras Iklody] - [otp] autofocus added. [iglocska] - [taxii_push] Passing standard MISP JSON format to the `taxii_push` script and by extension to misp-stix. [Christian Studer] - [workflow:editor] Typo in css rule. [Sami Mokaddem] - [workflow:triggers] Fixed typo in column description. [Sami Mokaddem] - [workflow:editor] Avoid duplicating labels when path merges on one node. [Sami Mokaddem] - [workflow-modules] Prevent exception if no match. [Sami Mokaddem] - [event:attachTagsdToEventAndTouch] Make sure to continue adding tag in case of success. [Sami Mokaddem] - [workflow:editor] Prevent Run workflow popover after closing. [Sami Mokaddem] - [workflow-modules:tag_replacement_generic] Provide tag locality for deletion. [Sami Mokaddem] - [workflow-modules:attach_enrichment] Make sure to include selected module config. [Sami Mokaddem] - [workflow-modules:generic_filter] Set a default filtering label for new dragged modules. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #9218 from referefref/2.4. [Alexandre Dulaunoy] Added James Brine Bruteforce IPs to feed-metadata defaults json - Changed feed type to csv and added field identifier value and delimiter. [ref] - Added James Brine Bruteforce IPs to feed-metadata defaults json. [ref] Added freetext feed endpoint for Bruteforce IPV4 addresses - Merge branch 'develop' of github.com:MISP/MISP into feature_workflows/enrichment-improvements. [Sami Mokaddem] - Merge pull request #9221 from Wachizungu/add-mandate-ip-allowlist-for- advanced-authkeys-setting. [Alexandre Dulaunoy] new: [Authkeys] Add setting to mandate IP allowlist for advanced auth… - Merge branch 'develop' of github.com:MISP/MISP into feature_workflows/enrichment-improvements. [Sami Mokaddem] - Merge pull request #9211 from righel/fix-attr-search-pagination-9157. [Luciano Righetti] fix: light pagination bug in /attributes/search/results see #9157 - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'loginAction' into develop. [iglocska] - Explicitly set loginAction with baseurl. [Mathieu Rollet] - Merge branch 'sighting_push_fix' into develop. [iglocska] - Merge branch 'misp-stix' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into misp-stix. [Christian Studer] - Merge branch 'misp-stix' of github.com:MISP/MISP into misp-stix. [Christian Studer] - Merge branch 'develop' into misp-stix. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into misp-stix. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into misp-stix. [Christian Studer] - Merge branch 'misp-stix' of github.com:MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into misp-stix. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9194 from MISP/JakubOnderka-patch-1. [Alexandre Dulaunoy] NATO MISP only for cyber defense - NATO MISP only for cyber defense. [Jakub Onderka] According to NATO MISP terms of use, NATO MISP is open only for cyber defense related governmental entities, not to all governmental entities. v2.4.173 (2023-07-11) --------------------- New ~~~ - [forgotten password] optional feature added. [iglocska] - [attack widget] added. [iglocska] - [org list widget] added. [iglocska] - [dashboard widget toolkit] started a new common library of reusable functions for widgets. [iglocska] - [dashboard widgets] added previous_month boolean option to any widget that had the month option. [iglocska] - [dashboard widget] added functionalities to download widget raw data. [iglocska] - download the JSON passed to the front-end of a widget on-demand - [dashboard widget] added download parameter to the widget system. [iglocska] Changes ~~~~~~~ - [PyMISP] Bump version. [Raphaël Vinot] - [version] bump. [iglocska] - [forgotten password] reset text clarifications. [iglocska] - to avoid dumdum users from sharing their quasi-passwords - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-warninglists] updated. [Alexandre Dulaunoy] - [htaccess] lock the backreference escaping purely to spaces - if we need more we can change it in the future. [iglocska] - [installer] Updated installer to latest version. [Steve Clement] - [doc] "Listen 443" line will only be added if it doesn't already exist in the file." [Steve Clement] - [map widget] moved country code lookup to the new widget toolkit. [iglocska] - [org index] sort on metafields. [iglocska] - [TOTP] set name. [iglocska] - [htaccess] lock the backreference escaping purely to spaces - if we need more we can change it in the future. [iglocska] - [composer] added an explicit dependency to avoid pulling in the wrong version when building docker. [iglocska] Fix ~~~ - [db_schema] bumped. [iglocska] - Localisation workflow typo. [Sura De Silva] - [UI] Preserve linebreaks in comments in enrichment results. [417190e5c48babc7] - [pw reset] fix (pass the token for deletion) [iglocska] - [forgotten password] fixed. [iglocska] - [password reset] various issues. [iglocska] - [login] screen small visual fix. [iglocska] - Properly handle different cert file extensions in server sync. #9084. [Luciano Righetti] - [urls] allow for encoded spaces. [iglocska] - this has been haunting us for a while - Update composer and fix dependencies. [Stefano Ortolani] Changes: - update composer.phar to latest stable (2.5.8) - rollback pinning indirect dependencies - Make target event id not required (makes form submit fail) [Luciano Righetti] - [config] typo fixed. [Alexandre Dulaunoy] - [customauth] Don't renew the session with each query. [iglocska] - Leave the session handling to the normal life-cycle management - should solve the issues where CSRF keeps kicking users off - [map widget] added alternate name for Russia. [iglocska] - in case someone would want to make sure they still have Russian member organisations - [trending widgets] time ranges fixed. [iglocska] - [api login widget] fixed notice error if no entries were found. [iglocska] - [dashboard trending attributes] change !empty() to isset() to allow for local: "0" to be a valid filter. [iglocska] - [indexing] object references table lacked an index on the uuid field causing massive performance issues during ingestion. [iglocska] - [urls] allow for encoded spaces. [iglocska] - this has been haunting us for a while - [app:udpateDatabase] Added missing break statement. [Sami Mokaddem] - [UI] index searches will handle spaces correctly. [iglocska] - [taxii push] correctly save the status of thetaxii push job. [iglocska] - Make target event id not required (makes form submit fail) [Luciano Righetti] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'orglinechart' into develop. [iglocska] - Merge branch 'develop' into orglinechart. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9180 from dragsu/fix-localisation-workflow-typo. [Andras Iklody] fix: Localisation workflow typo - Merge pull request #9183 from 417190e5c48babc7/fix-resolved-misp- format-comment-linebreaks. [Andras Iklody] fix: [UI] Preserve linebreaks in comments in enrichment results - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'composer_fix' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Add dashboard widget for monthly number of events per org. [vincenzocaputo] - Merge pull request #9168 from SteveClement/guides. [Steve Clement] chg: [doc] "Listen 443" line will only be added if it doesn't already exist in the file." - Merge pull request #9163 from ajb3932/patch-1. [Alexandre Dulaunoy] Update INSTALL.sh - Update INSTALL.sh. [Alex Jarvis-Blanks] The current command adds the line "Listen 443" after the line containing "Listen 80" even if "Listen 443" already exists. In my update, the "Listen 443" line will only be added if it doesn't already exist in the file. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #9158 from ostefano/search. [Andras Iklody] Fix search galaxy clusters - Fix search galaxy clusters. [Stefano Ortolani] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] v2.4.172 (2023-06-09) --------------------- New ~~~ - [role permission] for viewing feed correlations. [iglocska] - added additional role permission - allows hiding feed correlations from users - main purpose is with very large instances, to reduce the load on redis - [taxii preview] Browse a taxii server and view the data it contains. [iglocska] - browse collections - browse contents of the individual collections and paginate through the data - [generic json template] added with JS based highlighting. [iglocska] - [index factory action] added url_replace parameter to allow for arbitrary string replacement in urls based on row data. [iglocska] - [workflowModules:attachWarninglist] Added new module that attach warninglist hits on the roaming data. [Sami Mokaddem] - [security] TOTP authentication. [Christophe Vandeplas] - [usage data widget] added a global caching for attribute counts. [iglocska] - counts are too bloody expensive not to do this - [internal] Send exceptions to Sentry if enabled. [Jakub Onderka] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [misp-stix] Bumped latest version. [Christian Studer] - [stix] version bump. [iglocska] - [submodules] updated. [iglocska] - [db_schema] updated. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [schema] update. [iglocska] - [performance] fix for events with large numbers of attributes and multiple tags from the same taxonomy. [iglocska] - the taxonomy conflict checks were causing multiple issues: - non taxonomy tags were counted as a taxonomy with namespace '' - once we identified a tag pair that could cause a conflict (same taxonomy) we loaded the taxonomy into redis - however, in order to see if we already have the taxonomy loaded, we went to redis to do a GET - In the case of 1 million attributes with at least 1 tag pair, at the minimum this means 1 million GETs on reddit with an event - Resolution - remove the checks for non taxonomy tags - store the identified taxonomies temporarily on the model itself in memory - only go to redis when the model doesn't have the taxonomy cached in memory - still using the old approach when dealing with multiple small events - thanks to @github-germ for flagging the issue - [ui:global_menu] Removed `new` badge since the feature has been out for few months. [Sami Mokaddem] - [main] Added special tag style. [Sami Mokaddem] - [taxii] added collection field to taxii servers. [iglocska] - [schema bump] [Christophe Vandeplas] - [security] OTP support for HOTP. [Christophe Vandeplas] - [security] TOTP anti-bruteforce support. [Christophe Vandeplas] - [security] Require TOTP and QR code lib for TOTP secret creation. [Christophe Vandeplas] - [security] TOTP event logging. [Christophe Vandeplas] - [security] Disallow creation of TOTP token if LinOTP is enabled. [Christophe Vandeplas] - [security] Allow enforcement of TOTP. [Christophe Vandeplas] - [security] admins can delete user TOTP. [Christophe Vandeplas] - [security] TOTP UI love. [Christophe Vandeplas] - [security] allow creation of TOTP token. [Christophe Vandeplas] - [internal] Fix passedArgs is undefined. [Jakub Onderka] - [org map widget] added some country names to the lookup. [iglocska] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [internal] Use less memory when encoding big JSON responses. [Jakub Onderka] - [UI] Show user agent in title in access log. [Jakub Onderka] - [sync] Optimise galaxy cluster pulling. [Jakub Onderka] - [internal] Faster checking if galaxy cluster is blocked. [Jakub Onderka] - [log] Do not audit log when unique_ips field is changed. [Jakub Onderka] - [internal] Check if Redis is loading. [Jakub Onderka] - [UI] Remove local user guide. [Jakub Onderka] - [oidc] Better info logging with IP and part of session ID. [Jakub Onderka] - [schema bump] [iglocska] - [misp-objects] updated. [iglocska] - [user] log last_api_access hourly if MISP.store_api_access_time is not set. [Christophe Vandeplas] - [security] User index inactive user filter. [Christophe Vandeplas] - [tools] better feed list for misp-website. [Christophe Vandeplas] - [internal] Code cleanup for galaxy import. [Jakub Onderka] Fix ~~~ - [taxii push] missing change from python script that was left off added. [iglocska] - [acl] added missing entries. [iglocska] - [capitalisation] fail. [iglocska] - [acl] fixed for taxii servers. [iglocska] - [layout:title] Make sure page title are correctly formatted. [Sami Mokaddem] - [layout:title] Make sure page title are correctly formatted. [Sami Mokaddem] - [workflow:genericFiltering] Fixed typo. [Sami Mokaddem] - [removed R rated debug call] [iglocska] - oops - [taxii push] [iglocska] - [AuthKeys] improve readability of add ACL. [Christophe Vandeplas] - [AuthKey] Cleanup AuhKey permissions fixes #9121. [Christophe Vandeplas] - [Users] fixes column not found Role.perm_site_admin. [Christophe Vandeplas] - [workflowModules:pushZmq] Fixed typo. [Sami Mokaddem] - [worflow:applyFilter] Replace existing data correctly. [Sami Mokaddem] - [security] Org admins cannot delete site admin accounts see #9121. [Christophe Vandeplas] - [removing totp] was a postlink, causing unprompted removal. [iglocska] - use a GET to display a modal with the prompt - [privileges] only site admins can remove totp for a user. [iglocska] - leads to potential privilege check circumvention otherwise (org admin deleting site admin's totp key) - also, removal should be a nuclear option - [totp field check] causes exception if update is not executed yet and the field isn't added. [iglocska] - without the login the update doesn't execute - chicken & egg issue - Localisation typo diagnostic typo. [Sura De Silva] - [Attribute index] moved to light pagination. [iglocska] - [sync] Error handling when pulling clusters. [Jakub Onderka] - [internal] Missing user_id field for event when editing shadow attribute. [Jakub Onderka] - [internal] Undefined index for invalid request. [Jakub Onderka] - [templates controller] remove CSRF protection from the rearranging. [iglocska] - worst case an attacker messes with the order of a template's fields via CSRF, don't think anyone will ever care - removes the annoying blackholing for the drag and drop - [over-correlations] weren't truly case insensitive, causing potential issues matching and entering values. [iglocska] - wrapped adding a new value in a try catch, no need to make synchronisations fail over this - added case insensitive change to values on entry (table should be all lower-case) - added update script to lowercase existing values - [typo]fixed. [iglocska] - [widget] attribute trend widget ambiguity fixed in query. [iglocska] - filtering on time would throw an exception as the loaded relation to Events also contains a timestamp field - [feeds] removed 2 dead feeds. [Christophe Vandeplas] - [feed] feed-list tool now checks for feed availability. [Christophe Vandeplas] - [feed] fixes undefined index in pullRulesField.ctp. [Christophe Vandeplas] - [cleanup] gitignore feed cache. [Christophe Vandeplas] - [cleanup] removes some TODO messages #103. [Christophe Vandeplas] - [todo] CakePHP automatically i18n $validate Model vars. [Christophe Vandeplas] - [feeds] fix missing variable for view. [Christophe Vandeplas] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #9021 from vincenzocaputo/add-telegram-alert- module. [Alexandre Dulaunoy] new: [misp-workflow-modules] Telegram alert module - Added new Telegram action module. [vincenzocaputo] - Merge branch 'totp' into develop. [iglocska] - Merge branch 'develop' into feature/totp. [Christophe Vandeplas] - Merge pull request #9101 from JakubOnderka/passedArgs_is_undefined. [Jakub Onderka] Passed args is undefined - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #9094 from dragsu/fix-localisation-diagnostics- typo. [Jakub Onderka] fix: localisation typo in diagnostic page - Merge pull request #8830 from JakubOnderka/access-log-enhancement. [Jakub Onderka] Access log enhancement - Merge pull request #8763 from JakubOnderka/galaxy-cluster-pull. [Jakub Onderka] Galaxy cluster pull - Merge pull request #9057 from JakubOnderka/sentry. [Jakub Onderka] new: [internal] Send exceptions to Sentry if enabled - Merge pull request #9098 from JakubOnderka/audit-log-ignore-unique- ips. [Jakub Onderka] chg: [log] Do not audit log when unique_ips field is changed - Merge pull request #9099 from JakubOnderka/redis-loading. [Jakub Onderka] chg: [internal] Check if Redis is loading - Merge pull request #8906 from JakubOnderka/fix-missing-user-id. [Jakub Onderka] fix: [internal] Missing user_id field for event when editing shadow attribute - Merge pull request #8907 from JakubOnderka/remove-user-guide. [Jakub Onderka] chg: [UI] Remove local user guide - Merge pull request #8908 from JakubOnderka/oidc-logging. [Jakub Onderka] chg: [oidc] Better info logging with IP and part of session ID - Merge pull request #8909 from JakubOnderka/fix-notice. [Jakub Onderka] fix: [internal] Undefined index for invalid request - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #9086 from ostefano/workers-fix. [Andras Iklody] Explicitly add dependency to 'php-http/message-factory' - Explicitly add dependency to 'php-http/message-factory' [Stefano Ortolani] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] - Merge pull request #9082 from JakubOnderka/galaxy-import-cleanup. [Jakub Onderka] Galaxy import cleanup - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] v2.4.171 (2023-05-17) --------------------- New ~~~ - [dashboard widgets] alternate org evolution widget. [iglocska] - allows for filtering options based on org metadata - allows for any arbitrary start date to be set - [dashboard widgets] Event evolution widget added. [iglocska] - shows the events published as a linechart - allows for filter options by organisation (metadata) - allows to set start date - [API Activity widget] added for admins. [iglocska] - which key was used and how frequently in the selected time period - comes with additional filters such as org metadata - [widget] login widget added for admins. [iglocska] - who logged into the instance via the UI in the past x days / current month / current year, and how frequently? - [organisation usage widget (map)] added world map listing the countries / counts for each country of users. [iglocska] - [dashboard templates] show which modules will be visible to the given user. [iglocska] - [auth] log api key usage in redis. [iglocska] - lightweight per day slice of api key use - built as a ranked set in redis for the dashboards - [widget] monitor the trending attribute values. [iglocska] - filter by timeframe among other filters - [widget] User contribution widget. [iglocska] - filterable - [widget] added a widget to monitor contribution counts per org. [iglocska] - filterable - [widget] Widget to show latest users. [iglocska] - filter by org metadata, etc - [widgets] Widget to list latest joined orgs. [iglocska] - filter by org metadata / timeframe - [usagedata widget] upgraded. [iglocska] - allows for filtering based on organisation metadata - shows changes in current month - fixed several invalid statistics - moved all individual statistics to separate functions for readability - removed permission restriction - the data is only showing aggregates - [setting] added a new setting to remove email addresses from widgets that would otherwise display it. [iglocska] - anonymise the widgets on demand - [workflow] Initial work on filtering modules - WiP. [Sami Mokaddem] - Add param to get exact matches on attribute values. [Luciano Righetti] - [orgBlocklist:index] Added total blocked count and last block time for each blocked orgs. [Sami Mokaddem] Changes ~~~~~~~ - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [widget] margin change to allow for large numbers. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [doc] Updated ubuntu version and test status. Misc. cake commands. [Steve Clement] - [version] bump. [iglocska] - [dashboard widget UI] made some changes to accomodate the new widgets. [iglocska] - [list dashboard templates] view updated with the relevant changes to show allowed/denied widgets in a given template. [iglocska] - [usercontribution widget] added permission check for Security.disclose_user_emails. [iglocska] - [usage widget] removed autorefresh. [iglocska] - [widget UI] various improvements. [iglocska] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [misp-stix] Bumped latest version. [Christian Studer] - [PyMISP] Bump version. [Raphaël Vinot] - [workflow:getClassFromModule] Removed error suppression while importing modules. [Sami Mokaddem] - [appController] Bumped queryVersion. [Sami Mokaddem] - [workflow] Updated filter add/reset and added support + fixed bunch of bugs. [Sami Mokaddem] Also added raw (patched) drawflow library source code - [workflow:editor] Reference non-minified drawflow lib. To be reverted later on. [Sami Mokaddem] - [taxii_push] Importing `misp_stix_converter` from the `misp-stix` submodule. [Christian Studer] - [stix2 import] Removed the no longer STIX2 -> MISP mapping script as it is handled by `misp-stix` [Christian Studer] - [misp-stix] Bumped latest version supporting `sharing_group_id` argument for the MISP Event that is generated as result of the STIX 2 conversion. [Christian Studer] - [misp-stix] Bumped latest version. [Christian Studer] - [misp-stix] Bumped the latest version that supports the recent changes used to generate new galaxies and clusters. [Christian Studer] - [stix import] Updated the `upload_stix` form params to be inline with the support of multiple STIX 1 & 2 versions. [Christian Studer] - [misp-stix] Bumped latest version. [Christian Studer] - [stix2 export] Setting `2.1` as the default STIX 2 export version. [Christian Studer] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [external] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [console:ls22shell] Skip org named `ORGNAME` when generating scores. [Sami Mokaddem] - [console:ls22shell] Only generate scores for local orgs. [Sami Mokaddem] - [servers:index] Added filtering capability. [Sami Mokaddem] - [cti-python-stix2] Bumped latest version. [Christian Studer] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [junk removed] removed accidentally inserted characters. [iglocska] - fell asleep on the keyboard? - [trending tags widget] reworked. [iglocska] - added day based time_window option - much more perforant / memory friendly - [misp-stix] Bumped latest version with a fix on the way we find whether STIX content has been created with the MISP to STIX conversion feature or is some external content. [Christian Studer] - [misp-stix] Bumped version fixing some issues with observable objects import. [Christian Studer] - [CI] once again, this one should be good... [Raphaël Vinot] - [PyMISP] Bump, fix CI. [Raphaël Vinot] - [CI] keep trying to debug. [Raphaël Vinot] - [CI] Fix path. [Raphaël Vinot] - [CI] PyMISP install and test. [Raphaël Vinot] - [PyMISP] Update release, fix lief issue. [Raphaël Vinot] - [workflow:ms-teams-webhook] Patched to pass more data to ms-teams. [Sami Mokaddem] - [workflow:attribute_ids_flag_operation] Correctly import parent module. [Sami Mokaddem] - [workflow:formatConverterTool] Correctly propagate event tags to attribute when in attribute context. [Sami Mokaddem] Fix #9051 - [workflow:formatConverterTool] Make sure properties exist. [Sami Mokaddem] - [workflow:infoModal] Updated format to latest version. [Sami Mokaddem] - [internal] Warning when searchvalue is not defined. [Jakub Onderka] - Fix query. [Luciano Righetti] - [TAXII] TAXII name as defined by OASIS. [Alexandre Dulaunoy] - [test] Build test. [Jakub Onderka] - [upload_stix] PHP is not python. [Christian Studer] - `array_key_exists` is the friend we were looking for here - `in_array` only tests the values of an array and not the keys - [upload_stix] Fixed the `distribution` & `sharing_group_id` values checking. [Christian Studer] - we have to convert them to int to check with the list of distributions and sharing groups that have int keys - [stix2 import] Made the stix parser arguments `kwargs` as it is supported, to avoid issues with positional arguments. [Christian Studer] - [upload_stix] Properly showing and hiding the sharing groups selector. [Christian Studer] - [workflow:formatConvert] Make sure to include the __allTags when in converting from event scope. [Sami Mokaddem] - [workflow:tag_if] Correctly parse empty tag fields. [Sami Mokaddem] - [stix2 import] Adding all the submodules dependencies to avoid issues with uninstalled python libraries and use the submodules directly instead. [Christian Studer] - [stix2 import] Fixed the STIX version value used to describe the uploaded STIX file. [Christian Studer] - [stix2 import] Changed the test to check the `misp-stix` conversion return message. [Christian Studer] - [stix2 export] Handling - as expected by MISP - warning messages when the `debug` option is set. [Christian Studer] - [stix1 import] Quick variable name fix. [Christian Studer] - [console:ls22shell] Improved collaboration with extended event check logic and slightly increased score budget. [Sami Mokaddem] - [console:ls22shell] Added includeWarninglistHits parameter in restSearch query. [Sami Mokaddem] - [workflow:formatConvert] Make sure to include the __allTags when in converting from event scope. [Sami Mokaddem] - [workflow:tag_if] Correctly parse empty tag fields. [Sami Mokaddem] - Admin logs pagination. [Luciano Righetti] - [console:ls22shell] Gracefully catch case where extended event have not been sync. [Sami Mokaddem] - [console:ls22shell] Fixed `from` and `to` param when generating scores. [Sami Mokaddem] - [event:discussion] Fixed potential CSRF issue while adding a comment. [Sami Mokaddem] Fix #8916 - [misp-stix] Bumped latest version with some quick fixes. [Christian Studer] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #9061 from SteveClement/guides. [Luciano Righetti] chg: [doc] Updated ubuntu version and test status. Misc. cake commands. - Merge branch 'new_widgets' into develop. [iglocska] - Merge branch 'develop' into new_widgets. [iglocska] - Removed cogsec, domain not renewed. [Sascha Rommelfangen] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'feature-workflow-filtering-modules' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-workflow- filtering-modules. [Sami Mokaddem] - Merge pull request #9056 from JakubOnderka/searchvalue-fix. [Jakub Onderka] fix: [internal] Warning when searchvalue is not defined - Merge pull request #9050 from righel/add-searchvalue-param. [Luciano Righetti] new: add param to get exact matches on attribute values - Add: doc. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #9044 from JakubOnderka/build-test-fix. [Jakub Onderka] fix: [test] Build test - Merge branch 'misp-stix' of github.com:MISP/MISP into develop. [Christian Studer] - Add: [stix2 import] Handling sharing group id parameters to pass to the resulting MISP Event. [Christian Studer] - Add: [stix2 import] Added parameters used by `misp-stix` to handle the distribution value. [Christian Studer] - Add: [stix2 import] Added `distribution` to the `upload_stix` form so we can pass its value to `misp-stix` [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into misp-stix. [Christian Studer] - Add: [stix import] Supporting the STIX 2 objects import as Galaxies 2.0. [Christian Studer] - Extracting the Galaxies & Clusters - Using the `importGalaxyAndClusters` endpoint to handle the creation of new Galaxies & Clusters - Passing the related tag names to have the clusters attached to the right data structures - Add: [upload_stix] Added the `galaxy_editor` permission condition on the `upload_stix` form to view the Galaxies 2.0 related checkbox. [Christian Studer] - Wip: [stix2 import] Using `misp-stix` to import STIX 2 content. [Christian Studer] - Changed the related view used to upload the STIX 2 files - Added 2 parameters to choose to import Galaxies as tag or with a complete Galaxy content parsing (which will be implemented soon), and another one for admins to debug the errors and warnings messages sent by `misp-stix` - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] v2.4.170 (2023-04-13) --------------------- New ~~~ - [misp-workflow-modules] Event threat level if logic module. [vincenzocaputo] Changes ~~~~~~~ - Bumped version. [Sami Mokaddem] - [misp-stix] Bumped the latest version. [Christian Studer] - [PyMISP] Bump. [Raphaël Vinot] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - Move breakOnDuplicate check to Attribute::captureAttribute. [Luciano Righetti] - Handle breakOnDuplicate parameter in Attribute:add() to perform upserts instead of failing. [Luciano Righetti] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [event:_add] Simplified ACL test checking whether a user can create the event. [Sami Mokaddem] - Simplifed code - Removed extremely old condition `$data['Event']['orgc'] != user['Organisation']['name']` that's not relevant anymore - Make sure that Orgc.uuid takes precedence over Event.orgc_id - [workflow-module:send_mail] add send_log_mail for org admin as rcpts. [Christophe Vandeplas] - [workflow-module:send_mail] allow to all admins. [Christophe Vandeplas] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [authkey] pin IP on view page. [Christophe Vandeplas] - [authkey] One-click IP as only allowed IP. [Christophe Vandeplas] - [AuthKey] db change. [Christophe Vandeplas] - [AuthKey] store IPs used to connect and show them. [Christophe Vandeplas] - [workflows] Log After Save module. [Christophe Vandeplas] - [PyMISP] updated. [Alexandre Dulaunoy] - [git] exclude DebugKit plugin from git. [Christophe Vandeplas] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [pymisp] bump. [iglocska] - [pymisp] version string bump. [iglocska] Fix ~~~ - [workflow:tag_if] Correctly compare cluster tags. [Sami Mokaddem] - Unset id and uuid of object attributes if regenerateUUIDs is checked when populating event with a MISP json fixes #9012. [Luciano Righetti] - Handle when a batch of attributes is sent and only a subset has breakOnDuplicate=false. [Luciano Righetti] - Remove unused line. [Luciano Righetti] - Consistent hash calculation in object dup checks. [Luciano Righetti] - Fix "'sharing_group_id' doesn't have a default value error" error when importing OpenIOC file. [Luciano Righetti] - Disable csrf checks for events/saveFreeText when CustomAuth is enabled, fixes #8991. [Luciano Righetti] - [event:viewAttribute] Reset pagination state when using a filter on the attribute table. [Sami Mokaddem] - This will certainly make @rommelfs happy :) - [galaxy] Clarify supported format of webui galaxy import. [Christophe Vandeplas] - [workflows] fix undefined index in moduleView. [Christophe Vandeplas] - [workflow-module:enrich_event] Do not run enrichment is no filtered elements. [Sami Mokaddem] If a filtering condition was set and no item were matched, the whole event was enriched. Now nothing - [workflow-module:tag_if] Added support of galaxy clusters. [Sami Mokaddem] Fix #8959 - [db:workflows] Changed workflows.data from TEXT to LONGTEXT. [Sami Mokaddem] Should fix issue #8979 - [AuthKey] integrate mokaddem's remarks. [Christophe Vandeplas] - [AuthKeys] prevent race condition with double IPs. [Christophe Vandeplas] - [workflows] Email requires misp-modules. [Christophe Vandeplas] - [sightings] don't be case insensitive on code side. [iglocska] - [AccessLog] MySQL command. [dnso86] - [adminShell:optimiseTables] MySQL command. [dnso86] - [security] XSS in community index. [Sami Mokaddem] - As reported by Zigrin Security - [docs] revert attempt. [Christophe Vandeplas] - [docs] attempt to fix failing includes in github pages. [Christophe Vandeplas] - [docs] Fixes one more broken link. [Christophe Vandeplas] - [docs] Fixes broken links on misp.github.io website. [Christophe Vandeplas] - [galaxyCluster index] filter by galaxy should accept UUID too not just ID. [iglocska] - [Galaxy index search] fixed. [iglocska] - seems to be using the Cerebrate format rather than MISP? Other ~~~~~ - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into chg-acl-event-add- simplification. [Sami Mokaddem] - Merge pull request #8980 from righel/ignore-dup-attrs. [Luciano Righetti] [new]: add breakOnDuplicate option to attributes/add - Cgh: add named param support for attributes:add() breakOnDuplicate. [Luciano Righetti] - Merge pull request #9009 from righel/fix-openioc-import. [Luciano Righetti] fix: fix openioc import - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'pr-8983' into develop. [Sami Mokaddem] - Use existing and appropriate function to retrieve threat levels. [vincenzocaputo] - Merge branch '2.4' of https://github.com/vincenzocaputo/MISP into add- threatlevel-if-module. [vincenzocaputo] - Remove unused properties. [vincenzocaputo] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] - Merge remote-tracking branch 'origin/feature/api_log_and_pin_ip' into develop. [Christophe Vandeplas] - Merge branch 'develop' into feature/api_log_and_pin_ip. [Christophe Vandeplas] - Merge branch 'develop' into feature/api_log_and_pin_ip. [Christophe Vandeplas] - Merge branch '2.4' into develop. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [Christophe Vandeplas] - Merge branch '2.4' into develop. [Christophe Vandeplas] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #8989 from dnso86/fix-cake-optimisetables-query. [Alexandre Dulaunoy] Fix typo in OPTIMIZE MySQL commands - Revert "Feature/api log and pin ip (#8965)" [Christophe Vandeplas] This reverts commit d5ce838ddca4f95b6c303b64b53b70b0b1bc28da. - Feature/api log and pin ip (#8965) [Christophe Vandeplas] * fix: [sightings] don't be case insensitive on code side * chg: [AuthKey] store IPs used to connect and show them * chg: [AuthKey] db change * fix: [AuthKeys] prevent race condition with double IPs * chg: [git] exclude DebugKit plugin from git * fix: [AuthKey] integrate mokaddem's remarks * chg: [authkey] One-click IP as only allowed IP * chg: [authkey] pin IP on view page --------- - Update background-jobs-migration-guide.md. [Luciano Righetti] - Merge pull request #8970 from righel/fix-installer-pages. [Alexandre Dulaunoy] [fix] fix installer pages - [fix]: comment (properly) md inclusion for archived guides, cannot include from parent dir. [Luciano Righetti] - [fix]: comment md inclusion for archived guides, cannot include from parent dir. [Luciano Righetti] - [fix]: relative md inclusion (archived) [Luciano Righetti] - [fix]: relative md inclusion. [Luciano Righetti] - [fix]: relative md inclusion. [Luciano Righetti] - [fix]: relative md inclusion. [Luciano Righetti] v2.4.169 (2023-03-14) --------------------- New ~~~ - [ApacheAuthenticate] Add STARTTLS support for LDAP connection. [Anders Einar Hilden] Controlled by setting `ApacheSecureAuth.starttls`. Default (`ApacheSecureAuth.starttls undefined`) is `false`, since it is a new feature. config.default.php is updated with `ApacheSecureAuth.starttls = true` as default and extra explanations. - [LS22 shell] added setSetting command. [iglocska] - [misp-workflow-modules] Splunk HEC export Module implemented. [Benni0] Changes ~~~~~~~ - [misp-stix] Bumped latest version. [Christian Studer] - Order for tests. [Raphaël Vinot] - Update GHA to fix composer, maybe. [Raphaël Vinot] - Bump ubuntu version to use. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] - [db_schema] version bump. [iglocska] - [db_schema] update. [iglocska] - [vendor dir check diagnostic] made the execution optional if the required package is missing. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [workflow:module_splunk_hec_export] added parameter for source type specification. [benni0] - [command:ls22] Improved scoring for LS shell. [Sami Mokaddem] - [diagnostics] Report on Vendor dependencies. [Christophe Vandeplas] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-warning] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [workflow:module_splunk_hec_export] Small refactoring. [Sami Mokaddem] - [workflow:module_webhook] Added support of more parameter to perform a request. [Sami Mokaddem] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-stix] updated to the latest version. [Alexandre Dulaunoy] - [dashboard-widget:TrendingTags] Added filtering and over time functionalities. [Sami Mokaddem] - [events:add_misp_export] Handle case of missing Event key. [Sami Mokaddem] - [events:populate] Added support of regeneration of UUIDs. [Sami Mokaddem] - [events:populate] Improved support of MISP core format. [Sami Mokaddem] - [view:ajaxTags] Added placeholder for highlighted taxonomies without a tag. [Sami Mokaddem] Fix ~~~ - Install guide links. [fukusuket] - [testlive security] change the test org name to not include spaces. [iglocska] there's a lookup via orgname in the URL that causes the tests to fail otherwise - [php7.2 compat] make 7.2 happy with no trailing comma in the funciton params. [iglocska] - [LS22 shell] parameter name fixed. [iglocska] - [security] XSS in event-graph relationship tooltip. [Sami Mokaddem] - [security] XSS in event-graph node tooltips. [Sami Mokaddem] - as reported by Cyber Controls from SIX Group - [workflowModules:splunkHec] Fixed indentation. [Sami Mokaddem] - [workflow:module_splunk_hec_export] typo colon removed. [Benni0] - [workflow:module_splunk_hec_export] top level event required by splunk hec. [benni0] - [Sighting] rework of the loading via restsearch. [iglocska] - the chunking and limiting by attribute IDs in the sighting restsearch caused long delays due to a select with two AND-ed in value lists causing the query optimiser to constantly run statistics on the table - moved the filtering by attribute to PHP side via a loop, it should boost the performance of the function - and with it the sync considerably - [Sighting] rework of the loading via restsearch. [iglocska] - the chunking and limiting by attribute IDs in the sighting restsearch caused long delays due to a select with two AND-ed in value lists causing the query optimiser to constantly run statistics on the table - moved the filtering by attribute to PHP side via a loop, it should boost the performance of the function - and with it the sync considerably - [attribute correlations] account for both entry points, event view and attribute index. [iglocska] - to select the correct field for the remote ID (rather than point at an attribute ID in the related events) - [correlations] attribute index / search shows incorrect correlations, fixes #8930. [iglocska] - showed the attribute ID rather than the event ID, also leading to invalid URLs for pivoting - [object correlations] fixed - ACL was incorrectly hiding valid correlations for a user, fixes #8929. [iglocska] - inherit as the object distribution was blocked when showing correlations - [tools] corrected path to misp-website. [Christophe Vandeplas] - [taxii servers] invalid baseurl field type. [iglocska] - copy pasta strikes again - [workflow:standalone_module_execute] Clear error output on sucess. [Sami Mokaddem] - [workflow:baseModule] Removed unused line. [Sami Mokaddem] - [objects:group_attributes_into_object] Typo in find options. [Sami Mokaddem] - [attribute:bro] Restored bro export. [Sami Mokaddem] The broExport should probably be rewritten to sue the standard restSearch export later on - [dashboard:widget_render] Use the correct render when using cache. [Sami Mokaddem] - [attribute:bro] Restored bro export. [Sami Mokaddem] The broExport should probably be rewritten to sue the standard restSearch export later on Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #8951 from fukusuket/fix-install-guide-doc-links. [Alexandre Dulaunoy] fix: install guide links - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge pull request #8952 from MISP/composer_fix. [Raphaël Vinot] chg: update GHA to fix composer, maybe. - Merge branch 'develop' into composer_fix. [Raphaël Vinot] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] - Merge branch 'pr-8948' into develop. [Sami Mokaddem] - [new]: [doc] [ApacheSecureAuth] Add minimal docs for ApacheSecureAuth, and a bigger section about using the /users/logout401 endpoint. [Anders Einar Hilden] - [new]: [ApacheSecureAuth] Add endpoint /users/logout401 for logging out from HTTP Basic Auth. [Anders Einar Hilden] This can be used by i.e. ApacheSecureAuth to make a browser forget cached HTTP Basic Auth credentials, which would otherwise result in a logut->login loop. - Merge branch 'pr-8946' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'pr-8835' into develop. [Sami Mokaddem] - Merge pull request #1 from Benni0/develop. [Benni0] Merge fix for workflow:module_splunk_hec_export - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'pr-8835' into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] v2.4.168 (2023-02-01) --------------------- New ~~~ - [indexTable] added 3 new simple elements. [iglocska] - custom_element -> loop the data through an element set via element_path - model -> for the various log indeces, format the log entry's model entry as MODEL #MODEL_ID - time -> loop the data through the time helper's time() function Changes ~~~~~~~ - [auth] group authentication code. [Christophe Vandeplas] - [misp-stix] Bumped latest version. [Christian Studer] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [PyMISP] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [servers:testConnection] Prematurely close the session allowing concurrent requests. [Sami Mokaddem] - [taxonomies] updated. [Alexandre Dulaunoy] - [logs:event_index] Added notice about displayed data and usage of LightPaginator. [Sami Mokaddem] - [warning-lists] updated. [Alexandre Dulaunoy] - [event index] changed to the indextable generator. [iglocska] - [indexTable] added option for the generic Field to set a default value, if the referenced value is empty. [iglocska] - via the key 'empty' - [README.md] phrasing. [Andras Iklody] - [README.md] added a missing comma. [Andras Iklody] Just testing mail filters.... :) - [internal] allow site admins ability to view event_creator_email for all events in export. [goodlandsecurity] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [VERSION] bump. [iglocska] - [misp-galaxy] Bumped latest version. [Christian Studer] - [shadowAttribute:accept] Restored accepting functionality. [Sami Mokaddem] Replace cake's magic finder by the standard way to fetch data - [security] Prevent unauthorized access to decaying import function. [Sami Mokaddem] - as reported by Cyber Controls from SIX Group - [security] XSS in eventgraph preview payload. [Sami Mokaddem] - as reported by Cyber Controls from SIX Group - [security] XSS through network history name. [Sami Mokaddem] - as reported by Cyber Controls from SIX Group - [tags:relationship] Fixed synchronisation of relationship_type. [Sami Mokaddem] - [feed:edit] Make sure to keep orgc_id to its saved value. [Sami Mokaddem] - [doc] New year - copyrights updated. [Alexandre Dulaunoy] - [README.md] typo fixed. [Andras Iklody] testing mail filters further - [tags:relationship] Fixed synchronisation of relationship_type. [Sami Mokaddem] - [querystring] bumped. [Andras Iklody] - [postTest] speculative fix for case sensitivity of headers. [iglocska] - as reported by @DavoDirty Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Minor code cosmetic fix. [Christophe Vandeplas] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - [security] XSS in authkey add. [Sami Mokaddem] - as reported by Dawid Czarnecki from Zigrin Security - Merge pull request #8870 from goodlandsecurity/fix-event-creator- email. [Andras Iklody] chg: [internal] allow site admins ability to view event_creator_email for all events in export - Merge pull request #8543 from nandelson/2.4. [Alexandre Dulaunoy] Fix markdown formatting in INSTALL.rhel7.md - Update INSTALL.rhel7.md. [Dan Nelson] v2.4.167 (2022-12-22) --------------------- New ~~~ - [UI] Show similar objects when creating object from freetext. [Jakub Onderka] - [UI] Allow to create object from freetext. [Jakub Onderka] - [UI] Preparation for creating object from freetext. [Jakub Onderka] - [event-timeline] Added Timestamp distribution chart when the timeline cannot show all items. [Sami Mokaddem] - [UI] Add ability to disable discussion. [Jakub Onderka] - [log] Access log retention command. [Jakub Onderka] - [log] Add ability to log sql queries for access log. [Jakub Onderka] - Show highlighted tags in event index. [Luciano Righetti] - Add support for highligting certains taxonomies in event view. [Luciano Righetti] - Show highlighted tags in event index. [Luciano Righetti] - [session killswitch] added endpoint to kill existing sessions for a user. [iglocska] - required for integration in MeliCERTes II Changes ~~~~~~~ - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [runaway function] split into easier to comprehend ones. [iglocska] - [PyMISP] Re-bump. [Raphaël Vinot] - [cleanup] indexfilter unused leftover functionality reworked. [iglocska] - [internal] Add blackhole exception logging. [Jakub Onderka] - [UI] Add titles for attribute actions. [Jakub Onderka] - [UI] Show exception message to user when importing MISP file. [Jakub Onderka] - [import] Do not put same comment to all attribute in object. [Jakub Onderka] - [internal] Simplify importChoice. [Jakub Onderka] - [internal] Move finding object similarities from controller to model. [Jakub Onderka] - [internal] Simplify ObjectTemplate::checkTemplateConformityBasedOnTypes method. [Jakub Onderka] - [UI] Cleanup for resolved_attributes template. [Jakub Onderka] - [internal] Add object code cleanup. [Jakub Onderka] - [UI] Nicer user edit for notifications. [Jakub Onderka] - [mail] Allow to unsubscribe from notification emails. [Jakub Onderka] - [UI] Nicer user view for notifications. [Jakub Onderka] - [internal] Keep connection to OIDC when sending emails. [Jakub Onderka] - [UI] Simplify global administration menu. [Jakub Onderka] - [UI] Rename Tag event to Attach cluster to event for in attack matrix view. [Jakub Onderka] - [internal] Remove unused to_ids from AttributesController::fetchViewValue. [Jakub Onderka] - [internal] PivotHelper code cleanup. [Jakub Onderka] - [UI] Show SightingDB field just when SightingDB is enabled. [Jakub Onderka] - [UI] Small fixes. [Jakub Onderka] - [UI] Remove dashboard from side menu. [Jakub Onderka] - [ACL] Warninglist::checkValue is available for all. [Jakub Onderka] - [UI] Add warning when downloading malware-sample. [Jakub Onderka] - [UI] Import module cleanup. [Jakub Onderka] - [UI] Put sparkline data into HTML. [Jakub Onderka] - [UI] Change event alert field. [Jakub Onderka] - [UI] Nicer attribute search form. [Jakub Onderka] - [UI] For quick edit offer just valid types. [Jakub Onderka] - [UI] Move Add object button close to Add attribute button. [Jakub Onderka] - [UI] Hide org column if not required. [Jakub Onderka] - [UI] Simplify Sync Actions global menu. [Jakub Onderka] - [UI] Add extra class to dropdown just when necessary. [Jakub Onderka] - [UI] Replace 'Populate using a template' button with 'Add object' button. [Jakub Onderka] - [UI] Hide popover when pressing ESC on closed chosen. [Jakub Onderka] - [UI] Use chosen when adding object. [Jakub Onderka] - [internal] Fetch just necessary fields for fetching taxonomy tags. [Jakub Onderka] - [UI] Add description to batch import. [Jakub Onderka] - [UI] Use same logic for sharing group change also for feeds. [Jakub Onderka] - [PyMISP] Bump version. [Raphaël Vinot] - [graph.js] Updated to version 4.1.1. [Sami Mokaddem] - [taxonomy:checkIfNewTagAllowed] Add the `tlp` edge-case when adding new tags. [Sami Mokaddem] - Now, after removing all mirrors, I can go about my day without constantly being reminded of my existence. - [roles] set default role to User if none is set. [Christophe Vandeplas] - [internal] Better error message for FileAccessTool::writeToFile. [Jakub Onderka] - [internal] Move rest response SQL output. [Jakub Onderka] - [test] Show application logs. [Jakub Onderka] - Show short tags for highlighted tags. [Luciano Righetti] - [redistool] allow for using sockets. [iglocska] - [logs] user can see own logs. [Christophe Vandeplas] Fix ~~~ - [security] XSS in the template file uploads. [iglocska] - as reported by Dawid Czarnecki from Zigrin Security - [index actions] urlencode the parameter values, otherwise certain functionalities passing for example tag names around won't work. [iglocska] - fixes #8820 - [UI] Fix user sorting. [Jakub Onderka] - [UI] Prevent default action when showing sightings. [Jakub Onderka] - [UI] Do not show model ID in audit log if it is zero. [Jakub Onderka] - [UI] Undefined shortDist array. [Jakub Onderka] - [UI] Warnings when user don't have permission to see sharing group orgs. [Jakub Onderka] - [UI] Galaxy cluster distribution levels. [Jakub Onderka] - [UI] View action should be last. [Jakub Onderka] - [UI] Galaxy cluster UI cleanup. [Jakub Onderka] - [UI] Use correct menu for categories_and_types page. [Jakub Onderka] - [UI] Remove duplicate autoalert field in user profile. [Jakub Onderka] - [UI] Show user column for auth keys just for admins. [Jakub Onderka] - [UI] Correctly fetch data from resolved MISP format. [Jakub Onderka] - [UI] Show correct message when creating event when MISP.unpublishedprivate is enabled. [Jakub Onderka] - [UI] Margin fixes for resolved_misp_format.ctp. [Jakub Onderka] - [UI] To IDS checkbox for attribute search. [Jakub Onderka] - [internal] Simplify regexp. [Jakub Onderka] - [UI] Change margin for notice message. [Jakub Onderka] - [UI] Remove unnecessary prevent default from ListTopBar. [Jakub Onderka] - [UI] Correct message for fail callback. [Jakub Onderka] - [internal] Try to fix undefined index user_id when adding object. [Jakub Onderka] - [UI] Quick edit of distribution. [Jakub Onderka] - [UI] Show add object attribute button just when user has permission. [Jakub Onderka] - [UI] Error message when trying to add invalid attribute to object. [Jakub Onderka] - [internal] Remove duplicate attribute fetching. [Jakub Onderka] - [UI] Description for attributes. [Jakub Onderka] - [attribute] IP address was considered as valid AS number. [Jakub Onderka] - [internal] Taxonomy code cleanup. [Jakub Onderka] - [UI] Taxonomy tags invalid link. [Jakub Onderka] - [UI] Small fixes. [Jakub Onderka] - [UI] Do not show publish buttons for users without privilege. [Jakub Onderka] - [UI] Communities. [Jakub Onderka] - [UI] Disable correlating field for non correlating attributes when adding object. [Jakub Onderka] - [internal] Remove warning when using populate by template. [Jakub Onderka] - [UI] Remove duplicate onclick. [Jakub Onderka] - [UI] Pagination for audit log. [Jakub Onderka] - [UI] Attribute correlation popover. [Jakub Onderka] - [UI] Attribute correlations. [Jakub Onderka] - [internal] Migration 105. [Jakub Onderka] - Db_version in db_schema.json. [Jakub Onderka] - [UI] Add missing space after tag. [Jakub Onderka] - [dashboard:*SightingsWidget] Updated to support the correct response type. [Sami Mokaddem] - [auth][log] log correct org/userid with failed login fixes #8807. [Christophe Vandeplas] - [log] filter user logs on user_id not email. [Christophe Vandeplas] - [dashboard] sort dashboard widgets. [Christophe Vandeplas] - [log] remote IP header clarify prefix is needed. [Christophe Vandeplas] - [log] Fetching remote IP address. [Jakub Onderka] Fixes #8795 and #8788 - [log] Condition for old access log. [Jakub Onderka] - [log] Request time. [Jakub Onderka] - [UI] Consider Database/MysqlExtended as valid data source. [Jakub Onderka] - [log] Undefined index. [Jakub Onderka] - [db_schema] Update to 104. [Jakub Onderka] - [db] Duplicate migration. [Jakub Onderka] - [workflow:getUserForWorkflow] Give all perms to workflow user. [Sami Mokaddem] - [internal] Cleanup for log controller. [Jakub Onderka] - [test] Update after log change. [Jakub Onderka] - [internal] Attaching clusters. [Jakub Onderka] - Undefined index. [Luciano Righetti] - Css. [Luciano Righetti] - Undefined. [Luciano Righetti] - Undefined index. [Luciano Righetti] - Cs. [Luciano Righetti] - Cs. [Luciano Righetti] - Add new db version. [Luciano Righetti] - Support short tags setting. [Luciano Righetti] - Add missing views. [Luciano Righetti] - Support short tags setting. [Luciano Righetti] - Add missing views. [Luciano Righetti] - Conflics and update db_schema.json. [Luciano Righetti] - [logs] only allow for perm_audit & promote the perm to all. [Christophe Vandeplas] - [log] Minor cosmetic fixes. [Christophe Vandeplas] - [ACL] added admin_destroy. [iglocska] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #8812 from StefanKelm/2.4. [Alexandre Dulaunoy] Update correlations.ctp - Update correlations.ctp. [StefanKelm] tiny typo - [fix] Properly configure dependabot for composer. [Raphaël Vinot] - Merge pull request #8784 from MISP/dependabot/github_actions/actions/checkout-3. [Raphaël Vinot] build(deps): bump actions/checkout from 2 to 3 - Build(deps): bump actions/checkout from 2 to 3. [dependabot[bot]] Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... - Merge pull request #8783 from MISP/dependabot/github_actions/github/codeql-action-2. [Raphaël Vinot] build(deps): bump github/codeql-action from 1 to 2 - Build(deps): bump github/codeql-action from 1 to 2. [dependabot[bot]] Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v1...v2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8613 from JakubOnderka/fix-ui. [Jakub Onderka] Fix UI - Merge pull request #8828 from JakubOnderka/fix-migration-105. [Jakub Onderka] fix: [internal] Migration 105 - Merge pull request #8826 from JakubOnderka/fix-tag-view. [Jakub Onderka] fix: [UI] Add missing space after tag - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Update correlations.ctp. [StefanKelm] tiny typo - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8751 from JakubOnderka/disable-discussion. [Jakub Onderka] new: [UI] Add ability to disable discussion - Merge pull request #8757 from JakubOnderka/sql-logging. [Jakub Onderka] SQL logging - Fixup! fix: [db_schema] Update to 104. [Jakub Onderka] - Merge pull request #8799 from JakubOnderka/duplicate-migration. [Jakub Onderka] fix: [db] Duplicate migration - Merge pull request #8796 from JakubOnderka/fix-cluster-attach. [Jakub Onderka] fix: [internal] Attaching clusters - Merge pull request #8794 from righel/highlighted-tags. [Luciano Righetti] new: highlighted tags - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] v2.4.166 (2022-11-28) --------------------- New ~~~ - [maintenance] Dependabot config. [Raphaël Vinot] - [restsearch] added optional ordering. [iglocska] - available on event/attribute restsearch - uses the new findOrder() internal function to have consistent filtering - [security setting] disable admin file management. [iglocska] - for compliance reasons, disable the upload of images for the various logos / decorations - setting can be enabled/disabled via CLI only - [news] Show the latest news in nicer view. [Jakub Onderka] - [CLI] Command for recompressing data stored in audit logs table. [Jakub Onderka] - [logging] Access log. [Jakub Onderka] - [attribute type] azure-application-id added. [iglocska] - En taro @xg5_datafiend - [docs] added taxii flowchart. [Andras Iklody] - [taxii integration] wip. [iglocska] - all MISP side code implemented for being able to have filtered pushes - still missing proper result handling as we need a working test implementation of the python scripts first - some assumptions made that need to be revisited - [docs] added taxii flowchart. [Andras Iklody] - [taxii integration] wip. [iglocska] - all MISP side code implemented for being able to have filtered pushes - still missing proper result handling as we need a working test implementation of the python scripts first - some assumptions made that need to be revisited Changes ~~~~~~~ - [version] bump. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump version. [Raphaël Vinot] - [rearrange parameters] improve the way we allow users to rearrange data. [iglocska] - tie more endpoints into the new findOrder() functionality - allow for new context specific ordering rules - [attribute] rearranging fixed. [iglocska] - [decayingModels:enable/disable] Return a better API response. [Sami Mokaddem] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - [pymisp] bump. [iglocska] - [ACL] added entries for taxii. [iglocska] - [github action] Added taxii branch. [Andras Iklody] - [misp-workflow-blueprints] updated. [Alexandre Dulaunoy] - [AadAuth] use proxy settings if present. [Luciano Righetti] - [internal] Remove stream request decompression, because it was broken. [Jakub Onderka] - [log] Support for encoded request in access logs. [Jakub Onderka] - [periodic_summary] Rephrased correlation text to make it more understandable. [Sami Mokaddem] - [periodic_summary] Added explanation about the "new correlation" section. [Sami Mokaddem] - [misp-workflow-blueprints] updated. [Alexandre Dulaunoy] - [logs] Add SQL queries count to access log. [Jakub Onderka] - [log] Better filtering for access logs. [Jakub Onderka] - [log] Multipart support for access log. [Jakub Onderka] - [log] Tune compression for audit and access logs. [Jakub Onderka] - [log] Store memory usage compressed in database. [Jakub Onderka] - [logs] Move filterSearch to misp.js. [Jakub Onderka] - [cli] Show stats for access logs. [Jakub Onderka] - [logging] ZSTD compression for audit log. [Jakub Onderka] - [PyMISP] Bump. [Raphaël Vinot] - [attribute restsearch] x-result-count calculation reworked. [iglocska] - show a fake number that still forces tools to keep pagination until needed - massive performance gain - fake it till you make it - [taxii] Added the required auth to the TAXII server. [Christian Studer] Fix ~~~ - [remote_ip] respect MISP.log_client_ip_header everywhere fixes #8781. [Christophe Vandeplas] - [logs] reverted action=request based exclusions in the logging. [iglocska] - we can once again receive these logs in the /logs/ logging system - simply reintroduced the old exceptions - [logs] reverted the removal of api logs from the /logs/ logging system unless confirmed. [iglocska] - breaks logging with existing configurations - [updates] fixed invalid numbering. [iglocska] - [AuditLog] warn admin when audit log is not enabled. [Christophe Vandeplas] - [UI] added Search Log in global_menu. [Christophe Vandeplas] - [internal] Database schema. [Jakub Onderka] - [taxii push] console log messages removed. [iglocska] - [side menu] merge fix. [iglocska] - [AadAuth] undefined. [Luciano Righetti] - [log] Encode request part of access log as it can contains non unicode chars. [Jakub Onderka] - [taxonomy:TagConflict] Strop generate notices for the `tlp:white` and `tlp:clear` tags. [Sami Mokaddem] - we had to remove all mirrors from the office after implementing this - [UI] Side menu requirement. [Jakub Onderka] - [internal] Method name. [Jakub Onderka] - [ACL] Event report permission. [Jakub Onderka] - [sync] Pulling sighting new way. [Jakub Onderka] - [correlations] Prevent Trying to access array offset on value of type null error. [Jakub Onderka] - [log] Handle empty body. [Jakub Onderka] - [logs] Remove support for elastic logging for auditlog, as it was broken and didnt work. [Jakub Onderka] - [UI] Popup top offset. [Jakub Onderka] - [internal] Undefined index: user_id and orgc_id for event. [Jakub Onderka] - [docs] small change. [Andras Iklody] - [docs] small change. [Andras Iklody] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [Christophe Vandeplas] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8778 from JakubOnderka/fix-database-schema. [Jakub Onderka] fix: [internal] Database schema - Merge branch 'taxii' into develop. [iglocska] - Merge branch '2.4' into taxii. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'develop' into taxii. [iglocska] - Merge pull request #8765 from righel/objects-restsearch-openapi-doc. [Luciano Righetti] add: [OpenAPI] objects restsearch endpoint docs - Add: [OpenAPI] objects restsearch endpoint docs. [Luciano Righetti] - Merge pull request #8762 from righel/aad-auth-support-proxy. [Luciano Righetti] Aad auth support proxy - Merge pull request #8752 from JakubOnderka/access-log-fixes. [Jakub Onderka] fix: [log] Encode request part of access log as it can contains non u… - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8753 from JakubOnderka/fix-event-report-acl. [Jakub Onderka] fix: [ACL] Event report permission - Merge pull request #8754 from JakubOnderka/fix-pull-sighting-new-way. [Jakub Onderka] fix: [sync] Pulling sighting new way - Merge pull request #8603 from JakubOnderka/code-fixes. [Jakub Onderka] News view - Merge pull request #8749 from JakubOnderka/access-log. [Jakub Onderka] new: [logging] Access log in database - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8747 from MISP/2.4. [Jakub Onderka] 2.4 into develop - Merge pull request #8745 from jsman/fix-galaxy-cluster-sync. [Jakub Onderka] fix: [sync] galaxy clusters stopped being pushed to remote servers - Reverse logic on permission check. [J. Sman] - Merge pull request #8746 from JakubOnderka/fix-event-userid. [Jakub Onderka] fix: [internal] Undefined index: user_id and orgc_id for event - Merge branch 'taxii' of github.com:MISP/MISP into taxii. [iglocska] - Merge pull request #8167 from chisholm/taxii_contrib. [Andras Iklody] Contribute TAXII push script - Change --api_root commandline parameter to --collection, since a TAXII collection URL is required as a target to push STIX content to. [Michael Chisholm] - Initial commit of script to push MISP content to a TAXII 2.1 server. [Michael Chisholm] - Change --api_root commandline parameter to --collection, since a TAXII collection URL is required as a target to push STIX content to. [Michael Chisholm] - Initial commit of script to push MISP content to a TAXII 2.1 server. [Michael Chisholm] v2.4.165 (2022-11-09) --------------------- New ~~~ - [CLI] added pretty and json output modes to list and view feeds. [iglocska] - [feed management] added to CLI. [iglocska] - still needs to add docs - [acl] Checks for publishing or modifying galaxy clusters. [Jakub Onderka] - [acl] Use canModifyEvent for attributes index. [Jakub Onderka] - [acl] canEditEventReport. [Jakub Onderka] - [acl] Check sighting deletion in ACLComponent. [Jakub Onderka] - [acl] User AlcHelper more often. [Jakub Onderka] - [UI] Show servers where event will be pushed. [Jakub Onderka] - [oidc] Change organisation name when UUID is provided. [Jakub Onderka] - [oidc] Allow to create new org with defined UUID. [Jakub Onderka] - [test] Sighting rest search test. [Jakub Onderka] - [test] Check sighting rest search ACL vol. 2. [Jakub Onderka] - [test] Check sighting rest search ACL. [Jakub Onderka] - [redis] Store some data in Redis compressed to save memory. [Jakub Onderka] - [feed] Store freetext feed compressed in cache. [Jakub Onderka] - [test] test_org_hide_index. [Jakub Onderka] - [acl] Move disabling correlation checking to Acl component. [Jakub Onderka] - [acl] CanModifyTag method in AclHelper. [Jakub Onderka] - [acl] Move checks from controller to ACL component. [Jakub Onderka] - [acl] View helper. [Jakub Onderka] - [workflowModule:attribute_ids_flag_operation] Module to toggle/remove the to_ids flag. [Sami Mokaddem] - [workflowModule:attribute_edition] Added generic module to support attribute edition. [Sami Mokaddem] Can be extended by other modules - [workflowModule:attach_enrichment] That attaches enrichment entries to the enriched attributes. [Sami Mokaddem] - [correlation] Do not correlate over correlating value again for full correlation. [Jakub Onderka] Should help with #8685 - [internal] Add support for simdjson extension. [Jakub Onderka] - [freetext] Try to parse input as JSON. [Jakub Onderka] - [freetext] Fetch security vendor domains from warninglist. [Jakub Onderka] - [freetext] Remove to_ids from ComplexTypeTool. [Jakub Onderka] - [tools:misp-zmq] Added subscriber blueprint. [Sami Mokaddem] - [workflow:execute_module] Allow to ignore format conversion before executing module. [Sami Mokaddem] - [triggers:event_after_save_new] Added 2 new triggers for new events and new events from pull. [Sami Mokaddem] - [redis] Add support for dragonfly redis replacement. [Jakub Onderka] - [UI] Show warning if user don't have permission to use API. [Jakub Onderka] - [UI] Allow to disable PGP key fetching. [Jakub Onderka] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [warning-list] updated. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] many updates including new MITRE ATT&CK changes. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-workflow-blueprints] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [helper:acl] Removed unused function. [Sami Mokaddem] - [CLI] new functions documented on the automation page. [iglocska] - [internal] Update warninglist cache just when it is necessary. [Jakub Onderka] - [PyMISP] Bump. [Raphaël Vinot] - [oidc] Create new org by SYSTEM user. [Jakub Onderka] - [sync] Remove empty events from pull. [Jakub Onderka] - [internal] Faster fetching event index. [Jakub Onderka] - [API] Throw exception if invalid ID provided. [Jakub Onderka] - [internal] Use subquery to sighting fetching. [Jakub Onderka] - [sync] Use new sighting pull for new MISP instances. [Jakub Onderka] - [sighting] Include organisation in rest response. [Jakub Onderka] - [sightings] Optimised fetching. [Jakub Onderka] - [api] Allow to include uuids to sighting. [Jakub Onderka] - [sync] New way how to pull sightings. [Jakub Onderka] - [internal] Optimise sighting rest search. [Jakub Onderka] - [internal] Add logging for galaxy cluster sync. [Jakub Onderka] - [misp-workflow-blueprints] updated to the latest version. [Alexandre Dulaunoy] - [internal] Store taxonomy in cache compressed. [Jakub Onderka] - [internal] Move module perms to one place. [Jakub Onderka] - [acl] Use ACL methods for checks. [Jakub Onderka] - [acl] Move tags ACL check to one place. [Jakub Onderka] - [css] put enrich box higher on the screen. [Alexandre Dulaunoy] - [UI] Allow event mass export for all events. [Jakub Onderka] - [PyMISP] updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [acl] Use Acl::canAccess. [Jakub Onderka] - [acl] Move org index access to ACLComponent. [Jakub Onderka] - [acl] Use Acl::canAccess. [Jakub Onderka] - [internal] Put most used controller component to defined variables. [Jakub Onderka] - [acl] Simplify acl checking for side menu. [Jakub Onderka] - [acl] User standard ACL check for event index table. [Jakub Onderka] - [acl] Fetch host_org_id just once. [Jakub Onderka] - [API] For warninglist index returns all warninglists. [Jakub Onderka] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [correlation] Do not try to unblock value if doing full correlation. [Jakub Onderka] - [internal] Micro optimisation. [Jakub Onderka] - [correlation] Check attribute ID in SQL request. [Jakub Onderka] - [correlation] Move fetching object later in code. [Jakub Onderka] - [internal] Cleanup code for JSON decoding. [Jakub Onderka] - [internal] Normalize user fetching for admins. [Jakub Onderka] - [internal] Use readJsonFromFile. [Jakub Onderka] - [internal] Be sure that authorizedIds methods returns int. [Jakub Onderka] - [intetrnal] Cleanup code for User::getUsersWithAccess. [Jakub Onderka] - [internal] Cleanup code for User::beforeSave. [Jakub Onderka] - [workflowModule:baseModule] Added helper function to collect matching elements. [Sami Mokaddem] - [workflowModules:enrich-event] Sort list of modules. [Sami Mokaddem] - [UI] Cleanup code for widgets. [Jakub Onderka] - [security] Mark Ubuntu 21.10 as not supported. [Jakub Onderka] - [internal] Delete attribute code cleanup. [Jakub Onderka] - [internal] Use JsonTool more often vol. 2. [Jakub Onderka] - [attribute] Better ssdeep validation. [Jakub Onderka] - [internal] Use JsonTool more often. [Jakub Onderka] - [freetext] Optimise parsing. [Jakub Onderka] - [internal] Speedup saving attributes when workflow is disabled. [Jakub Onderka] - [warninglist] Load warninglist from Redis for TLDs and security vendors. [Jakub Onderka] - [internal] Simplify add workflow. [Jakub Onderka] - [api] Better specify what `last` attribute means. [Jakub Onderka] - [trigger:enrichment-before-query] Include module being queried in triggerData. [Sami Mokaddem] - [js:event-graph] Possibility to removes leaves from the graph. [Sami Mokaddem] - [tool:evengraph] Include relationships when using pivot key. [Sami Mokaddem] - [trigger:event-after-save-new-from-pull] Include pass-along pulling server. [Sami Mokaddem] - [api] Return REST responses for modifyTagRelationship. [Jakub Onderka] - [workflows:triggers] Added filtering capability on the index. [Sami Mokaddem] - [logs:index] Allow to filter based on the created field in the UI. [Sami Mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [correlation] Optimise saving object timestamp. [Jakub Onderka] - [jobs] Small cleanup. [Jakub Onderka] - [internal] Use specific controller version of jsonDecode. [Jakub Onderka] - [events:attributeToolbar] Bulk relationship add shows details of selected object. [Sami Mokaddem] - [jobs] Store job data in Redis when SimpleBackgroundJobs are enabled. [Jakub Onderka] Will help to solve #8616 - [events:attributeToolbar] Added bulk relationship add. [Sami Mokaddem] - [redis] Raise default count for deleteKeysByPattern method. [Jakub Onderka] - [internal] Cleanup Redis code. [Jakub Onderka] - [internal] More clear method name. [Jakub Onderka] - [internal] Use short isset. [Jakub Onderka] - [internal] Cleanup for RateLimitComponent. [Jakub Onderka] - [redis] Use redis serializer for storing dashboard cache. [Jakub Onderka] - [events:attributeToolbar] Added bulk local tagging. [Sami Mokaddem] Fix ~~~ - [typo] fixed after crash. [iglocska] - [eventreports] edit ACL lookup fixed. [iglocska] - [tags] index search fixed. [iglocska] - not passing name, filter, search all together would lead to the search not working - [acl] Added missing entry about eventReport. [Sami Mokaddem] - [sync] Remove events without sightings from pull. [Jakub Onderka] - [sync] Do not push galaxy cluster to events that should not be pushed. [Jakub Onderka] - [acl] Add event to template when adding shadow attribute. [Jakub Onderka] - [UI] Show checkbox for events to all users to allow mass export. [Jakub Onderka] - [view] Remove unused variable. [Jakub Onderka] - [template] Remove unused template. [Jakub Onderka] - [UI] Cleanup for reference bulk add. [Jakub Onderka] - [UI] Statistics EventTag call. [Jakub Onderka] - [oidc] Allow to check all users. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [test] Debug failing test. [Jakub Onderka] - [sighting] Return just requested sighting. [Jakub Onderka] - [statistics] do not divide correlation count by 2 - no longer needed. [Andras Iklody] We're only storing 1 row / correlation since the engine rework - As reported by @github-germ - [sync] Do not try to push no clusters to remote server. [Jakub Onderka] - [internal] Server push logging. [Jakub Onderka] - [backgroundJobs] Added default fallback for settings & Use proper filepath when Redis not enabled. [Sami Mokaddem] - [internal] Tag `misp-galaxy:rsit="Information Gathering:Scanning"` was considered as invalid. [Jakub Onderka] - [test] Try to debug why tests sometimes fail. [Jakub Onderka] - [internal] AppController cleanup. [Jakub Onderka] - [acl] Only site admin can call server pull/push. [Jakub Onderka] - [idTranslator] Show error when remote event not found. [Jakub Onderka] - [acl] Event graph. [Jakub Onderka] - [api] Remove user_id from extensionEvents JSON export. [Jakub Onderka] - [internal] Remove unused controller method. [Jakub Onderka] - [security] Permission for tag collections. [Jakub Onderka] - [internal] Typo in attribute controller. [Jakub Onderka] - [acl] Extended event UI permission. [Jakub Onderka] - [UI] Undefined index. [Jakub Onderka] - [UI] Undefined variable. [Jakub Onderka] - [UI] Undefined index. [Jakub Onderka] - [acl] Correlation can disable user that can modify event. [Jakub Onderka] - [correlation] Delete correlations when deleting event. [Jakub Onderka] - [UI] Fetching attribute info with Event.user_id. [Jakub Onderka] - [UI] Undefined index. [Jakub Onderka] - [security] Check user permission when attaching clusters. [Jakub Onderka] - [acl] Remove duplicate acl definition. [Jakub Onderka] - [acl] User standard acl checking. [Jakub Onderka] - [test] Show debug output for warninglist. [Jakub Onderka] - [correlation] Convert to int. [Jakub Onderka] - [correlation] Use int type for value_id. [Jakub Onderka] - [correlation] Do not ublock not blocked value. [Jakub Onderka] - [internal] Remove unused model SharingGroupElement. [Jakub Onderka] - [internal] Cleanup code for UserController. [Jakub Onderka] - [internal] Cleanup controller code. [Jakub Onderka] - [internal] Cleanup code for tag controller. [Jakub Onderka] - [templates] Use $hostOrgUser variable. [Jakub Onderka] - [ACL] Permissions for feeds. [Jakub Onderka] - [internal] Use standardized API for event unpublishing. [Jakub Onderka] - [correlation] Fix over correlating value. [Jakub Onderka] - [widgets] Fix some widgets. [Jakub Onderka] - [UI] Nicer view for workflow blueprints index. [Jakub Onderka] - [workflow] Importing blueprints. [Jakub Onderka] - [workflow] Menu links. [Jakub Onderka] - [workflow] Basic cleanup. [Jakub Onderka] - [notification] Do not send email when no new event for period. [Jakub Onderka] - [workflow] Correctly check if workflow is enabled. [Jakub Onderka] - [workflow:formatConverter] Typo in condition leading to ignore attribute tags if event tags were missing. [Sami Mokaddem] - [attribute:hvoerEnrichment] Include even tags. [Sami Mokaddem] - [UI] Undefined index attribute_tag_id. [Jakub Onderka] - [UI] Reload just tags part when modifying tag relationship. [Jakub Onderka] - [UI] Submit form on CTRL+ENTER on select. [Jakub Onderka] - [internal] Less fragile event unpublishing. [Jakub Onderka] - [internal] Lock prefix. [Jakub Onderka] - [feed] Missing to_ids for freetext feed. [Jakub Onderka] - [redis] Delete also misp:wlc:* keys. [Jakub Onderka] - [jobs] Correctly handle incorrectly configured simple background jobs. [Jakub Onderka] - [logging] Don't try to push syslog messages when no valid log entry was created in the first place. [iglocska] - [workflowModule:webhook] FIxed typo on parameter type. [Sami Mokaddem] - [workflow:getUserForWorkflow] Forgotten return statement for one conditional branch. [Sami Mokaddem] - [redis] Delete all keys by pattern. [Jakub Onderka] - [internal] Check if user is logged after checking if it is ajax request. [Jakub Onderka] - [UI] Do not show publish checkbox when importing MISP event for user without permission. [Jakub Onderka] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8743 from CriimBow/fix-typo-exists. [Andras Iklody] fix: typo in exists (does not exists => does not exist) - Does not exists => does not exist. [CriimBow] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8737 from JakubOnderka/sync-sighting-fetched. [Jakub Onderka] fix: [sync] Remove events without sightings from pull - Merge pull request #8735 from JakubOnderka/galaxy-cluster-push. [Jakub Onderka] fix: [sync] Do not push galaxy cluster to events that should not be p… - Merge pull request #8702 from JakubOnderka/acl-helper-vol2. [Jakub Onderka] Acl helper vol2 - Merge pull request #8441 from JakubOnderka/server-push-details. [Jakub Onderka] new: [UI] Show servers where event will be pushed - Merge pull request #8670 from JakubOnderka/reference-bulk-add-cleanup. [Jakub Onderka] fix: [UI] Cleanup for reference bulk add - Merge pull request #8734 from JakubOnderka/fix-undefined. [Jakub Onderka] fix: [UI] Statistics EventTag call - Merge pull request #8345 from JakubOnderka/oidc-org-uuid. [Jakub Onderka] new: [oidc] Allow to create new org with defined UUID - Merge pull request #8719 from JakubOnderka/pull-remove-empty-events. [Jakub Onderka] chg: [sync] Remove empty events from pull - Merge pull request #8731 from JakubOnderka/debug-failing. [Jakub Onderka] fix: [test] Debug failing test - Merge pull request #8720 from JakubOnderka/sightings-rest-search. [Jakub Onderka] Sightings rest search - Merge pull request #8729 from JakubOnderka/sighting-restsearch- security-vol2. [Jakub Onderka] new: [test] Check sighting rest search ACL vol. 2 - Merge pull request #8727 from JakubOnderka/cluster-sync-logging. [Jakub Onderka] chg: [internal] Add logging for galaxy cluster sync - Merge pull request #8728 from JakubOnderka/sighting-restsearch- security. [Jakub Onderka] new: [test] Check sighting rest search ACL - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8726 from JakubOnderka/fix-tag-regexp. [Jakub Onderka] fix: [internal] Tag `misp-galaxy:rsit="Information Gathering:Scanning… - Merge pull request #8724 from JakubOnderka/redis-compression. [Jakub Onderka] new: [redis] Store some data in Redis compressed to save memory - Merge pull request #8723 from JakubOnderka/controller. [Jakub Onderka] fix: [internal] AppController cleanup - Merge pull request #8722 from JakubOnderka/feed-compression. [Jakub Onderka] new: [feed] Store freetext feed compressed in cache - Merge pull request #8713 from JakubOnderka/tags-acl. [Jakub Onderka] chg: [acl] Move tags ACL check to one place - Merge branch 'szopin-patch-2' into develop. [Alexandre Dulaunoy] - Merge branch 'patch-2' of https://github.com/szopin/MISP into szopin- patch-2. [Alexandre Dulaunoy] - Set max-height to allow generating scrollbars on overflow. [szopin] With this the confirmation_box uses the whole available space for content and generates scrollbar when exceeded (fixes #4307) - Merge pull request #8712 from JakubOnderka/event-mass-export. [Jakub Onderka] chg: [UI] Allow event mass export for all events - Merge pull request #8710 from JakubOnderka/event-graph-acl. [Jakub Onderka] fix: [acl] Event graph - Merge pull request #8706 from JakubOnderka/tag-collection-permission. [Jakub Onderka] fix: [security] Permission for tag collections - Merge pull request #8705 from JakubOnderka/fix-acl-vol3. [Jakub Onderka] Fix acl vol3 - Merge pull request #8696 from JakubOnderka/delete-correlations. [Jakub Onderka] fix: [correlation] Delete correlations when deleting event - Merge pull request #8704 from JakubOnderka/fix-acl-cluster-attach. [Jakub Onderka] fix: [security] Check user permission when attaching clusters - Merge pull request #8697 from JakubOnderka/acl-helper. [Jakub Onderka] Acl helper - Merge pull request #8699 from JakubOnderka/warninglist-debug. [Jakub Onderka] fix: [test] Show debug output for warninglist - Merge pull request #8693 from JakubOnderka/over-correlating-fix. [Jakub Onderka] Over correlating fix - Merge pull request #8695 from JakubOnderka/user-organisations. [Jakub Onderka] User organisations - Merge pull request #8694 from JakubOnderka/unpublish. [Jakub Onderka] fix: [internal] Use standardized API for event unpublishing - Merge pull request #8692 from JakubOnderka/over-correlating-fix. [Jakub Onderka] fix: [correlation] Fix over correlating value - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8688 from JakubOnderka/widget-ui. [Jakub Onderka] chg: [UI] Cleanup code for widgets - Merge pull request #8689 from JakubOnderka/security-audit. [Jakub Onderka] chg: [security] Mark Ubuntu 21.10 as not supported - Merge pull request #8687 from JakubOnderka/full-correlation. [Jakub Onderka] new: [correlation] Do not correlate over correlating value again - Merge pull request #8684 from JakubOnderka/attribute-delete-cleanup. [Jakub Onderka] chg: [internal] Delete attribute code cleanup - Merge pull request #8683 from JakubOnderka/use-jsontool-vol2. [Jakub Onderka] chg: [internal] Use JsonTool more often vol. 2 - Merge pull request #8682 from JakubOnderka/better-ssdeep-validation. [Jakub Onderka] chg: [attribute] Better ssdeep validation - Merge pull request #8680 from JakubOnderka/use-jsontool. [Jakub Onderka] Use JsonTool more often - Merge pull request #8679 from JakubOnderka/freetext-optim. [Jakub Onderka] chg: [freetext] Optimise parsing - Merge pull request #8653 from JakubOnderka/workflow-fixes. [Jakub Onderka] fix: [workflow] Basic cleanup - Merge pull request #8646 from JakubOnderka/periodic-summary-empty. [Jakub Onderka] fix: [notification] Do not send email when no new event for period - Merge pull request #8678 from JakubOnderka/simdjson. [Jakub Onderka] new: [internal] Add support for simdjson extension - Merge pull request #8677 from JakubOnderka/freetext-json. [Jakub Onderka] new: [freetext] Try to parse input as JSON - Merge pull request #8676 from JakubOnderka/security-domains-freetext. [Jakub Onderka] Security domains freetext - Merge pull request #8674 from JakubOnderka/simplify-workflow-code. [Jakub Onderka] Simplify workflow code - Merge pull request #8672 from JakubOnderka/search-last-specify. [Jakub Onderka] chg: [api] Better specify what `last` attribute means - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8668 from JakubOnderka/ctrl-enter-submit. [Jakub Onderka] fix: [UI] Submit form on CTRL+ENTER on select - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8664 from JakubOnderka/event-unpublish. [Jakub Onderka] fix: [internal] Less fragile event unpublishing - Merge pull request #8661 from JakubOnderka/fix-lock-prefix. [Jakub Onderka] fix: [internal] Lock prefix - Merge pull request #8662 from JakubOnderka/missing-to-ids. [Jakub Onderka] fix: [feed] Missing to_ids for freetext feed - Merge pull request #8663 from JakubOnderka/fix-delete-wlc. [Jakub Onderka] fix: [redis] Delete also misp:wlc:* keys - Merge pull request #8659 from JakubOnderka/jobs-small-fixes. [Jakub Onderka] fix: [jobs] Correctly handle incorrectly configured simple background jobs - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8656 from JakubOnderka/jobs-small-fixes. [Jakub Onderka] chg: [jobs] Small cleanup - Merge pull request #8654 from JakubOnderka/controller-json-decode. [Jakub Onderka] chg: [internal] Use specific controller version of jsonDecode - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8651 from JakubOnderka/save-jobs-file-in-redis. [Jakub Onderka] chg: [jobs] Store job data in Redis when SimpleBackgroundJobs are enabled - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8649 from JakubOnderka/dragonfly-support. [Jakub Onderka] new: [redis] Add support for dragonfly redis replacement - Merge pull request #8647 from JakubOnderka/api-warning. [Jakub Onderka] new: [UI] Show warning if user don't have permission to use API - Merge pull request #8648 from JakubOnderka/add-misp-export-publish. [Jakub Onderka] fix: [UI] Do not show publish checkbox when importing MISP event for user without permission - Merge pull request #8518 from JakubOnderka/disable-key-fetching. [Jakub Onderka] new: [UI] Allow to disable PGP key fetching v2.4.164 (2022-10-06) --------------------- New ~~~ - [attachment] Try to recognize extension if not provided. [Jakub Onderka] - [test] Check object correlation. [Jakub Onderka] - [UI] Use cached timestamps for JS and CSS when enabled. [Jakub Onderka] - [tag] relationships added. [iglocska] - add a relationship to any attributeTag / eventTag relationship - works for both clusters and tags - displayed on the event index/view - included in the API - new endpoint to modify the relationship via /tags/modifyTagRelationship/[scope]/[id] - scope is attribute/event - id is the id of the EventTag / AttributeTag object - [galaxyCluster:restSearch] Allow filtering by elements. [Sami Mokaddem] - [user:periodic_report] Added security recommendations section showing course of actions related to attack techniques. [Sami Mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - Do not ask users for pass change if custom_auth is required via external auth header. [Luciano Righetti] - Bumped db schema. [Sami Mokaddem] - [attribute] By default disable correlation for image attachments. [Jakub Onderka] - FORCE index hint instead of USE see #8633. [Luciano Righetti] - [workflowModule:tag_operation] Added support of `local` and `relationship` [Sami Mokaddem] - [tag:attach/detach] Added support of relationship and locality. [Sami Mokaddem] - [workflow:debugging] Improved debugging for init endpoint. [Sami Mokaddem] - [galaxyCluster:restSearch] Allow multiple filtering conditions to be used at once. [Sami Mokaddem] - [PyMISP] Bump. [Raphaël Vinot] - [ACL] added modifyTagRelationship. [iglocska] - [internal] Preload more scripts and styles. [Jakub Onderka] - [UI] Move misp-touch.js to footer. [Jakub Onderka] - [UI] Define preload for some scripts and styles. [Jakub Onderka] - [UI] Better description for change password form. [Jakub Onderka] - [UI] Do not show comment if not defined. [Jakub Onderka] - [internal] New method RedisTool::unlink. [Jakub Onderka] - [internal] Optimise deleting keys from Redis. [Jakub Onderka] - [event-graph] Added entity comment in the graph as tooltip and support of comment in searches. [Sami Mokaddem] Fix ~~~ - Cs. [Luciano Righetti] - Check for both rest and non rest requests. [Luciano Righetti] - [attributeTag:handleTag] Typo in argument positioning. [Sami Mokaddem] - [UI] Use 'application/octet-stream' as mime type for unknown file. [Jakub Onderka] - [correlations] NoAclCorrelation works again even for object attributes. [Jakub Onderka] - [workflow:editor] Added support of `display_on` for other html element. [Sami Mokaddem] - [cluster relationship] fetch for index. [iglocska] - [relationship_type] field made nullable. [iglocska] - [UI] Undefined variable: tabs. [Jakub Onderka] - [UI] Notification template. [Jakub Onderka] - [UI] Notification count undefined index. [Jakub Onderka] - [user:periodic_notification] Restored missing DIV. [Sami Mokaddem] - [user:periodic_notification] Replace splice by slice to preserver indexes. [Sami Mokaddem] - [export:context] Display matrix even when its heatmap is empty. [Sami Mokaddem] - [notice] undefined index is_galaxy. [Luciano Righetti] - [fetchFeed] Set CurrentUserId in fetchFeed. [Benni0] Currently the CurrentUserId is not set, when fetchFeed is called, which results in an exception in the Event->publish() function. - [export] Skip empty objects. [Jakub Onderka] - [schema] null string suggested for nullable default. [Luciano Righetti] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8640 from righel/no-change-pwd-custom-auth. [Luciano Righetti] chg: do not ask users for pass change if custom_auth is required via … - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8638 from JakubOnderka/unknown-type. [Jakub Onderka] Unknown type - Merge pull request #8641 from JakubOnderka/fix-object-noacl. [Jakub Onderka] new: [test] Check object correlation - Security: [user] Fixing disclosure of roles name to non-site admin users and ensure user edit applies the restricted_to_site_admin option. [Sami Mokaddem] This vulnerability with a default MISP installation without additional roles is disclosing list of role name which were restricted to the site admin. This commit fixes this disclosure vulnerability. In addition for MISP installation with custom roles, an org admin user could create a user assigned to new custom roles which were restricted to site admin. This could lead to the access of complementary permissions (except site admin, org admin and sync actions). - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8637 from righel/force-index-hint. [Luciano Righetti] chg: FORCE index hint instead of USE see #8633 - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'tag_relationships' into develop. [iglocska] - Merge branch 'develop' into tag_relationships. [iglocska] - Merge pull request #8320 from JakubOnderka/asset-loader-immutable. [Jakub Onderka] new: [UI] Use cached timestamps for JS and CSS when enabled - Merge pull request #8405 from JakubOnderka/ui-fixes-vol2. [Jakub Onderka] chg: [UI] Do not show comment if not defined - Merge pull request #8634 from JakubOnderka/redis-unlink-v2. [Jakub Onderka] chg: [internal] New method RedisTool::unlink - Merge pull request #8632 from JakubOnderka/redis-unlink. [Jakub Onderka] chg: [internal] Optimise deleting keys from Redis - Merge pull request #8631 from JakubOnderka/fix-notification-template. [Jakub Onderka] fix: [UI] Notification template - Merge pull request #8625 from JakubOnderka/notification-attack-count. [Jakub Onderka] fix: [UI] Notification count undefined index - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8583 from Benni0/fix_userId. [Luciano Righetti] fix: [fetchFeed] Set CurrentUserId in fetchFeed - Merge pull request #8617 from JakubOnderka/fix-nids-export. [Jakub Onderka] fix: [export] Skip empty objects - Merge pull request #8618 from righel/fix-default-null-db-diagnostics. [Luciano Righetti] fix: [schema] null string suggested for nullable defaults v2.4.163 (2022-09-26) --------------------- New ~~~ - [user:periodic_notification] Added option to set the number of period for trending. [Sami Mokaddem] - [CLI] Option to fetch remote server index. [Jakub Onderka] - [internal] RedisTool. [Jakub Onderka] - [sync] Event index cache. [Jakub Onderka] - [periodic_notification] Added support of new correlation. [Sami Mokaddem] A correlation is considered as "new" if the event published during the considered timeframe has a correlating attribute that has been modified since then. - [test] test_correlations_noacl. [Jakub Onderka] Changes ~~~~~~~ - [misp-stix] Bumped latest version. [Christian Studer] - [version] bump. [iglocska] - Typo. [Luciano Righetti] - Update openapi desc. [Luciano Righetti] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [peridioc_notification] Small UI improvement for email rendering. [Sami Mokaddem] - [periodic_notification] Only show top 10 mitre attack techniques. [Sami Mokaddem] - [periodic_notification] Small UI improvements. [Sami Mokaddem] - [period_notification] Improved layout and limit number of events displayed. [Sami Mokaddem] - [periodic_notification] Improved layout and added heatbar. [Sami Mokaddem] - [periodic_summary] Only show data in chart for tags having changes over time. [Sami Mokaddem] - [peridioc_notification] Compute event score instead of event base_score taking into account publish_timestamp. [Sami Mokaddem] - [periodic_notification] Generate tag trendings for mitre ATTACK if none are provided. [Sami Mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [schema] Add missing index for object_template_elements:object_template_id column. [Jakub Onderka] - [internal] Code cleanup for object edit. [Jakub Onderka] - [UI] Add object reference cleanup. [Jakub Onderka] - [internal] Mark AppModel::convert_to_memory_limit_to_mb method as protected. [Jakub Onderka] - [UI] Scroll to object if not visible after adding attribute. [Jakub Onderka] - [internal] Speedup checking valid object for attributes. [Jakub Onderka] - [internal] Faster fetching object templates for merging. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated. [Alexandre Dulaunoy] - [community-metadata] clarify NATO process. [Christophe Vandeplas] - [validation] Check if ssdeep contain newline character. [Jakub Onderka] - [internal] Mark some AppModel methods as private. [Jakub Onderka] - [internal] Remove unused method Attribute::rpz. [Jakub Onderka] - [internal] Move AUTOMATION_ARRAY definition to IndexFilterComponent. [Jakub Onderka] - [internal] Remove unused method Attribute::bro. [Jakub Onderka] - [internal] Remove unused method Attribute::text. [Jakub Onderka] - [internal] Remove unused method Attribute::hids. [Jakub Onderka] - [internal] Mark NidsExport class as abstract. [Jakub Onderka] - [internal] Remove unused method Attribute::nids. [Jakub Onderka] - [periodic_notification] Sort Mitre Attack technique by occurence. [Sami Mokaddem] - [event:trendForTags] Filter out events having old modification compared to their publish_timestamp. [Sami Mokaddem] - [periodic_notification.trending_tags] Improved view to support variables number of periods. [Sami Mokaddem] - [l10n] Make export choices l10n. [Jakub Onderka] - [correlations] Attach correlation exclusion just for correlating attributes. [Jakub Onderka] - [UI] Change Published to icon in event index. [Jakub Onderka] - [internal] Add decaying model cache. [Jakub Onderka] - [internal] Do not fetch scores when not necessary. [Jakub Onderka] - [internal] Change method name User::{extractPeriodicSettingForUser->fetchPeriodicSettingForUser} [Jakub Onderka] - [internal] Reduce number of SQL queries when fetching taxonomy and galaxies in context export. [Jakub Onderka] - [internal] Store warninglist cache in more efficient format. [Jakub Onderka] - [internal] Use more specific Redis command. [Jakub Onderka] - [internal] Convert to const. [Jakub Onderka] - [attribute:beforeDelete] Replaced this->read by this->find. [Sami Mokaddem] - [periodic_notification] Different rendering for new correlation depending on the amount. [Sami Mokaddem] - [periodic_notification] Added published keyword to the overview table. [Sami Mokaddem] - [UI] Update jQuery to 3.6.1. [Jakub Onderka] - [peridioc_notification] Small UI improvement for email rendering. [Sami Mokaddem] - [periodic_notification] Small UI improvements. [Sami Mokaddem] - [period_notification] Improved layout and limit number of events displayed. [Sami Mokaddem] - [periodic_notification] Improved layout and added heatbar. [Sami Mokaddem] - [periodic_summary] Only show data in chart for tags having changes over time. [Sami Mokaddem] - [periodic_notification] Only show top 10 mitre attack techniques. [Sami Mokaddem] - [peridioc_notification] Compute event score instead of event base_score taking into account publish_timestamp. [Sami Mokaddem] - [UI] Add page title for galaxy cluster view. [Jakub Onderka] - [CLI] Do not call ConfigLoad twice. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [correlation] Do not delete over correlation if no correlation found. [Jakub Onderka] - [internal] Optimise CorrelationValue. [Jakub Onderka] - [correlation] Optimise NoAcl correlations. [Jakub Onderka] - [correlations] Optimise fetching limit. [Jakub Onderka] - [correlations] Skip correlations for float attribute type. [Jakub Onderka] - [correlation] Faster saving correlations. [Jakub Onderka] - [periodic_notification] Generate tag trendings for mitre ATTACK if none are provided. [Sami Mokaddem] Fix ~~~ - [notification_common] speculative fix. [iglocska] - Fixed events and target event id not properly set. [Luciano Righetti] - [serverShell:sendPeriodicSummaryToUsers] Typo in periods. [Sami Mokaddem] - [user:extractPeriodicSummary] Fallback default values for periodic settings. [Sami Mokaddem] - [UI] Template for group attributes into object. [Jakub Onderka] - [internal] Undefined index sharing_group_id. [Jakub Onderka] - [UI] Better error message for error AJAX message. [Jakub Onderka] - [internal] Updating object templates. [Jakub Onderka] - [internal] Throw exception when trying import invalid taxonomy. [Jakub Onderka] - [user] removes autocomplete on admin user pages, fixes #8556. [Christophe Vandeplas] - [user:periodic_notification] Fixed typo. [Sami Mokaddem] - [UI] Round percentage change in periodic summary. [Jakub Onderka] - [internal] Fix typo. [Jakub Onderka] - [UI] Trending tags missing key. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - Fixed events and target event id not properly set. [Luciano Righetti] - [periodic summary] Fetch just users from database that are enabled. [Jakub Onderka] - [internal] Speedup fetching clusters. [Jakub Onderka] - [internal] Use cache when fetching sharing group for galaxy clusters. [Jakub Onderka] - [internal] Do not fetch full cluster for context export. [Jakub Onderka] - [UI] Notification settings. [Jakub Onderka] - [internal] Refresh session after notification change. [Jakub Onderka] - [internal] Extracting periodic setting for user. [Jakub Onderka] - [internal] Do not fetch full clusters for periodic summary. [Jakub Onderka] - [internal] Undefined index. [Jakub Onderka] - [UI] Number of attack techniques in summary. [Jakub Onderka] - [internal] Cleanup code for context exporter. [Jakub Onderka] - [UI] Periodic summary. [Jakub Onderka] - [internal] Flush just necessary data. [Jakub Onderka] - [internal] PHP comments. [Jakub Onderka] - [internal] Use Redis serializer to more places. [Jakub Onderka] - [sync] Log when the request started. [Jakub Onderka] - [correlations] Do not fetch unnecessary data. [Jakub Onderka] - [internal] Optimise fetching related attributes. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [UI] Correlation for attributes. [Jakub Onderka] - [UI] Show active tab for over correlations. [Jakub Onderka] - [correlation] Smarter count OverCorrelating values. [Jakub Onderka] - [internal] Respect `Security.hide_organisation_index_from_users` setting. [Jakub Onderka] - [internal] Remove unused code. [Jakub Onderka] - [periodic_notification] Includes correlations for ObjectAttribute. [Sami Mokaddem] - [attribute:fetchAttributes] Respect the passed `deleted` option. [Sami Mokaddem] - [events:attribute_table] Keep objectAttributes matching the filtering query in the result set. [Sami Mokaddem] - [user:periodic_notification] Show the correct start date of the report. [Sami Mokaddem] - [internal] Attach correlation exclusion just when correlations are requested. [Jakub Onderka] - [workflow:editor] Gracefully catch case when trying to access an unknown module id. [Sami Mokaddem] - [UI] Handling non exists user setting. [Jakub Onderka] - [attribute:generateCorrelation] No division by zero. [Sami Mokaddem] Potentially fix #8562 - [serverShell:sendPeriodicSummaryToUsers] Typo in periods. [Sami Mokaddem] - [user:extractPeriodicSummary] Fallback default values for periodic settings. [Sami Mokaddem] - [correlation] Undefined index for long values. [Jakub Onderka] - [CLI] Initialize config before loading models. [Jakub Onderka] - [correlation] Fix correlation skipping when doing full correlation. [Jakub Onderka] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Christian Studer] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8602 from szopin/patch-1. [Jakub Onderka] Redact sensitive settings - Redact sensitive settings. [szopin] Proxy password, ZeroMQ password and ZeroMQ redis password were not redacted as all other password fields - Merge pull request #8584 from righel/update-openapi-desc. [Luciano Righetti] chg: update openapi desc - Merge pull request #8611 from JakubOnderka/attribute-merging. [Jakub Onderka] chg: [internal] Faster fetching object templates for merging - Merge pull request #8614 from JakubOnderka/taxonomy-import-error- handling. [Jakub Onderka] fix: [internal] Throw exception when trying import invalid taxonomy - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8601 from JakubOnderka/code-style. [Jakub Onderka] fix: [internal] Code style - Merge pull request #8612 from JakubOnderka/ssdeep-validation. [Jakub Onderka] chg: [validation] Check if ssdeep contain newline character - Merge pull request #8608 from JakubOnderka/nids-cleanup. [Jakub Onderka] Nids cleanup - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8607 from JakubOnderka/export-choices-l10n. [Jakub Onderka] chg: [l10n] Make export choices l10n - Merge pull request #8599 from JakubOnderka/ui-event-index. [Jakub Onderka] chg: [UI] Change Published to icon in event index - Merge pull request #8600 from JakubOnderka/periodic-summary-task. [Jakub Onderka] fix: [periodic summary] Fetch just users from database that are enabled - Merge pull request #8597 from JakubOnderka/periodic-summary-optim. [Jakub Onderka] Periodic summary optim - Merge pull request #8593 from JakubOnderka/fix-periodic-extract. [Jakub Onderka] fix: [internal] Extracting periodic setting for user - Merge pull request #8592 from JakubOnderka/context-export-cleanup. [Jakub Onderka] fix: [internal] Cleanup code for context exporter - Merge pull request #8596 from JakubOnderka/ui-periodic-summary. [Jakub Onderka] fix: [UI] Periodic summary - Merge pull request #8489 from JakubOnderka/event-index-cache. [Jakub Onderka] new: [sync] Event index cache - Merge pull request #8577 from JakubOnderka/correlation-fixes. [Jakub Onderka] Correlation fixes - Merge pull request #8591 from JakubOnderka/fix-hide-orgs. [Jakub Onderka] fix: [internal] Respect `Security.hide_organisation_index_from_users`… - Merge pull request #8590 from JakubOnderka/remove-unused. [Jakub Onderka] fix: [internal] Remove unused code - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8580 from JakubOnderka/jquery-update. [Jakub Onderka] chg: [UI] Update jQuery to 3.6.1 - Merge pull request #8582 from JakubOnderka/event-fetch-speedup. [Jakub Onderka] fix: [internal] Attach correlation exclusion just when correlations a… - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8517 from JakubOnderka/fix-get-user-setting. [Jakub Onderka] fix: [UI] Handling non exists user setting - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8571 from JakubOnderka/galaxy-cluster-title. [Jakub Onderka] chg: [UI] Add page title for galaxy cluster view - Merge pull request #8572 from JakubOnderka/correlation-value- transaction. [Jakub Onderka] chg: [correlation] Faster saving correlations v2.4.162 (2022-09-09) --------------------- New ~~~ - [workflow:baseModule] Added diagnostic support and support of arbitrary URL for webhook module. [Sami Mokaddem] - [workflows:execute_module] Added stateless node execution. [Sami Mokaddem] - [event:trendsForTags] Added feature to generate trends based on tags for the provided event filters. [Sami Mokaddem] - [decayingModel] Added possibility to attach base scores to events. [Sami Mokaddem] - [user:periodicNotification] Started development of system allowing users to receive period notifications by email. [Sami Mokaddem] - [internal] Experimental MysqlExtended driver. [Jakub Onderka] - [workflow-module:ms_teams_webhook] Added new MS teams module based on the webhook module. [Sami Mokaddem] - [workflowModule:send_email] To allow sending an email to a list of users. [Sami Mokaddem] The module requires the `jinja_template_rendering` module in misp-module to work correctly - [workflowBaseModule] Allow jinja template rendering using misp-module. [Sami Mokaddem] - [sync] Allow option to delete tags on event sync prior to soft-delete tag implementation. [Tom King] Changes ~~~~~~~ - [PyMISP] Bump & fix test. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [PyMISP] Bump, take 2. [Raphaël Vinot] - [users:edit] Added support of notification_* [Sami Mokaddem] - [workflowModules:distribution_if] Added support of sharing_group. [Sami Mokaddem] - [workflows:index] Small UI improvements. [Sami Mokaddem] - [genericElements:genericForm] Added option `no_submit` to not display a submit button. [Sami Mokaddem] - [workflows:editor] Added possibility to show/hide node parameters based on the value of others. [Sami Mokaddem] - [periodic_notification] Always show event meta and include tags if applicable. [Sami Mokaddem] - [periodic_notification] Removed useless title. [Sami Mokaddem] - [module_view:context+markdown_context] Skip tags not belonging in a taxonomy. [Sami Mokaddem] - [user:periodicSummary] Pass more options to event fetcher. [Sami Mokaddem] - [periodic_notification] Improved layout. [Sami Mokaddem] - [periodic_notification] Improved trending chart layout. [Sami Mokaddem] - Bumped db_schema. [Sami Mokaddem] - [periodic_notification] Added css rule. [Sami Mokaddem] - [user:generatePeriodicSummary] Do not fetch event to compute trending twice. [Sami Mokaddem] - [periodic_notification] Improved report and parametrized tags for trending. [Sami Mokaddem] - [event:getTrendsForTags] Created TrendingTool to help generating trends. [Sami Mokaddem] - [periodic_notification:trending_summary] Improved layout and added linechart. [Sami Mokaddem] - [periodic_notification:common] Improved layout. [Sami Mokaddem] - [user:periodic_summary] Included trending based on tags. [Sami Mokaddem] - [user:saveNotificationSettings] Save tags setting as empty array if not provided. [Sami Mokaddem] - [module_views:context_view] Only display sections having data. [Sami Mokaddem] - [user:periodic_notification] Removed support of published events. [Sami Mokaddem] - [periodic_notification] Added support of base_score on events. [Sami Mokaddem] - [user:saveNotificationSettings] Make sure tags filter is a valid json. [Sami Mokaddem] - [side_menu] Added entry for periodic summary settings. [Sami Mokaddem] - [db_schema] Bumped schema db version. [Sami Mokaddem] - [db_schema] Bumped to include periodic notifications. [Sami Mokaddem] - [emails:periodic_notification_common] Added Creator org in the event list. [Sami Mokaddem] - [user:periodic_notification] Added support of multiple orgs and sharing groups. [Sami Mokaddem] - [genericForm:dropdown] Added support of chosen picker. [Sami Mokaddem] - [openapi] Added entry for `event_tags` parameter. [Sami Mokaddem] - [users] Removed useless constant. [Sami Mokaddem] - [automation] Added doc about setting up periodic notifications. [Sami Mokaddem] - [Event:restSearch] Added option `event_tags` to filter for eventTag only. [Sami Mokaddem] Previously, only the option `tag` was available forcing the filtering process to take into account attribute tags. - [periodic_notification] Improved event list display and flexibility. [Sami Mokaddem] - [user:periodic_notification] General improvements and added CLI support. [Sami Mokaddem] - [element:galaxy_matrix] Removed number of element in header. [Sami Mokaddem] - [export:context] Added support of `static` parameter to produce a static HTML output. [Sami Mokaddem] - [users:edit] Allow admins to edit periodic notification subscriptions. [Sami Mokaddem] - [user:periodic_notification] Added templates, basic statistics and UI integration. [Sami Mokaddem] - [user:periodicNotification] Dev cont. [Sami Mokaddem] - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-warninglists] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - Bumped db_schema. [Sami Mokaddem] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [internal] Escape table and column name. [Jakub Onderka] - [internal] Delete event in transaction. [Jakub Onderka] - [internal] Optimise MysqlExtended. [Jakub Onderka] - [internal] Remove QueryTool. [Jakub Onderka] - [appModel:removeDuplicateAttributes] Provide additional log info if needed. [Sami Mokaddem] - [appModel:removeDuplicateUUID] Added support of sort_by. [Sami Mokaddem] - [appModel] Usage of `update` worker instead of `prio` [Sami Mokaddem] - [appModel] Removed unused functions. [Sami Mokaddem] - [servers:edit] Added `not recommended` in the `remove_missing_tag` label. [Sami Mokaddem] - [server:edit] Added more precision for `remove_missing_tags` option. [Sami Mokaddem] - [feeds:add] Default orgc to $me->org_id and select fixed_event by default. [Sami Mokaddem] - [workflowModule:send_email] Removed unused import. [Sami Mokaddem] - [module:queryModuleServer] Allow skipping trigger execution. [Sami Mokaddem] - [workflow:editor] Added min-width for sidebar block icon. [Sami Mokaddem] - [workflowBlueprints] Changed export filename generation. [Sami Mokaddem] - [appController] Bumped queryversion. [Sami Mokaddem] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [syslog] include change field if no custom log message was generated. [iglocska] - for certain log entries vital information was omitted by the syslog. If no custom message is specifically set for the log entry, the change field is included - [galaxies] slightly saner lookup. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warninglists] updated to the latest version. [Alexandre Dulaunoy] - [workflow:Action_tag_*] Usage of tag name instead of tag ID. [Sami Mokaddem] Using IDs was a bad choice as it prevent to correctly share blueprints since IDs will be different from instance to instance - [workflowBlueprint] Don't attach module_data in blueprint by default. [Sami Mokaddem] - Merge from develop. [Tom King] - Update from upstream develop. [Tom King] - Update new tag deletion sync setting to be more explicit. [Tom King] - [db_schema] Bumped db_version. [mokaddem] - [appModel] Create UUID unique index for other tables. [mokaddem] - [appModel] Delete duplicated sightings uuid. [mokaddem] - [db_schema] Attribute and object UUID should have unique index. [mokaddem] - [appModel] Optimized deduplication, log removed elements and regenerate unique indexes on update. [mokaddem] - [db_schema] Add constraint on UUID for Attribute, Object and Event tables. [mokaddem] - [serverscontroller] createnewkey aligned with new parameter. [iglocska] - [taxonomies] updated. [Alexandre Dulaunoy] - [overCorrelatingValue] Truncated the `value` column. [Sami Mokaddem] - We keep the unique constraint on the table - Correlating values over the max. allowed size are truncated to fit the size requirement. That means large correlating values might be marked as over-correlating despite the fact they are not (as only the starting portion of the value is evaluated). - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [periodic_notification] Syntax error. [Sami Mokaddem] - [periodic_notification] Fixed sad widths. [Sami Mokaddem] - [workflowModules:webhook] Do not perform the request if `rest_client_enable_arbitrary_urls` is turned off. [Sami Mokaddem] - [workflow-module:webhook] Module parameters type and label. [Sami Mokaddem] - [users:notification_settings] Do not default to org_only if no distribution is set. [Sami Mokaddem] - [periodic_notification] Correctly pass period filter to event fetcher. [Sami Mokaddem] - [periodic_notification] Syntax error. [Sami Mokaddem] - [periodic_notification:common] Only one instance of tag per event. [Sami Mokaddem] - [user:generatePeriodicSummary] Usage of correct URL. [Sami Mokaddem] - [export:contextExport] Save passed option in the correct function. [Sami Mokaddem] - [events:automation] Fixed typo. [Sami Mokaddem] - [component:restResponse] Added `event_tags` parameter in the correct scope. [Sami Mokaddem] - [user:periodic_notification] Perform filtering on event tags only for aggregated context. [Sami Mokaddem] This is for restSearch to stay consistent with how events are fetched by the default fetcher - [correlation-graph] Only bind keydown event on the graph container. [Sami Mokaddem] - [db_schema] Update db_version to 95. [Jakub Onderka] - [internal] Throw exception if BackgroundJobsTool is not properly configured. [Jakub Onderka] - Traverse paginated Aad Roles. [Antoine Colson-Ratelle] Only the first 100 Roles appear on the first page of Roles given by Microsoft. Roles beyond 100th were missed as seen in issue #8516 - Bump db version and fix schema. [Luciano Righetti] - [eventReport:downloadMarkdownFromURL] Added support of trigger for that function. [Sami Mokaddem] - Event block rules not working with tags filters, see issue #8551. [Luciano Righetti] - [feeds] - tagging a feed would cause the pull to fail. [iglocska] - tag metadata not correctly retrieved - [workflow:editor] Correctly purge nodes saved_filter. [Sami Mokaddem] - [workflows:editor] Correctly apply margin when debug mode is off. [Sami Mokaddem] - Ensure parameter is set before checking remove_missing_tags without coalescing op. [Tom King] - Ensure parameter is set before checking remove_missing_tags. [Tom King] - [attributes:edit] Make sure object_id and attribute UUID are frozen. [Sami Mokaddem] - [attribute tags] removal broken, fixes #8567. [Andras Iklody] - fat finger typo committed by code monkey - Removes unnecessary escape character. [Graham Williamson] Fixes a validation error - found unknown escape character - Schema inconsistency. [Luciano Righetti] - Bump db version and fix schema. [Luciano Righetti] - [update-91] Remove duplicates before creating the constraint. [Sami Mokaddem] - Undefined index: Tag in Feed.php #8547. [Benni0] - Class 'Folder' not found #8544. [Benni0] - Event block rules not working with tags filters, see issue #8551. [Luciano Righetti] - [correlations] save the distribution state of the event before/after saving it, fixes #8528. [iglocska] - only trigger a correlation update with the new distribution if it actually changed - should remove a massive additional load on the table - thanks to @github-germ for noticing this! Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'feature-workflow-improvement1' into develop. [Sami Mokaddem] - Merge branch 'feature-periodic-notification' into feature-workflow- improvement1. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-workflow- improvement1. [Sami Mokaddem] - Merge branch 'feature-periodic-notification' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into feature-periodic- notification. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-periodic- notification. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-periodic- notification. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-periodic- notification. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-periodic- notification. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - ChgL [PyMISP] Bump. [Raphaël Vinot] - Merge branch 'auth_key_reset' into develop. [iglocska] - Merge branch 'develop' into auth_key_reset. [iglocska] - Merge pull request #8576 from mokaddem/fix-duplicated-uuids. [Andras Iklody] [fix] Cleans-up UUID duplicates and add unique constraints - Merge remote-tracking branch 'origin/develop' into fix-duplicated- uuids. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8373 from JakubOnderka/mysql-extended. [Jakub Onderka] new: [internal] Experimental MysqlExtended driver - Merge pull request #8568 from JakubOnderka/code-cleanup. [Jakub Onderka] fix: [internal] Throw exception if BackgroundJobsTool is not properly… - Merge branch 'develop' into fix-duplicated-uuids. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into fix-duplicated- uuids. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8552 from ntnco/develop. [Alexandre Dulaunoy] fix: traverse paginated Aad Roles - Merge branch 'tomking2_feature/propagate_tag_deletion' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into tomking2_feature/propagate_tag_deletion. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] Following discussion with Luciano and the finding of a logic for the format string. We decided to go for Unicode ;-) - Merge branch 'feature-workflow-module-msteams' into develop. [Sami Mokaddem] - Merge branch 'Benni0_2.4' into develop. [Sami Mokaddem] - Merge branch 'Benni0_patch-1' into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge remote-tracking branch 'upstream/develop' into feature/propagate_tag_deletion. [Tom King] - Merge remote-tracking branch 'upstream/develop' into feature/propagate_tag_deletion. [Tom King] - Merge remote-tracking branch 'upstream/2.4' into feature/propagate_tag_deletion. [Tom King] - Merge branch '2.4' of github.com:MISP/MISP into fix-duplicated-uuids. [mokaddem] - Merge branch '2.4' into fix-duplicated-uuids. [mokaddem] - Allow new authentication keys to be replaced. [Stefano Ortolani] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #8560 from 00willo/fix-openapispec-yaml-validation. [Alexandre Dulaunoy] fix: Removes unnecessary escape character - Merge branch 'fix-truncate-overcorrelating-value' into 2.4. [Sami Mokaddem] - Merge branch 'Benni0_2.4' into 2.4. [Sami Mokaddem] - Merge branch 'Benni0_patch-1' into 2.4. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #8538 from baderj/issue-6379-attempt-2. [Alexandre Dulaunoy] Create unique SIDs for email attributes in NIDS export - Second Attempt - Fixes issue 6379. [Johannes Bader] v2.4.161 (2022-08-11) --------------------- New ~~~ - [internal] Add option to log last API request. [Tom King] - [overcorrelations] quality of life improvements. [iglocska] - Added new tool to generate occurrence counts (real numbers this time) - Added hook to truncate over correlating value table on recorrelation - No longer store the partial counts as occurrences when generating correlations Changes ~~~~~~~ - [version] bump. [iglocska] - Allow to restsearch attributes by value1 and value2. [Luciano Righetti] - [internal] Order columns by name when generating db_schema.json. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [internal] Use less SQL queries for event fetching. [Jakub Onderka] - [internal] Drop unnecessary indexes from default_correlations table. [Jakub Onderka] - [internal] Cleanup code for new correlation engine. [Jakub Onderka] - [db_schema] version bump. [iglocska] - [correlations] performance tuning. [iglocska] - added a new constraint to check for correlation uniqueness (a_id, 1_a_id, value_id) - stopped dropping correlations on a full recorrelation - only correlate "upwards" towards higher IDs - [compatibility] for PHP < 7.2 for an organisation that shall go unnamed. [iglocska] - [docs] correlation rework article added. [iglocska] Fix ~~~ - [warnings] added tlp:clear and tlp:amber+strict to the valid tlp tags. [iglocska] - Clearly, the new tags should be accomodated... - ... though these ones do not spark joy. - [modules] only run the workflow if it's enabled, fixes #8531. [iglocska] - blocked event report fetches from URL - Remove debug print. [Luciano Righetti] - Attr restsearch test. [Luciano Righetti] - Fix new test. [Luciano Righetti] - [db_schema]: Order column names. [Jakub Onderka] - [internal] Advanced correlations. [Jakub Onderka] - [internal] Attribute model, initialise variable. [iglocska] - [emailing] speculative fix for #8523. [iglocska] - [acl] added generateOccurrences to the ACL list. [iglocska] - Rollback change to DB upgrade 86. [Tom King] - Use correct field for altering table to include last_api_access. [Tom King] - [PyMISP] Bump version. [Raphaël Vinot] - [stix2 import] Better `external_references` parsing for attack patterns objects. [chrisr3d] - [pubsub] gracefully handle events with attribute-less objects. [iglocska] - [compatibility] removed function return types from correlations. [iglocska] - [compatibility] Support for php < 7.2 for an organisation that shall go unnamed. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'value1' into develop. [iglocska] - Add: add tests, update api docs. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8524 from JakubOnderka/default-correlation- cleanup. [Jakub Onderka] Default correlation cleanup - Merge branch 'log_last_api' into develop. [iglocska] - Merge remote-tracking branch 'upstream/2.4' into feature/api_last_access_time. [Tom King] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] v2.4.160 (2022-08-05) --------------------- New ~~~ - [workflow:tag_operation] New module to perform tag operations. [Sami Mokaddem] - [correlation rework] round 2. [iglocska] - long list of fixes - update scripts - correlation engine management interface - recorrelation/truncation tools - various performance tunings and bug fixes - [workflow:debugging] Added debugging capability by POSTing workflow exec to an URL. [Sami Mokaddem] - [correlation] engine rewrite. [iglocska] - allow for multiple concurrent engines - default: similar behaviour as before, ACL enforced - No ACL: for endpoint misps, disable the enforcement of ACL for correlations altogether - rework: - correlation entries are fully indexed reference tables - values are now stored separately - built in protection against overcorrelating values (defaults to 20 max) - 1 way correlations to cut the size in half - unsigned IDs to double the ID space - loads of performance improvements - fix to the broken event index with correlation counts enabled - UI improvements - search for values from the correlation column directly (in case there are non-correlating versions of the same value) - added correlations to the attribute search/index - TODO: - upgrade scripts - [trigger:post_after_save] Added support of post_after_save trigger. [Sami Mokaddem] Data passed include the Post's Thread as well as the Event it belongs to if applicable - [workflow:trigger_event_after_save] New trigger Event.afterSave. [Sami Mokaddem] - [workflow] Added support of estimated overhead for triggers. [Sami Mokaddem] - [workflows:editor] Allow to edit blueprints and fixed add/edit modal behavior. [Sami Mokaddem] - Add LightPaginator when total page count is not needed/to expensive. [Luciano Righetti] - Mysql db tuning recommendations in server diagnostics. [Luciano Righetti] - [workflow:published_if] New module. [Sami Mokaddem] - [workflow:organisation_if] New module. [Sami Mokaddem] - [workflow:distribution_if] module. [Sami Mokaddem] - [workflow] Added simplistic webhoob listener in tools/ [Sami Mokaddem] - [event-report] Added support of mermaid. [Sami Mokaddem] - [workflow:mermaid] New tool to convert graph into mermaid notation. [Sami Mokaddem] - [GraphvizDot] New tool to convert workflow graph into dot notation. [Sami Mokaddem] - [taxonomy:normalizeCustomTags] Normalize custome tags to their taxonomy format. [Sami Mokaddem] New feature accessible on the administrator on-demand action page - [CLI] Allow to send real email by testEventNotificationEmail call. [Jakub Onderka] - [email] Unsubscribe. [Jakub Onderka] - Update to handle network connection objects. [Marco Caselli] - [workflow_module:webhook] Added new webhook module. [Sami Mokaddem] - [workflowPart] Started integration of workflow parts. [Sami Mokaddem] - [workflow] Added toggling module state. [Sami Mokaddem] - [workflow:editor] Added translate to and fit canvas methods. [Sami Mokaddem] - [action module] added background processing. [iglocska] - [background jobs tool] added new shell package. [iglocska] - [modules] action module type added. [iglocska] - hooking function type - add a hooking point via `$this->Module->executeActions($hook_name, $user, $input, $logging_options, $error)` - will execute the enabled modules for the hook name and depending on the module's type (blocking/not blocking) allow for breaking the execution when false is returned. - For a sample skeleton, see the misp-modules project - [workflow:editor] Added UI elements to show blocking and non-blocking execution paths. [Sami Mokaddem] - [workflow:editor] Possibility to delete node from its configuration modal. [Sami Mokaddem] - [workflow:editor] Initial work on the workflow editor. [Sami Mokaddem] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [misp-stix] Bumped latest library version. [chrisr3d] - Update moment.js to v2.29.4. [Luciano Righetti] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [git] Bumped blueprint library. [Sami Mokaddem] - [misp-workflow-blueprints] Track repo. [Sami Mokaddem] - [tests] added another sleep to wait for a publish. [iglocska] - [workflow:tag_operation] Make module not blocking. [Sami Mokaddem] - [tests] added sleep to publishing. [iglocska] - [publishing] reverted the speculative fix. [iglocska] - [Tag] Helper function to attach/detach tags and bump timestamps. [Sami Mokaddem] - [workflow:event_after_save] Changed trigger overhead to high. [Sami Mokaddem] - [workflow:baseModule] New helper function and better usage of the `equals` filter operator. [Sami Mokaddem] - [PyMISP] Bump to v2.4.160. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [PyMISP] Bump version. [Raphaël Vinot] - [event:publish] Only fetch full event if needed + added site_admin perms for the user. [Sami Mokaddem] - [correlation:getRelatedAttributes] Updated documentation to reflect returned type. [Sami Mokaddem] - [db_schema] Updated to reflect current version. [Sami Mokaddem] - [correlations] value field changed to varchar. [iglocska] - [serversSettings:correlations] Added translation. [Sami Mokaddem] - [workflow:module_zmq] renamed parameter. [Sami Mokaddem] - [menus] Added `new` badge for over-correlating values. [Sami Mokaddem] - [workflows:index] Added description column. [Sami Mokaddem] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [warninglist] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [grammar] minor fix. [iglocska] - fat finger induced typo - [correlation] refined explanation why attribute isn't correlating. [iglocska] - over-correlations and correlation exclusions now provide a distinct message on the attribute index / event view - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [workflows] Allow running workflows via the editor interface. [Sami Mokaddem] - [workflowBlueprint:update] Small refacto. [Sami Mokaddem] - [workflowBlueprint] Usage of FileAccessTool. [Sami Mokaddem] - [workflow] Refactoring and allow running workflow by ID. [Sami Mokaddem] - [workflows:infoModal] Added entry for debugging via debug mode. [Sami Mokaddem] - [workflows:triggers] Small UI improvements. [Sami Mokaddem] - [workflow:walkGraph] Simplified condition and logging. [Sami Mokaddem] - [workflow:executeNode] Improved logging and error catching. [Sami Mokaddem] - [workflows:editor] Added link to execution logs. [Sami Mokaddem] - [worfklows:editor] UI Improvements on labels. [Sami Mokaddem] - Update moment.js to v2.29.4. [Luciano Righetti] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [workflow] Changed the format of the graph. [Sami Mokaddem] - [workflow] Changed the format of the graph WiP. [Sami Mokaddem] Made a clear separation between node data and module data - [workflow] Added an `id` in all module instead of relying on the label. [Sami Mokaddem] - [global_menu] Changed workflow beta tag into new. [Sami Mokaddem] - [i18n] Added updated default.pot. [Steve Clement] - [i18n] Minor __() fix. [Steve Clement] - [i18n] Updated Languages, added: Romanian and Sinhala. [Steve Clement] - [taxonomies] updated. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [workflow:executeWorkflowForTrigger] Log execution outcome. [Sami Mokaddem] - [workflows:if] Usage of Hash::get instead of extract for non- containable operators. [Sami Mokaddem] - [workflow] Simplified call to executeTrigger. [Sami Mokaddem] - [workflows:editor] Small UI adjustements. [Sami Mokaddem] - [workflow:module_email_before_send] Removed useless module. [Sami Mokaddem] - [workflows] Improved pagination and added trigger scope. [Sami Mokaddem] - [workflow:module_webhook] Added description. [Sami Mokaddem] - [workflows:editor] Continued replacing `block` into `node` [Sami Mokaddem] - [workflows:editor] Renamed block into node. [Sami Mokaddem] - [workflows:editor] Continued renaming block to module. [Sami Mokaddem] - [workflows:editor] Added duplicate shortcut. [Sami Mokaddem] - [workflows:editor] Continued renaming `block` into `node` [Sami Mokaddem] - [workflows:editor] Better error handling while trying to get selected nodes. [Sami Mokaddem] - Improve logging, use HttpSocket instead of file_get_contents() for http requests, update docs. [Luciano Righetti] - [workflow] Started renaming `block` into `module` [Sami Mokaddem] - [workflow] Enable some module by default when updating. [Sami Mokaddem] - [workflows:module_index] Added support of mass enable/disable. [Sami Mokaddem] - [workflows:editor] Added support of codemirror for textarea. [Sami Mokaddem] - [tools:webhook-listener] Slightly clever printing. [Sami Mokaddem] - [workflows:misp_module] Reorganised the config in misp-module. [Sami Mokaddem] - [workflow:zmq_module] Simplified usage. [Sami Mokaddem] - [workflowBlueprint] Clean-up and new method export formats. [Sami Mokaddem] - [workflows:editor] Fetch workflow from database after creation. [Sami Mokaddem] - [workflow] added `addWorkflow` function in model. [Sami Mokaddem] - [workflows:infoModal] Added debugging section. [Sami Mokaddem] - [workflows:infoModal] Separated info modal in its own element. [Sami Mokaddem] - [workflows:editor] Include trigger-id as a suggestion in the blueprint description. [Sami Mokaddem] - [workflow:editor] Show warning for path leading to blocking nodes from non-blocking context. [Sami Mokaddem] - [Tool:WorkflowGraph] Option to walk a graph without skipping logic nodes. [Sami Mokaddem] - [workflow:attachNotification] Added warning about using a blocking module in a non-blocking trigger. [Sami Mokaddem] - [user:afterSave] Do not execute trigger for login and logout actions. [Sami Mokaddem] - [workflows:modules] Renamed parallel tasks into concurrent tasks. [Sami Mokaddem] - [workflows:editor] Sort modules in the sidebar by their name. [Sami Mokaddem] - [workflow:editor] Small UI improvement. [Sami Mokaddem] - Refactor so can be re-used. [Luciano Righetti] - [webroot] Updated jquery-ui from 1.13.1 to 1.13.2. [Sami Mokaddem] - [workflow] Usage of format converter tool to convert passed data into MISP core format. [Sami Mokaddem] - [workflow] Made sure data is correctly converted before calling the trigger. [Sami Mokaddem] - [workflow:baseModule] Automatically convert into MISP core format if `misp_core_format` is set. [Sami Mokaddem] - [workflow] Simplified extraction of trigger from workflows. [Sami Mokaddem] - [workflow:distribution_if] Added `event` scope to be used. [Sami Mokaddem] - [workflow:webhook] Renamed parameter. [Sami Mokaddem] - [workflow] Added support of misp_core_format in triggers and modules. [Sami Mokaddem] Allow trigger to specify if their passed data is compliant with the MISP core format from the RFC. As for module, they can specify if they expect data under the MISP core format to be working properly. - [workflow] Made action modules inherit the `WorkflowBaseActionModule` class. [Sami Mokaddem] - [workflowBlueprint] Added support of misp-workflow-blueprints repository. [Sami Mokaddem] - [workflowBlueprint] Added new column `default` to recognize default BP. [Sami Mokaddem] - [workflows:editor] prevent disabled module to appear in the module select picker. [Sami Mokaddem] - [workflows:editor] Added notice if no modules are enabled. [Sami Mokaddem] - [workflows:module_index] Improved notice. [Sami Mokaddem] - [workflow] Removed duplicated module parameter related to blocking and added notice in editor. [Sami Mokaddem] - [workflow:generic_if] Renamed module for consistency. [Sami Mokaddem] - [workflow:module_index] Added notice for modules that failed to load. [Sami Mokaddem] - [workflow] Convert to MISP Core format before passing data to the workflow. [Sami Mokaddem] - [workflow:executeNode] Renamed function. [Sami Mokaddem] - [workflow:tag_if] Added support of `event_attribute` scope and improved integration with queryModuleServer. [Sami Mokaddem] - [workflow] Various fixes, improved enrichment support and new logic module. [Sami Mokaddem] - [workflow] Added option to globally stop workflow execution. [Sami Mokaddem] Not sure if it's relevant since an output can only have one connection - [workflow] Prevent and notify multiple connection for the same output. [Sami Mokaddem] - [workflowBlueprint] Added mermaid support. [Sami Mokaddem] Created new generic field for markdown - [appController] Bump query version. [Sami Mokaddem] - [js] upgrade moment.js to v2.29.4. [Sami Mokaddem] - [sync] Simplify galaxy cluster pushing. [Jakub Onderka] - [sync] Reuse ServerSyncTool for pushing sightings. [Jakub Onderka] - [sync] Use ServerSyncTool for pushing events. [Jakub Onderka] - [sync] Optimise event filtering for push. [Jakub Onderka] - [sync] Optimise galaxy cluster pulling. [Jakub Onderka] - [sync] Remove duplicate blocklist checking. [Jakub Onderka] - [sync] Optimise checking block rule. [Jakub Onderka] - [sync] Optimise removing old evens when pulling. [Jakub Onderka] - [sync] Optimise event attribute filtering. [Jakub Onderka] - [internal] More clear error message in process tool. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [LS22] shell updated with the final version used for the exercise. [iglocska] - [sidemenu:workflow_blueprint] Re-organised and added divider. [Sami Mokaddem] - [workflows:module_view] Added listening workflows in trigger module view. [Sami Mokaddem] - [internal] restSearch cleanup. [Jakub Onderka] - [internal] Include more types in hash export. [Jakub Onderka] - [UI] Event export description. [Jakub Onderka] - [internal] JsonExport cleanup. [Jakub Onderka] - [internal] Use `BetterCakeEventManager` for AppController. [Jakub Onderka] - [internal] Use SORT_REGULAR for array_unique. [Jakub Onderka] - [internal] Throw exception if date spec is invalid. [Jakub Onderka] - [internal] Convert to const. [Jakub Onderka] - [internal] Unsubscribe code. [Jakub Onderka] - [doc] Fixes various typos and spelling mistakes. [Graham Williamson] - [doc] Fixes broken link to OpenAPI spec. [Graham Williamson] - [workflow] Moved directory of custom modules in `Lib` folder. [Sami Mokaddem] - [workflpw:editor] Added link to github issue and workflow ID column. [Sami Mokaddem] - [workflow:editor] Improved fitCanvas and removed more html when saving workflows. [Sami Mokaddem] - [workflow:logging] Added logging to file in addition to DB logging. [Sami Mokaddem] This is used to mitigate a bug that prevent log entries to be saved in the log table if they are inserted in a `beforeSave` context. The bug append because cakephp rolls back any pending entry in the transaction. - [tools:FileAccessTool] Added support of append in writeToFile. [Sami Mokaddem] - [workflow:editor] Added draft of info modal. [Sami Mokaddem] - [workflow:editor] Added additional save blueprint button. [Sami Mokaddem] - [workflow] Renaming and UI Improvements. [Sami Mokaddem] - [workflow:editor] Strip HTML when saving workflow and exporting blueprints. [Sami Mokaddem] - [workflow] Various improvement and fixes for misp-modules. [Sami Mokaddem] - [workflow] Various improvement and added support of `enrichment_before_query` trigger. [Sami Mokaddem] - [global_menu] Added beta label next to workflow. [Sami Mokaddem] - [workflows] UI Tweaks. [Sami Mokaddem] - [workflow:misp_module] Added support of blocking module. [Sami Mokaddem] - [workflow:editor] Added support of chosen for blueprints. [Sami Mokaddem] - [workflow:editor] Allow drag&drop for blueprint. [Sami Mokaddem] - [WorkflowBlueprint] Renamed WorkflowPart into WorkflowBlueprint. [Sami Mokaddem] - [workflow:editor] Started better integration of workflow parts. [Sami Mokaddem] - [workflows:beforeFilter] Prevent access if setting is disabled. [Sami Mokaddem] - [workflow] Added attribute and object afterSave trigger. [Sami Mokaddem] - [workflows:index] UI tweak. [Sami Mokaddem] - [workflow] Improved integration with settings + added global setting to enable/disable workflow feature. [Sami Mokaddem] - [workflow] non-blocking workflows are run by background workers. [Sami Mokaddem] - [workflows:index] Link to view workflow execution results. [Sami Mokaddem] - [user:saveCallbacks] Added support of trigger in beforeSave and afterSave. [Sami Mokaddem] Triggers are named respectively `user-before-save` and `user-after-save` - [workflow] Improved logging capabilities and stop aborting execution if non-blocking module return false. [Sami Mokaddem] - [workflow] Added WorkflowBaseTriggerModule class to be extended by triggers. [Sami Mokaddem] - [sidemenu] Added more link for workflowParts controller. [Sami Mokaddem] - [workflow:editor] Added possibility to include workflow parts + various fixes. [Sami Mokaddem] - [workflow:moduleIndex] Added more filtering options. [Sami Mokaddem] - [workflows:index] Added module icons in index and view. [Sami Mokaddem] - [workflow:editor] Improved selection behavior and UI. [Sami Mokaddem] - [workflow:editor] General UI improvements. [Sami Mokaddem] - [workflow] Added toggling trigger state from the index. [Sami Mokaddem] - [workflow] Small UI tweaks. [Sami Mokaddem] - [workflow:index_module] Added column for blocking modules. [Sami Mokaddem] - [workflow:editor] Mainly improved UI. [Sami Mokaddem] - [workflow:editor] Added support of node multi-selection. [Sami Mokaddem] - [workflow:editor] Save current state with CTRL+S. [Sami Mokaddem] - [workflow] Added more logging while executing WF. [Sami Mokaddem] - [workflow] Increment workflow counter each time a trigger is called. [Sami Mokaddem] - [workflow:editor] Slightly improved center canvas method. [Sami Mokaddem] - [workflow:editor] Improved styling for trigger nodes. [Sami Mokaddem] - [workflow:editor] Slightly changed zoom behavior. [Sami Mokaddem] - [workflow] restored execution path support to allow parallel tasks. [Sami Mokaddem] - [workflows] Ability to run a workflow from any node and added background job support for parallel tasks. [Sami Mokaddem] - [workflow] Added support of module filtering, improved system and small clean-up. [Sami Mokaddem] - [workflow] Improved if module and UI. [Sami Mokaddem] - [workflow] Fixed to allow running workflows again. [Sami Mokaddem] - [workflows:editor] Improved if block and UI. [Sami Mokaddem] - [workflow] Small improvements and refactored behavior of if blocks. [Sami Mokaddem] - [workflow] Bit of clean up. [Sami Mokaddem] - [workflow] Removed workflow's `enabled` feature. [Sami Mokaddem] - [workflow] Continued deleting unused code and improved UI 2. [Sami Mokaddem] - [workflow] Continued deleting unused code and improved UI. [Sami Mokaddem] - [worflow] Started removing feature from initial design - Multiple workflows per trigger - Custom Workflow per user - Workflow import/export - Blocking & Parallel path from triggers. [Sami Mokaddem] - [workflow] Added stop-execution module. [Sami Mokaddem] - [workflows:module_index] Added notice if misp-module service is not reachable. [Sami Mokaddem] - [workflow] Better error handling if module service not available. [Sami Mokaddem] - [Event:enrichment] Allow specifying alist of attribute UUIDs to be enriched. [Sami Mokaddem] - [workflow] Better integration with misp-module + few fixes. [Sami Mokaddem] - [workflow] Renamed triggerIndex and triggerView into moduleIndex and moduleView. [Sami Mokaddem] - [workflow] Improved login and `walkGraph` execution logic. [Sami Mokaddem] - [event:publish] Publishing execute `publish` trigger. [Sami Mokaddem] - [workflow:test] Commented test endpoint. [Sami Mokaddem] - [workflow] Better module loading and execution errors get propagated to the caller for blocking path. [Sami Mokaddem] - [workflow] Only allow `action` module type for misp-module. [Sami Mokaddem] - [workflow] Added fixme note. [Sami Mokaddem] - [workflow] Do not try to load custom module for type trigger. [Sami Mokaddem] - [workflows:export] Added endpoint. [Sami Mokaddem] - [workflows:import] Added import endpoint. [Sami Mokaddem] - [workflow:editor] Removed delete button. [Sami Mokaddem] - [workflow:editor] Clean-up and full reload upon save. [Sami Mokaddem] - [workflow] Renamed validation function `MoreThanOneTriggerInstance` [Sami Mokaddem] - [workflow:editor] Prevent select to add disabled modules. [Sami Mokaddem] - [workflow] Make sure one instance per trigger is allowed when saving workflows. [Sami Mokaddem] - [workflow] Better arg parsing and if modules support attribute filters. [Sami Mokaddem] - [tool:pubsub] Allow pushing on workflow topic with additional namespace. [Sami Mokaddem] - [workflow] Allow passing data between modules. [Sami Mokaddem] - [workflow] Small refactoring and allow GraphWalker to execute logic nodes. [Sami Mokaddem] - [workflow] Allow starting walk in graph by specific node id and specific path type. [Sami Mokaddem] - [workflow:editor] Show warning if some module's parameters have been saved and are unkwown to the associated module. [Sami Mokaddem] - This could also be added a a node notification - [workflow] Added `executeWorkflowsForTrigger` - WiP. [Sami Mokaddem] - [workflows] Fixes for misp-modules integration and allowed all modules to publish to zmq. [Sami Mokaddem] - [workflows] No need for redis variable. [Sami Mokaddem] - [workflow] Renamed GraphNavigator into GraphWalker. [Sami Mokaddem] - [workflow] Added loading actionmodule from misp-module and small refacto. [Sami Mokaddem] - [workflow:loading] Allow loading modules from a user managed custom folder. [Sami Mokaddem] - [workflow] Refactored module system to load modules from directory rather than hardcoded in a main class. [Sami Mokaddem] - [workflow] Moved modules out of workflow model. [Sami Mokaddem] - [workflowGraphTool:navigator] Added helper to navigate the graph based on control modules. [Sami Mokaddem] - [workflow] Added new logic module `parallel task` [Sami Mokaddem] - [workflow:editor] Throttle pooler if user logged out and bit of cleanup in workflowGraphTool. [Sami Mokaddem] - [workflow:editor] Better module notifications handling and added support of modal in the editor. [Sami Mokaddem] - [workflow:editor] Integrated notification in the UI. [Sami Mokaddem] - [worfklow:editor] Added notifications in the UI. [Sami Mokaddem] - [workflow:editor] Added block notifications in sidebar. [Sami Mokaddem] - [workflow] Fixed inconsistent state in redis and prevent saving cyclic graphs. [Sami Mokaddem] - [workflow] Small refacto and added helper functions. [Sami Mokaddem] - [workflows:trigger] Added support of execution order for blocking triggers. [Sami Mokaddem] - [workflow:triggers] Better support of enabled state. [Sami Mokaddem] - [workflow:trigger_view] Added endpoint and small UI improvements. [Sami Mokaddem] - [workflow] Save state in redis and continued integration in the UI - WiP. [Sami Mokaddem] - [workflow:trigger_list] UI adjustement. [Sami Mokaddem] - [workflow] Started working on priority_level and trigger list - WiP. [Sami Mokaddem] - [workflow:editor] Small loading performance improvements. [Sami Mokaddem] - [workflow:editor] Only allow once instance of trigger per workflow. [Sami Mokaddem] - [workflow:editor] Added link pointing to the index. [Sami Mokaddem] - [workflow:editor] Renamed conditions to logic in sidebar. [Sami Mokaddem] - [workflows] Added enabled state. [Sami Mokaddem] - [workflow:view] Improved version of the execution path preview. [Sami Mokaddem] - [workflow:editor] Added icons in important blocks. [Sami Mokaddem] - [workflow:editor] Added support of textarea. [Sami Mokaddem] - [workflow:editor] Simplified sidebar UI. [Sami Mokaddem] - [workflow:editor] Harmonized UI. [Sami Mokaddem] - [workflow:editor] Added support of checkboxes and radio buttons. [Sami Mokaddem] - [workflow:editor] Added support of keyed select value. [Sami Mokaddem] - [workflow:editor] Added support of select in the modal. [Sami Mokaddem] - [workflow:editor] Added support of modal while browsing node. [Sami Mokaddem] - [workflow:editor] Reflect editing of inputs in the editor state. [Sami Mokaddem] - [workflow:editor] Small UI improvement. [Sami Mokaddem] - [workflow:editor] Added more resilience on import/export. [Sami Mokaddem] - [js:drawflow] bumped to version 0.0.58. [Sami Mokaddem] - [workflow:editor] Added support of brand icons. [Sami Mokaddem] - [workflows] Improved UI. [Sami Mokaddem] - [workflow] Fixed some bugs and added execution path in workflow/view. [Sami Mokaddem] - [workflows] Renamed executionFlow to executionPath. [Sami Mokaddem] - [workflow] Added helper function to compute the execution path. [Sami Mokaddem] - [workflow:editor] Small UI improvements. [Sami Mokaddem] - [workflow:editor] Better handling of save / loading of workflows. [Sami Mokaddem] - [workflows] Added view and editor links. [Sami Mokaddem] - [workflows] Added more endpoints for CRUD. [Sami Mokaddem] - [side_menu:workflows] Added workflow quick links. [Sami Mokaddem] - [workflow] Started CRUD. [Sami Mokaddem] - [workflow:editor] Added TODO. [Sami Mokaddem] - [workflow] Added database migration. [Sami Mokaddem] - [ui:main] Fixed overflowing UI creating a useless X scrollbar. [Sami Mokaddem] Fix ~~~ - [time] missing in the test suite....... [iglocska] ...AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARGH - [workflows:editor] Fixed node duplication not using params. [Sami Mokaddem] - [sleep] command fixed. [iglocska] - monkey dev is a monkey - [speculative] fix for the event publishing timing issues. [iglocska] - [workflows:editor] Correctly pick up saved_filters. [Sami Mokaddem] - [speculative fix] for event publishing timing issues. [iglocska] - [remove tag] no longer breaks after the first tag removal. [iglocska] - [publishing] with alert fixed (no more weird response message. [iglocska] - [proposal] correlations are deprecated. [iglocska] - [typo] causing the object saving to fail. [iglocska] - [php 7.2] compatibility. [iglocska] - [objects] only check for soft deleted attributes when appropriate. [iglocska] - when it's an edit - when the soft delete flag is set - [ACL] entries updated. [iglocska] - [worflow:walkGraph] Correct usage of oganisation key. [Sami Mokaddem] - [workflows:editor] Fixed comma for older PHP versions. [Sami Mokaddem] - [revert] previous commit for the attribute index. [iglocska] - [correlation:getRelatedAttribute] Always return an array. [Sami Mokaddem] - [attribute index] fix. [iglocska] - [compatibility] with 7.2. [iglocska] - [php < 7.4] fix. [iglocska] - [serverSettings:correlations] PHP version. [Sami Mokaddem] - [correlation] value truncation for the correlation value table. [iglocska] - [workflows:editor] Nowarp on notifications. [Sami Mokaddem] - [workflow] description field default set. [iglocska] - [undefined variable] in the workflow index. [iglocska] - [UI] small fix for the workflow trigger checkbox. [iglocska] - [appModel:update] Fixed forgotten schema update for workflows. [Sami Mokaddem] - [appModel:update] Set update success to true for case 89 and 90. [Sami Mokaddem] - [adminShell:correlationTruncate] Correctly update the job. [Sami Mokaddem] - [correlation:defaultCorrelation] Ignore ACL check for site_admins. [Sami Mokaddem] - [adminShell:correlationTruncate] Correctly update the job. [Sami Mokaddem] - [correlation:defaultCorrelation] Ignore ACL check for site_admins. [Sami Mokaddem] - [Objects] cascade deletes when capturing already soft-deleted objects. [iglocska] - [correlations] added missing templates. [iglocska] - [workflow:module_concurrent_task] Use correct class for constant. [Sami Mokaddem] - [workflow:executeForTrigger] Differentiate between error and blocked outcome. [Sami Mokaddem] - [workflow:executeNode] Make disabled node fails. [Sami Mokaddem] - [over correlation] pagination fixed. [iglocska] - was still using stupid_correlations - [correlation engines] added additional event fields to the retrieved event metadata to match the old behaviour. [iglocska] - [ACL] added overcorrelations. [iglocska] - [attribute search] regression fixed. [iglocska] - [workflows:editor] UI improvement in trigger node. [Sami Mokaddem] - [workflow:tag_if] Use flattened attributes and extract tags from all attributes. [Sami Mokaddem] - [workflows:moduleIndex] Fixed filtering button not highlighting correctly. [Sami Mokaddem] - [appmodel] Fixed merged conflict and typo in sql query. [Sami Mokaddem] - [correlation] fixed missing passed sharing group ID array. [iglocska] - [workflows] Typos in some views. [Sami Mokaddem] - [workflows:editor] UI fix and improvement. [Sami Mokaddem] - [workflow:validation] Make sure a workflow has one and only one trigger. [Sami Mokaddem] - [event:publish] Call correct trigger. [Sami Mokaddem] - [workflows:editor] Correctly draw parameters in the specified order. [Sami Mokaddem] - [workflow] Fixed in walkGraph. [Sami Mokaddem] - [workflows:editor] Correctly remove invalid parameters when saving workflows. [Sami Mokaddem] - [genericElement:boolean] Correctly encode sync rules for popover usage. [Sami Mokaddem] - [i18n] Variables cannot be translated. [Steve Clement] - [workflows:editor] Improved node filtering UI and behavior. [Sami Mokaddem] - [tools:securityAudit] Do not fail if `tls` key does not exist. [Sami Mokaddem] - Handle casing diff in db response. [Luciano Righetti] - Use session variables instead of global_variables table as its not available in some installations. [Luciano Righetti] - [workflows:editor] Changed phrasing. [Sami Mokaddem] - [sidebar:workflows] Additional separator. [Sami Mokaddem] - [workflows:editor] Various i18n and some UI improvements. [Sami Mokaddem] - [workflows:editor] Fixed bug where param_id was missing thus preventing new param to be saved. [Sami Mokaddem] - [scripts:mispzmq] Removed unused zmq topic. [Sami Mokaddem] - [workflows] Removed unused views and fix end of files. [Sami Mokaddem] - [workflows] Clean up and removed unused code. [Sami Mokaddem] - [tool:workflowFormatConverter] Fix typo. [Sami Mokaddem] - [workflow] Remove leftovers from previous design with [non]blocking paths from triggers. [Sami Mokaddem] - [workflows:editor] Fixed zoom when there is only one node in the graph. [Sami Mokaddem] - [acl] Added missing entry. [Sami Mokaddem] - [workflows] Changed stupid_pagination to light_paginator. [Sami Mokaddem] - [workflows:editor] Improved handling of node parameters. [Sami Mokaddem] - [workflows:editor] Correctly position nodes from blueprint upon insertion. [Sami Mokaddem] - [workflows:editor] Improved handling of node deletion from different context. [Sami Mokaddem] - [workflow:editor] Deleting nodes from blueprint right after including them in the graph. [Sami Mokaddem] - Light pagination not needed here. [Luciano Righetti] - Missing ACL. [Luciano Righetti] - [internal] Response signing. [Jakub Onderka] - [diag] Correctly set DB session errorCode. [Bradley Logan] - [internal] Undefined variable $mayModify. [Jakub Onderka] - [decaying:decaying_tool] Fixed page failing to load due to missing jquery-ui. [Sami Mokaddem] - [workflows:editor] Usage of minified version of jquery-ui. [Sami Mokaddem] - [workflow:editor] Path not being attach to node's handle for nodes having chosen. [Sami Mokaddem] - [workflow] Log error message on the disk as well upon module execution error. [Sami Mokaddem] This is needed as currently log entries are rollbacked if the trigger was called from the beforeSave context - [sidemenu:workflow] Link correctly redirects to workflow history. [Sami Mokaddem] - [workflows:editor] Add error node if the module from a blueprint is not known. [Sami Mokaddem] - [workflows:editor] Multi-deletion with key. [Sami Mokaddem] - [workflow:editor] Foxed disabled state of the save button after saving. [Sami Mokaddem] - [workflow:BaseModule] Always fetch event if it's missing. [Sami Mokaddem] - [workflow:editor] Make sure to update node's param_id configuration. [Sami Mokaddem] - [workflows:editor] Make sure to override block setting by module's configuration. [Sami Mokaddem] - [workflow] Create table sql statement updated. [Sami Mokaddem] - [tools:workflowGraphTool] Fixed detection of edges making the graph cyclic. [Sami Mokaddem] - [Module:execute_workflow] Saving log in DB no longer fails anymore. [Sami Mokaddem] - [internal] Call to a member function fetchEvent() on null. [Jakub Onderka] - [internal] Properly handle zmq exception. [Jakub Onderka] - [internal] Faster changing IDS flag for CIDR. [Jakub Onderka] - [elements:workflow_execution_path] Support of different icon types and fixed missing template. [Sami Mokaddem] - [UI] Destroy popovers. [Jakub Onderka] - [internal] RestSearchExport: fetch published and unpublished events. [Jakub Onderka] - [internal] Faster attaching event tags to attributes. [Jakub Onderka] - [internal] PHP memory leak. [Jakub Onderka] - [internal] Trying to access array offset on value of type int. [Jakub Onderka] - [security] Use random salt for password and authkey hashes. [Jakub Onderka] - [internal] DB changes array. [Jakub Onderka] - [log] Do not user changes to old log when new log is enabled. [Jakub Onderka] - [stix2 import] Fixed issue when marking refs were pointing to a unexisting (in the Bundle) Marking Definition object. [chrisr3d] - [stix2 import] Fixed STIX 2.0 Observable objects mapping as MISP attributes. [chrisr3d] - [stix2 import] Removed `index` parameter for some observable objects parsing functions to avoid issues while selecting the right observable. [chrisr3d] - Should fix #8447 - [workflow:editor] Fixed canvas centering. [Sami Mokaddem] - [workflow:editor] Prevent blueprint crashing if module output changed. [Sami Mokaddem] - [elements:global_menu_single] Correctly respect specification about html. [Sami Mokaddem] - [Workflow:UserBeforeSave] Ignore workflow execution for logins and logouts. [Sami Mokaddem] - [workflowPart:edit] Convert part data to string before passing to the view. [Sami Mokaddem] - [workflow:editor] Fixed checking cyclic state for large graph + Improved UI. [Sami Mokaddem] - [workflows] Fix url of forgotten endoints. [Sami Mokaddem] - [workflows:view] Init `is_misp_module` variable. [Sami Mokaddem] - [workflow] Module if. Also changed how condition data is passed along. [Sami Mokaddem] - [workflow:editor] Correctly restore saved select value. [Sami Mokaddem] - [workflows:index] Flip button play and stop to match the state. [Sami Mokaddem] - [worklfows:delete] Clean-up data in redis when deleting workflows. [Sami Mokaddem] - [workflow:editor] Only allow once instance of trigger per workflow. [Sami Mokaddem] - [workflow:editor] Dropped nodes take into account panned editor view and zoom level. [Sami Mokaddem] - [workflow:editor] Correctly load data saved in textarea parameters. [Sami Mokaddem] - [js:taskScheduler] No fail if not UI element passed and added a function to run the job on demand. [Sami Mokaddem] - [workflow:edit] Encode data field before passing it to the view. [Sami Mokaddem] - [editor:workflow] Make sure to re-use saved IDs when importing a workflow. [Sami Mokaddem] - [workflow:editor] Fixed state inconsistencies for checkboxes and radio buttons while editing in the modal. [Sami Mokaddem] - [workflow:editor] Changed how data gets imported. Recreate all nodes instead of using the built-in `import` function - We do it in order to keep the node content (such as inputs) in sync with their actual value - That is because the default `import` function do not update the HTML of each node when they change - It also somewhat mitigate in case a user provide bogus or rogue HTML in the nodes. [Sami Mokaddem] - [worflow:editor] Fix loading of saved state. - Save internal representing with node indexed by their IDs. [Sami Mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into feature- workflows-2. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into feature- workflows-2. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge branch 'new_correlations' into develop. [iglocska] - Merge branch 'develop' into new_correlations. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8515 from cudeso/patch-1. [Alexandre Dulaunoy] Update AttributeValidationTool.php - Update AttributeValidationTool.php. [Koen Van Impe] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8509 from SteveClement/i18n. [Steve Clement] chg: [i18n] Added updated default.pot - Merge pull request #8508 from SteveClement/i18n. [Steve Clement] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge pull request #8478 from righel/improve-aad-auth-logging. [Luciano Righetti] chg: improve logging, use HttpSocket instead of file_get_contents() f… - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge pull request #8502 from righel/change-logs-pagination. [Andras Iklody] new: add LightPaginator when total page count is not needed/to expensive - Merge pull request #8500 from righel/mysql-config-diagnostics. [Luciano Righetti] new: mysql db tuning recommendations in server diagnostics - Merge pull request #8488 from JakubOnderka/response-signing. [Jakub Onderka] fix: [internal] Response signing - Merge pull request #8497 from brlogan/patch-1. [Luciano Righetti] fix: [diag] Correctly set DB session errorCode - Merge pull request #8491 from JakubOnderka/fix-undefined-variable- vol2. [Jakub Onderka] fix: [internal] Undefined variable $mayModify - Merge remote-tracking branch 'origin/develop' into feature- workflows-2. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8490 from JakubOnderka/fix-audit-log-controller. [Jakub Onderka] fix: [internal] Call to a member function fetchEvent() on null - Merge branch 'develop' of github.com:MISP/MISP into feature- workflows-2. [Sami Mokaddem] - Merge pull request #8205 from JakubOnderka/pull-optim. [Jakub Onderka] Pull optim - Merge pull request #8470 from JakubOnderka/process-error. [Jakub Onderka] chg: [internal] More clear error message in process tool - Merge pull request #8480 from JakubOnderka/handle-zmq-exception. [Jakub Onderka] fix: [internal] Properly handle zmq exception - Merge pull request #8481 from JakubOnderka/attribute-to-ids-faster. [Jakub Onderka] fix: [internal] Faster changing IDS flag for CIDR - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/develop' into feature- workflows-2. [Sami Mokaddem] - Merge pull request #8472 from JakubOnderka/destroy-popovers. [Jakub Onderka] fix: [UI] Destroy popovers - Merge pull request #8467 from JakubOnderka/rest-search. [Jakub Onderka] chg: [internal] restSearch cleanup - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8452 from JakubOnderka/restSearchExport- description. [Jakub Onderka] chg: [UI] Event export description - Merge pull request #8442 from JakubOnderka/json-export-cleanup. [Jakub Onderka] chg: [internal] JsonExport cleanup - Merge branch 'emmekappa86-feature-snort-rule-from-network-connection' into develop. [Sami Mokaddem] - Merge remote-tracking branch 'origin/develop' into emmekappa86-feature-snort-rule-from-network-connection. [Sami Mokaddem] - Merge pull request #8358 from JakubOnderka/memory-leak-fix. [Jakub Onderka] fix: [internal] PHP memory leak - Merge pull request #8453 from JakubOnderka/invalid-date-error. [Jakub Onderka] chg: [internal] Throw exception if date spec is invalid - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8448 from JakubOnderka/fix-array-access. [Jakub Onderka] fix: [internal] Trying to access array offset on value of type int - Merge pull request #8435 from JakubOnderka/blowfish-update. [Jakub Onderka] fix: [security] Use random salt for password and authkey hashes - Merge pull request #8432 from JakubOnderka/alertemail-unsubscribe. [Jakub Onderka] new: [email] Unsubscribe - Merge branch '2.4' into develop. [iglocska] - Fixed indentation. [Marco Caselli] - Fixing mistake ("data" -> "event") [Marco Caselli] - Code polishing. [Marco Caselli] - Fixes + ddos object handling. [Marco Caselli] - Merge branch 'MISP:2.4' into feature-snort-rule-from-network- connection. [Marco Caselli] - Merge remote-tracking branch 'origin/2.4' into feature-workflows-2. [Sami Mokaddem] - Merge pull request #8474 from 00willo/fixes-for-automation-page. [Alexandre Dulaunoy] Fixes for automation page - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #8433 from baderj/issue-6379. [Jakub Onderka] fix: [export] Create unique SIDs for email attributes in NIDS export - Fixes issue #6379. [Johannes Bader] The NIDS export creates two rules for attributes with type 'email' (a src and dst rule). However, the same SID was used for both rules. Since SIDs must be unique for a ruleset, this will be logged as an error by Suricata and the rule is not loaded (see issue #6379). This fixes the issue by incrementing the SID before creating the second email rule. - Merge pull request #8423 from obert01/fix-taxonomies-accessibility. [Andras Iklody] - Accessibility: added missing 'title' attributes in the Galaxies index page. [Olivier BERT] - Merge pull request #8422 from obert01/fix-tag-quickedit. [Alexandre Dulaunoy] Fixed a logic error in Tag::quickEdit() - Tag::quickEdit(): Fixed a logic error in this method that was causing the tag to always be set to "local_only", wherever not intended. [Olivier BERT] I found this issue because after calling pymisp.enable_taxonomy_tags(), all my tags were systematically changed to local_only. - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into feature-workflows. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-workflows. [Sami Mokaddem] - Merge branch 'webhook' of github.com:MISP/MISP into feature-workflows. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-workflows. [Sami Mokaddem] v2.4.159 (2022-05-30) --------------------- New ~~~ - [UI] Allow to upload MISP event by pasting data to textarea. [Jakub Onderka] - [setting] MISP.thumbnail_in_redis. [Jakub Onderka] - [UI] Add support for webp images. [Jakub Onderka] - [internal] New method SharingGroup::authorizedIds. [Jakub Onderka] - Add MysqlExtended DboSource to support index query hints. [Luciano Righetti] - Add new setting to disable taxonomy checks when browsing data. [Luciano Righetti] - [auditlog] Support for fetch event changes from specific time. [Jakub Onderka] - [UI] New style for published/unpublished event row. [Jakub Onderka] - [internal] Simplify checking if connection is MySQL/MariaDB. [Jakub Onderka] - [UI] PNG favicon. [Jakub Onderka] - [test] MISP.default_publish_alert. [Jakub Onderka] - [test] Warninglist import/export. [Jakub Onderka] - [UI] Show number of filtered attributes. [Jakub Onderka] - [UI] Show size-in-bytes also in human readable format. [Jakub Onderka] - [UI] Allow to filter attributes from warninglist box. [Jakub Onderka] - [UI] Allow to filter attributes from Related Events box. [Jakub Onderka] - [UI] Filtering attributes by correlated event ID. [Jakub Onderka] - [freetext] Add support for ja3-fingerprint-md5 import. [Jakub Onderka] - [UI] Related events sorting. [Jakub Onderka] - [clusters:attachMultipleClusters] Allow mirroring attribute clusters to events. [Sami Mokaddem] Added a new checkbox while picking tags to also tag the event with the tags to be attached to the attribute. Changes ~~~~~~~ - [version] bump. [iglocska] - Show diagnostic issue if session is file based. [Luciano Righetti] - [PyMISP] Bump. [Raphaël Vinot] - [misp-stix] Bumped last version. [chrisr3d] - [internal] Faster event search inside event. [Jakub Onderka] - [regexp] Exclude also size-in-bytes and counter types. [Jakub Onderka] - [internal] Faster capturing object references. [Jakub Onderka] - [internal] Faster Model::isUnique and Model::exists method. [Jakub Onderka] - [internal] Faster check if org is blocked. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [UI] Render thumbnails in HiDPI and Webp. [Jakub Onderka] - [UI] Remove top margin for checkboxes in index table. [Jakub Onderka] - [UI] Use colors for published events. [Jakub Onderka] - [UI] User index boolean colors. [Jakub Onderka] - [UI] Remove org name from table. [Jakub Onderka] - [internal] Cleanup code for statistics. [Jakub Onderka] - [controller] Use standard way how to close sessions. [Jakub Onderka] - [internal] Faster showing tags by ajax. [Jakub Onderka] - [internal] Show event tags closes sessions soon. [Jakub Onderka] - [UI] Less code for generic picker. [Jakub Onderka] - [internal] Simplify fetching clusters. [Jakub Onderka] - [UI] Faster selecting galaxies. [Jakub Onderka] - [internal] Faster fetching custom tags. [Jakub Onderka] - [UI] Tag collections cleanup. [Jakub Onderka] - [UI] Proper error handling. [Jakub Onderka] - [UI] Cleanup code for event index view. [Jakub Onderka] - [internal] Optimise fetching tags and taxonomies. [Jakub Onderka] - [internal] REST search export. [Jakub Onderka] - [UI] Simplify getEventInfoById controller and template. [Jakub Onderka] - [UI] Remove event info from event view table. [Jakub Onderka] - [internal] Use const for array. [Jakub Onderka] - [UI] Template code cleanup. [Jakub Onderka] - [UI] Use faster method. [Jakub Onderka] - [internal] Ingest key just for protected events. [Jakub Onderka] - Remove typehint. [Luciano Righetti] - Remove todo, out of scope. [Luciano Righetti] - [internal] Reduce memory usage when generating correlations vol. 8. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations vol. 7. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations vol. 6. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations vol. 5. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations vol. 4. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations vol. 3. [Jakub Onderka] - [internal] ssdeep correlations speedup. [Jakub Onderka] - [internal] Cache CIDR ranges in PHP array to speedup correlations. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations vol. 2. [Jakub Onderka] - [internal] Reduce memory usage when generating correlations. [Jakub Onderka] - [correlation] AttributesController::generateCorrelation method cleanup. [Jakub Onderka] - [correlation] AdminShell::jobGenerateCorrelation method cleanup. [Jakub Onderka] - [correlation] Reduce memory usage when generating all correlations. [Jakub Onderka] - [correlation] Code cleanup. [Jakub Onderka] - [correlation exclusion] Check both part of attribute. [Jakub Onderka] - [misp-objects] updated. [Alexandre Dulaunoy] - Chg: use adhoc redis implementation for cache as @iglocska suggested. [Luciano Righetti] - More clear. [Luciano Righetti] - Cache Taxonomy:getTaxonomyForTag() [Luciano Righetti] - [internal] Do not use uniqid() and openssl_random_pseudo_bytes() methods. [Jakub Onderka] - [UI] Generic picker code cleanup. [Jakub Onderka] - [UI] Move `.sightings_advanced_add` handler to misp.js. [Jakub Onderka] - [internal] Close sessions soon for viewPicture. [Jakub Onderka] - [internal] Simplify code in ObjectTemplate. [Jakub Onderka] - [internal] Faster fetching tags. [Jakub Onderka] - [UI] Code cleanup. [Jakub Onderka] - [taxonomies] updated. [Jakub Onderka] - [CLI] Show errors for updateTaxonomies. [Jakub Onderka] - [UI] Fetch job progress in one query. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] - [UI] Nicer warninglist view. [Jakub Onderka] - [taxonomies] revert. [Alexandre Dulaunoy] - [misp-taxonomies] updated. [Alexandre Dulaunoy] - [add attachment] form changed. [iglocska] - default to malware sample - default to no advanced extraction - rather accidentally create as a malware when not intended than the other way around - [internal] Cleanup code for adding and editing users. [Jakub Onderka] - Revert change. [Luciano Righetti] - Add index for attributes.timestamp, show index diagnostics in diagnostics page. [Luciano Righetti] - [internal] Top correlations cleanup. [Jakub Onderka] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [UI] Disable correlation checkbox for non correlating types. [Jakub Onderka] - [UI] Remove dashboard layout. [Jakub Onderka] - [sync] Use server sync when fetching galaxy clusters. [Jakub Onderka] - [internal] Just edit warninglist when updating. [Jakub Onderka] - [API] Add support for ETag checking. [Jakub Onderka] - Drop version from spec. [Luciano Righetti] - [installer] disable misp modules' hover feature by default. [iglocska] - [UI] Use asset loader for view_sightings.ctp. [Jakub Onderka] - [UI] Use asset loader for form_seen_input.ctp. [Jakub Onderka] - [UI] Use asset loader for Events/index.ctp. [Jakub Onderka] - [UI] Use asset loader for Organisations/view.ctp. [Jakub Onderka] - [UI] Use asset loader for view_timeline.ctp. [Jakub Onderka] - [UI] Use asset loader for view_galaxy_matrix.ctp. [Jakub Onderka] - [UI] Use asset loader for view_event_graph.ctp. [Jakub Onderka] - [UI] Use asset loader for view_event_distribution_graph.ctp. [Jakub Onderka] - [UI] Asset loader for statistics. [Jakub Onderka] - [UI] Remove Add Template from global menu. [Jakub Onderka] - [UI] Confirmation box cleanup. [Jakub Onderka] - [UI] View graph cleanup. [Jakub Onderka] - [UI] Event query builder cleaner code. [Jakub Onderka] - [UI] Move some styles to main.css. [Jakub Onderka] - [UI] Move some methods to misp.js. [Jakub Onderka] - [UI] Related attributes count is clickable. [Jakub Onderka] - [internal] Simplify $hashTypes. [Jakub Onderka] - [internal] Get non attachment types. [Jakub Onderka] - Update feed settings example. [Luciano Righetti] - Remove, unused. [Luciano Righetti] - Allow option to disable correlations for all events coming from a feed. [Luciano Righetti] - Remove trailing backslash to avoid duplicate osint feed, disable correlations by default for URLHaus feeds. [Luciano Righetti] - [UI] Screenshot box. [Jakub Onderka] - [internal] Do not use ajax layout. [Jakub Onderka] - [UI] Simplify category mapping data. [Jakub Onderka] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [UI] Remove unused variables. [Jakub Onderka] - [UI] Inline attribute detaching. [Jakub Onderka] - [internal] Merge two mehods in Attributes controller. [Jakub Onderka] - [internal] Faster attaching clusters to events/attributes. [Jakub Onderka] - [internal] GalaxyController::showGalaxies method cleanup. [Jakub Onderka] - [UI] formInfo for object quick attribute add form. [Jakub Onderka] - [UI] formInfo for add proposal. [Jakub Onderka] - [UI] formInfo for propose attachment. [Jakub Onderka] - [internal] Faster search for validation problems in the attributes. [Jakub Onderka] - [internal] Simplified code for AttributesController::editSelected method. [Jakub Onderka] - Add default feed. [Applenice] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [installer] Update to latest to support Ubuntu 22.04. [Steve Clement] - [installer] Consider numerical version number. [Steve Clement] - [installer] Added Numeric Release Version. [Steve Clement] - [installer] Latest Installer to detect Ubuntu 22.04. [Steve Clement] - [installer] Added support for Ubuntu Jammy. [Steve Clement] - [misp-objects] updated. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [taxonomies] revert. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [UI] jquery-ui re-added to fix the report extraction. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] Fix ~~~ - Remove unused param. [Luciano Righetti] - Missing file. [Luciano Righetti] - [internal] Search attribute by multiple values. [Jakub Onderka] - [internal] Faster RegexpBehavior. [Jakub Onderka] - [internal] Capturing org. [Jakub Onderka] - [internal] Checking if event exists typo. [Jakub Onderka] - [UI] Feed preview index and event. [Jakub Onderka] - [UI] Preview event with malware sample. [Jakub Onderka] - Do not fetch tag related entities. [Luciano Righetti] - [internal] Enabling/disabling correlations. [Jakub Onderka] - [UI] Attribute value in attribute index. [Jakub Onderka] - [UI] Show event description just when needed. [Jakub Onderka] - [UI] Do not make screenshot images too big. [Jakub Onderka] - [UI] Show edit icon for event reports just when user have permission. [Jakub Onderka] - [UI] isInsideModal() [Jakub Onderka] - [UI] Side menu for event reports. [Jakub Onderka] - [UI] Event reports undefined variable. [Jakub Onderka] - [stix1 import] Making sure the attribute or object uuid does not raise any issue depending on its type. [chrisr3d] - Unfortunately the type of the `uuid` field is not consistant depending how it has been generated: either with the PyMISP class `MISPAttribute` / `MISPObject`, or with a `MISPEvent.add_attribute` / `MISPEvent.add_object` - [UI] Tag statistics. [Jakub Onderka] - [UI] Warning when fetching PGP key. [Jakub Onderka] - [UI] Show just actions according user to permission. [Jakub Onderka] - [stix2] Bumped latest python library version. [chrisr3d] - [UI] Refreshing tag collections tags. [Jakub Onderka] - [UI] Avoid double escaping. [Jakub Onderka] - [UI] Cleanup item description for galaxy matrix. [Jakub Onderka] - [UI] Event index template. [Jakub Onderka] - [UI] Close session early for getProxyMISPElements. [Jakub Onderka] - [internal] Enabling correlation for event. [Jakub Onderka] - [stix] UUID sanitizing. [Jakub Onderka] - [stix import] Avoiding non RFC-4122 UUIDs to be imported (and therefore skipped) [Christian Studer] - [internal] PHP warnings. [Jakub Onderka] - Do not escape, user cannot have control over this, same as or other options. [Luciano Righetti] - [internal] Reduce number of fetched attributes. [Jakub Onderka] - [correlation] Remove unused fields from event query. [Jakub Onderka] - [correlation] Remove unused attribute from Attribute::generateCorrelation. [Jakub Onderka] - [correlation] MISP.enable_advanced_correlations config option works again. [Jakub Onderka] - [correlation] Avoid duplicate correlation. [Jakub Onderka] - [internal] Better check which value correlated. [Jakub Onderka] - [stix2 import] Better Galaxies parsing by looking for the Att&ck technique id. [chrisr3d] - If the Att&ck technique name and id are expressed in the opposite order they are defined in our library of galaxy names and synonyms, we want to check whether the technique id is known - Do not fail when redis is not running. [Luciano Righetti] - Missing json_encode. [Luciano Righetti] - Revert change. [Luciano Righetti] - Revert changes. [Luciano Righetti] - Unused. [Luciano Righetti] - Never happens. [Luciano Righetti] - Avoid undefined index error. [Luciano Righetti] - [UI] Handle unauthorized state when checking event locks. [Jakub Onderka] - [UI] Handle error state when loading popover. [Jakub Onderka] - [internal] Close sessions soon to allow concurrent request. [Jakub Onderka] - [UI] Top correlations link. [Jakub Onderka] - [internal] `Cannot use a scalar value as an array` error when updating warninglist. [Jakub Onderka] - [internal] Sending admin emails. [Jakub Onderka] - [event-graph] Event timeline shortcut do not override the ones from the eventgraph anymore. [Sami Mokaddem] - Add missing break. [Luciano Righetti] - [internal] Generate top correlations for all values. [Jakub Onderka] - [UI] Problems with jQuery UI already fixed. [Jakub Onderka] - [UI] Terms and Conditions. [Jakub Onderka] - [internal] Typo in variable name. [Jakub Onderka] - [internal] Strict types. [Jakub Onderka] - [API] Add ID to REST response. [Jakub Onderka] - [dashboard] Do not save when load dashboard page. [Jakub Onderka] - [dashboard] Do not generate CSRF tokens when rendering widget. [Jakub Onderka] - [UI] Flash error message. [Jakub Onderka] - [UI] Add event report. [Jakub Onderka] - [UI] Error messages when adding attributes in batch. [Jakub Onderka] - [UI] jQuery UI resizeable for markdown editor. [Jakub Onderka] - [UI] Include jQuery UI for Galaxy Cluster view. [Jakub Onderka] - [UI] Avoid double escaping. [Jakub Onderka] - [auditlog] Deleting object. [Jakub Onderka] - [auditlog] Showing audit log for specific org. [Jakub Onderka] - [UI] Template element sorting. [Jakub Onderka] - [UI] Remove jQuery UI from network-distribution-graph.js. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [UI] Properly delete URL rules. [Jakub Onderka] - [UI] No need to have class and ID. [Jakub Onderka] - [UI] Remove unused variables. [Jakub Onderka] - [internal] Remove unnecessary variables. [Jakub Onderka] - [UI] Keep attribute search value. [Jakub Onderka] - [UI] Filtering deleted attributes. [Jakub Onderka] - [UI] Attributes filtering for extended event. [Jakub Onderka] - [UI] Proper attribute filtering for extended view. [Jakub Onderka] - [UI] Cleanup querybuilderTool variable. [Jakub Onderka] - [internal] Remove unused array. [Jakub Onderka] - [UI] Related event expanding/collapsing. [Jakub Onderka] - [UI] Show in filtering tool just warnings that are in current event. [Jakub Onderka] - [UI] Put back jQuery UI. [Jakub Onderka] - [UI] Related event cleanup. [Jakub Onderka] - [internal] Remove last new line char when doing batch import. [Jakub Onderka] - [UI] Enrich Event. [Jakub Onderka] - [UI] Avoid double escaping. [Jakub Onderka] - [UI] Handle screenshot error. [Jakub Onderka] - [UI] Attribute search input description. [Jakub Onderka] - [UI] Keep selected search scope. [Jakub Onderka] - [UI] Empty form. [Jakub Onderka] - [internal] Code fix. [Jakub Onderka] - [internal] Use standard type logging. [Jakub Onderka] - [UI] formInfo for add attachment. [Jakub Onderka] - [UI] Remove sharing group option from form when no sg exists. [Jakub Onderka] - [UI] Show info when editing attribute. [Jakub Onderka] - [UI] Editing attachment type attribute. [Jakub Onderka] - [UI] Do not allow to edit attachment attribute type. [Jakub Onderka] - [internal] Undefined index. [Jakub Onderka] - [stix 1 import] save process network connections. [Oleg Gubanov] - Feed threatfox indicators of compromise rule syntax. [Applenice] - Fix part of Feed Link, Provider to maintain consistency. [Applenice] - [installer] Ubuntu 22.04 install php8 by default, force 7.4. [Steve Clement] - [stix2] Bumped latest python library version. [chrisr3d] - [stix1 import] Fixed galaxy tag_names fetching from TTP names. [chrisr3d] - Using the techniques identifier to look for tag names when the name does not match any known galaxy name - Prevents the galaxy names to be skipped when the provided TTP name is given with the identifier and the technique name in an inverted order (`Spearphishing Attachment - T1566.001` VS `T1566.001 - Spearphishing Attachment`) - Enable sharing group filter for Event controller not just attribute. [Tom King] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #8393 from righel/test-if-file-session-conf. [Luciano Righetti] chg: show diagnostic issue if session is file based - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8415 from JakubOnderka/faster-search. [Jakub Onderka] Faster search - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8416 from JakubOnderka/misp-json-upload-textarea. [Jakub Onderka] new: [UI] Allow to upload MISP event by pasting data to textarea - Merge pull request #8412 from righel/reduce-attributes-restsearch- memory-tags-filter. [Jakub Onderka] fix: do not fetch tag related entities - Merge pull request #8409 from JakubOnderka/fix-chaning-correlations. [Jakub Onderka] fix: [internal] Enabling/disabling correlations - Merge pull request #8402 from JakubOnderka/fix-event-reports-invalid- variable. [Jakub Onderka] fix: [UI] Event reports undefined variable - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8398 from JakubOnderka/fix-org-index. [Jakub Onderka] Fix org index - Merge pull request #8397 from JakubOnderka/sg-authorized-ids. [Jakub Onderka] new: [internal] New method SharingGroup::authorizedIds - Merge pull request #8396 from JakubOnderka/event-info. [Jakub Onderka] chg: [UI] Remove event info from event view table - Fixup! chg: [UI] Faster selecting galaxies. [Jakub Onderka] - Merge pull request #8394 from JakubOnderka/optims. [Jakub Onderka] Optims - Merge pull request #8395 from JakubOnderka/stix-sanitize-uuid-fix. [Jakub Onderka] fix: [stix] UUID sanitizing - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [Christian Studer] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #8391 from JakubOnderka/fix-php-warnings. [Jakub Onderka] fix: [internal] PHP warnings - Merge pull request #8390 from righel/support-query-index-hints. [Luciano Righetti] new: add MysqlExtended DboSource to support index query hints - Merge pull request #8356 from JakubOnderka/correlation-fixes. [Jakub Onderka] Correlation fixes - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8361 from righel/optimize-event-view-tags. [Luciano Righetti] Optimize event view tags - Merge pull request #8327 from JakubOnderka/event-published-style. [Jakub Onderka] new: [UI] New style for published/unpublished event row - Merge pull request #8376 from JakubOnderka/session_close. [Jakub Onderka] fix: [internal] Close sessions soon to allow concurrent request - Merge pull request #8375 from JakubOnderka/top-correlations-link. [Jakub Onderka] fix: [UI] Top correlations link - Merge pull request #8374 from JakubOnderka/fix-warninglist-update. [Jakub Onderka] fix: [internal] `Cannot use a scalar value as an array` - Merge pull request #8372 from JakubOnderka/is-myql. [Jakub Onderka] new: [internal] Simplify checking if connection is MySQL/MariaDB - Merge pull request #8370 from JakubOnderka/job-progress-clenaup. [Jakub Onderka] chg: [UI] Fetch job progress in one query - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #8357 from JakubOnderka/warninglist-ui. [Jakub Onderka] chg: [UI] Nicer warninglist view - Merge pull request #8369 from JakubOnderka/fix-admin-email. [Jakub Onderka] fix: [internal] Sending admin emails - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #8362 from JakubOnderka/user-controller-cleanup. [Jakub Onderka] chg: [internal] Cleanup code for adding and editing users - Merge pull request #8331 from righel/add-attr-timestamp-index. [Luciano Righetti] chg: add index for attributes.timestamp, show index diagnostics in di… - Merge pull request #8355 from JakubOnderka/top-correlations. [Jakub Onderka] chg: [internal] Top correlations cleanup - Merge pull request #8341 from JakubOnderka/jquery-ui-fix-again. [Jakub Onderka] fix: [UI] Problems with jQuery UI already fixed - Merge pull request #7751 from JakubOnderka/non-correlating-type- disable. [Jakub Onderka] chg: [UI] Disable correlation checkbox for non correlating types - Merge pull request #8352 from JakubOnderka/dashboard-layout-remove. [Jakub Onderka] chg: [UI] Remove dashboard layout - Merge pull request #8351 from JakubOnderka/favicon. [Jakub Onderka] new: [UI] PNG favicon - Merge pull request #8180 from JakubOnderka/event_alert_default_enabled. [Jakub Onderka] new: [test] MISP.default_publish_alert - Merge pull request #8349 from JakubOnderka/fix-terms. [Jakub Onderka] fix: [UI] Terms and Conditions - Merge pull request #8348 from JakubOnderka/fix-typo-variable. [Jakub Onderka] fix: [internal] Typo in variable name - Merge pull request #8346 from JakubOnderka/fix-strict. [Jakub Onderka] fix: [internal] Strict types - Merge pull request #8347 from JakubOnderka/revert. [Jakub Onderka] Revert "chg: [sync] Use server sync when fetching galaxy clusters" - Revert "chg: [sync] Use server sync when fetching galaxy clusters" [Jakub Onderka] This reverts commit f887bb1a5b7147358e81b862dab40705cc329e41. - Merge pull request #7682 from JakubOnderka/pull-clusters-sync. [Jakub Onderka] chg: [sync] Use server sync when fetching galaxy clusters - Merge pull request #8278 from JakubOnderka/warninglist-import-export- test. [Jakub Onderka] new: [test] Warninglist import/export - Merge pull request #8157 from JakubOnderka/etag. [Jakub Onderka] chg: [API] Add support for ETag checking - Merge pull request #8343 from JakubOnderka/attribute-paginator. [Jakub Onderka] new: [UI] Show number of filtered attributes - Merge pull request #8342 from JakubOnderka/dashboard-no-tokens. [Jakub Onderka] fix: [dashboard] Do not generate CSRF tokens when rendering widget - Merge pull request #8315 from JakubOnderka/attribute-batch-add. [Jakub Onderka] fix: [UI] Error messages when adding attributes in batch - [JS] Set homepage without changing DOM. [Jakub Onderka] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8336 from JakubOnderka/fix-ui-resizeable. [Jakub Onderka] fix: [UI] jQuery UI resizeable for markdown editor - Merge pull request #8324 from JakubOnderka/fix-show-matrix. [Jakub Onderka] fix: [UI] Include jQuery UI for Galaxy Cluster view - Merge pull request #8325 from JakubOnderka/double-escaping. [Jakub Onderka] fix: [UI] Avoid double escaping - Merge pull request #8323 from JakubOnderka/fix-auditlog. [Jakub Onderka] Fix auditlog - Merge pull request #8321 from JakubOnderka/asset-loader-normalize. [Jakub Onderka] Asset loader normalize - Merge pull request #8322 from JakubOnderka/size-in-bytes-human. [Jakub Onderka] new: [UI] Show size-in-bytes also in human readable format - Merge pull request #8319 from JakubOnderka/jquery-ui-cleanup. [Jakub Onderka] fix: [UI] Remove jQuery UI from network-distribution-graph.js - Merge pull request #8317 from JakubOnderka/event-filtering. [Jakub Onderka] Event filtering - Merge pull request #8318 from JakubOnderka/jquery-ui. [Jakub Onderka] fix: [UI] Put back jQuery UI - Merge pull request #8316 from JakubOnderka/related-event-cleanup. [Jakub Onderka] fix: [UI] Related event cleanup - Merge pull request #8306 from JakubOnderka/ja3-freetext-import. [Jakub Onderka] new: [freetext] Add support for ja3-fingerprint-md5 import - Merge pull request #8314 from JakubOnderka/fix-ui-encrichments. [Jakub Onderka] fix: [UI] Enrich Event - Merge pull request #8313 from righel/disable-feed-correlations. [Luciano Righetti] new: add setting to disable feed correlations - Merge pull request #8312 from JakubOnderka/fix-double-escaping. [Jakub Onderka] fix: [UI] Avoid double escaping - Merge pull request #8311 from JakubOnderka/screenshot-js. [Jakub Onderka] Screenshot JS - Merge pull request #8310 from JakubOnderka/layout_ajax_false. [Jakub Onderka] chg: [internal] Do not use ajax layout - Merge pull request #8309 from marjatech/marjatech_extended_galaxy_matrix. [Andras Iklody] fix: support extended event view for galaxy matrix - Support extended event view for galaxy matrix. [marjatech] - Merge pull request #8302 from JakubOnderka/simplify-category-mapping. [Jakub Onderka] chg: [UI] Simplify category mapping data - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8301 from JakubOnderka/keep-search-event-index. [Jakub Onderka] fix: [UI] Keep selected search scope - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8299 from JakubOnderka/fix-editing-attachment. [Jakub Onderka] fix: [UI] Empty form - Merge pull request #8297 from JakubOnderka/fix-editing-attachment. [Jakub Onderka] fix: [UI] Editing attachment type attribute - Merge pull request #8296 from JakubOnderka/quick-edit-type. [Jakub Onderka] fix: [UI] Do not allow to edit attachment attribute type - Merge pull request #8295 from JakubOnderka/fix-undefiend-index. [Jakub Onderka] fix: [internal] Undefined index - Merge pull request #8419 from oooooleg/stix-import-connections-fix. [Christian Studer] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #8414 from Applenice/fix-default-feed-link. [Alexandre Dulaunoy] chg: fix and fix default feed link - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #8401 from SteveClement/tools. [Steve Clement] - Merge pull request #8400 from SteveClement/tools. [Steve Clement] - Merge pull request #8399 from SteveClement/tools. [Steve Clement] - Merge pull request #8385 from noodlemctwoodle/2.4. [Alexandre Dulaunoy] Updated instruction on how to configure Azure AD Plugin - Update README.md. [noodlemctwoodle] - 2022.05 - Update AAD Install README.md. [noodlemctwoodle] - Merge pull request #8378 from kdrypr/patch-2. [Alexandre Dulaunoy] BEAM SOC email updated - BEAM SOC email updated. [Kadir YAPAR] - Merge pull request #8367 from kdrypr/patch-1. [Alexandre Dulaunoy] BEAM SOC MISP Community added. - BEAM SOC MISP Community added. [Kadir YAPAR] - Merge pull request #8292 from tomking2/bug/restSearch_SharingGroup. [Andras Iklody] fix: Enable sharing group filter for Event controller not just attribute v2.4.158 (2022-04-21) --------------------- New ~~~ - [emailing] add custom templates to override existing ones. [iglocska] - currently implemented for event publish alerts and user enrollment (password_reset.ctp, alert.ctp) - simply place the new templates in MISP/app/View/Emails/[text|html]/Custom - [test] test_taxonomy_export. [Jakub Onderka] - [test] test_get_all_apis. [Jakub Onderka] - [internal] Move REST client to new Api controller. [Jakub Onderka] - [internal] Proper method for json decoding in controller. [Jakub Onderka] - [LS22] added shell to control other MISP instances for the exercise. [iglocska] - not that interesting for most users, however, it can be used as a basis to build similar scripts - [test] advanced_authkeys_non_exists_user. [Jakub Onderka] - [test] JSONConverterToolTest. [Jakub Onderka] - [test] GpgToolTest. [Jakub Onderka] Changes ~~~~~~~ - [events:index] Quick search in event index for different scopes. [Sami Mokaddem] Allow to change the scope of the quick search for filtering an index. It's a compromise between a time consuming full text search and the user experience. - [version] bump. [iglocska] - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [HTML] Remove unnecessary classes and ID. [Jakub Onderka] - [JS] Simplify code. [Jakub Onderka] - [JS] Int should be int. [Jakub Onderka] - [UI] Try to delete jQuery UI. [Jakub Onderka] - [UI] Event ID is not required for deleteObject method. [Jakub Onderka] - [UI] Sparkline refactoring. [Jakub Onderka] - [UI] data-edit-field. [Jakub Onderka] - [UI] Event ID is not required. [Jakub Onderka] - [UI] Link class is not required. [Jakub Onderka] - [UI] Reduce number of attributes ID in code. [Jakub Onderka] - [UI] No need to escape integers. [Jakub Onderka] - [UI] Make event page smaller. [Jakub Onderka] - [UI] Cleanup code for object template. [Jakub Onderka] - [UI] Use date helper. [Jakub Onderka] - [UI] Remove unnecessary div. [Jakub Onderka] - [UI] Remove unnecessary placeholders from HTML code. [Jakub Onderka] - [internal] Remove unnecessary array_values call. [Jakub Onderka] - [internal] No need to edit types. [Jakub Onderka] - [internal] Remove not used mapping variable. [Jakub Onderka] - [js] Simplify `freetextImportResultsSubmit` function. [Jakub Onderka] - [internal] Do not fetch object info when fetching related attributes. [Jakub Onderka] - [internal] Simplify and speedup code for freetext importing. [Jakub Onderka] - Add in new RestAPI parameter to filter by sharing group on Event or Attribute search. [Tom King] - [internal] Better logging for taxonomies. [Jakub Onderka] - [UI] Remove box-shadow for warning. [Jakub Onderka] - Upgrade moment.js to v2.29.2. [Luciano Righetti] - [UI] Faster loading REST client page. [Jakub Onderka] - [rest] Use HttpSocketExtended. [Jakub Onderka] - [UI] Do not convert body template to string. [Jakub Onderka] - [UI] Load data for REST in background. [Jakub Onderka] - [internal] Do not generate export array when initializing Event class. [Jakub Onderka] - [jsonTool] Properly handle invalid JSON for PHP 7.2 and older. [Jakub Onderka] - [events:index] Quick search in event index only searches on event.info. [Sami Mokaddem] The quickfilter used to search in all possible fields in the event and it was massively used by users who only wanted to search in the event.info field. The search_all feature has been moved in the search index modal under the name `search in all fields` and the quick search input now only perform searches on the event.info field. - [misp-objects] updated. [Alexandre Dulaunoy] - [feed] Show filtering on type only for server. [Sami Mokaddem] - [feed:pullRules] Added hints suggestions for url_params. [Sami Mokaddem] - [feeds:edit] Default filtering rules if not set. [Sami Mokaddem] - [servers:getAllTypes] Moved the type and object collection action for filtering in the model. [Sami Mokaddem] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [events:index] Usage of UUIDfor restSearchExport feature. [Sami Mokaddem] - [UI] Use same UI for adding tags. [Jakub Onderka] - [UI] Use same UI for adding tags. [Jakub Onderka] - [UI] Remove two onclick. [Jakub Onderka] - [UI] Simplify code for adding galaxies. [Jakub Onderka] - [UI] Remove onclick when adding tag. [Jakub Onderka] - [internal] setupSyncRequest made public. [iglocska] - to be able to access it via shell scripts - [UI] Cleanup code for event confirmation dialog. [Jakub Onderka] - [UI] Normalize delete event popup. [Jakub Onderka] - [UI] Remove three inline onclick from code. [Jakub Onderka] - [ui] Remove useless spaces from HTML code. [Jakub Onderka] - [ui] Remove two inline onclick. [Jakub Onderka] - [galaxy] Simplify code for fetching galaxy cluster. [Jakub Onderka] - [test] Try to use virtualenv from system packages. [Jakub Onderka] - [warninglist] Insert in bigger chunks. [Jakub Onderka] - [test] Do not install useless system packages. [Jakub Onderka] - [test] Try to avoid installing poetry. [Jakub Onderka] - [syslog] Remove duplicate date and log type from log. [Jakub Onderka] - [sign] Return signature in binary format. [Jakub Onderka] - [gpgTool] Simplify code. [Jakub Onderka] - [sign] Simplified key handling. [Jakub Onderka] - [security] fixed a non-exploitable way to access arbitrary cakePHP view files. [iglocska] - via the pages controller, directory traversal was possible - still restricted to .ctp files, making this not feasible for all intents and purposes - as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - Upgrade moment.js to v2.29.2. [Luciano Righetti] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [events:index] Usage of UUIDfor restSearchExport feature. [Sami Mokaddem] - [misp-galaxy] updated. [Alexandre Dulaunoy] Fix ~~~ - Revert ec2cb29fe07c0e8a8cdc2e4125a7b45128c61579. [Luciano Righetti] - Revert ec2cb29fe07c0e8a8cdc2e4125a7b45128c61579. [Luciano Righetti] - [stix2 import] Fixed attribute types import mapping. [chrisr3d] - [stix2 import] Fixed labels parsing & custom properties parsing. [chrisr3d] - [email] user emails sent two times. [Silvian I] - [freetext] Internal server error. [Jakub Onderka] - [UI] Fetching object timestamp. [Jakub Onderka] - [UI] Correctly update attribute timestamp. [Jakub Onderka] - [internal] Validation when editing field. [Jakub Onderka] - [UI] Show correct error message when fetching data. [Jakub Onderka] - [view] Remove unused variables. [Jakub Onderka] - [internal] Remove unnecessary loadModel. [Jakub Onderka] - [UI] Undefined index: perm_site_admin. [Jakub Onderka] - [UI] Mark checkbox as disabled when user has no permission. [Jakub Onderka] - [UI] Show warnings. [Jakub Onderka] - [rest] Correct view for empty response. [Jakub Onderka] - [internal] User model can be null. [Jakub Onderka] - [UI] REST client. [Jakub Onderka] - [test] Missing ACL. [Jakub Onderka] - [internal] Baseurl is not defined. [Jakub Onderka] - [UI] Code style. [Jakub Onderka] - [UI] Add title for API pages. [Jakub Onderka] - [UI] Unpublish button title. [Jakub Onderka] - Remove non db field. [Luciano Righetti] - Edit feed not updating fixed_event and target_event. [Luciano Righetti] - [feed] Apply url_param filtering rules. [Sami Mokaddem] Currently only support timestamp and publish_timestamp - [feed:filterEventIndex] Correctly filter out events based on the tag's filter rule. [Sami Mokaddem] - [UI] Show context button. [Jakub Onderka] - [UI] Popovers. [Jakub Onderka] - [UI] Remove popover from URL. [Jakub Onderka] - [UI] Typo. [Jakub Onderka] - [UI] Remove unused method submitQuickTag. [Jakub Onderka] - [UI] Avoid calling submitMassTaxonomyTag() JS method. [Jakub Onderka] - [UI] Avoid calling submitPublish() JS method. [Jakub Onderka] - [UI] Normalize publish popup. [Jakub Onderka] - [UI] Add missing onclick prevent default. [Jakub Onderka] - [sign] Remove unused method. [Jakub Onderka] - [internal] Simplify RestResponse code. [Jakub Onderka] - [sign] Allow to sign event by key stored in gpg homedir. [Jakub Onderka] - [api] EventsController::toggleProtect. [Jakub Onderka] - [security] Password confirmation bypass in user edit. [iglocska] - optional password confirmation can be potentially circumvented - fooling the user edit via a request that sets accept:application/json whilst posting form content - as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army - [security] low probability reflected XSS fixed. [iglocska] - User would need to navigate to a url that contains the payload - user needs to click on a checkbox in a weird single checkbox page to trigger the exploit - as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army - [security] XSS in cerebrate view. [iglocska] - low probability XSS in the cerebrate view's URL field - a malicious administrator could set a javascript: url - another administrator would have to click the suspicious looking URL to be affected - As reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army - [security] stored XSS fixed in event graph. [iglocska] - unsanitised javascript insertion of tag name in the filters - as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army - [security] XSS in galaxy clusters. [iglocska] - fixed a stored XSS in the galaxy clusters - as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army - [boolean case] fixed uppercasing of the boolean values. [iglocska] - Javascript != Python - [security] XSS in LinOTP login field fixed. [iglocska] - fixed a stored XSS in the LinOTP login - also fixed invalid calls to check MISP settings from a javascript scope - as reported by Dawid Czarnecki of Zigrin Security - [security] Sanitise paths for several file interactions. [iglocska] - remove :// anywhere we don't expect a protocol to be supplied - remove phar:// in certauth plugin's fetcher - as reported by Dawid Czarnecki of Zigrin Security - [security] unregister phar from stream wrappers globally for all Model code. [iglocska] - blanket protection against phar deserialization vulnerabilities - as reported by Dawid Czarnecki of Zigrin Security - Typo. [Luciano Righetti] - [authkeys] adding authkeys by org admins fixed. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8289 from righel/fix-event-set_filter_value. [Andras Iklody] fix: revert Event::set_filter_value() changes - Merge pull request #8287 from MISP/2.4. [Jakub Onderka] Merge 2.4 to develop - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8290 from silvian-io/2.4. [Andras Iklody] fix: [email] user emails sent two times - Merge pull request #8286 from JakubOnderka/fix-freetext-import. [Jakub Onderka] fix: [freetext] Internal server error - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'custom_email_templates' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8281 from JakubOnderka/freetext-import-simplify. [Jakub Onderka] chg: [internal] Simplify and speedup code for freetext importing - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8277 from tomking2/feature/restSearch_SharingGroup. [Luciano Righetti] Add in new RestAPI parameter to filter by sharing group on Event or Attribute search - Merge pull request #8276 from JakubOnderka/fix-undefined-index-vol2. [Jakub Onderka] fix: [UI] Undefined index: perm_site_admin - Merge pull request #8273 from JakubOnderka/fix-taxonomy-toggle. [Jakub Onderka] fix: [UI] Mark checkbox as disabled when user has no permission - Merge pull request #8274 from JakubOnderka/fix-show-warning. [Jakub Onderka] fix: [UI] Show warnings - Merge pull request #8271 from righel/upgrade-moment-js. [Luciano Righetti] chg: upgrade moment.js to v2.29.2 - Merge pull request #8270 from JakubOnderka/fix-restclient. [Jakub Onderka] fix: [UI] REST client - Merge pull request #8269 from JakubOnderka/event-cleanup. [Jakub Onderka] Event cleanup - Merge pull request #8258 from JakubOnderka/fix-unpublish-button. [Jakub Onderka] fix: [UI] Unpublish button title - Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8250 from JakubOnderka/show-context-button. [Jakub Onderka] fix: [UI] Show context button - Merge pull request #8248 from JakubOnderka/fix-ui-typo. [Jakub Onderka] fix: [UI] Typo - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8246 from JakubOnderka/ui-update. [Jakub Onderka] UI update - Merge pull request #8245 from JakubOnderka/advaced_authkeys_non_exists_user. [Jakub Onderka] new: [test] advanced_authkeys_non_exists_user - Chg [galaxy] Simplify saving galaxies. [Jakub Onderka] - Chg [authkeys] Add validation. [Jakub Onderka] - Merge pull request #8244 from JakubOnderka/syslog-changes. [Jakub Onderka] chg: [syslog] Remove duplicate date and log type from log - Merge pull request #8229 from JakubOnderka/sign-fix. [Jakub Onderka] chg: [sign] Simplified key handling - Fixup! new: [test] JSONConverterToolTest. [Jakub Onderka] - Fixup! fix: [sign] Allow to sign event by key stored in gpg homedir. [Jakub Onderka] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'pentest_fixes' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] v2.4.157 (2022-03-25) --------------------- New ~~~ - [event locks] have an option to disable them. [iglocska] - it's annoying and causes headaches - as discussed in #8204 Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [misp-objects] updated. [Alexandre Dulaunoy] - [server sync] update to the previous fix to include the recursive condition. [iglocska] - instead of just replacing the condition with the contain list, include both to get the performance gains back - [PyMISP] Bump version. [Raphaël Vinot] - [misp-objects] updated. [Alexandre Dulaunoy] - [server sync] update to the previous fix to include the recursive condition. [iglocska] - instead of just replacing the condition with the contain list, include both to get the performance gains back - [PyMISP] Bump version. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [UI] Update jQuery to 3.6.0. [Jakub Onderka] - [UI] Open modal without onclick vol. 2. [Jakub Onderka] - [UI] Open modal without onclick. [Jakub Onderka] - [internal] Throw exception if Redis class not found. [Jakub Onderka] Fix ~~~ - [notice error] in the event view fixed. [iglocska] - [authkeys] tighter controls over adding authkeys. [iglocska] - only allow to add authkeys to your own user and any user in your own organisation that is not org admin / site admin - correctly filter the authkey add dialogue for the requested user if going through a user profile - as reported by @oivindoh - [sync] publishing sharing group events fail to sync - fixed. [iglocska] - code cleanup removed related models, including remote org which is needed to check if the remote is to receive an event - as reported by @treyka - [publish] button missing for users, fixes #8233. [iglocska] - [UI] Do not log exception for invalid key. [Jakub Onderka] - [UI] Undefined variable debugMode. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [api] Validate attribute type to avoid warnings. [Jakub Onderka] - [UI] Undefined variable. [Jakub Onderka] - [cryptographic signing] added more graceful failures when GPG isn't configured. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8231 from JakubOnderka/fix-undefined-variable. [Jakub Onderka] chg: [UI] Open modal without onclick - Merge pull request #8228 from JakubOnderka/validate-attribute-type. [Jakub Onderka] fix: [api] Validate attribute type to avoid warnings - Merge pull request #8227 from JakubOnderka/redis-exception. [Jakub Onderka] chg: [internal] Throw exception if Redis class not found - Merge pull request #8230 from JakubOnderka/fix-undefined-variable. [Jakub Onderka] fix: [UI] Undefined variable - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] v2.4.156 (2022-03-18) --------------------- New ~~~ - Add setting for allowing svg org logos. [Luciano Righetti] - [instance key ingestion] added caching. [iglocska] - cache the fingerprint of the instance for 5 minutes - avoid an unnecesary overhead by caching the value for 5 minutes - [single view factory] added key_info constructor key for meta fields. [iglocska] - will display a font awesome info icon with a configurable title text - [protected event field] in the event view. [iglocska] - added tooltips with explanations - added a warning if the instance's signing key is not included - [admin API] /servers/ipUser added. [iglocska] - requires user IP logging to be enabled - search for a user behind an IP via /servers/ipUser, post a JSON containing the user's IP such as this: { "ip": "8.8.8.8" } - [event warnings] made modular. [iglocska] - app/Lib/EventWarning contains default warnings - app/Lib/EventWarning/Custom can be used to just drop event warnings - use app/Lib/EventWarning/DefaultWarning as a template - [pull] added protected mode checks and calling the validation functions if a protected event is found. [iglocska] - also removed leftover breakpoints - [CRUD] delete - added the beforeDelete hook. [iglocska] - [events] index and view signing checks added. [iglocska] - exclude events that can't be signed with a valid key as required by the event from the index for automaticTools (MISP + PyMISP) - sign the data only for automaticTools (MISP + PyMISP) - [cryptographic key] capture mechanism added. [iglocska] - capture new keys - remove keys no longer in the data set - revoke keys if needed - [generic template] for simple displaying of information added. [iglocska] - [cryptographic keys] views added. [iglocska] - [event signing] sign events function added. [iglocska] - [protected mode] functionalities added to the events controller. [iglocska] - protect/unprotect events - include pgp signature in event on load when applicable - [cryptographic keys] model and controllers added. [iglocska] - sets MISP up for information signing - sign data during synchronisation - [protected event mode] view elements added. [iglocska] - [events:index] Multi-select export of events. [Sami Mokaddem] - [UI] Site admin can create SG with specific UUID. [Jakub Onderka] - [events:restSearch] Added `context` export format. [Sami Mokaddem] The `context` export format includes: - List of used taxonomies - List of used galaxy cluster - List of custom tags - Mitre Att&ck matrix Changes ~~~~~~~ - [cryptograhicKey] Simplified code for event pushing. [Jakub Onderka] - [events:restSearchExport] Format export based on the responseType. [Sami Mokaddem] - [queryversion] bumped. [iglocska] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [cryptographicKeys] Indexed more column and bumped db_schema. [Sami Mokaddem] - [events:view] Removed duplicated lockpad icon. [Sami Mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [events:index] Check for not empty instead. [Sami Mokaddem] - [events] Typo in protected description. [Sami Mokaddem] - [CI] make the tests happy. [iglocska] - trailing comma after the last parameter in a function is not allowed in some PHP versions - [signing validation] re-added to the new ServerSyncTool. [iglocska] - [unused endpoint] removed. [iglocska] - [signing validation] fixes. [iglocska] - correctly handle edits in regards to tamper proofing events - handle an edge case of missing organisation data loaded for displaying if an event is removed by failing the validation - [event view] added more information about the protected event status. [iglocska] - [event index] include a lock sign for protected events. [iglocska] - [ipUser] API now accepts lists of IPs. [iglocska] { "ip": ["8.8.8.8", "1.1.1.1"] } - [PyMISP] bump. [Alexandre Dulaunoy] - [doc] Added username requirement. [Steve Clement] - [installer] Bump to latest version. [Steve Clement] - [installer] Removed python2, fixed kali redis botch. [Steve Clement] - [cryptographicKey] - load and initialise gpg on class construction. [iglocska] - [gpgtool] validateGpgKey now also imports the key. [iglocska] - [ACL] added the cryptographicKeys functions. [iglocska] - [pull] signing validation WiP. [iglocska] - [version] bump. [iglocska] - [tmpfiletool] allow reading into string without closing the file. [iglocska] - [signing] sign contents on restresponse if applicable. [iglocska] - [cryptographic key] move capture function to a bulk delta function. [iglocska] - [cryptographickey] capturing. [iglocska] - add summary to logs - [event edit] execute validation for signing keys if applicable. [iglocska] - [cryptographickey] execute key update on add() [iglocska] - [JSONconvertertool] include cryptographic key. [iglocska] - [logo] new logo added. [iglocska] - [event view] missing changes added. [iglocska] - fixed event view main header - added padlock sign for locked events - [logo] update. [iglocska] - [check remote MISP version] added flag for protectedMode awareness. [iglocska] - [event view] rework. [iglocska] - use the factories - a host of new elements added - new side panels - changed the behaviour of several existing functionalities - various other small improvements - [sync] Use ServerSyncTool for pushing events. [Jakub Onderka] - [internal] Simplify code for pushing events. [Jakub Onderka] - [sync] Simplify code for sighting pushing. [Jakub Onderka] - [events:index] Simplified endpoint. [Sami Mokaddem] - [events:restSearch] Added `context-markdown` export format. [Sami Mokaddem] - [internal] Bump PyMISP. [Jakub Onderka] - Add decomission step for systemctl workers service. [Luciano Righetti] - [internal] Cosmetic code changes. [Jakub Onderka] - [authkeys] add accepts the user_id via URL params and posted JSON body. [iglocska] Fix ~~~ - [event view] make having a valid PGP setup optional for viewing events. [iglocska] - don't throw an exception, rather set an empty key - [security] a malicious site administrator could store an XSS payload in a svg org logo which would be executed if someone opens the direct link to the image, as reported by Ianis BERNARD - NATO Cyber Security Centre. [Luciano Righetti] - [signing] fail gracefully if pgp not configured on event index. [iglocska] - return the index, but set fingerprint as null rather than throwing an exception - [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre. [Luciano Righetti] - [security] lfi via custom terms file setting, as reported by Ianis BERNARD - NATO Cyber Security Centre. [Luciano Righetti] - [cryptographic key view] fixed. [iglocska] - was just grabbing the first key - [event index] minimal mode fixed for signed events. [iglocska] - [signing] removed colour coding of protected/unprotected events. [iglocska] - gave the idea that one is "right" and one is "wrong", whilst they're just for different use-cases - [event view] distribution field fixed. [iglocska] - didn't display the sharing groups - [signing] add try/catch around the gpg initialisation. [iglocska] - otherwise instances without gpg set up will fail when viewing events - [security] stored XSS in the user add/edit forms. [iglocska] - a malicious site administrator could store an XSS payload in the custom auth name which would be executed each time the administrator modifies a user - as reported by Ianis BERNARD - NATO Cyber Security Centre - [events:edit] Correctly collects saved cryptographic keys when pushing an edit. [Sami Mokaddem] - [oidc] Undefined index. [Jakub Onderka] - [gpg key] handle the lack of an instance key more gracefully. [iglocska] - [cryptograhicKey] instance key fingreprint caching fixed. [iglocska] - [signing validation] use the existing event rather than the incoming event for edits. [iglocska] - the ground truth for allowing edits is in the LOCAL version of the event - prevents tampering attempts - also cleanup of repetive file upload code - [sync] removed newly added locked field as a sanitized sync field. [iglocska] - ends up creating unlocked events on the remote, preventing future edits - [warning] merge fixes. [iglocska] - [eventwarning] path fixed. [iglocska] - as spotted by @chrisr3d - Add default supervisor user to default settings. [Luciano Righetti] - [installer] typo, use legacy composer74 function on Kali. [Steve Clement] - [installer] Take into account misp-stix. [Steve Clement] - [ACL] event protect/unprotect received ACL checks. [iglocska] - [ACL] Cryptokey add / delete key from parent received ACL checks. [iglocska] - [internal] event rearranging before push fixed. [iglocska] - some elements were at a misaligned level in the array - [event] include the protected field in the saving to allow syncing of protected events. [iglocska] - [cryptographicKey] various fixes. [iglocska] - typoes fixed - take parent ID from the local ID rather than the synced one - [signing] canonisation support by culling whitespaces. [iglocska] - [sync] version comparison fixes. [iglocska] - for determining the right version to compare to when deciding if protected events can be synced - [log] added 2 new actions for the signing system. [iglocska] - [event model] fixes. [iglocska] - fixed class name typo - removed placeholder exception / breakpoint - [cryptographickey model] internal fixes. [iglocska] - incorrect variable names fixed - logging target fixes - error messages were lacking the actual message - [signing] generating event signature fixes. [iglocska] - [side panel] relatedFeed panel fixed. [iglocska] - [oidc] Specify correct column for user fetch. [Jakub Onderka] - [php] Support for PHP 7.2. [Jakub Onderka] - [oidc] Throw exception if user email is empty. [Jakub Onderka] - [internal] Class 'Folder' not found. [Jakub Onderka] - [exports:context] Removed spaces. [Sami Mokaddem] - Add default supervisor user to default settings. [Luciano Righetti] - [sharing group blueprint] fixed. [iglocska] - [db schema] fixed. [iglocska] Other ~~~~~ - Merge pull request #8218 from righel/org-svg-logo-setting. [Alexandre Dulaunoy] new: add setting for allowing svg org logos - Merge branch 'org-svg-logo-setting' of github.com:righel/MISP into org-svg-logo-setting. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8215 from JakubOnderka/pgp-signature-optim. [Jakub Onderka] chg: [cryptograhicKey] Simplified code for event pushing - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8216 from 3c7/patch-1. [Alexandre Dulaunoy] Update OidcAuth readme - Update OidcAuth readme. [Nils Kuhnert] Replaced required dependency. - Merge pull request #8217 from DCSO/linotp_errormessages. [Alexandre Dulaunoy] [chg] LinOTP error exceptions up to the ui - [chg] LinOTP error exceptions up to the ui. [Hendrik Baecker] - Merge pull request #8219 from DCSO/linotp_on_off_config. [Andras Iklody] [chg] LinOTP now with enable/disable as config feature - [chg] LinOTP now with enable/disable as config feature. [Hendrik Baecker] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8213 from JakubOnderka/oidc_undefined_index. [Jakub Onderka] fix: [oidc] Undefined index - Merge branch 'feature/protected_mode' into develop. [iglocska] - Merge branch 'feature/protected_mode' of github.com:MISP/MISP into feature/protected_mode. [iglocska] - Merge branch '2.4' into feature/protected_mode. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #8199 from SteveClement/guides. [Steve Clement] - Merge pull request #8196 from SteveClement/tools. [Steve Clement] - Merge pull request #8194 from SteveClement/tools. [Steve Clement] - Merge branch 'feature/protected_mode' of github.com:MISP/MISP into feature/protected_mode. [iglocska] - Merge pull request #8208 from JakubOnderka/oidc-empty-email. [Jakub Onderka] fix: [oidc] Throw exception if user email is empty - Merge pull request #8154 from JakubOnderka/server-sync-push. [Jakub Onderka] chg: [sync] Use ServerSyncTool for pushing events - Merge pull request #8164 from JakubOnderka/fix-folder-not-found. [Jakub Onderka] fix: [internal] Class 'Folder' not found - Merge pull request #8179 from JakubOnderka/upload-event-cleanup. [Jakub Onderka] chg: [internal] Simplify code for pushing events - Merge pull request #8197 from JakubOnderka/push-sightings-refactor. [Jakub Onderka] chg: [sync] Simplify code for sighting pushing - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami Mokaddem] - Merge pull request #8193 from JakubOnderka/set-sg-uuid. [Jakub Onderka] new: [UI] Site admin can create SG with specific UUID - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8188 from JakubOnderka/code-style. [Jakub Onderka] chg: [internal] Cosmetic code changes - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] v2.4.155 (2022-03-03) --------------------- New ~~~ - [CLI] Filter user by ID or e-mail. [Jakub Onderka] Changes ~~~~~~~ - [PyMISP] bump. [iglocska] - [sharing group blueprint] default to active sharing groups. [iglocska] - was confusing - [PyMISP] BUmp version. [Raphaël Vinot] - [version] bump. [iglocska] - [CLI] Simplify Admin::dumpCurrentDatabaseSchema. [Jakub Onderka] - [installer] Updated to latest version. [Steve Clement] - [doc] Added --no-cache to always have the freshest installer. [Steve Clement] - [authkeys add] accept "me" as a valid parameter. [iglocska] - [installer] Update to latest. [Steve Clement] - [tpl] Update base template to take latest Kali into account. [Steve Clement] Fix ~~~ - [db_schema] updated. [iglocska] - [db] Update database schema to 80. [Jakub Onderka] - [installer] Fixed Kali Linux installer. [Steve Clement] - [sync] automatic sync data creation was lacking authkey. [iglocska] - fixed for both old style and advanced authkeys - [organisations] made meta fields default to '' and not allow null values. [iglocska] - fixes a filtering issue with sharing group blueprints leading to sharing groups that are more restrictive than expected - [blueprints] appease older php versions. [iglocska] trailing comma on last function call element removed Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8183 from JakubOnderka/cli-list-filter. [Jakub Onderka] new: [CLI] Filter user by ID or e-mail - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #8187 from SteveClement/tools. [Steve Clement] fix: [installer] Fixed Kali Linux installer - Merge pull request #8186 from SteveClement/guides. [Steve Clement] chg: [doc] Added --no-cache to always have the freshest installer - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #8182 from SteveClement/tools. [Steve Clement] - Merge branch '2.4' into develop. [iglocska] v2.4.154 (2022-03-02) --------------------- New ~~~ - [bgjobs] Allow to set Redis read timeout. [Jakub Onderka] - [test] Creating custom warninglist. [Jakub Onderka] - [sharing group blueprints] [iglocska] - create a rule based blueprint that is used to create and update a sharing group - nest sharing groups - filter organisations by metadata fields - nested via boolean operators - CLI exposed - API exposed - Lightweight ownership model (only blueprint owner can see and edit the blueprint) - [json field] added to single view factory. [iglocska] - [test] Search index by eventid. [Jakub Onderka] - [test] CSP report. [Jakub Onderka] - [oidc] Check user validity. [Jakub Onderka] - [event warnings] include them in the event view. [iglocska] - [behaviour] event warning behaviour added. [iglocska] - inspects an event in MISP's internal raw format for discrepencies - creates a list of warnings - [populate event view] added. [iglocska] - paste a JSON with misp data (objects, attributes, galaxies, tags, eventreports) and it will edit the elements into the event - [event population] added. [iglocska] - [oidc] Support for setting code challenge method. [Jakub Onderka] Changes ~~~~~~~ - [composer] Crypt_GPG updated. [Alexandre Dulaunoy] - [VERSION] bump. [iglocska] - [oidc] Do not log changes for OIDC user setting. [Jakub Onderka] - [internal] Simplify logging when pulling events. [Jakub Onderka] - [bgjobs] Add command name to logs. [Jakub Onderka] - [internal] Simplify code for deleting multiple attributes. [Jakub Onderka] - [test] Better custom warninglist test. [Jakub Onderka] - [internal] Use FileAccessTool. [Jakub Onderka] - [composer] Crypt_GPG updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [ACL] updated. [iglocska] - [internal] Limit size of CSP report. [Jakub Onderka] - [doc] changelog replaced with the official one. [Alexandre Dulaunoy] - [changelog] replaced with the official one. [Alexandre Dulaunoy] - [warninglists] updated to the latest version. [Alexandre Dulaunoy] - [menu] added the MISP event JSON population to the populate from... menu. [iglocska] - [cli] Use more entropy when generating new encryption key. [Jakub Onderka] - [UI] Fix setting placeholder for user setting. [Jakub Onderka] - [user_setting] Switch OIDC to internal setting. [Jakub Onderka] - [oidc] Move OIDC to different class. [Jakub Onderka] - [oidc] Check user org when checking if user is valid. [Jakub Onderka] - [oidc] Remove support for Jumbojett\OpenIDConnectClient. [Jakub Onderka] - [oidc] Check user role when checking if user is valid. [Jakub Onderka] - [internal] Speedup when no events found. [Jakub Onderka] - [menu] added the MISP event JSON population to the populate from... menu. [iglocska] - [event warnings] load the new behaviour and set the view variable with the contents. [iglocska] - [proposal alert] emails now include the event uuid. [iglocska] - for easier lookup on your own instance, rather than the remote. - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [community-metadata] adding missing communities. [Christophe Vandeplas] - [community-metadata] adding missing communities. [Christophe Vandeplas] Fix ~~~ - [internal] Append variable just when not null. [Jakub Onderka] - [bgjobs] Try to avoid deadlock. [Jakub Onderka] - [bgjobs] First read STDERR, then STDOUT. [Jakub Onderka] - [bgjobs] Try to close pipes before proc_close. [Jakub Onderka] - [warnignlist] Update cache after warninglist edit. [Jakub Onderka] - [security] Do not allow to fetch value of redacted setting. [Jakub Onderka] - [JSON field] fixes. [iglocska] - do not sanitise data that is to be json encoded - decode json if a simple string is used - [sharing group] authorise sharing group if the user's organisation is not contained in the sharing group but is rather the creator organisation. [iglocska] - [singleview factory] modelField element now handles empty data fields gracefully. [iglocska] - [internal] Event ID translator. [Jakub Onderka] - [security] Do not allow to fetch value of redacted setting. [Jakub Onderka] - [UI] Event warning - distribution can be string. [Jakub Onderka] - [internal] CIDR validation. [Jakub Onderka] - [ACL] added events/populate. [iglocska] - [UI] Homepage icon link. [Jakub Onderka] - [internal] Do not convert to JSON. [Jakub Onderka] - [UI] User setting view is not implemented. [Jakub Onderka] - [sync] fixed several issues with the sync attribute filters causing issues. [iglocska] - if no negative sync filters defined, errors thrown due to check against null - [stix2 import] Fixed description fields from STIX objects parsing as comment field for external STIX data. [chrisr3d] - [ACL] added events/populate. [iglocska] - [forms] larger text input # Please enter the commit message for your changes. Lines starting. [iglocska] - [user:getClientIp] Typo in variable name. [Sami Mokaddem] - [stix2 import] Importing description field of STIX objects as comment field in the converted MISP attribute or object. [chrisr3d] - [tmpdir] default value change missing. [iglocska] - Thanks @Wachizungu for spotting my fail - [tmpdir] default reverted to MISP/app/tmp. [iglocska] - too many access errors for users with /tmp as the default - [tool] update gen_website_communities script. [Christophe Vandeplas] - [tool] update gen_website_communities script. [Christophe Vandeplas] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8178 from JakubOnderka/oidc_log_change. [Jakub Onderka] chg: [oidc] Do not log changes for OIDC user setting - Merge pull request #8155 from JakubOnderka/bg-jobs-read-timeout. [Jakub Onderka] new: [bgjobs] Allow to set Redis read timeout - Merge pull request #8165 from JakubOnderka/delete-selected. [Jakub Onderka] chg: [internal] Simplify code for deleting multiple attributes - Merge pull request #8177 from JakubOnderka/test_custom_warninglist- vol2. [Jakub Onderka] chg: [test] Better custom warninglist test - Merge pull request #8176 from JakubOnderka/test_custom_warninglist. [Jakub Onderka] Test custom warninglist - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8174 from JakubOnderka/fetch-redacted-setting. [Jakub Onderka] fix: [security] Do not allow to fetch value of redacted setting - Merge pull request #8173 from JakubOnderka/fix-id-translator. [Jakub Onderka] fix: [internal] Event ID translator - Merge pull request #8163 from MISP/2.4. [Jakub Onderka] Merge 2.4 into develop - Merge pull request #8162 from JakubOnderka/csp-report-limit. [Jakub Onderka] chg: [internal] Limit size of CSP report - Merge pull request #8141 from folbricht-stripe/preserve-session- config. [Andras Iklody] Preserve Session.* configuration in serverSettingsSaveValue - Preserve Session.* configuration in serverSettingsSaveValue. [Frank Olbricht] - Merge pull request #8152 from JakubOnderka/fix-event-warning. [Jakub Onderka] fix: [UI] Event warning - distribution can be string - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #8153 from JakubOnderka/more-entropy. [Jakub Onderka] chg: [cli] Use more entropy when generating new encryption key - Merge pull request #8144 from JakubOnderka/oidc-check-validity. [Jakub Onderka] new: [oidc] Check user validity - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8132 from JakubOnderka/oidc-ccm. [Jakub Onderka] new: [oidc] Support for setting code challenge method - Merge branch '2.4' into develop. [Alexandre Dulaunoy] v2.4.153 (2022-02-04) --------------------- New ~~~ - [UI] Show TLS version for server test. [Jakub Onderka] - [security] Check TLSv1.3 connection. [Jakub Onderka] - [oidc] Add new option: OidcAuth.authentication_method. [Jakub Onderka] - [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork. [Jakub Onderka] - [CLI] admin configLint. [Jakub Onderka] - [security] Allow to specify min_tls_version. [Jakub Onderka] - [security] securityAuditTls. [Jakub Onderka] - [CLI] Security audit. [Jakub Onderka] - [form factory] added a div field type. [iglocska] - allows to create parametrised divs for additional placeholders - parameters are id, class, style, to be extended when needed - [test] New audit. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - Fix findoriginaluuid typo. [Jeroen Pinoy] - [oidc] Store user sid in session. [Jakub Onderka] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [internal] Add debugging for problematic push. [Jakub Onderka] - [tools] communities.md generator works with new website. [Christophe Vandeplas] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [setting] Check if value is from options. [Jakub Onderka] - [UI] Use number input for numeric setting. [Jakub Onderka] - [internal] Do not call __evaluateLeaf for branch. [Jakub Onderka] - [internal] Recommend to install pydeep2. [Jakub Onderka] - [connection] Allow to define onConnect callback. [Jakub Onderka] - [js:markdown-it] Update markdown-it library from version 11.0.0 to version 12.3.2. [Sami Mokaddem] - [test] Use new link to install poetry. [Jakub Onderka] - [test] Remove libfuzzy-dev package. [Jakub Onderka] - [internal] Bump PyMISP to use pydeep2. [Jakub Onderka] - [internal] Use pydeep2. [Jakub Onderka] - [internal] Event report name is required. [Jakub Onderka] - [security] Warn about unsupported OS. [Jakub Onderka] - [internal] Fix session closing for dashboard widget. [Jakub Onderka] - [internal] Remove useless session closing. [Jakub Onderka] - [security] Avoid timing attacks for post validating. [Jakub Onderka] - [internal] Remove random_compat. [Jakub Onderka] - [internal] Do not modify session when not necessary. [Jakub Onderka] - [cli] Deprecate `cake baseurl` command. [Jakub Onderka] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [CI] fixed installation. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [i18n] Updated Thai (21%) [Steve Clement] - [doc] Added php-curl to speed up composer. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [i18n] default.pot update. [Steve Clement] - [i18n] Renamed Thai directory. [Steve Clement] - [i18n] Added Thai, updated active language files. [Steve Clement] - [i18n] Update pot files. [Steve Clement] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated to latest, considering rhel8.4/8.5. [Steve Clement] - [doc] Remove centos ref. [Steve Clement] - [doc] Added rhel8.4 and rhel8.5. [Steve Clement] - [installer] Latest installer to reflect doc changes. [Steve Clement] - [installer] Latest installer to reflect doc changes. [Steve Clement] - [doc] Removed CentOS ref. [Steve Clement] - [doc] Updated docs and removed obsolete refs. [Steve Clement] - [doc] Various CentOS9 references. [Steve Clement] Fix ~~~ - [language] fix (exception text) [iglocska] - [internal] Array to string conversion. [Jakub Onderka] - [misp-stix] Same errors handling for STIX1 as it recently has been pushed for STIX2. [chrisr3d] - [API key] shown on automation page when using classic keys. [iglocska] - [misp-stix] Bumped latest version with enhanced parsing of objects which encountered parsing errors. [chrisr3d] - Instead of simply storing the error message, we also convert those objects as STIX Custom objects - [misp-stix] Bumped latest version with a better exceptions handling for file, pe & pe-section objects converted to STIX2 file objects with a pebinary extension. [chrisr3d] - [stix export] Fixed wrong indentation causing variable name errors. [chrisr3d] - [misp-stix] Bumped latest version with a quick fix on Tags handling as STIX2 markings. [chrisr3d] - [misp-stix] Bumped latest version with some fixes on the tags parsing. [chrisr3d] - [internal] testForCABundle should return true. [Jakub Onderka] - [stix] STIX test. [Jakub Onderka] - [internal] Syntax error in PHP 7.2. [Jakub Onderka] - [test] Do not force libpcre2 installation. [Jakub Onderka] - [setting] Default value for MISP.require_password_confirmation is false. [Jakub Onderka] - [appController:loginByAuthkey] Skip authentication with basic authorization. [Sami Mokaddem] Fix #7576. Basic Auth might happen for some setup where the authentication is performed by another component such as LDAP. For these cases, the Authorization header is present and contains the Basic Auth data used by the authentication plugin. Before this patch, MISP failed to resolve the API key to a user and threw a 403. This was because MISP detected the presence of the Authorization header which triggered an authentication by Authkey that would always fail as the content is not a valid API key. - [event add] resolved notice error when viewing the event add form. [iglocska] - converted the html div added as a field to a proper factory field - [audit] Send IP address to ZMQ in full form. [Jakub Onderka] - Supervisord_status showing as a worker when its not. [Luciano Righetti] - [CLI] Authkey valid - reconnect in case of failure. [Jakub Onderka] - Fix: add flag to update deps as suggested by @hlijan. [Luciano Righetti] - Bug defaulting source_format instead of fixed_event on /feeds/add endpoint. [Luciano Righetti] - [UI] Fix authkey field type. [Jakub Onderka] - [internal] Closing session for statistics. [Jakub Onderka] - Fix: unix timestamps should have a @ prefix. [Luciano Righetti] - Make SimpleBackgroundJobs work on RHEL 7 with supervisorphp/supervisor:^3.0. [Richard van den Berg] - Change simple bg jobs settings to critical, fix notice in server shell. [Luciano Righetti] - [stix1 export] Removed unused imports. [chrisr3d] - [stix2 import] Fixed wrong variable name. [chrisr3d] - [misp-stix] Bumped latest fixed version of the library. [chrisr3d] - Includes fixes on the usage of orgnames during a STIX 1 export: - The orgname used to define the information source and the reporter identity remains the same - The orgname used to define every STIX object id is sanitized to comply with the STIX validation process - [CI] libpcre2 issue. [Alexandre Dulaunoy] - Error later on when json enconding a binary repr ipv6. [Luciano Righetti] - [i18n] Typo. [Steve Clement] - [typo] check - not chech. [Steve Clement] - [galaxyclusters] view by uuid fixed. [iglocska] - [typo] tagID. [Steve Clement] - Fix: unix timestamps should have a @ prefix. [Luciano Righetti] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #8129 from Wachizungu/fix-findoriginaluuid-typo. [Alexandre Dulaunoy] chg: fix findoriginaluuid typo - Merge pull request #8118 from JakubOnderka/new-oidc. [Jakub Onderka] chg: [oidc] Store user sid in session - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8123 from JakubOnderka/event-push-debug. [Jakub Onderka] fix: [internal] Array to string conversion - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #8120 from JakubOnderka/event-push-debug. [Jakub Onderka] chg: [internal] Add debugging for problematic push - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8109 from JakubOnderka/tls-debug. [Jakub Onderka] TLS connection debug - Merge pull request #8117 from JakubOnderka/new-oidc. [Jakub Onderka] new: [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge pull request #8107 from JakubOnderka/settings-lint. [Jakub Onderka] Settings lint - Merge pull request #8106 from JakubOnderka/stix-test. [Jakub Onderka] Stix test - Merge pull request #8105 from JakubOnderka/min_tls_version. [Jakub Onderka] new: [security] Allow to specify min_tls_version - Merge pull request #8089 from JakubOnderka/security-audit-cli. [Jakub Onderka] new: [CLI] Security audit - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8100 from JakubOnderka/pydeep2. [Jakub Onderka] chg: [internal] Bump PyMISP to use pydeep2 - Merge pull request #8098 from JakubOnderka/zmq-audit-ip-address. [Jakub Onderka] fix: [audit] Send IP address to ZMQ in full form - Merge pull request #8099 from JakubOnderka/pydeep2. [Jakub Onderka] chg: [internal] Use pydeep2 - Merge branch '2.4' into develop. [Luciano Righetti] - Merge pull request #8065 from fandigunawan/2.4. [Jakub Onderka] fix: Removes debug print in AWS S3 Client - Removes debug print. [Fandi Gunawan] - Merge pull request #8067 from righel/issue-8064. [Andras Iklody] fix: supervisord_status showing as a worker when its not - Merge pull request #8086 from JakubOnderka/event-report-name-required. [Jakub Onderka] chg: [internal] Event report name is required - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #8072 from JakubOnderka/fix-authkeys-valid. [Jakub Onderka] fix: [CLI] Authkey valid - reconnect in case of failure - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #8069 from JakubOnderka/security-audit-old-os. [Jakub Onderka] chg: [security] Warn about unsupported OS - Merge pull request #8061 from JakubOnderka/authkey-input. [Jakub Onderka] fix: [UI] Fix authkey field type - Merge pull request #7986 from JakubOnderka/better-security. [Jakub Onderka] chg: [internal] Do not modify session when not necessary - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #8052 from RichieB2B/ncsc-nl/supervisor. [Luciano Righetti] Make supervisor connector work with supervisorphp/supervisor 3 - Merge pull request #8053 from righel/improve-simple-bg-jobs-settings. [Luciano Righetti] Improve SimpleBackgroundJobs settings - Add: add migration guide to docs. [Luciano Righetti] - Merge pull request #8039 from JakubOnderka/cake-baseurl-deprecated. [Jakub Onderka] chg: [cli] Deprecate `cake baseurl` command - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8092 from DCSO/fix/linotp-throw2. [Alexandre Dulaunoy] LinOTP minor fixes - [chg] LinOTP default baseURL. [Hendrik Baecker] - [chg] Make LinOTP configurable via webui and cli. [Hendrik Baecker] - [chg] Add link to LinOTP selfservice. [Hendrik Baecker] - [chg] Improved LinOTP error handling. [Hendrik Baecker] Matches if ssl verify fails for example - Merge pull request #8096 from righel/fix-issue-8093. [Luciano Righetti] fix: error later on when json enconding a binary repr ipv6 - Merge pull request #8091 from SteveClement/i18n. [Steve Clement] - Merge pull request #8084 from SteveClement/i18n. [Steve Clement] - Merge pull request #8083 from SteveClement/guides. [Steve Clement] - Merge remote-tracking branch 'origin' into guides. [Steve Clement] - Merge branch 'MISP:2.4' into 2.4. [Steve Clement] - Merge branch 'MISP:2.4' into 2.4. [Steve Clement] - Merge pull request #5 from SteveClement/guides. [Steve Clement] - Merge pull request #8082 from SteveClement/i18n. [Steve Clement] - Merge pull request #8080 from SteveClement/i18n. [Steve Clement] - Merge pull request #8079 from SteveClement/i18n. [Steve Clement] - Merge pull request #8075 from SteveClement/i18n. [Steve Clement] - Merge pull request #8074 from SteveClement/i18n. [Steve Clement] - Merge pull request #8068 from StefanKelm/2.4. [Luciano Righetti] fix wording - Update Server.php. [StefanKelm] fix wording - Merge pull request #8059 from SteveClement/guides. [Steve Clement] - Merge pull request #8058 from SteveClement/guides. [Steve Clement] - Merge pull request #8056 from SteveClement/guides. [Steve Clement] - Add: add migration guide to docs. [Luciano Righetti] v2.4.152 (2021-12-22) --------------------- New ~~~ - [CLI] user authkey_valid command. [Jakub Onderka] - [tag] Generate predictable tag color. [Jakub Onderka] - [server:synchronisation] Type filtering during PULL synchronisation. [Sami Mokaddem] - [event-timeline] Support of image attachments. [Sami Mokaddem] - [CLI] Get authkey info by `cake user authkey` [Jakub Onderka] - [securityAudit] Check expose_php setting. [Jakub Onderka] - [test] Exports. [Jakub Onderka] - [securityAudit] Check if xdebug is enabled. [Jakub Onderka] - [bg] Support unix socket for supervisord. [Jakub Onderka] - [internal] Use pubToZmq to check if publish to ZMQ. [Jakub Onderka] Changes ~~~~~~~ - [misp-stix] Bumped latest version of the library. [chrisr3d] - [security audit] fixed failures on kernel compilation time. [iglocska] - currently the check makes a lot of invalid assumptions, made it more lax to fail gracefully - [PyMISP] Bump version. [Raphaël Vinot] - [version] bump. [iglocska] - [Python] Use pymisp from pypi. [Raphaël Vinot] - [internal] Make JSONConverterTool method static. [Jakub Onderka] - [rephrasing] some warnings. [iglocska] - [server:edit] Display object name for both sync mechanisms. [Sami Mokaddem] Even though I said I won't do it - [server:edit] Include the object name in addition to the template UUID for PUSH. [Sami Mokaddem] The name of the object could be unknown by the instance for PULL so we keep it on the old behavior. - [server:pull] Do not log empty event entries if it was cause by the rules. [Sami Mokaddem] - [servers:index] Improved UI. [Sami Mokaddem] Only show blocked attribute types/objects if setting is turned on - [server:synchronisation] Usage of template_uuid instead of the object name. [Sami Mokaddem] - [server:synchronisation] Tpye filtering duringg PUSH synchronisation. [Sami Mokaddem] Split type on attributes and objects - [pip] unused and broken Pipfile.lock (old conflict merged) [Alexandre Dulaunoy] - [app] Bumped query version. [Sami Mokaddem] - [event:timeline] Fit timeline after initial load. [Sami Mokaddem] - [feeds] Support for sharing groups with feeds, fixes #5758. [Christophe Vandeplas] - Allow change disable_correlation in mass edit attributes. [Luciano Righetti] - [internal] Log when attribute was dropped. [Jakub Onderka] - [auditLog] Fetch field required for model info. [Jakub Onderka] - [internal] Add job ID to worker. [Jakub Onderka] - [internal] Lazy load images. [Jakub Onderka] - [internal] Avoid calling unnecessary method. [Jakub Onderka] - [internal] Slightly optimise OrgImgHelper. [Jakub Onderka] - [internal] Element file cache. [Jakub Onderka] - [internal] Move some checks to beforeRender method. [Jakub Onderka] - [internal] Faster sending images. [Jakub Onderka] - [internal] Slightly optimise CakeResponseTmp. [Jakub Onderka] - [securityAudit] PHP 7.3 is not supported anymore. [Jakub Onderka] - [internal] testForBinExec cleanup. [Jakub Onderka] - [internal] Optimise setting. [Jakub Onderka] - [upload] Allow to upload SVG files. [Jakub Onderka] - [internal] Simplify index.php. [Jakub Onderka] - [CLI] Initialize BackgroundJobsTool just when required. [Jakub Onderka] - [internal] New method ProcessTool::whoami. [Jakub Onderka] - [export] Cleanup code for OpeniocExport and YaraExport. [Jakub Onderka] - [stix] Simplified STIX export code. [Jakub Onderka] - [internal] Use ProcessTool in Sighting. [Jakub Onderka] - [internal] Use ProcessTool in Exports. [Jakub Onderka] - [bg] Move logging to one place. [Jakub Onderka] - [process] No need to close pipes. [Jakub Onderka] - [diagnostics] Check also MISP.attachments_dir and MISP.tmpdir folders. [Jakub Onderka] - [securityAudit] Show warning if encryption key is not set. [Jakub Onderka] - [internal] Remove unused variable. [Jakub Onderka] - [internal] Convert array to const in QueryTool. [Jakub Onderka] - [internal] Convert array to const in Warninglist. [Jakub Onderka] - [internal] Convert array to const in RestResponseComponent. [Jakub Onderka] - [internal] Convert array to const in ACLComponent. [Jakub Onderka] - [internal] Fix typo. [Jakub Onderka] - [internal] Remove unused methods. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [internal] Convert strings to const. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [internal] Convert array in log to const. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [backwards] compatibility. [iglocska] - reverted a strict typed function parameter check to appease the legacy gods - [installer] Update to latest version. [Steve Clement] - [doc] Minor error on rhel version. [Steve Clement] - [misp-galaxy] updates. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warninglists] updated. [Alexandre Dulaunoy] - [pip] unused and broken Pipfile.lock (old conflict merged) [Alexandre Dulaunoy] - [installer] Update to latest version. [Steve Clement] - [doc] endpoint.com is now enpointdev.com. [Steve Clement] - [misp-stix] Bumped latest version. [chrisr3d] - Add dicussions link. [Luciano Righetti] - Use issue forms templates with required fields. [Luciano Righetti] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [stix export] Merging all the differents changes at different places to support every type of collection export as STIX 1 & 2. [chrisr3d] - [stix1 export] Better parsing with a separation between events and attributes collections export. [chrisr3d] - [stix] allow passing the publish flag to the stix upload. [iglocska] - [stix1 export] Making STIX1 attributes export parser available. [chrisr3d] Fix ~~~ - [stix1 export] Ordering object types to avoid validation issues. [chrisr3d] - STIX validator seems to dislike `Observables` objects coming after `Indicators`, so we put the object types in the order they are presented in the documentation - [event:checkDistributionForPush] typos. [Richard van den Berg] - [event:uploadEventSightingsToServersRouter] use Event model for Sighting context. [Richard van den Berg] - [event:uploadEventSightingsToServersRouter] allow sightings to be pushed upstream. [Richard van den Berg] - [server:add] Pass the correct variables to the view. [Sami Mokaddem] - [event:push] Unset attribute before processing it and nesting typo. [Sami Mokaddem] - [server:pull] Typo in objectAttribute filtering. [Sami Mokaddem] - [server:edit] Extra field in group by leading to object duplication. [Sami Mokaddem] - [server:edit] Typo synchronisation. [Sami Mokaddem] - [server:pull] Typo while unsetting attribute blocked by filtering rule. [Sami Mokaddem] - [events:synchronisation] debug and typos. [Sami Mokaddem] - [servers:edit] Capture filtering freetext tags for PUSH. [Sami Mokaddem] - [tools:timeline] Usage of correct UUID and disabled polling extrapolation. [Sami Mokaddem] This half baked feature was making thing confusing for the users. If we ever need it implemented it should be something more robust and configurable. - Do not try to autocomplete with users authkey. [Luciano Righetti] - Publishtimestamp defaults. [Luciano Righetti] - Array to string notice. [Luciano Righetti] - Typos, bump js version. [Luciano Righetti] - Datetime format. [Luciano Righetti] - Revert change. [Luciano Righetti] - Use from/until input in UI filters. [Luciano Righetti] - Notice when filter is array. [Luciano Righetti] - Show error message instead of fatal error when diagnostics tool fails to run. [Luciano Righetti] - [UI] Ajax forms lose persistence. [iglocska] - generic Form builder now has the persistence baked in - capture all form fields' data before submiting as expected - [feeds] i18n some strings. [iglocska] - [feeds] preview attribute distribution. [iglocska] - escape sharing group name - Wrong params. [Luciano Righetti] - Improve error handling when supervisor is not available or connection settings are wrong. [Luciano Righetti] - [internal] Fixes #7961. [Jakub Onderka] - [UI] Adding attributes to object. [Jakub Onderka] - [tools:backgroundjob] Support of legacy systems (3) [Sami Mokaddem] - [tools:backgroundjob] Support of legacy systems (2) [Sami Mokaddem] - [backgroundjob] Support of legacy system. [Sami Mokaddem] - [test] Ignore beforeRender function. [Jakub Onderka] - [internal] Deleting events. [Jakub Onderka] - [internal] Old style view class. [Jakub Onderka] - [security] Disable caching of images. [Jakub Onderka] - [CLI] Show error when calling methods for managing workers when SimpleBackgroundJobs are enabled. [Jakub Onderka] - [internal] Fix checking if system is Linux. [Jakub Onderka] - [internal] User ProcessTool for selfTest. [Jakub Onderka] - [auditlog] Array converted to const. [Jakub Onderka] - [auditLog] Warning when deleting event. [Jakub Onderka] - [internal] Remove UrlCache. [Jakub Onderka] - ServerShell fails if SimpleBackgroundJobs config does not exists. [Luciano Righetti] - Update dep for fixing php74 build. [Luciano Righetti] - [misp-stix] Bumped latest version with up-to-date dependencies & requirements. [chrisr3d] - [stix export] Added parameters to the temporary files deleting function. [chrisr3d] - Can delete output files when we get an exception from the python scirpt - Can delete a specific list of files that are not suffixed with a '.out' extension, like it is the case for attributes collections export as STIX 1 - [stix export] Removed unused variables. [chrisr3d] - [stix export] Copy paste issue from merge conflict handling. [chrisr3d] - [stix1 export] Syntax typo from merge conflict handling. [chrisr3d] - [API] downloadAttachment API user object fetching fixed. [iglocska] - user is already in session, just reuse it - [feeds] pulling freetext feed sets attribute distribution, fixes #7992. [iglocska] - should just inherit the event's setting - when using sharing groups this becomes a serious issue - [audit] fix user modifications not working with the modern audit log. [iglocska] - trying to get the old state of non persistent form fields breaks - [stix1 export] Removed debugging print. [chrisr3d] - [stix2 export] Added the required traceback parameter to the `print_tb` call. [chrisr3d] - [upload_stix] Going back to the previous way of handling files before we properly merge `develop` and this branch together. [chrisr3d] - The publish flag added in `develop` remains here but we come back to the previous way of handling the input file, like before we cherry-picked the commit containing the changes concerning the publish flag. - [misp-stix] Bumped latest version. [chrisr3d] - [stix export] Removing traceback parsing since it is handled in stderr. [chrisr3d] - [stix export] Keeping traceback messages for the logs. [chrisr3d] - [stix export] Making sure the error message is displayed when there is no input file. [chrisr3d] - [stix1 export] Indentation issues caused STIX1 result files not to be written. [chrisr3d] - [stix export] Displaying errors with their traceback. [chrisr3d] - [stix2 export] Removed unnecessary loop split. [chrisr3d] - [stix2 export] Removed separator that should not be set here. [chrisr3d] - [stix export] Typo on a class variable. [chrisr3d] - [stix export] Better galaxies & clusters handling when dealing with attributes collections. [chrisr3d] - We skip some fields from galaxies and clusters, as well as adding the event timestamp that is going to be used when exporting event galaxies Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'misp-stix' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #8047 from RichieB2B/ncsc-nl/sightings-dist. [Alexandre Dulaunoy] Fix typos - Merge pull request #8046 from RichieB2B/ncsc-nl/sightings-dist. [Andras Iklody] Use Event model for Sighting context - Merge pull request #8045 from RichieB2B/ncsc-nl/sightings-dist. [Andras Iklody] Allow sightings to be pushed upstream - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '8042' into develop. [iglocska] - LinOTP: nitpicking and failsafe. [Hendrik Baecker] Also one CodeFactor fix - [chg] Ensure 'false' if LinOTP Request fails. [Hendrik Baecker] - [chg] Establish 'mixedauth' [Hendrik Baecker] mixedauth=false: Only query LinOTP for OTP (or OTP-Pin+OTP Value) mixedauth=true: Use MISP Userbase for Passwordchecking AND LinOTP for second factor mixedauth=true will throw exceptions if OTP doesn't match to not fall back to FormAuthenticate from MISP - which would get the 2FA useless. - [chg] Extract otp from request. [Hendrik Baecker] - [chg] Fix typos. [Hendrik Baecker] - [chg] Adjust handling LinOTP response. [Hendrik Baecker] - [chg] Add OTP Form Field if LinOTP active. [Hendrik Baecker] - [chg] added LinOTP to configs. [Hendrik Baecker] - [chg] no more php-curl but cake socket. [Hendrik Baecker] - [chg] Safe LinOTP Config. [Hendrik Baecker] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8027 from JakubOnderka/cli_authkey_valid. [Jakub Onderka] new: [CLI] user authkey_valid command - Merge pull request #8025 from JakubOnderka/predicatable-tag-color. [Jakub Onderka] new: [tag] Generate predictable tag color - Merge pull request #8028 from JakubOnderka/json-convertor-static. [Jakub Onderka] chg: [internal] Make JSONConverterTool method static - Merge branch 'sync_filter' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into feature-sync-type- filtering. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Steve Clement] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #8019 from righel/add_events_time_filter. [Luciano Righetti] new: add events index time ui filters - Add: timestamp and publish_timestamp filters and optional columns to /events/index. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7997 from righel/avoid-fatals-in-settings- diagnostics. [Alexandre Dulaunoy] fix: show error message instead of fatal error when diagnostics tool … - Merge branch 'sg_feeds' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7996 from JakubOnderka/cli-authkey. [Jakub Onderka] new: [CLI] Get authkey info by `cake user authkey` - Merge pull request #7967 from righel/toggle_correlation_mass_edit_attributes. [Luciano Righetti] chg: allow change disable_correlation in mass edit attributes - Merge pull request #7994 from righel/fix-issue-7988. [Luciano Righetti] fix: improve error handling when supervisor is not available or conne… - Merge pull request #7993 from JakubOnderka/fix-7961. [Jakub Onderka] fix: [internal] Fixes #7961 - Merge pull request #7991 from JakubOnderka/fix-7987. [Jakub Onderka] chg: [internal] Log when attribute was dropped - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7975 from JakubOnderka/process-tool-selftest. [Jakub Onderka] Process tool selftest - Merge pull request #7577 from JakubOnderka/add-event-cleanup. [Jakub Onderka] chg: [internal] Convert array to const - Revert "chg: [logbehaviour] skipfields reverted to an array from a constant" [Jakub Onderka] This reverts commit 9d7da3103fb935c3c98c6c3c136e3a8f1a78614f. - Merge pull request #7984 from JakubOnderka/fix-audit-log. [Jakub Onderka] fix: [auditLog] Warning when deleting event - Merge pull request #7974 from JakubOnderka/url-cache. [Jakub Onderka] fix: [internal] Remove UrlCache - Merge pull request #7981 from righel/fix-php-7.4-build. [Luciano Righetti] fix: update dep for fixing php74 build - Merge branch 'develop' into fix-php-7.4-build. [Luciano Righetti] - Merge branch 'misp-stix' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge pull request #8037 from SteveClement/guides. [Steve Clement] chg: [doc] Minor error on rhel version - Merge pull request #8035 from SteveClement/guides. [Steve Clement] - Add: [stix1 export] Supporting specific framing for attributes collections export. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge pull request #8008 from righel/add-issues-form-templates. [Alexandre Dulaunoy] chg: use issue forms templates with required fields - Merge pull request #7995 from coolacid/WordWrap. [Jakub Onderka] fix: Autocrypt email header force RFC 5322 - 2.1.1 line length limits - RFC 5322 - 2.1.1 line length limits. [Jason Kendall] Use '\r\n' instead of PHP_EOL Use '\r\n' instead of PHP_EOL - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'misp-stix' of https://github.com/MISP/MISP into misp- stix. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into misp-stix. [chrisr3d] - Merge branch 'misp-stix' of github.com:MISP/MISP into misp-stix. [chrisr3d] - Merge branch 'misp-stix' of github.com:MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Wip: [stix export] Adding stix various formats in the list of valid formats for attributes restSearch. [chrisr3d] - Wip: [stix export] First implementation of an attributes restSearch export as STIX 1 & 2. [chrisr3d] - More testing, and changes on other parts of the process to come as well v2.4.151 (2021-11-23) --------------------- New ~~~ - [internal] Faster caching. [Jakub Onderka] - [user] Add sub field for user. [Jakub Onderka] - [CLI] For redisMemoryUsage show also server cache size. [Jakub Onderka] - Support existing worker controls via supervisor api. [Luciano Righetti] - Add default config for new background jobs (disabled). [Luciano Righetti] - [CLI] Redis memory usage diagnostics. [Jakub Onderka] - [CLI] admin reencrypt command. [Jakub Onderka] - [security] Store authkeys for servers encrypted. [Jakub Onderka] - [UI] Define custom right menu link. [Jakub Onderka] - [CLI] Allow to set setting value to `null` [Jakub Onderka] - [internal] Save to config file just what was in file. [Jakub Onderka] - [internal] encryption_key config. [Jakub Onderka] - [internal] Fix when authkey is invalid. [Jakub Onderka] - [internal] BetterSecurity tool. [Jakub Onderka] - [setting] Allow to encrypt setting. [Jakub Onderka] - [setting] Add new MISP.system_setting_db setting. [Jakub Onderka] - Store system settings in database. [Jakub Onderka] - [MISP fetcher] added to create an offline update package. [iglocska] - [doc] Initial php8.0 and Ubuntu 22.04. [Steve Clement] - [test] test_add_duplicate_tags. [Jakub Onderka] - [test] test_log_new_audit. [Jakub Onderka] - [test] test_restsearch_event_by_tags. [Jakub Onderka] - [settings] Allow to use ThreatLevel.name for alert filter. [Jakub Onderka] - [API] Return JSON for server index preview. [Jakub Onderka] - [CLI] New task for removeOrphanedCorrelations and optimiseTables. [Jakub Onderka] - [attribute type] ssh-fingerprint - a fingerprint of SSH key material. [Alexandre Dulaunoy] - [attribute type] ssh-fingerprint - a fingerprint of SSH key material. [Alexandre Dulaunoy] - [test] test_deleted_attributes. [Jakub Onderka] - [CLI] Assign UserSetting to list output. [Jakub Onderka] - [oidc] User setting for oidc metadata. [Jakub Onderka] - [test] test_delete_event_blocklist. [Jakub Onderka] - [sync] Server sync logging. [Jakub Onderka] - [test] test_search_index_by_all. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [submodule update] added --init --recursive. [iglocska] - [internal] Add BACKGROUND_JOB_ID to new process. [Jakub Onderka] - [CLI] Start worker help. [Jakub Onderka] - [internal] Bg worker cleanup. [Jakub Onderka] - [internal] Check if update is possible. [Jakub Onderka] - [internal] Simplify Attribute::fetchAttributes. [Jakub Onderka] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [object] break on duplicate, include uuid in addition to ID in failure message, fixes #7929. [iglocska] - [internal] Use ProcessTool in Server. [Jakub Onderka] - [internal] Use ProcessTool in PubSubTool. [Jakub Onderka] - [internal] Use ProcessTool in SecurityAudit. [Jakub Onderka] - [internal] Use ProcessTool in StixExport. [Jakub Onderka] - [internal] upload_stix uses ProcessTool. [Jakub Onderka] - [internal] Use ProcessTool in AttachmentTool. [Jakub Onderka] - [internal] Simplify checking if folder is writable. [Jakub Onderka] - [internal] Try to use array for processes. [Jakub Onderka] - [internal] Better submodule info fetching. [Jakub Onderka] - [internal] Check if update is possible. [Jakub Onderka] - [internal] Current branch and commit checking. [Jakub Onderka] - [internal] More clear method names. [Jakub Onderka] - [UI] Use TimeHelper for zmq status. [Jakub Onderka] - [internal] Small optim. [Jakub Onderka] - [internal] Move version checking to one function. [Jakub Onderka] - [internal] Use GitTool for remote version fetching. [Jakub Onderka] - [internal] Faster way how to get current commit. [Jakub Onderka] - [internal] Authkey resetting. [Jakub Onderka] - [internal] Simplified remove version checking. [Jakub Onderka] - [UI] scheduler doesn't exist for SimpleBackgroundJobs. [Jakub Onderka] - [CLI] Add help for Admin redisReady command. [Jakub Onderka] - [internal] Avoid shell_exec. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [internal] pubsub types. [Jakub Onderka] - [internal] Simplified Feed:getFreetextFeed method. [Jakub Onderka] - [internal] Simplified feed caching. [Jakub Onderka] - [internal] searchCaches code cleanup. [Jakub Onderka] - [internal] Simplify server caching. [Jakub Onderka] - Setting msg. [Luciano Righetti] - Remove track_status setting. [Luciano Righetti] - Remove MISP.use_simple_background_jobs setting in favor of SimpleBackgroundJobs.enabled. [Luciano Righetti] - Remove monitor stuff from docbloc. [Luciano Righetti] - Remove workers monitor script, rely on Supervisor API for all worker- related stuff. [Luciano Righetti] - Try to get user via posix method first. [Luciano Righetti] - Remove sleep from worker poll. [Luciano Righetti] - Merge develop, fix conflicts. [Luciano Righetti] - Add background jobs settings to the ui editor. [Luciano Righetti] - Add fxmlrpc package as suggested. [Luciano Righetti] - Minor refactor. [Luciano Righetti] - Reload conf. [Luciano Righetti] - Add redis namespace globally, add auto json de/serializer setting to redis client. [Luciano Righetti] - Move initTool() logic to constructor. [Luciano Righetti] - Merge develop, fix conflicts. [Luciano Righetti] - Merge develop, fix conflicts. [Luciano Righetti] - Rename settings. [Luciano Righetti] - Rename conf name. [Luciano Righetti] - Rename conf name. [Luciano Righetti] - Call supervisor xml-rpc api, add supervisor app required packages. [Luciano Righetti] - Add db update. [Luciano Righetti] - Remove deprecation msg. [Luciano Righetti] - Merge develop, fix conflicts. [Luciano Righetti] - Use new bg jobs tool in user model. [Luciano Righetti] - Use new bg jobs tool in shadow attribute model. [Luciano Righetti] - Use new bg job tool in job model (cache cmds) [Luciano Righetti] - Use new bg job tool in post model, refactor command. [Luciano Righetti] - Use new bg job tool in log model. [Luciano Righetti] - Use new bg job tool for publishing galaxy clusters. [Luciano Righetti] - Use new bg jobs tool in correlation exclusion model. [Luciano Righetti] - Use new bg jobs tool in correlation model. [Luciano Righetti] - Use new bg jobs tool in AttachmentScan. [Luciano Righetti] - Use new bg jobs tool in AppModel. [Luciano Righetti] - Use new bg jobs tool in shadow attributes controller. [Luciano Righetti] - Use new bg jobs tool in feeds controller. [Luciano Righetti] - Use new bg jobs tool in servers controller. [Luciano Righetti] - Use new bg jobs tool in /attributes/generateCorrelation. [Luciano Righetti] - Move metadata parameter to last, refactor Server calls to background jobs to new tool. [Luciano Righetti] - Add user to worker class, make /servers/getWorkers compatible with new bg jobs. [Luciano Righetti] - Fix issues with servershell pull/push commands. [Luciano Righetti] - Refactor background jobs tool to receive jobId instead of entity. [Luciano Righetti] - Refactor server shell background jobs to use new tool. [Luciano Righetti] - Refactor all background job calls from event model and controller to use new tool. [Luciano Righetti] - Move contact reporter background job to new tool. [Luciano Righetti] - Fetch job status from redis in jobs view. [Luciano Righetti] - Remove hardcode response, map shell/cmd names. [Luciano Righetti] - Pass sql Job to new job handler. [Luciano Righetti] - Make enqueue method generic for both engines. [Luciano Righetti] - [installer] Bump to latest version. [Steve Clement] - [installer] Bump installer to latest version. [Steve Clement] - [doc] updated dates in copyright section. [Christophe Vandeplas] - [internal] Code style. [Jakub Onderka] - [internal] AppController cleanup. [Jakub Onderka] - [internal] App model cleanup. [Jakub Onderka] - [internal] Simplify code for pulling events. [Jakub Onderka] - [internal] Delete system setting when value is empty. [Jakub Onderka] - [internal] Make system setting more secure. [Jakub Onderka] - [internal] Deprecate Org::getUUIDs endpoint. [Jakub Onderka] - [internal] Do not try to fetch empty clusters. [Jakub Onderka] - [internal] Optimise loading event info in AuditLog. [Jakub Onderka] - [internal] Unpublish event timestamp. [Jakub Onderka] - [internal] Simplified editing field. [Jakub Onderka] - [internal] Simplified attribute pagination. [Jakub Onderka] - [internal] Remove SysLogLogable from SystemSetting. [Jakub Onderka] - [internal] Simplify Server model code. [Jakub Onderka] - [systemsetting] Better checking if setting is sensitive. [Jakub Onderka] - [optimise] Reduce number of SQL queries for login page. [Jakub Onderka] - [auditlog] Smarter title. [Jakub Onderka] - [internal] Hide sensitive setting in AuditLog. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [internal] Faster attaching tags to events. [Jakub Onderka] - [internal] Assign galaxies in one query. [Jakub Onderka] - [internal] Optimise loading attributes when doing search. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [doc] Document use of local parameter in API for tags/galaxies. [Loïc Fortemps] - [doc] minor changes for 22.04 and ethX update. [Steve Clement] - [install] Update to latest installer. [Steve Clement] - [doc] Varios small fixes. [Steve Clement] - [misp-objects] updated. [Alexandre Dulaunoy] - [auditlog] Remove non exists insertId. [Jakub Onderka] - [schema] Set object_references.uuid as unique column. [Jakub Onderka] - [internal] Optimise saving attributes. [Jakub Onderka] - [internal] Optimise attaching tags to objects. [Jakub Onderka] - [internal] Optimise AuditLogBehavior. [Jakub Onderka] - [auditlog] Remove unused variable. [Jakub Onderka] - [auditlog] Simplify and optimise code. [Jakub Onderka] - [internal] Optimise Attribute::fetchAttribute. [Jakub Onderka] - [internal] Optimise updating templates. [Jakub Onderka] - [internal] Optimise genericPicker. [Jakub Onderka] - [internal] Use FileAccessTool in MispObject. [Jakub Onderka] - [internal] Faster fetching object templates for selectbox. [Jakub Onderka] - [internal] Optimise bulkSaveRelations. [Jakub Onderka] - [internal] Optimise AuditLog. [Jakub Onderka] - [internal] Try to remove possible unused methods. [Jakub Onderka] - [internal] Optimise Tag::findTagIdsByTagNames. [Jakub Onderka] - [internal] Optimise fetching events by tags. [Jakub Onderka] - [internal] Simplify creating tag. [Jakub Onderka] - [build] Try to run workers under www-data user. [Jakub Onderka] - [PyMISP] Bump. [Jakub Onderka] - [internal] Faster importing galaxy relation tags. [Jakub Onderka] - [internal] Optimise sightings. [Jakub Onderka] - [internal] Small optimisations. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [internal] Do not check event tags conflicts. [Jakub Onderka] - [UI] Check empty event before filtering. [Jakub Onderka] - [internal] Simplify code for Server::serverGetRequest. [Jakub Onderka] - [internal] Better error messages when fetching feeds. [Jakub Onderka] - [internal] Simplified link and boolean validation. [Jakub Onderka] - [test] testDomainModify. [Jakub Onderka] - [internal] Optimise converting hash to lowercase. [Jakub Onderka] - [internal] Faster IPv6 compression. [Jakub Onderka] - [misp-objects] updated. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [internal] Optimise afterFind and simplify ISODatetimeToUTC. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [internal] Move IPv6 compression to one method. [Jakub Onderka] - [internal] Simplify validation for `domain|ip` [Jakub Onderka] - [internal] Move ssdeep validation to specific method. [Jakub Onderka] - [internal] Add ssh-fingerpint validation. [Jakub Onderka] - [internal] Change params order for validate method. [Jakub Onderka] - [internal] Move attribute validation to different tool. [Jakub Onderka] - [PyMISP] update version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [PyMISP] update to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [stix] Bumped laster version of various stix related libraries. [chrisr3d] - [opendata] Bumped latest version. [chrisr3d] - [misp-stix] Bumped latest version. [chrisr3d] - [server settings] allow empty baseurl to be saved. [iglocska] - [stix] allow passing the publish flag to the stix upload. [iglocska] - [internal] Reduce one SQL query for every request. [Jakub Onderka] - [internal] Fetch less columns for Tag for event index. [Jakub Onderka] - [internal] Do not fetch EventTag.id for events index. [Jakub Onderka] - [internal] Log when object reference could not be captured. [Jakub Onderka] - [internal] Add validation for ObjectReference. [Jakub Onderka] - [schema] Add index for object_references.event_id column. [Jakub Onderka] - [internal] Faster attaching references. [Jakub Onderka] - [internal] Move method for fetching tags to one place. [Jakub Onderka] - [internal] Simplified Event::attachTagsToEvents. [Jakub Onderka] - [internal] Faster attaching attribute tags. [Jakub Onderka] - [internal] Simplify Attribute::runValidation. [Jakub Onderka] - [internal] Disable order for hasAny method. [Jakub Onderka] - [internal] Simplified notifications loading. [Jakub Onderka] - [misp-galaxy] updated to the latest version (ATT&CK v10) [Alexandre Dulaunoy] - [internal] Faster tag capturing. [Jakub Onderka] - [internal] Simplify UserSetting code. [Jakub Onderka] - [misp-stix] Bumped latest version. [chrisr3d] - [Server:update] Execute git submodule sync before updating. [Sami Mokaddem] This is done in order to make sure the submodules' remote URL is inline with the value defined in the .gitmodules - [install] Regenerated install script to include the latest changes + update installer checksums. [chrisr3d] - [doc] Update to OpenBSD 7.0. [Steve Clement] - [doc] Added 3 more optionals. [Steve Clement] - [github actions] Enabling tests on the `misp-stix` branch (at least temporarily) [chrisr3d] - [stix2 export] Using specific filter `stix-version` instead of `version` that is too generic and used somewhere else. [chrisr3d] - [schema] Set sharing group name as unique index. [Jakub Onderka] - [internal] Simplify code for compareDBIndexes. [Jakub Onderka] - [internal] Change way how to remove focus from URL. [Jakub Onderka] - [internal] Convert to const array. [Jakub Onderka] - [internal] Remove duplicates from acceptedFilteringNamedParams. [Jakub Onderka] - [API] Simplify handling deleted attributes. [Jakub Onderka] - [UI] Simplify performQuery method. [Jakub Onderka] - [UI] Simplify HTML code. [Jakub Onderka] - [ajax] Return correct error code when user is not logged. [Jakub Onderka] - [Server:update] Execute git submodule sync before updating. [Sami Mokaddem] This is done in order to make sure the submodules' remote URL is inline with the value defined in the .gitmodules - [internal] Faster tag extraction. [Jakub Onderka] - [auditlog] Optimise fetching old records. [Jakub Onderka] - [internal] Update correlations just when necessary. [Jakub Onderka] - [internal] Event::unpublishEvent method. [Jakub Onderka] - [internal] Simplify validation for Event org_id and orgc_id fields. [Jakub Onderka] - [internal] Move UUID generation to beforeSave method. [Jakub Onderka] - [internal] SaveMany for Event::add_original_file. [Jakub Onderka] - [internal] Simplify Event::__attachReferences. [Jakub Onderka] - [internal] Optimise fetching correlations. [Jakub Onderka] - [internal] Simplify Event::beforeValidate. [Jakub Onderka] - [internal] Simplify Attribute::beforeValidate. [Jakub Onderka] - [internal] Simplify validation. [Jakub Onderka] - [internal] Optimise beforeValidate for object. [Jakub Onderka] - [internal] Optimise datetimeOrNull method. [Jakub Onderka] - [internal] Optimise JSONConverterTool. [Jakub Onderka] - [modules] Use JsonTool. [Jakub Onderka] - [stix-export] Use JsonTool. [Jakub Onderka] - [pubsub] Optimise. [Jakub Onderka] - [internal] Optimise validators. [Jakub Onderka] - [internal] Remove unused validation rule. [Jakub Onderka] - [internal] Fix validation for UserSetting value. [Jakub Onderka] - [internal] Remove unused method. [Jakub Onderka] - [internal] Use reference for event modification. [Jakub Onderka] - [internal] Optimise code for fetch proposals for events. [Jakub Onderka] - [internal] Simplified attaching sharing groups. [Jakub Onderka] - [internal] Do not specify fields when fetching object. [Jakub Onderka] - [internal] Optimise fetching event when pulling. [Jakub Onderka] - [internal] Fix setting cleanDb admin setting. [Jakub Onderka] - [internal] Do less work when checking if db is updated. [Jakub Onderka] - [internal] Code cleanup for Server::pull method. [Jakub Onderka] - [UI] For first/last seen show timezone in tooltip. [Jakub Onderka] - [UI] Event tooltips. [Jakub Onderka] - [sync] Better exception handling. [Jakub Onderka] - [sync] Use server sync tool for compatibility check. [Jakub Onderka] - [internal] Create log entry for compatibility check. [Jakub Onderka] - [internal] Code cleanup for EventsController::__indexRestResponse. [Jakub Onderka] - [internal] Small optimisations for index REST response. [Jakub Onderka] - [internal] Remove user id from fetched columns. [Jakub Onderka] - [API] Fetch sharing groups in different query. [Jakub Onderka] - [API] Optimise fetching event index. [Jakub Onderka] - [event-index] Faster fetching empty results. [Jakub Onderka] - [index] Faster event filtering by multiple tags. [Jakub Onderka] - [internal] Event tags are deleted by quick delete. [Jakub Onderka] - [event-index] Simplified condition for minimal search. [Jakub Onderka] - [test] test_search_index_by_attribute. [Jakub Onderka] - [test] test_search_index_minimal_published. [Jakub Onderka] - [event index] For non exists email, do not return any event. [Jakub Onderka] - [test] Tests for event index – search not by info. [Jakub Onderka] - [test] test_search_index_by_email_admin. [Jakub Onderka] - [internal] Handle non admin search event by email differently. [Jakub Onderka] - [test] Tests for event index search by email. [Jakub Onderka] - [test] Add more test for event index. [Jakub Onderka] - [internal] Another bunch of event filter optim. [Jakub Onderka] - [rest] Do not copy data. [Jakub Onderka] - [rest] Close session to allow concurrent requests. [Jakub Onderka] - [test] temp folder is not writable. [Jakub Onderka] - [test] Better tests for event index. [Jakub Onderka] - [index] Simplified code for org matching. [Jakub Onderka] - [test] More tests for event index. [Jakub Onderka] - [test] Tests for event index. [Jakub Onderka] - [stix-export] Code cleanup. [Jakub Onderka] - [export] Check method existence rather than another variable. [Jakub Onderka] - [stix-export] Throw exception on error. [Jakub Onderka] - [stix-export] Store temp file in default folder. [Jakub Onderka] - [stix-export] Try to directly return TmpFileTool. [Jakub Onderka] - [stix-export] Use more reliable file processing. [Jakub Onderka] - [stix-export] Use TmpFileTool. [Jakub Onderka] - [stix-export] Simplified loading python bin. [Jakub Onderka] - [internal] Use JsonTool for JSON encoding. [Jakub Onderka] - [internal] Use tmp folder for stix upload. [Jakub Onderka] - [internal] Use FileAccessTool for STIX upload. [Jakub Onderka] - [internal] Use FileAccessTool for Event::__getTagNamesFromSynonyms. [Jakub Onderka] - [internal] Use FileAccessTool for Feed::unzipFirstFile. [Jakub Onderka] - [internal] Use FileAccessTool for publishing sightings. [Jakub Onderka] Fix ~~~ - [tools:backgroundjob] Support of legacy systems (3) [Sami Mokaddem] - [tools:backgroundjob] Support of legacy systems (2) [Sami Mokaddem] - [backgroundjob] Support of legacy system. [Sami Mokaddem] - Update dep for fixing php74 build. [Luciano Righetti] - ServerShell fails if SimpleBackgroundJobs config does not exists. [Luciano Righetti] - [internal] Attaching cluster. [Jakub Onderka] - [systemSetting] Check if database exists. [Jakub Onderka] - [internal] Try to create directory if not exist. [Jakub Onderka] - [user creation] don't show old style API key in the UI if advanced authkeys are enabled. [iglocska] - confusing and unusable anyway - [user creation] Don't create an advanced authkey by default when creating a new user. [iglocska] - nobody will see the initial key, users can always create API keys for themselves - [internal] Remove redundant condition. [Jakub Onderka] - [internal] Correctly count matched attributes. [Jakub Onderka] - [internal] Skip empty line. [Jakub Onderka] - [internal] Update JSON. [Jakub Onderka] - [internal] Param order. [Jakub Onderka] - [internal] Private property access. [Jakub Onderka] - [CLI] redisMemoryUsage. [Jakub Onderka] - [UI] Correct attaching cache timestamp to server. [Jakub Onderka] - [internal] Remove unused MISP.cached_attachments setting. [Jakub Onderka] - Wrong default. [Luciano Righetti] - Wrong default. [Luciano Righetti] - Allow start worker by queue type. [Luciano Righetti] - Issues when worker is stopped, allow null pid and user in worker class. [Luciano Righetti] - Do not fail on process_id=null. [Luciano Righetti] - Class not found issue. [Luciano Righetti] - Bad merge. [Luciano Righetti] - Minor cs issues. [Luciano Righetti] - Revert bad merge. [Luciano Righetti] - Fix typo. [Luciano Righetti] - Replace splat operator, follow cake 2.x private methods naming. [Luciano Righetti] - Change expected db version. [Luciano Righetti] - Wrong update query. [Luciano Righetti] - Use class registry to get job class. [Luciano Righetti] - Add missing jobId param to enqueue() calls. [Luciano Righetti] - Fix get worker status. [Luciano Righetti] - Handle job status not found. [Luciano Righetti] - Fix typo. [Luciano Righetti] - Return correct X-Result-Count value in /attributes/restSearch. [Luciano Righetti] - [CLI] fixes to the appshell. [iglocska] - always load the configload task - [CLI/background jobs] reverted removal of perform command. [iglocska] - [email OTP] subject tag fixed. [iglocska] - [MISP foo] to [foo MISP] to be aligned with other e-mails - [doc] Added missing misp-stix to the documentation. [Steve Clement] - [schema] updated. [iglocska] - [internal] Remove unused helper. [Jakub Onderka] - [internal] Remove potentially problematic and non functional searchAlternate. [Jakub Onderka] - [config] Remove not used Attributes_Values_Filter_In_Event. [Jakub Onderka] - [internal] Fetching clusters. [Jakub Onderka] - [tags] enforce local_only check on backend. [Loïc Fortemps] - [API] Object reference view. [Jakub Onderka] - [auditlog] Fetch event_id when necessary. [Jakub Onderka] - [API] Do not allow same tags for one object (local/global) [Jakub Onderka] - [internal] Attaching tags to attachment attribute. [Jakub Onderka] - [test] Permission for workers. [Jakub Onderka] - [API] Exception value. [Jakub Onderka] - [API] UserSetting::getSetting method. [Jakub Onderka] - [API] Deleting user setting. [Jakub Onderka] - [UI] Ignore harvest exception. [Jakub Onderka] - [UI] Correct link to focus. [Jakub Onderka] - [API] Remove default filters for viewEventAttributes. [Jakub Onderka] - [UI] Element name. [Jakub Onderka] - [UI] Filtering attribute when distribution is zero. [Jakub Onderka] - [UI] Feed hits. [Jakub Onderka] - [UI] Add link to full attribute. [Jakub Onderka] - [validation] Correctly validate filename|tlsh attribute. [Jakub Onderka] - [internal] removeOrphanedCorrelations. [Jakub Onderka] - [internal] Filename|xxx could not contain new line char. [Jakub Onderka] - [internal] named pipe validation. [Jakub Onderka] - [internal] Remove unreachable code. [Jakub Onderka] - [internal] Simplify Attribute code. [Jakub Onderka] - [API] Simplify some validations. [Jakub Onderka] - [cti-python-stix2] Correctly bumped latest version... [chrisr3d] - [cti-python-stix2] Correctly bumped latest version... [chrisr3d] - [database] upgrade script using mb4 defaulted to 255 key length. [iglocska] - default should be 191 - [API] Faster assigning objects and attributes to references. [Jakub Onderka] - [internal] Do not duplicate column. [Jakub Onderka] - [API] Simplify linking proposals to attributes. [Jakub Onderka] - [API] Simplify fetchEvent code. [Jakub Onderka] - [internal] Attaching servere/feed correlation to proposals. [Jakub Onderka] - [internal] Proposal validation. [Jakub Onderka] - [schema] Modify User.change_pw column to boolean. [Jakub Onderka] - [internal] No exception when db logs are disabled. [Jakub Onderka] - [UI] Correct values for deleted attribute filtering. [Jakub Onderka] - [github actions] For the tests purpose, installing the stix1 python library from the submodule. [chrisr3d] - [gitignore] Removed directories related to python libraries. [chrisr3d] - [stix python install] Added STIX python dependencies to the install. [chrisr3d] - [validation] TLSH new format validation added. [iglocska] - ffs - [internal] Do not allow deleting SG when object or event reprot is assigned to that SG. [Jakub Onderka] - [internal] Prevent duplicate org for sharing group. [Jakub Onderka] - [CLI] Cluster publishing. [Jakub Onderka] - [UI] Active rules value. [Jakub Onderka] - [UI] Event filtering. [Jakub Onderka] - [ui] Do not call checkAndSetPublishedInfo when no need. [Jakub Onderka] - [UI] Correctly handle links to related events. [Jakub Onderka] - [UI] Broken tag attaching. [Jakub Onderka] - [internal] Deleting events. [Jakub Onderka] - [internal] Try to prevent deadlocks when updating event attribute count. [Jakub Onderka] - [internal] Fetch event index in CSV. [Jakub Onderka] - [test] Fix event index tests. [Jakub Onderka] - [UI] Undefined index. [Jakub Onderka] - [stix-export] Delete tmp files. [Jakub Onderka] - [index] Org condition. [Jakub Onderka] - [index] Remove all virtual fields. [Jakub Onderka] - [API] Fix fetching events by org UUID. [Jakub Onderka] - [event index] search by org fixed when using string names, fixes MISP/PyMISP#799. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7971 from JakubOnderka/apcu. [Jakub Onderka] new: [internal] Faster caching - Merge pull request #7970 from JakubOnderka/fix-diagnostics. [Jakub Onderka] fix: [internal] Try to create directory if not exist - Merge pull request #7965 from JakubOnderka/bg-worker-simplify. [Jakub Onderka] chg: [internal] Bg worker cleanup - Merge pull request #7956 from JakubOnderka/fix-attr-count. [Jakub Onderka] fix: [internal] Correctly count matched attributes - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7959 from JakubOnderka/remote-version-checking. [Jakub Onderka] chg: [internal] Simplified remote version checking - Merge pull request #7958 from JakubOnderka/bg-fix. [Jakub Onderka] Bg fix - Merge pull request #7955 from JakubOnderka/code-style-background-jobs. [Jakub Onderka] chg: [internal] Code style - Merge pull request #7954 from JakubOnderka/sub. [Jakub Onderka] new: [user] Add sub field for user - Merge pull request #7949 from JakubOnderka/server-caching. [Jakub Onderka] Server caching - Merge pull request #7953 from JakubOnderka/cached_attachments_remove. [Jakub Onderka] fix: [internal] Remove unused MISP.cached_attachments setting - Merge pull request #7939 from righel/add_simple_background_jobs. [Andras Iklody] Add simple background jobs - Merge branch 'develop' into add_simple_background_jobs. [Luciano Righetti] - Merge branch 'develop' into add_simple_background_jobs. [Luciano Righetti] - Add: add initial new simple background jobs. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7946 from JakubOnderka/redis-memory-usage. [Jakub Onderka] new: [CLI] Redis memory usage diagnostics - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #7944 from SteveClement/guides. [Steve Clement] fix: [doc] Added missing misp-stix to the documentation - Merge pull request #7817 from fandigunawan/supports-minio. [Alexandre Dulaunoy] new: Supports MinIO as alternative to AWS S3 - Adds default TLS validation to true and supports custom CA path. [Fandi Gunawan] - Supports MinIO as alternative to AWS S3. [Fandi Gunawan] - Merge pull request #7938 from JakubOnderka/authkeys-encrypted-vol2. [Jakub Onderka] Authkeys encrypted vol2 - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7937 from JakubOnderka/app-controller-cleanup- vol4. [Jakub Onderka] App controller cleanup vol4 - Merge pull request #7936 from JakubOnderka/app-model-cleanup. [Jakub Onderka] chg: [internal] App model cleanup - Merge pull request #7932 from JakubOnderka/pulling-simplify. [Jakub Onderka] chg: [internal] Simplify code for pulling events - Merge pull request #7935 from JakubOnderka/system-setting-security. [Jakub Onderka] chg: [internal] Make system setting more secure - Merge pull request #7742 from JakubOnderka/get-uuids-deprecate. [Jakub Onderka] chg: [internal] Deprecate Org::getUUIDs endpoint - Merge pull request #7934 from JakubOnderka/attribute-pagination. [Jakub Onderka] Attribute pagination - Merge pull request #7416 from JakubOnderka/menu-custom-right-link. [Jakub Onderka] new: [UI] Define custom right menu link - Merge pull request #7927 from JakubOnderka/system-setting. [Jakub Onderka] System setting in database - Merge pull request #7933 from JakubOnderka/attributes-index. [Jakub Onderka] Attributes index - Merge pull request #7931 from thijskh/shib-doc-fixes. [Alexandre Dulaunoy] Fix docblock formatting and add newer settings to README documentation - Fix docblock formatting and add newer settings to README documentation. [Thijs Kinkhorst] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'local_only' into develop. [iglocska] - Bump DB version. [Loïc Fortemps] - Merge branch 'develop' into local_tags. [Loïc Fortemps] - Adding a local_only option for Tags and Galaxies. [Loic Fortemps] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7928 from SteveClement/guides. [Steve Clement] - Merge pull request #7926 from SteveClement/guides. [Steve Clement] - Merge pull request #7918 from StefanKelm/2.4. [Luciano Righetti] Update openapi.yaml - Update openapi.yaml. [StefanKelm] tiny typo... - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7904 from StefanKelm/2.4. [Luciano Righetti] Update openapi.yaml - Update openapi.yaml. [StefanKelm] small copy-n-paste error - Merge pull request #7854 from JakubOnderka/save-optim. [Jakub Onderka] chg: [internal] Optimise saving attributes - Merge pull request #7915 from JakubOnderka/fix-saving-attribute. [Jakub Onderka] fix: [internal] Attaching tags to attachment attribute - Merge pull request #7914 from JakubOnderka/audit-log-behaviour-optim. [Jakub Onderka] Audit log behaviour optim - Merge pull request #7913 from JakubOnderka/fetchAttribute. [Jakub Onderka] chg: [internal] Optimise Attribute::fetchAttribute - Merge pull request #7910 from JakubOnderka/object-templates. [Jakub Onderka] Object templates - Merge pull request #7911 from JakubOnderka/bulkSaveRelations. [Jakub Onderka] chg: [internal] Optimise bulkSaveRelations - Merge pull request #7912 from JakubOnderka/audit-log-optim. [Jakub Onderka] chg: [internal] Optimise AuditLog - Merge pull request #7908 from JakubOnderka/test_restsearch_event_by_tags. [Jakub Onderka] new: [test] test_restsearch_event_by_tags - Merge pull request #7909 from JakubOnderka/galaxy-cluster-relation- tag. [Jakub Onderka] chg: [internal] Simplify creating tag - Merge pull request #7890 from JakubOnderka/thret-level-notification. [Jakub Onderka] new: [settings] Allow to use ThreatLevel.name for alert filter - Merge pull request #7891 from JakubOnderka/faster-galaxy-import. [Jakub Onderka] chg: [internal] Faster importing galaxy relation tags - Merge pull request #7852 from JakubOnderka/optimise-sighting. [Jakub Onderka] chg: [internal] Optimise sightings - Merge pull request #7907 from JakubOnderka/view-event-attriubtes- ignore. [Jakub Onderka] View event attriubtes ignore - Merge pull request #7905 from JakubOnderka/fix-view-event-attributes. [Jakub Onderka] Fix view event attributes - Merge pull request #7903 from JakubOnderka/fix-filter-distribution- zero. [Jakub Onderka] fix: [UI] Filtering attribute when distribution is zero - Merge pull request #7887 from thijskh/patch-1. [Alexandre Dulaunoy] Clarify some aspects of the Shibboleth config - Clarify some aspects of the Shibboleth config. [Thijs Kinkhorst] - Merge pull request #7902 from JakubOnderka/attribute-list-link. [Jakub Onderka] fix: [UI] Add link to full attribute - Merge pull request #7901 from JakubOnderka/tlsh-validation-fix. [Jakub Onderka] fix: [validation] Correctly validate filename|tlsh attribute - Merge pull request #7897 from JakubOnderka/preview-index-api. [Jakub Onderka] Preview index api - Merge pull request #7899 from JakubOnderka/admin-shell. [Jakub Onderka] new: [CLI] New task for removeOrphanedCorrelations and optimiseTables - Merge pull request #7900 from JakubOnderka/fetch-feed. [Jakub Onderka] chg: [internal] Better error messages when fetching feeds - Merge pull request #7896 from JakubOnderka/fix-remove-orphaned- correlation. [Jakub Onderka] add: [test] test_remove_orphaned_correlations - Add: [test] test_remove_orphaned_correlations. [Jakub Onderka] - Merge pull request #7895 from JakubOnderka/attribute-validation-tool- fix. [Jakub Onderka] Attribute validation tool fix - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7894 from JakubOnderka/attribute-code-style. [Jakub Onderka] fix: [internal] Simplify Attribute code - Merge pull request #7893 from JakubOnderka/attribute-validation-tool. [Jakub Onderka] Attribute validation tool - Fixup! chg: [internal] Move attribute validation to different tool. [Jakub Onderka] - Add: [test] Basic test for AttributeValidationTool. [Jakub Onderka] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #7878 from imidoriya/patch-2. [Alexandre Dulaunoy] Exclude the /venv/* as it causes confusion - Exclude the /venv/* as it causes confusion. [Deku] - Merge pull request #7889 from JakubOnderka/reduce-sql. [Jakub Onderka] chg: [internal] Reduce one SQL query for every request - Merge pull request #7881 from JakubOnderka/attribute-tags. [Jakub Onderka] chg: [internal] Faster attaching attribute tags - Merge pull request #7886 from JakubOnderka/proposals-correaltions. [Jakub Onderka] fix: [internal] Attaching servere/feed correlation to proposals - Merge pull request #7885 from JakubOnderka/fix-proposal-validation. [Jakub Onderka] fix: [internal] Proposal validation - Merge pull request #7884 from JakubOnderka/faster-notifications. [Jakub Onderka] chg: [internal] Simplified notifications loading - Merge pull request #7882 from JakubOnderka/change-pw-fix. [Jakub Onderka] fix: [schema] Modify User.change_pw column to boolean - Merge pull request #7883 from JakubOnderka/skip-db-logs-fix. [Jakub Onderka] fix: [internal] No exception when db logs are disabled - Merge pull request #7880 from JakubOnderka/deleted-fixes. [Jakub Onderka] fix: [UI] Correct values for deleted attribute filtering - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7872 from JakubOnderka/faster-tag-capturing. [Jakub Onderka] chg: [internal] Faster tag capturing - Merge pull request #7873 from JakubOnderka/user-setting-cleanup. [Jakub Onderka] chg: [internal] Simplify UserSetting code - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge pull request #7841 from SteveClement/guides. [Steve Clement] - Merge branch 'MISP:2.4' into guides. [Steve Clement] - Merge pull request #7840 from amuehlem/2.4. [Alexandre Dulaunoy] added 'git submodule sync' before 'git submodule update' - Added 'git submodule sync' before 'git submodule update' [Andreas Muehlemann] - Merge remote-tracking branch 'upstream/2.4' into guides. [Steve Clement] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge pull request #7871 from JakubOnderka/duplicate-sg-org. [Jakub Onderka] fix: [internal] Prevent duplicate org for sharing group - Merge pull request #7870 from JakubOnderka/code-cleanup-vol10. [Jakub Onderka] chg: [internal] Simplify code for compareDBIndexes - Merge pull request #7866 from JakubOnderka/publish-cluster-fix. [Jakub Onderka] fix: [CLI] Cluster publishing - Add: [test] Publishing galaxy cluster. [Jakub Onderka] - Merge pull request #7864 from JakubOnderka/handle-deleted. [Jakub Onderka] chg: [API] Simplify handling deleted attributes - Merge pull request #7863 from JakubOnderka/advanced-filtering. [Jakub Onderka] Advanced filtering cleanup - Merge pull request #7862 from JakubOnderka/test_deleted_attributes. [Jakub Onderka] new: [test] test_deleted_attributes - Merge pull request #7730 from JakubOnderka/user-setting-oidc. [Jakub Onderka] new: [oidc] User setting for oidc metadata - Merge pull request #7861 from JakubOnderka/ajax-401. [Jakub Onderka] chg: [ajax] Return correct error code when user is not logged - Merge pull request #7859 from JakubOnderka/fix-completeley-broken-ui. [Jakub Onderka] fix: [UI] Broken tag attaching - Merge pull request #7857 from JakubOnderka/faster-tag-extraction. [Jakub Onderka] chg: [internal] Faster tag extraction - Merge pull request #7855 from JakubOnderka/delete-event-fix. [Jakub Onderka] fix: [internal] Deleting events - Merge pull request #7851 from JakubOnderka/better-validation. [Jakub Onderka] Better validation - Merge pull request #7850 from JakubOnderka/optimise-event-fetch. [Jakub Onderka] chg: [internal] Optimise fetching event when pulling - Merge pull request #7849 from JakubOnderka/fix-clean-db. [Jakub Onderka] chg: [internal] Fix setting cleanDb admin setting - Merge pull request #7848 from JakubOnderka/update-less-work. [Jakub Onderka] chg: [internal] Do less work when checking if db is updated - Merge pull request #7797 from JakubOnderka/server-pull-cleanup. [Jakub Onderka] chg: [internal] Code cleanup for Server::pull method - Merge pull request #6562 from JakubOnderka/prevent-deadlocks. [Jakub Onderka] fix: [internal] Try to prevent deadlocks when updating event attribute count - Merge pull request #7036 from JakubOnderka/event-tooltips. [Jakub Onderka] Event tooltips - Merge pull request #7658 from JakubOnderka/compatiblity-check-log. [Jakub Onderka] chg: [internal] Create log entry for compatibility check - Merge pull request #7646 from JakubOnderka/server-sync-log. [Jakub Onderka] new: [sync] Server sync logging - Merge pull request #7584 from JakubOnderka/index-fetch-optim. [Jakub Onderka] Index fetch optim - Merge pull request #7748 from JakubOnderka/event-index-optim-vol2. [Jakub Onderka] chg: [internal] Another bunch of event filter optim - Fi: [test] test_search_index_by_email_admin. [Jakub Onderka] - Merge pull request #7847 from JakubOnderka/rest-search-optim-vol2. [Jakub Onderka] Rest search optim vol2 - Merge pull request #7844 from JakubOnderka/build-test-vol2. [Jakub Onderka] chg: [test] temp folder is not writable - Merge pull request #7845 from JakubOnderka/fix-ui-undefined-index. [Jakub Onderka] fix: [UI] Undefined index - Merge pull request #7846 from JakubOnderka/stix-delete-files. [Jakub Onderka] fix: [stix-export] Delete tmp files - Merge pull request #7843 from JakubOnderka/index-test-vol2. [Jakub Onderka] Index test vol2 - Merge pull request #7842 from JakubOnderka/index-test. [Jakub Onderka] chg: [test] Tests for event index - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7835 from JakubOnderka/stix-export. [Jakub Onderka] chg: [internal] Simplified loading python bin - Merge pull request #7832 from JakubOnderka/pulish-sightings-file. [Jakub Onderka] chg: [internal] Use FileAccessTool for publishing sightings v2.4.150 (2021-10-12) --------------------- New ~~~ - [test] Build test. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - Add missing action buttons. [Luciano Righetti] - Add tags and galaxies col. [Luciano Righetti] - Add sightings cols and actions. [Luciano Righetti] - Add attributes index custom fields. [Luciano Righetti] - Initial migration of attributes/index view to factory. [Luciano Righetti] - Migrate news views to factory. [Luciano Righetti] - [queryversion] bump. [iglocska] - [log] Log when saving tags fails for attribute or event. [Jakub Onderka] - [internal] Add new submodules to diagnostics page. [Jakub Onderka] - [UI] Show proper error when uploading event that already exists. [Jakub Onderka] - [feed] Move feed cache to proper folder. [Jakub Onderka] - [feed] Use FileAccessTool. [Jakub Onderka] - [feed] Simplified code for updating events from MISP feed. [Jakub Onderka] - [feed] Support unicode for feed preview search. [Jakub Onderka] - [feed] Faster saving freetext attributes. [Jakub Onderka] - [feed] Clean cache after feed modification. [Jakub Onderka] - [feed] Check ETag when fetching freetext feed. [Jakub Onderka] - [internal] Use hasAny for Org::canSee method. [Jakub Onderka] - [internal] Use findColumn for Org::getOrgIdsFromMeta method. [Jakub Onderka] - [internal] Use FileAccessTool to read country galaxy cluster. [Jakub Onderka] - [internal] Better logging when saving SharingGroup. [Jakub Onderka] - [internal] Simplify fetching Kafka topic. [Jakub Onderka] - [internal] Simplify SharingGroup::checkIfAuthorisedToSave. [Jakub Onderka] - [internal] Simplify Event::__captureObjects code. [Jakub Onderka] - [internal] Remove dead code. [Jakub Onderka] - [internal] No need to initialize Sighting model. [Jakub Onderka] - [internal] Remove unused attribute from MispObject::captureObject method. [Jakub Onderka] - [internal] Remove unused code when saving attributes for event. [Jakub Onderka] - [internal] Simplified code for MispObject::captureObject. [Jakub Onderka] - [internal] Faster saving attributes. [Jakub Onderka] - [internal] Save multiple tags in one call. [Jakub Onderka] - [internal] Simplified SharingGroup::appendOrgsAndServers. [Jakub Onderka] - [internal] Remove unused method Tag::findEventTags. [Jakub Onderka] - [internal] Cache capturing tag results. [Jakub Onderka] - [internal] Faster validating SG. [Jakub Onderka] - [internal] Remove unused method. [Jakub Onderka] - [internal] Simplified SharingGroup::checkIfAuthorised method. [Jakub Onderka] - [internal] Use hasAny for SG existence check. [Jakub Onderka] - [internal] Use ?: operator. [Jakub Onderka] - [internal] Use hasAny method for checkIfAuthorised methods. [Jakub Onderka] - [internal] Simplified Attribute::editAttribute method. [Jakub Onderka] - [internal] Move Attribute::resizeImage method to AttachmentTool. [Jakub Onderka] - [internal] Default distribution method. [Jakub Onderka] - [internal] Attribute::onDemandEncrypt faster. [Jakub Onderka] - [internal] Delete unused method Attribute::saveAndEncryptAttribute. [Jakub Onderka] - [internal] Faster saving origin file. [Jakub Onderka] - [internal] Optimise Attribute::valueIsUnique check. [Jakub Onderka] - [internal] Do not encode/decode base64 for simpleAddMalwareSample. [Jakub Onderka] - [internal] Use FileAccessTool in AttachmentTool. [Jakub Onderka] - [internal] Allow to save raw data. [Jakub Onderka] - [internal] Background processing refactoring. [Jakub Onderka] - [PyMISP] Update. [Jakub Onderka] - [misp-stix] Update. [Jakub Onderka] - [MISP/cakephp] updated - to get latest CA bundle. [Alexandre Dulaunoy] Fix ~~~ - [attribute index] fixed attribute tag widget. [iglocska] - notice errors due to missing variables in the closure - [attribute index] fix galaxy widget for the attribute index. [iglocska] - notice errors when logged in as a user - [attribute index] action ACL fixed. [iglocska] - Incorrect sort keys. [Luciano Righetti] - [internal] withCredentials property was added into $.ajaxSetup() to get rid of 403 and 302 responses. [MrBoba] - [internal] Fix saving tags. [Jakub Onderka] - [log] Undefined index local. [Jakub Onderka] - [internal] Remove unused SharingGroup::getSGSyncRules method. [Jakub Onderka] - [internal] Remove unused Event::checkIfAuthorised method. [Jakub Onderka] - [internal] Deleting event propagation to ZMQ and Kafka. [Jakub Onderka] - [shell] EventShell::contactemail command. [Jakub Onderka] - [community-metadata] Fix typos and improve wording. [Jeroen Pinoy] - [API] Return correct error message if event is blocklisted. [Jakub Onderka] - [attribute] Use `filename-pattern` [Jakub Onderka] - [internal] Server save setting file. [Jakub Onderka] - [stix1 export] Removed unnecessary write. [chrisr3d] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'attribute_index' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7633 from righel/migrate-news-views. [Andras Iklody] chg: migrate news views to factory. - Merge branch '2.4' into develop. [iglocska] - Revert "fix: [internal] withCredentials property was added into $.ajaxSetup() to get rid of 403 and 302 responses" [iglocska] This reverts commit b496161f5bf2a7f15ce52cf0dec62a52fc9d713e. - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7818 from MrBoba/fix-unauthorized-ajax. [Andras Iklody] fix: [internal] withCredentials property was added into $.ajaxSetup()… - Merge pull request #7833 from JakubOnderka/fix-local-tags. [Jakub Onderka] fix: [internal] Fix saving tags - Merge pull request #7831 from marjatech/marjatech-local-tag-import. [Andras Iklody] fix: keep tag local state when importing from json or sync from internal - Keep tag local state when importing from json or sync from internal. [misp-test] Fixes MISP#7810 When importing an Event via JSON, local tags inside the json should stay local after import too, and not be attached as global ones. Same applies for Sync-Operations from internal instances (for any other instance local tags get stripped anyway) - Merge pull request #7830 from JakubOnderka/audit-log-undefined-index. [Jakub Onderka] fix: [log] Undefined index local - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7826 from JakubOnderka/new-submodules. [Jakub Onderka] chg: [internal] Add new submodules to diagnostics page - Merge pull request #7827 from JakubOnderka/upload-stix-existing-uuid. [Jakub Onderka] chg: [UI] Show proper error when uploading event that already exists - Merge pull request #7798 from JakubOnderka/feed-etag. [Jakub Onderka] chg: [feed] Check ETag when fetching freetext feed - Chf: [feed] Cache MISP feed manifest file. [Jakub Onderka] - Merge pull request #7824 from JakubOnderka/code-cleanup-vol9. [Jakub Onderka] Code cleanup vol9 - Merge pull request #7823 from JakubOnderka/faster-attachment. [Jakub Onderka] chg: [internal] Allow to save raw data - Merge pull request #7821 from JakubOnderka/background-processing-chg. [Jakub Onderka] chg: [internal] Background processing refactoring - Merge pull request #7820 from JakubOnderka/build-test. [Jakub Onderka] new: [test] Build test - Merge pull request #7819 from Wachizungu/fix-communities-list- language. [Alexandre Dulaunoy] fix: [community-metadata] Fix typos and improve wording - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7816 from JakubOnderka/update-misp-stix. [Jakub Onderka] chg: [misp-stix] Update - Merge pull request #7638 from JakubOnderka/add-event-error. [Jakub Onderka] fix: [API] Return correct error message if event is blocklisted - Merge pull request #7710 from JakubOnderka/filename-pattern. [Jakub Onderka] fix: [attribute] Use `filename-pattern` - Merge pull request #7814 from JakubOnderka/server-save-setting. [Jakub Onderka] fix: [internal] Server save setting file - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] v2.4.149 (2021-10-09) --------------------- New ~~~ - [internal] Store MISP live status also in Redis. [Jakub Onderka] - [internal] OrgBlocklist::removeBlockedEvents. [Jakub Onderka] - [internal] Method Job::createJob. [Jakub Onderka] - Support for BECH32 (P2WPKH) BTC address. [Jakub Onderka] - [CLI] UserShell::ip_user command. [Jakub Onderka] - [CLI] New tasks that will check if Redis is available. [Jakub Onderka] - Add more /taxonomies/* endpoints api docs. [Luciano Righetti] - Add openapi docs for /users_settings/* endpoints. [Luciano Righetti] - [shell] Tag merging. [Jakub Onderka] - [event:notification] Added email notification ban system based on users triggering the notification. [mokaddem] - [cerebrate:pull_sg] Pull sharing groups from a cerebrate instance. [mokaddem] - [UI] Allow to filter attributes by specific warninglist. [Jakub Onderka] - [CLI] User shell. [Jakub Onderka] - [oidc] Allow to automatically unblock user after successful login. [Jakub Onderka] - [security] Disable browser autocomplete for authkeys field. [Jakub Onderka] - [export:host] RestSearch export for blackholing via host file. [mokaddem] - [warninglist] Assign warninglist comment. [Jakub Onderka] - [sighting:add] Ability to provide filtering parameters when adding sightings for specific values Fix #7669. [mokaddem] - [API] Allow to delete multiple events by UUID. [Jakub Onderka] - [test] Test more endpoints in sync test. [Jakub Onderka] - [API] Allow more granular specification what data to return when viewing event. [Jakub Onderka] - [test] Push to remote server. [Jakub Onderka] - [test] Sync. [Jakub Onderka] Changes ~~~~~~~ - [stix2 export] Using a specific filter to specify the STIX version. [chrisr3d] - `version` being too generic and used from another end point, we use `stix-version` in order to avoid confusion between the 2 filters - [install] Update installer checksums. [Steve Clement] - [PyMISP] bump to the latest version. [Alexandre Dulaunoy] - [GitHub action] install the python-cti-stix2 from the local submodule. [Alexandre Dulaunoy] - [GitHub action] raging on venv library path. [Alexandre Dulaunoy] - [GitHubAction] add2virtualenv the STIX stuff. [Alexandre Dulaunoy] - [modules] typo fixed. [Alexandre Dulaunoy] - [gitmodules] fix the branch to main. [Alexandre Dulaunoy] - [gitmodules] TLS is always fine. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [misp-object] updated. [Alexandre Dulaunoy] - [misp-stix] Bumped latest version including recent PR merged. [chrisr3d] - [stix] Bumped latest version of `misp-stix` $ `cti-python-stix2` python libraries. [chrisr3d] - [INSTALL] Removing the install commands for the STIX libraries. [chrisr3d] - [stix2 export] Moved the stix2 python library with its stix1 friends in the `scripts` dir. [chrisr3d] - [users:routeafterlogin] Allow forcing the pre-login URL to be HTTPS. [Sami Mokaddem] This can be achieved by turning the setting MISP.forceHTTPSforPreLoginRequestedURL to true. - [misp-stix] Bumped the latest version including some fixes and updates. [chrisr3d] - [misp-stix] Bumped latest misp-stix version. [chrisr3d] - [stix export] Removed mapping files not used anymore. [chrisr3d] - The STIX1 & STIX2 mapping is now managed with the misp-stix python library - [cti-python-stix2] Bumped latest version. [chrisr3d] - [misp-stix] Bumped latest version. [chrisr3d] - [stix1 export] Using the misp-stix library to export MISP format into STIX 1.1.1 or 1.2. [chrisr3d] - [stix export] Updated Stix export libraries. [chrisr3d] - Including parameters to define versions in the restSearch filters - New parameters to call the python scripts - [misp-stix] Bumped latest version. [chrisr3d] - [misp-stix] Updated to the latest version. [chrisr3d] - [internal] Generate correlations just once. [Jakub Onderka] - [internal] Faster adding tags to attributes. [Jakub Onderka] - [users:routeafterlogin] Allow forcing the pre-login URL to be HTTPS. [Sami Mokaddem] This can be achieved by turning the setting MISP.forceHTTPSforPreLoginRequestedURL to true. - [internal] Use hasAny. [Jakub Onderka] - [internal] Faster event tag attaching. [Jakub Onderka] - [misp-warninglists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [warning-list] updated. [Alexandre Dulaunoy] - [gitmodules] as Branch 2.x was removed from the original repository, we now use our own repo. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - Detail attribute categories in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [internal] Refactor FileAccessTool. [Jakub Onderka] - [internal] Simplified EventsController::view code. [Jakub Onderka] - [sync] Use server sync tool for fetching remote events index. [Jakub Onderka] - [warning-lists] updated. [Alexandre Dulaunoy] - [internal] Use AdminSetting::getSetting method. [Jakub Onderka] - [internal] Fetch just value for AdminSetting::getSetting method. [Jakub Onderka] - [internal] Switch admin setting name column to unique index. [Jakub Onderka] - [internal] Faster Attribute search. [Jakub Onderka] - [gitmodules] as Branch 2.x was removed from the original repository, we now use our own repo. [Alexandre Dulaunoy] - [internal] Server::command_line_functions is generated on demand. [Jakub Onderka] - [internal] Do not try to save config when config file is not writeable. [Jakub Onderka] - [internal] Cleanup AdminShell::{updateJSON,runUpdates} [Jakub Onderka] - [internal] Optimise saving logs. [Jakub Onderka] - [internal] Cleanup unnecessary permissions. [Jakub Onderka] - [internal] Simplify ACLComponent. [Jakub Onderka] - [internal] AppController code cleanup. [Jakub Onderka] - [internal] Move methods to specific controllers. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - Migrate /event_blocklist/add,edit to view factory. [Luciano Righetti] - Move org blocklists add and edit to new views factories. [Luciano Righetti] - Migrate org_blocklists/index view to factory. [Luciano Righetti] - Detail attribute categories in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] - Detail attribute types in openapi doc. [Luciano Righetti] - [internal] Code cleanup. [Jakub Onderka] - [UI] Better error messages when uploading MISP file. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] - [internal] Try to fix validation when value1 and value2 provided. [Jakub Onderka] - [UI] PGP error message. [Jakub Onderka] - [internal] Do not fetch authkey from db. [Jakub Onderka] - [internal] Do not fetch password from db. [Jakub Onderka] - [internal] Do not fetch keys from db for authkey login. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [internal] Remove deprecated variables. [Jakub Onderka] - [internal] Optimise fetching event index by org or by email. [Jakub Onderka] - [internal] Check if file exists. [Jakub Onderka] - [internal] Simplify ServerShell code. [Jakub Onderka] - [internal] Faster capturing organisation. [Jakub Onderka] - [internal] Remove AdminSetting from AuditLog. [Jakub Onderka] - [internal] Use faster algo for checking duplicate objects. [Jakub Onderka] - [internal] Faster editing attributes when change is required. [Jakub Onderka] - [internal] Faster capturing object attributes. [Jakub Onderka] - [internal] Faster processing freetext import. [Jakub Onderka] - [UI] Add link to exact attribute for related attribute. [Jakub Onderka] - [internal] Do not fetch tags for related attributes. [Jakub Onderka] - [misp-wipe] wipe auth_keys tables. [Richard van den Berg] - Add openapi docs for [POST]/admin/logs. [Luciano Righetti] - [PyMISP] Bump. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - Skip dev dependencies when installing via INSTALL.sh script. [Luciano Righetti] - [alert] Deprecate `publish_alerts_summary_only`, this option just duplicate `event_alert_metadata_only` [Jakub Onderka] - [user:checkNotificationBanStatus] Typo in comment. [mokaddem] - [PyMISP] updated. [Alexandre Dulaunoy] - [internal] Simplify code for editing object. [Jakub Onderka] - [internal] Simplify code for editing attribute. [Jakub Onderka] - [internal] Faster calls. [Jakub Onderka] - [internal] Use correlation object from attribute. [Jakub Onderka] - [internal] Faster deleting correlation when deleting attribute. [Jakub Onderka] - [internal] Optimise ssdeep correlation. [Jakub Onderka] - [internal] Use object variable and not Configure again and again. [Jakub Onderka] - [internal] Do not fetch 'Event.disable_correlation' field. [Jakub Onderka] - [internal] Fetch just necessary attributes when editing attribute. [Jakub Onderka] - [internal] Fetch less CIDR for correlation. [Jakub Onderka] - Add openapi docs for [POST]/admin/logs. [Luciano Righetti] - [sync] Examine less events for sightings pulling. [Jakub Onderka] - [UI] Sort orgs by name in statistics. [Jakub Onderka] - [optim] Little optimise sighting statistics. [Jakub Onderka] - [internal] Throw exception if JSON could not be encoded. [Jakub Onderka] - [internal] Simplify capturing object code. [Jakub Onderka] - [internal] Simplify capturing attribute code. [Jakub Onderka] - [correlation] Allow to drop Correlation.{date,info} columns. [Jakub Onderka] - [PyMISP] updated. [Alexandre Dulaunoy] - [diagnostic] Bumped updated STIX python libraries versions. [chrisr3d] - Should fix diagnostic issues with version mentioned in #7054 - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [internal] Server controller cleanup. [Jakub Onderka] - [security] Use const hasher also for login. [Jakub Onderka] - [sync] Use server sync to get available sync filtering rules. [Jakub Onderka] - [sync] Simplify server post test code. [Jakub Onderka] - [sync] Use server sync tool for connection test. [Jakub Onderka] - [security] Mitigate timing attacks when comparing advanced auth keys hashes. [Jakub Onderka] - [restResponseComponent] Added doc for new sighting/add filters parameter. [Sami Mokaddem] - [sync] Filter out events that do not exist locally when pulling sightings. [Jakub Onderka] - [sync] Pull just necessary data when pulling sightings. [Jakub Onderka] - [sync] Use sync tool for pulling proposals. [Jakub Onderka] - [validation] UUID unique validation. [Jakub Onderka] - [schema] Mark more indexes as unique. [Jakub Onderka] - [attributes] fixed typo in genCategoriesDefinitions function name. [Christophe Vandeplas] - Update openapi spec with new parameters in add sightings endpoint. [Luciano Righetti] - [i18n] Updated default.pot. [Steve Clement] - [UI] Show matched value for warninglist search. [Jakub Onderka] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - Migrate sharing_views/view/[id] to factory. [Luciano Righetti] - [sync] Remove `commit` and MISP-version from HTTP header. [Jakub Onderka] - Remove previous /tags/edit view. [Luciano Righetti] - Migrate /tags/add view to factory. [Luciano Righetti] - [schema] Organisation name should be unique. [Jakub Onderka] - [internal] Fetch just necessary fields when capturing tag. [Jakub Onderka] - [internal] Do not fetch attribute tags when editing attribute. [Jakub Onderka] - [schema] Tag name should be unique. [Jakub Onderka] - [internal] Do not load exclusion list from Redis again and again. [Jakub Onderka] - [sync] Pull events with less info. [Jakub Onderka] - [schema] Sightings UUID column should be unique. [Jakub Onderka] - [internal] Convert PubSubTool to static. [Jakub Onderka] - [internal] Simplified code for adding events. [Jakub Onderka] - [internal] Do not keep original variable to save memory. [Jakub Onderka] - [internal] Simplified Event::getRelatedAttributes. [Jakub Onderka] - [internal] Use hash for removing duplicate attributes. [Jakub Onderka] - [internal] Use one EventLock instance. [Jakub Onderka] - [internal] Cleanup code responsible for adding events. [Jakub Onderka] - [rest] Change User-Agent to `MISP REST Client` [Jakub Onderka] - [UI] Cleanup REST client template. [Jakub Onderka] - [internal] Do not convert values to lower, since collation is already case-insensitive. [Jakub Onderka] - [internal] Code style for event pulling. [Jakub Onderka] - [sync] Refactor server overlap events fetching. [Jakub Onderka] - [sync] Better error handling for pulling. [Jakub Onderka] - [internal] Better exception handling for server sync. [Jakub Onderka] - [logbehaviour] skipfields reverted to an array from a constant. [iglocska] - keeps ancient PHP versions happy (as happy as anyone can be knowing they run ancient PHP versions) - [internal] Log exception for remote server POST test. [Jakub Onderka] - [internal] Optimise updating galaxies. [Jakub Onderka] - [internal] Remove unused methods. [Jakub Onderka] - [internal] Galaxy cluster relation UUID must be RFC 4122 valid. [Jakub Onderka] - [internal] Faster removing blocked events. [Jakub Onderka] - [schema] Mark event_blocklist uuid column as unique. [Jakub Onderka] - [taxonomies] Migrated views to use the UI factories. [mokaddem] - [ui] Various improvements in factories. [mokaddem] Fix ~~~ - [misp-stix] updated to the latest version (incorrect submodule) [Alexandre Dulaunoy] Fix #7812 - Sharing groups dropdown not showing when adding a feed with distribution set to sharing group. [Luciano Righetti] - [misp-stix] Bumped latest version. [chrisr3d] - [github actions] removed the cti stix installation as it's no longer there. [iglocska] - [github actions] removed the cti stix installation as it's no longer there. [iglocska] - [stix2 import] Using path to import the stix2 python library. [chrisr3d] - [stix1 export] Added the required stix python library path for their import. [chrisr3d] - Support of the coming changes to use paths instead of maintaining the pip updates - [stix1 import] Quick fix due to some recent changes library changes and the support of STIX 1.2. [chrisr3d] - [stix export] Aligning path of the STIX2 python library to following its recent location change. [chrisr3d] - [stix export] Added all the needed paths to load the required python libraries. [chrisr3d] - [misp-stix] Bumped latest version with a quick fix on email objects export as STIX 2.0 & 2.1. [chrisr3d] - [diagnostic] Updated stix2 python library requirements. [chrisr3d] - [stix1 export] Removed debugging prints. [chrisr3d] - [stix export] Quick single line php `if else` command clean-up. [chrisr3d] - [gitmodules] Added current misp-stix branch. [chrisr3d] - [misp-stix] Dumped latest MISP-STIX Converter version. [chrisr3d] - [log] Do not call callbacks when deleting. [Jakub Onderka] - [users] adding/modifying users fails silently for org admins if domain restriction checks fail. [iglocska] - [organisations] correctly handle a list of org domain restrictions. [iglocska] - [internal] Bad merge. [Jakub Onderka] - Incorrect check for alertemail and publishSightings event commands. [Luciano Righetti] - Incorrect check for publish event command. [Luciano Righetti] - [shells] Sync improved cmd line help to 9d7da310. [Matjaz Rihtar] - [shells] Additional command line help. [Matjaz Rihtar] - [refanging] Fix test for commit b7733615. [Matjaz Rihtar] - [shells] Fixed/improved command line help. [Matjaz Rihtar] - [eventReport:contextExtraction] Make sure the cluster's value has enough characters before trying to perform the replacement. [mokaddem] - [stix1 import] Fixed STIX header call that made the classification of the STIX file always being external. [chrisr3d] - `from_misp` variable was always False since the try / catch to get the title always raised an exception with `event.header` being an invalid attribute. The valid one is `event.stix_header` - [internal] Better error handling when uploading STIX file. [Jakub Onderka] - [internal] Undefined offset in AppController. [Jakub Onderka] - Wrong input name. [Luciano Righetti] - Add missing translation function. [Luciano Righetti] - Remove CRUDComponent usage. [Luciano Righetti] - Add missing new line. [Luciano Righetti] - Remove CRUDComponent usage to mantain same api response. [Luciano Righetti] - [eventReport:contextExtraction] Make sure the cluster's value has enough characters before trying to perform the replacement. [mokaddem] - [internal] Modifying domain|ip attribute. [Jakub Onderka] - [misp-retention] use update_tag. [Richard van den Berg] - Bug correlation exclusion comment overriding value. [Luciano Righetti] - [internal] Sending external e-mail. [Jakub Onderka] - [UI] Fix link to user profile. [Jakub Onderka] - [taxonomies] disabling tags via API call failed. [iglocska] - [taxonomies] enabling breaks on POST request if named parameters aren't used. [iglocska] - [Taxonomy] search for taxonomy by namespace when accessing /taxonomies/view. [iglocska] - [internal] Argument parsing for testEventNotificationEmail command. [Jakub Onderka] - [object] validation and modification fixes. [iglocska] - require certain metafields to be set (such as template uuid, template version, etc) - allow editing for unknown templates / no templates via the API (was previously incorrectly blocked / generated notices due to some UI related functionalities being triggered) - [acl] Added routes in ACL. [mokaddem] - [internal] Remove ssdeep data when deleting attribute. [Jakub Onderka] - [internal] Filtering warninglist in objects. [Jakub Onderka] - [UI] Warninglist order. [Jakub Onderka] - [internal] Typo. [Jakub Onderka] - Add missing requestBodies to servers endpoint. [Luciano Righetti] - [internal] Fetching filter rules. [Jakub Onderka] - [sync] Fix pulling sightings. [Jakub Onderka] - [sync] Pushing sightings. [Jakub Onderka] - [ACL] queryAvailableSyncFilteringRules is required just for site admins. [Jakub Onderka] - [security] Check permission when viewing shadow attribute picture. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [API] Deprecation header. [Jakub Onderka] - Fix query to make it work on all supported db engines. [Luciano Righetti] - [tools] fixed gen_misp_types_categories script. [Christophe Vandeplas] - Fix broken queries on postgres. [Luciano Righetti] - [eventReport:reprotFromEvent] Make sure filtering condition are not empty. [mokaddem] - [UI] Warninglist form. [Jakub Onderka] - [event:filter_value] Allow searching for multiple values. [mokaddem] - [db_schema] Fixed column default value for audit_log table - Fix #7662. [mokaddem] - [event:view] Attribute filtering widget `deleted` parameter inconsistency. [mokaddem] - Potentially fix #7594 - [log] Array to string conversion. [Jakub Onderka] - [API] Boolean options in index filter conditions. [Jakub Onderka] - [internal] Shadow attributes don't have tags. [Jakub Onderka] - [acl] Bumped ACL. [mokaddem] Other ~~~~~ - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'misp-stix' into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Add: [stix export] Submoduled all the required python libraries. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Wip: [misp-stix] Bumped latest version. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Wip: [stix2 export] Args parsing to better handle parameters & Support for STIX 2.1. [chrisr3d] - Wip: [stix export, framing] Reworked misp_framing. [chrisr3d] - Made it cleaner - Made it support the STIX framing provided by misp-stix converter library - Merge branch '2.4' of https://github.com/MISP/MISP into misp-stix. [chrisr3d] - Wip: [stix2 export] Testing MISP-STIX python library with the included changes on the Export Lib and on the misp2stix2.py script. [chrisr3d] - Add: [submodules, stix] Added MISP-STIX converter library as submodule. [chrisr3d] - Merge pull request #7808 from JakubOnderka/tag-add. [Jakub Onderka] chg: [internal] Faster adding tags to attributes - Merge pull request #7809 from JakubOnderka/audit-log-fix. [Jakub Onderka] fix: [log] Do not call callbacks when deleting - Merge branch 'feature-force-https-for-pre-login-request' into develop. [Sami Mokaddem] - Merge pull request #7805 from JakubOnderka/event-tag-attach. [Jakub Onderka] chg: [internal] Faster event tag attaching - Merge pull request #7806 from JakubOnderka/bad-merge-fix. [Jakub Onderka] fix: [internal] Bad merge - Merge remote-tracking branch 'origin/2.4' into develop. [Sami Mokaddem] - Merge pull request #7224 from mrihtar/cmdLineHelp. [Andras Iklody] fix: [shells] Fixed/improved command line help - Merge branch '2.4' into cmdLineHelp. [Matjaz Rihtar] # Conflicts: # app/Console/Command/AdminShell.php # app/Console/Command/EventShell.php # app/Model/Server.php - Merge branch 'MISP:2.4' into 2.4. [Matjaz Rihtar] - Merge branch 'MISP:2.4' into 2.4. [Matjaz Rihtar] - Merge pull request #1 from MISP/2.4. [Matjaz Rihtar] Sync fork with original MISP/MISP - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #7792 from JakubOnderka/misp-live-redis-v2. [Jakub Onderka] new: [internal] Store MISP live status also in Redis - Merge pull request #7800 from JakubOnderka/file-accesss-tool. [Jakub Onderka] chg: [internal] Refactor FileAccessTool - Merge pull request #7796 from JakubOnderka/org-blocklist. [Jakub Onderka] new: [internal] OrgBlocklist::removeBlockedEvents - Merge pull request #7795 from JakubOnderka/event-view-controller. [Jakub Onderka] chg: [internal] Simplified EventsController::view code - Merge pull request #7688 from JakubOnderka/server-sync-get-ids. [Jakub Onderka] chg: [sync] Use server sync tool for fetching remote events index - Merge pull request #7779 from JakubOnderka/create-job. [Jakub Onderka] new: [internal] Method Job::createJob - Merge pull request #7791 from JakubOnderka/admin-settings. [Jakub Onderka] Admin settings - Merge pull request #7789 from JakubOnderka/stix-upload-error. [Jakub Onderka] Stix upload error - Merge pull request #7788 from JakubOnderka/search-attr-faster. [Jakub Onderka] chg: [internal] Faster Attribute search - Merge pull request #7778 from JakubOnderka/server-command-line. [Jakub Onderka] chg: [internal] Server::command_line_functions is generated on demand - Merge pull request #7780 from JakubOnderka/btc-bech32. [Jakub Onderka] new: Support for BECH32 (P2WPKH) BTC address - Merge pull request #7776 from JakubOnderka/user_shell_ip_user. [Jakub Onderka] new: [CLI] UserShell::ip_user command - Merge pull request #7775 from JakubOnderka/set-setting-not-writeable. [Jakub Onderka] chg: [internal] Do not try to save config when config file is not writeable - Merge pull request #7772 from JakubOnderka/update-cleanup. [Jakub Onderka] chg: [internal] Cleanup AdminShell::{updateJSON,runUpdates} - Merge pull request #7774 from JakubOnderka/log-save-optim. [Jakub Onderka] chg: [internal] Optimise saving logs - Merge pull request #7771 from JakubOnderka/cli-redis-available. [Jakub Onderka] new: [CLI] New tasks that will check if Redis is available - Merge pull request #7769 from JakubOnderka/app-controller-cleanup- vol3. [Jakub Onderka] chg: [internal] AppController code cleanup - Merge pull request #7768 from JakubOnderka/app-controller-cleanup- vol2. [Jakub Onderka] chg: [internal] Move methods to specific controllers - Merge pull request #7767 from JakubOnderka/undefined-offset-fix. [Jakub Onderka] fix: [internal] Undefined offset in AppController - Merge pull request #7571 from righel/migrate-org_blocklists-index- view. [Andras Iklody] Migrate org blocklists index view - Revert "chg: migrate /event_blocklist/add,edit to view factory." [Luciano Righetti] This reverts commit 51f226fd8c79d5b7e514d459968e89c211535025. - Merge pull request #7761 from JakubOnderka/code-cleanup-vol8. [Jakub Onderka] chg: [internal] Code cleanup - Merge pull request #7762 from JakubOnderka/upload-mistp-file. [Jakub Onderka] chg: [UI] Better error messages when uploading MISP file - Merge pull request #7722 from JakubOnderka/attribute-validation-fix. [Jakub Onderka] chg: [internal] Try to fix validation when value1 and value2 provided - Merge pull request #7759 from JakubOnderka/pgp-view-pgp. [Jakub Onderka] chg: [UI] PGP error message - Add: add initial api docs fo /taxonomies endpoints. [Luciano Righetti] - Merge pull request #7754 from JakubOnderka/do-not-fetch-keys. [Jakub Onderka] chg: [internal] Do not fetch keys from db for authkey login - Merge pull request #7758 from JakubOnderka/modify-domain|ip. [Jakub Onderka] fix: [internal] Modifying domain|ip attribute - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7744 from RichieB2B/ncsc-nl/retention. [Sami Mokaddem] fix: [misp-retention] use update_tag - Merge pull request #7752 from JakubOnderka/fix-sending-external. [Jakub Onderka] fix: [internal] Sending external e-mail - Merge pull request #7753 from JakubOnderka/deprecated-variables. [Jakub Onderka] cchg: [internal] Remove deprecated variables - Merge pull request #7590 from JakubOnderka/event-index-optim. [Jakub Onderka] chg: [internal] Optimise fetching event index by org or by email - Doc: add /auth_keys/* endpoints to openapi spec. [Luciano Righetti] - Merge pull request #7746 from JakubOnderka/security-audit-file. [Jakub Onderka] chg: [internal] Check if file exists - Merge pull request #7725 from JakubOnderka/server-shell. [Jakub Onderka] chg: [internal] Simplify ServerShell code - Merge pull request #7740 from JakubOnderka/capture-org-faster. [Jakub Onderka] chg: [internal] Faster capturing organisation - Merge pull request #7739 from JakubOnderka/audit-log-admin-setting. [Jakub Onderka] chg: [internal] Remove AdminSetting from AuditLog - Merge pull request #7733 from JakubOnderka/capture-object-attributes. [Jakub Onderka] chg: [internal] Faster capturing object attributes - Merge pull request #7738 from JakubOnderka/related-faster. [Jakub Onderka] chg: [internal] Faster processing freetext import - Merge pull request #7737 from JakubOnderka/related-faster. [Jakub Onderka] chg: [internal] Do not fetch tags for related attributes - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7720 from RichieB2B/ncsc-nl/wipe-auth. [Alexandre Dulaunoy] chg: [misp-wipe] wipe auth_keys tables - Merge pull request #7734 from righel/add-composer-no-dev-flag. [Steve Clement] chg: skip dev dependencies when installing via INSTALL.sh script. - Merge pull request #7579 from JakubOnderka/publish_alerts_summary_only_deprecate. [Jakub Onderka] chg: [alert] Deprecate `MISP.publish_alerts_summary_only` - Merge pull request #7732 from JakubOnderka/tag-merging. [Jakub Onderka] new: [shell] Tag merging - Merge branch 'migration-taxonomy' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration- taxonomy. [mokaddem] - Merge branch 'feature-cerebrate-sg-pull' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-cerebrate- sg-pull. [mokaddem] - Merge branch 'feature-email-notification-bans' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-email- notification-bans. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into feature-email- notification-bans. [mokaddem] - Merge pull request #7728 from JakubOnderka/edit-attr-simplify. [Jakub Onderka] chg: [internal] Simplify code for editing attribute - Merge pull request #7727 from JakubOnderka/correlation-optim. [Jakub Onderka] Correlation optim - Merge pull request #7724 from JakubOnderka/attr-edit-speedup. [Jakub Onderka] chg: [internal] Fetch just necessary attributes when editing attribute - Merge pull request #7723 from JakubOnderka/less-cidr. [Jakub Onderka] chg: [internal] Fetch less CIDR for correlation - Merge pull request #7721 from JakubOnderka/fix-typo. [Jakub Onderka] fix: [internal] Typo - Merge pull request #7719 from JakubOnderka/warninglist-filtering. [Jakub Onderka] new: [UI] Allow to filter attributes by specific warninglist - Merge pull request #7713 from JakubOnderka/sync-pull-sightings. [Jakub Onderka] chg: [sync] Examine less events for sightings pulling - Merge pull request #7712 from JakubOnderka/sight-stats-optim. [Jakub Onderka] chg: [optim] Little optimise sighting statistics - Merge pull request #7708 from JakubOnderka/json-throw-exception. [Jakub Onderka] chg: [internal] Throw exception if JSON could not be encoded - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7704 from JakubOnderka/capture-attr-refactor. [Jakub Onderka] chg: [internal] Simplify capturing attribute code - Merge pull request #7706 from JakubOnderka/fix-filter-rules. [Jakub Onderka] fix: [internal] Fetching filter rules - Merge pull request #6021 from JakubOnderka/correlations-dummy-values. [Jakub Onderka] chg: [correlation] Allow to drop Correlation.{date,info} columns - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7691 from JakubOnderka/user-shell. [Jakub Onderka] new: [CLI] User shell - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7696 from JakubOnderka/server-controller-cleanup. [Jakub Onderka] chg: [internal] Server controller cleanup - Merge pull request #7692 from JakubOnderka/const-hasher-password. [Jakub Onderka] chg: [security] Use const hasher also for login - Merge pull request #7693 from JakubOnderka/oidc_auth_unblock. [Jakub Onderka] new: [oidc] Allow to automatically unblock user after successful login - Merge pull request #7683 from JakubOnderka/pull-sightings-optimise. [Jakub Onderka] fix: [sync] Fix pulling sightings - Merge pull request #7634 from JakubOnderka/fix-sighting-push-vol2. [Jakub Onderka] fix: [sync] Pushing sightings - Merge pull request #7672 from JakubOnderka/acl-fix. [Jakub Onderka] fix: [ACL] queryAvailableSyncFilteringRules is required just for site admins - Merge pull request #7673 from JakubOnderka/sync-filter-ref. [Jakub Onderka] chg: [sync] Use server sync to get available sync filtering rules - Merge pull request #7686 from JakubOnderka/code-fixes. [Jakub Onderka] Code fixes - Merge pull request #7685 from JakubOnderka/fix-deprecation-warning. [Jakub Onderka] fix: [API] Deprecation header - Merge pull request #7678 from JakubOnderka/post-test-simplify. [Jakub Onderka] chg: [sync] Simplify server post test code - Merge pull request #7676 from JakubOnderka/connection-test-server- sync. [Jakub Onderka] chg: [sync] Use server sync tool for connection test - Merge pull request #7677 from JakubOnderka/mitigate-timing-attacks. [Jakub Onderka] chg: [security] Mitigate timing attacks - Merge pull request #7675 from JakubOnderka/authkeys-autocompelte-off. [Jakub Onderka] new: [security] Disable browser autocomplete for authkeys field - Merge branch 'develop' of github.com:MISP/MISP into develop. [Luciano Righetti] - Merge pull request #7649 from JakubOnderka/pull-sightings. [Jakub Onderka] chg: [sync] Pull just necessary data when pulling sightings - Merge pull request #7650 from JakubOnderka/pull-proposals-vol2. [Jakub Onderka] chg: [sync] Use sync tool for pulling proposals - Merge pull request #7659 from JakubOnderka/unique-indexes. [Jakub Onderka] chg: [schema] Mark more indexes as unique - Security: fix unescaped parameter leading to sqli. [Luciano Righetti] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7694 from SteveClement/i18n. [Steve Clement] chg: [i18n] Updated default.pot - Security: fix unescaped parameter leading to sqli. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7666 from JakubOnderka/assign-comment. [Jakub Onderka] new: [warninglist] Assign warninglist comment - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7665 from JakubOnderka/fix-7663. [Jakub Onderka] fix: [log] Array to string conversion - Merge pull request #7641 from righel/migrate-sharing-groups-views. [Andras Iklody] chg: migrate sharing_views/view/[id] to factory - Merge pull request #7648 from JakubOnderka/remove-http-commit. [Andras Iklody] chg: [sync] Remove commit and MISP-version from HTTP header - Merge pull request #7656 from righel/migrate-tags-views. [Andras Iklody] Migrate tags views - Merge pull request #7657 from JakubOnderka/org-name-unique. [Jakub Onderka] Org name unique - Merge pull request #7653 from JakubOnderka/edit-event-optim. [Jakub Onderka] chg: [internal] Do not fetch attribute tags when editing attribute - Merge pull request #7654 from JakubOnderka/tag-name-unique. [Jakub Onderka] chg: [schema] Tag name should be unique - Merge pull request #7655 from JakubOnderka/do-not-load-exclusion- again. [Jakub Onderka] chg: [internal] Do not load exclusion list from Redis again and again - Merge pull request #7651 from JakubOnderka/event-index-filter. [Jakub Onderka] fix: [API] Boolean options in index filter conditions - Merge pull request #7644 from JakubOnderka/pull-less-info. [Jakub Onderka] chg: [sync] Pull events with less info - Merge pull request #7645 from JakubOnderka/sightins-uuid-unique. [Jakub Onderka] chg: [schema] Sightings UUID column should be unique - Merge pull request #7643 from JakubOnderka/pubsub-static. [Jakub Onderka] chg: [internal] Convert PubSubTool to static - Merge pull request #7541 from JakubOnderka/delete-event-refactor. [Jakub Onderka] new: [API] Allow to delete multiple events by UUID - Merge pull request #7640 from JakubOnderka/add-event-cleanup-part. [Jakub Onderka] Add event cleanup - Merge pull request #7587 from JakubOnderka/rest-client-user-agent. [Jakub Onderka] Change User-Agent to MISP REST Client - Merge pull request #7617 from JakubOnderka/attribute-search. [Jakub Onderka] chg: [internal] Do not convert values to lower, since collation is al… - Merge pull request #7639 from JakubOnderka/pull-codestyle. [Jakub Onderka] chg: [internal] Code style for event pulling - Merge pull request #7637 from JakubOnderka/test-syncc. [Jakub Onderka] new: [test] Test more endpoints in sync test - Merge pull request #7636 from JakubOnderka/event-view-spec. [Jakub Onderka] new: [API] Allow more granular specification what data to return when viewing event - Merge pull request #7635 from JakubOnderka/server-overlap-method. [Jakub Onderka] chg: [sync] Refactor server overlap events fetching - Merge pull request #7625 from JakubOnderka/pull-error-handling. [Jakub Onderka] chg: [sync] Better error handling for pulling - Merge pull request #7632 from JakubOnderka/server-sync-exception. [Jakub Onderka] chg: [internal] Better exception handling for server sync - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7627 from JakubOnderka/post-test-error-log. [Jakub Onderka] chg: [internal] Log exception for remote server POST test - Merge pull request #7610 from JakubOnderka/galaxy-update-vol2. [Jakub Onderka] Galaxy update vol2 - Merge pull request #7615 from JakubOnderka/event_blocklist_unique. [Jakub Onderka] Event blocklist unique - Merge pull request #7628 from JakubOnderka/fix-invalid-foreach. [Jakub Onderka] fix: [internal] Shadow attributes don't have tags - Merge branch 'develop' of github.com:MISP/MISP into migration- taxonomy. [mokaddem] v2.4.148 (2021-08-05) --------------------- New ~~~ - [test] Check schema diagnostics in CI. [Jakub Onderka] - [citation-cff] added. [Alexandre Dulaunoy] - [citation-cff] added. [Alexandre Dulaunoy] - [test] Security test for publishing events. [Jakub Onderka] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [PyMISP] Bump recommended version. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [internal] Use ServerSyncTool for fetching remote user info. [Jakub Onderka] - [internal] org_blocklists.org_uuid should be unique index. [Jakub Onderka] - [internal] Organisation and object UUID should be unique. [Jakub Onderka] - [zmq] Convert array to JSON at one place. [Jakub Onderka] - [internal] Optimise loading attribute histogram. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [opendata] updated and changed parameter handling. [iglocska] - [shibbauth] added option to block organisation changes at login - New ApacheShibbAuth.BlockOrgModifications setting added, defaults to false, boolean. If set to true, will block updates to the organisation of existing users on authentication. This preserves any modifications made by a site admin in MISP and is similar to ApacheShibbauth.BlockRoleModifications (same logic applied to role modifications). [Liviu Valsan] - [API] Refactor event publishing. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [internal] Simplified Attribute::deleteAttribute method. [Jakub Onderka] - [internal] Removed unused variables. [Jakub Onderka] - [internal] Remove unused variable. [Jakub Onderka] - [internal] Convert array to const. [Jakub Onderka] - [shibbauth] added option to block organisation changes at login - New ApacheShibbAuth.BlockOrgModifications setting added, defaults to false, boolean. If set to true, will block updates to the organisation of existing users on authentication. This preserves any modifications made by a site admin in MISP and is similar to ApacheShibbauth.BlockRoleModifications (same logic applied to role modifications). [Liviu Valsan] - [compatibility] scoped constant changed to unscoped to allow for 7.0 compatibility. [iglocska] - update your PHP version though Fix ~~~ - [js] Show correct error message for get remote version. [Jakub Onderka] - [UI] Show correct error message for get remote user. [Jakub Onderka] - [sync] Fetching remote server version. [Jakub Onderka] - [schema] audit_logs.authkey_id columns should be nullable. [Jakub Onderka] - [zmq] Add missing `misp_json_warninglist` topic to Python script. [Jakub Onderka] - [API] Undefined index when just last_seen is set. [Jakub Onderka] - [afterHook] for setting changes wasn't returning true, fixes 7477. [iglocska] - this caused the CLI setting change to error out - [stix2misp] Use describeTypes from PyMISP. [Jakub Onderka] - [security] Stored XSS when viewing galaxy cluster relationships - As reported by Dawid Czarnecki. [mokaddem] - [security] Stored XSS when viewing galaxy cluster elements in JSON format. [mokaddem] - [compatibility] several scoped constants reverted. [iglocska] - [proposal alert email] function call fixed. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7624 from JakubOnderka/get-remote-user-fixes. [Jakub Onderka] fix: [UI] Show correct error message for get remote user - Merge pull request #7622 from JakubOnderka/fix-fetching-version. [Jakub Onderka] fix: [sync] Fetching remote server version - Merge pull request #7619 from JakubOnderka/get-remote-update. [Jakub Onderka] chg: [internal] Use ServerSyncTool for fetching remote user info - Merge pull request #7620 from JakubOnderka/database-indexes. [Jakub Onderka] Database indexes - Merge pull request #7568 from JakubOnderka/zmq. [Jakub Onderka] Add missing misp_json_warninglist topic to Python script - Merge pull request #7606 from JakubOnderka/undefined-index-fix. [Jakub Onderka] fix: [API] Undefined index when just last_seen is set - Merge pull request #7614 from JakubOnderka/optimise-statistics. [Jakub Onderka] chg: [internal] Optimise loading attribute histogram - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7613 from lk-dll/patch-1. [Alexandre Dulaunoy] quick fix sticky buffers - Quick fix sticky buffers. [lk-dll] According to documention (https://suricata.readthedocs.io/en/suricata-6.0.3/rules/http-keywords.html#http-keywords) sticky buffers should be before content, http.header and http.uri isn't marked as sticky buffers, but rules are wrongly generated and reported to logs. Tested on stable Suricata v6.0.1+ - Quick fix sticky buffers. [lk-dll] According to documention (https://suricata.readthedocs.io/en/suricata-6.0.3/rules/http-keywords.html#http-keywords) sticky buffers should be before content, http.header and http.uri isn't marked as sticky buffers, but rules are wrongly generated and reported to logs. Tested on stable Suricata v6.0.1+ - Merge pull request #7500 from JakubOnderka/stix-to-misp-types-path. [Jakub Onderka] Stix to misp types path - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7602 from liviuvalsan/shib_user_org. [Alexandre Dulaunoy] chg: [shibbauth] added option to block organisation changes at login - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7539 from JakubOnderka/publishing-refactoring. [Jakub Onderka] Refactor publishing event - Merge pull request #7609 from JakubOnderka/code-cleanup-vol6. [Jakub Onderka] Code cleanup vol6 - Merge pull request #7607 from JakubOnderka/non-correlationg-types- const. [Jakub Onderka] chg: [internal] Convert array to const - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] v2.4.147 (2021-07-27) --------------------- New ~~~ - [sync] When saving sightings, push just new sightings. [Jakub Onderka] - [sync] When pushing event, upload sightings by another call. [Jakub Onderka] - [sync] Filter out existing sightings if remote sever supports that method. [Jakub Onderka] - [sync] Method for filtering out existing sightings. [Jakub Onderka] - [API] Taxonomy export. [Jakub Onderka] - [misp2stix2] Return traceback for error. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - [PyMISP] bump. [iglocska] - [security audit] Check config.php.bk file permission. [Jakub Onderka] - [internal] Create config backup just when it is necessary. [Jakub Onderka] - [internal] Reset PHP cache after config file is successfully changed. [Jakub Onderka] - [test] Move PHP tests to different task. [Jakub Onderka] - [PyMISP] bump. [iglocska] - [PyMISP] bump. [iglocska] - [UI] Use time element for event published timestamp. [Jakub Onderka] - [UI] Raise font size of local org description. [Jakub Onderka] - [UI] After creating new org, redirect to org details. [Jakub Onderka] - [UI] Add link to add new organisation. [Jakub Onderka] - [republish ban] enabled by default on new installs. [iglocska] - [config] Added missing options Fix #7549. [mokaddem] - [CLI] better error messages when a setting change fails. [iglocska] - explain why it failed - explain how a user can override it - [misp-objects] fix #7599. [Alexandre Dulaunoy] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - Migrate threads/index to factory view. [Luciano Righetti] - Migrate /event_blocklist/add,edit to view factory. [Luciano Righetti] - Migrate /event_blocklists/index to view factory. [Luciano Righetti] - Migrate /templates/view/:id to view factory. [Luciano Righetti] - Reuse add view for /templates/edit. [Luciano Righetti] - Migrate /templates/add view to factory. [Luciano Righetti] - Migrate /templates/index view, use CRUD compoenent in TemplatesController::delete() [Luciano Righetti] - [internal] Use const arrays. [Jakub Onderka] - [internal] Use strict comparison. [Jakub Onderka] - [internal] Use constants that should be faster. [Jakub Onderka] - [UI] Simplified generating categories that can be malware sample. [Jakub Onderka] - [internal] Remove unused method. [Jakub Onderka] - [internal] Remove unnecessary method calls. [Jakub Onderka] - [internal] Move variable from AppModel to Server model. [Jakub Onderka] - [internal] Convert variable to const. [Jakub Onderka] - [internal] Remove JS helper from controllers. [Jakub Onderka] - [user:updateToAdvancedAuthKeys] Functionality accessible via the CLI. [mokaddem] - [logs] Add link to SG and Taxonomy in AuditLog. [Jakub Onderka] - Initial port genericForm changes from cerebrate. [Luciano Righetti] - Migrate FeedsController to use CRUD component. [Luciano Righetti] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [galaxies:view_relations] Both inbound and outbound relations can be viewed. [mokaddem] - [galaxyClusters:view] Both inbound and outbound relations can be viewed. [mokaddem] - [genericElement:topbar] Support of raw html. [mokaddem] - [sync] Faster capturing sighting when pushing whole event. [Jakub Onderka] - [sync] Optimise event filtering. [Jakub Onderka] - [sync] Check if event exists before pushing. [Jakub Onderka] - [sync] Remove old method for uploading sightings. [Jakub Onderka] - [sync] Check event existence before pushing sightings. [Jakub Onderka] - [sync] New separate method for uploading sightings to remote server. [Jakub Onderka] - [internal] Disable unicode escaping for JSON. [Jakub Onderka] - [diagnostic] STIX diagnostics. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [internal] Use standardized response output. [Jakub Onderka] - [internal] Remove redundant checks. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [internal] Regenerate warninglist cache just when save was successful. [Jakub Onderka] - [internal] Use less memory when inserting warninglist to db. [Jakub Onderka] - [API] Deprecate getPyMISPVersion and returns required info in getVersion. [Jakub Onderka] - [mispObject:breakOnDuplicate] Provide more feedback. [mokaddem] - [installer] Update to latest version. [Steve Clement] - [installer] Update to latest version. [Steve Clement] - [doc] Guides now compatible with Fedora WS/Server 34. [Steve Clement] - [warning-list] updated. [Alexandre Dulaunoy] Fix ~~~ - [test] Set expected config for security tests. [Jakub Onderka] - [test] Check if user is logged. [Jakub Onderka] - [config defaults] unset the default python bin path. [iglocska] - [config defaults] changed default attachment storage. [iglocska] - [Userinit] create advanced auth key when needed. [iglocska] - [config] Fixed indentation. [mokaddem] - [test] Redis password can be empty. [Jakub Onderka] - [test] After CLI setSetting change. [Jakub Onderka] - [security] Stored XSS when forking a galaxy cluster As reported by Giuseppe Diego Gianni. [mokaddem] - [posts] add org field to email job. [iglocska] - Add missing newline. [Luciano Righetti] - Rename container div. [Luciano Righetti] - Add mass selector for deleting event blocklists. [Luciano Righetti] - Remove old copy. [Luciano Righetti] - Add view action to index templates. [Luciano Righetti] - [internal] Remove unused variable. [Jakub Onderka] - [API] Remove duplicate objects from warninglist. [Jakub Onderka] - [internal] Remove unused variable. [Jakub Onderka] - Add missing search parameters for [POST]/events/index. [Luciano Righetti] - [UI] Do not use inline JS. [Jakub Onderka] - [API] Always return bool for perm fields in getVersion response. [Jakub Onderka] - Nest noticelist entries inside Noticelist property. [Luciano Righetti] - Add noticelist entries in view response. [Luciano Righetti] - Undefined index notice when enable/disable noticelist. [Luciano Righetti] - Remove unsused field. [Luciano Righetti] - Merge develop branch. [Luciano Righetti] - Fix ui issues on multiple views. [Luciano Righetti] - Add missing input descriptions. [Luciano Righetti] - Fix pr comments: add warning notice for local feeds disabled on feeds/add, fix various ui elements. [Luciano Righetti] - Add missing refresh to feed pull rules. [Luciano Righetti] - Fix issue when adding attribute, add optionalField class to inputs. [Luciano Righetti] - Fix pr comments: replace whitelist->allowlist, checkbox label inline, add missing feed fields for csv and freetext. add missing button for adding basic auth headers. [Luciano Righetti] - Remove required attr from hidden inputs in add attribute form. [Luciano Righetti] - Remove required attr from hidden inputs in add event form. [Luciano Righetti] - Escape js variable. [Luciano Righetti] - Fix error when decoding array feed settings, maintain same response schema as before. [Luciano Righetti] - Add type dropdown in all generic forms. [Luciano Righetti] - Fix pull rules legend not showing on feeds/edit load. [Luciano Righetti] - Handle feed rules. [Luciano Righetti] - Fix genericForm builder issues. [Luciano Righetti] - Only override values that were set in the input. [Luciano Righetti] - Allow 0 or '0' to be a possible field value, for example 'selected' property. [Luciano Righetti] - [sync] Better error handling when fetching IDs for push/pull. [Jakub Onderka] - [tags:attachTagToObject] No longer return a failure message is relation already exists Fix #6569. [mokaddem] - [organisations:view] Restored org logo Fix #7491. [mokaddem] - [event:contact] User object passed in contact reporter Fix #7471. [mokaddem] - [sync] Do not append 'metadata:1' when pushing event. [Jakub Onderka] - [attribute:edit] Make sure event_id cannot be changed. [mokaddem] - [tags:detachFromObject] Make travis test passes. [mokaddem] - [internal] Update object relationships when updating JSONs. [Jakub Onderka] - [API] Check if user can view object that contains reference. [Jakub Onderka] - [UI] Trim object UUID when adding reference. [Jakub Onderka] - [internal] Change exception type. [Jakub Onderka] - [internal] Relationship import. [Jakub Onderka] - [tag] Update object's timestamp and unpublish only if in global context Fix #5806. [mokaddem] - [internal] Faster deleting warninglist. [Jakub Onderka] - [galaxies:add] Missing entry in sidebar Fix #7499. [mokaddem] - [install:MySQL] Removed org_blacklists table creation Fix #7476. [mokaddem] - Wrong attribute value hash computed inside checkForDuplicateObjects function. [Sebastiano Mariani] - [doc] Fix conditonal error. [Steve Clement] - [tools] Catch openssl not being installed. [Steve Clement] - [galaxies:add] Missing entry in sidebar Fix #7499. [mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7603 from JakubOnderka/fix-tests-vol2. [Jakub Onderka] Fix tests vol2 - Merge pull request #7596 from JakubOnderka/publishd-time. [Jakub Onderka] chg: [UI] Use time element for event published timestamp - Merge pull request #7589 from JakubOnderka/org-ui. [Jakub Onderka] Org UI - Merge branch 'config_defaults' into develop. [iglocska] - Merge pull request #7600 from JakubOnderka/fix-tests. [Jakub Onderka] fix: [test] After CLI setSetting change - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7578 from Cooper-Dale/patch-1. [Alexandre Dulaunoy] updated suricata legacy modifiers - Updated suricata legacy modifiers. [Cooper Dale] based on https://suricata.readthedocs.io/en/suricata-6.0.3/rules/tls-keywords.html?highlight=tls_sni#tls-sni https://suricata.readthedocs.io/en/suricata-6.0.3/rules/http-keywords.html#http-keywords https://suricata.readthedocs.io/en/suricata-6.0.3/rules/dns-keywords.html - Merge branch 'threads_refactor' into develop. [iglocska] - Merge branch 'blocklist_refactor' into develop. [iglocska] - Merge branch 'template_refactor' into develop. [iglocska] - Merge pull request #7595 from JakubOnderka/code-cleanup-vol4. [Jakub Onderka] Code cleanup vol4 - Merge pull request #7581 from JakubOnderka/simplified-template. [Jakub Onderka] chg: [UI] Simplified generating categories that can be malware sample - Merge pull request #7562 from JakubOnderka/warninglist-output. [Jakub Onderka] fix: [API] Remove duplicate objects from warninglist - Merge pull request #7583 from JakubOnderka/code-cleanup-vol2. [Jakub Onderka] Code cleanup - Merge pull request #7538 from JakubOnderka/js-helper. [Jakub Onderka] chg: [internal] Remove JS helper from controllers - Merge branch 'develop' of github.com:MISP/MISP into develop. [Luciano Righetti] - Updated suricata legacy modifiers. [Cooper Dale] based on https://suricata.readthedocs.io/en/suricata-6.0.3/rules/tls-keywords.html?highlight=tls_sni#tls-sni https://suricata.readthedocs.io/en/suricata-6.0.3/rules/http-keywords.html#http-keywords https://suricata.readthedocs.io/en/suricata-6.0.3/rules/dns-keywords.html - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'shibb' into develop. [iglocska] - Block org modiufication option for shibb auth. [mzp] - Merge pull request #7560 from JakubOnderka/audit-sg. [Jakub Onderka] Add link to SG and Taxonomy in AuditLog - Merge pull request #7566 from JakubOnderka/getversion-bool. [Jakub Onderka] fix: [API] Always return bool for perm fields in getVersion response - Merge pull request #7357 from righel/refactor-noticelists-controller- to-use-crud-component. [Luciano Righetti] chg: refactor noticelists controller to use crud component - Merge develop. [Luciano Righetti] - Merge pull request #7520 from righel/migrate-feeds-controller-to-crud- component. [Luciano Righetti] chg: migrate feeds controller to crud component - Merge branch 'develop' into migrate-feeds-controller-to-crud- component. [Luciano Righetti] - Merge branch 'pr-7551' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into pr-7551. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7433 from JakubOnderka/sync-clusters-error- handling. [Jakub Onderka] fix: [sync] Better error handling when fetching IDs for push/pull - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #6817 from JakubOnderka/upload-sightings. [Jakub Onderka] chg: [sync] New separate method for uploading sightings to remote server - Merge pull request #7157 from JakubOnderka/sighting-push-filtering. [Jakub Onderka] new: [sync] Method for filtering out existing sightings - Merge pull request #7558 from JakubOnderka/taxonomy_export. [Jakub Onderka] new: [API] Taxonomy export - Merge pull request #7553 from JakubOnderka/stix-diagnostics. [Jakub Onderka] chg: [diagnostic] STIX diagnostics - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'fix-5806' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into fix-5806. [mokaddem] - Merge pull request #7530 from JakubOnderka/fix-relationship-import. [Jakub Onderka] fix: [internal] Relationship import - Merge pull request #7555 from JakubOnderka/misp2stix_traceback. [Jakub Onderka] new: [misp2stix2] Return traceback for error - Merge remote-tracking branch 'origin' into develop. [Alexandre Dulaunoy] - Merge pull request #7540 from MISP/2.4. [Jakub Onderka] Merge 2.4 to develop to fix build - Merge pull request #7532 from JakubOnderka/warninglist-quick-delete. [Jakub Onderka] fix: [internal] Faster deleting warninglist - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7525 from JakubOnderka/deprecate-getpymisp- version. [Jakub Onderka] chg: [API] Deprecate getPyMISPVersion - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7537 from SteveClement/guides. [Steve Clement] fix: [doc] Fix conditonal error - Merge pull request #7536 from SteveClement/tools. [Steve Clement] fix: [tools] Catch openssl not being installed - Merge pull request #7535 from SteveClement/guides. [Steve Clement] chg: [doc] Guides now compatible with Fedora WS/Server 34 - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Add search bar, fix col widths, show ref field as links. [Luciano Righetti] - Deserialize ref and geographical_area fields in index and view endpoints. [Luciano Righetti] - Resolve pr comments. [Luciano Righetti] - Support toggle noticelist enable checkbox. [Luciano Righetti] - Fix noticelist message not showing. [Luciano Righetti] - Refactor noticelists index and view to use crud component. [Luciano Righetti] - Add crud component noticelists index. [Luciano Righetti] v2.4.146 (2021-06-30) --------------------- New ~~~ - [API] Read only authkeys. [Jakub Onderka] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [log] Remove ObjectRelationship from audit log. [Jakub Onderka] - [internal] Simplify generating some JSON responses. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [UI] Loading non exists library in Audit log index. [Jakub Onderka] - [event:add] Typo in accessing sharing group roaming information. [mokaddem] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #7533 from JakubOnderka/audit-log-ui-fix. [Jakub Onderka] fix: [UI] Loading non exists library in Audit log index - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge pull request #7482 from JakubOnderka/authkey-read-only. [Jakub Onderka] new: [API] Read only authkeys - Merge pull request #7527 from JakubOnderka/response-simplify. [Jakub Onderka] chg: [internal] Simplify generating some JSON responses - Merge pull request #7526 from MISP/2.4. [Jakub Onderka] Merge 2.4 into develop - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Security: fix stored xss in sharing groups view as reported by Nicolas Vidal from TEHTRIS. [Luciano Righetti] v2.4.145 (2021-06-28) --------------------- New ~~~ - [API] Import warninglist. [Jakub Onderka] - [internal] Support Cake installation by composer. [Jakub Onderka] - [ZMQ] Send warninglist changes to ZMQ. [Jakub Onderka] - [API] Export warninglists to CSV. [Jakub Onderka] - [API] Export warninglists. [Jakub Onderka] - Custom warninglist. [Jakub Onderka] - [emailing] added event summaries only as a setting. [iglocska] - publish the normal alert report to eligible users - exclude attributes/objects, so the e-mail will only include a summary Changes ~~~~~~~ - [version] bump. [iglocska] - [doc:authentication_diagrams] Included session and cookie handling. [mokaddem] - [servers:add] Fallback to correct json structure if synchronisation rules are empty. [mokaddem] - [server] Relaxed url validation rule. [mokaddem] - [user] Relaxed email validation rule. [mokaddem] - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [composer] Crypt_GPG updated to 1.6.5. [Alexandre Dulaunoy] - [internal] Remove unused 'full' arg when fetching taxonomies. [Jakub Onderka] - [API] Add description to predicates and values. [Jakub Onderka] - Log remote IP for authkey use attempt if remote IP not allowed by key. [Jeroen Pinoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Added Rocky Linux 8.4 tweaks. [Steve Clement] - [doc] Added Rocky Linux 8.4. [Steve Clement] - [doc] Updated to OpenBSD 6.9. [Steve Clement] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [composer] Crypt_GPG updated to 1.6.5. [Alexandre Dulaunoy] Fix ~~~ - [rest client] Handle state when body is too big to save into rest client history. [Jakub Onderka] - [server caching] only push data to redis / logs if there's something to push. [iglocska] - avoids the count() notice if no data was returned by the remote - Add mising return formats for rest search endpoints. [Luciano Righetti] - Add missing returnFormat to restSearch endpoints, move the parameter as requestBody property. [Luciano Righetti] - [getSettings] include the options. [iglocska] - [API] Taxonomy namespace is case insensitive. [Jakub Onderka] - Copy/pasta, rename galaxy clusters tag, move restSearch endpoints to resource 1st. [Luciano Righetti] - [server:edit] Typo in index. [Sami Mokaddem] - [user edit] lost the set password checkbox. [iglocska] - [server caching] only push data to redis / logs if there's something to push. [iglocska] - avoids the count() notice if no data was returned by the remote - Add mising return formats for rest search endpoints. [Luciano Righetti] - [user add/edit] added missing JS change to restore the external auth field. [iglocska] - [external auth key / password] fields changed, fixes #7488. [iglocska] - show what's relevant based on the customauth settings and hide that which is not - [emailing] added missing if branch for the publish alert summary mode to trigger. [iglocska] - [validation] account for the edge-case where a composite attribute does not yet have a second value. [iglocska] - [attribute validation] - also check for composite values containing control characters, fixes #7391. [iglocska] - [validation] fixed issue introduced in last commit. [iglocska] - [attribute] validation tightened for empty strings. [iglocska] - a value containing only control characters will now be blocked from entry - [CRUD] accept contain as a parameter for edit, fixes an issue with auth key edits. [iglocska] - Typo. [Bart] 😅 Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7495 from JakubOnderka/warninglist-import. [Jakub Onderka] Warninglist import - Merge pull request #7494 from JakubOnderka/cake-composer-support. [Jakub Onderka] new: [internal] Support Cake installation by composer - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7504 from mokaddem/fix-server-url-validation. [Andras Iklody] Fix server url validation - Merge branch 'develop' of github.com:MISP/MISP into fix-server-url- validation. [mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7502 from mokaddem/fix-user-email-validation. [Andras Iklody] chg: [user] Relaxed email validation rule - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7464 from JakubOnderka/warninglist. [Jakub Onderka] Custom warninglists - Merge pull request #7444 from JakubOnderka/taxonomy-add-description. [Jakub Onderka] chg: [API] Add description to predicates and values - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7479 from Wachizungu/log-IP-if-not-allowed-for- authkey. [Andras Iklody] chg: log remote IP for authkey use attempt if remote IP not allowed b… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #7524 from SteveClement/tools. [Steve Clement] - Merge pull request #7523 from SteveClement/guides. [Steve Clement] - Merge branch 'guides' of github.com:SteveClement/MISP into guides. [Steve Clement] - Security: [generic-template:index] Fixed unsanitized input. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7506 from adliwahid/patch-1. [Alexandre Dulaunoy] Added 3 feeds sources from APNIC - Added 3 feeds sources from APNIC. [Adli Wahid] Added 3 daily feeds (ssh bruteforce, telnet bruteforce, URLs seen) from the APNIC Community Honeynet Project - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Luciano Righetti] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Luciano Righetti] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Luciano Righetti] - Merge branch 'develop' of github.com:MISP/MISP into 2.4. [Luciano Righetti] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Update README.md. [Alexandre Dulaunoy] - Merge pull request #7483 from bartblaze/2.4. [Alexandre Dulaunoy] fix: typo - Merge pull request #1 from bartblaze/bartblaze-patch-1. [Bart] fix: typo v2.4.144 (2021-06-07) --------------------- New ~~~ - Add initial version of openapi spec, add ReDoc js files. [Luciano Righetti] - [doc:sync] Added notes and diagrams about synchornisation logics. [mokaddem] - [galaxy] Support of enabled/disabled state at galaxy level. [mokaddem] Fix #7019 - [CyCat integration] v1. [iglocska] - lookup on relationshis for a given galaxy cluster - [UI] Add link to event report history. [Jakub Onderka] - [doc:auth-diagram] Added authentication diagram. [mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [logo] reverted to the non-birthday version. [iglocska] - [PyMISP] Bump deps. [Raphaël Vinot] - [galaxyCluster:CyCat relations] Added icon and reference of the project. [mokaddem] - [genericElements:accordion] Added possiblity to pass html title. [mokaddem] - [cluster:cycat_relations] Added missing view. [mokaddem] - [galaxyCluster:view] oved CyCat relationships in their own child elements - Significantly speed up view loading time. [mokaddem] - [sharinggroup] Allow pushing SG if remote internal server is not in the list of SG servers. [mokaddem] - [dashboard:updateSetting] Work with form data in memory rather than in HTML body. [mokaddem] - [db_schema] Updated schema. [mokaddem] - [acl] Updated ACL to support new endpoints. [mokaddem] - [doc:synchronisation-digrams] Added original diag. file. [mokaddem] - [doc:synchronisation-diagrams] Added full version for both sync and clarification about conditions. [mokaddem] - [doc:synchronisation-diagrams] Added precision regarding index filtering. [Sami Mokaddem] - [doc:synchronisation] Renamed files. [mokaddem] - [UI] Show warning when advanced auth keys are not enabled. [Jakub Onderka] - [UI] Make permision titles translatable. [Jakub Onderka] - [Pip] lock updated. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated fix #7445. [Alexandre Dulaunoy] - [config] default config now uses RFC2606 example.com domain. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [PyMISP] Bump pipenv. [Raphaël Vinot] - /feeds/add endpoint returns empty 'name' error via api call. [Luciano Righetti] - Pr comments, update acl to allow all for /servers/openapi view, remove rest client from events menu, remove php7 return hint. [Luciano Righetti] - [appController] Bumped queryversion. [mokaddem] - [events:view] Correctly support arrays passed as deleted parameter. [mokaddem] - [events:view] Restored previous deleted behavior. [mokaddem] - [events:view] Replaced correlation scope to behave similarly to the filtering tool. [mokaddem] - [events:view] Fixed deleted toggle enabled by default. [mokaddem] - [galaxyCluster:view] Use CyCat local icon. [mokaddem] - [galaxyCluster:view] Make sure the cluster contain cycat relations before inserting content. [mokaddem] - [galaxyCluster:view] Typo in setting name. [mokaddem] - [event:__prepareForPushToServer] Slight refactoring. [mokaddem] - [event:prepareForPush] Gracefully handle the case if SharingGroupServer is empty. [mokaddem] - [sharinggroup:capture] Re-use the ID of an existing SG if it exists instead of the defaulted value 0. [mokaddem] - [sharinggroup:captureOrg/captureServer] Use the ID of the existing sharing group. [mokaddem] - [dashboard:update_settings] Added missing view. [mokaddem] - [dashbpard:updateSetting] Usage of CSRF token. [mokaddem] - [security] Always capture attribute sharing groups. [iglocska] - via object edits it was omitted, leading to a possible misassociation of sharing groups by using the local ID of a referenced SG - as reported by Jeroen Pinoy - [Event:set_filter_value] Support of wildcard searches. [mokaddem] - Nonaggregated column mysql error when calling /sightings/index/[event_id] [Luciano Righetti] - Decode json ref and geographical_area properties in /noticelists/view/[noticelist_id] endpoint. [Luciano Righetti] - [Event:set_filter_value] Reset array indexing. [mokaddem] - [Event:set_filter_value] Allows searching for composite attributes. [mokaddem] Fix #7119 - [typo in attribute add] caused the view to fail when adding attributes. [iglocska] - [doc:auth-diagram] Filename typo. [mokaddem] - [UI] Security audit message. [Jakub Onderka] - [UI] Simplify warninglist view template. [Jakub Onderka] - Return api error when feed is not enabled. [Luciano Righetti] - [UI] Show error only if it is not empty. [Jakub Onderka] - [UI] Add missing event report model in audit log. [Jakub Onderka] - [events:index] Reindex tag array to always return a list. [mokaddem] - [markdown-editor:event-report] Fixed MISPElements in table. [mokaddem] - [organisations:add] Wrong label value. [mokaddem] - [db] rename org_blacklists to org_blocklists everywhere. [Richard van den Berg] - [post:send_mails] Make sure to have full group_by. [mokaddem] - [attribute add] fixed typo causing the add function to fail. [iglocska] - [organisations index] added quickfilter as an alias for the search. [iglocska] - [Sharing groups] show roaming state in the API view. [iglocska] - [UI] Restore notice list warnings when adding or editing attribute. [Anders Einar Hilden] Restore the notice_message div that vanished in commit 0d4df7c98b0fc67618b1c3c298e64efb668fc4fe. - [security] disable email uniqueness validation for the self registration. [iglocska] - [OTP] identifier tag fixed. [iglocska] - was hard coded to [MISP] - [events:index] Reindex tag array to always return a list. [mokaddem] - [organisations:add] Wrong label value. [mokaddem] - [group by] error fixed in diagnostics, fixes #7411. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'fix-dahsboard-updateSettings' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into fix-dahsboard- updateSettings. [mokaddem] - Merge pull request #7427 from righel/fix-add-feed-api-endpoint. [Alexandre Dulaunoy] fix: /feeds/add endpoint returns empty 'name' error via api call - Merge pull request #7468 from righel/add-openapi-spec. [Andras Iklody] Add openapi spec - Add /users/initiatePasswordReset/[user_id]/[first_time] openapi spec. [Luciano Righetti] - Fix openapi errors, fix default organisation restricted_to_domain value. [Luciano Righetti] - Merge branch 'fix-event-view-attribute-toolbar' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into fix-event-view- attribute-toolbar. [mokaddem] - Merge branch 'fix-sg-api-edit' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into fix-sg-api-edit. [mokaddem] - Merge pull request #7470 from mokaddem/improvements-cycat. [Andras Iklody] Improvements for cycat integration - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'fix-composite-attribute-filtering' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into fix-composite- attribute-filtering. [mokaddem] - Merge branch 'feature-galaxy-disabled' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into feature-galaxy- disabled. [mokaddem] - Merge pull request #7456 from righel/fix-mysql-error-index-sightings- by-event-id. [Andras Iklody] Fix mysql error index sightings by event - Merge pull request #7455 from righel/fix-non-deserialized-properties- view-noticelist. [Andras Iklody] fix: decode json ref and geographical_area properties in /noticelists… - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch 'doc-sync' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7443 from JakubOnderka/fix-securiy-audit. [Jakub Onderka] Fix securiy audit - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7435 from JakubOnderka/event-report-history. [Jakub Onderka] Event report history - Merge pull request #7440 from righel/return-api-error-when-fetch-from- feed-fails. [Alexandre Dulaunoy] fix: return api error when fetch from feed fails - Merge branch 'return-api-error-when-fetch-from-feed-fails' of github.com:righel/MISP into return-api-error-when-fetch-from-feed- fails. [Luciano Righetti] - Return api error when feed is not enabled. [Luciano Righetti] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7432 from JakubOnderka/perm_flags_translatable. [Jakub Onderka] Perm flags translatable - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'airbus-cert-synchronisation_servers_cache_features' into develop. [Alexandre Dulaunoy] - Add cacheServerAll documentation. [Amaury Leroy] - Add 'Cache server' documentation. [Amaury Leroy] - Add PushAll documentation. [Amaury Leroy] - Function pushAll -- push all servers. [Amaury Leroy] - Function cacheServerAll -- cache all server. [Amaury Leroy] - Revert "Merge pull request #7476 from RichieB2B/ncsc-nl/org_blocklist" [Alexandre Dulaunoy] This reverts commit ea73d2613f457bb0459da874f3f84ffd3444c203, reversing changes made to 6d8c2eebcf35f4bf68fcd88677331b0d65bbd14a. - Merge pull request #7476 from RichieB2B/ncsc-nl/org_blocklist. [Alexandre Dulaunoy] fix: [db] rename org_blacklists to org_blocklists everywhere - Merge pull request #7459 from Kagee/patch-1. [Andras Iklody] fix: [UI] Restore notice list warnings when adding or editing attribute - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] v2.4.143 (2021-05-14) --------------------- New ~~~ - [internal] View event as different user. [Jakub Onderka] - [event index] add report count. [iglocska] - [users:index] Batch toggleable fields. [mokaddem] - [elements:genericForm] Added support of field descriptions. [mokaddem] - [elements:indexCountry] Added country element to display flags and nationalities. [mokaddem] - [log] Add supoort for AuthKeys. [Jakub Onderka] - [log] Show full change in popup. [Jakub Onderka] - [log] Audit Log statistics. [Jakub Onderka] - [log] LogShell. [Jakub Onderka] - [log] Audit log. [Jakub Onderka] - [event:alert] Re-publishing ban feature based on configurable threshold. [mokaddem] - [event:alert] Re-publishing ban feature based on configurable threshold. [mokaddem] - [Correlation exclusions] clean function reworked. [iglocska] - does everything on DB side - no more issues with large lists being passed around - should also be a fair bit faster Changes ~~~~~~~ - [version] bumped. [iglocska] - [birthday] logo added. [iglocska] - to be removed on the next release - [routes] fix allowedlists routes. Renamed from whitelists. [Jeroen Pinoy] - [PyMISP] Bump version. [Raphaël Vinot] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [setting] Add missing setting fo new audit log. [Jakub Onderka] - [correlation] Cleanup Correlation model code. [Jakub Onderka] - [object] Added validation rules for some fields. [mokaddem] - [organisations:edit] Usage of the add view. [mokaddem] - [organisations:add] Migrated view to factory. [mokaddem] - [organisations:index] Migrated view to factory. [mokaddem] - [elements:indexGenericField] Allow passing implode's glue. [mokaddem] - [warninglists:index] Moved views to factory - WiP. [mokaddem] - [UsageData] fix active proposal count, exclude deleted entries. [Jeroen Pinoy] - Bumped queryversion. [mokaddem] - [event-report] Improved hints autocomplete while typing. [mokaddem] - Hints available scopes - Allow searching for object's priority value - [log] Add link to Role. [Jakub Onderka] - [log] Add link to ObjectTemplate from audit log. [Jakub Onderka] - [log] Correctly show request type in user interface. [Jakub Onderka] - [internal] Return ugly print JSON for AJAX requests. [Jakub Onderka] - [warninglists:checkValue] Exposed feature in the UI. [mokaddem] - [server:setting] Added missing config `warning_for_all` [mokaddem] - [allowedlist] Migrated views to factory. [mokaddem] - [users:index] Migrated view to factory. [mokaddem] - Bumped queryversion. [mokaddem] - [event-report] Improved hints autocomplete while typing. [mokaddem] - Hints available scopes - Allow searching for object's priority value - [warninglists:checkValue] Exposed feature in the UI. [mokaddem] - [server:setting] Added missing config `warning_for_all` [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [event:alert] Added option to refresh to ban. [mokaddem] - [event:getEventRepublishBanStatus] Improved wording. [mokaddem] - [UI] Link to proposal limited view from proposal event index. [Jakub Onderka] - [event:alert] Added option to refresh to ban. [mokaddem] - [event:getEventRepublishBanStatus] Improved wording. [mokaddem] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [objects] updated to the latest version. [Alexandre Dulaunoy] - [elements:serverRuleElements] Removed useless spaces. [mokaddem] - [server:queryAvailableSyncFilteringRules] Returns error message instead of throwing error. [mokaddem] - [servers:edit] Added indicative text for serverRuleElements. [mokaddem] - [elements:serverRuleServers] Added text for each scopes. [mokaddem] - [elements:serverRuleElements] Reset widgets state on modal close. [mokaddem] - [elements:rules_widget] Added collapsible for freetext inputs. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [ACL] added correlation exception edit. [iglocska] - [elements:indexPostlink] Added possibility to add confirm messages. [mokaddem] Fixed JS error throwing undefined variable in top correlations Fix ~~~ - [jobs view] Typo with $baseurl variable name. [chrisr3d] - [module results] References between objects returned with module results and the original object attribute are now pointing to the original object itself. [chrisr3d] - A reference between an object and an object attribute is supported in the API, but does not appear on the event graph - Instead of pointing to the initial object attribute then, we look for the uuid of the object containing the attribute and use this uuid for the reference - The references between objects returned as module results and the object containing the attribute initially used for the enrichment with a module are then handled properly - [taxonomies] updated. [Alexandre Dulaunoy] - [attribute:first_seen/last_seen] First seen value can be equal to the last_seen value. Fix #7404. [mokaddem] - [module results] Included the object references handling loop in the objects handling loop. [chrisr3d] - If we did not get any object in a result from a misp module, the `$references` variable would not have been defined and would have raised an issue. The references are related to objects, it is then obvious to handle them both together - [modules results] Fixed the query to find the uuid of the attribute used as input of a misp-module. [chrisr3d] - With `Attribute.object_id => 0`, the query did only return attributes outside of a MISP object - This was causing issues with references between the MISP objects returned by the modules and the attribute used as input to the module. Those references were visible in the module results preview, but skipped then after the submit button is pressed. - The references are now correctly handled - [attributes] Enforce FS to be before LS (also for ShadowAttributes & Objects) [mokaddem] - Servers cannot be edited via API when MISP.host_org_id setting is empty. [Luciano Righetti] - [attribute:first_seen/last_seen] First seen value can be equal to the last_seen value. Fix #7404. [mokaddem] - [correlations] Correctly handle exclusion. [Jakub Onderka] - [internal] Attribute correlation toggle. [Jakub Onderka] - [attributes] Enforce FS to be before LS (also for ShadowAttributes & Objects) [mokaddem] - [internal] Missing variable. [Jakub Onderka] - [UI] Chosen autofocus for attribute mass edit. [Jakub Onderka] - [feed] Better error handling when downloading MISP feeds. [Jakub Onderka] - [export] YARA export. [Jakub Onderka] - [warninglists:index] Restored site admin permission requirement for deletion. [mokaddem] - [log] Do not log unnecessary data to AuditLog. [Jakub Onderka] - [feed preview] fixed exception thrown to invalid threat level listing call. [iglocska] - [UI] Warning message for event modification warning. [Jakub Onderka] - [server:settings] Typo. [mokaddem] - [db_schema] Update to version 68. [Jakub Onderka] - [files:defaut_feeds] Added trailing slash Fix #7022. [mokaddem] - [worker] restart not working correctly with SELinux. [iglocska] - endless process spawn due to not being able to fetch the user's name - [server:settings] Typo. [mokaddem] - [db_schema] Update to version 68. [Jakub Onderka] - [stix2 export] Making sure timestamps are always converted into the format STIX likes. [chrisr3d] - [stix2 export] Making sure attributes have their Galaxy field before trying to parse it. [chrisr3d] - [stix2 export] Copy paste issue. [chrisr3d] - [stix2 export] Trying to make first_seen & last_seen fields are exported in an iso-formatted datetime format. [chrisr3d] - [stix2 export] Avoiding issues with MISP events 'Event' field. [chrisr3d] - [stix2 import] Added the missing ip address observable parsing function. [chrisr3d] - Should fix #6855 - [stix2 import] Avoid missing the to_ids flag when set to False. [chrisr3d] - attribute.get('to_ids') with 'to_ids' set to False will simply skip the field, and let then MISP set the flag to the default 'to_ids' value depending on the attribute type - With the test being `attribute.get('to_ids') is not None` we make sure even if 'to_ids' is False, we get the field as it is - [stix1 import] Avoiding AttributeError exceptions when the STIX packages have no header. [chrisr3d] - [worker] restart not working correctly with SELinux. [iglocska] - endless process spawn due to not being able to fetch the user's name - [emailing] password resets and OTP didn't handle line breaks correctly. [iglocska] - [elements:serverRuleElementPush] Recover freetext tags not known by the instance. [mokaddem] - [decayings:add] Correct usage of the translation function. [mokaddem] - [UI] Correctly display last login time. [Loïc Fortemps] Until now, we were showing the "one before last" login time, this fixes the issue - [galaxyCluster:export] Only unset fields if they exists. [mokaddem] In some cases, galaxy clusters might not have targeting clusters - [galaxyCluster:export] Only unset fields if they exists. [mokaddem] In some cases, galaxy clusters might not have targeting clusters Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7377 from 86x/pi-support. [Andras Iklody] fix: Support various Raspberry Pi OS's in SUPPORT_MAP - Added support for raspberry pi. [User] - Merge pull request #7334 from Wachizungu/fix-allowedlists-route. [Andras Iklody] chg: [routes] fix allowedlists routes. Renamed from whitelists. - Merge pull request #7403 from righel/fix-restricted_to_domain-reset- on-org-edit-allow-json-arrays. [Andras Iklody] fix restricted_to_domain reset when updating org, allow arrays via api. - Fix restricted_to_domain reset when updating org, allow arrays via api. [Luciano Righetti] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #7405 from righel/fix-edit-servers-via-api-when- host_org_id-is-empty. [Andras Iklody] fix: servers cannot be edited via API when MISP.host_org_id setting i… - Merge pull request #7397 from JakubOnderka/log-new-setting. [Jakub Onderka] chg: [setting] Add missing setting fo new audit log - Merge pull request #7400 from JakubOnderka/after-save-correlation-fix. [Jakub Onderka] After save correlation fix - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7189 from JakubOnderka/view-as. [Jakub Onderka] new: [internal] View event as different user - Merge pull request #7390 from JakubOnderka/fix-chosen-autofix. [Jakub Onderka] fix: [UI] Chosen autofocus for attribute mass edit - Merge pull request #7395 from JakubOnderka/feed-download-error- handlig. [Jakub Onderka] fix: [feed] Better error handling when downloading MISP feeds - Merge pull request #7018 from JakubOnderka/yara-export-fix. [Jakub Onderka] fix: [export] YARA export - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'migration-allowlists' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration- allowlists. [mokaddem] - Merge branch 'migration-users-views' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration-users- views. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration-users- views. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration- allowlists. [mokaddem] - Merge branch 'migration-organisations-views' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration- organisations-views. [mokaddem] - Merge branch 'migration-warninglists' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration- warninglists. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into migration- allowlists. [mokaddem] - Merge pull request #7392 from Wachizungu/fix-usage-data-active- proposals-count. [Andras Iklody] chg: [statistics:UsageData] fix active proposal count, exclude deleted entries - Merge pull request #6914 from JakubOnderka/audit-log. [Jakub Onderka] New Audit log system - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7389 from aaronkaplan/patch-1. [Andras Iklody] Update apache.24.misp.ssl - Update apache.24.misp.ssl. [AaronK] StrongCiphers4All! \o/ - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7388 from JakubOnderka/fix-log-warning. [Jakub Onderka] Fix log warning - Merge branch 'feature-event-republishing-ban' into develop. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into feature-event- republishing-ban. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7384 from JakubOnderka/fix-db-schema. [Jakub Onderka] fix: [db_schema] Update to version 68 - Merge pull request #7367 from JakubOnderka/proposal-index-ui. [Jakub Onderka] chg: [UI] Link to proposal limited view from proposal event index - Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Update supportFunctions.md. [Raphaël Vinot] pull from oirigin main and not origin master in PyMISP - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'improvements-sync-filter-rules2' into develop. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7374 from lfortemps/patch-3. [Alexandre Dulaunoy] fix: [UI] Correctly display last login time - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] v2.4.142 (2021-04-27) --------------------- New ~~~ - [correlation exclusions] now have an optional comment field. [iglocska] - explain why you exclude a value for easier maintenance - edit existing exclusions to add those comments after the fact - [top correlations] Redirect to the attribute search when clicking a value. [iglocska] - [Index builder] add simple postlink field. [iglocska] - [Correlations] Added cached toplist. [iglocska] - stored via zset in redis - very fast, but needs to be generated - generation background processed - [index top bar] added element to act as a text replacement field instead of a button. [iglocska] - [correlations] added new background task for correlating individual values. [iglocska] - [Correlations] refactor / rework. [iglocska] - moved to own controller and model - refactored several long incomprehensible functions - extracted reused tasks from functions and made them reusable - added a way to correlate individual values as opposed to attributes - Added top correlations index - [UI] added stupid pagination links. [iglocska] - sometimes we want to paginate data not derrived from the usual backend but still have a first/last/next/previous link included - [correlations] top correlations index view added. [iglocska] - [Correlations] added dedicated controller/model/views. [iglocska] - [servers:edit] Fetches available orgs and tags from remote server. [mokaddem] - Componentized views and made them responsive - Usage of picker for orgs and tags - For server pull rule, fetches available choices from remote server - [galaxyCluster:wipe_default] New endpoint to wipe out all default clusters. [mokaddem] - [Cache] search allows bulk lookups. [iglocska] - it is now possible to search for a list of values such as: { "value": ["1.1.1.1", "8.8.8.8", "8.8.4.4"] } - this will now return a dictionary with the key being the lookup value and the value being a list of hits and their metadata - passing a single value will revert to the old behaviour, returning a simple list with the hits and their metadata - [doc] Add doc on how MISP uses git. [E. Cleopatra] - [Dashboard] Adding user count evolution widget. [Jeroen Pinoy] - [Dashboard] Add org count evolution widget. [Jeroen Pinoy] - [doc] Add roadmap. [E. Cleopatra] - [event:timeline] Fit visible window from provided start/end dates + help tooltip. [mokaddem] - [servers:diagnostic] Tool to remove orphaned correlations. [mokaddem] - [UI] Smarter events lock checking. [Jakub Onderka] - [API] REST repose for jobs index. [Jakub Onderka] - [docs] Added API_Doc. [mokaddem] - [Console] New API shell to create API documentation from RestResponseComponent. [mokaddem] - [Dashboard] Add usage data widget. [Jeroen Pinoy] - [UI] User column selector. [Jakub Onderka] - [UI] User can choose columns for event index. [Jakub Onderka] - [chg] timestamp index field allows a new "x units ago" representation. [iglocska] - just pass "ago": 1 as a parameter to the field Changes ~~~~~~~ - [elements:indexPostlink] Added possibility to add confirm messages. [mokaddem] Fixed JS error throwing undefined variable in top correlations - [correlations] reverted the division by 2 for the correlation counts. [iglocska] - there are legitimate cases where we get one way correlations - we use the value field to aggregate the count, which leads to it being incorrect when using advanced correlations (the reverse correlation will use the value of the remote side) - [CRUD] component - added redirect_controller parameter. [iglocska] - redirect to other controllers on demand, not just other actions - [ACL] added top correlation generation to ACL. [iglocska] - [version] bump. [iglocska] - Force perms for logfiles before tests. [Raphaël Vinot] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [CRUD] component, changed two filtering functions to be accessible externally. [iglocska] - [indextable] added stupid pagination options. [iglocska] - [menues] updated with new correlation functionality. [iglocska] - [elements:indexTable] Allow passing URL parameters for link actions. [mokaddem] - [css:event-report] Improved layout when using objects in markdown headers. [mokaddem] - [internal] Do not load not necessary event info for attack export. [Jakub Onderka] - [UI] Hide URL from feed and server cache hits. [Jakub Onderka] - [elements:serverRuleElements] Added notice for older server not supporting filtering rule queries. [mokaddem] - [elements:serverRuleElements] Better function name for maintainability. [mokaddem] - [element:serverRuleElements] Rules are parsed and build on rules_widget container. [mokaddem] They can later be recovered by external commands without having to rely on fixed HTML ID properties - [elements:serverRuleElements] Parametrized display of freetext input. [mokaddem] - [servers:add] Removed unused view. [mokaddem] - [server:queryAvailableSyncFilteringRules] Includes the HTTP return code in case of errors. [mokaddem] - [elements:serverRuleElements] Added support of existing rules for feeds. [mokaddem] - [elements:serverRuleElements] Inject existing rules into widget. [mokaddem] - [elements:serverRuleElements] Support of previous rule states - WiP. [mokaddem] - [elements:serverRuleElements] Added preventive sanitizations. [mokaddem] - [warning-lists] updated. [Alexandre Dulaunoy] - [elements:infoModal] Added sanitization. Just in case. [mokaddem] - [servers:edit] Slight UI adjustements. [mokaddem] - [servers:edit] Added support of codemirror and delete buttons. [mokaddem] - [internal] fetchEventIds refactored. [iglocska] - the stupid ordered params were driving me nuts - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [doc] FIx links. [E. Cleopatra] - [doc] Some minor changes. [E. Cleopatra] - [doc] Fix grammatical errors. [E. Cleopatra] - [doc] update and rename. [E. Cleopatra] - [doc] Add content. [E. Cleopatra] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [MispObject] fix copy paste error in checkForDuplicateObjects. [Jeroen Pinoy] - [MispObject] fix copy paste error in editObject. [Jeroen Pinoy] - [Dashboard:MultiLineChart] make enabling 'total' line on initial render configurable. [Jeroen Pinoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [metadata] JSON fixed. [Alexandre Dulaunoy] - [feed] JSON fixed. [Alexandre Dulaunoy] - [feed] default feed JSON fixed. [Alexandre Dulaunoy] - [doc] Minor changes. [E. Cleopatra] - [installer] Update to latest. [Steve Clement] - [installer] Update template for rhel7/8. [Steve Clement] - [doc] Updates to RHEL7/8 doc. [Steve Clement] - [installer] Update to latest. [Steve Clement] - [installer] Updated template for RHEL install. [Steve Clement] - [fix] Missing version number. [Steve Clement] - [installer] Installer Update, RHEL support added. [Steve Clement] - [installer] Minor clean-up. [Steve Clement] - [doc] More specific tweak to v7 and v8. [Steve Clement] - [doc] Makes v7/v8 more clear. [Steve Clement] - [doc] More cohesive docs. [Steve Clement] - [installer] Latest installer. [Steve Clement] - [installer] Template update to support RHEL7/8 CentOS7/8. [Steve Clement] - [installer] udpated template to install php7.4 on ubuntu18.04. [Steve Clement] - [doc] Suggest installing php74 on Ubuntu 18.04. [Steve Clement] - Bump PyMISP. [Raphaël Vinot] - [installer] Update to latest installer. [Steve Clement] - [installer] Added modulesCAKE fn. [Steve Clement] - [installer] Update to latest. [Steve Clement] - [sh] Small fix to make misp-refresh non-interactive. [Steve Clement] - [doc] lief is in requirements.txt. [Steve Clement] - [feeds:edit] Improved saving of edits Fix #7293. [mokaddem] - [event:search] Allow filtering by org uuid. Fix #7288. [mokaddem] - [internal] Move fetching related attributes to one place. [Jakub Onderka] - [internal] Install DebugKit by Composer. [Jakub Onderka] - [internal] Install random_compat by Composer. [Jakub Onderka] - [internal] Install CakePHP by Composer. [Jakub Onderka] - [UI] Correctly handle progress for jobs. [Jakub Onderka] - [UI] Make possible to filter jobs by prio queue. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [attributes/restSearch] add clarifying comments. [Jeroen Pinoy] - [restResponseComponent] Get scoped available endpoints. [mokaddem] - Bump PyMISP. [Raphaël Vinot] - [doc] Updated cake config defaults. [Steve Clement] - [doc] Further RHELL tweaks. [Steve Clement] - [doc] Seperated RHEL 7/8 install fn. Fedora33 supported. [Steve Clement] - [doc] some cleanups. [Steve Clement] - [doc] Seperated cake commands into seperate files. [Steve Clement] - [doc] fix merge. [Steve Clement] - Bump pipfile lock. [Raphaël Vinot] - [UI] Use choosen for tag select. [Jakub Onderka] - [UI] dblclickElement. [Jakub Onderka] - [internal] Optimise fetching correlation count for events. [Jakub Onderka] - [doc] Automation adaption. [Steve Clement] - [doc] Updated Changelog.md. [Steve Clement] - [doc] Added details on MISPvars. [Steve Clement] Fix ~~~ - [attribute search] Don't use form tampering protection for searches. [iglocska] - [top correlations] Divide the count by 2. [iglocska] - Each correlation has 2 entries in the DB (A->B and B->A) - this doesn't mean that we should count each of those entries, but rather divide by 2 to get the actual correlation count - [default feeds] duplicate name resolved, fixes #6978. [iglocska] - as reported by @chrisinmtown - [galaxy] logging - use SYSTEM as the default org name for logging. [iglocska] - [galaxy] new logging to catch meta field errors assumed that the user object was available. [iglocska] - [narrator] It wasn't. - [galaxy] update fails gracefully and skips over malformed meta fields in a cluster. [iglocska] - [feeds:edit] Recover event_id if it exists Fix #7293 (second part) [mokaddem] - [correlations] added fix for invalid function call. [iglocska] - introduced by the refactor, looking up Attribute object variables such as noncorrelatingTypes - [correlations] Don't barf when trying to add data with no correlations. [iglocska] - [correlation exclusions] controller comment fixed. [iglocska] - [Correlations] controller - added missing components. [iglocska] - [Correlations] fixed advanced correlations for ssdeep and separated into own function. [iglocska] - [stix1 framing] Fixed CIQ Identity namespace. [chrisr3d] - Add strict commit test function. [Luciano Righetti] - Allow setting org_id=0 via cake console, add --force option to force settings. [Luciano Righetti] - [UI] Event lock warning. [Jakub Onderka] - [UI] Wrong org id for galaxy matrix stats. [Jakub Onderka] - [misp.js] Support display on fretext values and removed useless functions. [mokaddem] - [servers:edit] Support servers/add with the server/edit view. [mokaddem] - [feeds:edit] Display additional filtering rules. [mokaddem] - [elements:serverRuleElement] Push should not be allowed to set freetext orgs. [mokaddem] - [elements:serverRuleElements] Avoid saving the space character as additional rule. [mokaddem] - [feeds:edit] Log correct action. Fix #7347. [mokaddem] - [elements:serverRuleElementPull] Typo. [mokaddem] - [elements:serverRuleElementsPull] Correctly setup codemirror. [mokaddem] - [server:edit] Usage of IDs or raw values on correct context. [mokaddem] - PUSH should use IDs - PULL should use raw values - [test] Allow access from IPv6 addresses. [Jakub Onderka] - [GHA] change in hostname, bump pymisp, fix vhost. [Raphaël Vinot] - [feed:edit] Fixed bug preventing to recover feed data in the UI. [mokaddem] - [doc] moreutils package added (required for sponge) [Alexandre Dulaunoy] Fix #7353 - [decaying:row_simulation] Removed buggy HTML title. [mokaddem] - [decaying:row_simulation] Correctly pass event data to galaxy element. [mokaddem] - [audit] Better path to cake version file. [Jakub Onderka] - [decaying:row_simulation] Correctly pass event data to galaxy element. [mokaddem] - [decaying:row_simulation] Removed buggy HTML title. [mokaddem] - Fix remove attribute tag showing text/html content-type. [Luciano Righetti] - [CSRF] issues resolved for the dashboards controller. [iglocska] - [security] Sharing group misassociation on sync. [iglocska] - when an object has a sharing group associated on an event edit, the sharing group object is ignored and instead the passed local ID is reused - as reported by Jeroen Pinoy - [doc] Small regression. [Steve Clement] - Remove call to private method, call __alterAttributeCount() from Attribute::restore() method. [Luciano Righetti] - [installer] Updated template to fix v7/8. [Steve Clement] - [installer] Fix merge fup of template. [Steve Clement] - [webroot:index] Make sure MISP works if cakephp is not installed via composer. [mokaddem] - [internal] Organisation object for user is not included all time. [Jakub Onderka] - [UI] Hide job retries since this column is always zero. [Jakub Onderka] - [UI] Failed jobs are not considered as Queued. [Jakub Onderka] - [xml] Object can be without attributes. [Jakub Onderka] - [factories] links and timestamps fixed. [iglocska] - really annoying timestamp issue - as discovered during LS21 - [tools] Fixed misp-backup. [Steve Clement] - [emailing] subject restored. [iglocska] - view template not having the subject var set defaulted the subject to null - [UI] Event index filter nicer. [Jakub Onderka] - [UI] Event index filter edit. [Jakub Onderka] - [internal] Remove unused code. [Jakub Onderka] - [doc] CentOS 7 needs to use Remi too. [Steve Clement] - [installer] Use awk to print until EoF from match. [Steve Clement] - [installer] globalVariables fix to ignore preceeding lines. [Steve Clement] - [tools] now works on MacOS and considers gsed. [Steve Clement] - [internal] ThreatLevel::list() function renamed. [iglocska] - causes issues under certain PHP versions as it's a reserved keyword Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7369 from MISP/fix-link. [Alexandre Dulaunoy] Fix link - Fix link. [E. Cleopatra] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge branch 'developt push' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7366 from righel/allow-cake-cli-set-null-settings. [Andras Iklody] fix: allow setting org_id=0 via cake console, add --force option - Merge branch 'feature-galaxy-cluster-wipe-default' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-galaxy- cluster-wipe-default. [mokaddem] - Merge pull request #7364 from JakubOnderka/galaxy-stats-fix. [Jakub Onderka] Galaxy stats fix - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Security: [feeds] Hide headers for non-site admin users. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7365 from JakubOnderka/feed-url-remove. [Jakub Onderka] chg: [UI] Hide URL from feed and server cache hits - Merge branch 'develop' of github.com:MISP/MISP into feature-galaxy- cluster-wipe-default. [mokaddem] - Merge branch 'improvements-sync-filter-rules' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into improvements-sync- filter-rules. [mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into improvements-sync- filter-rules. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into improvements-sync- filter-rules. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7358 from JakubOnderka/fix-security-test. [Jakub Onderka] fix: [test] Allow access from IPv6 addresses - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7230 from jozuatec/patch-2. [Jakub Onderka] Update OidcAuthenticate.php - Update OidcAuthenticate.php. [jozuatec] With our IDP the user roles do not get delivered through claims. With this edit (get roles through "requestUserInfo" when claims fails to do so), our IDP can deliver the roles through an "Extra Attributes" field. I am already using this code in our production, it works fine for us. - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7235 from imidoriya/patch-1. [Andras Iklody] chg: [tag] Use detailed message in tag return - Restored generic when successes > 1. [Deku] Generic can handle when more than 1 tag is added. - Generic message overwrites detailed message. [Deku] A detailed message is created on lines 870 and 877, however, they're never used in the response as it is overwritten by the generic message on line 888. - Merge pull request #7326 from PROTechThor/contribute. [Alexandre Dulaunoy] Improve contributing.md, Add coding style, workflow - Update STYLE.md. [E. Cleopatra] - Update GITWORKFLOW.md. [E. Cleopatra] - Update CONTRIBUTING.md. [E. Cleopatra] - Update CONTRIBUTING.md. [E. Cleopatra] - Write coding style guidelines. [E. Cleopatra] - Merge pull request #7342 from Wachizungu/fix-checkForDuplicateObjects- typo. [Andras Iklody] chg: [MispObject] fix copy paste error in checkForDuplicateObjects - Merge pull request #7343 from Wachizungu/fix-typo-in-editObject. [Andras Iklody] chg: [MispObject] fix copy paste error in editObject - Merge pull request #7345 from Wachizungu/user-count-evolution-widget. [Andras Iklody] new: [Dashboard] Add user count evolution widget - Merge pull request #7350 from Wachizungu/org-count-evolution-widget. [Andras Iklody] new: [Dashboard] Add org count evolution widget - Merge pull request #7352 from JakubOnderka/revert-composer. [Jakub Onderka] Revert composer - Revert "chg: [internal] Install CakePHP by Composer" [Jakub Onderka] This reverts commit 74eccfe9 - Revert "chg: [internal] Install random_compat by Composer" [Jakub Onderka] This reverts commit fe7d0a46 - Merge pull request #7349 from Wachizungu/multilinechart-make-enabling- total-configurable. [Alexandre Dulaunoy] chg: [Dashboard:MultiLineChart] make enabling 'total' line on initial… - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7336 from stevengoossensB/2.4. [Alexandre Dulaunoy] Change config.default.php to have everything needed for Azure AD auth - Change config.default.php to have everything needed for Azure AD authentication in there (as suggested in PR 6661) [Steven] - Merge pull request #7339 from righel/fix-remove-tag-attribute-content- type-header. [Andras Iklody] fix: fix remove attribute tag showing text/html content-type - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7304 from StefanKelm/2.4. [Alexandre Dulaunoy] add MalwareBazaar and URLhaus - Add MalwareBazaar and URLhaus. [StefanKelm] https://github.com/MISP/MISP/issues/7176 - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7320 from PROTechThor/roadmap. [Alexandre Dulaunoy] MISP Roadmap - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7309 from SteveClement/guides. [Steve Clement] - Merge pull request #7308 from SteveClement/tools. [Steve Clement] chg: [installer] Update template for rhel7/8 - Merge pull request #7307 from SteveClement/guides. [Steve Clement] chg: [doc] Updates to RHEL7/8 doc - Merge pull request #7306 from SteveClement/tools. [Steve Clement] - Merge pull request #7303 from righel/fix-error-when-restoring- attribute-from-api. [Andras Iklody] fix: remove call to private method, call __alterAttributeCount() from… - Merge pull request #7302 from SteveClement/tools. [Steve Clement] chg: [installer] Minor clean-up - Merge pull request #7301 from SteveClement/tools. [Steve Clement] - Merge branch 'tools' of github.com:SteveClement/MISP into tools. [Steve Clement] - Merge branch 'tools' of github.com:SteveClement/MISP into tools. [Steve Clement] - Merge branch '2.4' into tools. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into tools. [Steve Clement] - Merge pull request #7300 from SteveClement/guides. [Steve Clement] - Merge pull request #7298 from SteveClement/tools. [Steve Clement] chg: [installer] Template update to support RHEL7/8 CentOS7/8 - Merge pull request #7297 from SteveClement/tools. [Steve Clement] chg: [installer] udpated template to install php7.4 on ubuntu18.04 - Merge pull request #7296 from SteveClement/guides. [Steve Clement] chg: [doc] Suggest installing php74 on Ubuntu 18.04 - Merge pull request #7291 from stevengoossensB/2.4. [Alexandre Dulaunoy] Added Threatfox to default feeds - Fix typo. [Steven] - Added Threatfox to default feeds. [Steven] - Merge pull request #7289 from SteveClement/tools. [Steve Clement] chg: [installer] Added modulesCAKE fn - Merge pull request #7287 from SteveClement/tools. [Steve Clement] - Merge pull request #7187 from JakubOnderka/related-attributes. [Jakub Onderka] chg: [internal] Move fetching related attributes to one place - Merge pull request #7227 from JakubOnderka/smarter-event-locks-check. [Jakub Onderka] new: [UI] Smarter events lock checking - Merge pull request #7158 from JakubOnderka/sg-user-org-id. [Jakub Onderka] fix: [internal] Organisation object for user is not included all time - Merge pull request #7294 from JakubOnderka/cakephp-composer. [Jakub Onderka] chg: [internal] Install CakePHP by Composer - Merge pull request #7204 from JakubOnderka/fix-jobs. [Jakub Onderka] Fix jobs - Merge pull request #7267 from JakubOnderka/fix-xml-empty-object. [Jakub Onderka] fix: [xml] Object can be without attributes - Added Threatfox to default feeds. [Steven] - Merge pull request #7266 from stephengroat/patch-1. [Jakub Onderka] fix recursive submodule checkout - Fix recursive submodule checkout. [Stephen] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Add: [module results] Catching MISP Objects first_seen & last_seen values. [chrisr3d] - Will probably also check at attribute level to have it too if needed - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #7273 from Wachizungu/add-comments-attributes- restsearch. [Sami Mokaddem] chg: [attributes/restSearch] add clarifying comments - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7282 from SteveClement/tools. [Steve Clement] - Merge branch '2.4' into tools. [Steve Clement] - Merge branch '2.4' of github.com:SteveClement/MISP into 2.4. [Steve Clement] - Merge branch '2.4' into tools. [Steve Clement] - Merge pull request #7281 from SteveClement/guides. [Steve Clement] chg: [doc] Further RHELL tweaks - Chf: [doc] More amendments to RHEL8. [Steve Clement] - Add: [module results] Catching MISP Objects first_seen & last_seen values. [chrisr3d] - Will probably also check at attribute level to have it too if needed - Merge pull request #7278 from SteveClement/guides. [Steve Clement] - Merge pull request #7276 from SteveClement/guides. [Steve Clement] chg: [doc] some cleanups - Merge pull request #7275 from SteveClement/guides. [Steve Clement] chg: [doc] Seperated cake commands into seperate files - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7263 from Wachizungu/add-usagedata-dashboard- widget. [Andras Iklody] new: [Dashboard] Add usage data widget - Merge pull request #7228 from JakubOnderka/event-index-custom-columns. [Jakub Onderka] Event index custom columns - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7269 from SteveClement/guides. [Steve Clement] - Merge pull request #7268 from SteveClement/guides. [Steve Clement] chg: [doc] Added details on MISPvars - Merge pull request #7233 from EvaYiYang/patch-1. [Andras Iklody] fix: [internal] Keep AadAuth setting in config.php when modify setting value from UI - Merge branch '2.4' into patch-1. [Andras Iklody] - Add AadAuth module as saved settings. [Eva Yang] - Merge branch '2.4' into develop. [iglocska] v2.4.141 (2021-03-29) --------------------- New ~~~ - [cli] enable all tags for a taxonomy. [Jeroen Pinoy] - [eventgraph:viewPicture] Allow access to saved picture from the eventgraph history. [mokaddem] - [UI] Reworked galaxy quick view. [Jakub Onderka] - [UI] Show threat level icons on event index. [Jakub Onderka] - [freetext] Faster freetext parsing with more tests. [Jakub Onderka] - [event loader] has a new extensionList parameter. [iglocska] - boolean, if set includes a list of extension events, metadata only - [test] Alert email generating. [Jakub Onderka] - [email] New setting `MISP.event_alert_metadata_only` [Jakub Onderka] - [email] Command for testing generated alert email. [Jakub Onderka] - [email] Allow to set email subject from template. [Jakub Onderka] - [mail] Add reference for event alert emails. [Jakub Onderka] - [mail] Move contact alert email to templates. [Jakub Onderka] - [mail] HTML alert emails. [Jakub Onderka] - [mail] Backend support for sending HTML emails. [Jakub Onderka] - [shortcuts] Show help when pressing ? key. [Jakub Onderka] - [internal] Security setting force_https. [Jakub Onderka] - [authkeys] Copy key info when resetting key. [Jakub Onderka] - [authkeys] Allowed IPs. [Jakub Onderka] - [UI] Render galaxy cluster description as markdown. [Jakub Onderka] Changes ~~~~~~~ - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [doc] when enabling remi 7.4 by default, paths change. [Steve Clement] - [doc] CentOS8Stream is now supported. [Steve Clement] - [doc] reshuffle documentation order and archive some older guides. [Steve Clement] - [i18n] Updated base strings. [Steve Clement] - [i8n] Added localization progress. [Steve Clement] - [i18n] Fix mrg conflict. [Steve Clement] - [i18n] Updated base strings. [Steve Clement] - [i18n] Updated translations. [Steve Clement] - [galaxy] Update. [Jakub Onderka] - [UI] fix debugon for debug = 1. fix #7131. [Jeroen Pinoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [doc] more fine tuning to RHEL8. [Steve Clement] - [doc] Balanced RHEL 8 and 7 Docs. [Steve Clement] - [doc] Move away from expect. [Steve Clement] - [installer] Update to latest. [Steve Clement] - [doc] Added additional hardening and logging defaults. [Steve Clement] - [doc] Some minor changes and hardening. [Steve Clement] - [doc] Minor adjustments to permissions setter. [Steve Clement] - [doc] typo. [Steve Clement] - [doc] Added symlink to php. [Steve Clement] - [doc] Be friendly to automation. [Steve Clement] - [taxonomies] updated. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [auth] if no API key is provided for an API action - log it. [iglocska] - [auth key] logging no longer collapsed if the new setting is enabled. [iglocska] Security.log_each_individual_auth_fail will log all API failures instead of collapsing repeated queries - [statistics] fix typo in statistics_data view - monthly attributes styling check. [Jeroen Pinoy] - [ShibbAuth] Add login entry on logging in for audit. [Jeroen Pinoy] - [statistics] fix typo in statistics_data view - monthly attributes styling check. [Jeroen Pinoy] - [ShibbAuth] Add login entry on logging in for audit. [Jeroen Pinoy] - [feed] Check if value is clean IP without doing expensive operations. [Jakub Onderka] - [test] Add test for #7214. [Jakub Onderka] - [shibbauth] added two extra settings. [iglocska] - ApacheShibbauth.DefaultRole: defaults to false, if set, pick the supplied roleID for any user authenticating. Can be used together with BlockRoleModifications - ApacheShibbauth.BlockRoleModifications: defaults to false, boolean. If set to true, will block any updates to the existing users on authentication. This preserves any modifications made by a site admin in MISP. - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [UI] Show number of items in freetext feed. [Jakub Onderka] - [UI] Make feed event preview nicer. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [internal] Threat levels list. [Jakub Onderka] - [restClient:querybuilder] add events and attributes addTag and removeTag actions. [Jeroen Pinoy] - [attributes] fix attribute addtag by name conditions for find not set. [Jeroen Pinoy] - [attributes] fix copypasta error leading to internal server error on addtag with tag name. [Jeroen Pinoy] - [attributes] fix copypasta error leading to internal server error on addtag with tag name. [Jeroen Pinoy] - Bumped queryversion. [mokaddem] - [optimisation] Faster Model::_findList method. [Jakub Onderka] - [internal] Faster event locks with Redis. [Jakub Onderka] - [correlation] Do not update info and date column, since they are not used anymore. [Jakub Onderka] - [restClient:querybuilder] fix remove tag from object template. [Jeroen Pinoy] - [restClient:querybuilder] add events and attributes addTag and removeTag actions. [Jeroen Pinoy] - [attributes] fix attribute addtag by name conditions for find not set. [Jeroen Pinoy] - [attributes] fix copypasta error leading to internal server error on addtag with tag name. [Jeroen Pinoy] - [email] Move event alert email subject generting. [Jakub Onderka] - [internal] Fetch attribute UUIDs for sightings in different query. [Jakub Onderka] - [UI] It is 2021! Removed -moz and -webkit specific CSS properties. [Jakub Onderka] - [UI] Make some parts of MISP nicer. [Jakub Onderka] - [eventGraph] Improved object coloring strategy. [mokaddem] - [security audit] removed sharing group recommendation and fixed grammar. [iglocska] - the hide sharing group org setting is actively harmful, we should definitely not promote it - [sync] Code cleanup. [Jakub Onderka] - [sync] Do not decode body if is empty. [Jakub Onderka] - [UI] Nicer pivots. [Jakub Onderka] - [diagnostics] Show Redis memory fragmentation. [Jakub Onderka] - [internal] When caching feed, save progress to db less often. [Jakub Onderka] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] Fix tests. [Raphaël Vinot] - [PyMISP] Bump before release. [Raphaël Vinot] - [internal] Set cookie name just when no name is set. [Jakub Onderka] - [schema] Add index for EventReport.event_id. [Jakub Onderka] - [schema] Convert GalaxyCluster tag name to case insensitive. [Jakub Onderka] - [UI] Do not show published for default galaxy clusters. [Jakub Onderka] - [internal] Cleanup code that is resposible for fetching server setting. [Jakub Onderka] - [UI] Simplify keyboard-shortcuts.js. [Jakub Onderka] - [UI] Use Page Visibility API. [Jakub Onderka] - [optimise] Faster loading galaxy cluster index. [Jakub Onderka] Fix ~~~ - [attribute:restSearch] `includeCorrelations` Do not longer returns soft-deleted attributes. [mokaddem] - [sharinggroup:captureSG] Correctly capture the roaming state. [mokaddem] Fix #7254 - [attribute] typo in place-port-of-original-embarkation fixed. [Alexandre Dulaunoy] - [doc] Partial fix for misp-modules. [Steve Clement] - [doc] Fixed a bash variable bug. [Steve Clement] - [doc] MISP-core now working on RHEL 7.9. [Steve Clement] - [doc] next stages of the RHEL7 install. [Steve Clement] - [sync:local-tag] Local tags converted into global after sync for internal sync. [mokaddem] Fix #7253 - [attribute] typo in place-port-of-original-embarkation fixed. [Alexandre Dulaunoy] - [attributes:restSearch] pop attribute timestamp filtering condition. [mokaddem] This avoid the condition to propagates to the event level. Fix #7096 - [command:admin] UpdateTaxonomies provides correct feedback Fix #7132. [mokaddem] - [tags] More granularity for local and global add cluster buttons. [mokaddem] - [tags] More granularity for local and global add tag buttons. [mokaddem] - [attributes:addTag] Pass the event to check ACL. [mokaddem] - [taxonomy] avoid MISP becoming unhappy when trying to enable tags for a non-existing taxonomy. [iglocska] - [doc] rhel 7 install doc initial fixes. [Steve Clement] - [selinux] allow log files rename. [Richard van den Berg] - [db_schema] Cerebrates's comment default value. [mokaddem] Fix #7200, fix #7137 - [API] Fixes crash when a new indicator in existing event has a sighting. [Tom King] - [Sync] Crash when attempting to sync with 'Pull Galaxy Clusters' enabled. [Tom King] - [swp] /var/swap.img is not a safe place. [Steve Clement] - [merge] Local tags should stay local vol. 2. [Jakub Onderka] - [internal] Keep OidcAuth setting when modify setting value from UI. [Jakub Onderka] - Remove broken refang. [Raphaël Vinot] - [config.php] file permission after changes fixes #7229. [iglocska] - will revert to the permissions before the save - caused by the create -> rename cycle that backs up server settings on each change actually creating a new file instead of modifying it - [sharing groups] uuid not logged when saving failed due to invalid variable lookup. [iglocska] - [UI] signature allowedlist clarification. [iglocska] - Fixes bug that stops country flag being displayed alongside the coutry in galaxy clusters. [Tom King] - [refanging] Removed obnoxious regexes, fixes #7214. [iglocska] - refanging \\. and .. to . is a stupid idea - [shibbauth] fixed invalid varname. [iglocska] - [test] Repo is missing. [Jakub Onderka] - [feed] Convert invalid key case. [Jakub Onderka] - [test] Repo is missing. [Jakub Onderka] - [internal] Remove unnecessary create call. [Jakub Onderka] - [workers] Worker name when processing freetext. [Jakub Onderka] - [merge] Local tags should stay local. [Jakub Onderka] - [unsafe API keys] fixed. [iglocska] - if you really have to use them, they should work again - please don't use them, you are disclosing your APIkey via the URL - apache logs, proxy logs they will all have your APIkey - adding headers with your APIkey isn't so difficult - if a tool you use has no way of configuring headers, reach out to your vendor, they ought to do something about that - [UI] indextable link generation on empty result set. [iglocska] - empty string instead of notice barfed back - [email] Correctly check if user has PGP or S/MIME key. [Jakub Onderka] - [email] Correct Content-Type header for alternative content. [Jakub Onderka] - [email] Correctly set domain for email message ID. [Jakub Onderka] - [internal] PHP warnings when pivoting. [Jakub Onderka] - [internal] Warning when object has no attributes. [Jakub Onderka] - [SG] allow saving sharing groups with empty releasabiltiy tags, fixes #7165. [iglocska] - [sync] Warning when sync object without attributes. [Jakub Onderka] - [UI] event matrix heatmap view correctly flattens the event. [iglocska] - object attributes were excluded - [UI] fix broken checkbox layout in generic Form builder forms. [iglocska] - [Freetext import] handle end of sentence periods and brackets better, fixes #7163. [iglocska] - [UI] Module diagnostics view. [Jakub Onderka] - [UI] event matrix heatmap view correctly flattens the event. [iglocska] - object attributes were excluded - [UI] Add attribute checkboxes. [Jakub Onderka] - [UI] Diagnostics box. [Jakub Onderka] - [UI] Remove warning about old PHP a Python. [Jakub Onderka] - [diagnostics] Typo in security audit message. [Jakub Onderka] - [UI] fix broken checkbox layout in generic Form builder forms. [iglocska] - [OIDC] Change algo how roles are assigned to users. [Jakub Onderka] - [internal] Undefined index when importing from module. [Jakub Onderka] Other ~~~~~ - Chg; [version] bump. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7261 from SteveClement/guides. [Steve Clement] chg: [doc] when enabling remi 7.4 by default, paths change - Merge pull request #7260 from SteveClement/guides. [Steve Clement] chg: [doc] CentOS8Stream is now supported - Merge pull request #7259 from SteveClement/guides. [Steve Clement] - Merge pull request #7257 from SteveClement/i18n. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into i18n. [Steve Clement] - Merge pull request #7256 from SteveClement/i18n. [Steve Clement] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7264 from JakubOnderka/galaxy-update. [Jakub Onderka] chg: [galaxy] Update - Merge pull request #7255 from Wachizungu/fix-debugon-gui-logic. [Alexandre Dulaunoy] chg: [UI] fix debugon for debug = 1. fix #7131 - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #7251 from SteveClement/guides. [Steve Clement] fix: [doc] Partial fix for misp-modules - Merge pull request #7250 from SteveClement/guides. [Steve Clement] chg: [doc] more fine tuning to RHEL8 - Merge pull request #7249 from SteveClement/guides. [Steve Clement] - Merge pull request #7248 from SteveClement/guides. [Steve Clement] fix: [doc] Fixed a bash variable bug - Merge pull request #7247 from SteveClement/guides. [Steve Clement] chg: [doc] Added additional hardening and logging defaults - Merge pull request #7246 from SteveClement/guides. [Steve Clement] - Merge pull request #7245 from SteveClement/guides. [Steve Clement] - Merge pull request #7244 from SteveClement/guides. [Steve Clement] fix: [doc] MISP-core now working on RHEL 7.9 - Merge pull request #7243 from SteveClement/guides. [Steve Clement] fix: [doc] next stages of the RHEL7 install - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7242 from Wachizungu/add-enable-taxonomy-tags- cake-command. [Andras Iklody] new: [cli] enable all tags for a taxonomy - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7236 from Wachizungu/fix-users-statistics-data- typo. [Alexandre Dulaunoy] chg: [statistics] fix typo in statistics_data view - monthly attribut… - Merge pull request #7231 from Wachizungu/add-login-log-shibbauth. [Alexandre Dulaunoy] chg: [ShibbAuth] Add login entry on logging in for audit - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7238 from SteveClement/guides. [Steve Clement] - Merge pull request #7237 from RichieB2B/ncsc-nl/selinux-rename. [Steve Clement] - Merge pull request #7206 from tomking2/bug/sighting_crash. [Andras Iklody] fix: [api] Fixes crash when a new indicator in existing event has a sighting - Merge pull request #7219 from tomking2/bug/galaxy-cluster- sharinggroup. [Jakub Onderka] fix: [sync] Crash when attempting to sync with 'Pull Galaxy Clusters' enabled - Merge pull request #7215 from SteveClement/tools. [Steve Clement] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7081 from JakubOnderka/galaxy-view-new. [Jakub Onderka] New galaxy view for events - Merge pull request #6722 from JakubOnderka/threat-level-index. [Jakub Onderka] new: [UI] Show threat level icons on event index - Merge pull request #7183 from JakubOnderka/merge-local-tags-v2. [Jakub Onderka] fix: [merge] Local tags should stay local vol. 2 - Merge pull request #7181 from JakubOnderka/freetext-speedup. [Jakub Onderka] new: [freetext] Faster freetext parsing with more tests - Merge pull request #7213 from JakubOnderka/oidc-keep-setting. [Jakub Onderka] fix: [internal] Keep OidcAuth setting when modify setting value from UI - Merge pull request #7222 from JakubOnderka/refang-test. [Jakub Onderka] chg: [test] Add test for #7214 - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7205 from tomking2/bug/galaxy_country_flag. [Jakub Onderka] fix: [UI] Fixes bug that stops country flag being displayed alongside country - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #7188 from dataplane/2.4. [Alexandre Dulaunoy] added newest DataPlane.org feeds - Added newest DataPlane.org feeds. [John Kristoff] - Merge pull request #7207 from JakubOnderka/freetext-feed-view. [Jakub Onderka] chg: [UI] Show number of items in freetext feed - Merge pull request #7184 from JakubOnderka/feed-event-preview-nicer. [Jakub Onderka] chg: [UI] Make feed event preview nicer - Merge pull request #7203 from JakubOnderka/fix-build. [Alexandre Dulaunoy] fix: [test] Repo is missing - Merge pull request #7191 from JakubOnderka/create-no-need. [Jakub Onderka] fix: [internal] Remove unnecessary create call - Merge pull request #7190 from JakubOnderka/worker-name. [Jakub Onderka] fix: [workers] Worker name when processing freetext - Merge pull request #7186 from JakubOnderka/threat-level-list. [Jakub Onderka] chg: [internal] Threat levels list - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7182 from JakubOnderka/merge-local-tags. [Jakub Onderka] fix: [merge] Local tags should stay local - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'eventgraph-node-coloring' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into eventgraph-node- coloring. [mokaddem] - Merge pull request #7170 from JakubOnderka/find-list-optim. [Jakub Onderka] chg: [optimisation] Faster Model::_findList method - Merge pull request #7174 from JakubOnderka/event-locks-faster. [Jakub Onderka] chg: [internal] Faster event locks with Redis - Merge pull request #7173 from JakubOnderka/disable-correlation-info- date. [Jakub Onderka] chg: [correlation] Do not update info and date column - Merge pull request #7159 from Wachizungu/fix-removetag-querybuilder- template. [Alexandre Dulaunoy] chg: [restClient:querybuilder] fix remove tag from object template - Merge pull request #7172 from Wachizungu/add-addTag-removeTag-actions- event-attribute-query-builder. [Alexandre Dulaunoy] chg: [restClient:querybuilder] add events and attributes addTag and r… - Merge pull request #7171 from Wachizungu/fix-attributes-addtag-by- name. [Alexandre Dulaunoy] chg: [attributes] fix attribute addtag by name conditions for find no… - Merge pull request #7168 from Wachizungu/fix-copypasta-error- attributes-addTag. [Jakub Onderka] chg: [attributes] fix copypasta error leading to internal server erro… - Merge pull request #6967 from JakubOnderka/html-alert-email. [Jakub Onderka] HTML alert email - Merge pull request #7161 from JakubOnderka/sighting-different-query. [Jakub Onderka] chg: [internal] Fetch attribute UUIDs for sightings in different query - Merge pull request #7133 from JakubOnderka/pivot-fix. [Jakub Onderka] fix: [internal] PHP warnings when pivoting - Merge pull request #7156 from JakubOnderka/fix-empty-object. [Jakub Onderka] fix: [internal] Warning when object has no attributes - Merge pull request #7166 from JakubOnderka/css-nice. [Jakub Onderka] CSS nice - Merge pull request #7167 from JakubOnderka/keyboard-shortucts. [Jakub Onderka] Keyboard shortcuts - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7162 from JakubOnderka/empty-object-sync. [Jakub Onderka] fix: [sync] Warning when sync object without attributes - Merge branch '2.4' into develop. [iglocska] - Merge pull request #7160 from JakubOnderka/fix-diagnotics. [Jakub Onderka] fix: [UI] Module diagnostics view - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7155 from JakubOnderka/push-optim. [Jakub Onderka] Push optim - Merge pull request #7154 from JakubOnderka/diagnostics. [Jakub Onderka] Diagnostics - Merge pull request #7150 from JakubOnderka/force-https. [Jakub Onderka] new: [internal] Security setting force_https - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7138 from JakubOnderka/oidc-role-fix. [Jakub Onderka] fix: [OIDC] Change algo how roles are assigned to users - Merge pull request #7086 from JakubOnderka/save-progress. [Jakub Onderka] chg: [internal] When caching feed, save progress to db less often - Merge pull request #7104 from JakubOnderka/authkeys-allowed-ips. [Jakub Onderka] new: [authkeys] Allowed IPs - Merge pull request #7111 from JakubOnderka/cookie-name. [Jakub Onderka] chg: [internal] Set cookie name just when no name is set - Merge pull request #7060 from JakubOnderka/galaxy-cluster-tag-name-ci. [Jakub Onderka] chg: [schema] Convert GalaxyCluster tag name to case insensitive - Merge pull request #7112 from JakubOnderka/galaxy-cluster-md. [Jakub Onderka] new: [UI] Render galaxy cluster description as markdown - Merge pull request #7127 from JakubOnderka/server-setting-cleanup. [Jakub Onderka] chg: [internal] Cleanup code that is resposible for fetching setting - Merge pull request #7117 from JakubOnderka/keyboard-shortcuts. [Jakub Onderka] chg: [UI] Simplify keyboard-shortcuts.js - Merge pull request #7116 from JakubOnderka/page-visibility-api. [Jakub Onderka] chg: [UI] Use Page Visibility API - Merge pull request #7125 from JakubOnderka/fix-undefined-index. [Jakub Onderka] fix: [internal] Undefined index when importing from module - Merge pull request #7113 from JakubOnderka/optimise-loading-clusters. [Jakub Onderka] chg: [optimise] Faster loading galaxy cluster index - Merge branch '2.4' into develop. [iglocska] v2.4.140 (2021-03-03) --------------------- New ~~~ - [test] Password change. [Jakub Onderka] - [server shell] list servers, fixes #7115. [iglocska] - simple human readable listing - kept the old weird JSON producing listServers intact - [oidc] Readme. [Jakub Onderka] - [security] Content-Security-Policy support. [Jakub Onderka] - [CLI] check if updates are done yet or not. [iglocska] usage: - /var/www/MISP/app/Console/cake Admin updatesDone [blocking] - returns True or False based on whether it is done - When the blocking parameter is set, it will not return until all updates are done - [api] When creating object, allow to mark tag as local. [Jakub Onderka] - [type] new dkim and dkim-signature attribute type. [Alexandre Dulaunoy] - [objectReference] Allow adding reference across extended events. [mokaddem] Fix #6255 - [UI] Event locks for background jobs and automatic tools. [Jakub Onderka] - [UI] Show tag info in taxonomy view. [Jakub Onderka] - [sync] Compressed requests support. [Jakub Onderka] - [security] Security audit. [Jakub Onderka] - [oidc] OpenID Connect authentication. [Jakub Onderka] - [devshell] added a new shell for developer related tasks. [iglocska] - 1 task currently, cleanFeedDefault - runs some cleanup on the feed definition file to remove local IDs etc - [object] Allows updating from an unknown object templates. [mokaddem] Changes ~~~~~~~ - [csp] Add Security.csp_enforce to server setting. [Jakub Onderka] - [csp] Report only by default. [Jakub Onderka] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] Fix tests. [Raphaël Vinot] - [PyMISP] Bump before release. [Raphaël Vinot] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] - [UI] fix keyboard shortcut manager popup triangle. [Jeroen Pinoy] - [UI] Add small description of what event block rules do. [Jeroen Pinoy] - [sighting] Simplified sighting deletion. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] - [genericForm] added description field to the explanation. [iglocska] - Add small description of what org blocklist does. Fix #4363. [Jeroen Pinoy] - [oidc] Use first match as user role. [Jakub Onderka] - [UI] correct edit org blocklist entries view. [Jeroen Pinoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [UI] Disable sync XHR. [Jakub Onderka] - [ineternal] Opimise GalaxyCluster::fetchGalaxyClusters when full is True. [Jakub Onderka] - [UI] Put type under name for object add form. [Jakub Onderka] - [UI] Nicer Object pre-save review. [Jakub Onderka] - [UI] Make different forms nicer. [Jakub Onderka] - [internal] Check missing taxonomies at one place. [Jakub Onderka] - [internal] New method Taxonomy::splitTagToComponents. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Add can access check for correlation exclusions menu entry. [Jeroen Pinoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [js] Use proper message when remote server returns 401. [Jakub Onderka] - [internal] Faster fetching galaxy clusters when fetching event. [Jakub Onderka] - [UI] Remove authors from galaxy cluster popover. [Jakub Onderka] - [UI] Do not create links for galaxy cluster source popover. [Jakub Onderka] Links are not clickable in popovers - [UI] Do not show refs for galaxy cluster popover, becasue links are not clickable. [Jakub Onderka] - [UI] Do not show description if is empty for galaxy cluster popover. [Jakub Onderka] - [galaxy] Make Galaxy cluster description optional. [Jakub Onderka] - [server] DBSchemaDiagnostic consider nullable inconsistencies as critical. [mokaddem] - [genericPicker] Allow using picker for galaxy matrixes. [mokaddem] - [objectReference] Renamed function. [mokaddem] - [events:eventGraph] Improved hull algorithm and UI. [mokaddem] - [js] Move code from template to misp.js. [Jakub Onderka] - [internal] Faster Event::removeOlder method used when pulling from remote server. [Jakub Onderka] - [internal] Simplified ServersController::serverSettings. [Jakub Onderka] - Use a more suitable Sighting creation function as recommended, grab the Org ID from the user if present. [Tom King] - Add in ability to update sightings against each attribute from a POSTed MISP Event. [Tom King] - [feed] Simplified code for loading feeds. [Jakub Onderka] - [restResponse] Return role_id along with its name. [mokaddem] - [objectReference] Added objectReference/view endpoint. [mokaddem] - [dashboard] added to the root level of the top menu. [iglocska] - [internal] Make Redis connection static. [Jakub Onderka] - [internal] Faster updating taxonomies. [Jakub Onderka] Fix ~~~ - [csp] Incorrect variable name. [Jakub Onderka] - [csp] Custom policies. [Jakub Onderka] - [Sharing groups] capturing a sharing group correctly ignores the incoming data's active flag when editing. [iglocska] - based on PR #7101 by @lfortemps - [sync] prevent local tags from being pulled. [Golbark] - [email_otp] Trim value for increased UX. [Loïc Fortemps] - [sharing groups] fixed regression with updating local sharing groups. [iglocska] - [comments] updated for two recent changes in the code. [iglocska] - [sharing groups] Allow users to see events they own, even if their organisation is not explicitly mentioned in the SG. [iglocska] - however, show a clear message that this is the case - in-line with the rest of the ACL - [security] sharing group all org flag too lax. [iglocska] - the all org flag was used as a trigger to make the sharing group obejct itself viewable to all local organisations - even if the all org flag was set for an instance other than the local one - as reported by Jeroen Pinoy - [tag index] remove sorting on count fields. [iglocska] - doesn't work anyway - [galaxyCluster] Revoke relations on sync. [mokaddem] - Relationships are now re-build from scratch for the cluster being sync - This cancels any modification done locally (which should not have happened in the first place) - [galaxyClusterRelations] Bump cluster's timestamp after performing CRUD on relations. [mokaddem] - [pull] invalid internal vs external server lookup when deciding whether to pull local tags. [iglocska] - [sharing group] saving fixed. [iglocska] invalid boolean operator when encoding the local org - [email_otp] skip OTP for disabled users. [Loïc Fortemps] - [internal] Empty object when getting event info for event report. [Jakub Onderka] - [internal] Correctly save log. [Jakub Onderka] - [Sharing group] refactored and fixed. [iglocska] - include own org in pulled sharing groups (to avoid implicit inclusion not being visible after a pull) - refactor the pulling method to be more maintainable - avoid pulling proposals/sightings on each event cherry pick - [internal] Incorrect tag three components split. [Jakub Onderka] - [UI] Fetch GalaxyElements for event index. [Jakub Onderka] - [UI] Pagination for event reports in event view. [Jakub Onderka] - [internal] Bad 7085. [Jakub Onderka] - [internal] Bad merge that prevents language change. [Jakub Onderka] - [sync] Undefined index when pushing sightings. [Jakub Onderka] - [internal] perm_tag_editor can just create tags. [Jakub Onderka] - [internal] Include cluster elements for user interface. [Jakub Onderka] - [internal] Really disable password change. [Jakub Onderka] - [sync] Fixed a critical issue causing sharing groups to lose orgs/instance information on sync when using non sync users on a pull. [iglocska] - Ui _ function does not exist, l10n function is __ [Patrizio Tufarolo] - Syntax error in constructTaxonomyInfo() [Fredrik Soderblom] - [server] Add application/x-pie-executable to the list of accepted mimetypes in testForBinExec. [Patrizio Tufarolo] - [schema feed] remove non-required fields in feed format. [Alexandre Dulaunoy] - [API] password reset was broken for admins. [iglocska] - [tools] misp-wipe updated list of table to truncate. [mokaddem] - [js] Use error callback for relevant ajax calls. [Jakub Onderka] - [js] Remove async default value. [Jakub Onderka] - [galaxy] GalaxyClusterRelation doesn't have Org and Orgc. [Jakub Onderka] - [restsearch] fixed a bug introduced via the new page/limit filters. [iglocska] - [caching] monkey-patching a client side MISP bug causing the caching to loop endlessly. [iglocska] - MISP caching can run into an endless loop if errors are returned for whatever reason - This patch handles the specific case when the remote MISP requests an attribute range for caching that has an offset beyond the highest ID (should never happen) - It's a dirty fix but should have nearly no impact on performance whilst resolving the issue - [server] Caching a server ensures that the returned data is an actual UUID. [mokaddem] - [ACL] opened up postTest to all roles. [Andras Iklody] - [securityAudit] Display python version. [mokaddem] - [dashboard] Saving an invalid JSON when importing templates shows an error. [mokaddem] - [galaxy] Missing variable when editing relation. [Jakub Onderka] - [attributes] full_group_by fix for statistics. Fix #7014. [mokaddem] - [event] Fix retreiving selected referenced element data. [mokaddem] - [event] Provide text for missing referenced elements. [mokaddem] - The event might not contain the referenced elements if they belong to an extended event - [events:eventGraph] Make sure to include event_id for attribute nodes. [mokaddem] - [post] Do not send emails to disabled user for new posts. [Jakub Onderka] - [UI] Attribute create button nicer. [Jakub Onderka] - [internal] Remove unused ServerTag. [Jakub Onderka] - [internal] Remove unused layouts. [Jakub Onderka] - [internal] Remove unused roboto font. [Jakub Onderka] - [UI] Remove unnecessary CSS from default template. [Jakub Onderka] - [restClient] Make sure to split value on strings. [mokaddem] Fix #7032 - [objectReference] Make sure to bump timestamp. [mokaddem] - [objectReference] Make sure to save source_uuid field as well. [mokaddem] - [Event] Correctly save references after sync. [mokaddem] - [galaxy] Fix undefined variable when capturing clusters. [Jakub Onderka] - [feed defaults] Removed some required properties in the validation schema. [mokaddem] - Propoerties like IDs are instance dependant and therefore are not necessary - [dashboard] Saving an invalid JSON shows an error. [mokaddem] Fix #6975 - [feed defaults] removed a bunch of feeds and clarified the description of some, fixes #7006. [iglocska] - [UI] Galaxy pagination. [Jakub Onderka] - [feed] edit ignored changes to the header, fixes #6780. [iglocska] - [UI] Showing date and time in user profile. [Jakub Onderka] - [UI] Object template pagination. [Jakub Onderka] - [feeds] feed edit ignored the headers field, ffixes #6780. [iglocska] - Allow cluster authors to be an actual array. [Tom King] - Allow 'hard' param in POSTed body for deleting a cluster, send back a proper message. [Tom King] Other ~~~~~ - Merge pull request #7149 from JakubOnderka/csp-setting. [Jakub Onderka] chg: [csp] Add Security.csp_enforce to server setting - Merge pull request #7145 from JakubOnderka/fix-change-pw. [Jakub Onderka] new: [test] Password change by org admin - Merge pull request #7147 from JakubOnderka/fix-csp-again. [Jakub Onderka] fix: [csp] Incorrect variable name - Merge branch 'jakub' into 2.4. [iglocska] - Merge pull request #7142 from JakubOnderka/fix-csp. [Jakub Onderka] fix: [csp] Custom policies - Merge branch 'develop' into 2.4. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6661 from cudeso/2.4. [Andras Iklody] Azure Active Directory Authentication - Avoid "TODO" in the README to avoid CodeFactor. [Koen Van Impe] - Azure Active Directory Authentication. [Koen Van Impe] - Merge pull request #7100 from lfortemps/local-tags-fix. [Andras Iklody] Prevent pulling local tags - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7130 from Wachizungu/fix-shortcut-manager- triangle-popup. [Andras Iklody] chg: [UI] fix keyboard shortcut manager popup triangle - Merge pull request #7114 from Wachizungu/add-short-event-block-rule- explanation. [Andras Iklody] chg: [UI] Add small description of what event block rules do - Merge pull request #6736 from JakubOnderka/sighting-deletion. [Andras Iklody] chg: [sighting] Simplified sighting deletion - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7059 from adammchugh/patch-1. [Andras Iklody] Inclusion of full-name under person - Inclusion of full-name under person. [adammchugh] Proposing the inclusion of full-name under person to allow for better capture and correlation of full names of identified persons in events. Particularly where there are multiple identities within an event which may create confusion with multiple first-name and last-name entries. - Merge pull request #7080 from StefanKelm/2.4. [Andras Iklody] Update resolved_misp_format.ctp - Update resolved_misp_format.ctp. [StefanKelm] slight rewording - Merge pull request #7092 from lfortemps/patch-2. [Andras Iklody] fix: [email_otp] Trim value for increased UX - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7094 from JakubOnderka/oidc-readme. [Jakub Onderka] new: [oidc] Readme - Merge pull request #7106 from Wachizungu/add-short-org-blocklist- explanation. [Alexandre Dulaunoy] chg: [UI] Add small description of what org blocklist does. Fix #4363 - Merge pull request #7105 from JakubOnderka/oidc-roles. [Jakub Onderka] chg: [oidc] Use first match as user role - Merge pull request #7107 from Wachizungu/change-edit-org-blocklist- view-title. [Jakub Onderka] chg: [UI] correct edit org blocklist entries view - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #7091 from Golbark/patch-1. [Alexandre Dulaunoy] fix: [email_otp] skip OTP for disabled users - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #7095 from JakubOnderka/event-report-empty-objects. [Jakub Onderka] fix: [internal] Empty object when getting event info for event report - Merge pull request #7097 from JakubOnderka/csp. [Jakub Onderka] new: [security] Content-Security-Policy support - Merge pull request #7102 from JakubOnderka/disable-sync-xhr. [Jakub Onderka] chg: [UI] Disable sync XHR - Merge pull request #7090 from JakubOnderka/fix-saving-log. [Jakub Onderka] fix: [internal] Correctly save log - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7089 from JakubOnderka/fix-tag-split. [Jakub Onderka] fix: [internal] Incorrect tag three components split - Merge pull request #7083 from JakubOnderka/event-index-galaxy- elements. [Jakub Onderka] fix: [UI] Fetch GalaxyElements for event index - Merge pull request #7088 from JakubOnderka/event-report-pagination. [Jakub Onderka] fix: [UI] Pagination for event reports in event view - Merge pull request #7087 from JakubOnderka/fix-7085. [Jakub Onderka] fix: [internal] Bad 7085 - Merge pull request #7085 from JakubOnderka/optimise-cluster-fetch. [Jakub Onderka] Optimise cluster fetch - Merge pull request #7084 from JakubOnderka/fix-bad-merge-lang. [Jakub Onderka] fix: [internal] Bad merge that prevents language change - Merge pull request #7049 from JakubOnderka/ui-form-fixes. [Jakub Onderka] chg: [UI] Make different forms nicer - Merge pull request #7079 from JakubOnderka/fix-sightings-pushing. [Jakub Onderka] fix: [sync] Undefined index when pushing sightings - Merge pull request #7078 from JakubOnderka/missing-taxonomies. [Jakub Onderka] Missing taxonomies - Merge pull request #7069 from JakubOnderka/tag-edit-delete. [Jakub Onderka] fix: [internal] perm_tag_editor can just create tags - Merge pull request #7073 from JakubOnderka/include-cluster-meta. [Jakub Onderka] fix: [internal] Include cluster elements for user interface - Merge pull request #7065 from JakubOnderka/disable-password-change. [Jakub Onderka] fix: [internal] Really disable password change - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7056 from Wachizungu/add-can-access-check-for- menu-entry-correlation-exclusions. [Jakub Onderka] chg: [UI] Add can access check for correlation exclusions menu entry - Merge pull request #7070 from fsoderblom/fix-syntaxerror. [Andras Iklody] fix: syntax error in constructTaxonomyInfo() - Update misp-wipe.sql. [Raphaël Vinot] Rename whitelist -> allowedlist / blacklist -> blocklist - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #7037 from Wachizungu/add-list-auth-keys-button-to- global-menu. [Alexandre Dulaunoy] Adds 'List Auth Keys' button to Administration in global menu - Adds 'List Auth Keys' button to Administration in global menu. [Jeroen Pinoy] - Merge pull request #7052 from patriziotufarolo/patch-1. [Alexandre Dulaunoy] fix: [server] Add application/x-pie-executable to the list of accepted mimetypes in testForBinExec - Merge pull request #7053 from eCrimeLabs/2.4. [Alexandre Dulaunoy] Fix for ZeroMQ - #7040 and #7039 - Fix for #7040 and #7039. [eCrimeLabs] The following commit contains the fix for ZeroMQ only listening on 0.0.0.0 - Merge pull request #7033 from MISP/fix-misp-wipe. [Andras Iklody] fix: [tools] misp-wipe updated list of table to truncate - Merge pull request #7048 from JakubOnderka/xhr-401-handling. [Jakub Onderka] XHR 401 handling - Merge pull request #7055 from JakubOnderka/fast-event-galaxies. [Jakub Onderka] chg: [internal] Faster fetching galaxy clusters when fetching event - Merge pull request #7057 from JakubOnderka/tag-local. [Jakub Onderka] new: [api] When creating object, allow to mark tag as local - Merge pull request #7050 from JakubOnderka/cluster-relation. [Jakub Onderka] fix: [galaxy] GalaxyClusterRelation doesn't have Org and Orgc - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7027 from JakubOnderka/galaxy-view-mini. [Jakub Onderka] Galaxy view mini - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7029 from JakubOnderka/galaxy-cluster-description. [Jakub Onderka] chg: [galaxy] Make Galaxy cluster description optional - Merge pull request #7043 from JakubOnderka/cluster-relattion-missing- var. [Jakub Onderka] fix: [galaxy] Missing variable when editing relation - Merge branch 'feature-reference-for-extended-event' into develop. [mokaddem] - Merge branch 'develop' into feature-reference-for-extended-event. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #6742 from JakubOnderka/post-user-disabled. [Jakub Onderka] fix: [post] Do not send emails to disabled user for new posts - Merge pull request #6925 from JakubOnderka/event-locks. [Jakub Onderka] new: [UI] Event locks for background jobs and automatic tools - Merge pull request #6943 from JakubOnderka/ui-create-button. [Jakub Onderka] fix: [UI] Attribute create button nicer - Merge pull request #7002 from JakubOnderka/code-cleanup. [Jakub Onderka] fix: [UI] Remove unnecessary CSS from default template - Merge pull request #7034 from JakubOnderka/taxonomy-tag-info. [Jakub Onderka] new: [UI] Show tag info in taxonomy view - Merge pull request #6906 from JakubOnderka/compressed-requests. [Jakub Onderka] new: [sync] Compressed requests support - Merge pull request #6871 from JakubOnderka/faster-pull. [Jakub Onderka] chg: [internal] Faster Event::removeOlder method used when pulling - Merge pull request #6741 from JakubOnderka/security-diagnostics. [Jakub Onderka] new: [security] Security diagnostics - Merge pull request #6938 from tomking2/feature/attribute_sightings. [Jakub Onderka] [API] Update attribute sightings from REST POST - Merge remote-tracking branch 'upstream/2.4' into feature/attribute_sightings. [Tom King] - Merge branch '2.4' into feature/attribute_sightings. [Tom King] - Merge pull request #6984 from JakubOnderka/oidc. [Jakub Onderka] new: [oidc] OpenID Connect authentication - Merge pull request #7020 from JakubOnderka/feed-saving-simplified. [Jakub Onderka] chg: [feed] Simplified code for saving feed - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'fix-sync-object-relations' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-sync-object- relations. [mokaddem] - Merge pull request #7035 from JakubOnderka/galaxy-fix-undefined- variable. [Jakub Onderka] fix: [galaxy] Fix undefined variable when capturing clusters - Merge branch 'tomking2-bug/galaxy_cluster' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into tomking2-bug/galaxy_cluster. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7017 from JakubOnderka/fix-galaxies-pagination. [Jakub Onderka] fix: [UI] Galaxy pagination - Merge pull request #7015 from JakubOnderka/redis-static. [Jakub Onderka] chg: [internal] Make Redis connection static - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7016 from JakubOnderka/fix-user-view-time. [Jakub Onderka] fix: [UI] Showing date and time in user profile - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #7008 from JakubOnderka/update-taxnomies-faster. [Jakub Onderka] chg: [internal] Faster updating taxonomies - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7007 from JakubOnderka/object-template. [Jakub Onderka] fix: [UI] Object template - Merge branch '2.4' into develop. [iglocska] - Merge remote-tracking branch 'upstream/2.4' into bug/galaxy_cluster. [Tom King] v2.4.139 (2021-02-16) --------------------- New ~~~ - [widget] Eventstream widget and index widget UI added. [iglocska] - EventStream - add a lightweight event index to your dashboard - configure filters for the events you're interested in (tags, orgs, published) - set the number of events to display (limit) - set the list of fields it should display (id, orgc, info, tags, threat_level, analysis, date) - Index widget UI - uses the generic index builder - build simple index like UIs - [event] Added supports of eventReport coming from modules. [mokaddem] - [modules] Export module can specify event fetch options. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - [array lookup index field] updatd to work correctly. [iglocska] - [event model] fetchEvent() now accepts page/limit/order as parameters. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [events] Enables index search for object. Fix #6961. [mokaddem] - [organisation] "International" typo fixed + Europe added. [Alexandre Dulaunoy] Notes TODO: Improve the selection using the region galaxy in addition to country galaxy - [installer] Updated installer Checksums. [Steve Clement] - [installer] The installer is compatible with Ubuntu 21.04 LTS. [Steve Clement] - [LogsController] add missing EventReport in log search. [Alexandre Dulaunoy] - [organisation] "International" typo fixed + Europe added. [Alexandre Dulaunoy] Notes TODO: Improve the selection using the region galaxy in addition to country galaxy - [UI] Make event preview nicer. [Jakub Onderka] - [UI] Highlight column for roles table. [Jakub Onderka] - [internal] Faster updating warninglist. [Jakub Onderka] - [UI] Allow filter enabled/disabled warninglists. [Jakub Onderka] - [internal] Small optimisation for filterEventIds. [Jakub Onderka] - [internal] Use RestResponse for filterEventIdsForPush. [Jakub Onderka] - [internal] Update moment javascript library. [Jakub Onderka] - [internal] Update composer to 2.0.9. [Jakub Onderka] - [UI] Use TimeHelper for datetime formatting. [Jakub Onderka] - [internal] Refactor TagsController::view. [Jakub Onderka] - [event fetcher] add limit and page parameters to the event fetcher. [iglocska] - [connection test] clarified that read only users can pull. [iglocska] - Reduced error level to "orange" - Added a clarification that they can still pull Fix ~~~ - [dashboard] removed training example left in the code. [iglocska] - restricted new module to only 3 user IDs - [event index] changed the galaxy cluster field width. [iglocska] - no longer looks like it was sandwiched between two semis - [UI] Escaping in row_attribute. [Jakub Onderka] - [internal] Field name in HttpSocketExtended. [Jakub Onderka] - [breakOnDuplicate] on event add fixed, fixes #6917. [iglocska] - add breakOnDuplicate on the event level as a flag - {"Event":{"breakOnDuplicate":1, "info": "foo", ...}} - correctly handle 2 equal objects added to the same event in memory - [auto logout] disabled. [iglocska] - this crap just causes issues and is pretty pointless - [event] `merge from` feature correctly saves object relations. Fix #6969. [mokaddem] - [event] Includes eventReport when using the `merge from` feature. [mokaddem] - [dashboard] Typo breakig the dashboards fixed. [iglocska] - [eventreport] add fixed to avoid ID collisions. [iglocska] - [STIX] fix typo in message. [Alexandre Dulaunoy] - [events] Attach cluster from matrix in multiselect. Fix #6956. [mokaddem] - [eventTimeline] Refrsh attribute index when dragging. Fix #6958. [mokaddem] - [STIX] fix typo in message. [Alexandre Dulaunoy] - [taxonomy] Hide unselectable tags by default. Fix #6912. [mokaddem] - [event] Publishing to pub/sub queues includes all tags. [mokaddem] - [internal] Bad variable. [Jakub Onderka] - [UI] Undefined variables in authkeys view. [Jakub Onderka] - [idTranslator] Distinguish between not found and unreachable. [Jakub Onderka] - [UI] Broken checkboxes for role permissions. [Jakub Onderka] - [internal] GalaxyCluster::getCluster also accepts ID. [Jakub Onderka] - Correctly show hidden tags in tag-list. [marjatech] - [UI] Attach correct count of enabled taxonomy tags. [Jakub Onderka] - [UI] Remove right margin from form seen input. [Jakub Onderka] - [feed] Feed name is required. [Jakub Onderka] - [internal] idTranslator could show invalid results. [Jakub Onderka] - [generic_picker] Improved perfs by adding a debounce for redrawing results. [mokaddem] - [logs] aded eventgraph to log search. [iglocska] - [UI] Undefined variables in authkeys view. [Jakub Onderka] - [galaxyClusters:view_relation_tree] Fix inital draw of the tree. [mokaddem] - Declare variables before assigning value - Elasticsearch complains when an IP is an empty string. [Tom King] - [tag collections] typo causing tag collections to break completely fixed. [iglocska] - [bro] export fixed. [iglocska] - invalid group by statement removed Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #7012 from JakubOnderka/row-attribute-escaping. [Jakub Onderka] fix: [UI] Escaping in row_attribute - Merge pull request #7011 from JakubOnderka/http-socket-fied-name. [Jakub Onderka] fix: [internal] Field name in HttpSocketExtended - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #7009 from SteveClement/guides. [Steve Clement] chg: [installer] The installer is compatible with Ubuntu 21.04 LTS - Merge pull request #7001 from JakubOnderka/nicer-event-preview. [Jakub Onderka] chg: [UI] Make event preview nicer - Merge pull request #7004 from JakubOnderka/bad-variable. [Jakub Onderka] fix: [internal] Bad variable - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #6999 from JakubOnderka/authkey-undefined- variables. [Jakub Onderka] fix: [UI] Undefined variables in authkeys view - Merge pull request #6997 from JakubOnderka/id-translator-fixes. [Jakub Onderka] fix: [idTranslator] Distinguish between not found and unreachable - Merge pull request #6995 from JakubOnderka/fix-role-edit-view. [Jakub Onderka] fix: [UI] Broken checkboxes for role permissions - Merge pull request #6996 from JakubOnderka/highlight-column-role. [Jakub Onderka] chg: [UI] Highlight column for roles table - Merge pull request #6994 from JakubOnderka/get-cluster-id. [Jakub Onderka] fix: [internal] GalaxyCluster::getCluster also accepts ID - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #6993 from JakubOnderka/warninglist-index. [Jakub Onderka] chg: [UI] Allow filter enabled/disabled warninglists - Merge pull request #6816 from JakubOnderka/filter-event-ids- optimisation. [Jakub Onderka] chg: [internal] Small optimisation for filterEventIds - Merge pull request #6872 from JakubOnderka/rest-response-filter-event. [Jakub Onderka] chg: [internal] Use RestResponse for filterEventIdsForPush - Merge pull request #6898 from JakubOnderka/export-module-fetch- options. [Jakub Onderka] new: [modules] Export module can specify event fetch options - Merge pull request #6937 from marjatech/fix_list_hidden_tags. [Jakub Onderka] fix: correctly show hidden tags in tag-list - Merge pull request #6992 from JakubOnderka/taxonomy-attach-real-count. [Jakub Onderka] fix: [UI] Attach correct count of enabled taxonomy tags - Merge branch '2.4' into develop. [mokaddem] - Merge pull request #6989 from JakubOnderka/moment-update. [Jakub Onderka] chg: [internal] Update moment javascript library - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #6985 from JakubOnderka/form-seen-fix. [Jakub Onderka] fix: [UI] Remove right margin from form seen input - Merge pull request #6986 from JakubOnderka/feed-name-required. [Jakub Onderka] fix: [feed] Feed name is required - Merge pull request #6983 from JakubOnderka/composer-update-2. [Jakub Onderka] chg: [internal] Update composer to 2.0.9 - Merge pull request #6982 from JakubOnderka/time-helper. [Jakub Onderka] chg: [UI] Use TimeHelper for datetime formatting - Merge pull request #6980 from JakubOnderka/tag-view-refactor. [Jakub Onderka] chg: [internal] Refactor TagsController::view - Merge pull request #6977 from JakubOnderka/fix-idTranslator. [Jakub Onderka] fix: [internal] idTranslator could show invalid results - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6988 from tomking2/bug/elasticsearch_ip. [Alexandre Dulaunoy] fix: Elasticsearch complains when an IP is an empty string v2.4.138 (2021-02-08) --------------------- New ~~~ - [settings] Allow to use ThreatLevel.name for alert filter. [Jakub Onderka] - [test] Update github actions build to Ubuntu 20.04. [Jakub Onderka] - [internal] Cidr tool for faster checking CIDR ranges. [Jakub Onderka] - [objectTemplate] Allow fetching the raw template stored on disk by UUID or name. [mokaddem] - [PHP] version notification. [iglocska] - 8.0 is not supported, let users know in a more obvious way Changes ~~~~~~~ - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [iglocska] - Bump PyMISP & version. [Raphaël Vinot] - [ACLComponent] Added new galaxy element endpoints. [mokaddem] - [tools] Removed useless library. [mokaddem] - [galaxyClusters:view_relation] Reuse already fetched relations. [mokaddem] - [galaxyElement] Added individual deletion and JSON flattening/expanding. [mokaddem] - [misp.js] Allow index filtering without searchbox. [mokaddem] - [galaxyElements] Migrated galaxy element index to generic factory. [mokaddem] - [galaxyElement] Added draft of element flattening and unflattening. [mokaddem] - [internal] Optimise fetching trending tags widget. [Jakub Onderka] - [internal] Cache warninglist for eight hours. [Jakub Onderka] - [UI] Make toggle buttons nicer. [Jakub Onderka] - [internal] Optimise correlation exclusion. [Jakub Onderka] - [internal] Optimise CidrTool. [Jakub Onderka] - [PyMISP] Bump, update deps (reportlab release removed) [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [objecTemplate:getRaw] Refactored and optimized feature. [mokaddem] - [eventReports:delete] Make delete/restore call consistent with other models. [mokaddem] - [internal] Raise memory limit for TmptFileTool to 5 MB. [Jakub Onderka] - [internal] Generate event to TmpFile. [Jakub Onderka] - [eventReports:delete] Accept hard flag to be passed in POST body. [mokaddem] - Bumped queryversion. [mokaddem] - [eventReports] Improved manual extraction layout. [mokaddem] - [export:csv] Added support of decaying model. Fix #6734. [mokaddem] - [console:admin] Improved feedback when updating object templates. Fix #6715. [mokaddem] - [objects:delete] Support of hard flag in posted body. Fix #6689. [mokaddem] - [PyMISP] bump to latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] fixes to misp-modules. [Steve Clement] - [misp-modules] some reqs are not in sync, fixing manually. [Steve Clement] - [installer] Update to latest installer. [Steve Clement] - [misp-objects] updated to the latest. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [cake] Make misp-after-installer less yellow. [Steve Clement] - [misp-galaxy] updated (RSIT galaxy added) [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Bumped queryversion. [mokaddem] - [objects:delete] Support of hard flag in posted body. Fix #6689. [mokaddem] - Bumped queryversion. [mokaddem] Fix ~~~ - [zmq/kafka] attribute edits should include non exportable attributes. [iglocska] - [UI] notice resolved on the feed index. [iglocska] - [internal] Do not throw warning when user don't have collections. [Jakub Onderka] - [galaxyCluster] Delete elements if field is empty. [mokaddem] - [galaxyCluster] Integrated changes of improved index factory. [mokaddem] - [CLI] Check user existence. [Jakub Onderka] - [UI] passedArgs should be JSON encoded. [Jakub Onderka] - [widget] Typo in MispSystemResourceWidget. [Jakub Onderka] - [internal] First check if attribute value is valid composite, then run other checks. [Jakub Onderka] - [internal] Bump CakePHP to 2.10.24. [Jakub Onderka] - [internal] Bump PyMISP. [Jakub Onderka] - [UI] Nicer forms. [Jakub Onderka] - [internal] Fix some warnings. [Jakub Onderka] - [logs:event] Added missing line breaks. [mokaddem] - [log] Allow to filter logs by org name. [Jakub Onderka] - [acl] Added missing ACL entry. [mokaddem] - [objectTemplate:update] Typo instance variable. [mokaddem] - [shadowAttributes:viewPicture] Allows shadow attribute's pictures to be displayed. [mokaddem] - [attributes:viewPicture] Allow viewing pictures of deleted attributes. [mokaddem] - [events:eventGraph] Deleted object reference are no longer shown in the graph. [mokaddem] - Fix #6487 - [UI] Allow to download attachments from attribute index. [Jakub Onderka] - [internal] Remove compact method call that do nothing. [Jakub Onderka] - [eventReport:getProxyElement] Prevent crash if viewing a report for an extended event. [mokaddem] - Make sure merging array happens in existing keys - [server:recoveyQuery] Only add `unsigned` when applicable. Fix #6762. [mokaddem] - Correctly compare return value of strpos - [UI] Show proper unit for diagnostics. [Jakub Onderka] - [servers:rest] Speed up rest client and improved reactivity. [mokaddem] - Added debounce when typing - Only update query builder when its displayed - [warninglists:index] Fixed URL for ID. [mokaddem] - [UI] Remote event preview. [Jakub Onderka] - [stix2 import] Fixed pattern parsing. [chrisr3d] - Stripping patterns to avoid issue with space characters at the beginning or at the end of the patterns - [UI] hard-delete option missing for soft-deleted objects. [iglocska] - [internal] timestmaping when adding clusters to attributes wasn't working. [iglocska] - added it as a quick fix, should be moved in the future to a more generic place - [extended event] layout broken, fixes #6946. [iglocska] - [internal] Capturing sightings for attributes. [Jakub Onderka] - [kali] Fixed Kali installer, now only works on 2020.4 and higher. [Steve Clement] - [breakOnDuplicate] invalid placement return, affects #6917. [iglocska] - as reported by @github-germ - [UI] Allow to sort feeds by name. [Jakub Onderka] - [eventReport:edit] Editing event via /events/edit should work as expected. [mokaddem] - Correct call to editReport - Force local ID to match provided UUID - [dashboards] saving the dashboard state failed due to uninitialised model. [Andras Iklody] - [events:eventTimeline] Correctly restore elements after changing context or group. [mokaddem] - Fix #6885 - [events:eventGraph] Makes additions and editions of nodes working as expected. [mokaddem] Fix #6877 - Bump PyMISP, make gh actions happy. [Raphaël Vinot] - [eventReport:getProxyElement] Prevent crash if viewing a report for an extended event. [mokaddem] - Make sure merging array happens in existing keys - [server:recoveyQuery] Only add `unsigned` when applicable. Fix #6762. [mokaddem] - Correctly compare return value of strpos - [servers:rest] Speed up rest client and improved reactivity. [mokaddem] - Added debounce when typing - Only update query builder when its displayed - [warninglists:index] Fixed URL for ID. [mokaddem] - [diagnostics] complain about PHP >= 8.0. [iglocska] Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #6939 from JakubOnderka/warnings-fix. [Jakub Onderka] fix: [internal] Do not throw warning when user don't have collections - Merge branch 'feature-galaxy-element-tree-view' into develop. [mokaddem] - Merge remote-tracking branch 'origin/develop' into feature-galaxy- element-tree-view. [mokaddem] - Merge branch 'develop' into feature-galaxy-element-tree-view. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature-galaxy- element-tree-view. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-galaxy- element-tree-view. [mokaddem] - Merge pull request #6973 from JakubOnderka/check-user-existence. [Jakub Onderka] fix: [CLI] Check user existence - Merge pull request #6971 from JakubOnderka/threat-level-notification- filter. [Jakub Onderka] new: [settings] Allow to use ThreatLevel.name for alert filter - Merge pull request #6948 from JakubOnderka/fix-passed-args. [Jakub Onderka] fix: [UI] passedArgs should be JSON encoded - Merge pull request #6962 from JakubOnderka/trending-tags-optimisation. [Jakub Onderka] chg: [internal] Optimise fetching trending tags widget - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [chrisr3d] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #6964 from JakubOnderka/attribute-validation-order. [Jakub Onderka] fix: [internal] First check if attribute value is valid composite - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #6950 from JakubOnderka/bump-cakephp. [Jakub Onderka] fix: [internal] Bump CakePHP to 2.10.24 - Merge pull request #6949 from JakubOnderka/bump-pymisp-v2. [Jakub Onderka] fix: [internal] Bump PyMISP - Merge pull request #6944 from JakubOnderka/warninglist-cache-raise. [Jakub Onderka] chg: [internal] Cache warninglist for eight hours - Merge pull request #6935 from JakubOnderka/event-toggle-buttons. [Jakub Onderka] chg: [UI] Make toggle buttons nicer - Merge pull request #6894 from JakubOnderka/github-actions-os. [Jakub Onderka] new: [test] Update github actions build to Ubuntu 20.04 - Merge pull request #6888 from JakubOnderka/form-ui-fixes. [Jakub Onderka] fix: [UI] Nicer forms - Merge pull request #6927 from JakubOnderka/correlation-exclusion- optimise. [Jakub Onderka] chg: [internal] Optimise correlation exclusion - Merge pull request #6926 from JakubOnderka/faster-cidr-tool. [Jakub Onderka] chg: [internal] Optimise CidrTool - Merge pull request #6899 from marjatech/smime-signature. [Andras Iklody] fix: generate S/MIME Signature in DETACHED mode - Switch S/MIME Signature generation to DETACHED mode. [marjatech] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #6924 from JakubOnderka/cidr-tool. [Jakub Onderka] new: [internal] Cidr tool for faster checking CIDR ranges - Merge pull request #6922 from JakubOnderka/warnings-fixes. [Jakub Onderka] fix: [internal] Fix some warnings - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #6889 from JakubOnderka/log-org-filter. [Jakub Onderka] fix: [log] Allow to filter logs by org name - Merge branch 'feature-getRawObjectTemplate' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into feature- getRawObjectTemplate. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #6873 from JakubOnderka/event-output. [Jakub Onderka] Event output - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' into develop. [mokaddem] - Merge pull request #6900 from JakubOnderka/attribute-index-attachment- download. [Jakub Onderka] fix: [UI] Allow to download attachments from attribute index - Merge pull request #6737 from JakubOnderka/remove-compat. [Andras Iklody] fix: [internal] Remove compact method call that do nothing - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [mokaddem] - Merge pull request #6890 from JakubOnderka/php-diagnostics-unit. [Jakub Onderka] fix: [UI] Show proper unit for diagnostics - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge pull request #6881 from JakubOnderka/remote-event-preview-fix. [Jakub Onderka] fix: [UI] Remote event preview - Merge pull request #6976 from StefanKelm/2.4. [Jakub Onderka] Update Server.php - Update Server.php. [StefanKelm] wording - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6951 from JakubOnderka/fix-sighting-capture. [Jakub Onderka] fix: [internal] Capturing sightings for attributes - Merge pull request #6953 from SteveClement/guides. [Steve Clement] chg: [misp-modules] some reqs are not in sync, fixing manually. - Merge pull request #6952 from SteveClement/guides. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into guides. [Steve Clement] - Merge pull request #6916 from JakubOnderka/feed-sort. [Jakub Onderka] fix: [UI] Allow to sort feeds by name v2.4.137 (2021-01-21) --------------------- New ~~~ - [UI] Show event count in server popover for comparison. [Jakub Onderka] - [object add] make add event / edit event breakOnDuplicate aware. [iglocska] - cull objects that would be duplicates - cache the fetching of existing objects to speed up the query - thanks to @github-germ for the suggested fixes to the duplicate checking to accomodate this patch - [API] update command got new branch parameter. [iglocska] - instruct the update process to be prepended by a checkout of a given branch - passed via a URL parameter (/servers/update/branch:develop) OR - passed via a JSON object ({"branch": "develop"}) - [server] Compare server events overlap. [Jakub Onderka] - [internal] New ability to get JSON data from event preview. [Jakub Onderka] - [doc] Added doc about how to change the installer generator. [Steve Clement] - [taxonomy] Importing taxonomy in machinetag format by REST API. [Jakub Onderka] - [UI] Show link to event preview for ID translator. [Jakub Onderka] - [idTranslator] Allow check event on different servers from event view. [Jakub Onderka] - [UI] Show sharing groups in org view. [Jakub Onderka] - [sync] Enable compression for server sync. [Jakub Onderka] - [feed] Support brotli compression. [Jakub Onderka] - [correlation] added system to exclude certain values from the correlation engine. [iglocska] - simply add values at /exclude_correlations - new values coming in will not correlate if they trip over the values listed there - to remove existing correlations run the cleaner tool on the above endpoint - values can be 1:1 matches, or substring searches (denoted with a leading, ending, or both '%') - https://www.google.com/% will match anything starting with https://www.google.com/ - %google.com% will match anything that contains google.com - [UI] Allow to sort orgs by number of orgs. [Jakub Onderka] - [sighting] New setting that will allow users to see host org sightings. [Jakub Onderka] - [UI] Show tag description if tag belongs to taxonomy. [Jakub Onderka] - [internal] New model method find('column') [Jakub Onderka] - [security] Check org list when accessing distribution graph. [Jakub Onderka] - [security] Test for hide_organisations_in_sharing_groups setting. [Jakub Onderka] - [security] Setting to hide orgs form sharing group view. [Jakub Onderka] - [internal] Allow to output directly TmpFileTool. [Jakub Onderka] - [UI] Show number of unique IPs for key usage. [Jakub Onderka] - [UI] Show last key usage in index table. [Jakub Onderka] - [UI] Show information about key expiration in server list. [Jakub Onderka] - [security] Cancel API session right after auth key is deleted. [Jakub Onderka] - [security] Put information about key expiration into response header. [Jakub Onderka] - [security] Allow to set key validity. [Jakub Onderka] - [security] New setting Security.username_in_response_header. [Jakub Onderka] - [test] Check when `MISP.authkey_keep_session` is true. [Jakub Onderka] - [internal] Show auth key usage in key view page. [Jakub Onderka] - [internal] Allow to log authkey usage in Redis. [Jakub Onderka] - [rest] Allow to search sightings by event or attribute UUID. [Jakub Onderka] - [UI] Download GPG public key from GPG homedir. [Jakub Onderka] - [type] favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan. [Alexandre Dulaunoy] - [Statistics shell] Added new statistics shell. [iglocska] - (R)etrieval (o)f (m)etrics (m)atrix (e)xtended (f)or (s)tatistics - run it via /var/www/MISP/app/Console/cake Statistics rommelfs Changes ~~~~~~~ - [VERSION] bump. [iglocska] - Bump PyMISP version. [Raphaël Vinot] - [pgp] default pgp key server updated to openpgp.circl.lu. [Alexandre Dulaunoy] openpgp.circl.lu is the replacement keyserver of pgp.circl.lu - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - Add authenticode support in generate_file_objects. [Raphaël Vinot] - [PyMISP] Bump package (new lief). [Raphaël Vinot] - [internal] Faster fetching galaxy clusters by REST API. [Jakub Onderka] - [internal] Simplified code for index and event preview. [Jakub Onderka] - [internal] Remove deprecated Set class calls. [Jakub Onderka] - [internal] Optimise fetching tags for event index API requests. [Jakub Onderka] - [internal] Optimise filter event index window. [Jakub Onderka] - [UI] Simplified event ajax index template. [Jakub Onderka] - [UI] Generate pagination just once. [Jakub Onderka] - [internal] Fetch user email just when user is site admin. [Jakub Onderka] - [internal] Optimise appending tags to events. [Jakub Onderka] - [internal] Do not fetch unnecessary fields. [Jakub Onderka] - [internal] Do not fetch full clusters for rest event index. [Jakub Onderka] - [internal] Optimise fetching tags for rest client. [Jakub Onderka] - [internal] Optimise fetching event index by API. [Jakub Onderka] - [UI] Optimise fetching tags for picker. [Jakub Onderka] - [misp-warninglists] updated. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated installer. [Steve Clement] - [doc] Considered $DBHOST. [Steve Clement] - [UI] Optimise loading taxonomy tags for for tagging form. [Jakub Onderka] - [sync] Simplified fetching version from remote server. [Jakub Onderka] - [taxonomy] Faster fetching event and attribute counts for tag. [Jakub Onderka] - [installer] Update to latest. [Steve Clement] - [git] Made the checkouts more proxy friendly. [Steve Clement] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [idTranslator] Allow to use from GET request. [Jakub Onderka] - [idTranslator] Check also servers that we push. [Jakub Onderka] - [UI] Optimise generic picker. [Jakub Onderka] - [UI] Faster paginator for index table. [Jakub Onderka] - [UI] Faster event paginator. [Jakub Onderka] - [internal] Remove unnecessary Attribute::defaultCategories array. [Jakub Onderka] - [internal] Call array_values method just when necessary. [Jakub Onderka] - [internal] Use strict comparison for in_array. [Jakub Onderka] - [internal] Generate server settings just when need. [Jakub Onderka] - [internal] Generate type definitions just when required. [Jakub Onderka] - [UI] Deduplicate sightings form. [Jakub Onderka] - [internal] Optimise sightings saving. [Jakub Onderka] - [UI] Make server index view nicer. [Jakub Onderka] - [sync] Optimise version compatibility checking to save sql queries. [Jakub Onderka] - [sync] Return content encoding in postTest. [Jakub Onderka] - [sync] Convert connection timeout to exception. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [optimisation] Faster Tag::fetchSimpleEventsForTag method. [Jakub Onderka] - [optimisation] Faster fetching attributes with tags. [Jakub Onderka] - [optimisation] Decode JSON input from request just once. [Jakub Onderka] - [internal] Remove unused methods. [Jakub Onderka] - [distribution-graph] Optimise loading. [Jakub Onderka] - [internal] Use find('column') on more places. [Jakub Onderka] - [internal] Do not load sightings for event log. [Jakub Onderka] - [taxonomies] updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [internal] Use find('column') on more places. [Jakub Onderka] - [internal] Optimise loading event correlation graph. [Jakub Onderka] - [UI] Use chosen when select contains more than 10 sharing groups. [Jakub Onderka] - [role] Do not allow delete role when is still assigned to user. [Jakub Onderka] - [UI] Show cancel button for event report filter. [Jakub Onderka] - [UI] Merge roles index and admin_index. [Jakub Onderka] - [UI] Rotate header for role index table. [Jakub Onderka] - [UI] Site admin redirects from role index to admin index. [Jakub Onderka] - [UI] Set dbclickAction for user index. [Jakub Onderka] - [UI] Go directly to edit mode after clicking to "Edit report" button. [Jakub Onderka] - [UI] Make event report page nicer. [Jakub Onderka] - [sighting] Faster and memory efficient rest search. [Jakub Onderka] - [log] Do not log request type logs to syslog. [Jakub Onderka] - [REST] Close session early for `authkey_keep_session` connections. [Jakub Onderka] - [test] Update testlive_security.py to new version. [Jakub Onderka] - [internal] Code cleanup. [Jakub Onderka] - [internal] Small optimisations. [Jakub Onderka] - [interna] AppController code cleanup. [Jakub Onderka] - [internal] Rename MISP.log_user_ips_auth -> MISP.log_user_ips_authkeys. [Jakub Onderka] - [internal] Move access monitoring to own method. [Jakub Onderka] - [internal] Force to update session data after database update. [Jakub Onderka] - [internal] Allow to reuse session for API requests. [Jakub Onderka] - [internal] Do not log full authkeys. [Jakub Onderka] - [internal] Simplify User::describeAuthFields. [Jakub Onderka] - [internal] Update role changes immediately. [Jakub Onderka] - [internal] Do not fetch user settings for User::getAuthUser. [Jakub Onderka] - [UI] Change description for user edit checkboxes. [Jakub Onderka] - [internal] Load just necessary info when loading homepage info. [Jakub Onderka] - [internal] Load user role info from session data. [Jakub Onderka] - [internal] Move user checks to one place. [Jakub Onderka] - [UI] Convert taxonomies to default view. [Jakub Onderka] - [sync] When pushing event to remote server, request back just metadata. [Jakub Onderka] - [eventReport] Load tags in one call. [Jakub Onderka] - [shibb] Better log messages for ApacheShibbAuthenticate. [Jakub Onderka] - [sighting] Optimise bulk sighting saving. [Jakub Onderka] - [debug] cleanup. [iglocska] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [taxonomies] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [PyMISP] updated. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [doc] From Travis to GH action. [Alexandre Dulaunoy] - [veracode] removed. [Alexandre Dulaunoy] - [installer] Latest update. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] update to latest. [Steve Clement] - [fix] typo. [Steve Clement] - [doc] OpenBSD 6.8 update. [Steve Clement] - [php] Added 2 missing modules. [Steve Clement] - [doc] Added new default flags. [Steve Clement] Fix ~~~ - [helper:genericPicker] Adding object from pill selector - Prevents double encoding of the passed data. [mokaddem] - [login] Correctly convert old password hash to blowfish. [Jakub Onderka] - [login] Convert old password hash to blowfish. [Jakub Onderka] - [update] fixed due to issues introduced with the branch flag. [iglocska] - [security] Reflective XSS in the RestClient. [mokaddem] - [security] XSS in the user homepage favourite button. [iglocska] - navigating to a url in MISP with the URL containing a javascript payload would cause the execution of reflected xss - automatically sanitised by modern browsers, but still confirmed via raw curl fetches - [security] XSS via galaxy cluster element values for reference types could contain javascript links. [iglocska] - ref type elements are automatically converted to links. A user would have to click a javascript: link for it to trigger, it's still too risky to keep as is - only urls starting with http:// and https:// are converted from here on - As reported by Patrik Kontura from ESET - [security] Stored XSS in the galaxy cluster view. [iglocska] - Galaxy cluster names were vulnerable to XSS injection - As reported by Patrik Kontura of ESET - [security] Require password confirmations by default. [iglocska] - the setting is optional, but the default should be that it's required unless disabled - As reported by Patrix Kontura from ESET - [UI] Nicer first and last seen form. [Jakub Onderka] - [log] Correctly handle limit and page params. [Jakub Onderka] - [internal] Group for getting sightings for tag. [Jakub Onderka] - [taxonomy] Support unicode chars in tag names. [Jakub Onderka] - [S/MIME] don't sign e-mails if no signing key is set. [iglocska] - fixes e-mails not going out on instances where no signing key was provided - [server] Handle case when checking CLI version is not possible. [Jakub Onderka] - [object] the optional blocking of duplicates fixed for objects including malware samples. [iglocska] - also looping the attributes through the pre-validation massaging ensures that attributes modified by it are correctly compared - [objects] breakonduplicate fixed. [iglocska] - [sighting] Order must contain group for some mysql servers. [Jakub Onderka] - [UI] Make event paginator universal. [Jakub Onderka] - [UI] Remove nonsense paginator options. [Jakub Onderka] - [UI] Chosen autofocus. [Jakub Onderka] - [internal] Remove unused method isOwnedByOrg. [Jakub Onderka] - [internal] Remove duplicate array definition. [Jakub Onderka] - [rest] Allow to edit roaming mode of sharing group. [Jakub Onderka] - [dbSchema] Update to v65. [Jakub Onderka] - MIssing dependency. [Raphaël Vinot] - Call the security test suite properly. [Raphaël Vinot] - Remove call to python script out of the virtenv. [Raphaël Vinot] - [S/MIME] don't sign e-mails if no signing key is set. [iglocska] - fixes e-mails not going out on instances where no signing key was provided - [inernal] Remove duplicates from server correlations. [Jakub Onderka] - [internal] Attaching warninglist for feed event preview without attributes. [Jakub Onderka] - [UI] Multiple popovers for cluster relations. [Jakub Onderka] - [UI] Change role name for admin view and add title. [Jakub Onderka] - [UI] Redirect after add role modal to index page. [Jakub Onderka] - [UI] Cancelling search didn't work for index table. [Jakub Onderka] - [UI] Add Object works again for all databases. [Jakub Onderka] - [UI] Remove unnecessary padding from form. [Jakub Onderka] - [UI] Correctly show contributors in event view. [Jakub Onderka] - [UI] Fix attribte search in event view. [Jakub Onderka] - [UI] Show error message when galaxy info couldn't be loaded. [Jakub Onderka] - [sighting] Grouping sighting fetch for tags. [Jakub Onderka] - [sighting] Order must contain group for some mysql servers. [Jakub Onderka] - [UI] Move debug mode variable before setting database connection. [Jakub Onderka] - [monitoring] Do not encode payload, it is string. [Jakub Onderka] - [UI] Enable quick filter for auth keys. [Jakub Onderka] - [UI] Auth Key index and view changes and fixes. [Jakub Onderka] - [UI] Days to expire count. [Jakub Onderka] - [security] Do not return hashed authentication key after creation. [Jakub Onderka] - [internal] Check if setting value is scalar. [Jakub Onderka] - [security] Auth key must be always random generated at server side. [Jakub Onderka] - [security] Do not allow to use API key authenticated session to do non API calls. [Jakub Onderka] - [internal] Remove unused variables. [Jakub Onderka] - [internal] Remove unused $user siteadmin variable. [Jakub Onderka] - [UI] Use generic style for taxonomy view. [Jakub Onderka] - [UI] Autofocus generic picker. [Jakub Onderka] - [UI] Replace GnuPG with PGP. [Jakub Onderka] - [UI] Empty field for galaxy 'Forked From' and 'Forked By' [Jakub Onderka] - [UI] Use correct font for Show all. [Jakub Onderka] - [UI] Send request just when opening event detail windows. [Jakub Onderka] - [eventReport] Smarter extractWithReplacements. [Jakub Onderka] - [eventReport] Replace defanged values. [Jakub Onderka] - [eventReport] Notice when galaxy value is not separated by ` - ` [Jakub Onderka] - [stix2 import] Checking if attack-pattern, course-of-action and vulnerability names are known galaxies before importing them as MISP object. [chrisr3d] - [tags] truncate tag names that are too long. [Andras Iklody] Otherwise we run into issues on the DB level anyway. For the future, perhaps change the field length. - [installer] Typo. [Steve Clement] - [search] don't append the same quicksearch value more than once in the URL. [iglocska] - [statistics] Local org flag fixed to show the correct count. [iglocska] - [mistake in a comment fixed] [iglocska] - [internal] sharing_group graph missing org_ids - throwing notices. [iglocska] - [internal] further promises removed from the galaxy model. [iglocska] - easier than getting people to stop using EOL software - [installer] type in php-bcmath package. [Steve Clement] - [installer] forgot to add sfv. [Steve Clement] - [internal] removed function promises in crud component. [iglocska] - to appease EOL php versions... - [delegation] invalid user call. [iglocska] Other ~~~~~ - Merge pull request #6896 from JakubOnderka/fix-old-password-convert. [Jakub Onderka] fix: [login] Correctly convert old password hash to blowfish - Merge branch 'old-hash-transfer' into 2.4. [Christophe Vandeplas] - Merge branch '2.4' into develop. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' into 2.4. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #6880 from JakubOnderka/server-compare-count. [Jakub Onderka] new: [UI] Show event count in server popover for comparison - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge remote-tracking branch 'origin/2.4' into develop. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #6879 from JakubOnderka/first-seen-input-format. [Jakub Onderka] fix: [UI] Nicer first and last seen form - Merge pull request #6870 from JakubOnderka/galaxy-cluster-rest-search. [Jakub Onderka] chg: [internal] Faster fetching galaxy clusters by REST API - Merge pull request #6860 from JakubOnderka/log-fix. [Jakub Onderka] fix: [log] Correctly handle limit and page params - Merge pull request #6874 from JakubOnderka/preview-server. [Jakub Onderka] Preview server - Merge pull request #6869 from JakubOnderka/event-index-tags. [Jakub Onderka] chg: [internal] Optimise fetching tags for event index API requests - Merge pull request #6868 from JakubOnderka/event-index-rest-optim. [Jakub Onderka] Event index rest optim - Merge pull request #6867 from JakubOnderka/event-index-rest-optim. [Jakub Onderka] chg: [internal] Optimise fetching event index by API - Merge pull request #6866 from JakubOnderka/fix-bad-merge. [Jakub Onderka] fix: [internal] Group for getting sightings for tag - Merge pull request #6863 from JakubOnderka/tag-fetching-optimisation. [Jakub Onderka] chg: [UI] Optimise fetching tags for picker - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [iglocska] - Merge pull request #6865 from SteveClement/guides. [Andras Iklody] chg: [doc] Considered $DBHOST - Merge pull request #6858 from SteveClement/guides. [Steve Clement] new: [doc] Added doc about how to change the installer generator - Merge pull request #6862 from JakubOnderka/tag-chose-optimise. [Jakub Onderka] chg: [UI] Optimise loading taxonomy tags for for tagging form - Merge pull request #6861 from JakubOnderka/taxonomy-unicode. [Jakub Onderka] fix: [taxonomy] Support unicode chars in tag names - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #6854 from JakubOnderka/server-pull-version. [Jakub Onderka] chg: [sync] Simplified fetching version from remote server - Merge pull request #6851 from JakubOnderka/taxonomy-import. [Jakub Onderka] new: [taxonomy] Importing taxonomy in machinetag format by REST API - Merge pull request #6853 from JakubOnderka/server-diagnostic-fix. [Jakub Onderka] fix: [server] Handle case when checking CLI version is not possible - Merge branch '2.4' into develop. [iglocska] - Merge pull request #6835 from MISP/dependabot/pip/lxml-4.6.2. [Alexandre Dulaunoy] build(deps): bump lxml from 4.3.3 to 4.6.2 - Build(deps): bump lxml from 4.3.3 to 4.6.2. [dependabot[bot]] Bumps [lxml](https://github.com/lxml/lxml) from 4.3.3 to 4.6.2. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](https://github.com/lxml/lxml/compare/lxml-4.3.3...lxml-4.6.2) - Merge pull request #6825 from StefanKelm/2.4. [Alexandre Dulaunoy] Update index.ctp - Update index.ctp. [StefanKelm] Tinies of typos... - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6826 from SteveClement/guides. [Steve Clement] chg: [git] Made the checkouts more proxy friendly - Fix git urls to https (users behind proxy) [Alexandre Dulaunoy] Fix git urls to https (users behind proxy) - Merge pull request #6849 from JakubOnderka/id-translator-preview-link. [Jakub Onderka] new: [UI] Show link to event preview for ID translator - Merge pull request #6833 from JakubOnderka/id-translator-push. [Jakub Onderka] chg: [idTranslator] Check also servers that we push - Merge pull request #6845 from JakubOnderka/generic-picker- optimisation. [Jakub Onderka] chg: [UI] Optimise generic picker - Merge pull request #6841 from JakubOnderka/paginator-fix. [Jakub Onderka] Paginator fix - Merge pull request #6843 from JakubOnderka/choosen-autofocus-fix. [Jakub Onderka] fix: [UI] Chosen autofocus - Merge pull request #6842 from JakubOnderka/small-optims. [Jakub Onderka] Small optims - Merge pull request #6840 from JakubOnderka/translate-optimisation. [Jakub Onderka] Translate optimisation - Merge pull request #6839 from JakubOnderka/deduplicate-sighting-form. [Jakub Onderka] chg: [UI] Deduplicate sightings form - Merge pull request #6809 from JakubOnderka/optimise-sightings-saving. [Jakub Onderka] chg: [internal] Optimise sightings saving - Merge pull request #6827 from JakubOnderka/sharing_groups_org. [Jakub Onderka] new: [UI] Show sharing groups in org view - Merge pull request #6830 from JakubOnderka/sg-roaming-edit. [Jakub Onderka] fix: [rest] Allow to edit roaming mode of sharing group - Merge pull request #6837 from JakubOnderka/db-schema. [Jakub Onderka] fix: [dbSchema] Update to v65 - Merge pull request #6831 from JakubOnderka/server-view-ui. [Jakub Onderka] chg: [UI] Make server index view nicer - Merge pull request #6828 from JakubOnderka/check-version- compatibility-optim. [Jakub Onderka] chg: [sync] Optimise version compatibility checking to save sql queries - Merge pull request #6822 from JakubOnderka/server-sync-compression. [Jakub Onderka] new: [sync] Enable compression for server sync - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge pull request #6821 from JakubOnderka/http-socket-brotli. [Jakub Onderka] new: [feed] Support brotli compression - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge pull request #6820 from MISP/Rafiot-patch-6. [Raphaël Vinot] [Test] Run the security suite from the virtualenv - [Test] Run the security suite from the virtualenv. [Raphaël Vinot] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch 'develop' of https://github.com/MISP/MISP into develop. [chrisr3d] - Merge pull request #6813 from JakubOnderka/feed-cache-deduplicate. [Jakub Onderka] fix: [inernal] Remove duplicates from server correlations - Merge pull request #6812 from JakubOnderka/feed-warninglist. [Jakub Onderka] fix: [internal] Attaching warninglist for feed event preview without … - Merge pull request #6811 from JakubOnderka/attach-tags-to-attributes. [Jakub Onderka] Attach tags to attributes - Merge pull request #6810 from JakubOnderka/json-decode-just-once. [Jakub Onderka] chg: [optimisation] Decode JSON input from request just once - Merge pull request #6804 from JakubOnderka/optimisations-vol2. [Jakub Onderka] Optimisations vol2 - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #6797 from JakubOnderka/optimisations. [Jakub Onderka] Optimisations - Merge pull request #6745 from JakubOnderka/user-sort. [Jakub Onderka] User sort - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #6772 from JakubOnderka/sighting-policy-host-org. [Jakub Onderka] new: [sighting] New setting that will allow users to see host org sig… - Merge pull request #6778 from JakubOnderka/tag-info. [Jakub Onderka] Tag info popover - Merge pull request #6749 from JakubOnderka/hide-orgs-from-sg. [Jakub Onderka] Hide orgs from sharing group view - Merge pull request #6788 from JakubOnderka/ui-fixes. [Jakub Onderka] UI fixes - Merge pull request #6789 from JakubOnderka/sighting-tag-group. [Jakub Onderka] Sighting tag group - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch 'develop' of github.com:MISP/MISP into develop. [Alexandre Dulaunoy] - Merge pull request #6497 from JakubOnderka/experimental-cake-tmp- response. [Jakub Onderka] - Merge pull request #6787 from JakubOnderka/sighting-rest-optim. [Jakub Onderka] chg: [sighting] Faster and memory efficient rest search - Merge pull request #6786 from JakubOnderka/sighting-bug-6773. [Jakub Onderka] fix: [sighting] Order must contain group for some mysql servers - Merge pull request #6581 from JakubOnderka/newsread-loading. [Jakub Onderka] chg: [internal] Move user checks to one place - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Alexandre Dulaunoy] - Merge branch '2.4' into develop. [Steve Clement] - Merge pull request #6782 from JakubOnderka/taxonomies-view. [Jakub Onderka] chg: [UI] Convert taxonomies to default view - Merge pull request #6760 from JakubOnderka/sighting-rest-uuid. [Jakub Onderka] new: [rest] Allow to search sightings by event or attribute UUID - Merge pull request #6781 from JakubOnderka/another-ui-fixes. [Jakub Onderka] Another UI fixes - Merge pull request #6776 from JakubOnderka/event-push-metadata. [Jakub Onderka] chg: [sync] When pushing event to remote server, request back just me… - Merge pull request #6779 from JakubOnderka/event-report-extract-fix. [Jakub Onderka] Event report extract fix - Merge pull request #6755 from JakubOnderka/shibb-log-messages. [Jakub Onderka] chg: [shibb] Better log messages for ApacheShibbAuthenticate - Merge pull request #6759 from JakubOnderka/bulk-sighting-saving-optim. [Jakub Onderka] chg: [sighting] Optimise bulk sighting saving - Merge pull request #5234 from JakubOnderka/gpg_key_footer. [Jakub Onderka] new: [UI] Download GPG public key from GPG homedir - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6747 from legoguy1000/ja3_zeek_intel_rules. [Alexandre Dulaunoy] Create JA3 Hash Zeek Intel Rules - JA3 Zeek Intel Rules. [Alex Resnick] - Merge pull request #6799 from simonflood/patch-1. [Alexandre Dulaunoy] INSTALL.rhel8.md - update EoL for CentOS 8 - INSTALL.rhel8.md - update EoL for CentOS 8. [Simon Flood] Maintenance for CentOS 8 will now end on 31 December 2021 - Merge pull request #6795 from sdenel/patch-2. [Alexandre Dulaunoy] Typo in Server.php: currenty -> currently - Typo in Server.php. [Simon DENEL] - Veracode added. [Alexandre Dulaunoy] - CodeQL added. [Alexandre Dulaunoy] - HandlerSSL should be true. [Alexandre Dulaunoy] - Merge pull request #6785 from StefanKelm/2.4. [Alexandre Dulaunoy] Typos - Update indexForEvent.ctp. [StefanKelm] - Update importReportFromUrl.ctp. [StefanKelm] - Merge pull request #6783 from FafnerKeyZee/patch-1. [Alexandre Dulaunoy] Add the possibility to have a '-' in the baseurl - Add the possibility to have a '-' in the baseurl. [Fafner [_KeyZee_]] With the actual regex in testBaseURL, we can not have a '-' inside the BaseURL, I did a quick fix - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6767 from SteveClement/guides. [Steve Clement] - Merge pull request #6764 from Natsec/patch-1. [Andras Iklody] Typo caused fail of dependency installation - Typo caused fail of dependency installation. [Kamil] Hello, During installation, I would get the following error : ```shell Cloning into '/var/www/MISP/app/files/scripts/python-cybox'... remote: Enumerating objects: 343, done. remote: Counting objects: 100% (343/343), done. remote: Compressing objects: 100% (191/191), done. remote: Total 14731 (delta 180), reused 253 (delta 152), pack-reused 14388 Receiving objects: 100% (14731/14731), 7.39 MiB | 3.10 MiB/s, done. Resolving deltas: 100% (10487/10487), done. ERROR: Invalid requirement: '/var/www/MISP/app/files/scripts/CybOXProject/python-cybox' Hint: It looks like a path. File '/var/www/MISP/app/files/scripts/CybOXProject/python-cybox' does not exist. apt is maybe locked, waiting 3 seconds. Cloning into '/var/www/MISP/app/files/scripts/python-stix'... remote: Enumerating objects: 298, done. remote: Counting objects: 100% (298/298), done. remote: Compressing objects: 100% (215/215), done. remote: Total 13777 (delta 190), reused 155 (delta 83), pack-reused 13479 Receiving objects: 100% (13777/13777), 5.78 MiB | 2.58 MiB/s, done. Resolving deltas: 100% (10076/10076), done. ERROR: Invalid requirement: '/var/www/MISP/app/files/scripts/STIXProject/python-stix' Hint: It looks like a path. File '/var/www/MISP/app/files/scripts/STIXProject/python-stix' does not exist. apt is maybe locked, waiting 3 seconds. Cloning into '/var/www/MISP/app/files/scripts/python-maec'... remote: Enumerating objects: 59, done. remote: Counting objects: 100% (59/59), done. remote: Compressing objects: 100% (39/39), done. remote: Total 4472 (delta 32), reused 40 (delta 20), pack-reused 4413 Receiving objects: 100% (4472/4472), 1.29 MiB | 1.90 MiB/s, done. Resolving deltas: 100% (2992/2992), done. ERROR: Invalid requirement: '/var/www/MISP/app/files/scripts/MAECProject/python-maec' Hint: It looks like a path. File '/var/www/MISP/app/files/scripts/MAECProject/python-maec' does not exist. apt is maybe locked, waiting 3 seconds. Cloning into '/var/www/MISP/app/files/scripts/mixbox'... remote: Enumerating objects: 39, done. remote: Counting objects: 100% (39/39), done. remote: Compressing objects: 100% (26/26), done. remote: Total 1055 (delta 20), reused 27 (delta 13), pack-reused 1016 Receiving objects: 100% (1055/1055), 278.98 KiB | 901.00 KiB/s, done. Resolving deltas: 100% (696/696), done. ERROR: Invalid requirement: '/var/www/MISP/app/files/scripts/CybOXProject/mixbox' Hint: It looks like a path. File '/var/www/MISP/app/files/scripts/CybOXProject/mixbox' does not exist. ``` Making the modification fixed the installation of the dependencies. Best regards, Kamil v2.4.136 (2020-12-16) --------------------- New ~~~ - [CLI] Import events with compressed file support. [Jakub Onderka] Useful for importing big files - [UI] Find org images also by uuid and support SVG images. [Jakub Onderka] - [UI] Make possible to filter users by active/disabled. [Jakub Onderka] - [UI] Show number of events for sharing group. [Jakub Onderka] - [test] View org page. [Jakub Onderka] - [UI] Allow to search in sharing group list. [Jakub Onderka] - [security] Test if user can see sharing groups. [Jakub Onderka] - [factories] generic confirmation UI factory added. [iglocska] - [Cerebrates] added Cerebrate sync functionality. [iglocska] - add/modify cerebrate links - preview cerebrate instanes for organisations - fetch organisations from cerebrate - ingests new organisations and updates existing ones - More to come in the future - [Cerebrate] db update added. [iglocska] - [view factories rework] [iglocska] indextable: - org lookup field cleaned up and made more resilient - remote status: status field for checking of the local vs remote state of objects added - pagination system updated to allow for ajax pagination - random named container added for the index table's scaffolding side menu: - added cerebrate options side panels: - new factory type added for side panel elements (for the usual 2:1 split views) - added logo element single views: - child reworked to use the accordion element - added side panel support - [auth] Allow to enforce auth plugin authentication. [Jakub Onderka] - [shibb] Test for organisation UUID HTTP header. [Jakub Onderka] - [shibb] Allow to get organisation UUID from HTTP headers. [Jakub Onderka] - [test] Test for ApacheShibbAuth. [Jakub Onderka] - [test] Security test suite. [Jakub Onderka] - [security] New setting to check `Sec-Fetch-Site` header. [Jakub Onderka] - [security] Add new `Security.disable_browser_cache` option to disable saving data to browser cache. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - [UI] Nicer galaxy cluster view. [Jakub Onderka] - [UI] Nicer icon for discussion reply. [Jakub Onderka] - [UI] Move org UUID after ID to match other page style. [Jakub Onderka] - [UI] Add cancel for sharing group search. [Jakub Onderka] - [UI] Nicer title when creating event report. [Jakub Onderka] - [security] For `hide_organisation_index_from_users` hide orgs that make contribution that user cannot see. [Jakub Onderka] - [composer] Add ext-rdkafka as suggested dependency. [Jakub Onderka] - [UI] Use PGP instead of GnuGP, GnuPG is implementation. [Jakub Onderka] - [UI] Hide some fields from user profile and use better description. [Jakub Onderka] - [internal] HEAD check if org exists. [Jakub Onderka] - [internal] Simplified SharingGroup::checkIfOwner method. [Jakub Onderka] - [internal] Load orgs just when it is necessary. [Jakub Onderka] - [UI] Use standardised view for sharging group. [Jakub Onderka] - [composer] Raise minimal PHP version to 7.2 and disable support for 8.0. [Jakub Onderka] - [shibb] Newly created org should be local. [Jakub Onderka] - [galaxyClusters:view_relation_tree] Adjust height based on the number of nodes. [mokaddem] - [actions] added develop branch. [iglocska] - [ACL] cerebrate added to the ACL. [iglocska] - [querystring] bump. [iglocska] - [image] added cerebrate logo. [iglocska] - [js] runIndexQuickFilter changes. [iglocska] - added optional url parameter to set a fixed URL to search from - added target parameter for ajax refreshes (target css selector) - added possibility to pass ordered parameters in addition to key value pairs - added ajax lookups - [Cerebrate] added to the global menu. [iglocska] - [synctool] added custom model support for the setuphttpsocket() function. [iglocska] - [CRUD component] call model functions in the afterfind. [iglocska] - added the option to either use anonymous functions or call model functions in the hook - fixed a bug with a missing modelname in the lookup scope for fields (carryover from cerebrate) - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [installer] Update to latest version. [Steve Clement] - [installer] Leveled installer out. [Steve Clement] - [installer] Update to latest. [Steve Clement] - [installer] More fixes to replayability. [Steve Clement] - [actions] added to the develop branch. [iglocska] - [UI] Normalize date format to match rest of MISP. [Jakub Onderka] - [installer] Update to latest. [Steve Clement] - [installer] misp-modules install refactor. [Steve Clement] - [installer] Refactor the core MISP checkout. [Steve Clement] - [installer] Update to latest. [Steve Clement] - [fmt] Make it look better. [Steve Clement] - [sighting] Support for postgres. [Jakub Onderka] - [tag] Simplified taxonomy handling. [Jakub Onderka] - [tag] Fetch event count for tags in one query. [Jakub Onderka] - [sighting] Speedup loading sighting for tags and galaxies. [Jakub Onderka] - [sighting] Speedups list all sightings. [Jakub Onderka] - [sighting] Reworked listing sightings. [Jakub Onderka] - [sighting] Sighting statistics. [Jakub Onderka] - [installer] Deploy latest. [Steve Clement] - [doc] The installer takes certain env_vars into account. [Steve Clement] - [installer] Deploy latest installer with automation fixes. [Steve Clement] - [installer] Removed expect, this will ease automation. [Steve Clement] - [internal] Fetch just necessary orgs and server object for sharing groups. [Jakub Onderka] - [misp-galaxy] MITRE ATT&CK updated. [Alexandre Dulaunoy] - [vhash] removed validation altogether. [Andras Iklody] - vhash is like a box of chocolates, you never know what you're going to get. - [internal] Better exception description for PGP key validation. [Jakub Onderka] - [PyMISP] Bump version, again. [Raphaël Vinot] - [PyMISP] Bump version. [Raphaël Vinot] - [internal] Attach event correlations in one call for attribute UI search. [Jakub Onderka] - [internal] Attach feed correlations in one call for attribute UI search. [Jakub Onderka] - [internal] Optimise attribute search in UI. [Jakub Onderka] - [internal] removed void return promise. [iglocska] - to make EOL php versions happy - [events:view] Possibility to fetch events without attachments via the API. [mokaddem] - [galaxyCluster:relationsTreeTool] Ignore duplicated cluster UUIDs. [mokaddem] - Some default clusters have the same UUID. They are the same entity but stored in a different cluster package. It should be addressed in the future Fix ~~~ - [UI] Contact form text. [Jakub Onderka] - [distribution graph] Graph doesn't work for non sync users when event is shared to sharing group. [Jakub Onderka] - [UI] Show correct sync org for sharing group view. [Jakub Onderka] - [UI] Change order for sg view. [Jakub Onderka] - [UI] Do not show authkey if advanced authkeys are enabled. [Jakub Onderka] - [UI] For accorddion external link do not propagate click. [Jakub Onderka] - [UI] Send email link should be visible just for admin view. [Jakub Onderka] - [UI] User search keeps filter. [Jakub Onderka] - [UI] Show correct menu for EventsController::importModule action. [Jakub Onderka] - [UI] For import show correct active menu. [Jakub Onderka] - [UI] For tags show actions just when user can permission to use them. [Jakub Onderka] - [UI] For Taxonomies show actions just when user can permission to use them. [Jakub Onderka] - [UI] Show correct menu for Contact Reporter page. [Jakub Onderka] - [UI] Remove unused All button from galaxy index. [Jakub Onderka] - [UI] Show feed cache buttons just to site admins. [Jakub Onderka] - [UI] For fail when uploading stix, show unit for maximum size. [Jakub Onderka] - [UI] Button border when adding thread port. [Jakub Onderka] - [UI] Show REST client menu item just when user has perm_auth. [Jakub Onderka] - [internal] Undefined variable $passedArgs. [Jakub Onderka] - [internal] Undefined variables when GitHub is not reachable. [Jakub Onderka] - [internal] Undefined variable me. [Jakub Onderka] - [UI] Better error message for permission denied. [Jakub Onderka] - [security] Do not leak org names when hide_organisation_index_from_users enabled. [Jakub Onderka] - [UI] Nicer error message for CSRF. [Jakub Onderka] - [internal] User should be able to see his org. [Jakub Onderka] - [UI] Toggle doesn't work with absolute URLs. [Jakub Onderka] - [UI] Confusing messages after object template is deleted. [Jakub Onderka] - [UI] Do not mention that STIX 2 export require library. [Jakub Onderka] This information can be useful just for site administrators, but not for users - [UI] Do not show REST client menu link when user don't have permission. [Jakub Onderka] - [UI] Do not show taxonomy delete menu link when user don't have permission. [Jakub Onderka] - [UI] Do not show proposals menu link when user don't have permission. [Jakub Onderka] - [UI] Do not show extend this event button when user don't have permission to do that. [Jakub Onderka] - [UI] Allow to access delegations index just when delegations are enabled. [Jakub Onderka] - [UI] Show `Add Cluster` in menu just when user has permission to add cluster. [Jakub Onderka] - [sighting] Make sure that correct columns are processed. [Jakub Onderka] - [rest-client] Do not raise exception for not site admin. [Jakub Onderka] - [UI] Link to role edit. [Jakub Onderka] - [UI] Show delete and edit button for SG just when user has permission. [Jakub Onderka] - [UI] Sort countries by name. [Jakub Onderka] - [db_schema] added cerebrate. [iglocska] - [baseurl] validation relaxed. [iglocska] - no more arbitrary junk blocking https://localhost - [communities] search fixed, context no longer defaults to "pending" which is an unknown value. [iglocska] - [authkey] fixed a bug causing recurring authkey lookups via model binding failing. [iglocska] - missing parameter caused the linking to be single use - [community] removed invalid filter field causing notice errors. [iglocska] - [custompagination tool] hardcoded modelname fixed. [iglocska] - [doc] Location typo fixed. [Alexandre Dulaunoy] - [pgp] Key info for older GPG versions. [Jakub Onderka] - [security] XSS in authkey comment field. [Jakub Onderka] - [sightings] Support mysql in sql_mode=only_full_group_by. [Jakub Onderka] - [security] Remove hashed advanced keys from response. [Jakub Onderka] - [bindmodel] added reset = false to the linking of users to authkeys. [Andras Iklody] - added reset = false in parameters (otherwise consecutive calls to the user model will not include the relation) - [UI] Correctly handle truncated values for import. [Jakub Onderka] - [UI] Favourite only for tags. [Jakub Onderka] - [installer] fi was forgotten, #hotfix. [Steve Clement] - [installer] sfv file was forgotten. [Steve Clement] - [internal] Remove unused method from AppController. [Jakub Onderka] - [csvExport] Prevent override when using `includeContext` parameter Fix #3774. [mokaddem] - [internal] Redis unlink method for old Redis versions. [Jakub Onderka] - [text export] cull duplicates after fetching the data. [iglocska] - pros: No more full group by exceptions Handles duplicate culling across internally paginated workloads - cons: The returned dataset's size will not always match the requested count as duplicates are culled - [authkey] only link the model if the instance is already updated. [iglocska] - [UI] user add. [iglocska] S/MIME label misaligned Other ~~~~~ - Merge branch 'develop' into 2.4. [iglocska] - Merge pull request #6754 from JakubOnderka/fix-contact-ui. [Jakub Onderka] fix: [UI] Contact form text - Merge pull request #6752 from JakubOnderka/distribution_graph_sg_fix. [Jakub Onderka] fix: [distribution graph] Graph doesn't work for non sync users - Merge pull request #6698 from JakubOnderka/small-ui-fixes. [Jakub Onderka] Small UI fixes - Merge pull request #6716 from JakubOnderka/cli-import. [Jakub Onderka] new: [CLI] Import events with compressed file support - Merge pull request #6730 from JakubOnderka/org-image-svg-uuid. [Jakub Onderka] new: [UI] Find org images also by uuid and support SVG images - Merge pull request #6746 from JakubOnderka/rest-client-menu- permission. [Jakub Onderka] Rest client menu permission - Merge pull request #6743 from JakubOnderka/undefined-me. [Jakub Onderka] fix: [internal] Undefined variables - Merge pull request #6744 from JakubOnderka/user-filter. [Jakub Onderka] new: [UI] Make possible to filter users by active/disabled - Merge pull request #6739 from JakubOnderka/error-message. [Jakub Onderka] fix: [UI] Better error message for permission denied - Merge pull request #6738 from JakubOnderka/hide-orgs-dont-leak. [Jakub Onderka] fix: [security] Do not leak org names - Merge pull request #6735 from JakubOnderka/error-message. [Jakub Onderka] fix: [UI] Nicer error message for CSRF - Merge pull request #6732 from JakubOnderka/hide-orgs-show-his-org. [Jakub Onderka] fix: [internal] User should be able to see his org - Merge pull request #6727 from JakubOnderka/fix-toggle-url. [Jakub Onderka] fix: [UI] Toggle doesn't work with absolute URLs - Merge pull request #6721 from JakubOnderka/org-can-see. [Jakub Onderka] chg: [security] For `hide_organisation_index_from_users` hide more orgs - Merge pull request #6725 from JakubOnderka/object-delete-ui. [Jakub Onderka] fix: [UI] Confusing messages after object template is deleted - Merge pull request #6724 from JakubOnderka/kafka-suggested-ext. [Jakub Onderka] Kafka suggested ext - Merge pull request #6707 from JakubOnderka/event-export-library- mention. [Jakub Onderka] fix: [UI] Do not mention that STIX 2 export require library - Merge pull request #6720 from JakubOnderka/permission-ui. [Jakub Onderka] Permission UI - Merge pull request #6719 from JakubOnderka/delegation-access. [Jakub Onderka] fix: [UI] Allow to access delegations index just when delegations are enabled - Merge pull request #6717 from JakubOnderka/sharing-group-events. [Jakub Onderka] new: [UI] Show number of events for sharing group - Merge pull request #6696 from JakubOnderka/user-profile-ui. [Jakub Onderka] chg: [UI] Hide some fields from user profile and use better description - Merge pull request #6695 from JakubOnderka/add-cluster-menu-view. [Jakub Onderka] fix: [UI] Show `Add Cluster` in menu just when user has permission to… - Merge branch 'develop' into add-cluster-menu-view. [Jakub Onderka] - Merge pull request #6676 from JakubOnderka/fix-sighting-columns. [Jakub Onderka] fix: [sighting] Make sure that correct columns are processed - Merge pull request #6694 from JakubOnderka/invalid-controller-name- fix. [Jakub Onderka] fix: [rest-client] Do not raise exception for non site admin - Merge pull request #6706 from JakubOnderka/role-edit-fix. [Jakub Onderka] fix: [UI] Link to role edit - Merge pull request #6699 from folbricht-stripe/s3-fix-writable-check. [Jakub Onderka] fix: Don't fail writable attachment dir test for S3 - Don't fail writable attachment dir test for S3. [Frank Olbricht] - Merge pull request #6703 from JakubOnderka/org-view. [Jakub Onderka] new: [test] View org page - Merge pull request #6700 from JakubOnderka/sg-view. [Jakub Onderka] Sharing group view - Merge pull request #6701 from JakubOnderka/security-sg-view. [Jakub Onderka] new: [security] Test if user can see sharing groups - Merge pull request #6662 from JakubOnderka/php-test. [Jakub Onderka] Disable PHP 8 support - Merge pull request #6693 from JakubOnderka/countries-order. [Jakub Onderka] fix: [UI] Sort countries by name - Merge pull request #6691 from JakubOnderka/shibb-new-org-local. [Jakub Onderka] chg: [shibb] Newly created org should be local - Merge branch 'develop' of github.com:MISP/MISP into develop. [iglocska] - Merge branch '2.4' into develop. [iglocska] - Merge branch '2.4' into cerebrate. [iglocska] - Merge pull request #6733 from legoguy1000/#6355-Suricata-JA3-Rules. [Alexandre Dulaunoy] Create JA3 Hash Suricata Rules - #6355 Create JA3 Hash Suricata Rules. [Alex Resnick] - Merge pull request #6697 from JakubOnderka/gpg-key-import-fix. [Jakub Onderka] fix: [pgp] Key info for older GPG versions - Merge pull request #6690 from JakubOnderka/xss-authkey-fix. [Jakub Onderka] fix: [security] XSS in authkey comment field - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6675 from SteveClement/guides. [Steve Clement] chg: [installer] Leveled installer out - Merge pull request #6674 from SteveClement/guides. [Steve Clement] chg: [installer] More fixes to replayability. - Merge pull request #6673 from JakubOnderka/news-date-format-change. [Jakub Onderka] chg: [UI] Normalize date format to match rest of MISP - Merge pull request #6672 from JakubOnderka/fix-full-group. [Jakub Onderka] fix: [sightings] Support mysql in sql_mode=only_full_group_by - Merge pull request #6656 from JakubOnderka/auth-plugin-enforce. [Jakub Onderka] new: [auth] Allow to enforce auth plugin authentication - Merge pull request #6669 from StefanKelm/2.4. [Andras Iklody] Update event-timeline.js - Update event-timeline.js. [StefanKelm] Few typos... - Merge pull request #6668 from SteveClement/guides. [Steve Clement] - Merge pull request #6665 from JakubOnderka/remove-hashed-keys. [Jakub Onderka] fix: [security] Remove hashed advanced keys from response - Merge pull request #6664 from SteveClement/guides. [Steve Clement] chg: [fmt] Make it look better - Merge pull request #6663 from JakubOnderka/fix-import-truncated- values. [Jakub Onderka] fix: [UI] Correctly handle truncated values for import - Merge pull request #6578 from JakubOnderka/sighting-statistics. [Jakub Onderka] - Merge pull request #6660 from SteveClement/guides. [Steve Clement] chg: [doc] The installer takes certain env_vars into account - Merge pull request #6658 from SteveClement/guides. [Steve Clement] chg: [installer] Removed expect, this will ease automation. - Merge pull request #6657 from JakubOnderka/app-controller-cleanup. [Jakub Onderka] fix: [internal] Remove unused method from AppController - Merge pull request #6633 from JakubOnderka/sg-fetching-optim. [Jakub Onderka] chg: [internal] Fetch just necessary orgs and server object for sg - Merge pull request #6624 from JakubOnderka/shibb-org-uuid. [Jakub Onderka] new: [shibb] Allow to get organisation UUID from HTTP headers - Merge pull request #6613 from JakubOnderka/security-tests. [Jakub Onderka] new: [test] Security test suite - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6081 from JakubOnderka/security_disable_browser_cache. [Jakub Onderka] new: [security] HTTP headers hardening - Merge pull request #6646 from JakubOnderka/gpg-key-validation. [Jakub Onderka] chg: [internal] Better exception description for PGP key validation - Merge pull request #6644 from JakubOnderka/fix-redis-unlink. [Jakub Onderka] fix: [internal] Redis unlink method for old Redis versions - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6634 from JakubOnderka/attribute-search- optimisation. [Jakub Onderka] chg: [internal] Optimise attribute search in UI v2.4.135 (2020-11-24) --------------------- New ~~~ - [datamodels] added jarm-fingerprint type. [Kory Kyzar] - [galaxyCluster:index] Added badge showing number of custom clusters. [mokaddem] - [UI] Allow to sort attributes or objects by first and last seen. [Jakub Onderka] - [diagnostic] Check extensions version. [Jakub Onderka] - [internal] JSON stream convert. [Jakub Onderka] - [eventReport] Report from event. [mokaddem] - Github action. [Raphaël Vinot] - [diagnostic] Show installed GnuPG version. [Jakub Onderka] - [user] Setting `disable_user_add` to disable user creation by org admins. [Jakub Onderka] - [user] Disabling password and login changes apply also for org admins. [Jakub Onderka] - [UI] Add `disable_user_password_change` and `disable_user_login_change` setting. [Jakub Onderka] - [user] Allow to disable user login change. [Jakub Onderka] - [user] Allow to disable user password change. [Jakub Onderka] - [authkey] generate authkeys automatically when creating users. [iglocska] - when using the new authkey system - [standardised delete] view factory added. [iglocska] - [advanced authkey] system. [iglocska] - [CRUD component] backport from Cerebrate. [iglocska] - [genericForm] system backport from Cerebrate. [iglocska] - [indextable] scaffolding added along with a list of improvements. [iglocska] - [advanced authkey] API key copy to the new system added to diagnostics. [iglocska] - [CRUD] component port from Cerebrate, initial version. [iglocska] - [indextable] factories added. [iglocska] - [js] submit form in place. [iglocska] - for popup forms, have the option to display the result directly in the popover - [generic templates] added with a single view for now (delete) [iglocska] - [Authkey] system added. [iglocska] - [SingleView factories] added. [iglocska] - [accordion] element added. [iglocska] - [advanced authkeys] toggle added. [iglocska] - [API] Fast check object or attribute existence by HEAD method. [Jakub Onderka] - [events] endpoint `runTaxonomyExclusivityCheck` for event elements. [mokaddem] - [rest] Allow to return just metadata after creating or editing event. [Jakub Onderka] - [API] Allow event existence check by HEAD method. [Jakub Onderka] - [GalaxyCluster] Added soft and hard deletion. [mokaddem] - [clusterBlocklist] Added initial blocklist similar to the event one. [mokaddem] - [galaxyCluster:publish] Upon publishing, push the cluster to remote servers. [mokaddem] - [server:pull_relevant_cluster] Added new cluster pull technique. [mokaddem] It fetches remote clusters based on cluster tags known locally - [galaxyCluster:restSearch] Possibility to search for clusters contained in an Event. [mokaddem] - [tag] Added 2 new columns to fetch tags from galaxies faster. [mokaddem] - [galaxyCluster] Added `published` flag to clusters. [mokaddem] - [clusterRelations:view] Added endpoint for rest query only. [mokaddem] - [server] Added `pull_galaxy_cluster` option in the server config. [mokaddem] - [events:view] Added Cluster relationship network graph. [mokaddem] - [clusterRelations:edit] Added endpoint. [mokaddem] - [clusterRelation] Early work on Galaxy Cluster Relations. [mokaddem] - [galaxyClusters:updateCluster] Added draft version to align a forked cluster's elements to his parent. [mokaddem] - [galaxyClusters:add] Added UI to create/edit GalaxyClusterElements. [mokaddem] - [galaxyCluster] Initial import of Galaxy2.0 codebase - WiP. [mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [PyMISP] updated to the latest version. [Alexandre Dulaunoy] - [attribute] new process-state type. [Alexandre Dulaunoy] - Add optional dep (email) [Raphaël Vinot] - Add optional dep (email) [Raphaël Vinot] - [PyMISP] updated for jarm-fingerprint type. [Alexandre Dulaunoy] - [PyMISP] Bump. [Raphaël Vinot] - [installer] Update to latest version. [Steve Clement] - Improve actions. [Raphaël Vinot] - [PyMISP] Bump version. [Raphaël Vinot] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [servers:schema_diagnostic] Added notice concerning benign deltas. [mokaddem] - [installer] Updated installer. [Steve Clement] - [internal] Faster updating JSON structures. [Jakub Onderka] - [event:index] Allow passing list when filtering. [mokaddem] - [galaxy update] improvements. [iglocska] - should be a fair bit faster - [installer] even out changes from 20.04. [Steve Clement] - [installer] Updated installer. [Steve Clement] - [sh] If env vars exist, use that value. [Steve Clement] - [doc] Added ignore file mode. [Steve Clement] - [UI] Allow to set syslog setting from UI. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [logging] Allow to define syslog identifier. [Jakub Onderka] - [logging] Allow to disable syslog logging to stderr. [Jakub Onderka] - [internal] Throw exception if setting name doesn't exists. [Jakub Onderka] - [galaxyClusterRelations:index] Show edit button for users having the permission. [mokaddem] - [galaxyCluster:view_relations] Moved custom relation option at the top. [mokaddem] - [galaxyClusterRelations:add] Added picker for relation type. [mokaddem] - [galaxyClusterBlocklist:add] Added picker for cluster. [mokaddem] - [galaxyClusters] Sort by version then by value. [mokaddem] - [UI] Change colors for auth key expiration field. [Jakub Onderka] - [UI] Always use auth key with space in UI. [Jakub Onderka] - [UI] Use quick click select for new generated authkey. [Jakub Onderka] - [UI] Use monospace font for showing autkeys. [Jakub Onderka] - [UI] Add information about key expiration to title. [Jakub Onderka] - [feed] Optimise freetext feed caching. [Jakub Onderka] - [galaxy] Do not fetch full galaxy info for event view UI. [Jakub Onderka] - Bumped db_schema. [mokaddem] - [mysql] Backported forgotten update. [mokaddem] - [UI] For search field, by default put current search term. [Jakub Onderka] - [test] Do not run workers in background. [Jakub Onderka] - [test] Run under multiple PHP versions. [Jakub Onderka] - [test] Merge common commands. [Jakub Onderka] - [diagnostic] Smarter PHP extension diagnostics. [Jakub Onderka] - [warning-list] updated. [Alexandre Dulaunoy] - [export:textExport] Filter out deplicated values Fix #6603 for attribute scope. [mokaddem] - [eventReport:reportFromEvent] Added support of attributes and objects. [mokaddem] - Set USER everywhere. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - Try to fix weirdness in PyMISP git history. [Raphaël Vinot] - Bump PyMISP. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] - Bump warning-lists. [Raphaël Vinot] - [mysql] Reverted changes to be aligned with db_version. [mokaddem] - [internal] Allow to fetch two orgs in one query. [Jakub Onderka] - [rest] For attribute REST search with includeContext, fetch events just once. [Jakub Onderka] - [UI] Simplified user edit forms and interface. [Jakub Onderka] - [internal] Simplified ACLComponent::printRoleAccess. [Jakub Onderka] - [UI] Authkey reset position. [Jakub Onderka] - [UI] Ajax user list. [Jakub Onderka] - [ACL] User different way how to use dynamic rules. [Jakub Onderka] - [UI] Add link to user org from profile. [Jakub Onderka] - [automation] page updated to accomodate new authkey system. [iglocska] - since the API keys can no longer be retrieved, point the user to where they can manage their keys - [user] views aligned with new authkeys. [iglocska] - adding users should display the newly created authkey - other views should not show anything - API responses fixed - [cleanup] removed superfluous [iglocska] - [boolean] field added to the single view fields. [iglocska] - [user view] removed separate admin view. [iglocska] - [authkey] add view added. [iglocska] - [REST client] adapted to the APIkey changes. [iglocska] - [Roles] CRUD rework. [iglocska] - [users] admin view updated to optionally use the new authkeys. [iglocska] - [indexfilter] component updated with several improvements. [iglocska] - [user] admin view now loads advanced authkeys when appropriate. [iglocska] - [authkey] system tied into authentication. [iglocska] - [user index] don't show the old style authkeys when advanced authkeys are enabled. [iglocska] - [side menu] authkeyindex added. [iglocska] - [form] generator minor improvements. [iglocska] - [authkey] model tied to user model. [iglocska] - [galaxyCluster] Remote feature support check is based on flag rather than strict version number. [mokaddem] - [internal] Simplified getApiInfo method. [Jakub Onderka] - [galaxyClusters] Returns created json blob instead of interface response. [mokaddem] - [events:automation] Added entry for galaxy cluster restSearch. [mokaddem] - [galaxyCluster:add] Adapt page title if forking. [mokaddem] - [galaxyCluster:view_relations] Improved UI for relations. [mokaddem] - [galaxyCluster] Drop all elements before capture. [mokaddem] - [server:index] Changed icon for pull relevant clusters. [mokaddem] - [galaxy] Added logging behavior for galaxies, clusters and relations. [mokaddem] - [appModel] Logout users after update. [mokaddem] - [galaxyCluster:publish] Returns true regardless of the result for pushing to other servers. [mokaddem] - [galaxyClusters:index] Added local ID in the index. [mokaddem] - Bumped queryversion. [mokaddem] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [warninglists:index] Migrated index to factory view. [mokaddem] - [events:view] Renamed object's `name` key into `Object name` [mokaddem] - This is done to emphasis that elements bordered with a blue line are in fact MISP Objects - [galaxy:export] Improved misp-galaxy format export and added notice. [mokaddem] - [galaxy:export] Started conversion tool to misp-galaxy format - WiP. [mokaddem] - [galaxies:export] Added form entry to specify the export format - WiP. [mokaddem] - Bumped queryversion. [mokaddem] - [rest] Faster attributes restSearch. [Jakub Onderka] - [UI] Small fixes for report view. [Jakub Onderka] - [UI] Put 'Add Event Report' to one line with other buttons. [Jakub Onderka] - [UI] Make related event little bit nicer. [Jakub Onderka] - Bumped queryversion. [mokaddem] - [PyMISP] Bump. [Raphaël Vinot] - [object:editField] Make the behavior of fs/ls similar to object/edit. [mokaddem] - [taxonomy] Include if the predicate is exclusive at entry level. [mokaddem] - [restResponseComponent] Added doc for `tags/search` [mokaddem] - [internal] Speedup sightings saving. [Jakub Onderka] - [use full path] added conditional to the toggle, instead of silently ignoring the setting when it's disabled server side. [iglocska] - [servers:rest] Added CodeMirror support in REST Client and improve url's path parsing. [mokaddem] - [internal] Slightly optimise JSONConverterTool. [Jakub Onderka] - [feed] Check also URL without protocol. [Jakub Onderka] - [galaxyClusterRelations] GetExistingRelationships also returns ObjectReference relation names. [mokaddem] - [galaxyClusterRelation] Make sure sourceCluster is always contained. [mokaddem] - [galaxyCluster] Do not display publish button for default clusters. [mokaddem] - [galaxyCluster] Display value of the cluster in the header. [mokaddem] - [galaxyClusterRelations] Displays error while posting. [mokaddem] - [galaxyClusterRelations] Changed add/edit relationships to singular. [mokaddem] - [galaxyClusterRelations] Allow unpublished clusters in the picker. [mokaddem] - [galaxyClusterRelations] Display org and orgc. [mokaddem] - [galaxy] Fixed baseurl typo. [mokaddem] - [galaxyCluster] Allow all clusters to be forked as long as user can edit galaxies. [mokaddem] - [galaxyCluster] Show published status of default clusters as N/A. [mokaddem] - [galaxyClusters] Hide more actions based on users permisions. [mokaddem] - [galaxyClusters] Added warning regarding useability of clusters. [mokaddem] - [sidebar] Move add cluster for more consistency. [mokaddem] - [sidemenu] `Export Galaxy Clusters` is now visible when viewing galaxy_cluster/view. [mokaddem] - [side_menu] Small glitches due to merge. [mokaddem] - [galaxyClusterBlocklist] Replaced blacklist by blocklist. [mokaddem] - [clustersRelations:add] Redirect to the index after adding a relation. [mokaddem] - [clusterRelations:add] Added helps about relationship type field. [mokaddem] - [genericElement] Allow default organisation to be used as a picture. [mokaddem] - The default MISP organisation uses the MISP logo - [OrgImgHelper] Do not return link for Orgnisation without a valid ID. [mokaddem] - [clusterBlocklists:add] Improved validation and added form help. [mokaddem] - [clusterRelations:add] Force no galaxy matrix when picking clusters. [mokaddem] - [galaxyClusters:index] Do not propose edit for default clusters. [mokaddem] - [galaxyClusters:view] Renamed extended_by/from with forked_by/from. [mokaddem] - [galaxyClusters:add] Improved form layout and galaxy element ui. [mokaddem] - [galaxyClusters] Added more entries in side menu. [mokaddem] - [restResponseComponent] Added doc for rest client. [mokaddem] - [restResponseComponent] Added doc for cluster and cluster relations. [mokaddem] - [galaxyClusters:selectCluster] Only offers non-deleted clusters. [mokaddem] - [galaxyCluster:publish] Slightly simplified save process. [mokaddem] - [galaxyClusters:publish] Return job id if rest call. [mokaddem] - [ACLComponent] Added cluster blocklist endpoints. [mokaddem] - [clusterBlocklist:index] Added base url in table actions. [mokaddem] - [galaxyCluster] Prevent creation if UUID is in blocklist. Added default distribution fallback. [mokaddem] - [clusterBlocklist:delete] Possibility to delete entry by cluster_uuid. [mokaddem] - [clusterBlocklist] Added forms and endpoints to interract with the model. [mokaddem] - [galaxyCluster:delete] Creates entry in cluster blocklist whenever hard-deleting. [mokaddem] - [galaxyCluster] Unset ids before capturing. [mokaddem] - Removed empty line. [mokaddem] - [genericElements:extended] Renamed `extended` related fields into `tree` and added doc. [mokaddem] - [galaxy_cluster_link] Added doc. [mokaddem] - [genericElements:cluster_link] Renamed `cluster_link` into `galaxy_cluster_link` [mokaddem] - Added more doc. [mokaddem] - [galaxyClusterRelation] Code refactoring and documentation. [mokaddem] - [galaxyCluster] Added bunch of doc. [mokaddem] - [galaxy] Improved doc. [mokaddem] - Added more docs. [mokaddem] - [ClusterRelationsGraphTool] Refacto and simplified code. [mokaddem] - Removed integer type hinting in controllers. [mokaddem] - [galaxyClusters] Doc and code reuse. [mokaddem] - [galaxyClusters] Variable renaming and code reuse. [mokaddem] - [clusterRelations] Added type hinting. [mokaddem] - [galaxyCluster:fetchIfAuthorized] Renamed function checkAuthorization into fetchIfAuthorized. [mokaddem] - Added comments. [mokaddem] - Refacto bunch of galaxy clusters files. [mokaddem] - Refacto some galaxy cluster controller files. [mokaddem] - [galaxyCluster:saveCluster] Make sure collection_uuid is set before saving. [mokaddem] - [galaxyCluster:add/edit] Automatically prepend GalaxyCluster if missing. [mokaddem] - [galaxyClusters:index] Allow site_admin to publish from the cluster index. [mokaddem] - [galaxyClusters:index] Allow site_admin to perfom more actions. [mokaddem] - [server:pull] Pluralized `pull_relevant_cluster` as we may pull more than one. [mokaddem] - [galaxyCluster:publish_router] Accept cluster data or cluster id. [mokaddem] - [galaxyClusters:view_relations] Rebuild tree right after quick form submit. [mokaddem] - [galaxyCluster:view_relations] Added support of pickers in quick add form. [mokaddem] - [clusterRelations:add] Added picker for cluster source. [mokaddem] - [galaxyCluster:add] Usage of new genericForm's picker for clusterElement UI. [mokaddem] - [genericForm:picker] Use a default text for the picker label if not provided. [mokaddem] - [formHelper] Added support of picker widget. [mokaddem] - [clusterRelations:add] Added target cluster and tags picker. [mokaddem] - [event:publish] Publishing also pushes attached custom galaxy clusters. [mokaddem] - [server:push_galaxy_cluster] Working version of cluster push all technique. [mokaddem] - [server:pull_cluster] Added support of `numeric` pull technique. [mokaddem] - [galaxyCluster:pull] Pull clusters before events and added support of published state. [mokaddem] - [galaxyClusters:updateCluster] Improved parsing of new element to be added from parent. [mokaddem] - [galaxyCluster] Usage of model alias when fetching a cluster. [mokaddem] - [galaxyCluster] Centralized permission checks and code refactoring. [mokaddem] - [galaxyCluster] Replaced `galaxyCluster->find` by its ACL-aware counterpart where applicable - WiP. [mokaddem] - [clusterRelation] Unpublish source cluster when altering a relation. [mokaddem] - [servers:getVersion] Return `perm_galaxy_editor` status. [mokaddem] - [clusterRelation:captureRelation] More lenient capture of orgc. Fallback to orgc=org if user is not a sync user. [mokaddem] - [galaxyCluster:captureCluster] More lenient capture of orgc. Fallback to orgc=org if user is not a sync user. [mokaddem] - [galaxyCluster:push] Only push custom clusters that are contained in the event getting pushed. [mokaddem] - [GalaxyCluster] Fetcher function arrange the data before returing its results. [mokaddem] - [galaxyCluster:add] Force orgc to be the user adding the cluster. [mokaddem] - [GalaxyClusters:edit] Improved error message format. [mokaddem] - [GalaxyClusters:add] Improved error message format. [mokaddem] - [galaxyCluster:add] Allow adding cluster with galaxy uuid. [mokaddem] - [ACLComponent] Added entry galaxy_clusters/restSearch. [mokaddem] - [server:pull] Improved pull process for galaxyClusters. [mokaddem] - [galaxyCluster] Usage of alias when building ACL conditions. [mokaddem] - [clusterRelations:add] Savings tags is more flexible and reliable. [mokaddem] - [acl] Updated endpoints and sidebar permissions. [mokaddem] - [galaxyCluster:view] Arrange data before exporting. [mokaddem] - [galaxyCluster:add] Improved error reporting and importing now uses `add` endpoint. [mokaddem] - [galaxyCluster:crud] Improved how clusters and their linked models are saved. [mokaddem] - [galaxies:delete] Allow deletion by uuid. [mokaddem] - [galaxyCluster:restSearch] Added support of additional search params. [mokaddem] - [galaxyCluster:capture] Improved cluster catpure. [mokaddem] - Allow to capture relationships pointing to unknown clusters - Improved display of relationships - [galaxyCluster:export] Unset useless fields before export. [mokaddem] - [galaxyClusers:relations_graph] Display notice if no relation. [mokaddem] - [galaxyCluster:relations_graph] Added filtering capability and fixed redraw issue. [mokaddem] - [clusterRelations:view_relations] Select default distribution. [mokaddem] - [clusterRelations:index] Use correct alias. [mokaddem] - [clusterElements:updateElements] Possibility to delete or not old data. [mokaddem] - [generic_index:relation_counts] Changed icons. [mokaddem] - [clusterRelations:relations_graph] Slight UI improvements. [mokaddem] - [clusterRelations:relations_graph] Display tags on the links. [mokaddem] - [galaxyClusters:relations_graph] Support of tag numerical values. [mokaddem] - [clusterRelations:view_relations] Display all relation tags. [mokaddem] - [clusterRelations:fetcher] Performs massaging on targetting relations. [mokaddem] - [galaxyCluster:restSearch] Improved iterated_fetch process. [mokaddem] - [galaxyCluster:view_relations] Added #relations and added relation tag. [mokaddem] - [clusterRelations:add] Refactored how relations are saved to better support tags and force override. [mokaddem] - [clusterRelations:index] Support of tags. [mokaddem] - [clusterRelations:CRUD] Added support of tags. [mokaddem] - [clusterRelations:index] Improved UI and new `cluster_link` generic index field. [mokaddem] - [appModel:update-55] Added indexes and removed incorrect sql commands. [mokaddem] - [galaxyClusters:pull] Added pull capabilities to fetch remote clusters. [mokaddem] - [galaxyCluster:push] Correctly alter data before pushing and added nets to avoid pushing if not applicable. [mokaddem] - [galaxyCluster:getElligibleClustersToPush] Renamed function for better clarity. [mokaddem] - [server:push] Drafty version of galaxyCluster push. [mokaddem] - [galaxyCluster] Added drafty version of restSearch. [mokaddem] - [clusterRelations:edit] Make edit works again and improved error reporting. [mokaddem] - [galaxyCluster] Usage of both ID and UUID for relation with drafty working version of import/export. [mokaddem] - [galaxyClusters] Improved logging and error reporting. [mokaddem] - [galaxyCluster] First version of capture functions. [mokaddem] - [galaxy:export] Added configurable galaxy exporter. [mokaddem] - [event:view] Added support of relation_tree for galaxyQuickView. [mokaddem] - [clusterRelations] Moved relation_tree into its own `tool` and added modal support for galaxyQuickView. [mokaddem] - [cluster:view_relations] Decoupled relation_tree from the form. [mokaddem] - [clusters:index] Reworked how the forks are displayed. [mokaddem] - [clusters:update_cluster] Changed title for improved clarity. [mokaddem] - [clusterRelations:networkGenerator] Moved function in `Lib/Tools` [mokaddem] - [clusterRelations:relations_graph] Added distribution and Org info. [mokaddem] - [galaxyClusters:relations_graph] Keep link labels always readable. [mokaddem] - [events:relations_graph] Added Referencing Clusters. [mokaddem] - [clusters:view] Added Cluster relation index table. [mokaddem] - [clusterRelations:networkGraphs] Improved UI by highlighting root nodes. [mokaddem] - [cluster:relations_graph] Added labels to links. [mokaddem] - [clusterRelations:index] Support of tag_name search. [mokaddem] - [galaxy:relations_graph] Added links in tooltip. [mokaddem] - [galaxy:relations_graph] Support of node and link selection. [mokaddem] - [galaxy:relations_graph] Added tooltip support. [mokaddem] - [clusterRelations:view_relations] Improved layout support tags in both side. [mokaddem] - [clusterRelations:view_relations] Added arrows and improved UI. [mokaddem] - [clusterRelations:view_relations] Working draft version for 2-sided tree. [mokaddem] - [clusterRelations:view_relations] Attached referencing relations. [mokaddem] - [clusterRelations:view_relations] Started implementation of double sided tree. [mokaddem] - [clusterRelations:view_relations] Quick submit and few fixes. [mokaddem] - [clusterRelations] Very basic CRUD. [mokaddem] - [clusterRelations] Model linking and basic index. [mokaddem] - [galaxyClusters:viewRelations] Improved UI. [mokaddem] - [clusterRelations] Improved UI of relation_graph and relation_viewer. [mokaddem] - [galaxy] Renamed `reference` into `relation` [mokaddem] - [galaxyClusters:updateCluster] Working version and improved UI and text. [mokaddem] - [galaxyClusters:updateCluster] Slightly improved UI. [mokaddem] - [galaxy:sidebar] Moved item for more consistency. [mokaddem] - [galaxyClusters:fork_tree] Replaced rectangle by label for version. [mokaddem] - [galaxyClusters:view] Added warning if new parent version available. [mokaddem] - [galaxuCluster:add] Added `extends_version` [mokaddem] - [galaxyClusters:view] Added forked version number. [mokaddem] - [galaxy:fork_tree] Version's rectangle with is now dynamically computed. [mokaddem] - [galaxy:fork_tree] Added version node - WiP. [mokaddem] - [galaxy:fork_tree] Added more information in the tooltip. [mokaddem] - [galaxyClusters] Added column `extends_version` [mokaddem] - [galaxy:fork_tree] Adapth root node size. [mokaddem] - [galaxy:import] Preliminary work on export/import galaxy clusters. [mokaddem] - [galaxyCluster:index] Added titles to action buttons. [mokaddem] - [galaxyCluster:view] Added org/orgc in meta. [mokaddem] - [galaxy:fork_tree] Added orgc picture in nodes. [mokaddem] - [galaxy:fork_tree] Added galaxyElement in the tooltip. [mokaddem] - [galaxy:index] Possibility to toggle fork view. [mokaddem] - [galaxy:fork_tree] Moved generation in the model. [mokaddem] - [galaxy:fork_tree] Doubleclick redirects to the cliked element. [mokaddem] - [galaxy:fork_tree] Added fork tree visualisation - WiP. [mokaddem] - [genericForm:extend] Adde `extended_generic` that support both `extended_by` and `extended_from` [mokaddem] - [galaxyCluster:sidebar] Reorganised the sidebar a bit. [mokaddem] - [galaxyCluster:views] Added `extended_by` and `extended_from` information. [mokaddem] - [galaxyCluster:edit] Created model and controller functions. [mokaddem] - [galaxyClusters:add] Created views, controller and models functions. [mokaddem] - [galaxyCluster] Restored working behavior of `index` and `view` views. [mokaddem] - [genericElement:indexTable] Removed auto casting to boolean as the bool element exists. [mokaddem] - [galaxyCluster:fetchClusters] Added function. [mokaddem] Fix ~~~ - [security] Make cluster's elements adhere to ACL. [mokaddem] - Missing dep in actions. [Raphaël Vinot] - [installer] Added missing checkout. [Steve Clement] - [galaxy update] tag capture fixed. [iglocska] - set random colour and some other default values - [galaxy update] force flag should be cast to boolean. [iglocska] - [eventReport:reportFromEvent] Correctly apply filter conditions Fix #6631. [mokaddem] - [tags] Pass user object to massaging function. [mokaddem] - [event:index] Pass missing parameter. [mokaddem] - [installer] if not installed as a user other then 'misp' we used to fail, now fixed. [Steve Clement] - [internal] Do not try to fetch empty job. [Jakub Onderka] - [tags] invalid function call for the tag massaging after adding a tag. [iglocska] - [tags] Pass user object to massaging function. [mokaddem] - [appController] Prevent notice for `perm_galaxy_editor` if update is still running. [mokaddem] - [logs] Add missing AuthKey model to log search. [Jakub Onderka] - [authkey] There is no AuthKey.timestamp column. [Jakub Onderka] - [UI] There is nothing like AuthKey.disabled. [Jakub Onderka] - [UI] Auto prevent default for index table actions. [Jakub Onderka] - [UI] Add label to delete auth key icon. [Jakub Onderka] - [UI] Remove unused inbox controller and menu link. [Jakub Onderka] - [server:sqlRecoveryQuery] Added support of unsigned int Fix #6618. [mokaddem] - [galaxy:update] Correctly delete clusters when performing a force update. [mokaddem] - [security] XSS in the template element index view - As reported by Rubin Azad. [mokaddem] - [object] Send all required arguments. [mokaddem] - [authkey] default value incorrect. [iglocska] - [galaxy:update] Make sure the fake user has the perm_sync right. [mokaddem] - [UI] Correct path to user profile from authkey view. [Jakub Onderka] - [security] Proper check who can view new authkeys. [Jakub Onderka] - [test] Do not pull PyMISP. [Jakub Onderka] - [internal] MISP update without branch. [Jakub Onderka] - [test] Run updates. [Jakub Onderka] - [attribute:fetch_attributes] Respect group_by request. [mokaddem] - [mispObject:save_object] Returns error in correct format. Fix #6598. [mokaddem] - [acl] Added report_from_event entry in ACL. [mokaddem] - Fix spelling of sightings_anonymise_as description. [Mat] - Perms in travis, var in gh action. [Raphaël Vinot] - Just make config writable by everyone, again. [Raphaël Vinot] - Just make config writable by everyone. [Raphaël Vinot] - [internal] Diagnostic data download. [Jakub Onderka] - [internal] Server::update method. [Jakub Onderka] - [internal] Initialize ZMQ just when necessary after setting change. [Jakub Onderka] - [event index] search via attribute key allows for empty input now. [iglocska] - [internal] Destroy session just when session is started. [Jakub Onderka] - [index search] allow for list of values to be passed via the attribute key. [iglocska] - [tag:search] Correctly pass user data. [mokaddem] - [UI] Put back requesting API access to user page. [Jakub Onderka] - [security] Properly validate new auth key. [Jakub Onderka] - [UI] Cerebrate -> MISP. [Jakub Onderka] - [MYSQL.sql] added first/last seen. [iglocska] - [MYSQL.sql] removed duplicate entry. [iglocska] - [test] Update db_schema.json for auth_keys table. [Jakub Onderka] - [test] Update database before generating new user. [Jakub Onderka] - [MYSQL.sql] updated. [iglocska] - incorporated all changes from 40 -> 61 - should solve the userinit issues - [authkey] convert existing keys. [iglocska] - added functionality to convert old style API keys to the setting description - [UI] various smaller fixes. [iglocska] - [authkey] various improvements. [iglocska] - correct lookup of users by API key when no expiration is set - added authkey reset functions - [rest client] implenented changes for advanced authkeys. [iglocska] - strip auth headers in the history - but not in the actual request - [various fixes] to the authkeys controller. [iglocska] - invalid admin lookup fixed - restriction to individual users added when using a user view to access the authkey index - [copy pasta] menues shown twice on user view fixed. [iglocska] - [galaxyCluster] Improved compatibility detection. [mokaddem] - [galaxyCluster] Bump timestamp after soft-deletion and restoration. [mokaddem] - [RestClient] Catch exceptions and show error message to user. [Jakub Onderka] - [galaxyCluster] Apply deleteAll on correct model. [mokaddem] - [galaxyClusters:view_relations] No galaxy matrix in the picker. [mokaddem] - [galaxyCluster] Allow forks with same name to appear in the picker. [mokaddem] - [galaxyClusterController:edit] Default empty list to empty string. [mokaddem] - [galaxies:export] typo. [mokaddem] - [galaxyCluster] Fixed publishing cluster permissions. [mokaddem] - [galaxyCluster:edit] Edit do not require distribution field. [mokaddem] - [galaxies] Correctly highlight galaxy in index scope. [mokaddem] - [galaxyClusters:index] Apply find on correct model for REST requests. [mokaddem] - [galaxyClusterRelations:index] Added baseurl. [mokaddem] - [servers:restClient] Keep HTTP body on template selection if it changed. [mokaddem] Making someone happy: oooooooooooooooo+++ssyyyysso++ooooooooooosssyyysoo oooooooooooooo+shmMNNNNNNNmmmdys+ooooooooyyyyysyhs oooooooooooo+yNMNMNNNNNNNNNNNNdhds/ooooooosooooooo oooooooooo+omMMMMMNNNNNNNNNNNNNmhdy/oooooooooooooo ooooooooo++NMMMMNMNNNNNNNNNNmmmmdhm/oooooooooooooo ooooooooo+yMMMMMMMMMNNNNNNNmmdmdmhN/oooooooooooooo ooooooooo+oNMMNNmNMMMMMMNNNmddmdmhN/oooooooooooooo oooooooooooodddhmys+.yyyhNNmdmNdNhh/oooooooooooooo oooooooooooss/y+syso+s---+smdNhomdy+oooooooooooooo ooooooooooooos:+oo+/-.....:hoos+Nmo+oooooooooooooo oooooooooooo+sysso/-.......-.ohmNd/ooooooooooooooo ooooooooooooo+yooo:-........-hNmh/+ooooooooooooooo oooooooooooooo/ho+-.......-:+dhs//oooooooooooooooo ooooooooooooooo+ys/::::/o++ooh:.:/+o+/+ooooooooooo oooooooooooooooo+ooyhydNyoshy+.`````:++o++oooooooo ooooooooooooooo+osssossyyhyo+-`````/:.``:y/+oooooo ooooooooooooo+oyooosssssso/-````../:-````+s/oooooo oooooooooooo++hosssssso+-```````::/:+hhyyyd:oooooo oooooooooooo/hossssso+:````````./oo+ymsdyym:oooooo ooooooooooo/ssoyysso/.```````.:+ho+smNmmmmN/+ooooo ooooooooooo/moshdyyso/`````:osydsoohodddhym/oooooo oooooooooo+yyossdhsooo-``.-ossshosd/:-..-sd/oooooo oooooooooo/msshdd++/:--//+++oo+sss++:.```oy+oooooo oooooooooo/mosssshhs+oo+/::-..``-/++--```m++oooooo oooooooooo/d++ooossdmhs++oooo++/:--:-.``:d/ooooooo - [internal] Do not fetch unnecessary correlations for distribution graph. [Jakub Onderka] - [object:deltaMerge] Stopped updating object's attributes when updating the FS/LS. [mokaddem] - Make sure to compare the correct date value of FS/LS and not their representation - [eventReports] Handle exception for EventReportsController::index. [Jakub Onderka] - [regression] invalid server loaded for connection test. [iglocska] - [galaxyClusters] Fixing badly merged merge-conflict. [mokaddem] - [internal] Properly set login times for custom auth. [Jakub Onderka] - [UI] Join with ", " array meta values for event reports. [Jakub Onderka] - [UI] Prepend URL with baseurl. [Jakub Onderka] - [UI] Disable debounce slowdown for first event report render. [Jakub Onderka] - [UI] Show 'Add Event Report' just when user can modify event. [Jakub Onderka] - [internal] Do not start session for shell commands. [Jakub Onderka] - [internal] Do not load all attributes and sightings when editing event. [Jakub Onderka] - [server:restclient] Removed force url for codemirror hints. [mokaddem] - [object:edit] Changes on fs/ls handling for object's attributes. [mokaddem] - Allow object's attributes to have fs/ls different from their object. - Object's attribute's timestamp is no longer refreshed when editing an object unless the attribute changed - Object's attribute's inherit their object fs/ls if unset - [attribute] `only_full_group_by` fixed for `__getCDIRList`. Fix #6218. [mokaddem] - [appmodel] Make sure parameter is a string before accessing string index. Fix #6544. [mokaddem] - [logs:admin_index] Removed bad usage of PHP's compact function Fix #6543. [mokaddem] - [tags:search] Apply correct conditions on corresponding models. Fix #6475. [mokaddem] - [stix2 import] Fixed parsing of objects mapped into galaxies for external STIX. [chrisr3d] - Mapping dictionary was not loaded correctly while calling the ExternalStixParser class, and it is now fixed - For objects from external STIX content that should be mapped as galaxies (such as malware, threat actor, and so on), we do not only test the perfect match with one of the galaxy names in the mapping dictionary, we also test now if the galaxy name is contained in any of the known galaxy names of the dictionary - [new tag index] added, left off in previous commit. [iglocska] - [servers:rest] Querybuilder performance improved when loading a new endpoint. [mokaddem] - [internal] `Undefined index: value` warning. [Jakub Onderka] - [galaxyClusters] Removed print statement. [mokaddem] - [galaxyCluster] Only fetch targeting relations if full requested. [mokaddem] - [galaxyClusterRelation] id condition not ambiguous. [mokaddem] - [galaxyClusterRelation] Make sure contain is an array. [mokaddem] - [galaxyClusterRelation] Make sure to include sourceCluster for the ACL condition. [mokaddem] - [galaxyClusterRelation] Make sure owner of source cluser can see org_only relations. [mokaddem] - [galaxyCluster] Hide edit cluster for notallowed users. [mokaddem] - [galaxyCluster] Recursive conditions on grandparent model. [mokaddem] - [galaxyClusterRelations] Hide delete button for non-elligible users. [mokaddem] - [galaxyClusterRelation] Hide linked clusters where applicable. [mokaddem] - For source cluster, hide the relation - For target cluster, show the relation but hide target data - [galaxyCluster] Allow hard-deletion of default clusters. [mokaddem] - [galaxyClusterBlocklist] Correct usage of the new blocklist component. [mokaddem] - [event] Failed merge conflict. [mokaddem] - [clusterRelations:edit] Make edition of relation possible Make sure to assign the source cluster id to the relation. [mokaddem] - [clusterRelations:index] Correctly unset target cluster if unkown and uses correct index element. [mokaddem] - [galaxies:export] Return application/json MIME type for all exports. [mokaddem] - [misp.js] Addressed lgtm warnings. [mokaddem] - [galaxyCluster] Make sure the value is not empty while saving. [mokaddem] - [server:pull] Make sure to update the job progress only if we are running in a background job. [mokaddem] - [server:pull] Makes pull works with jobs. [mokaddem] - [galaxyCluster:updateRelationsForSync] Use correct model to get announceBaseUrl. [mokaddem] - [galaxyCluster:captureCluster] Block any attempt to modify a not locked clusters if server is not internal. [mokaddem] - [galaxyClusterRelation:editRelation] Removed typo. [mokaddem] Cluster returned by fetchIfAuthorized is not inside a list - [galaxyCluster:saveRelation] Set `default` value if unset and allow saving unknown clusters if force flag set. [mokaddem] - [galaxyCluster:fetchIfAuthorized] Adhere to $throwErrors if the ID is invalid. [mokaddem] - [galaxyCluster:publish] Cluster parameter can be of any type. [mokaddem] - [galaxyCluster:publishRouter] Cluster parameter can be of any type. [mokaddem] - [appModel:db_changes] Added new entry. [mokaddem] - [galaxyCluster:fetchGalaxyCluster] Make sure to fetch a fresh version of the sharinggroup with all its associated data. [mokaddem] - [GalaxyCluster:fetchGalaxyCluster] Correctly attach all sharinggroup information. [mokaddem] - [galaxyCluster] Make sure we correctly update cluster relations and few QoL fixes. [mokaddem] - [clusterRelations:add] Correctly report validation errors. [mokaddem] - [install:MySQL] Create `perm_galaxy` in roles table before updating rows. [mokaddem] - [clusterRelations:add/edit] Avoid error variable override. [mokaddem] - [clusterRelation:delete] Take first result if id matches. [mokaddem] - [clusterRelation] Use correct linked model alias. [mokaddem] - [galaxyCluster] Typo when accessing variables. [mokaddem] - [ACLComponent] Put `pushClusters` into the correct section. Also removed useless condition. [mokaddem] - [servers:push] Do not throw exception while pushing via rest query. [mokaddem] - [galaxy:import] Set org and orgc to default MISP org. [mokaddem] - [clusterRelations:view_relation_tree] Avoid id collision for cross- referencing clusters. [mokaddem] - [galaxy:import] Correctly set distribution when importing from repository. [mokaddem] - [clusterRelations:edit] Endpoint access data with/without model key. [mokaddem] - [clusterRelation] Added entry in ACLComponent and improved rest error message. [mokaddem] - [clusterRelations] Corrected conditions allowing the creation/update of relations. Plus, get rid of not-used relation's value. [mokaddem] - [clusterRelation:add] Use the correct key to access cluster info. [mokaddem] - [clusterRelations:add] Removed useless translation. [mokaddem] - [clusterRelation:restSearch] Allow org to see their own relations if they are distribution=org_only. [mokaddem] - [galaxyCluster] Typo in linked model. [mokaddem] - [galaxyCluster:fetchClusters] Added missing conditions for clusterRelations. [mokaddem] - [galaxyCluster:pull] Correctly capture the Orgc. [mokaddem] - [galaxyClusterRelation:getRelations] Could not fetch relations with no full group by enabled. [mokaddem] - [galaxyCluster:captureCluster] Make sure to capture the galaxy if unkown. [mokaddem] - [clusterRelation:captureRelations] Default referenced galaxy id to 0 if it's unkown. [mokaddem] - [galaxyCluster:view_relation_tree] Tree links takes into account the avg numerical_value. [mokaddem] - [galaxies:massageTags] Pass user to the model. [mokaddem] - [clusterRelations:syncUUIDsAndIDs] Make sure to default referenced cluster id to 0 if unknown. [mokaddem] - [galaxy:import] Use correct data path to retrieve galaxy id. [mokaddem] - [galaxyCluster:edit] Fixed key name issues preventing clusters to be edited similar to the `add` endpoint. [mokaddem] - [galaxyCluster:relations_graph] Fixed link id not used consistently. [mokaddem] - [clusterRelations:catpure] More flexible tag capture. [mokaddem] - [galaxy:import] Set the locked flag for the imported galaxyCluster. [mokaddem] - [galaxyCluster] Make sure to sync id/uuid for the target relation. [mokaddem] - [galaxyCluster:view_relation_tree] Fixed division by 0. [mokaddem] - [galaxyClusters:relations_graph] Draw relation text only once + Physics tweaking. [mokaddem] - [galaxyClusers:relations_graph] Draw nodes after links. [mokaddem] - [galaxyCluster:CRUD] Fixed fields not being saved correctly and improved API feedback. [mokaddem] - [clusterRelations:relation_tree] looping with function callback change the value of `this` [mokaddem] - [server:pushGalaxyCluster] Correctly select UUIDs to be pushed. [mokaddem] - [clusterRelations:view_relations] Avoid duplication of targetting relations. [mokaddem] - [clusterRelations:view_relations] Correctly sync ID and UUID when adding a relation and repaired view. [mokaddem] - [clusterRelations:relations_graph] Support of fallback `MISP` Organisation and improved tooltip layout. [mokaddem] - [galaxy:quickViewMini] Prevent multiple `mouseover` listeners. [mokaddem] - [cluster:add_relation] Correctly use the freetext relation if picked. [mokaddem] - [clusters:edit] ClusterElementUI do not duplicate rows each time it's displayed. [mokaddem] - [event:view] Prevent global variable overide. [mokaddem] - [ClusterRelationsGraphTool] Inject Orgs and SharingGroup info for referencing nodes. [mokaddem] - [events:view] Fixed cluster_relations filename and distribution info. [mokaddem] - [clusterRelations:fork_tree] Prevent division by 0. [mokaddem] - [galaxy] Few leftovers to be renamed. [mokaddem] - [galaxy:fork_tree] Better handling of versions. [mokaddem] - [galaxyCluster:view] Catch if cluster has no `extended_from` [mokaddem] - [galaxy:editCluster] Correctly update galaxyElements. [mokaddem] - [galaxy:fork_tree] Correctly print default value. [mokaddem] - [galaxu:index] Corrected cluster base urls locations. [mokaddem] - [genericIndexTable:extended_generic] Do not duplicate field if both `from` and `by` are used. [mokaddem] - [galaxyCluster:attachToEventIndex] Usage of the correct function. [mokaddem] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6638 from korrosivesec/feature/jarm. [Alexandre Dulaunoy] new: [datamodels] added jarm-fingerprint type - Merge pull request #6639 from SteveClement/guides. [Steve Clement] - Merge branch '2.4' into guides. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6636 from MISP/gh_actions_var. [Raphaël Vinot] chg: Improve actions - Merge pull request #6632 from StefanKelm/2.4. [Alexandre Dulaunoy] Update Server.php - Update Server.php. [StefanKelm] Tiny re-wording - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6630 from SteveClement/guides. [Steve Clement] - Merge pull request #6628 from JakubOnderka/update-json-speedup. [Jakub Onderka] chg: [internal] Faster updating JSON structures - Merge pull request #6629 from SteveClement/guides. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into guides. [Steve Clement] - Merge branch 'guides' of github.com:SteveClement/MISP into guides. [Steve Clement] - Merge pull request #6572 from JakubOnderka/syslog-stderr-disable. [Jakub Onderka] Syslog stderr disable - Merge pull request #6625 from JakubOnderka/setting-change-exception. [Jakub Onderka] chg: [internal] Throw exception if setting name doesn't exists - Merge pull request #6626 from JakubOnderka/no-empty-job. [Jakub Onderka] fix: [internal] Do not try to fetch empty job - Merge remote-tracking branch 'origin/2.4' into JakubOnderka-galaxy- cluster-fetch. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6623 from JakubOnderka/log-search-models. [Jakub Onderka] fix: [logs] Add missing AuthKey model to log search - Merge pull request #6586 from JakubOnderka/autkey-fixes. [Jakub Onderka] Authkey UI fixes - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6559 from JakubOnderka/fist-last-seen-sort. [Jakub Onderka] new: [UI] Allow to sort attributes or objects by first and last seen - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6617 from JakubOnderka/freetext-feed-saving. [Jakub Onderka] chg: [feed] Optimise freetext feed caching - Merge pull request #6609 from JakubOnderka/remove-inbox-controller. [Jakub Onderka] fix: [UI] Remove unused inbox controller and menu link - Merge pull request #6621 from JakubOnderka/extension-version. [Jakub Onderka] new: [diagnostic] Check extensions version - Merge pull request #6120 from mokaddem/galaxy-cluster2.0. [Sami Mokaddem] [feature] Cluster relations and synchronization - aka Galaxy 2.0 - Merge branch '2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6496 from JakubOnderka/experimental-stream- convert. [Jakub Onderka] - Merge pull request #6589 from JakubOnderka/group-search-current-value. [Jakub Onderka] chg: [UI] For search field, by default put current search term - Merge pull request #6587 from JakubOnderka/authkey-view. [Jakub Onderka] Authkey view permission fix - Merge pull request #6604 from JakubOnderka/github-test-changes. [Jakub Onderka] GitHub test changes - Merge pull request #6605 from JakubOnderka/php-extension-diagnostic. [Jakub Onderka] chg: [diagnostic] Smarter PHP extension diagnostics - Merge branch 'feature-report-from-event' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-report-from- event. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-report-from- event. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-report-from- event. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-report-from- event. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6580 from Maddosaurus/fix-plugin-setting-spelling. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6600 from MISP/github_action_2. [Raphaël Vinot] chg: try to fix weirdness in PyMISP git history - Merge pull request #6601 from JakubOnderka/fix-diagnostic-download. [Jakub Onderka] fix: [internal] Diagnostic data download - Merge pull request #6599 from JakubOnderka/misp-update-fix. [Jakub Onderka] fix: [internal] Server::update method - Merge pull request #6597 from JakubOnderka/zmq-setting-change-fix. [Jakub Onderka] fix: [internal] Initialize ZMQ just when necessary after setting change - Merge pull request #6596 from JakubOnderka/bump-pymisp. [Raphaël Vinot] chg: Bump PyMISP - Merge pull request #6588 from JakubOnderka/gpg-version-diagnostics. [Jakub Onderka] new: [diagnostic] Show installed GnuPG version - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch 'session_destruction' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6561 from JakubOnderka/rest-attribute-include- context. [Jakub Onderka] chg: [rest] For attribute REST search with includeContext, fetch events just once - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6532 from JakubOnderka/user_edit. [Jakub Onderka] User edit permissions - Merge branch 'authkey_fix' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6584 from JakubOnderka/authkeys-test-fix. [Jakub Onderka] fix: [test] Update database before generating new user - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge branch 'CRUD' into 2.4. [iglocska] - Merge branch '2.4' into CRUD. [iglocska] - Merge branch '2.4' into CRUD. [iglocska] - Merge branch '2.4' into CRUD. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge pull request #6560 from JakubOnderka/rest-client-handle- exceptions. [Jakub Onderka] fix: [RestClient] Catch exceptions and show error message to user - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6566 from JakubOnderka/distribution-disable- correlation. [Jakub Onderka] fix: [internal] Do not fetch unnecessary correlations for distributio… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6564 from JakubOnderka/fix-can-modify-report. [Jakub Onderka] fix: [eventReports] Handle exception for EventReportsController::index - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch 'jakub-event-ui-vol5' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into jakub-event-ui-vol5. [mokaddem] - Merge pull request #6529 from JakubOnderka/experimenteal-faster-rest- fetch. [Jakub Onderka] chg: [rest] Faster attributes restSearch - Merge pull request #6541 from JakubOnderka/head-check-attribute- object. [Jakub Onderka] new: [API] Fast check object or attribute existence by HEAD method - Merge pull request #6519 from JakubOnderka/update-login-times. [Jakub Onderka] fix: [internal] Properly set login time for custom auth - Merge pull request #6533 from JakubOnderka/shell-no-session. [Jakub Onderka] fix: [internal] Do not start session for shell commands - Merge pull request #6538 from JakubOnderka/event-edit-optimisation. [Jakub Onderka] fix: [internal] Do not load all attributes when editing event - Merge pull request #6548 from JakubOnderka/related-event-template. [Jakub Onderka] chg: [UI] Make related event little bit nicer - Merge branch 'feature-rest-client-codemirror' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-rest-client- codemirror. [mokaddem] - Merge pull request #6542 from JakubOnderka/speedup-sightings-saving. [Jakub Onderka] chg: [internal] Speedup sightings saving - Merge branch '2.4' of github.com:MISP/MISP into feature-rest-client- codemirror. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6510 from JakubOnderka/event-edit-metadata. [Jakub Onderka] new: [rest] Allow to return just metadata after creating or editing event - Merge pull request #6490 from JakubOnderka/json-converter-optim. [Jakub Onderka] chg: [internal] Slightly optimise JSONConverterTool - Merge pull request #6528 from JakubOnderka/event-view-head. [Jakub Onderka] new: [API] Allow event existence check by HEAD method - Merge pull request #6521 from JakubOnderka/cached-feed-url-match. [Jakub Onderka] chg: [feed] Check also URL without protocol - Merge pull request #6514 from JakubOnderka/fix-indefined-index. [Jakub Onderka] fix: [internal] `Undefined index: value` warning - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch 'fix-sg-creation' into galaxy-cluster2.0. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0. [mokaddem] v2.4.134 (2020-11-02) --------------------- New ~~~ - [tag index] simple/advanced view. [iglocska] - simple view excludes eventtags / attributetags / sightings - helps with heavier instances - refactor of the index to the new generators - new elements for the generators added - [UI] Add link to show related feeds attributes. [Jakub Onderka] - [UI] Allow to set attachment scan settings from user interface. [Jakub Onderka] - [widgets] button for link (#6489) [Loïc Fortemps] - [statistics shell] year over year org growth added. [iglocska] - [eventReports] Event auto-tagging from report. [mokaddem] - [UI] Attachment scan diagnostic. [Jakub Onderka] - [av] Allow to scan just by file hash. [Jakub Onderka] - [av] Use misp-module for AV scanning. [Jakub Onderka] - [av] Malware protection for uploaded files. [Jakub Onderka] - [UI] Allow to disable hover enrichment. [Jakub Onderka] - [sync] Show client certificate info in connection test. [Jakub Onderka] - [eventReports] Creation of reports from URL using MISP-modules. [mokaddem] - [eventReport] Added context replacements and suggestions. [mokaddem] - [eventReports:markdownEditor] Text replacement with existing attributes. [mokaddem] - [eventReports] Attributes suggestion replacement + UI - Draft. [mokaddem] Changes ~~~~~~~ - [version] bump. [iglocska] - [misp-taxonomies] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump version. [Raphaël Vinot] - Bump PyMISP for testing. [Raphaël Vinot] - [misp-objects] updated. [Alexandre Dulaunoy] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [markdownEditor] Add cancel button for the editor. Fix #6506. [mokaddem] - Bumped queryversion. [mokaddem] - [cti-python-stix2] Bumped latest version. [chrisr3d] - [eventsReport:markdownEditor] Increased base number of hints. [mokaddem] - [eventReport:markdownEditor] Adapt hint number based on the length of the provided input. [mokaddem] - [eventReports] Removed confusing edit buton in event view. [mokaddem] - [statistics shell] yearly growth now takes a local only flag as parameter. [iglocska] - [UI] Cleanup code of default layout. [Jakub Onderka] - [module] Allow to specify module timeout. [Jakub Onderka] - [internal] Allow to fetch Mitre Attack matrix also by name. [Jakub Onderka] - [UI] Attach warnings after attribute quick edit. [Jakub Onderka] - [internal] Move warnings popover generation to value_field template. [Jakub Onderka] - [statistics shell] added org engagement function to get insights on first event creation. [iglocska] - [eventReport] Improved html_to_markdown module handling. [mokaddem] - [eventReport] Extracted function. [mokaddem] - [eventReport] Renamed functions. [mokaddem] - [eventReports:markdownEditor] Added loading screen when extracting entities. [mokaddem] - [misp-galaxy] updated. [Alexandre Dulaunoy] - [logs] search no longer uses csrf tokens for the form. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to include ATT&CK sub-techniques. [Alexandre Dulaunoy] - [module] Better error handling. [Jakub Onderka] - [module] Move serialization into module class. [Jakub Onderka] - [UI] Update Font Awesome to 5.15.1. [Jakub Onderka] - [module] Allow module settings to be dict with setting description. [Jakub Onderka] - [module] Serialize post data at one place. [Jakub Onderka] - [module] Remove unused variable from Module::getModules method. [Jakub Onderka] - [UI] Change quick edit icons also for objects and setting edit. [Jakub Onderka] - [UI] Use 'Event' instead of 'Info' in correlation popover. [Jakub Onderka] - [UI] Add icon for undefined threat level. [Jakub Onderka] - [UI] Nicer required asterisk. [Jakub Onderka] - [UI] For revise object, do not validate unique UUID. [Jakub Onderka] - [internal] Do not load notifications for ajax requests. [Jakub Onderka] - [internal] Add suggested PHP extensions to composer.json. [Jakub Onderka] - [internal] Update composer.phar to 1.10.15. [Jakub Onderka] - [travis] Do list all directories after failed test. [Jakub Onderka] - [internal] Save same time and memory in RestResponseComponent. [Jakub Onderka] - [UI] Use standard way how to show attribute values for resolved results. [Jakub Onderka] - [UI] Fixes for user profile admin view. [Jakub Onderka] - [eventReports:markdownEditor] Improved parsing and provide feedbacks if elements cannot be rendered. [mokaddem] - [eventReport:markdownEditor] Improved parsing of context (reduced false positive) + find rendered element in doc. [mokaddem] - [eventReport:markdownEditor] Interface improvements. [mokaddem] - [eventReport] Draft support of context auto replacement. [mokaddem] - [eventReport:markdownEditor] Prevent double extraction for tags. [mokaddem] - [eventReport] Simplified replacement mechanism. [mokaddem] - [eventReports:markdownEditor] Cleanup and function renaming. [mokaddem] - [eventReport] Support of replacement regex & automatic replacement - DRAFT. [mokaddem] - [eventReports:markdownEditor] Reorganise function position. [mokaddem] - [eventReports:markdownEditor] Popover to show replacement attribute. [mokaddem] - [evnetReport:markdownEditor] UI improvements on suggestion tables. [mokaddem] - [eventReports:markdownEditor] Suggestion UI improvements. [mokaddem] - [eventReport:markdownEditor] Do no propose extractions for existing replacements. [mokaddem] Fix ~~~ - [stix import] Avoiding issue with test_mechanisms with no rule value. [chrisr3d] - [internal] Remove warning when modules are not reachable. [Jakub Onderka] - [security] SSRF fixed in the rest client. [iglocska] - by using the full path parameter in the rest client, users could issue queries to any server - this becomes especially problematic when the MISP server is able to query other internal servers, as external users could trigger those - new server setting added that allows enabling the full path option, this is now disabled by default - new server setting added to add an override baseurl for the rest client, removing the need for the full path option in the first place (for example for the training VM with its port forwarding) - Thanks to Heitor Gouvêa for reporting this vulnerability - [eventReport] Function call not adapted after module rework merge. [mokaddem] - [ACL] Add missing controllers from EventReports. [Jakub Onderka] - [internal] Warning when viewing feed info. [Jakub Onderka] - [UI] Show error message if genericPopup ajax request fails. [Jakub Onderka] - [eventReport:markdownEditor] Show full attribute value in print mode. Fix #6507. [mokaddem] - [UI] More space in sighting graph for a lot of sightings numbers. [Jakub Onderka] - [UI] Add missing line break. [Jakub Onderka] - [UI] Remove forgotten removed variable. [Jakub Onderka] - [UI] Show correct message when saving object after quick edit. [Jakub Onderka] - [UI] Show error if multiSelectAction fails. [Jakub Onderka] - [eventReport] Correctly tag event if requested + undefined variable. [mokaddem] - #6354. [Nick] fix: #6354 Need escape for quote in regex - [av] Send to module also attribute UUID and value. [Jakub Onderka] - [modules] Better error handling for connection problems. [Jakub Onderka] - [module] Throw exception if response JSON is invalid. [Jakub Onderka] - [UI] Remove unnecessary empty div from seen_field. [Jakub Onderka] - [UI] Do not allow to add tags when showing event to merge. [Jakub Onderka] - [UI] Fix strikethrough text decoration for deleted reference. [Jakub Onderka] - [UI] Remove unnecessary form element from correlated events. [Jakub Onderka] - [internal] Remove compressing by ZIP PHP extensions. [Jakub Onderka] - [internal] Avoid warnings in global_menu. [Jakub Onderka] - [resource-widget] Use redisInfo method for getting info. [Jakub Onderka] - [tools] Variable names typo. [chrisr3d] - [internal] Check Crypt_GPG version. [Jakub Onderka] - [UI] Put back missing homepage star. [Jakub Onderka] - [internal] Unused variable in Event::__generateCachedTagFilters. [Jakub Onderka] - [internal] Remove unused file. [Jakub Onderka] - [internal] Remove unused AppModel::checkVersionRequirements method. [Jakub Onderka] - [travis] Retry poetry packages installation. [Jakub Onderka] - [eventReports:markdownEditor] Better parsing of free text value. [mokaddem] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #6535 from JakubOnderka/module-warning-fix. [Jakub Onderka] fix: [internal] Remove warning when modules are not reachable - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6527 from JakubOnderka/event-reports-acl-missing. [Jakub Onderka] fix: [ACL] Add missing controllers from EventReports - Merge pull request #6518 from JakubOnderka/ui-related-feeds. [Andras Iklody] chg: [UI] Remove Source Format from related feed popover - [UI] Remove Source Format from related feed popover. [Jakub Onderka] - Merge pull request #6524 from trolldbois/2.4. [Andras Iklody] - Merge pull request #1 from trolldbois/trolldbois-fix-email- sendExternal. [Loïc Jaquemet] Remove 'text' from required params from sendExternal - Remove 'text' from required params from sendExternal. [Loïc Jaquemet] Bug fix, there is no such fields named 'text' in params. It's probably a typo from reading line 309 too fast - Merge pull request #6520 from JakubOnderka/feed-view-fix-warning. [Jakub Onderka] fix: [internal] Warning when viewing feed info - Merge branch 'feature-report-extract-data' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into feature-report-extract- data. [mokaddem] - Merge pull request #6516 from JakubOnderka/generic-popup-fail. [Jakub Onderka] fix: [UI] Show error message if genericPopup ajax request fails - Merge pull request #6498 from JakubOnderka/attachment-scan-settings. [Jakub Onderka] new: [UI] Allow to set attachment scan settings from user interface - Merge pull request #6499 from pettai/more-bro-auto-docs. [Andras Iklody] Update bro automation docs - Update bro automation docs. [pettai] More of remove allowNonIDS from bro per https://github.com/MISP/MISP/pull/1726 - Merge pull request #6451 from Wachizungu/add-extra-shibbauth- documentation. [Alexandre Dulaunoy] Extending documentation of ShibbAuth plugin - Extending documentation of ShibbAuth plugin. [Jeroen Pinoy] - Merge branch '2.4' of github.com:MISP/MISP into feature-report- extract-data. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6495 from JakubOnderka/fixes. [Jakub Onderka] UI Fixes - Merge pull request #6492 from pettai/bro-automation-docs. [Alexandre Dulaunoy] Fix Bro IDS export docs - Fix Bro IDS export docs. [pettai] As per https://github.com/MISP/MISP/pull/1726 the "allowNonIDS" option was explicitly removed from Bro IDS export, update the docs accordingly (some hairpulling was done prior to this finding...) - Merge pull request #6485 from JakubOnderka/module-timeout. [Jakub Onderka] chg: [module] Allow to specify module timeout - Merge pull request #6494 from JakubOnderka/event-ui-fixes-vol6. [Jakub Onderka] Event UI fixes vol6 - Merge branch '2.4' of github.com:MISP/MISP into feature-report- extract-data. [mokaddem] - Merge pull request #6488 from JakubOnderka/attachment-scan-diagnostic. [Jakub Onderka] new: [UI] Attachment scan diagnostic - Merge pull request #6484 from crowface28/2.4. [Andras Iklody] fix: #6354 - Merge pull request #6411 from JakubOnderka/malware-scan. [Jakub Onderka] Attachment malware protection - Merge pull request #6483 from JakubOnderka/module-settings. [Jakub Onderka] Module settings - Merge pull request #6479 from JakubOnderka/event-ui-vol5-small. [Jakub Onderka] Event ui vol5 small - Merge pull request #6478 from JakubOnderka/remove-zip-ext-compression. [Jakub Onderka] fix: [internal] Remove compressing by ZIP PHP extensions - Merge pull request #6471 from JakubOnderka/enrichment_hover_popover_only. [Jakub Onderka] new: [UI] Allow to disable hover enrichment - Merge pull request #6474 from JakubOnderka/avoid-warnings. [Jakub Onderka] fix: [internal] Avoid warnings in global_menu - Merge pull request #6473 from JakubOnderka/misp-resource-widget. [Jakub Onderka] fix: [resource-widget] Use redisInfo method for getting info - Merge pull request #6465 from JakubOnderka/ajax-no-notification- [Jakub Onderka] chg: [internal] Do not load notification count and homepage for AJAX requests - Merge pull request #6450 from JakubOnderka/client-certificate-info. [Jakub Onderka] new: [sync] Show client certificate info in connection test - Merge pull request #6468 from JakubOnderka/bad-commit-fix. [Jakub Onderka] Revert "fix: [internal] Remove unused AppModel::checkVersionRequireme… - Revert "fix: [internal] Remove unused AppModel::checkVersionRequirements method" [Jakub Onderka] This reverts commit ac6761d7 - Merge pull request #6460 from MISP/chrisr3d_features. [Alexandre Dulaunoy] Small STIX ingestion script - Merge branch 'chrisr3d_features' of https://github.com/MISP/MISP into chrisr3d_features. [chrisr3d] - Update README.md. [Christian Studer] Page layout issue fixed - Merge branch '2.4' of https://github.com/MISP/MISP into chrisr3d_features. [chrisr3d] - Add: [tools] More documentation for the stix ingestion script. [chrisr3d] - Add: [tools] Small script to ingest STIX files using the restAPI. [chrisr3d] - Automation of the ingestion for multiple file simply by passing all the filenames - Using PyMISP to connect to MISP and query the /events/upload_stix end point - Merge pull request #6463 from JakubOnderka/crypt-gpg-version-check. [Jakub Onderka] fix: [internal] Check Crypt_GPG version - Merge pull request #6466 from JakubOnderka/homepage-star. [Jakub Onderka] fix: [UI] Put back missing homepage star - Merge pull request #6459 from JakubOnderka/composer-update. [Jakub Onderka] chg: [internal] Update composer.phar to 1.10.15 - Merge pull request #6458 from JakubOnderka/remove-unused. [Jakub Onderka] Remove unused code - Fix [internal] Removed unused EventsController::viewEventGraph method. [Jakub Onderka] - Fix [internal] Removed unused Server::__handlePulledProposals method. [Jakub Onderka] - Fix [internal] Removed unused EventsController::__fetchEvent method. [Jakub Onderka] - Merge pull request #6454 from JakubOnderka/travis-fixes-vol3. [Jakub Onderka] test: Retry poetry install - Merge pull request #6457 from JakubOnderka/rest-response-optim. [Jakub Onderka] chg: [internal] Save some time and memory in RestResponseComponent - Merge pull request #6455 from JakubOnderka/resolved-misp-format-value. [Jakub Onderka] chg: [UI] Use standard way how to show attribute values for resolved … - Merge pull request #6456 from JakubOnderka/admin-user-view-fixes. [Jakub Onderka] chg: [UI] Fixes for user profile admin view v2.4.133 (2020-10-16) --------------------- New ~~~ - [UI] Use flag icons from Twemoji. [Jakub Onderka] - [UI] Show organisation nationality flag. [Jakub Onderka] - [attribute type] cpe Common Platform Enumeration attribute type added. [Alexandre Dulaunoy] - [attribute] telfhash attribute type added - fix #6435. [Alexandre Dulaunoy] - [GPG] Validate fetched GPG key. [Jakub Onderka] - [UI] Add icons for threat levels. [Jakub Onderka] - [internal] Allow to set warning checking for all attributes, not just IDS. [Jakub Onderka] - [warninglist] Allow to check if IP in CIDR is part of another CIDR. [Jakub Onderka] - [warninglist] Cache warninglist results. [Jakub Onderka] - [build] Validate also feed metadata rules and settings JSON contents. [Jakub Onderka] - [attribute-type] filename-pattern to describe a filename base on a pattern. [Alexandre Dulaunoy] Fix #403 There is no specific validation on the field. This allows us to have a clear separation between filename and filename-pattern as many users were using filename for regexp. This also helps the creation of object template which requires a filename pattern. - [evenReport] Support of extended event. [mokaddem] - [eventReport:markdownEditor] Toggleable rendering of MISP Elements. [mokaddem] - [eventReport:markdownEditor] Support to reference object attribute. [mokaddem] - [markdownEditor] Added support of fullscreen mode. [mokaddem] - [eventReport:markdownEditor] Added hints for tags. [mokaddem] - [eventReport] Added support of tags. [mokaddem] - [user agent] string changed for MISP -> MISP synchronisation. [iglocska] - [UI] Truncate long values. [Jakub Onderka] - [UI] Go directly to object reference when referenced object is on the same page. [Jakub Onderka] - [workers] add kill all / force kill all buttons to the worker management, fixes #6329. [iglocska] - [recovery] script added mock method among other changes. [iglocska] - also added proposals - add/accept/discard should be fully supported now - [recovery] added event deletion recovery tool. [iglocska] - [internal] added helper function to get tag id based on cluster id. [iglocska] - [markdownEditor] Possibility to toggle rules on-the-fly. [mokaddem] - [markdownViewer] Added light support of picture attachment parsing. [mokaddem] - [markdownViewer] Support of hints in editor. [mokaddem] - [markdownViewer] Added rule and renderer for special MISP elements. [mokaddem] Changes ~~~~~~~ - [VERSION] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [warning-lists] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [UI] Remove famfamfam icon flags. [Jakub Onderka] - [UI] Use IconHelper for flag icons. [Jakub Onderka] - [internal] Allow to have empty nationality. [Jakub Onderka] - [UI] Update country names. [Jakub Onderka] - [internal] Normalize AS type to asplain notation. [Jakub Onderka] - [internal] Speedup sending module results. [Jakub Onderka] - [internal] Sighting saving optimisation. [Jakub Onderka] - [PyMISP] updated. [Alexandre Dulaunoy] - [attribute] cpe was already present but not specified in any categories. [Alexandre Dulaunoy] - [UI] Use nicer icon for Restore attribute button. [Jakub Onderka] - [eventReport] Put back attribute galaxies. [Jakub Onderka] - [eventReport] proxyMSIPElements are loaded dynamically. [Jakub Onderka] - [eventReport] Do not fetch event reports when it is not necessary. [Jakub Onderka] - [eventReport] Do not fetch attribute tags again, they are included in object. [Jakub Onderka] - [eventReport] Do not fetch unnecessary event and attribute galaxies. [Jakub Onderka] - [eventReport] Do not create separate array, merge is expensive. [Jakub Onderka] - [eventReport] Do not attach sharing groups. [Jakub Onderka] - [eventReport] Fetch object templates just when event contains objects. [Jakub Onderka] - [eventReport] Fetch parental event just when it is necessary. [Jakub Onderka] - [eventReport] Do not fetch sightings for events. [Jakub Onderka] - [UI] Use existing implementation for popover also for cortex. [Jakub Onderka] - [UI] Put back all attribute types when selecting empty category. [Jakub Onderka] - [internal] Faster loading od Distribution graph. [Jakub Onderka] - [UI] Show hostname|port attribute value on one line. [Jakub Onderka] - [validation] Provide better invalid messages for ip-dst|port, ip- src|port and hostname|port. [Jakub Onderka] - [validation] Simplify composite validation. [Jakub Onderka] - [copyright] AUTHORS updated. [Alexandre Dulaunoy] - [copyright] date fixed and top 6 contributors added as copyright holder. [Alexandre Dulaunoy] - [PyMISP] latest version. [Alexandre Dulaunoy] - [PyMISP] bump version (new telfhash type added) [Alexandre Dulaunoy] - [cookie] Set session cookie SameSite to Lax to avoid browser warnings. [Jakub Onderka] - [UI] Optimise loading contributors orgs. [Jakub Onderka] - [UI] Nicer icon for quick edit buttons. [Jakub Onderka] - [UI] Use quick select for objects UUID. [Jakub Onderka] - [UI] Enrichment for proposals doesn't exists. [Jakub Onderka] - [UI] Use nicer icon for accept proposal. [Jakub Onderka] - [UI] Put space between object action icons. [Jakub Onderka] - [internal] Provide better exception messages for signing and encrypting. [Jakub Onderka] - [validation] Provide more precise and faster attribute validation. [Jakub Onderka] - [internal] URL is already defang in ComplexTypeTool. [Jakub Onderka] - [UI] Validate object when revising. [Jakub Onderka] - [misp-warning] updated to the latest version. [Alexandre Dulaunoy] - [internal] Do not fetch event reports for view. [Jakub Onderka] - [internal] Merge EventReports for extended view. [Jakub Onderka] - [internal] Optimise event fetching. [Jakub Onderka] - [internal] Cleanup and simplify ShadowAttribute model code. [Jakub Onderka] - [freetext] Send textarea on CMD+ENTER or CTRL+ENTER. [Jakub Onderka] - [freetext] Nicer remove icon. [Jakub Onderka] - [UI] Focus freetext textarea after opening popover. [Jakub Onderka] - [freetext] Process just big number of attributes in background. [Jakub Onderka] - [UI] Better description for password popover. [Jakub Onderka] - [UI] Automatically select privacy target when is marked as quick select. [Jakub Onderka] - [UI] Allow quickSelect organisation UUID. [Jakub Onderka] - [UI] Fix some bugs in user view. [Jakub Onderka] - [internal] Simplified AttributesController::hoverEnrichment method. [Jakub Onderka] - [internal] More checks in Module model. [Jakub Onderka] - [UI] Show nice pgp form font. [Jakub Onderka] - [UI] Make external links more secure. [Jakub Onderka] - [UI] Show error message for hover enrichment when something wrong happen. [Jakub Onderka] - [UI] Put title for hover enrichment icon. [Jakub Onderka] - [internal] Move hover enrichment script to misp.js. [Jakub Onderka] - [UI] Better log when for empty results for enrichment. [Jakub Onderka] - [UI] Make link clickable in enrichment. [Jakub Onderka] - [UI] Show loading icon when enrichment. [Jakub Onderka] - [UI] Limit enrichment popover size. [Jakub Onderka] - [internal] Use async version when fetching enrichment popover. [Jakub Onderka] - [UI] Change design of attribute hover. [Jakub Onderka] - [internal] Better error messages for unzipping feed file. [Jakub Onderka] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [UI] Break words when showing long value in popup. [Jakub Onderka] - [UI] Use "raw" view for long URLs. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [UI] Rename Email to Creator user in event index. [Jakub Onderka] - [UI] Keep term when searching for attribute. [Jakub Onderka] - [UI] Uppercase ID for event list. [Jakub Onderka] - [internal] Do not show attribute warning when searching attributes. [Jakub Onderka] - [UI] Support quick select for UUID. [Jakub Onderka] - [UI] Move privacy toggle code to misp.js. [Jakub Onderka] - [UI] Focus proposal when going from proposals index. [Jakub Onderka] - [UI] Use hires icons for event page. [Jakub Onderka] - [UI] HTML code cleanup. [Jakub Onderka] - [internal] Validate sighting UUID. [Jakub Onderka] - [internal] Remove unused code. [Jakub Onderka] - [internal] Optimise sightings fetching. [Jakub Onderka] - [internal] Much faster attribute search. [Jakub Onderka] - [appmodel] Set default value for warninglist_entry_count. [mokaddem] - [internal] Clean up EventsController::view code. [Jakub Onderka] - [internal] Remove not necessary GalaxyCluster initialization. [Jakub Onderka] - [internal] Initialize Sighting class just when necessary. [Jakub Onderka] - [optimisation] Load MISP version and commit just once. [Jakub Onderka] - [internal] Optimise fetching sightings for object. [Jakub Onderka] - [internal] Use ACL also for side menu. [Jakub Onderka] - [internal] Move more global menu rules to ACLComponent. [Jakub Onderka] - [internal] Use ACLComponent for menu item permission. [Jakub Onderka] - [warninglist] Use faster method for fetching data from Redis. [Jakub Onderka] - [warninglist] Hash key in binary and store just for one hour. [Jakub Onderka] - [internal] Fix for exact string match. [Jakub Onderka] - [internal] Normalize CIDR and hostname warninglists. [Jakub Onderka] - [internal] Simplified Warninglist::__checkValue. [Jakub Onderka] - [internal] Change method name to show that it just filter one attr. [Jakub Onderka] - [internal] Save memory when storing warninglist to cache. [Jakub Onderka] - [internal] Start IPv4 checking from zero. [Jakub Onderka] - [internal] Warninglist code cleanup. [Jakub Onderka] - [internal] Fix event warnings without redis cache. [Jakub Onderka] - [internal] Move getting missing tlds list to model. [Jakub Onderka] - [internal] Refactoring warninglist loading and saving. [Jakub Onderka] - [internal] Simplified Event::__prepare... methods. [Jakub Onderka] - [internal] Attach warnings to proposals. [Jakub Onderka] - [internal] Rename Warninglist::simpleCheckForWarning to checkForWarning. [Jakub Onderka] - [complextype] Support for uppercase hashes. [Jakub Onderka] - [complextype] Speedup hash parsing from CSVs and freetexts. [Jakub Onderka] - [community] add the pisax.org logo. [Alexandre Dulaunoy] - [community] new pisax.org community added. [Alexandre Dulaunoy] - [cleanup] removed duplicate empty queue declaration. [Andras Iklody] - [appModel] Removed prio worker from the list of available workers to perform an update. [mokaddem] - [PyMISP] bump to latest version. [Alexandre Dulaunoy] - [Shell] Add MISP.osuser for updates. Fix #6368. [Richard van den Berg] - [markdownEditor] Adapt popover container if inside modal. [mokaddem] - [eventReports:markdownEditor] UI indication when hinting object's Attribute. [mokaddem] - [eventReport:markdownEditor] Improved invalid element UI. [mokaddem] - [mardownEditor] Added loading backdrop container. [mokaddem] - [eventReport:markdownEditor] Fetch MISP elements with a different request. [mokaddem] - [eventReport:markdownEditor] Changed popover's container. [mokaddem] - [eventReport:markdownEditor] Improved layout for invalid MISP Elements. [mokaddem] - [eventReports:helpModal] Fixed some typos. [mokaddem] - [events] Simplified attribute_count condition for `minimal` filter parameter. [mokaddem] - [event:updateEventReportBeforeSync] Make sure remote instance supports event report. [mokaddem] - [eventReport] Added entry in restResponseComponent. [mokaddem] - [eventReport:markdownEditor] Propose hints based on substring instead of start of the value. [mokaddem] - [eventReport:markdownEditor] Improved rendered object layout. [mokaddem] - [eventReport:markdownEditor] Improved rendered attribute layout. [mokaddem] - [eventReport:markdownEditor] Allow fetching tag data even if it isn't created on the instance. [mokaddem] - [eventReport:markdownEditor] Improved hint UI. [mokaddem] - [eventReport:markdownEditor] Improved cluster representation. [mokaddem] - [eventReport:markdownEditor] Increased the debounce delay when fetching tags. [mokaddem] - [eventReport] Added entry for referencing tags in markdownEditor's help modal. [mokaddem] - [internal] Simplified menu code. [Jakub Onderka] - [eventReport] Removed support of eventGraph. [mokaddem] - eventGraph can still be used as with attribute picture attachment - [eventReport] Replace ID by UUID when referencing MISP Elements. [mokaddem] - [missing attachment log] added affected orgs. [iglocska] - [warning lists] updated to the latest version. [Alexandre Dulaunoy] - [missing attachments] debug tool now logs event / attribute IDs. [iglocska] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [correlations] Really limit number of correlations, not number of attributes. [Jakub Onderka] - [internal] Initialize Job class just once. [Jakub Onderka] - [internal] Delete Redis key in pipeline. [Jakub Onderka] - [feed] Faster feed list fetching. [Jakub Onderka] - [correlations] Fetch just server of feed that has data in Redis. [Jakub Onderka] - [correlations] Allow to get more info about feed correlations also for host org users. [Jakub Onderka] - [correlations] Refactor feed cached correlations. [Jakub Onderka] - Bumped queryversion. [mokaddem] - [UI] Nicer warning box with link to show just warnings. [Jakub Onderka] - [internal] Initialize Log model just once. [Jakub Onderka] - [internal] Move addMISPExportFile from controller to model. [Jakub Onderka] - [internal] Move hex value convertor to misp.js. [Jakub Onderka] - [test] Lint all PHP and template files. [Jakub Onderka] - [UI] Show event creator for users within event org. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [eventReports:markdownEditor] Suggests available scope to references MISP Elements. [mokaddem] - [eventReports] Updated markdownEditor help modal. [mokaddem] - [eventReport] Added support of all galaxy matrixes. [mokaddem] - [eventReports] Event reports in modal use the generic views. [mokaddem] - [eventReport] Added rearrange function. [mokaddem] - [events:index] Minimal searches returns events having event reports and no attributes. [mokaddem] - [appmodel] Make sure to trigger the event report db update. [mokaddem] - [UI] Show full title for role permission. [Jakub Onderka] - [mail] Another code cleanup for alert and contact mails template. [Jakub Onderka] - [mail] Use same format for contact email as for alert. [Jakub Onderka] - [mail] Add unsubscribe info also for non encrypted mails. [Jakub Onderka] - [mail] Simplified mail generation. [Jakub Onderka] - [mail] Cleanup mail sending code for event alerts. [Jakub Onderka] - [mail] TLP in subject should be uppercase. [Jakub Onderka] - [internal] Simplify objects conditions. [Jakub Onderka] - [internal] Use cached sharing groups IDs when fetching objects. [Jakub Onderka] - [internal] Invalid message for UUID contains that UUID must be RFC 4122 compliant. [Jakub Onderka] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [users] Refined login form selector. [mokaddem] - [log] Convert shadowAtribute's fs/ls into understood format. [mokaddem] - [log] Convert object's fs/ls into understood format. [mokaddem] - [events:recover_event] Adapt flash message if mock query requested. [mokaddem] - [aclcomponent] Added recovery features in ACLComponent. [mokaddem] - [event] Forced usage of worker for event recovery. [mokaddem] - [events] Usage of `fix_login` in restoreDeletedEvents. [mokaddem] - [warning-lists] regenerated. [Alexandre Dulaunoy] - [eventreport] Make sure the format is correct when capturing. [mokaddem] - [eventReport] Includes event data when fetching event report from non- admin users. [mokaddem] - [eventReports] Improved returned data from controller. [mokaddem] - [restResponseComponent] Allow saveFailResponse and saveSuccessResponse to return data. [mokaddem] - [markdownEditor] Split eventReport related code to their own files. [mokaddem] - [markdownEditor] Move markdown editor to a generic file name. [mokaddem] - [eventReport] Added comments. [mokaddem] - [eventReports] Prevent fields override. [mokaddem] - [eventReport] Moved event unpublishing to model. [mokaddem] - [eventReport] Started refactoring model - WiP. [mokaddem] - [eventReports] Refactored indexes. [mokaddem] - [eventReports] Major refactoring - WiP. [mokaddem] - [eventReport] Improved authorization error reporting. [mokaddem] - [eventReports] Added event unpublishing. [mokaddem] - [eventReports] Few UI improvements. [mokaddem] - [server] Allow to sync events if they only have event report. [mokaddem] - [server] Added distribution downgrade for event report sync. [mokaddem] - [eventReport] Generic improvements and light integration with fetchEvent and sync support. [mokaddem] - [eventReports:edit] Improved title. [mokaddem] - [eventReports] Improved default index and prevent edition if deleted. [mokaddem] - [eventReport] Allow adding event report from the index. [mokaddem] - [eventReport] Improved deletion/restoration via the API. [mokaddem] - [eventReport:edit] Allow to edit individual fields and better error reporting. [mokaddem] - [eventReport] Improved sidemenu integration. [mokaddem] - [eventReports] Added redirects. [mokaddem] - [markdownEditor] Moved MISP Element rule menu to correct file. [mokaddem] - [markdownEditor] Prevent scrolling top when clicking on menu links. [mokaddem] - [markdownEditor] Line number for scroll sync should be in default js file. [mokaddem] - [eventreport] Set correct context when POSTing report creation. [mokaddem] - [event:view] Automatically open event report table. [mokaddem] - [eventreports] Reload event report table after report creation. [mokaddem] - [eventReports] Deleted unused file. [mokaddem] - [eventReport] Improved UI and added support of soft/hard deletion. [mokaddem] - [eventReport] Started rework on CRUD operations - WiP. [mokaddem] - [markdownEditor] Increased debounced render timer. [mokaddem] - [markdownEditor] highlight unsaved changes. [mokaddem] - [markdownEditor] Support of lastmodified and UI improvements when saving. [mokaddem] - [markdownEditor] Fixes z-index if viewport too small. [mokaddem] - [markdownEditor] Added support of trailing characters such as `.` after MISP element reference. [mokaddem] - [markdownEditor] Renamed markdownViewer into markdownEditor and split web deps from view file. [mokaddem] - [markdownViewer] Added cache for attackmatrix and eventgraph. [mokaddem] - [markdownViewer] Improved perfs and light support of permissions. [mokaddem] - [eventReport] Centralized elements proxy for markdownViewer. [mokaddem] - [markdownViewer] Displayed objects show the attribute with highest ui- priority. [mokaddem] - [markdownViewer] Improved popover placement. [mokaddem] - [markdownViewer] Added help for plugins. [mokaddem] - [markdownViewer] Improved object rendering. [mokaddem] - [markdownViewer] Improved attribute rendering. [mokaddem] - [markdownViewer] Simplified help. [mokaddem] - [markdownViewer] Add support of colors in attack matrix when printing. [mokaddem] - [markdownViewer] Improved help. [mokaddem] - [markdownViewer] Added more help. [mokaddem] - [markdownViewer] Added support of attack matrix. [mokaddem] - [markdownViewer] Added toggles in editor bottom bar. [mokaddem] - [markdownViewer] Added notice if couldn't fetch event graph. [mokaddem] - [markdownViewer] Improved support of eventgraph. [mokaddem] - [markdownViewer] Added drafty support of event graph. [mokaddem] - [markdownViewer] Added block picture in viewer and text in help. [mokaddem] - [markdownViewer] Added dismiss button for popover. [mokaddem] - [markdownViewer] Popover support of MISP Elements. [mokaddem] - [markdownViewer] Checkbox for autocomplete while typing. [mokaddem] - [markdownViewer] Added more shortcuts. [mokaddem] - [markdownViewer] Slightly improved help modal. [mokaddem] - [markdownViewer] Added help modal. [mokaddem] - [markdownViewer] Ask confirmation before saving. [mokaddem] - [markdownViewer] Added download button for pdf and md (both types) [mokaddem] - [eventReports:view] Added link to event. [mokaddem] - [markdownViewr] Autocomplete triggers automatically when typing. [mokaddem] - [markdownViewer] Improve hint suggestions for MISP Elements. [mokaddem] - [markdownViewer] Improved top bar UI and added editor helpers. [mokaddem] - [eventReport] Improved integration with event index. [mokaddem] - [markdownViewer] Added custom rendering for MISP elements. [mokaddem] - [markdownViewer] Improved scroll map in modal. [mokaddem] - [markdownViewer] Improved layout and added draft of sync-scroll. [mokaddem] - [markdownViewer] Improved split layout. [mokaddem] - [infoModal] Added support of xl modal body. [mokaddem] - [markdownViewer] Improved layout with resizer. [mokaddem] - [markdownViewer] Improved layout and added codemirror addons. [mokaddem] - [markdownEditor] Added codemirror dependency. [mokaddem] - [markdownViewer] Added syntax highlighing. [mokaddem] - [markdownView] Improved layout. [mokaddem] - [eventReport] Improved models and markdown editor. [mokaddem] - [eventReport] Added markdown-it dependency and started integration - WiP. [mokaddem] - [eventReport] Continuation of implementation - WiP. [mokaddem] Fix ~~~ - [server] caching notice fixed. [iglocska] - [UI] Do not show quick edit for deleted attributes and when user don't have permission. [Jakub Onderka] - [UI] Show error for user if activateField request fail. [Jakub Onderka] - [eventReport] Include just tags that belongs to requested event or its parent, not to other child. [Jakub Onderka] - [eventReport] Properly validate UUID. [Jakub Onderka] - [eventReport] Optimize loading by UUID. [Jakub Onderka] - [eventReport] Template loading condition. [Jakub Onderka] - [UI] Remove checkbox from objects. [Jakub Onderka] - [UI] Correctly remove checked attributes after page reload. [Jakub Onderka] - [internal] Missing variable. [Jakub Onderka] - [internal] Remove unnecessary class initialization. [Jakub Onderka] - [UI] Remove space after referecence link. [Jakub Onderka] - [UI] Reset popover box after closing. [Jakub Onderka] - [UI] Remove underline from icons. [Jakub Onderka] - [validation] Correct validation for iban, bic, btc, dash and xmr attributes. [Jakub Onderka] - [validation] Normalize mac-address and mac-eui-64 to lowercase. [Jakub Onderka] - [validation] Do not accept floats where should be just integers. [Jakub Onderka] - [correlations] Disable correlation for port part in hostname|port type. [Jakub Onderka] - [stix1 framing] Added Custom objects namespace. [chrisr3d] - [UI] Set title for atomic/extended switch. [Jakub Onderka] - [UI] Put current language to HTML element. [Jakub Onderka] - [UI] Element ID must be unique. [Jakub Onderka] - [UI] Try to fix broken form quick edit submit with CTRL+ENTER. [Jakub Onderka] - [UI] Provide description for pivot remove button. [Jakub Onderka] - [UI] Provide description for search button. [Jakub Onderka] - [UI] Remove unused parts from row_proposal template. [Jakub Onderka] - [UI] Remove objectType is zero checks. [Jakub Onderka] - [UI] Normalize quck add attribute for object with other forms. [Jakub Onderka] - [UI] Change new object attribute information margin. [Jakub Onderka] - [UI] objectAddFieldTr should not cover checkbox. [Jakub Onderka] - [UI] Proposal to delete should be considered as proposal. [Jakub Onderka] - [UI] Make proposal links visible. [Jakub Onderka] - [UI] Nicer proposal HTML code. [Jakub Onderka] - [UI] Base url for OrgImgHelper. [Jakub Onderka] - [UI] Show warning if notification when creating new user could not be send. [Jakub Onderka] - [UI] Provide proper description for S/MIME cert. [Jakub Onderka] - [internal] Properly convert `hostname|port` when delimiter is `:` [Jakub Onderka] - [validation] Convert vulnerability attribute to uppercase. [Jakub Onderka] - [validation] Float validation. [Jakub Onderka] - [mail] S/MIME certificate validation, fixes #6424. [Jakub Onderka] - [freetext] Do not load event page twice when saving freetext. [Jakub Onderka] - [UI] Add space after icon. [Jakub Onderka] - [UI] Non breakable space between hidden value and icon. [Jakub Onderka] - [UI] Remove not used organisation landing page. [Jakub Onderka] - [internal] Remove unused $page variable. [Jakub Onderka] - [UI] Do not hide some errors. [Jakub Onderka] - [internal] Check if module has defined userConfig. [Jakub Onderka] - [db_schema] Bumped schema with the changes. [mokaddem] - [eventReports] Renamed function to make it more explicit and avoid function name override. [mokaddem] - [ACLComponent] Added missing entry and removed invalid warnings. [mokaddem] - [UI] Hover enrichment popover overflowing. [Jakub Onderka] - [UI] Remove margin from long value pre. [Jakub Onderka] - [internal] Array to string conversion when constructing request. [Jakub Onderka] - [freetext] Convert CVE string to uppercase to follow attribute validation. [Jakub Onderka] - [UI] Bigger margin for extend this event button. [Jakub Onderka] - [UI] Clear input value when clicking cancel for attribute search. [Jakub Onderka] - [UI] #attributesFilterField doesn't exists anymore. [Jakub Onderka] - [UI] Show loading also for down attribute paginator. [Jakub Onderka] - [UI] Remove unnecessary br from eventattribute template. [Jakub Onderka] - [UI] Remove unused page argument for sighting form. [Jakub Onderka] - [UI] Fix IDS toggle permission in attribute view. [Jakub Onderka] - [UI] Return back sighting popover. [Jakub Onderka] - [UI] Remove duplicate request for quick filter. [Jakub Onderka] - [UI] Disable To IDS checkbox if user don't have persmission to modify event. [Jakub Onderka] - [internal] Removed unused template. [Jakub Onderka] - [UI] Use pointer cusros for template choice button. [Jakub Onderka] - [decayingModelSimulation] Correctly extract part of atomic tags. [mokaddem] - [tags:attachTagToObject] Respect case when searching tags. [mokaddem] - [tags:attachTagsToObject] Respect case when attaching tags. Fix #6380. [mokaddem] - [UI] Showing active menu item when viewing noticelist. [Jakub Onderka] - [UI] Showing item in side menu for org admin. [Jakub Onderka] - [UI] Check more menu ACLs. [Jakub Onderka] - [UI] Do not show empty global menu item. [Jakub Onderka] - [UI] User guide link. [Jakub Onderka] - [warnings] enforceWarninglist works again. [Jakub Onderka] - [warnings] Cache deletion. [Jakub Onderka] - [warninglists] Include warning for merged events. [Jakub Onderka] - [warnings] Attach warnings to feed and server event preview. [Jakub Onderka] - [internal] IPv6 CIDR warninglist. [Jakub Onderka] - [server:workerDiagostics] Default queue status to false. [mokaddem] - [tag filters] fixed ridiculously long lists for tag filters. [iglocska] - [CLI] missing ; [iglocska] - [server] Do not limit TLD to 5 characters. Fix #6342. [Richard van den Berg] - [internal] Variable should be defined all the time. [Jakub Onderka] - [proposal] No return when org is not defined. [Jakub Onderka] - [eventReports:markdownEditor] Force close the popover if parent element not found. [mokaddem] - [eventReport] Do not try to fetch report after successful hard deletion. [mokaddem] - [markdownEditor] Reset width in editor's split mode when swiching to fullscreen. [mokaddem] - [eventReport:markdownEditor] render markdown once MISP elements have been fetched. [mokaddem] - [eventReport] Improved variable name and do not crash if event is not extending another one. [mokaddem] - [eventReports] Typo in variable name. [mokaddem] - [markdownEditor] Layout glitch with resizeable helper and fullscreen. [mokaddem] - [misp] Allow re-showing hidden popover after creation. [mokaddem] - [eventReports:index] Fixed quicksearches. [mokaddem] - [eventReport:markdowEditor] Make add galaxy-matrix shortcut works. [mokaddem] - [server:push] Correctly return message when using API. [mokaddem] - [event:push] Setup requests headers before sending request. [mokaddem] - [server:push] Allow pushing events only having event reports. [mokaddem] - [event:updateEventReportBeforeSync] Init httpSocket. [mokaddem] - [tags:search] Make sure the predicate exists in the taxonomy. [mokaddem] - [eventReport:markdownEditor] Improved colors of attributes and objects in printing view. [mokaddem] - [eventReport:markdownEditor] Parse all tags in a line instead of the last one. [mokaddem] - [eventReport:markdownEditor] Avoid override of legitimate tags if they don't have data linked to them. [mokaddem] - [eventReport:markdownEditor] Prevent error while opening popover for unknown tags. [mokaddem] - [doc] Document "cake Server pullAll" [Richard van den Berg] - [attachment checker] invalid lookup. [iglocska] - [missing attachment log] fixed issue with orgs not being logged. [iglocska] - [attachment checks] output of logging cleaned up. [iglocska] - [events] Added loading indicator when paginating on event's attribute table. [mokaddem] - [hacky] readded org field to shadow attributes - just blank it out for old instances where the update failed to remove it a few years ago. [iglocska] - [sync] better logging of error messages and handle the user ID not being set by background processes. [iglocska] - [correlations] Properly delete feeds caches. [Jakub Onderka] - [internal] Remove duplicates from cancelPopoverForm. [Jakub Onderka] - [UI] Popup size. [Jakub Onderka] - [decaying] 2-tag base_score ratio. Fix #6352. [mokaddem] - [attribute] Typo in regex. Fix #6354. [mokaddem] - [UI] Make attribute/object focus work again. [Jakub Onderka] - [internal] Remove dead code from template. [Jakub Onderka] - [internal] Undefined variable base_url for idTranslator. [Jakub Onderka] - [UI] Show error for user if file for import is invalid. [Jakub Onderka] - [UI] Hex and binary convertor. [Jakub Onderka] - [UI] Show properly formatted attribute value after quick edit. [Jakub Onderka] - [UI] Show proper menu when using even import module. [Jakub Onderka] - [internal] Prepare for PHP8. [Jakub Onderka] - [internal] Fix tests for missing ACL. [Jakub Onderka] - [UI] Custom password reset link is absolute. [Jakub Onderka] - [internal] Typo in perm name. [Jakub Onderka] - [internal] Do not fetch more info than necessary. [Jakub Onderka] - [eventReports] Use correct data path to access org_c. [mokaddem] - [eventReport] Deleted report can be restored by non-admin users. [mokaddem] - [ACL] Permissions when sending contact and alert emails. [Jakub Onderka] - [internal] Conditions when object distribution is set to org only. [Jakub Onderka] - [internal] Fetching objects with attachments. [Jakub Onderka] - [internal] Remove duplicate check for published event when fetch objects. [Jakub Onderka] - [internal] Remove duplicate conditions for object restSearch. [Jakub Onderka] - [internal] Code style. [Jakub Onderka] - [internal] Invalid conditions for sharing group when fetching objects. [Jakub Onderka] - [internal] Bad merge. [Jakub Onderka] - [server] Downgrade distribution of objects when pulling. [mokaddem] - [recovery] various fixes. [iglocska] - to_ids fixed - background processing made optional - first/last seen format conversion altering the data's format for the recovery script fixed - added capture of object first/last seen to the recovery script - [log:event_recovery] Delete blocklist entry for recovered event. [mokaddem] - [objectReference] Do no reset timestamp to current time if already provided. [mokaddem] - [log] Convert attribute's fs/ls into understood format. [mokaddem] - [events:recover_event] Fixed URL. [mokaddem] - [merge issue] resolved. [iglocska] - [attributes] Restored action on tags in mass edit. [mokaddem] - Added missing test mechanisms mapping mapping. [chrisr3d] - [validation] make publish_timestamp on the event object more resilient to malformed empty values. [iglocska] - [eventReport] Do not ignore `false` fields when editing. [mokaddem] - [event] Delete event report when deleting event. [mokaddem] - [eventReport] changed beforeFilter signature to avoid notice. [mokaddem] - [eventReports] Add view variables before rendering. [mokaddem] - [event] Use correct function name. [mokaddem] - [markdownEditor] Make viewer works inside modal. [mokaddem] - [markdownEditor] Post split bugs. [mokaddem] - [markdownViewer] Fixed missing event_id. [mokaddem] - [markdownViewer] Regenerate scroll map after resize + layout improvement. [mokaddem] - [datetime] Failed merge. [mokaddem] - [attribute tag culling] fixed. [iglocska] - no longer hides tags that should be included in the export Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'tagfix' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into HEAD. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6414 from JakubOnderka/user-view-ui. [Jakub Onderka] Flag icons and country list - Merge branch '2.4' into event-report-optimisations. [mokaddem] - Merge pull request #6447 from JakubOnderka/as-normalization. [Alexandre Dulaunoy] chg: [internal] Normalize AS type to asplain notation - Merge pull request #6446 from JakubOnderka/module-import-speedup. [Jakub Onderka] chg: [internal] Speedup sending module results - Merge pull request #6289 from JakubOnderka/save-sighting-optim. [Jakub Onderka] chg: [internal] Sighting saving optimisation - Merge pull request #6442 from JakubOnderka/event-ui-vol4. [Jakub Onderka] Event UI fixes vol4 - Merge pull request #6416 from JakubOnderka/event-view-fix. [Alexandre Dulaunoy] Remove object checkbox - Merge pull request #6440 from JakubOnderka/event-ui-vol3. [Jakub Onderka] Event ui vol3 - Merge pull request #6439 from nighttardis/2.4. [Jakub Onderka] Syntax fix for session.cookie_samesite - Merge pull request #1 from nighttardis/nighttardis-core-php-syntax. [nighttardis] Update core.default.php - Update core.default.php. [nighttardis] Fixing PHP syntax error that appears on PHP 7.4 - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6436 from JakubOnderka/attribute-validation. [Jakub Onderka] Attribute validation - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6429 from cudeso/2.4. [Alexandre Dulaunoy] Send a message to ZMQ when an event from a connected server is added or edited - Send message to ZMQ when there is event add/edit coming from a connected server. [Koen Van Impe] - Merge remote-tracking branch 'MISP/2.4' into 2.4. [Koen Van Impe] - Merge pull request #6438 from JakubOnderka/hostname-port-correlation. [Jakub Onderka] fix: [correlations] Disable correlation for port part in hostname|port - Merge pull request #6400 from JakubOnderka/cookie-samesite-lax. [Jakub Onderka] chg: [cookie] Set session cookie SameSite to Lax to avoid browser warnings - Merge pull request #6423 from JakubOnderka/view-event-small-ui- changes. [Jakub Onderka] View event small ui changes - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6432 from JakubOnderka/smime. [Jakub Onderka] Smime - Merge pull request #6418 from JakubOnderka/revise-object-validation. [Jakub Onderka] Revise object validation - Merge pull request #6425 from JakubOnderka/fix-smime-certificate- validation. [Jakub Onderka] fix: [mail] S/MIME certificate validation - Merge pull request #6417 from JakubOnderka/fetch-event-optimisation. [Jakub Onderka] Fetch event optimisation - Merge pull request #6422 from JakubOnderka/shadow-attribute-code- cleanup. [Jakub Onderka] chg: [internal] Cleanup and simplify ShadowAttribute model code - Merge pull request #6421 from JakubOnderka/freetext-background. [Jakub Onderka] Freetext background processing - Merge pull request #6420 from JakubOnderka/user-organisation-ui- changes. [Jakub Onderka] User and organisation pages UI changes - Merge pull request #6419 from JakubOnderka/event-template-cleanup. [Jakub Onderka] fix: [internal] Remove unused $page variable - Merge pull request #6395 from JakubOnderka/module-fixes. [Jakub Onderka] Module fixes - Merge pull request #6300 from JakubOnderka/validate-gpg-key. [Jakub Onderka] Validate gpg key - Merge pull request #6413 from JakubOnderka/external-links-secure. [Jakub Onderka] chg: [UI] Make external links more secure - Merge pull request #6412 from mokaddem/feature-event-report. [Alexandre Dulaunoy] [feature] Event Report - Merge remote-tracking branch 'origin/2.4' into feature-event-report. [mokaddem] - Merge pull request #6405 from JakubOnderka/hover-ui. [Jakub Onderka] Change hover enrichment user interface - Merge pull request #6397 from JakubOnderka/zip-error-messages. [Jakub Onderka] chg: [internal] Better error messages for unzipping feed file - Merge pull request #6398 from JakubOnderka/ui-long-values-vol2. [Jakub Onderka] fix: [UI] Remove margin from long value pre - Merge pull request #6393 from JakubOnderka/ui-long-values. [Jakub Onderka] Ui long values - Merge pull request #6394 from JakubOnderka/fix-array-to-string- conversion. [Jakub Onderka] fix: [internal] Array to string conversion when constructing request - Merge pull request #6396 from JakubOnderka/freetext-cve-import. [Jakub Onderka] fix: [freetext] Convert CVE string to uppercase - Merge pull request #6381 from JakubOnderka/ui-small-fixes-vol2. [Jakub Onderka] UI small fixes - Merge pull request #6385 from JakubOnderka/sighting-fetch-optim. [Jakub Onderka] Sighting fetch optim - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6388 from JakubOnderka/attribute-search-optim. [Jakub Onderka] chg: [internal] Much faster attribute search - Merge pull request #6384 from JakubOnderka/event-load-optim. [Jakub Onderka] Event load optim - Merge pull request #6348 from JakubOnderka/version-fetch-optim. [Jakub Onderka] chg: [optimisation] Load MISP version and commit just once - Merge pull request #6382 from JakubOnderka/fetch-sightings-faster. [Jakub Onderka] chg: [internal] Optimise fetching sightings for object - Merge pull request #6359 from JakubOnderka/acl-menu-item. [Jakub Onderka] Acl menu item - Merge pull request #6335 from JakubOnderka/warninglist-cache. [Jakub Onderka] Warninglist Redis cache - Merge pull request #6378 from JakubOnderka/feed-metadata-validation. [Jakub Onderka] new: [build] Validate also feed metadata rules and settings JSON contents - Merge branch 'fetcher_debug' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into fetcher_debug. [iglocska] - Merge pull request #6377 from JakubOnderka/freetext-hash-parsing. [Jakub Onderka] chg: [complextype] Speedup hash parsing from CSVs and freetexts - Merge pull request #6370 from MISP/fix-update-no-prio. [Andras Iklody] Fix update no prio - Update Server.php. [Andras Iklody] - Merge pull request #6373 from RichieB2B/issue-6368. [Andras Iklody] Allow OS user to be set for upgrades - Merge pull request #6375 from RichieB2B/issue-6342. [Andras Iklody] Do not limit TLD to 5 characters - Merge pull request #6374 from JakubOnderka/test-fix. [Jakub Onderka] Test fix - Merge branch '2.4' of github.com:MISP/MISP into feature-event-report. [mokaddem] - Merge pull request #6360 from JakubOnderka/menu-simplified. [Jakub Onderka] chg: [internal] Simplified menu code - Merge pull request #6372 from RichieB2B/ncsc-nl/pullAll. [Andras Iklody] Document "cake Server pullAll" - Merge pull request #6362 from imidoriya/2.4. [Andras Iklody] Fix date filter on to / from #6239 - Filter Event Date - convert timestamp to datetime. [deku] PyMisp sends the to / from as a timestamp. MISP needs to convert a timestamp when comparing. - Merge branch '2.4' of github.com:MISP/MISP into feature-event-report. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Revert "fix: [tag] Show correct count of tag attributes and events" [iglocska] This reverts commit e644f4ea4c01e1f8018133d2a82aa3c321fff98d. - Revert "chg: [internal] Optimise fetching sightings for object" [iglocska] This reverts commit e442a394cd4ee7e3797151d8146992d4b1a2bee6. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6357 from JakubOnderka/feed-correlation-refactor. [Jakub Onderka] chg: [correlations] Refactor feed cached correlations - Merge pull request #6346 from JakubOnderka/truncate-long-values. [Jakub Onderka] Truncate long values - Merge pull request #6345 from JakubOnderka/pivot-directly. [Jakub Onderka] new: [UI] Go directly to object reference when referenced object is on the same page - Merge pull request #6350 from rmkml/2.4. [Andras Iklody] fix #6336 vhash - Fix #6336 vhash. [rmkml] - Merge pull request #6351 from JakubOnderka/template-dead-code. [Jakub Onderka] Template dead code - Merge pull request #6333 from JakubOnderka/id-translator-fix. [Jakub Onderka] fix: [internal] Undefined variable base_url for idTranslator - Merge pull request #6349 from JakubOnderka/warninglist-box. [Jakub Onderka] chg: [UI] Nicer warning box with link to show just warnings - Merge pull request #6344 from JakubOnderka/misp-file-import. [Jakub Onderka] Misp file import error message - Merge pull request #6347 from JakubOnderka/hex-binary-convertor. [Jakub Onderka] Hex binary convertor - Merge pull request #6343 from JakubOnderka/after-attribute-edit. [Jakub Onderka] fix: [UI] Show properly formatted attribute value after quick edit - Merge pull request #6340 from JakubOnderka/import-ui. [Jakub Onderka] fix: [UI] Show proper menu when using even import module - Merge pull request #6339 from JakubOnderka/lint. [Jakub Onderka] chg: [test] Lint all PHP and template files - Merge pull request #6338 from JakubOnderka/password-reset-absolute. [Jakub Onderka] fix: [UI] Custom password reset link is absolute - Merge pull request #6334 from JakubOnderka/role-typo-fix. [Jakub Onderka] fix: [internal] Typo in perm name - Merge pull request #6330 from JakubOnderka/event-creator. [Jakub Onderka] chg: [UI] Show event creator for users from event org - Merge pull request #6331 from RichieB2B/ncsc-nl/spaces. [Andras Iklody] Remove extraneous spaces from E-mail subject - Remove extraneous spaces from E-mail subject. [Richard van den Berg] - Merge remote-tracking branch 'origin/2.4' into feature-event-report. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6328 from JakubOnderka/role-ui-full-label. [Jakub Onderka] chg: [UI] Show full title for role permission - Merge pull request #6090 from JakubOnderka/tlp-uppercase. [Jakub Onderka] chg: [mail] Refactor email generating - Merge pull request #6327 from JakubOnderka/fix-object-conditons-vol2. [Jakub Onderka] fix: [internal] Conditions when object distribution is set to org only - Merge pull request #6326 from JakubOnderka/fix-object-conditions. [Jakub Onderka] Fix object conditions - Merge branch 'event_recovery' into 2.4. [iglocska] - Merge branch '2.4' into event_recovery. [iglocska] - Merge pull request #6325 from rmkml/2.4. [Alexandre Dulaunoy] fix #6266 vhash & - Fix #6266 vhash & [rmkml] - Merge pull request #6322 from JakubOnderka/invalid-uuid-message. [Jakub Onderka] chg: [internal] Invalid message for UUID contains that UUID must be RFC 4122 - Merge pull request #6315 from eschultze/2.4. [Alexandre Dulaunoy] Fix id 117 column number - Fix id 117 column number. [eschultze] - Merge branch 'event_recovery' of github.com:MISP/MISP into event_recovery. [iglocska] - Merge branch 'event_recovery' of github.com:MISP/MISP into event_recovery. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into event_recovery. [iglocska] - Merge branch '2.4' into event_recovery. [iglocska] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' into event_recovery. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into feature-event-report. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-event-report. [mokaddem] v2.4.132 (2020-09-15) --------------------- Changes ~~~~~~~ - [version] bump. [iglocska] - [queryversion] Bumped. [mokaddem] - [bootstrap-datepicker] Updated to version 1.9.0. [mokaddem] - [appmodel] New entry to create an upper bound for the unwanted action through login. [mokaddem] This will be used by recovery scripts - [sightings] anonymise pushed sightings using new Sightings_anonymise_as setting. [Richard van den Berg] - [events] Make sure the fetched form is hidden. [mokaddem] - [events] Index table delete buttons switch to fetch then post. [mokaddem] - [internal] Better error handling when pushing event to remote server. [Jakub Onderka] - [internal] Ensure that UUID is always lowecase and real UUID. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [users] Avoid POSTing forms not linked to the login page resulting in unwanted actions. [mokaddem] - As reported by Michael Kerscher - [tag filters] fixed a bug introduced with the previous filter fix, resulting in multiple OR tags being ignored as a valid filter. [iglocska] - [Server] only push events/sightings when selected. [Richard van den Berg] - [cleanup] [iglocska] - [cleanup] [iglocska] - [string concat] fix. [iglocska] - [cleanup] debug. [iglocska] - [internal] Correctly handle positive tag filters for non site admins. [iglocska] - tag filters were ignored incorrectly when it was a positive lookup - [internal] Nonsense index names. [Jakub Onderka] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Bumped db_schema. [Sami Mokaddem] - Merge branch 'fix-login' into 2.4. [mokaddem] - Merge pull request #6310 from RichieB2B/ncsc-nl/selective-push. [Andras Iklody] Only push events/sightings when selected for server - Merge pull request #6308 from RichieB2B/ncsc-nl/anonymise-as. [Andras Iklody] Anonymise pushed sightings - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6286 from JakubOnderka/push-error-handling. [Jakub Onderka] chg: [internal] Better error handling when pushing event to remote se… - Merge pull request #6272 from JakubOnderka/uuid-validation. [Jakub Onderka] v2.4.131 (2020-09-08) --------------------- New ~~~ - [types] pgp-public-key/pgp-private-key added. [iglocska] - [internal] filter "type" added for the internal fetcher. [iglocska] - appends email as a type if email-src/email-dst are found - [types] email added as a new type, affects #6281. [iglocska] - [diagnostic] Check if database index is unique. [Jakub Onderka] - [API] added count returnformat for the REST api, fixes #6233. [iglocska] - simply counts the number of attributes/events found (on each respective scope) - [ACL] event blacklisting fully opened up to host org users. [iglocska] - also added a new special permission for the ACL system host_org_user - which will evaluate whether the user is in the org configured in the MISP.host_org_id directive Changes ~~~~~~~ - Bumped MISP objects latest version. [chrisr3d] - [version] bump. [iglocska] - [PyMISP] Bump version. [Raphaël Vinot] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [blocklist] Add comment for automatic event blocklist. [Jakub Onderka] - [internal] Faster tag fetching for events. [Jakub Onderka] - [internal] Little optimise Event::getRelatedAttributes. [Jakub Onderka] - [internal] Optimise Event::getRelatedEvents for non correlated events. [Jakub Onderka] - [internal] Optimise Event::__attachReferences method. [Jakub Onderka] - [PyMISP] bump. [Alexandre Dulaunoy] - [attributes] to_ids for new email type. [Alexandre Dulaunoy] - [PyMISP] bump (due to describetypes) [Alexandre Dulaunoy] - [attribute] pgp is not php ;-) [Alexandre Dulaunoy] - [event] Deduplicate related events for extended view. [Jakub Onderka] - [event] Deduplicate tags for extended view. [Jakub Onderka] - [type] email-src/email-dst descriptions redefined. Also added email to the person category. [iglocska] - [OpenIOC] email type added to the export tool. [iglocska] - [complex parser] added email as an option for parsed email addresses. [iglocska] - [openioc] added email type. [iglocska] - [nids] added email type. [iglocska] - [bro] added email type. [iglocska] - Bumped queryversion. [Sami Mokaddem] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [db_schema] Updated schema to reflect the change with allowlist and blocklist. [mokaddem] - [misp.js] Correctly check if the variable exists before comparing. [mokaddem] - [misp.js] Make sure the selector path is a valid selection string. [mokaddem] - [jquery] Bumped jQuery to version 3.5.1. [mokaddem] - [internal] Deduplicate code for event conditions. [Jakub Onderka] - [internal] Much faster quick filter. [Jakub Onderka] - [internal] Initialize Feed class just once. [Jakub Onderka] - [internal] Unsetting SharingGroup is not necessary. [Jakub Onderka] - [internal] Remove unused Event::getAccessibleEventIds. [Jakub Onderka] - [internal] Remove duplicate event_creator_email fetching. [Jakub Onderka] - [internal] Simplified putting attributes to objects. [Jakub Onderka] - [internal] Use faster fetcher for viewing sightings. [Jakub Onderka] - [JS libraries] Updated to latest version. [mokaddem] - Bump PyMISP. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [internal] Using Allowedlist instead of Whitelist. [Golbark] - [internal] Using blocklist instead of blacklist. [Golbark] - [internal] Removed unused variables. [Jakub Onderka] - [internal] Event::__escapeCSVField is not used. [Jakub Onderka] - [internal] Event::generateRandomFileName just redefines AppModel method. [Jakub Onderka] - [internal] Validation issues are already checked by fetcher. [Jakub Onderka] - [internal] Warninglist::filterWarninglistAttributes takes just two arguments. [Jakub Onderka] - [event] Deduplicate attribute related tags. [Jakub Onderka] - [db_schema_diagnostic] Do not display remediation queries if an update is in progress. [mokaddem] - Install poetry in home directory. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [stix import] Importing test mechanisms from indicators as yara rules. [chrisr3d] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Made the globalVariables more flexible when you need to override them. [Steve Clement] - [internal] Optimise fetching sightings for object. [Jakub Onderka] - [internal] Less SQL queries for event index page. [Jakub Onderka] - [internal] Distribution is checked by SQL. [Jakub Onderka] - [internal] Remove not necessary code. [Jakub Onderka] - [internal] Remove unused code. [Jakub Onderka] - [PyMISP] bump PyMISP. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [API] GET requests on restsearch with no parameters are no longer allowed. [iglocska] - warn the user of the use of GET queries with posted JSON bodies - [UI] Nicer selector for attribute search. [Jakub Onderka] - [correlation] Fetch just necessary fields. [Jakub Onderka] - [cleanup] removed duplicate check in beforefilter() of the eventblacklists controller. [iglocska] Fix ~~~ - [widgets] Adding images by default on the repository (#6298) [Loïc Fortemps] - [validation] relaxed first/last/middle name validation. [iglocska] - [objects] edit fails due to invalid URLs used fixed. [iglocska] - [internal] fix to various CLI commands breaking on the IP field in the log table not having a default value, fixes #6263. [iglocska] - [internal] Fetch related events for merged events just when necessary. [Jakub Onderka] - [db_schema] Missing index for feeds.orgc_id. [Jakub Onderka] - [UI] Blocklist mass delete. [Jakub Onderka] - [UI] Event blocklist. [Jakub Onderka] - Support IE with no template literal support. [Tom King] - [internal] Respect ACL for event attribute search. [Jakub Onderka] - [stix2 import] Quick fix on external indicator parsing. [chrisr3d] - Specifying the indicator version while testing if the object is an indicator to avoid issues - Also added a small warning message for debugging purposes when we face issues to parse the pattern types - [stix2 import] Making sure we do not lose the event uuid. [chrisr3d] - [stix2 import] Removed useless test in relationships parsing. [chrisr3d] - [stix2 import] Fixed external patterns parsing. [chrisr3d] - Avoiding brackets to be imported with the type and value within attributes - Going with 55095910c - [API] blocklist behaviour index via the API returns empty list. [iglocska] - fixed - [stix2 import] Fixed external pattern types parsing. [chrisr3d] - Avoiding issues with patterns containing parts within brackets and separated by OR statements giving results like "[file" instead of "file" - [cluster:index] Prevent highlighting non existing JSON. [mokaddem] - [popovers] Prevent closing inexisting popovers. [mokaddem] - [userSettings:set_home_page] Added missing view file. Fix #6245. [mokaddem] - [serverShell:cacheFeeds] Correct usage of __n function. Fix #6238. [mokaddem] - [appmodel] Create indexes after the column has been added. [mokaddem] - [stix import] Handling potential key errors with test mechanism types. [chrisr3d] - [otp] Allow to send encrypted OTP by mail. [Jakub Onderka] - [stix import] Preventing external observables & ttps parsing to fail. [chrisr3d] - Testing if observables have properties before trying to parse observable properties - Catching exceptions when ttps cannot be parsed - Should fix #6250 - [internal] loading a missing proposal attachment leads to an exception. [iglocska] - should be silently logged and notice error sent - [enrich event] Typo. [chrisr3d] - [enrich event] Avoid freetext results to end up lost in the interstellar space of orphaned attributes with no event_id. [chrisr3d] - [tag] Show correct count of tag attributes and events. [Jakub Onderka] - [UI] Event attribute filters works again. [Jakub Onderka] - [JS] Issue #6226 when adding object reference. [Jakub Onderka] - [JS] broken URLs due to the baseurl refactor. [iglocska] - no need to prepend URLs taken from the forms themselves directly. - [internal] Remove unused compositeTypes variable. [Jakub Onderka] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #6297 from JakubOnderka/fix-merging-events. [Jakub Onderka] fix: [internal] Fetch related events for merged events just when necessary - Merge pull request #6296 from JakubOnderka/2.4. [Jakub Onderka] fix: [db_schema] Missing index for feeds.orgc_id - Merge pull request #6293 from JakubOnderka/event-blocklist-view-fix. [Jakub Onderka] Event blocklist view fix - Merge pull request #6208 from JakubOnderka/faster_attach_tags. [Jakub Onderka] - Merge pull request #6288 from JakubOnderka/reference-optimisation. [Jakub Onderka] chg: [internal] Optimise Event::__attachReferences method - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6179 from denny-lclin/fix/variable-name-typo. [Christian Studer] [stix1 export] fix some variables' typo - [stix1 export] fix some variables' typo. [Denny Lin] - Merge pull request #6259 from JakubOnderka/extended_view_deduplication. [Jakub Onderka] Extended view deduplication - Merge branch 'email_type' into 2.4. [iglocska] - Merge branch 'js-libs-update' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into js-libs-update. [mokaddem] - Merge pull request #6282 from tomking2/bug/IE-support. [Andras Iklody] fix: Support IE with no template literal support - Merge pull request #6254 from JakubOnderka/unique_index_diagnostic. [Jakub Onderka] new: [diagnostic] Check if database index is unique - Merge pull request #6274 from JakubOnderka/acl_filter_attribute_values. [Jakub Onderka] fix: [internal] Respect ACL for event attribute search - Merge branch '2.4' of github.com:MISP/MISP into js-libs-update. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into js-libs-update. [mokaddem] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6219 from JakubOnderka/event-small-optim. [Jakub Onderka] Event small optim - Merge pull request #6271 from JakubOnderka/faster_quick_filter. [Jakub Onderka] chg: [internal] Much faster quick filter - Merge pull request #6265 from JakubOnderka/not-necessary-code-vol2. [Jakub Onderka] Remove not necessary code vol2 - Fixup! chg: [internal] Simplified putting attributes to objects. [Jakub Onderka] - Merge pull request #6268 from JakubOnderka/sightings-faster-fetcher. [Jakub Onderka] chg: [internal] Use faster fetcher for viewing sightings - Merge pull request #6267 from Golbark/rename_bl. [Andras Iklody] Rename blacklist and whitelist to alternatives - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6264 from JakubOnderka/not-necessary-code. [Jakub Onderka] Remove not necessary code - Merge branch 'fix-6249' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-6249. [mokaddem] - Merge pull request #6262 from JakubOnderka/deduplicate_related_tags. [Jakub Onderka] chg: [event] Deduplicate attribute related tags - Merge pull request #6258 from MISP/travis_poetry. [Raphaël Vinot] chg: Install poetry in home directory - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6214 from JakubOnderka/otp-encryption. [Jakub Onderka] fix: [otp] Allow to send encrypted OTP by mail - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6241 from SteveClement/tools. [Steve Clement] chg: [installer] Made the globalVariables more flexible - Merge pull request #6203 from JakubOnderka/tag-count. [Andras Iklody] Show proper number of attributes and events for tags - Event ID translation feature (#6212) [Loïc Fortemps] * new: [sync] Event ID translation between sync servers - Merge pull request #6237 from jtdroste/expanded-ip-logging. [Andras Iklody] new: Add the ability to customize the IP header field when logging - Add the ability to customize the IP header field when logging. [James Droste] - Merge pull request #6234 from JakubOnderka/event-filters-fix. [Jakub Onderka] fix: [UI] Event attribute filters works again - Merge pull request #6230 from JakubOnderka/event-small-optim-simple. [Jakub Onderka] Small optimisation for event index page - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6228 from JakubOnderka/fix-6226. [Jakub Onderka] fix: [JS] Issue #6226 when adding object reference - Merge pull request #6225 from rmkml/2.4. [Alexandre Dulaunoy] add SHA3 Hash on Attribut.php - Add SHA3 Hash on Attribut.php. [rmkml] - Feature/achievements widget (#6129) [Christophe Vandeplas, Loïc Fortemps, Steve Clement] * Additionnal protection against XSS, the response type defaults to html while it should be JSON. * new: widget: Achievements widget * Update AchievementsWidget.php * Update AchievementsWidget.php * Visual adjustments, new badges * i18n * indentation to MISP convention * AchievementsWidget minor textual improvements * Optimized query and fix issue with i18n - Merge pull request #6221 from cudeso/2.4. [Alexandre Dulaunoy] MISP-SNMP Monitor script - Add SNMP configuration snippet. [Koen Van Impe] - MISP-SNMP Monitor script. [Koen Van Impe] Script to return statistics which can be picked up via SNMP. Post for monitoring with Cacti (inspired by OpenNSM) will follow shortly. - Merge remote-tracking branch 'MISP/2.4' into 2.4. [Koen Van Impe] - Merge pull request #6200 from JakubOnderka/us-attr-search. [Jakub Onderka] chg: [UI] Nicer selector for attribute search - Merge pull request #6222 from JakubOnderka/correlation-fetch-optim. [Jakub Onderka] chg: [correlation] Fetch just necessary fields - Merge pull request #6220 from obert01/fix-accessibility. [Andras Iklody] A few accessibility fixes for users of screen readers - A few accessibility fixes for users of screen readers: - Added aria label and role for the representation of booleans in generic index tables, - Fixed Aria label for actions in generic index tables, - Set titles for actions in the admin user index table, - Added a few missing aria labels in the global menu. [Olivier BERT] v2.4.130 (2020-08-20) --------------------- New ~~~ - [internal] cache tags instead of loading them over and over via the event fetcher, fixes #6201. [iglocska] - should speed things up for exports of datasets that have a lot of recurring tags - moved the caching of some internals to the appmodel level to make it more generic - [internal] Support autocrypt when sending e-mails. [Jakub Onderka] - [internal] 'GnuPG.obscure_subject' option to not send unencrypted subject. [Jakub Onderka] - [internal] Log if e-mail was send encrypted or not. [Jakub Onderka] - [administration] lightweight slow query log analysis added. [iglocska] usage: /var/www/MISP/app/Console/cake Statistics analyse_slow_logs [path_to_slow_log] - [widgets] Additional widgets for sharing statistics and layouts. [Golbark] - Allow tag deletion for an event on update. [Tom King] - Allow for attribute tag deletion via Event or Attribute edit. Clean and return the attribute tags on response from editing an attribute, update code to remove legacy. [Tom King] - [UI] Show event preview when merging. [Jakub Onderka] - [attribute] Add support for IDN domains. [Jakub Onderka] - [opt] Added non interactive place holder. [Steve Clement] - New: [freetext] Convert `[at]` to `@` and `hxtp` and `htxp` to `http` [Jakub Onderka] Fixes #4908 and #4805 Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] Bump tag. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [correlation] Use less memory when generating correlation. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [internal] Break loop when match is found. [Jakub Onderka] - [UI] Nicer tag removal confirmation. [Jakub Onderka] - [internal] Reuse AttachmentTool instance. [Jakub Onderka] - [internal] Generate event date even if attachments doesn't exists. [Jakub Onderka] - [internal] Move attachment handling to one place. [Jakub Onderka] - [mail] Initialize GPG just once. [Jakub Onderka] - [mail] Simplified Message-ID generation. [Jakub Onderka] - [internal] Move GPG initialization to GpgTool. [Jakub Onderka] - [test] Set correct setting for GPG. [Jakub Onderka] - [internal] Protect also Reply-To header. [Jakub Onderka] - [internal] Protect also Date header. [Jakub Onderka] - [internal] Refactor S/MIME certificate validation. [Jakub Onderka] - [internal] Rework email sending. [Jakub Onderka] - [test] Show all logs from /app/tmp/logs/ folder. [Jakub Onderka] - [test] Do not show progress for composer. [Jakub Onderka] - [test] Show generated gpg keys. [Jakub Onderka] - [test] Remove dist-upgrade to speed up build. [Jakub Onderka] - [test] Run apt-get install just once to speed up build. [Jakub Onderka] - [doc] Added php-zip. [Steve Clement] - [internal] Update correlations in one query. [Jakub Onderka] Before, for every event saving action, four queries for updating correlations were generated - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [CLI] Allow to fetch remove event by UUID. [Jakub Onderka] - [internal] Refactor Server::getEventIdsFromServer. [Jakub Onderka] - [internal] stub for a simple caching mechanism for recurring queries. [iglocska] - [users:login] No longer fetch login form multiple times. - Reverted monkey patch - Removed the onclick listener responsible to calling the function twice. [mokaddem] - [posts] Allow to add comment to any user that can see event. [Jakub Onderka] - [UI] Do not exclude local tags when viewing event. [Jakub Onderka] - [UI] Allow to add local galaxy for non host org user. [Jakub Onderka] - [proposals:index] Migrated index to the factory index. [mokaddem] - [api] fixed restresponse for blacklists. [iglocska] - [feed] Better exception messages for invalid JSON. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] - [users:login] Removed duplicated submit button. [mokaddem] - Bumped queryversion. [mokaddem] - [tags:attachTagToObject] Support array of tags. Fix #5534. [mokaddem] - [misp.js] Applied codefactor comments. [mokaddem] - [objects:edit] Typo in comments. [mokaddem] - [objects:edit] Replaced usage of cookie with session. [mokaddem] - [objects:edit] Merge data is passed via cookies instead of the URI. [mokaddem] - [attributes:massEditForm] Pass attributes ids to be edited via POST. [mokaddem] Fix #5500 - [internal] Initialize UserSetting just when needed. [Jakub Onderka] - [users:acceptRegistration] Displays an error message if saved failed Fix #6134. [mokaddem] - Bump PyMISP. [Raphaël Vinot] - Bump PyMISP, fix test. [Raphaël Vinot] - [event:freetextImport] Usage of primaryOnlyCorrelatingTypes and limit the number of correlations displayed. [mokaddem] - [internal] Faster loading sighting. [Jakub Onderka] - [internal] Small controller cleanup. [Jakub Onderka] - [warning-lists] major update. [Alexandre Dulaunoy] - [correlations] Faster loading related attributes. [Jakub Onderka] - [UI] Side menu optimisations and cleanup. [Jakub Onderka] - [feed] Use less memory when parsing CSV feeds. [Jakub Onderka] - [internal] Better error handling for JSON decoding. [Jakub Onderka] - [UI] Add proposal form refactor. [Jakub Onderka] - Bump PyMISP. [Raphaël Vinot] - [attributeTag:handleAttributeTags] Removed useless conditions. [mokaddem] - [AttributeTags:handleAttributeTags] More generic way to handle capture and association. [mokaddem] - [attribute] Added tag handling when saving attributes and objects. [mokaddem] - [tag] Support of untagging in Object's Attribute and other fixes. [mokaddem] - deleted: 0 is correctly handled - stopped usage of `editAttribute` from Attribute Controller - [attribute:editAttribute] Uage of `editableFields` instead of hardcoded array. [mokaddem] - [object] Avoid notices if some object attributes fields are not set. [mokaddem] - [object:edit] Allow deleting objects by passing `deleted` flag. [mokaddem] Fix #6024 - [stix2 export] Avoiding testing the same field twice. [chrisr3d] - Following #6132 recently merged, which avoids potential KeyError exceptions, thanks to @denny-lclin - [internal] Faster generating correlations when enabling for event by toggle. [Jakub Onderka] - [UI] Wait 100 ms before showing event info. [Jakub Onderka] - [UI] Add link to event in event info. [Jakub Onderka] - [internal] Better job progress and status logging. [Jakub Onderka] - [requirements] Aligning requirements file with Pipfile regarding stix library requirements. [chrisr3d] - Bumped latest misp-opendata updates. [chrisr3d] - [events:index] Renamed `org` into `creator org`. Fix #6012. [mokaddem] - [opendata export] Support of the search functionality + fixed url parameter used in the delete feature. [chrisr3d] - [internal] Faster checking if warninglist already exists for event. [Jakub Onderka] - [internal] Initialize FinancialTool just when necessary. [Jakub Onderka] - [misp-opendata] Bumped latest version. [chrisr3d] - [freetext] Various code fixes and optimisations. [Jakub Onderka] - [internal] More tests for ComplexTypeTool::checkFreeText. [Jakub Onderka] - [internal] Simplified ComplexTypeTool::checkFreeText. [Jakub Onderka] - [opendata export] Parsing portal url parameter + slight parameters parsing changes. [chrisr3d] - As the possibility of specifying the url of the Open data portal to use instead of the default one, we support here this parameter and adapt the way we build the command that will launch the python script - Slight changes to replace some isset tests by empty tests to make sure the concerned fields are not only set, but also contain a value - [diagnostic] Updated required stix2 library version. [chrisr3d] Fix ~~~ - [internal] Syntax error in bootstrap.default.php. [Jakub Onderka] - [invalid element reference] element filepath was incorrectly treated as a url. [iglocska] - [UI] Show correct options in menu. [Jakub Onderka] - [internal] Notice when adding tag to collection. [Jakub Onderka] - [security] Check tag restriction for collection tags. [Jakub Onderka] - [security] Check tag restriction for attribute tags. [Jakub Onderka] - [security] Check tag restriction for event tags. [Jakub Onderka] - [attachment] Do not fetch attachment when accepting deletion proposal. [Jakub Onderka] - [UI] Showing image thumbnail. [Jakub Onderka] - [test] Use two spaces to pass the test. [Jakub Onderka] - [internal] Throw exception if invalid event for contact method is provided. [Jakub Onderka] - [test] Set GnuPG.email variable. [Jakub Onderka] - [internal] Fix undefined index notices. [Jakub Onderka] - [test] GPG homedir permission. [Jakub Onderka] - [internal] SendEmail exceptions message and logging. [Jakub Onderka] - [internal] Do not leak IP address in Message-ID. [Jakub Onderka] - [internal] Throw exception when invalid event id provided for contact email. [Jakub Onderka] - [intrernal] Undefined index: Organisation notice. [Jakub Onderka] - [cli] Show error when invalid user ID provided. [Jakub Onderka] - [test] Install missing python3-redis package. [Jakub Onderka] - [test] Show error and debug logs also after success test. [Jakub Onderka] - [test] Start workers under www-data group. [Jakub Onderka] - [doc] Amended CentOS8 install doc. Removed ssdeep, not working anymore. [Steve Clement] - [events:queryEnrichment] Recovers tag colour. [mokaddem] - Fix #6186 - [security] Check if user can access sharing group when uploading attachment. [Jakub Onderka] - [UI] Bad merge for mass edit form. [Jakub Onderka] - [proposals] Downloading proposal attachment. [Jakub Onderka] - [ACL] Allow proposal author to discard it. [Jakub Onderka] - [security] Respect ACL for freetext import. [Jakub Onderka] - [security] Throw exception if invalid data provided. [Jakub Onderka] - [ACL] Use common methods for ACL when editing object reference. [Jakub Onderka] - [ACL] Unpublished private for object do not apply for site admin. [Jakub Onderka] - [security] Sharing groups for objects respect permissions. [Jakub Onderka] - [tags] Show just tags that user can really use. [Jakub Onderka] - [security] Respect ACL for proposals. [Jakub Onderka] - [proposals] Respect unpublished private event when loading proposals. [Jakub Onderka] - [internal] Check `allow_disabling_correlation` before correlation toggle. [Jakub Onderka] - [security] ACL check when loading ajax tags. [Jakub Onderka] - [security] ACL check when adding or removing tags. [Jakub Onderka] - [security] ACL check when editing multiple event attributes. [Jakub Onderka] - [security] Respect ACL when event edit. [Jakub Onderka] - [stix import] Better TTPs parsing for external STIX. [chrisr3d] - [stix import] Fixed parameter determining if a ttp should be handled as attribute/object or as galaxy. [chrisr3d] - [stix export] Adding Vulnerability objects created out of attributes to the list of leveraged ttps. [chrisr3d] - [stix import] Same change for external indicator as we just did for external observables. [chrisr3d] - We also changed the code comments to make them clearer - [stix import] Handling the case of multiple attributes returned from the parsing. [chrisr3d] - If we get a list of actual attributes, we then handle the MISP object case, otherwise it means it is simply a list of attribute values, and we add as many attributes as there are values - [stix import] Splitted threat actors import parsing. [chrisr3d] - We now have specific a threat actors parsing for external STIX data, since the structure of the threat actor objects may not always be the same - Parsing threat actors from STIX documents produced with MISP remains the same - [stix import] Using generic Exception instead of specific ones to handle the results of the attribute parsing. [chrisr3d] - A lot of different exception types may be raised while parsing external stix data - [zmg] failing to publish to the ZMQ channel when MISP.org is invalid fixed, fixes #6174. [iglocska] - use the host org ID - if it's not set (should never happen), just take the lowest ID org - [login] endless blackholeannoyance fixed via monkey-patch. [iglocska] - [API] org blacklist copy pasta preventing additions of entries fixed. [iglocska] - [api] minor fix to the blacklist responses. [iglocska] - [API] blacklisting - don't throw 500 when no valid input is presented on the add interface. [iglocska] - [feed] Make HttpSocket instance optional for local feeds. [Jakub Onderka] - [ACLComponent] Updated permissions. [mokaddem] - [attributes] Do not override unlockedActions anymore. [mokaddem] - [attributes:massEditForm] Invalid conditions fixed and performances improvements. [mokaddem] - [attributes:massEditForm] Check if event exists. [mokaddem] - [users:login] Blackhole on login screen. [mokaddem] Fetch, fill and submit a fresh form on login avoiding blackholes due to expired form token - [blacklists] fixed add event blacklist via API calls. [iglocska] - [internal] older PHP still not happy with the return from a generator. [iglocska] - [db_schema] Added feeds.orgc_id in the index. [mokaddem] Fix #5838 - [internal] make ancient PHP versions happy. [iglocska] - [users:edit] Reset AUTHKey via interface. [mokaddem] Fix #6082 - [unicode] Temporarily escape 4 byte characters until we move the attribute value fields to mb4, fixes #5123. [iglocska] - fixes sync/feed issues related to 4 byte unicode characters - [administration] added missing column. [iglocska] - [administration] fixed var name. [iglocska] - [object:edit] Updating an object to a new template acutally save the template version Fix #6083. [mokaddem] - [pull] Check if url_params in pull filter is empty string. [Jakub Onderka] - [UI] clearer sync error message for no sync privileges. [iglocska] - [internal] Throw NotFoundException for non exists UUID. [Jakub Onderka] - [UI] Missing echo for decay score table header. [Jakub Onderka] - [internal] Feed controller cleanup. [Jakub Onderka] - [UI] Remove PHP warnings from side_menu_link.ctp. [Jakub Onderka] - [stix export] Fixed child-pid attributes export that used to make the process object export fail. [chrisr3d] - [attribute:editableFields] Typo in variable name. [mokaddem] - [attributes:edit] Correct error previsouly merged when importing code. [mokaddem] - [stix import] Fixed the remaining failing object references. [chrisr3d] - [stix import] Fixed references between file, pe & pe-section obects + moved mapping dict to the mapping script. [chrisr3d] - [object:edit] Correctly set the SG of the added new attributes Fix #6025. [mokaddem] - [objects:edit] Returns the latest state of the object if it were deleted. [mokaddem] - [attribute] Allow editing attributes. [mokaddem] Added raw values fields in the `editableFields` - [sync] drop the republishing of events when the modification is merely a timestamp bump. [iglocska] - due to an already fixed issue still lingering, invalid event edits keep getting synchronised between instances - these events still generate publish alerts erroneously - this fix compares the previous state of the event to the modification, if there are no material changes (attributes, objects, object relations, event tags added/updated) then the publishing is dropped. - [stix import] Fixed port in ip-port objects import to lose src and dst context. [chrisr3d] - [stix export] Fixed the slight difference between parsing x509 fingerprint attributes and x509 objects. [chrisr3d] - [stix export] Fixed x509 fingerprint attributes export & moved mapping dictionaries to the mapping script. [chrisr3d] - Only the x509-fingerprint-sha1 attribute was exported, and as a standard sha1 attribute, which was a loss of context, now the x509 fingerprint attributes (md5, sha1 & sha256) are exported as expected within a x509 observable - Also moved the mapping dictionaries with the appropriate indent to the mapping script, where they should belong - [stix export] Fixed pep8 & changed indentation for better readability. [chrisr3d] - [attribute:edit] Prevent the edition of system reserved fields. [mokaddem] - [feed:importFreeText] Make sure to update the timestamp when soft- deleting after delta-merge. [mokaddem] Fix #6013 - [events:index] Do not show events if org doesn't belong to the SG. [mokaddem] Event belonging to an organisation which is not included in the sharing group assigned to the event will not see the event on the index anymore. Fix #6033 Fix #6107 - [feed] Accept more text content. Fix #5969. [mokaddem] - [stix import] Importing single vulnerability attributes as vulnerability and not as text. [chrisr3d] - [sync] internal sync now correctly syncs local tags. [iglocska] - also fixes a notice about a missing tag in the sync - [galaxyClusters:view] Fixed full_group_by issue when viewing the galaxy matrix. [mokaddem] - [UI] Show proper menu when editing event info. [Jakub Onderka] - [attributes:massEdit] proposal option not by default. [Christophe Vandeplas] this way we do not change the default behavior which was changed in commit 9b33476eedd184bc46665aaae57533ddcf35e5f7 - [proposals] Delete proposals for object attributes. [Jakub Onderka] - Minor typo. [Christophe Vandeplas] - [installer] Installer was broken, now fixed. [Steve Clement] - [bug] Check for non-existen directory fails if exists. [Steve Clement] - [internal] Remove unused Event::setSimpleConditions method. [Jakub Onderka] - [internal] Remove unused CidrComponent and CIDRTool classes. [Jakub Onderka] - [correlations] Purge ssdeep table after attribute delete. [Jakub Onderka] - [audit] Show all attribute changes in event history. [Jakub Onderka] - [internal] Do not check event existence twice. [Jakub Onderka] - [internal] Reduce number of regexp in refang table. [Jakub Onderka] - [freetext] Handle IPv6 and punycode domains when import. [Jakub Onderka] - [security] xss fix missing part of solution. [iglocska] - the previous fix to the xss in the homepage setter was lacking the controller changes due to a partial commit (#bf4610c947c7dc372c4078f363d2dff6ae0703a8) - as originally discovered by Mislav Božičević - persistence of the vulnerability after the lacking fix reported by DIEGO JURADO PALLARES from Ciberinteligencia - [opendata export] Adding auth param in the python command only if not empty. [chrisr3d] Other ~~~~~ - Merge pull request #6204 from JakubOnderka/2.4. [Jakub Onderka] fix: [internal] Syntax error in bootstrap.default.php - Merge branch 'baseurl' into 2.4. [iglocska] - Syntax check and fix. [Vito Piserchia] - Recover from upstream version missing bits. [Vito Piserchia] - Recover from upstream version missing bits. [Vito Piserchia] - Merge remote-tracking branch 'upstream/2.4' into baseurl-patch. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Fix genericPopup. [johndoe] - Use this here. [johndoe] - Use this here. [johndoe] - Rebase continue. [Vito Piserchia] - Fix rebase. [johndoe] - Fix rebase. [johndoe] - Fix rebase. [johndoe] - Fix rebase. [johndoe] - Fix rebase. [johndoe] - Fixed Codacy warnings. [Léarch] - Corrected redirections. [Léarch] See the following for an explanation: https://stackoverflow.com/questions/6836990/how-to-get-complete-current-url-for-cakephp#comment11184149_6875310 - Rebase continue. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Fix rebase. [johndoe] - Rebase continue. [Vito Piserchia] - Added missed variable declaration. [Vito Piserchia] - Improve code quality. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Fix genericPopup. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - Fix baseurl use to view organizations. [Léarch] - Fixed Codacy warnings. [Léarch] - Corrected redirections. [Léarch] See the following for an explanation: https://stackoverflow.com/questions/6836990/how-to-get-complete-current-url-for-cakephp#comment11184149_6875310 - Rebase continue. [Vito Piserchia] - Rebase continue. [Vito Piserchia] - More merge fixes. [Vito Piserchia] - Resolve merge. [Vito Piserchia] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6176 from JakubOnderka/fix-menu. [Jakub Onderka] fix: [UI] Show correct options in menu - Merge pull request #6202 from rmkml/2.4. [Andras Iklody] add vhash (VirusTotal Hash) on Attribut.php - Add vhash (VirusTotal Hash) on Attribut.php. [rmkml] - Merge pull request #6199 from JakubOnderka/generate-correlation- memory. [Jakub Onderka] chg: [correlation] Use less memory when generating correlation - Merge pull request #6196 from JakubOnderka/event-tags. [Jakub Onderka] Event tag adding and removing - Fixup! chg: [UI] Nicer tag removal confirmation. [Jakub Onderka] - Merge pull request #5865 from JakubOnderka/attachment_tool. [Jakub Onderka] chg: [internal] Move attachment handling to one place - Merge pull request #5240 from JakubOnderka/patch-43. [Jakub Onderka] chg: [internal] Refactor e-mail sending - Merge pull request #6192 from JakubOnderka/notices-fix. [Jakub Onderka] Notices fixes - Merge pull request #6191 from JakubOnderka/travis-fixes-vol2. [Jakub Onderka] Travis fixes vol2 - Merge pull request #6190 from JakubOnderka/travis-fixes. [Jakub Onderka] Travis fixes - Merge pull request #6187 from SteveClement/guides. [Steve Clement] - Merge pull request #5948 from JakubOnderka/update-correlations. [Jakub Onderka] chg: [internal] Update correlations in one query - Merge pull request #6001 from JakubOnderka/get-events-refactoring. [Jakub Onderka] chg: [internal] Refactor Server::getEventIdsFromServer - Merge pull request #6181 from JakubOnderka/checek-sg-perm. [Jakub Onderka] fix: [security] Check if user can access sharing group when uploading… - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6178 from JakubOnderka/fix-mass-edit. [Jakub Onderka] Fix mass edit - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6175 from JakubOnderka/shadow-fix. [Jakub Onderka] Shadow fix - Merge pull request #6172 from JakubOnderka/freetext-import-acl2. [Jakub Onderka] fix: [security] Respect ACL for freetext import - Merge pull request #6136 from JakubOnderka/acl-can-modify-chekcs. [Jakub Onderka] fix: [security] Respect ACL when event edit - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6156 from JakubOnderka/feed-httpsocket-optional. [Jakub Onderka] fix: [feed] Make HttpSocket instance optional for local feeds - Merge pull request #6052 from stricaud/2.4. [Andras Iklody] Using json parser to parse json configuration output from cake - Using json parser to parse json configuration output from cake. [Sebastien Tricaud] - Merge branch 'fix-no-more-login-blackhole' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-no-more-login- blackhole. [mokaddem] - Merge branch 'fix-mass-edit-form-with-post' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-mass-edit-form- with-post. [mokaddem] - Merge branch 'feature-5534' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-5534. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-5534. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-mass-edit-form- with-post. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-mass-edit-form- with-post. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #6154 from JakubOnderka/tags-fix. [Sami Mokaddem] chg: [internal] Initialize UserSetting just when needed - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'fix-align-object-with-latest-template' into 2.4. [mokaddem] - Merge pull request #6150 from JakubOnderka/2.4. [Jakub Onderka] fix: [pull] Check if url_params in pull filter is empty string - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'fix-freetext-correlation-improvements' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-freetext- correlation-improvements. [mokaddem] - Merge pull request #6148 from JakubOnderka/controller-cleanup. [Jakub Onderka] chg: [internal] Small controller cleanup - Merge pull request #6146 from JakubOnderka/toolbox-non-exists-uuid. [Jakub Onderka] fix: [internal] Throw NotFoundException for non exists UUID - Merge pull request #6144 from JakubOnderka/feeds-controller-cleanup. [Jakub Onderka] fix: [internal] Feed controller cleanup - Merge branch 'fix-update-tags-on-attribute-edit' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into fix-update-tags-on- attribute-edit. [mokaddem] - Merge pull request #5954 from JakubOnderka/get-related-attributes- faster. [Jakub Onderka] chg: [correlations] Faster loading related attributes - Merge pull request #6126 from JakubOnderka/side-menu-optim. [Jakub Onderka] chg: [UI] Side menu optimisations and cleanup - Merge pull request #6115 from JakubOnderka/freetext-fixes-vol2. [Jakub Onderka] chg: [feed] Use less memory when parsing CSV feeds - Merge pull request #6031 from JakubOnderka/json_error_handling. [Jakub Onderka] chg: [internal] Better error handling for JSON decoding - Merge pull request #6141 from JakubOnderka/proposal-form-refactor. [Jakub Onderka] chg: [UI] Add proposal form refactor - Add: [stix import] Support the import of port, command-line & image attributes in process objects. [chrisr3d] - Add: [stix export] Process objects export now supports port attributes. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6142 from Golbark/feature/sharing_widgets. [Andras Iklody] new: [widgets] Additional widgets for sharing statistics and layouts - Add: [stix export] Process object export has been improved to support image & command-line attributes. [chrisr3d] - Merge branch 'feature/tags-deletion' into fix-update-tags-on- attribute-edit. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into feature/tags-deletion. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr- feature/tags_deletion. [mokaddem] - Merge remote-tracking branch 'upstream/2.4' into feature/tags_deletion. [Tom King] - Merge branch '2.4' into feature/tags_deletion. [Tom King] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch 'true-2.4' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6132 from denny-lclin/fix/key-error-in- stix2-misp2stix2. [Christian Studer] fix: check Misp time fields exist before using them - Check time fields exist before using them. [Denny Lin] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6131 from JakubOnderka/toggle-correlation-speedup. [Jakub Onderka] chg: [internal] Faster generating correlations when enabling - Merge pull request #6135 from JakubOnderka/merge_show_event_preview. [Jakub Onderka] new: [UI] Show event preview when merging - Merge pull request #6065 from JakubOnderka/job-progress. [Jakub Onderka] chg: [internal] Better job progress and status logging - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6099 from JakubOnderka/idn-support. [Jakub Onderka] new: [attribute] Add support for IDN domains - Merge pull request #6112 from JakubOnderka/attr-fetch-optim. [Jakub Onderka] Attr fetch optim - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6119 from MISP/JakubOnderka-patch-1. [Jakub Onderka] fix: [UI] Show proper menu when editing event info - Additionnal protection against XSS, the response type defaults to html while it should be JSON. (#6118) [Loïc Fortemps] - Merge pull request #6117 from JakubOnderka/delete-object-proposal. [Jakub Onderka] fix: [proposals] Delete proposals for object attributes - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6116 from SteveClement/guides. [Steve Clement] - Merge branch 'guides' of github.com:SteveClement/MISP into guides. [Steve Clement] - Merge pull request #6114 from JakubOnderka/remove-cidr. [Jakub Onderka] fix: [internal] Remove unused CidrComponent and CIDRTool classes - Merge pull request #5929 from JakubOnderka/fuzzy-purge. [Jakub Onderka] fix: [correlations] Purge ssdeep table after attribute delete - Merge pull request #6113 from JakubOnderka/freetext-fixes-vol2. [Jakub Onderka] chg: [freetext] Various code fixes and optimisations - Merge pull request #6085 from JakubOnderka/event_log_fix. [Jakub Onderka] fix: [audit] Show all attribute changes in event history - Merge pull request #6091 from JakubOnderka/existence-checking. [Jakub Onderka] fix: [internal] Do not check event existence twice - Merge pull request #6097 from JakubOnderka/freetext-fixes. [Jakub Onderka] fix: [freetext] Handle IPv6 and punycode domains when import v2.4.129 (2020-07-13) --------------------- New ~~~ - [diag] Check if ZIP extension is installed. [Jakub Onderka] - [merge] functionality reworked. [iglocska] - handle objects, tags, etc via @chrisr3d's module result parsing - handle sharing groups correctly - as reported by Jakub Onderka - using standardised fetchers internally - API enabled (which will directly merge all contents of the source event into the target event) - [event block rule system] added. [iglocska] - add simple tag filters to block events from being added. - it will not stop a manual creation of an event with subsequent adding of the tag in a later stage - it will however block synced events - [statistics] shell added for the git codebase's contributor counters. [iglocska] - to be extended with other similar tasks Changes ~~~~~~~ - [version] bump. [iglocska] - [stix2 library] Bumped latest version. [chrisr3d] - [UI] Add attribute fixes. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [correlations] Faster checking if CIDR is IPv4 or IPv6 version. [Jakub Onderka] - [correlations] Just check if redis key exists. [Jakub Onderka] - [feed] Faster freetext feed caching. [Jakub Onderka] - [UI] Sort tags by name for server rules. [Jakub Onderka] - [internal] Use tmp file fro Feed::getCache. [Jakub Onderka] - [internal] Attribute REST search optimisations and error handling. [Jakub Onderka] - [internal] Simplify and optimise eventUI method. [Jakub Onderka] - [warning-list] updated to the latest version. [Alexandre Dulaunoy] - [ACL] Allow to access to fetchOrgsForSG and fetchServersForSG just with perm_sharing_group. [Jakub Onderka] - [users:resgister] Use the trimmed data instead. [mokaddem] - [stix2] Bumped latest python stix2 library. [chrisr3d] - [sightings] Check if sighting already exists before getting attribute info. [Jakub Onderka] - [sightings] Save one SQL query when saving sighting if event UUID is given. [Jakub Onderka] - [internal] Move getting sightings range to one place. [Jakub Onderka] - [internal] Faster loading sightings if the same attribute is requested. [Jakub Onderka] - [statistics shell] added total commit count. [iglocska] Fix ~~~ - [installer] Update to latest. [Steve Clement] - [StixExport] suppress unlink warnings. [Richard van den Berg] - [stix export] log stack trace on error, support 'AMBER NATO ALLIANCE' TLP tags. [Richard van den Berg] - [misp_retention] Support objects, use lists for build_complex_query() [Richard van den Berg] - [attributes] Possible duplicate attributes. [Jakub Onderka] - [internal] Missing field for server model when editing event. [Jakub Onderka] - [stix2 import] Fixed some object reference issues. [chrisr3d] - With the newest PyMISP version, the object references creation had to get some slight changes: - We add the referenced object in the event before the add the reference between the 2 objects, when it is possible - ** has been removed while calling add_object since we are adding already verified MISP objects, and using ** was actually the reason why the references were not present in the objects when they had been created before the referenced object were added to the event - [stix2 import] Fixed Observable object type checking, following the recent changes on the stix2 python library. [chrisr3d] - [stix upload] Removed 'isset' already tested with 'empty' at the same place. [chrisr3d] - [stix2 import] Avoid duplication of original-imported-file objects during the import process. [chrisr3d] - Duplication can happen when the result of the import process is an event that already exists - [security] setting a favourite homepage was not CSRF protected. [iglocska] - a user could be lured into setting a MISP home-page outside of the MISP baseurl - switched the endpoint to be CSRF protection enabled - as discovered by Mislav Božičević - [opendata export] Fixed resource deletion query creation to avoid silent syntax errors. [chrisr3d] - [stix] Store synonymsToTagNames.json file in tmp folder. [Jakub Onderka] - [mail] Contacting only event creator. [Jakub Onderka] Fix sending e-mails in Contact Reporter for when 'Submit only to the person that created the event' is checked - [mail] Contact reporter body. [Jakub Onderka] Do not send that GPG or Public key are sent as attachment, when user don't have them - [proposals] re-edded the edit view for propsoals. [iglocska] - [security] Remove ShadowAttributesController::{getProposalsByUuid,getP roposalsByUuidList} [Jakub Onderka] These methods are not used, but they let sync users to access proposals for any event. - [security] Remove ShadowAttributesController::{fetchEditForm,editField} [Jakub Onderka] These methods are not used, but they allow to access attribute data without proper ACL checks. - [MispObject] Do not unpublish synced events, fixes #4838. [Richard van den Berg] - [UI] Attribute category select. [Jakub Onderka] - [internal] Do not try to access bool as array. [Jakub Onderka] - [stix2 import] Better markings parsing for both created with MISP and external STIX. [chrisr3d] - [stix2 export] Fixed Markings export following the recent changes on ListProperty. [chrisr3d] - [sharingGroup:captureSharingGroup] Fix failing capture in case of roaming mode. [mokaddem] - The server list check was incorrect - When capturing, roaming mode was always defaulted to false - The logs could not be written due to non-initialized class - [acl] Added event block rule. [iglocska] - [security] Check event ACL before allowing user to send event contact form. [Jakub Onderka] - [stix2 export] Fixed first_seen/last_seen field parsing. [chrisr3d] - [returnAttributes] remap small cleanup. [iglocska] - no need to set xml as returnformat, it's the default based on the injected params - [security] deprecated function with lacking ACL removed. [iglocska] - replaced deprecated, sharing group unaware, broken function with one that follows the documentation of the deprecated endpoint - keeping it alive until we purge the deprecated ones in the move to MISP 3/next whatever - Thanks to Jakub Onderka for reporting it! - [security] Insufficient ACL checks in the attachment downloader fixed - Thanks to Jakub Onderka for reporting it. [mokaddem] - [tag:checkForOverride] Catch if tag didn't have a numerical value before the override. [mokaddem] - [user:registration] Report field validations to the user. Fix #6072 and #6073. [mokaddem] - [stix2] Fixed conversion of object relations containing dots into custom object values. [chrisr3d] - Also includes changes to support the import of custom objects into MISP objects containing object relations with dots, to avoid issues or changes on the mapping - [stix2] Fixed issue with custom object created from MISP object with underscore in the name. [chrisr3d] - Includes fix to export the objects into custom objects, and to import custom objects into MISP objects back - Should fix #6046 - [UI] Fetching from not enabled feed should be error. [Jakub Onderka] - [feed] Incorrect call in Feed::__saveEvent. [Jakub Onderka] - [internal] Do not create empty link for anonymized org sighting. [Jakub Onderka] - [UI] Expanding attribute correlations on other pages. [Jakub Onderka] - [stix2 export] Fixed datetime issue with the 'created' field of some stix objects. [chrisr3d] - Following some changes on the python stix2 library, that caused an issue with the previous way we created the 'created' field - [mail] Fix body of passwordReset/newUser emails. [Václav Bartoš] When MISP sends an email with new credentials, the body is generated from one of the configured templates - passwordResetText or newUserText. However, these two templates were swapped - the newUserText was used for password reset, while passwordResetText was used when new account is created. This commit fixes it. - [internal] HTML code fix. [Jakub Onderka] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6110 from RichieB2B/ncsc-nl/unlink. [Andras Iklody] fix: [StixExport] suppress unlink warnings - Merge pull request #6109 from RichieB2B/nscc-nl/stixfix. [Andras Iklody] fix: [stix export] log stack trace on error, support 'AMBER NATO ALLI… - Merge pull request #6108 from RichieB2B/ncsc-nl/fix-retention. [Andras Iklody] fix: [misp_retention] Support objects, use lists for build_complex_qu… - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6067 from JakubOnderka/fix-composite-type- uniquenes. [Andras Iklody] fix: [attributes] Possible duplicate attributes - Merge pull request #6069 from JakubOnderka/patch-119. [Andras Iklody] fix: [internal] Missing field for server model when editing event - Merge pull request #6089 from JakubOnderka/add-attribute-ui-fixes. [Andras Iklody] chg: [UI] Add attribute fixes - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #6071 from JakubOnderka/patch-120. [Andras Iklody] fix: [stix] Store synonymsToTagNames.json file in tmp folder - Merge pull request #6070 from JakubOnderka/cidr-correlation-optim. [Andras Iklody] Cidr correlation optim - Merge pull request #6036 from JakubOnderka/cache-freetext-feed-optim. [Andras Iklody] chg: [feed] Faster freetext feed caching - Merge pull request #6044 from JakubOnderka/sort-tags-by-name. [Andras Iklody] chg: [UI] Sort tags by name for server rules - Merge pull request #6035 from JakubOnderka/rest-search-optim. [Andras Iklody] chg: [internal] Attribute REST search optimisations and error handling - Merge pull request #5963 from JakubOnderka/patch-108. [Andras Iklody] fix: [mail] Contact reporter body - Merge pull request #6092 from JakubOnderka/event-ui. [Andras Iklody] chg: [internal] Simplify and optimise eventUI method - Merge pull request #6087 from JakubOnderka/zip-ext. [Andras Iklody] new: [diag] Check if ZIP extension is installed - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'fix-sg-creation' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into fix-sg-creation. [mokaddem] - Merge pull request #6095 from JakubOnderka/shadow-attribute-unused- vol2. [Andras Iklody] fix: [security] Remove ShadowAttributesController::{getProposalsByUuid,getProposalsByUuidList} - Merge pull request #6093 from JakubOnderka/shadow-attribute-unused. [Andras Iklody] fix: [security] Remove ShadowAttributesController::{fetchEditForm,editField} - Merge pull request #6094 from RichieB2B/ncsc-nl/stop-loop. [Andras Iklody] fix: [MispObject] Do not unpublish synced events, fixes #4838 - Merge pull request #6088 from JakubOnderka/patch-121. [Andras Iklody] fix: [UI] Attribute category select - Merge pull request #6075 from JakubOnderka/bool-is-not-array. [Andras Iklody] fix: [internal] Do not try to access bool as array - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6078 from JakubOnderka/fix-acl. [Andras Iklody] chg: [ACL] Allow to access to fetchOrgsForSG and fetchServersForSG... - Merge pull request #6079 from legoguy1000/update_AuthkeyShell. [Andras Iklody] Allow you to mannually set the API key for automation purposes - Allow you to mannually set the API key for automation purposes. [Alex Resnick] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6077 from JakubOnderka/contact-acl. [Andras Iklody] fix: [security] Check event ACL before allowing user to send event contact form - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge pull request #6063 from JakubOnderka/patch-118. [Andras Iklody] fix: [UI] Fetching from not enabled feed should be error - Merge pull request #6062 from JakubOnderka/feed-incorect-call. [Andras Iklody] fix: [feed] Incorrect call in Feed::__saveEvent - Merge pull request #6064 from obert01/fix-diag-accessibility. [Andras Iklody] - Added proper ARIA properties for the "fix" button in the DB index and DB schema diagnostic tables. [Olivier BERT] - Merge pull request #6061 from JakubOnderka/list-sightings-ui. [Andras Iklody] fix: [internal] Do not create empty link for anonymized org sighting - Merge pull request #6060 from JakubOnderka/correlation-expand-fi. [Andras Iklody] fix: [UI] Expanding attribute correlations on other pages - Ch: Bump warninglists. [Raphaël Vinot] - Ch: Bump misp-objects. [Raphaël Vinot] - Merge pull request #5985 from vaclavbartos/2.4. [Andras Iklody] fix: [mail] Fix body of passwordReset/newUser emails - Merge pull request #6026 from JakubOnderka/save-sightings- optimisation. [Andras Iklody] Save sightings optimisation - Merge pull request #6043 from StefanKelm/2.4. [Andras Iklody] Update side_menu.ctp - Update side_menu.ctp. [StefanKelm] Adjusts menu to be in line with "Global Actions" - Merge pull request #6045 from JakubOnderka/sightings-loading-optim. [Andras Iklody] chg: [internal] Faster loading sightings if the same attribute is req… - Merge pull request #6049 from JakubOnderka/patch-116. [Andras Iklody] fix: [internal] HTML code fix v2.4.128 (2020-06-22) --------------------- New ~~~ - [correlations] Enable CIDR correlations for ip-src|port and ip- dst|port types. [Jakub Onderka] Changes ~~~~~~~ - [version] bump. [iglocska] - [PyMISP] Bump. [Raphaël Vinot] - [stix2 import] Parsing external pattern made with 'OR' separators the same way we do for pattern with 'AND' [chrisr3d] - Also slight update of some mapping dictionaries to go with the changes introduced with this commit on the main script - [stix2 tests] Bumped the latest MISP & STIX2 test files. [chrisr3d] - [correlations] Faster IPv4 CIDR correlation. [Jakub Onderka] - [correlations] Faster IPv6 correlation. [Jakub Onderka] - [correlations] Big speedup when correlating CIDR. [Jakub Onderka] - [widget] remove unused var, make test pass. [Jean-Louis Huynen] - [stix2 import] Moved all the mapping dictionaries to the mapping script. [chrisr3d] - [stix2 import] Temporary rework stix2 to misp script should now be ready to replace the original stix2 to misp script. [chrisr3d] - Bump PyMISP. [Raphaël Vinot] - [stix2 import] Better parsing for patterns we always import as single attributes. [chrisr3d] - [stix2 import] Generic way of dealing with payloads in external file & artifact patterns. [chrisr3d] - After struggling a lot with the different use cases, we ended up with the following process: - checking if any file:content_ref is there and grouping the content refs features together if possible - After all the content refs have been parsed, we check if there still is some payloads - [stix2 export] Moved the Attributes parsing functions into the main script. [chrisr3d] - Also checked the mapping to find potential bugs, and fixed/updated some fields (in observed-data and indicators) - [stix2 import] Observable single attributes parsing functions are now in the main script. [chrisr3d] - Also update of the mapping dictionary with the latest updated functions moved from the mapping script to the main script - [stixtest] JQing MISP event result from a STIX import for more visual ease. [chrisr3d] - [stix1 import] Better parsing of ttps, threat actors & courses of action. [chrisr3d] - [stixtest] Updated the STIX1 test files following the changes on the test MISP events. [chrisr3d] - [stixtest] Updated stix2 test files with the most recent changes on the related MISP events, and on the export script. [chrisr3d] - [stixtest] Test MISP events up-to-date. [chrisr3d] - [stix2 export] Exporting Course of Action object attributes as custom properties if not supported. [chrisr3d] - [stix2] Bumped latest stix2 python library. [chrisr3d] - [stixtest] Updated the stix1 test files. [chrisr3d] - [stix1 export] Exporting Galaxies per TTP, Threat Actor or COA. [chrisr3d] - Exporting each galaxy as one TTP, Threat Actor, or Course of Action instead of exporting each Galaxy Cluster individually - All clusters of a same galaxy are exported in the same TTP, Threat Actor or Course of Action - [stix2 import] Mapping galaxy cluster names with their corresponding tag names. [chrisr3d] - We map existing cluster names with the json file of synonyms mapped with tag names generated by MISP and introduced in the latest commit - If there is not association, we just add a tag looking like a galaxy tag name. The difference is this tag will not be recognized as a proper galaxy tag name and will stay as a tag - [stix import] Passing a mapping of cluster name with tag names as parameter of the import scripts. [chrisr3d] - We map GalaxyCluster names and synonyms with the associated tag names - This mapping will be used in the python stix 1&2 import scripts so they can return the correct tag names about galaxies Fix ~~~ - [stix2 import] Quick issues fixing. [chrisr3d] - Fixed issue that could happen sometimes during an external pattern parsing when we split the identifier of the pattern from the value. We now make sure the identifier is stripped, so we avoid issues with the mapping dictionaries that could not recognize it - Also displaying a warning message when we have no attributes resulting from the parsing of an external pattern or observable object - [stix2 import] Small update on the mapping to work with some external patterns seen recently. [chrisr3d] - [stix2 import] Fixed some external observable objects import. [chrisr3d] - [stix2 import] Fixed no longer existing variable in the mapping script. [chrisr3d] - [stix2 import] Added the function to parse external email-address observable objects, that was missing. [chrisr3d] - [UI] Typo. [Jakub Onderka] - [stix2 import] Better way of parsing some attributes and objects. [chrisr3d] - For single attributes that could be part of an object and would lose some context if imported as single attribute without their object relation (mostly attributes of type 'text'), we decide to import them as object anyway to avoid the increase of context-less attributes - Also cleaner way to parse observable objects and patterns that will alwyas give single attributes - [stix2 export] Typo in variable name. [chrisr3d] - [stix2 export] Reverted the email object attribute 'from' export as observable object. [chrisr3d] - From-ref is always a single value, we cannot use a list of references - [stix2 export] Fixed email object attributes export into pattern. [chrisr3d] - [stix2 export] Avoiding issues with attributes with no Galaxy field. [chrisr3d] - [stix2 export] Fixed x509 object export. [chrisr3d] - x509 fingerprint hashes parsing was pointing to a part of a mapping dict which does not exist - [stix2 import] Fixed external pattern parsing for pe section attributes. [chrisr3d] - As an example, instead of storing the full pattern identifiers, like: "file:extensions.'windows-pebinary-ext'.section.name" we only store what is usefull (name) for the parsing part where we check the mapping dict to find the corresponding attribute type and object_relation - [stix2 import] Importing external vulnerabilities as single attribute or object depending on the case. [chrisr3d] - In other words, we made available the import of vulnerabilities as single attributes when only a name is present in the STIX object - Was only importing vulnerability objects before, which does not change if there is more than only the name within the STIX vulnerability object - [stix2 import] Removed unused variable that was used for debug purposes. [chrisr3d] - [stix2 import] Cleaner autonomous system observable import. [chrisr3d] (for STIX documents generated with MISP) - [stix2 import] Parsing timeline features on single attributes. [chrisr3d] - As it is parsed for imported objects - It adds timestamp, first_seen & last_seen values on single attributes accordingly - [stix2 import] Fixed email reply-to single attribute import. [chrisr3d] - [stix2 import] Fixed payload_bin import into single MISP attribute. [chrisr3d] - [stix2 export] Fixed email-reply-to export in observable object. [chrisr3d] - [stix2 export] Removed unused import. [chrisr3d] - [stix2 import] Importing PyMISP from the submoduled library. [chrisr3d] - As it is in the currently used stix2 import script which is going to be replaced by this one - Avoids issues when the python library is not installed with pip - [stix2 import] More generic network-traffic references parsing. [chrisr3d] - Also fixing some edge cases of reference parsing with the wrong mapping (network_traffic_references_mapping no longer exists) - [stix2 import] Fixed single attributes import following changes on the export part. [chrisr3d] - [stix2 export] Making sure we have the required name field set while exporting regkey values from a MISP regkey object to a STIX observed data. [chrisr3d] - [stix2 export] Fixed regkey|value expor. [chrisr3d] - Revert to the initial mapping that has been changed to the wrong field: the value should be mapped to the data field and instead of name - [stix2 export] Removed unused mapping dictionary fields. [chrisr3d] - [stix2 export] Removed object attributes added in file patterns for test purposes. [chrisr3d] - [stix2 export] Removed object attributes added for test purposes. [chrisr3d] - [stix2 import] Writing import results as expected in the result file. [chrisr3d] - [stix2 import] Fixed relationships parsing. [chrisr3d] - Using iterators is good for a single iteration, but not for more, including an if test - Using tuples instead is better and avoids then losing our relationships - [stix1 import] Better parsing of malware instances within ttps. [chrisr3d] - In some cases when malware instances within ttps do not have a title but one or more name(s), we need to use them instead of the title - [stix1 import] Fixed malware instance parsing. [chrisr3d] - [stix2 import] Typo. [chrisr3d] - [stix2 test] Typo. [chrisr3d] - [stix2 import] Handling external STIX file pattern properly. [chrisr3d] - If there is no extension (case which has been fixed in the few last commit), we need to check if we have to create a MISP attribute or object - We then check if we exctracted one attribute from the pattern or more, and create respectively a MISP attribute or object - [stix2 import] Fixed monkey issues... [chrisr3d] - [stix2 import] Using the expected parameters to handle the file, pe & sections objects. [chrisr3d] - [stix1 import] Some quick fixes on MISP objects parsing. [chrisr3d] - Better handling on MISP object name parsing - Importing properly MISP object uuid for course of action objects - [stix2 import] Importing event uuid from report. [chrisr3d] - The event uuid is set when there is one report - [stix2 import] Fixed timestamp parsing following the latest changes on STIX2 export. [chrisr3d] - [stix2 import] Fixed timestamp parsing. [chrisr3d] - Fixed timestamp parsing of custom objects - [stix2 import] Fixed attack-pattern & course-of-action object attributes parsing. [chrisr3d] - Avoids setting the ids flag to false when object attributes do not come from an observable object - [stix2 import] Fixed attack-pattern external_references parsing. [chrisr3d] - [stix2 export] Fixed attack-pattern object export. [chrisr3d] - Fixed the id attribute export - Supporting expport of the newest 'references' attribute added to the object template - [stix2 import] Fixed file objects import. [chrisr3d] - As it has been updated for file objects export, we now better support potential multiple fields like filename, path and fullpath - Also handling properly the special case of a file object with an extension field - [stix2 export] Fixed special case of file with a path property and a PE extension. [chrisr3d] - If a file object had a path property and a PE extension, the extension could be added to the wrong part of the observable object - We make sure here the extension is attached to the observable object related to the file, and not to the directory referenced by the file as its path - [stix2 export] Fixed files objects export (patterns & observable object) [chrisr3d] - Better handling of the data field for attributes like malware-sample and attachment - Support of path & fullpath attributes export - Better handling of potential multiple attributes like filename, path and fullpath - [stix2 export] Fixed artifact name export in pattern as custom property. [chrisr3d] - [stix2 export] Fixed x509-fingerprint-sha1 single attribute export. [chrisr3d] - [stix2 export] Fixed regkey|data attribute export. [chrisr3d] - [stix2 import] Fixed regkey values observable objects parsing. [chrisr3d] - [stix2 import] Fixed & cleaned network traffic objects. [chrisr3d] - [stix2 export] Fixed reference typo in network traffic pattern. [chrisr3d] - [stix2 import] Passing mapping variable name instead of the dictionary. [chrisr3d] - For all the generic parsing functions, we pass the mapping variable name and get the attribute afterwards instead of passing the dictionary - [stix2 import] Fixed some observable and pattern parsing issues. [chrisr3d] - Quick custom property in pattern parsing fixed - Fixed file and network socket observable objects parsing - [stix2 export] Fixed SocketExt properties exceptions catching. [chrisr3d] - address_family is a required property, thus we need to handle it separately - protocol_family is optional and thus easier to handle - [stix2 import] Some patterns import fixed. [chrisr3d] - AS attribute in asn object is now imported with the 'AS' prefix - Importing properly attachment attributes in file objects - pe mapping enhanced - [stix2 export] Fixed file & vulnerability patterns export. [chrisr3d] - [stix2 import] Fixed malware sample import in file objects. [chrisr3d] - [stix2 export] Fixed custom properties for vulnerability and attack pattern objects. [chrisr3d] - Dashes ('-') in object relations should be replaced by underscores as custom properties only accept underscores - [stix2 export] Better file objects export and joining patterns from list instead of concatenating strings. [chrisr3d] - [stix2 import] Better import for some objects. [chrisr3d] - Support of custom properties that are lists - Support of protocol attribute in network socket object - Support of group attribute in user account object - [stix2 export] Better export for object attributes of vulnerability and attack pattern objects. [chrisr3d] - Need to use custom properties in some cases - [stix2 import] Importing pe attributes from patterns within the pe object and not in the file object. [chrisr3d] - [stix2 import] Fixed file pattern import. [chrisr3d] - [stix2 import] Better network connection patterns parsing. [chrisr3d] - [stix2 export] Fixed export of port attribute in network traffic patterns. [chrisr3d] - [stix2 export] Fixed network traffic references in patterns. [chrisr3d] - [stix2 import] Fixed network socket pattern values parsing. [chrisr3d] - We do not want to import the single quotes that are all around the pattern values - [stix2 export] Exporting TLP tags as marking definition. [chrisr3d] - Marking definition in the case of TLP was missing and only the reference to the marking definition was exported, but not the actual marking definition object - [stix2 import] Fixed MISP Object creation. [chrisr3d] - MISP Object creation function used for attack pattern & course of action objects, so they get the correct uuid - MISP Object creation trying to parse the first seen & last seen values without raising issues when the object parsed does not have any - [stix2 export] Fixed file content ref for malware sample exports. [chrisr3d] - [stix2 export] Fixed email attachment export. [chrisr3d] - [stix2 export] Exporitng process attributes in patterns as intended. [chrisr3d] - Handling the child ref(s), parent ref, and image name values in process patterns - [stix1 import] Parsing COA_Taken objects as MISP object. [chrisr3d] - [stix1 export] Exporting category and value in STIX objects title and not the attribute/object id. [chrisr3d] - [stix1 export] No longer exporting object IDs. [chrisr3d] - ThreatActors and TTPs titles only use categories and values of the attribute/object to define the title, and not the attribute/object id anymore - [stix1 export] Various fixes. [chrisr3d] - Got rid of some variables and calling some functions directly to parse data withtout storing it - TTPs, Courses of action and Threat Actors are now referenced in related objects only when they come from attributes/objects in MISP and not when they come from galaxies - [stix1 export] Tiny fixes. [chrisr3d] - Making sure adding an indicator type fails because of the mapping between attribute types and indicator types does not support a specific type, and not because of the indicator not accepting the type we want it to have - Making sure CAPEC IDs are always starting with 'CAPEC' in the AttackPattern objects we create - [stix1 export] Fixed email attachment related objects uuid. [chrisr3d] - Email message related objects representing the email attachments now have the correct uuid of the attachment attribute - Before, a random uuid was used, due to the file object losing its parent properties while being switched from a File object type to a related object type - [stix1 export] Referencing COAs as RelatedCOAs. [chrisr3d] - [stix1 export] Removed function no longer used. [chrisr3d] - [stix1 export] Export only cluster values as name or title. [chrisr3d] - No longer exporting the Galaxy name within the name or title, since we have this information somewhere else and the name or title should only be the Galaxy cluster name value - [stix import] Some strings are defined in a cleaner way. [chrisr3d] - [stix2 import] Skipping adding Galaxy info in the Galaxy field and only importing it as tag. [chrisr3d] - [ACL] unpublished_private global setting tightened to include correlations. [iglocska] - Thanks to Jakub Onderka for reporting and providing a fix to this! - [security] missing ACL lookup on attribute correlations. [iglocska] - attribute correlation ACL checks are skipped when querying the attribute restsearch API revealing metadata about a correlating but unreachable attribute. - Thanks to Jakub Onderka for his tireless work and for reporting this! Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'rework_stix' into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge pull request #6028 from JakubOnderka/patch-115. [Andras Iklody] fix: [UI] Typo - Merge pull request #6022 from MISP/rework_stix. [Andras Iklody] STIX parsing updates - Cleanup: [stix] Cleaned up the recently changed scripts. [chrisr3d] Including: - Removed some unused imports and variable - Renamed some variable which could have been built-in methods redefinition - Typos - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge pull request #5916 from JakubOnderka/patch-100. [Andras Iklody] chg: [correlations] Big speedup when correlating CIDR - Merge pull request #6019 from D4-project/2.4. [Andras Iklody] add [widget] Authentication failure widget - Add [widget] Authentication failure widget. [Jean-Louis Huynen] - Wip: [stix2 import] More complete external patterns mapping. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Importing external domain, ip & network traffic patterns. [chrisr3d] - Wip: [stix2 import] Importing external network traffic patterns. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Importing external email patterns. [chrisr3d] - Parsing function to split attachments fields from all the other fields already implemented, we just added the attachment parsing and the attributes handling at the end - Also slight fixes on the from, to and cc refs following the last fix on the export side - Wip: [stix2 import] Handling import case for indicators of which we already parsed the pattern. [chrisr3d] - Wip: [stix2 import] Importing external process indicators. [chrisr3d] - Wip: [stix2 import] Importing external url indicator based on the pattern mapping already implemented. [chrisr3d] - tl;dr: We just took the parsed attributes and callled the appropriate function to handle the import case (attribute or object) - Wip: [stix2 import] Importing external user-account indicators. [chrisr3d] - Also fixed some user-account and credential mapping dictionaries - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Fix"[stix2 import] Fixed process observable objects parsing for STIX documents generated with MISP. [chrisr3d] - Little typo and copy-paste issue - Wip: [stix2 import] Parsing external process observable objects. [chrisr3d] - Also changed parsing of process observable objects from STIX documents generated with MISP to apply the same logic to both use cases - Wip: [stix2 import] Parsing external user_account observable objects. [chrisr3d] - Mapping into credential or user-account MISP objects depending on the case - Wip: [stix2 import] Finally parsing properly external network traffic observable objects with their references and potential extensions. [chrisr3d] - After struggling a lot on it, we ended up parsing external network traffic observable objects independently depending on the actual references they have or not - Chosing this approach instead of the common parsing function handling the different use cases, we can parse each observable object depending on the case, and use common function then when we are sure we determined the actual situation - We no longer start from a common function trying to determine the case using lots of tests, we already know which case it is and go to the common point afterwards - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Network traffic references parsing function for further reuse. [chrisr3d] - Wip: [stix2 import] Importing external autonomous system observable objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Importing external x509 observable objects. [chrisr3d] - Wip: [stix2 import] Importing mac-address external observable objects. [chrisr3d] - Also changed the recently changed mutex import to reuse a function to parse all observable objects of an observed-data object at once to import single attributes - Wip: [stix2 import] Importing external mutex observable objects. [chrisr3d] - Also change on a function name for more clarity and to differenciate more easily functions for observable objects and patterns - Wip: [stix2 import] Importing external registry-key observable objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Updated external observable mapping: files with artifact & directory references. [chrisr3d] - The parsing logic is already there since files with artifact references and files with directory references are supported. We just updated here the mapping dictionary - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Importing external url observable objects. [chrisr3d] - Wip: [stix2 import] Added warning message if not all the observable objects are referenced by an email-message object. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Import of external email message & address observable objects. [chrisr3d] - Reuse of some parsing functions for external and MISP generated STIX files - Added an email references mapping dict to help parsing email addresses, body & content refs references by email message objects - Fixed another indentation issue - Wip: [stix2 import] Import of domain and ip observable objects. [chrisr3d] - Also quick indentation fix - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Import of network-traffic and ip external observable objects. [chrisr3d] - Ongoing rework for external observable objects and patterns in progress - Wip: [stix2 import] Import of external file observable objects. [chrisr3d] - Support of PE extension to create PE object(s) with the corresponding section(s) alongside the file object import - As always with pe and sections, the appropriate references are added too - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Starting parsing external observable objects. [chrisr3d] - Started with file observables - Making 'filter_main_object' function available for both subclasses to split the observable object type we want and all the references - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Struggling with the files and payloads import. [chrisr3d] - Wip: [stix2 import] Removed unused mapping dict + moved constant to the mapping script. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 export] Moved dictionaries in the mapping file & using the complete import path instead of import * from the mapping file. [chrisr3d] - We control and know which mapping dictionary we call and that they come from the mapping script - Started moving all the mapping dictionaries in the mapping file - Attributes parsing function will be moved into the main script - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Moving small parsing functions to the main script. [chrisr3d] - Also passing the function names only instead of storing functions themselves in the dictionary - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Parsing single external IP v4 or v6 address. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Parsing external relationships, galaxies, tags & reports. [chrisr3d] (+ Quick fix on internal tags handling) - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Add: [stix2test] New argument to evaluate events using filenames only and avoid to query MISP. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Handling File objects with PE extension & sections. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Separating file extensions to be parsed later. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Better attack-pattern external references parsing + parsing external galaxies. [chrisr3d] - Wip: [stix2 import] Parsing attack-pattern, course-of-action and vulnerability objects from external stix files. [chrisr3d] - Wip: [stix2 import] Making difference between external and from MISP for some STIX object types. [chrisr3d] - Including Attack Pattern, Course of Action and Vulnerability - Also better file pattern parsing - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Better parsing for more external patterns. [chrisr3d] - Wip: [stix2 import] Some more external pattern mapped. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Starting parsing external patterns. [chrisr3d] - Wip: [stix2 import] Some quick clean-up. [chrisr3d] - Preparing for the future 2.1 import - Removing mapping variables no longer used - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Importing reports external references as links. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Proper parsing of galaxies, and tags. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix. [chrisr3d] - Wip: [stix2 import] Loading relationships in a dictionary. [chrisr3d] - Thus we can parse them afterwards depending on the type of objects they put into relationship - Wip: [stix2 import] Properly loading galaxies as tags. [chrisr3d] - Wip: [stix2 import] Import of CourseOfAction, AttackPattern and Vulnerability as objects reworked. [chrisr3d] - Wip: [stix2 export] Defining relationships between observed-data and galaxy objects. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Wip: [stix2 import] Updated mapping library + removed disable_correlation flags. [chrisr3d] - Since we use the object templates directly for the objects creation, we do not need to have the flag here. - Wip: [stix2 import] Observable import rework completed. [chrisr3d] - Wip: [stix2 import] Process observables import reworked. [chrisr3d] - Wip: [stix2 import] More observable objects reworked. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Wip: [stix2 import] User Account objects import reworked. [chrisr3d] - Wip: [stix2 import] ASN observable import reworked + functions ordered. [chrisr3d] - Wip: [stix2 import] Credential observable import + standard observable parsing function reworked. [chrisr3d] - Wip: [stix2 import] Network socket import reworked. [chrisr3d] - Wip: [stix2 import] Import of network connection objects from observable. [chrisr3d] - Wip: [stix2 import] Started reworking observable objects import. [chrisr3d] - Wip: [stix2 import] All known MISP objects mapped with STIX patterning are now reworked. [chrisr3d] - Wip: [stix2 import] Email pattern import. [chrisr3d] - Wip: [stix2 import] File patterns import reworked. [chrisr3d] - Wip: [stix2 import] Cleaner pattern import into objects. [chrisr3d] - Add: [stix2 export] Exporting process image attribute in observable objects. [chrisr3d] - Wip: [stix2 import] Reworking stix2 import. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] - Add: [stix1 export] Added malpedia in the list of mapped galaxies. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into 2.4. [chrisr3d] v2.4.127 (2020-06-16) --------------------- New ~~~ - [cli] Command for pulling from all remote servers. [Jakub Onderka] - [Tag] Allow Tag's numerical_values to be overriden by userSettings. [mokaddem] - [userSettings] New setting `default_restsearch_parameters` [mokaddem] It allows users to supply restSearch parameters that will be injected (and possibly overridden) into the restSearch filters. - [type] git-commit-id. [Raphaël Vinot] - [UI] Add event ID to page table. [Jakub Onderka] With more tabs, navigation between tabs with different events can be pain, when all of them has the same title. Changes ~~~~~~~ - [PyMISP] Bump. [Raphaël Vinot] - [version] bump. [iglocska] - [internal] Log exception if exception is thrown during event downloading. [Jakub Onderka] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [submodules] Use repository default branch (main) [Raphaël Vinot] - [PyMISP] Rename branch master -> main. [Raphaël Vinot] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [internal] Bump CakePHP to 2.10.22. [Jakub Onderka] - [internal] Drop correlations.{org_id,sharing_group_id,a_sharing_group_id} indexes. [Jakub Onderka] - [internal] Drop correlations.value index. [Jakub Onderka] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [internal] Log exception when querying modules. [Jakub Onderka] - [decayingModel:listTaxoWithNumericalValue] Cleaner usage of uppercased tag. [mokaddem] - [taxonomy] Fixed typo. [mokaddem] - [UI] Make Enrichment Results little bit nicer. [Jakub Onderka] - [events:distributionGraph] Added close button in popover. Fix #5978. [mokaddem] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [tags:checkForOverride] Do not duplicate user id variable. [mokaddem] - [tools] re-add fixed module. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [decaying] `last_seen` takes precedence over `timestamp` [mokaddem] If `last_seen` is set, it will take precedence over the timestamp if no sightings have been recorded. By doing so, we prevent the score to be refreshed if the attribute is slightly modified (a tag is added/removed) - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [usernamehelper] cheese. [iglocska] - [PyMISP] Dump. [Raphaël Vinot] - [correlation] When generating correlation, just fetch attributes that can correlate. [Jakub Onderka] - [correlations] Refactored correlation saving. [Jakub Onderka] * Always show other correlating value (useful for CIDR correlations) * Make correlation saving faster (move more work to database, do not fetch not necessary fields) * Fix some small bugs - [doc] Updates to OpenBSD Install (which fails ATM) [Steve Clement] - [doc] Variable updates. [Steve Clement] - [doc] Reshuffled docs. [Steve Clement] - [doc] Update to OpenBSD 6.7. [Steve Clement] - [cakephp] bump. [iglocska] - updates cakephp to include the UUID generation fix by @RichieB2B to solve the deficiency discovered by @JakubOnderka. You guys rock. - [internal] Faster removing galaxy cluster tags from attributes. [Jakub Onderka] - [UI] Nicer icon for form info. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [installer] Updated to latest Installer. [Steve Clement] - [var] Wrapped vars {} - Made loops around git clones (for ctrl-c resumeability) [Steve Clement] - [galaxy] bump. [iglocska] - [feed] Provide more info when caching feeds about failures. [Jakub Onderka] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] Fix ~~~ - [UI] Double Discussion header when sending comment. [Jakub Onderka] - [internal] object level restsearch issues resolved when querying via filters on the attribute scope, fixes #6016. [iglocska] - use subqueries instead of trying to query on the current scope - associated find queries don't work on habtm relationships - [pull] Correct progress for pull job. [Jakub Onderka] - [internal] Removing attributes from empty event. [Jakub Onderka] - [feeds:saveFreetext] Soft-delete Attributes when performing a delta- merge. [mokaddem] - [EventShell:enrichment] Improved reporting of error messages. [mokaddem] - [users:change_pw] Return error message when trying to use the same password. Fix #5961. [mokaddem] - [galaxy] Fetch all events for galaxy cluster. [Jakub Onderka] - [UI] Show feed caching just for site admins. [Jakub Onderka] Without this patch, when user is not site admin, for all feeds is showed 'Not cached', that is not true. And it also generates a lot of warnings to debug log. - [www] webserver user is www on OpenBSD. [Steve Clement] - [attribute:fetchAttribute] Prevent notices if tags not set while computing decay. [mokaddem] - [internal] Remove unused method. [Jakub Onderka] - [UI] Module diagnostic colors. [Jakub Onderka] - [attribute] Do not allow for IPv4 CIDR masklen bigger than 32. [Jakub Onderka] - [internal] Notices in PHP 7.4 for login page. [Jakub Onderka] - [UI] Bootstrap 2 doesn't support auto position for popover. [Jakub Onderka] - [internal] Fix notice in PHP7.4 when loading events attrs by ajax. [Jakub Onderka] - [internal] Branch setting don't have level value. [Jakub Onderka] - [internal] Remove duplicate code that cause error in PHP 7.4. [Jakub Onderka] - [internal] Check if user is logged before checking if he is site admin. [Jakub Onderka] - [internal] Set notifications count and loggedInUserName just for logged users. [Jakub Onderka] - [documentation] Typo with the CLI function name. Fix #5931. [Sami Mokaddem] - [UI] Do not show Good-Bye when using custom logout. [Jakub Onderka] Becuse without this patch, Good-Bye is show when user successfully log in. - [UI] Galaxy cluster links should be clickable. [Jakub Onderka] - [whitelist] Correclty refresh the cached values. Fix #3772. [mokaddem] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge pull request #5992 from JakubOnderka/download-event-log- exception. [Andras Iklody] chg: [internal] Log exception if exception is thrown during event dow… - Merge pull request #6017 from JakubOnderka/patch-114. [Andras Iklody] fix: [UI] Double Discussion header when sending comment - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #6015 from GlennHD/patch-2. [Andras Iklody] Removed hosts-file.net feeds from default feeds - Removing hosts-files.net files. [GlennHD] Malwarebytes has discontinued the feed: https://forums.malwarebytes.com/topic/258056-hosts-filenet-domain-lists-are-broken-what-happened/ - Merge pull request #5993 from JakubOnderka/pull-progress. [Andras Iklody] fix: [pull] Correct progress for pull job - Merge pull request #6007 from imidoriya/2.4. [Andras Iklody] Fix issue #6006 - sgsids is never set - Fix issue #6006 - sgsids never set. [deku] This value is never set. I expect it should be $sgids from the incoming function variable. - Merge pull request #5990 from cudeso/2.4. [Alexandre Dulaunoy] Dashboard widgets - Avoid us of extra variable treshold. [Koen Van Impe] - Dashboard widgets. [Koen Van Impe] - Widget to display system resources (df, cpu, mem) - Widget to display the latest sightings - Widget to display the false positive sightings above certain treshold - Merge pull request #6003 from GlennHD/patch-1. [Alexandre Dulaunoy] Fixed typo - Fixed typo. [GlennHD] Fixed typo - Merge pull request #5999 from JakubOnderka/pull-all. [Andras Iklody] new: [cli] Command for pulling from all remote servers - Merge pull request #5996 from JakubOnderka/bump-cake. [Andras Iklody] chg: [internal] Bump CakePHP to 2.10.22 - Merge pull request #5991 from JakubOnderka/drop-big-index. [Andras Iklody] chg: [internal] Drop correlations indexes - Merge branch 'decaying-v2' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into decaying-v2. [mokaddem] - Merge pull request #5988 from JakubOnderka/patch-113. [Andras Iklody] fix: [internal] Removing attributes from empty event - Merge pull request #5984 from JakubOnderka/patch-112. [Alexandre Dulaunoy] chg: [internal] Log exception when querying modules - Merge branch '2.4' of github.com:MISP/MISP into decaying-v2. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5972 from JakubOnderka/patch-111. [Andras Iklody] chg: [UI] Make Enrichment Results little bit nicer - Merge pull request #5973 from MISP/fix-soft-delete-feed-delta-merge. [Andras Iklody] Soft-delete Attributes when performing a feed delta-merge - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Add: [stix2] Supporting import & export of file encoding attributes in file objects. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into decaying-v2. [mokaddem] - Merge pull request #5964 from JakubOnderka/patch-109. [Andras Iklody] fix: [galaxy] Fetch all events for galaxy cluster - Merge pull request #5965 from JakubOnderka/patch-110. [Andras Iklody] fix: [UI] Show feed caching just for site admins - Merge pull request #5958 from eschultze/eschultze-phishstats. [Alexandre Dulaunoy] [feed] Add phishstats.info - Add phishstats.info. [eschultze] - Merge pull request #5959 from SteveClement/tools. [Steve Clement] - Merge pull request #5952 from JakubOnderka/patch-107. [Andras Iklody] fix: [internal] Remove unused method - Merge pull request #5955 from JakubOnderka/confusing-module- diagnostic. [Andras Iklody] fix: [UI] Module diagnostic colors - Merge pull request #5941 from MISP/git-commit-id. [Raphaël Vinot] new: [type] git-commit-id - Merge pull request #5942 from JakubOnderka/correlation-saving. [Andras Iklody] Correlation saving - Merge pull request #5906 from JakubOnderka/fix-ipv4-cidr-validation. [Andras Iklody] fix: [attribute] Do not allow for IPv4 CIDR masklen bigger than 32 - Merge pull request #5938 from SteveClement/guides. [Steve Clement] - Merge pull request #5937 from SteveClement/guides. [Steve Clement] - Merge pull request #5936 from JakubOnderka/php74-errors. [Andras Iklody] fix: [internal] Notices in PHP 7.4 for login page - Merge pull request #5935 from JakubOnderka/patch-106. [Andras Iklody] fix: [UI] Bootstrap 2 doesn't support auto position for popover - Merge pull request #5924 from JakubOnderka/php74-errors. [Andras Iklody] Fix notices in PHP 7.4 - Merge pull request #5934 from JakubOnderka/remove-galaxy-tags. [Andras Iklody] chg: [internal] Faster removing galaxy cluster tags from attributes - Merge pull request #5933 from JakubOnderka/patch-105. [Andras Iklody] chg: [UI] Nicer icon for form info - Merge pull request #5930 from SteveClement/guides. [Steve Clement] - Merge pull request #5928 from JakubOnderka/patch-104. [Andras Iklody] fix: [UI] Do not show Good-Bye when using custom logout - Merge pull request #5925 from JakubOnderka/patch-102. [Alexandre Dulaunoy] fix: [UI] Galaxy cluster links should be clickable - Merge pull request #5926 from JakubOnderka/patch-103. [Andras Iklody] new: [UI] Add event ID to page table - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'pr-5256' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5256. [mokaddem] v2.4.126 (2020-05-18) --------------------- New ~~~ - [internal] Do not log auhtkeys. [Jakub Onderka] - [tool] Generates communities webpage. [Christophe Vandeplas] - [pubsub] Show info about processed messages. [Jakub Onderka] - [UI] Make clear that the textarea under event is discussion. [Jakub Onderka] - [sync] (for now) undocumented force pull added. [iglocska] - can only be triggered via the CLI for now - usage: /var/www/MISP/app/Console/cake Server pull [user_id] [server_id] [technique] [force] - the force flag has to be passed as 'force' to avoid accidentally triggering it - What it does: - pulls ignoring the timetamp differences - this means that even older states of events, attributes, objects are ingested - useful for when wanting to reset an event / all events to align with an upstream server - Caveats: - attributes added on the low side are maintained - tags added on the low side are maintained - keep in mind this WILL override attributes that are soft deleted - [restsearch] object restsearch now has the metadata flag. [iglocska] - when set, no attributes are returned - [API] added threat_level_id as a restSearch filter. [iglocska] - [statistics] added contributing org count. [iglocska] Changes ~~~~~~~ - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [ui] Simplified code for OrgImgHelper. [Jakub Onderka] - [installer] Version bump. [Steve Clement] - [installer] Version bump. [Steve Clement] - [installer] Update after Kali Linux fix. [Steve Clement] - [kali] More fixes, perhaps installing cake is useful?! 200QI. [Steve Clement] - [kali] More kali fixes and do not udpate apt all the time. [Steve Clement] - [kali] Added more kali tweaks, remove 2019.x compat. [Steve Clement] - [kali] Some more tweaks and a check if enough space available. [Steve Clement] - [installer] Version bump. [Steve Clement] - [bash] various bash specific enhances (https://stackoverflow.com/questions/3427872/whats-the-difference- between-and-in-bash) [Steve Clement] - [PyMISP] Bump. [Raphaël Vinot] - [opendata] Bumped latest misp-opendata submodule version. [chrisr3d] - [PyMISP] Bump. [Raphaël Vinot] - [server:dbSchema] Added support of mysql's `extra` column. Fix #5860. [mokaddem] - [pubsub] Refactored PubSub tool. [Jakub Onderka] - [feed] Use https when fetching DGAs feed. [Jakub Onderka] - [feed] Modify value when checking if value exists in current event. [Jakub Onderka] - [internal] Do not call Configure method for every attribute. [Jakub Onderka] - [correlations] Faster inserting data to Redis. [Jakub Onderka] - [correlations] Use faster algorithm for IPv6 correlations. [Jakub Onderka] - [installer] Installer bump. [Steve Clement] - [doc] Various install guide updates. [Steve Clement] - [internal] Faster saving attributes. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [test] Set required GnuPG setting. [Jakub Onderka] - [test] Use debug transport for sending emails. [Jakub Onderka] - [restSearch] Option to skip fetching attributes/events when only the metadata is wanted. [chrisr3d] - As for the opendata export we do not need to get the attributes or event, and are only interested in using the metadata, a parameter to skip fetching the actual data collection has been added, and we avoid iterating through the entire data collection. - [opendata] Bumped latest misp-opendata updates. [chrisr3d] - [opendata export] Checking opendata setup and raising exception in case of error. [chrisr3d] - [opendata] Bumped the latest updates on the opendata python script. [chrisr3d] - [user:finaliseAndSendEmail] Aggresively catch errors and log them while sending email. [mokaddem] - Bump PyMISP. [Raphaël Vinot] - [roles] allow the creation site admin enabled roles without auth access. [iglocska] - [i18n] Updated: zh-s. [Applenice] - [i18n] Updated: zh-s. [Applenice] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [installer] Bump version. [Steve Clement] - [doc] Make misp-modules work again. [Steve Clement] - [installer] Version Bump. [Steve Clement] Fix ~~~ - [security] xss in the resolved attributes view. [iglocska] - thanks to Jakub Onderka for reporting it - [UI] Always use capital UUID. [Jakub Onderka] - [feed] Follow redirect when fetching manifest. [Jakub Onderka] - Allow_disabling_correlation not taken into account. [Golbark] - [ui] Always show full logo for related events box. [Jakub Onderka] - [correlations] Ssdeep check all chunks. [Jakub Onderka] - [bug] '' != "" especially when trying to eval vars. [Steve Clement] - [kali] Some issues with function aliasing. [Steve Clement] - [bash] Alias functions need a function and not a string... [Steve Clement] - [kali] More fixes to make sure composer install correctly. [Steve Clement] - [kali] More kali fixes. [Steve Clement] - [installler] Little bug, code would never detect a VM... [Steve Clement] - [kali] When it's ugly, it looks like this. [Steve Clement] - [doc] mkdocs needs to be kept below a certain version. [Steve Clement] - [kali] Kali installer fixes. [Steve Clement] - [kali] Kali is now 2020.x need to fix. [Steve Clement] - [opendata export] Using external_baseurl if set, before baseurl. [chrisr3d] - If external_baseurl is not set, baseurl is used - [opendata export] Internalization of the error messages. [chrisr3d] - [opendata export] Less confusing variable name for the parameter to only skip exporting the data and keep only the header. [chrisr3d] - [stix2 export] Fixed CustomObject creation for MISP objects. [chrisr3d] - [stix2 export] Fixed custom objects export from misp objects. [chrisr3d] - [stix1 import] Fixed ttps list attribute name for STIX document created with MISP. [chrisr3d] - [feed:edit] Do not override feed settings if not provided via the API. Fix #5896. [mokaddem] - [indexTable:quickFulltextSearch] Encode additional characters enabling more search possibilities. Fix #5890. [mokaddem] - [sightingdbs:model] Added default value for `timestamp`. Fix #5887. [mokaddem] - [attribute:simpleAddMalwareSample] Typo in loading `Object` class. Fix #5864. [mokaddem] - Was not spotted before because the fixed line was if fact doing nothing as the class's key was already used - [correlations] Do not check all attributes when cache is empty. [Jakub Onderka] - [correlations] Correlate ShadowAttribute just if exists. [Jakub Onderka] - [correlations] Do not correlate CIDR with CIDR. [Jakub Onderka] - [attribute] modifyBeforeValidation fix for `domain|ip` type. [Jakub Onderka] - [correlations] Return just unique values for CIDR list. [Jakub Onderka] - [correlations] IPv6 CIDR correlations works. [Jakub Onderka] - [correlations] Removed unnecessary Redis call. [Jakub Onderka] - [correlations] Remove references to not exists type 'domain-ip' [Jakub Onderka] - [diagnostic] Updated required version for the stix python library. [chrisr3d] - [stix1 import] Fixed uuids parsing. [chrisr3d] - Using the built-in uuid parsing method to avoid potential issues when some uuids are provided without dashes, instead of getting is as a string, which fails when there is no dash - [stix1 import] Fixed ttps list attribute name. [chrisr3d] - [feed] Job progressbar fix. [Jakub Onderka] - [feed] Optimise saving freetext feeds with a lot of attributes. [Jakub Onderka] - [gitmodules] Using https instead of ssh to avoid permission denied error. [chrisr3d] - [opendata export] No longer using the returnFormat field as the dataset resource format. [chrisr3d] - The resource format can be defined with a 'format' field within the resource field in the setup filter - [attributes:edit] Do not required the distribution anymore. [mokaddem] - [attributes:add] Do not required the distribution anymore. [mokaddem] - [registration] log entry action shortened to not cause issues. [iglocska] - Fixes STIX2 export bugs when trying to use TLP Tags other than TLP_WHITE, resolve attempted dual registration of custom STIX objects. [Tom King] - [JS] left off admin enforced check for the role permission. [iglocska] - to allow auth to be unchecked for site admins - [object restsearch] fixed, no more trailing commas. [iglocska] - [registration] acceptRegistration now accepts non User wrapped input. [iglocska] - [users] accepting registration requests can throw a badly mapped exception. [iglocska] - changed to 400 - [object restsearch] fixed. [iglocska] Endless loop fixed - [ACL] added objects/restSearch. [iglocska] - [UI] Always use UUID with capital letter. [Jakub Onderka] - [registrations] multi-delete fixed. [iglocska] - [API] metadata filter description changed. [iglocska] - [github] Release type no needed :) [Jakub Onderka] - [json converter] fixed an issue if an expected key was not found. [iglocska] - was only accessible due to another bug, but it's more graceful either way - [export] JSON export used the wrong handler for /objects/restSearch. [iglocska] - [stix export] Bump minimum CybOX version to 2.1.0.21. [Richard van den Berg] - [stix2 export] Fixed stix2 imports. [chrisr3d] - All the required features are imported and we no longer import them with * - [installer] Embarassing typo no1, 7.3!=7.4. [Steve Clement] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch 'pr-5917' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5917. [mokaddem] - Merge branch 'pr-5902' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5902. [mokaddem] - Merge branch 'pr-5907' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5907. [mokaddem] - Merge branch 'pr-5911' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5911. [mokaddem] - Merge branch 'pr-5862' into 2.4. [mokaddem] - Merge branch '2.4' into pr-5862. [mokaddem] - Merge branch 'pr-5856' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5856. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5856. [mokaddem] - Clean up errors when trying to update warning lists. [Jason Kendall] - Merge remote-tracking branch 'MISP/2.4' into 2.4. [Christophe Vandeplas] - Merge pull request #5915 from SteveClement/guides. [Steve Clement] - Merge pull request #5914 from SteveClement/guides. [Steve Clement] - Merge pull request #5913 from SteveClement/guides. [Steve Clement] - Merge branch 'guides' of github.com:SteveClement/MISP into guides. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into guides. [Steve Clement] - Merge pull request #5912 from SteveClement/guides. [Steve Clement] - Merge pull request #5891 from MISP/opendata. [Christian Studer] Opendata export via restSearch - Merge branch '2.4' of https://github.com/MISP/MISP into opendata. [chrisr3d] - Merge branch '2.4' of https://github.com/MISP/MISP into opendata. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #5876 from JakubOnderka/pubsub. [Andras Iklody] chg: [pubsub] Refactored PubSub tool - Merge pull request #5863 from JakubOnderka/discussion-header. [Andras Iklody] new: [UI] Make clear that the textarea under event is discussion - Merge pull request #5895 from JakubOnderka/patch-98. [Andras Iklody] chg: [feed] Use https when fetching DGAs feed - Merge pull request #5897 from JakubOnderka/fixed_event_freetext_feed_speedup. [Andras Iklody] chg: [feed] Modify value when checking if value exists in current event - Merge pull request #5904 from stricaud/2.4. [Andras Iklody] Few improvements to misp-config - Few improvements: put the help print in a function. Make sure all the things we update are commented and do not push commented configuration. [Sebastien Tricaud] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5903 from JakubOnderka/correlation-speedup. [Andras Iklody] Correlation speedup - Merge pull request #5889 from JakubOnderka/attribute_correlation. [Andras Iklody] IPv6 CIDR correlations - Merge pull request #5870 from SteveClement/guides. [Steve Clement] - Merge pull request #5892 from JakubOnderka/fixed_event_freetext_feed_speedup. [Andras Iklody] Fixed event freetext feed speedup - Merge branch '2.4' of https://github.com/MISP/MISP into opendata. [chrisr3d] - Merge pull request #5882 from JakubOnderka/build-fix. [Alexandre Dulaunoy] Build fix - Merge branch '2.4' of https://github.com/MISP/MISP into opendata. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Add: [opendata export] Support of the deleting abilities. [chrisr3d] - Deleting a dataset or its resource(s) is now available from the restSearch side as it already is with the python script - Merge branch '2.4' of github.com:MISP/MISP into opendata. [chrisr3d] - Merge pull request #5871 from tomking2/bug/stix2_bugs. [Christian Studer] fix: Fixes STIX2 export bugs when trying to use TLP Tags other than T… - Add: [restSearch] OpenData export module. [chrisr3d] - Add: [restSearch] Added opendata to the valid formats. [chrisr3d] - Add: [opendata] Submoduling misp-opendata. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5861 from JakubOnderka/capital-uuid. [Alexandre Dulaunoy] fix: [UI] Always use UUID with capital letters - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5866 from JakubOnderka/patch-97. [Steve Clement] fix: [github] Release type no needed :) - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5859 from stricaud/mispconfig. [Steve Clement] Adding misp-config, a Perl tool to configure MISP. - Adding misp-config, the Perl tool which configures MISP. It dumps the actual configuration to a prefixed tree, which defaults to /etc/misp/misp.conf.d/ and it sets all the configuration options existing from those files. [Sebastien Tricaud] - Merge pull request #5853 from Applenice/2.4. [Steve Clement] chg: [i18n] Updated: zh-s - Merge pull request #5858 from stricaud/debian. [Steve Clement] Adding the apache modules enablement in preinst - Adding the apache modules enablement in preinst. [Sebastien Tricaud] - Merge pull request #5857 from RichieB2B/ncsc-nl/cybox-version. [Christian Studer] fix: [stix export] Bump minimum CybOX version to 2.1.0.21 - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #5850 from stricaud/debian_2_4_125. [Andras Iklody] Updates on debian package for 2.4.125 - Merge branch '2.4' into debian_2_4_125. [stricaud] - Merge pull request #5846 from SteveClement/guides. [Steve Clement] chg: [doc] Make misp-modules work again - Some changes which improve how Mysql user can be accessed by default, remove the enablement of apache modules in postinst (moved them to preinst). [Sebastien Tricaud] - Added new version bump in changelog. [Sebastien Tricaud] - Adding installation of cakeresque config. [Sebastien Tricaud] - Adding the preinst where required apache modules are enabled. [Sebastien Tricaud] - If the submodules have not been initialized and updated, the debian package will build. However the installation will not be a success. [Sebastien Tricaud] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5843 from SteveClement/tools. [Steve Clement] fix: [installer] Embarassing typo no1, 7.3!=7.4 - Merge remote-tracking branch 'upstream/2.4' into tools. [Steve Clement] v2.4.125 (2020-04-30) --------------------- New ~~~ - [feed] Support for compressed feeds. [Jakub Onderka] - Implementation of email-based OTP. [Golbark] - [security] added policy for github. [iglocska] - [doc] Initial copy for Ubuntu 20.04. [Steve Clement] - [installer] updated template to prepare grounds for 20.04 (php7.4) [Steve Clement] - [misp-wipe] Add option to enable notice and warninglists. [Richard van den Berg] - [internal] cache the sharing group access lookups. [iglocska] - should reduce the number of queries drastically for events heavy on object/attribute level sharing groups - [privacy] filter added for the authkeys in the admin section to make giving trainings easier. [iglocska] - [feeds] index refactor and new features. [iglocska] - added the ability to select an orgc ID for CSV/freetext feeds - all events created from this feed will carry the selected orgc_id - Refactored the index fully - using the factories - better warnings against the dangerous new feed each pull setting - event index search added - several settings cleaned up / made more clear - auto reload of default feed configuration disabled, fixes #2542, fixes #5789 - added a button / endpoint to handle that instead to allow for the deleted default feeds to stay deleted - [IndexTable] improvements all around. [iglocska] - several new field types added (target event, caching) - several updated with new features and functionalities - tied into the new data path collector among other changes - [UI Helper] DataPathCollector helper added. [iglocska] - helps the index factory fields retrieve data from the currently processed object based on a set of paths - [tool] MISP to Slack messaging using ZMQ. [Christophe Vandeplas] - [tool] MISP to Slack messaging using ZMQ. [Christophe Vandeplas] - [database] New MySQL data source added for debugging. [iglocska] - MySQLObserver datasource added - prepends all queries with the requested controller/action and user ID for better debugging - [dashboard] COVID active cases backported from widget collections. [iglocska] - [community] added the COVID-19 MISP community to the list. [iglocska] - [communities] self-registration links now exposed in the communities index. [iglocska] - [registration] fall back to the e-mail domain if no org info is provided. [iglocska] - also, make the org info optional - [inbox] stub controller. [iglocska] - [inbox] system added. [iglocska] - user self-registration is the first use-case - if the feature is enabled, users can unauthenticated send a registration request to MISP - request includes information on desired org and some privileges (sync / org admin / publisher) - requests land in the inbox, admins can inspect the registration requests - they can accept/discard them individually or en masse - users will be notified of their credentials automatically - quick user creation if the user asks for an org that doesn't exist yet Changes ~~~~~~~ - [VERSION] bump. [iglocska] - [pymisp] bump. [iglocska] - [new] Added QEMU support. [Steve Clement] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [installer] Version bump. [Steve Clement] - [db_schema] bumped. [iglocska] - [installer] Update installer to latest. [Steve Clement] - [installer] Initial 20.04 support. [Steve Clement] - [otp] monor changes. [iglocska] - i18n - function naming convention - [internal] Cache result of AppController::_isRest method. [Jakub Onderka] - [advanced extraction] is now the default. [iglocska] - [small changes] improve double loading of models. [iglocska] - some minor changes to improve performance slightly - some i18n additions (weren't present before the PR either) - [Log:beforeSave] Fallback to `SYSTEM` Org if field empty. [mokaddem] - [internal] Removed unused function. [Jakub Onderka] This function has typo in name `beforeValid*e*te`, so its never called. And because everything works, I think it is safe to remove it. - [internal] Speed up of loading event page. [Jakub Onderka] - [events:view] Support of `extended` for posted data. [mokaddem] - [installer] Updated installer to latest version. [Steve Clement] - [doc] Small CLI hint. [Steve Clement] - [doc] Minor updates. [Steve Clement] - [PyMISP] Bump. [Raphaël Vinot] - [doc] Added preliminary 20.04 files. [Steve Clement] - [decaying:restSearch] Always includes computed base_score in the response. [mokaddem] - [i18n] More fr-updates. [Steve Clement] - [i18n] Updated: de, dk, fr, it, jp, no, ru, zh-s. [Steve Clement] - [i18n] Full jpn translation as of 2 months ago. [Steve Clement] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [users:registrations] Catch if no org_id was provided. [mokaddem] - [internal] Log also previous exception. [Jakub Onderka] - [UI] Disable Advanced extraction button if it is not installed. [Jakub Onderka] - [internal] Refactored AttributesController:add_attachment. [Jakub Onderka] - [internal] Refactoring malware handling. [Jakub Onderka] - [sharingGroup:capture] Prevent capture of SG in some specific cases - Need more testing. [mokaddem] Should fix #5784 - [event:timeline] Prevent item selection while in the sighting context. [mokaddem] - [event:timeline] Added Sightings visualisation. [mokaddem] - [user:registration] Added audit log. [mokaddem] - [user:acceptRegistration] Added fail message. [mokaddem] - [user:acceptRegistration] Default to instance's default role if role_id not passed. [mokaddem] - [user:regitration] Accept/Discard registration accept UUID as parameter. [mokaddem] - Bumped db_schema.json. [mokaddem] - [ACL] updated. [iglocska] - [ACL] added the feed data reload. [iglocska] - [misp-objects] bump. [iglocska] - [objects] bump. [iglocska] - [stix2] Bumped latest STIX2 python library version. [chrisr3d] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [widgets:multiline] Allow to ctrl+click on labels to hide the others. [mokaddem] - [logs:search] Added support of JSON return format. [mokaddem] - [event:restSearch] Added `includeEventCorrelations` parameter. [mokaddem] - [taxonomies] updated. [iglocska] - [events:exports] Migrated majority of export type to use restSearch. [mokaddem] - [index field] org field updated to allow for org information not local to the current instance (no ID set) [iglocska] - [registrations] show the time of request's creations. [iglocska] - [db_schema] Bumped schema. [mokaddem] - [registration:index] Added titles to buttons. [mokaddem] - [warninglists] bump. [iglocska] - [cakephp] version bump to get TLS 1.3 support, fixes #5764. [iglocska] - #yolo - [taxonomies] revert. [Alexandre Dulaunoy] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [widgets:trendingTags] Added threshold parameter to let user decide the # to show. [mokaddem] - [dashboard] Added COVID widgets to the default installation from widget-collections. [iglocska] - should be interesting enough for all at this point. We might remove it again once COVID-19 is finally gone from our lives - [stix2 libray] Bumped latest python library version. [chrisr3d] - [stix2 export] Setting datetime fields. [chrisr3d] - Instead of letting the created and modified fields set by default, we set them with the timestamp value (or date in case of an event) - The first_seen & last_seen values (or equivalent like valid_from, valid_until, depending on the STIX object type) are set to the first_seen / last_seen if possible, otherwise timestamp - [warninglists] bump. [iglocska] - [cleanup] removed bad idea that got barfed into the codebase. [iglocska] - [syslog] added title of log entry. [iglocska] - [warninglists] updated. [iglocska] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [server:dbSchemaDiagnostic] Support of display width and updated `db_schema.json` [mokaddem] - [settings] disabling background jobs now counts as a misconfiguration. [iglocska] - [publish alert] linebreak issue fixed, added notification about why the user receives the e-mail. [iglocska] Fix ~~~ - [internal] Just site admin can force when saving freetext. [Jakub Onderka] - [installer] Bug where the wrong php deps would get installed. [Steve Clement] - [installer] Fix a bug where the installer fails if apt update has never been run. [Steve Clement] - [user settings] corrected field name. [iglocska] - [internal] Edge case where due to an old invalid update script an instance could end up with the wrong key in user settings. [iglocska] - this should resolve the issue for affected users - no change for everyone else - [otp] pre-auth action list only expanded if otp is enabled. [iglocska] - [otp] enabling it requires e-mailing to be enabled. [iglocska] - [ACL] a private function was missing the __ causing the ACL checker to return it as an unmapped accessible function. [iglocska] - [internal] syslog shouldn't end with new line. [Jakub Onderka] Because then two lines are logged - [internal] Remove unused code. [Jakub Onderka] - Remove unused variable. [Jakub Onderka] - [event] fixes missing correlations with combined types (#5832) [Christophe Vandeplas] * fix: [event] fixes missing correlations with combined types also some other missing variable bug - [internal] Deleting multiple Redis keys. [Jakub Onderka] - [UI] Proper object table header when includeRelatedTags. [Jakub Onderka] - [doc] MISP expects lief 0.10.1. [Steve Clement] - [cake] more new defaults as per https://github.com/MISP/MISP/issues/5803. [Steve Clement] - [templates:add] Adding tag do not submit the form anymore. Fix #5826. [mokaddem] - [Console:Server] Added `configLoad` task. Fix #5793. [mokaddem] - [galaxyCluster:index] Restored search functionality. [mokaddem] - [feed:add] Do not override `new_event_at_each_pull` value. Fix #5815. [mokaddem] - [attribute:restSearch] Make sure to always pass all tags to Decaying's computation function. [mokaddem] - [internal] HTML code in view_event_distribution_graph. [Jakub Onderka] - Correct flash message when sending e-mail. [Jakub Onderka] - [misp-wipe] bring wiping up to date with MYSQL.sql. [Richard van den Berg] - [pagination] Fixed bottom pagination links on the bottom. [iglocska] - [registrations] Users can now register using the API without a valid key, affects #5783. [iglocska] - [attribute:edit] Prevent save for invalid sharing_groups ids. [mokaddem] - [attribute:add] Prevent save for invalid sharing_groups ids. [mokaddem] - [event:view] Restored disabled_correlation toggle. [mokaddem] - [correlations] Update correlations on Attribute or Event `distribution` change. [mokaddem] - [event:fetchEvent] Block viewing Objects/Attributes if the user does not belong to the sharing_group. [mokaddem] Even if these elements belong to the user. Similar explanation than for 7cd2175 - [event:fetchEvent] Block viewing the event if user does not belong to the sharing_group. [mokaddem] Even if the event belongs to the user. This scenario can happen if a remote sync is badly configured where the remote sync user have site_admin right, thus allowing the user to see the event even though he is not part of the SG - [user:registration] Default undefined message to empty string. [mokaddem] - [internal] Remove already removed git modules. [Jakub Onderka] - [stix2 export] Fixed STIX JSON Encoder import. [chrisr3d] - With the latest update it is no longer part of stix2.base but stix2.v20.base by default, so we need to import it from stix2.base manually - [feed index] Converted to static tags to skip erroneous add tag buttons. [iglocska] - [ajaxTags] resolved not set searchURL string. [iglocska] - [observer datasource] fixed for the QueryTool. [iglocska] - [internal] Added a setting to skip positive attribute level filters on the event scope. [iglocska] - when running a large MISP community, it is bound to happen that your instance will be used as the back-end for internal tooling - often these tools are configured to fetch aggressively, often with heavy consequences on the server load - some filter that serves mostly edge-case lookups can mistakenly lead to heavy server load for no good reason We have identified attribute level positive filters on the event scope to be such a filter and made them optionally toggle-able via the MISP.attribute_fitlers_block_only flag. Turning the setting on will remove all event level filters such as "type" from being viable filter candidates unless used to block the inclusion of attribute types. Some examples: "type": {"OR": ["ip-dst", "ip-src", "hostname", "domain"]} would normally return ANY event that has at least one of the listed attribute types. This is the behaviour that can now be disabled. "type": {"NOT": ["iban", "cc-number"]} would normally remove any attributes with the given types from the list of returned events. This functionality is NOT affected by the toggle. - [stix1 import] Fixed object name handling causing errors in some cases. [chrisr3d] - With a wrong object name, the correct function was not reached, reaching some unexpected errors - [API] event index queries refactored. [iglocska] - fixed ID lookups to be more graceful (IN() instead of OR-d statements) - removed default sorting which is the default anyway but introduces a massive overhead - [database] made MySQLObserver php < 7.2 compliant. [iglocska] - [database] bruteforce check relaxed for datasource. [iglocska] - [database] added missing file. [iglocska] - [restresponse] invalid keyword for controllers blocked SQL data to be appended on demand. [iglocska] - [tool] slackbot cosmetic change. [Christophe Vandeplas] - [genericTable:rowDblclick] Made row selector more lax. [mokaddem] - [decaying:base] MAke sure to return a tag event if it's not part of a taxonomy. [mokaddem] - [stix1 export] Exporting all tags as Marking. [chrisr3d] - Not only for TLP tags - Not TLP tags are SimpleMarking and no longer journal entry as they were before - [server:DBSchemaDiagnostic] Quote index column's name and added missing keyword. [mokaddem] - [events:export-csv] Default to_ids to be 1. [mokaddem] - [stix1 import] Avoiding Php notice because of the end function. [chrisr3d] - Same as 8f90f79 - [stix1 import] Updated the email message mapping to support the message-id attribute import. [chrisr3d] - [UI] Added missing delete button for organisations, fixes #5773. [iglocska] - [self-registration] added missing field. [iglocska] - [user:email] Replaced query parameters by cake's named parameters. Hopefully fix #5745. [mokaddem] - [user registration] reverted bug introduced in previous commit restricting the org choice to the suggested org if there was a match. [iglocska] - [console:admin] getSetting can be used to retrieve all settings. [mokaddem] - [user registration] minor bug fixes. [iglocska] - [user registration] automatically convert selected orgs to local as described in the tool. [iglocska] - [trialing commas] removed. [iglocska] - [stix2 export] Avoiding the "end" function to return a notice. [chrisr3d] - It looks like depending on the Php version, the end function does not like to have the reference of an array. By delaying its call, we pass the actual array and the notice no longer appears - [stix2 export] Fixed datetime fields format in custom objects. [chrisr3d] - [widgets:trendingTags] Removes unused vars. fix #5761. [mokaddem] - [API] fixes to set_filter_uuid. [iglocska] - [search] Fixed the UUID / ID searches on the attribute scope, fixes #5636. [iglocska] - [UI] API reset link fixed on the automation page, fixes #5749. [iglocska] Other ~~~~~ - Merge pull request #5207 from JakubOnderka/patch-33. [Steve Clement] fix: [internal] Just site admin can force when saving freetext - Merge pull request #5842 from SteveClement/tools. [Steve Clement] chg: [new] Added QEMU support - Merge branch 'eventTimeline-sightings' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into eventTimeline- sightings. [mokaddem] - Merge branch '5802' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 5802. [iglocska] - Merge pull request #5841 from SteveClement/guides. [Steve Clement] fix: [installer] Bug where the wrong php deps would get installed - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Revert "Merge branch '5835' into 2.4" [iglocska] This reverts commit 48132af1796b13e888ecdc77fa0e25787d517242, reversing changes made to 9a22aa1f3c1295ab4715e7043e09fa3797b592cb. - Merge branch '5834' into 2.4. [iglocska] - Merge branch '5835' into 2.4. [iglocska] - Merge branch 'stix2-info-patch' of https://github.com/pan-unit42/MISP into stix2-info-patch. [kscheetz] - Merge branch '2.4' into stix2-info-patch. [kscheetz] - Fixes missing self argument bug. [kscheetz] - Moved info assignment to method. [kscheetz] - Simplification for code complexity reqs. [kscheetz] - Merge branch '2.4' into stix2-info-patch. [kscheetz] - Preserve report order. [kscheetz] - Stix2 importer naming change. [kscheetz] - Fixes missing self argument bug. [kscheetz] - Moved info assignment to method. [kscheetz] - Simplification for code complexity reqs. [kscheetz] - Preserve report order. [kscheetz] - Stix2 importer naming change. [kscheetz] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5840 from SteveClement/tools. [Steve Clement] chg: [installer] Initial 20.04 support - Merge branch '5726' into 2.4. [iglocska] - Hook into native authentication flow instead of beforefilter which prevents any after-auth bypass and rely on framework session management. [Golbark] - Merge branch '2.4' into email-otp-implementation. [Golbark] Conflicts: app/Model/Server.php - Add consistent i18n support for all strings. [Golbark] - Rely on session_id instead of user_id and address minor comments. [Golbark] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5561 from JakubOnderka/is_rest_cache. [Andras Iklody] chg: [internal] Cache result of AppController::_isRest method - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5816 from Applenice/2.4. [Andras Iklody] Modify the default parsing settings of Phishtank feed - Modify the default parsing settings of Phishtank feed. [Applenice] - Merge branch '5272' into 2.4. [iglocska] - Merge branch '2.4' into 5272. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'pr-5827' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into pr-5827. [mokaddem] - Merge branch 'pr5709' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into pr5709. [mokaddem] - Merge branch 'JakubOnderka-event_loading_speedup' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into JakubOnderka- event_loading_speedup. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Update SECURITY.md. [Andras Iklody] - Merge pull request #5833 from MISP/Rafiot-patch-5. [Andras Iklody] Update SECURITY.md - Update SECURITY.md. [Raphaël Vinot] - Merge branch 'JakubOnderka-patch-96' into 2.4. [mokaddem] - Merge branch '2.4' into JakubOnderka-patch-96. [mokaddem] - Fixes failed insert on existing records. [kscheetz] - Fixes missing MySQL ignore table statements. [kscheetz] - Merge branch '5819' into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch 'JakubOnderka-redis-delete-multiple' into 2.4. [mokaddem] - Merge branch '2.4' into JakubOnderka-redis-delete-multiple. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5606 from JakubOnderka/patch-82. [Sami Mokaddem] fix: [UI] Proper object table header when includeRelatedTags - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5824 from SteveClement/guides. [Steve Clement] fix: [py] Updated lief to a recent known working version - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5821 from Cooper-Dale/patch-1. [Andras Iklody] bugfix in Suricata export template - Bugfix in Suricata export template. [Cooper Dale] PR for reported bug https://github.com/MISP/MISP/issues/5766 based on suggestion @stacsirt, tested on my instance and it is working great - Merge pull request #5823 from SteveClement/guides. [Steve Clement] chg: [doc] Added preliminary 20.04 files - Merge pull request #5822 from SteveClement/tools. [Steve Clement] new: [installer] updated template to prepare grounds for 20.04 (php7.4) - Merge pull request #5574 from JakubOnderka/patch-80. [Andras Iklody] fix: [internal] HTML code in view_event_distribution_graph - Merge pull request #5818 from JakubOnderka/patch-93. [Andras Iklody] fix: Correct flash message when sending e-mail - Merge pull request #5158 from Kortho/patch-1. [Steve Clement] added libcxx-devel to yum install list - Added libcxx-devel to yum install list. [Kortho] Needed to compile LIEF - Merge pull request #5811 from RichieB2B/ncsc-nl/fillwipe. [Steve Clement] Enable notice- and warninglists after misp-wipe - Update misp-wipe.conf.sample. [Steve Clement] prefer false atm - Merge pull request #5776 from srikwit/patch-1. [Steve Clement] Removing mentioned stable support for Debian 9 - Removing mentioned stable support for Debian 9. [srikwit] As there is no file `INSTALL.debian9.txt` and we only have a file with the name `xINSTALL.debian9.txt`. The Debian 9 support seems to be experimental. - Merge pull request #5763 from RichieB2B/ncsc-nl/fix-gpg. [Steve Clement] Set SELinux context for crypt-gpg-pinentry - Set SELinux contect for crypt-gpg-pinentry, fixes #4796. [Richard van den Berg] - Merge pull request #5651 from Kortho/patch-5. [Steve Clement] username for service set from environment variable - Username for service set from environment variable. [Kortho] Username is now fetched from environment variable instead of being hard coded - Merge pull request #5644 from Kortho/patch-4. [Steve Clement] moved and added install to python-cybox - Moved and added install to python-cybox. [Kortho] python-cybox missed the installation, moved the cd, and added the install - Merge pull request #5812 from SteveClement/i18n. [Steve Clement] chg: [i18n] Updated: de, dk, fr, it, jp, no, ru, zh-s - Merge branch 'i18n' of github.com:MISP/MISP into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge remote-tracking branch 'origin/2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge remote-tracking branch 'upstream/2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' into i18n. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #5255 from JakubOnderka/patch-46. [Andras Iklody] fix: [internal] Remove already removed git modules - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch 'feed_index' into 2.4. [iglocska] - Add: [stixtest] Scripts to get a visual evaluation of the STIX2 export & import. [chrisr3d] - We get the initial MISP event, we export it in STIX2 format, and use the import script on this file to compare the initial MISP event with the one created with the STIX2 import - Since the export to STIX2 and import from STIX2 are lossy, we do not expect the results to be perfect, but the enumeration of the differences confirm what we already know as lost in the full process, so we can see what is not going as expected - The API key could be gathered from MISP, but these small testing scripts were first intended to be standalone, and are only for testing purposes - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge remote-tracking branch 'MISP/2.4' into 2.4. [Christophe Vandeplas] - Add: [stix1 framing] Added the Simple marking in the STIX namespaces. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge pull request #5767 from MISP/fix-csv-toids. [Andras Iklody] fix: [events:export-csv] Default to_ids to be 1 - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5672 from patriziotufarolo/2.4. [Andras Iklody] Fixes STIX2 export failing with "ANTLR runtime and generated code versions disagree: 4.8!=4.7.1" - Ensure we only have the last line from the shell command when exporting STIX2. [Patrizio Tufarolo] Same as e3b1e8c74a0b40cdb54be938bcea4d9b28a7f0b9 but for exporting STIX2 - Merge pull request #1 from MISP/2.4. [Patrizio Tufarolo] Align fork - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5727 from stricaud/debian. [Alexandre Dulaunoy] - Various improvements: * Do not push a string for VERSION.json but use the file in the repository * If database already exist, move on. [Sebastien Tricaud] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5746 from 4ekin/pg_branch. [Andras Iklody] Fixed bugs with PostgreSQL in bruteforce and feed models - Fixed bugs with PostgreSQL in bruteforce and feed models. [Bechkalo Evgeny] v2.4.124 (2020-03-30) --------------------- New ~~~ - [attributes:massEdit] Possibility to create proposals instead of edit. [mokaddem] - Add support for RHEL in the install script. [Golbark] - [audit] Added user monitoring. [iglocska] - site admins can set the monitoring flag on a user if the feature is enabled on the instance - monitored users will have all requests logged along with POST bodies - keep in mind this functionality is quite heavy and intrusive - so use it with care. The idea is that this allows us to track potentially malicious users during an investigation - [UI] indexTable new fields / some refactoring. [iglocska] - [helper:scopedCSS] Moved implementation in a helper. [mokaddem] - Country galaxy generator. [iglocska] - [dashboard] multi line chart UI added. [iglocska] Changes ~~~~~~~ - [server:dbSchemaDiagnostic] UI Improvement to hide tables containing only non-critical entries. [mokaddem] - [security] Added setting to restrict the encoding of local feeds. [iglocska] - By adding local feeds, a malicious administrator could point MISP to ingest configuration files that the apache user has access to - This includes some more sensitive files (database.php / config.php / .gnupg data) - Whilst this is currently not leading to an exploitable vulnerability as the current implementation wouldn't trigger on the values, having a setting to disable this will become much more interesting once we have a system in place for custom feed parsers - The setting can only be enabled/disabled via the CLI - As reported by Matthias Weckbecker - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] - [publish alert] default added to user creation via the API. [iglocska] - Bumped queryversion. [mokaddem] - [attribute:edit] Added support of chosen - fix #5736. [mokaddem] - [widgets:mutliline] Usage of bootstrap's tooltip and fixed another loading race-condition. [mokaddem] - [alert] emails now have instructions on how to disable them. [iglocska] - [widgets:multiline] Added possibility to pick datapoint and see the deltas. [mokaddem] - [warninglist] bump. [iglocska] - [warninglist] bump. [iglocska] - [genericElement:indexTable-links] Allow to craft an URL with custom data_path. [mokaddem] - [genericElement:IndexTable] Allow to pass pagination options to paginator element. [mokaddem] - [widgets:multilines] Improved tooltip placement strategy. [mokaddem] - [taxonomies] bumped. [iglocska] - [widgets:multiline] Improved label wrapping. [mokaddem] - [widgets:multiline] Integrated CSS and new config `hideAxis` [mokaddem] - [widgets:worlmap] Resize map on widget container resize. [mokaddem] - [widgets:ui] Added possibility to listen to widget-resize events. [mokaddem] - [widgets:multiline] Support of linear x-axis. [mokaddem] - [widgets:multiline] Pass widget_config to the view. [mokaddem] - [widgets:multiline] Flip tooltip position if necessary. [mokaddem] - [widgets:multiline] Adapt left margin for big numbers. [mokaddem] - [widgets:multiline] Added more Options, datapoints and total serie. [mokaddem] - [widgets:multiline] Layout, UI and interactivity improvements - WiP. [mokaddem] - [galaxy:view] Commented `altered galaxy` for now. [mokaddem] - [galaxyCluster:index] Migrated to use the genericElement factory + added sparkline and icon genericIndex fields. [mokaddem] - [galaxyCluster:view] Migrated to use the genericElement factory. [mokaddem] - [galaxy:index] Cleaned up artifacts from galaxy2.0. [mokaddem] - [galaxy:view] Migrated to use the genericElement factory. [mokaddem] - [galaxy:index] Migrated to use the genericElement factory. [mokaddem] - [views:genericElements] Multiple addition and improvements for generic IndexTable, TopBar and Form. [mokaddem] - [feeds metadata] fix incorrect timestamp field. [Alexandre Dulaunoy] - [style] Added spaces in JSON used for the automation examples. [iglocska] - [community] CogSec Collab disinformation sharing community :D. [VVX7] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [galaxy] bump. [iglocska] - [helper:ScopedCSS] Usage of PHP_EOL. [mokaddem] - [scopedCSS] Added more doc and allow having scoped and not scoped mix. [mokaddem] - [scopedCSS] Simplified usage and added documentation. [mokaddem] - [widgets:multiline] Switched to scoped css usage. [mokaddem] - [widgets] Added support of scoped CSS. [mokaddem] - [travis] cat exec errors file. [Raphaël Vinot] Fix ~~~ - [sync] Added function to handle older MISP instances despite the new way of passing org filter options. [iglocska] - [event:view] Show correct number of related events to be shown - Fix #5732. [mokaddem] - [objecs:reviseObject] Pass forgotten template data - Fix #5733. [mokaddem] - [event index] org filter correctly accepts array in addition to pipe delimited values. [iglocska] - fixes pull org filters - [emailing] Added setting for default publish alert behaviour when creating new users. [iglocska] - [installer] Updated installer checksums. [Steve Clement] - [attribute:edit] Create chosen picker when modal is shown. [mokaddem] - [eventGraph:picture] Take correct Attribute picture's name. [mokaddem] - [widget:mutlieline] Take into account scrollY position. [mokaddem] - [widgets:multiline] Racecondition executing `init` and fetching d3.js twice. [mokaddem] - [pull] pull filters fixed. [iglocska] - [widgets:multiline] Ensure that d3.js is loaded only once. [mokaddem] - [widgets:SimpleList] Fit minimum vertical space. [mokaddem] - [widgets:multiline] Correctly parse boolean text for `showAxis` [mokaddem] - [galaxy:view] View altered galaxies/clusters buttton correctly redirect. [mokaddem] - [php] compatibility with older versions. [iglocska] - [servers:pull_rules] Allows sync parameter rules to be above 40 chars. [Sami Mokaddem] - [message] user creation shouldn't include the "User notified of new credentials" part of the notification mesage if emailing is disabled. [iglocska] - [install] Updated installer and checksums. [Steve Clement] - [INSTALL] Properly run tests. [Raphaël Vinot] - [suricata] fixed an invalid validation of https hostnames that blocked the attributes from being included in the exports. [iglocska] - [dashboard] css conflict resolved. [iglocska] - in a really hacky way for now - [side menu] Fixed Dashboard link from the side menu in the statistic view. [chrisr3d] - [thread:view] Threads are no longer rendered for not related Event on rare occasion. [mokaddem] - [user:login] Added support of `RFC822` for older PHP version. [mokaddem] - [stix export] Fixed cybox object import. [chrisr3d] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5643 from Kortho/patch-3. [Steve Clement] fixed python venv creation command - Fixed python venv creation command. [Kortho] The command for creating virtual environment in RHEL was wrong, fixed it :) - Merge pull request #5706 from RichieB2B/ncsc-nl/venv-ssdeep. [Steve Clement] Fix venv and ssdeep for RHEL 7 - Update INSTALL.rhel7.md. [Steve Clement] - Install ssdeep PHP module on RHEL 7. [Richard van den Berg] - Fix virtualenv creation on RHEL 7. [Richard van den Berg] - Merge pull request #5705 from Golbark/redhat-install-script-support. [Steve Clement] new: usr: add support for RHEL in the install script - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5721 from stricaud/debian2. [Andras Iklody] Debian improvements - Add installation files: workers and VERSION.json. [Sebastien Tricaud] - Adding missing packages. [Sebastien Tricaud] - Adding compat file. [Sebastien Tricaud] - Bump version in changelog. [Sebastien Tricaud] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'feature-widget-multipleline' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into feature-widget- multipleline. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into view-migration-galaxy. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'GlennHD-2.4' into 2.4. [Alexandre Dulaunoy] - Merge branch '2.4' of https://github.com/GlennHD/MISP into GlennHD-2.4. [Alexandre Dulaunoy] - Fixed indentation of DigitalSide & Metasploit CVEs. [GlennHD] Fixed indentation of DigitalSide & Metasploit CVEs to align with others. - Added Malware Bazaar. [GlennHD] Added abuse.ch Malware Bazaar - Merge pull request #5717 from VVX7/2.4. [Andras Iklody] chg: [community] CogSec Collab disinformation sharing community :D - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5707 from MISP/feature-widgets-scoped-css. [Andras Iklody] Scoped css for widget - Merge branch '2.4' of github.com:MISP/MISP into feature-widgets- scoped-css. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5697 from MISP/chrisr3d_patch. [Andras Iklody] Fix link to the dashboard from the statistics page - Merge remote-tracking branch 'origin/2.4' into chrisr3d_patch. [chrisr3d] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [chrisr3d] v2.4.123 (2020-03-10) --------------------- New ~~~ - [dashboard] added template delete functionality. [iglocska] - [dashboard] persistence package. [iglocska] - export dashboard state - import dashboard state - save dashboard state - make it available to others on the instance on demand - admins can set a default password for users that don't have anything configured yet - load another template based on what the community has shared - added Whoami widget which was an outcome of the ESDC training - various improvements, new fields for genericElements, etc - [workers] restart all dead workers. [iglocska] - [widgets] Whoami widget added. [iglocska] - [dashboard] various fixes / improvements. [iglocska] - simple list now accepts arrays for values - fixed margin issues - fixed empty sync test issues - [dashboard] added a way to auto reload widgets. [iglocska] - has to be defined in the code of the widget - [widget] World map widget added. [iglocska] - [dashboard] Resource widget added. [iglocska] - [favourite] glow orange when on the page that is already bookmarked. [iglocska] - thanks to @mokaddem (graphman) for the idea - [dashboard] Added cachelifetimg setting as opposed to hard-coded value. [iglocska] - [dashboard] Added server resource module and some fixes. [iglocska] - [Dashboard] added hook to check for permissions on module load. [iglocska] - allows for modules to have role / host org restrictions - [Dashboard] system. [iglocska] - Dashboard - modular similar to restSearch - build your own widgets - use a set of visualisation options (more coming!) - full access to internal functions for queries - auto discover core and 3rd party widgets - rearrange / configure widgets for each user individually - rearrange / resize widgets - settings can be configured by a site-admin on behalf of others - modules have a self-explain mode to guide users - caching mechanism for the modules / org - set homepage / user - various other fixes - [API] object level restSearch added. [iglocska] still WiP Changes ~~~~~~~ - [stix2] Bumped latest stix2 python library version. [chrisr3d] - Bump PyMISP. [Raphaël Vinot] - [version] bump. [iglocska] - [cleanup] removed alert. [iglocska] - [misp-warninglists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonimies] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [dashboard] world map scale parameterised. [iglocska] - [widget:worldmap] Reusage of declated variable. [mokaddem] - [widget:worldmap] Various JS and UI Improvements. [mokaddem] - Variables and function have their own scope, not overridin each other - Scale color ranges from blue to red - Tooltip picks the correct data instead of the latest declared one - PHP no longuer printed in JS, avoiding the need of `eval` command - Widget redraw itself after a page resize - [login] Display last time the user logged in. [mokaddem] - [response header] Added `X-XSS-Protection` header. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [server:rest] Query builder gets loaded with body after the POST. [mokaddem] fix #5680 - Removed unwanted indentation. [mokaddem] - [dashboard] show owner email of template to site owners and the owner themselves. [iglocska] - [dashboard] cleanup. [iglocska] prevent @mokaddem's and @rommelfs's eyes from bleeding - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [dashboard] Allow for the use of subdirectories in /app/Lib/Dashboard/Custom to be able to git clone repos. [iglocska] - [querystring] bumped. [iglocska] - [dashboard] views for widgets updated. [iglocska] - [clenaup] removed old dashboard. [iglocska] - [dashboard] Custom dir added. [iglocska] - [wip] test. [iglocska] - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - Make contact reporter gender neutral. [Raphaël Vinot] - [i18n] Updated: Simplified Chinese, German, Italian, Spanish, Russian. [Steve Clement] - [i18n] Updated pot files. [Steve Clement] Fix ~~~ - [travis] ANTLR 4.8 works again. [Raphaël Vinot] - [ACL] added deleteTemplate. [iglocska] - [dashboards:edit] Prevent overriding the edited template with data stored in user-settings. [mokaddem] - [dashboard:saveTemplate] Prevent array re-indexing causing issue with HTML select's option value. [mokaddem] - [dashboard] grid scope fix. [iglocska] - [sfv] Checksums wrong. [Steve Clement] - [dashboard] several small fixes. [iglocska] - fixed issue of first few updates failing right after adding a self updating widget - don't try to reload a removed widget - fixed the internal random parametrised widget refresh to something more sane - [user:resetAuthkey] Allows the function to be called. [mokaddem] - [flashErrorMessage] Sanitized error message printed by session that should never contains user-made text. [mokaddem] - Better safe than sorry - [user:edit] Prevent password change with the current password. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [user:edit] Correctly re-insert form data wipping password information. [mokaddem] - [security] Fixed presistent xss in the sighting popover tool. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [user:resetauthkey] Method can only be accessed via POST request. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [security] Fix reflected xss via unsanitized URL parameters. [mokaddem] - As reported by an external pentest company on behalf of the Centre for Cyber security Belgium (CCB) - [settings] `require_password_confirmation` set to true by default. [mokaddem] - [attribute:validation] Better validation of IPv6-[dst/src] and improved display. [mokaddem] fix #5682 - [logs] pagination settings are lost when flipping pages after a search. [iglocska] - [widgets] worldmap fixed. [iglocska] - [dashboards] fixed invalid recall of dashboard template. [iglocska] - [ACL] added new function to ACL. [iglocska] - [js] fixed invalid defaults passed from php. [iglocska] - [cleanup] removed disabling the caching of dashboard widgets for debug purposes. [iglocska] - [dashboard] Some widget visualisation fixes. [iglocska] - [cleanup] [iglocska] - [synctool] tests improved. [iglocska] - [CLI] change authkey description fixed. [iglocska] - [homepage] redirects fixed. [iglocska] - [user settings] fixed unlocking of API routes. [iglocska] - [dashboard] fixed an issue when adding a widget with an empty config. [iglocska] - [API] Json converter fixed. [iglocska] - [dashboard] fixed multiple adds failing. [iglocska] - [dashboard] Fixed adding widgets losing their config settings. [iglocska] - [dashboard] custom routing fixed. [iglocska] - [i18n] Various edits and small __('') addeage. [Steve Clement] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Bumped db_version. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #5687 from MISP/feature-widget-improvement. [Andras Iklody] chg: [widget:worldmap] Various JS and UI Improvements - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge branch 'feature/dashboard' into 2.4. [iglocska] - Merge branch '2.4' into feature/dashboard. [iglocska] - Merge pull request #5670 from SteveClement/i18n. [Steve Clement] chg: [i18n] Updated: Simplified Chinese, German, Italian, Spanish, Russian - Merge pull request #5669 from SteveClement/i18n. [Steve Clement] chg: [i18n] Updated pot files - Merge branch '2.4' into i18n. [Steve Clement] - Merge pull request #5668 from SteveClement/i18n. [Steve Clement] fix: [i18n] Various edits and small __('') addeage. v2.4.122 (2020-02-26) --------------------- New ~~~ - [logging] Log user IPs on login. [iglocska] - feature is optional and needs to be enabled in the server settings - on successful login logs the associated user ID for a given IP (30 day retention) - also logs the IP for the associated user ID (indefinite retention) - added two command line tools to query - Get IPs For User ID: MISP/app/Console/cake Admin UserIP [user_id] - Get User ID For User IP: MISP/app/Console/cake Admin IPUser [ip] - [communities] Added Danish community and some fixes to the community system. [iglocska] Changes ~~~~~~~ - [pymisp] bump. [iglocska] - Use poetry in travis. [Raphaël Vinot] - [version] bump. [iglocska] - Bump PyMISP. [Raphaël Vinot] - [database] Added db entry to re-correlate Attributes. [mokaddem] - [submodule] updates. [iglocska] - [UI] show customauth header. [iglocska] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [internal] Removed unused function. [Jakub Onderka] - [internal] Little bit faster ssdeep saving. [Jakub Onderka] - [mispzmq] Do not create array every 0.1 sec. [Jakub Onderka] Should lead to little bit lower CPU usage - [internal] Update composer.phar to version 1.9.0. [Jakub Onderka] - [objects] updated to the latest version. [Alexandre Dulaunoy] - [version] bump. [jcarter] Fix ~~~ - Run python tests from python. [Raphaël Vinot] - [CLI] allow for calling the update via the CLI without passing a process ID. [iglocska] - Properly install PyMISP with poetry. [Raphaël Vinot] - Missing dependency for poetry. [Raphaël Vinot] - [correlations] fix to an issue where attribute edits could purge correlations. [iglocska] - bug introduced by a merge gone wrong - attribute edits that modify fields that do not affect the correlations (such as to_ids, comment, etc) would cause correlations to be purged - [sync] allow for both the minimal and searchminimal keywords to be used on the event index. [iglocska] - until now due to a bug only searchminimal was used - sync negotiation uses minimal as the key - this should greatly speed up the negotiation phase - [decaying:tool] Support strict sql mode while fetching available Object type. [mokaddem] - [decaying] Attributes not having a DM associated will be defaulted as `not decayed` [mokaddem] - [eventGraph] Request picture for valid attachement only. [mokaddem] - [server:edit] Prevent undefined variable. [mokaddem] - [custom auth] correctly use HTTP_ as the default header namespace. [iglocska] - [installer] Some typos. [Steve Clement] - Force schema columns lowercase to match expected. [Jason Kendall] - [enveloping] Fixed typo and added actual event ID to the message saved. [iglocska] gremmar meestakes are anoying. - [dash] Dashboard not working at the moment. [Steve Clement] - [server:edit] Always echo internal instance notice. [mokaddem] - [UI] Correct title for '+' button. [Jakub Onderka] - [pubsub] Do not fetch setting for every push. [Jakub Onderka] - [UI] UUID term should be uppercase. [Jakub Onderka] - [internal] Remove unused function. [Jakub Onderka] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Bumped db_version. [Sami Mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch 'feature-recorrelate' into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - :magic: [Raphaël Vinot] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5659 from SteveClement/misp-dash. [Steve Clement] fix: [dash] Dashboard not working at the moment - Merge branch '2.4' into misp-dash. [Steve Clement] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5654 from coolacid/issue-5653. [Andras Iklody] fix: Force schema columns lowercase to match expected - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #5647 from coolacid/issue-5598. [Andras Iklody] Allow forcing tag creation for galaxies - Allow forcing tag creation for galaxies. [Jason Kendall] - Merge pull request #5639 from JakubOnderka/patch-92. [Andras Iklody] fix: [UI] Correct title for '+' button - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5612 from coolacid/issue-5611. [Andras Iklody] Ensure we only have the last line from the shell command - Ensure we only have the last line from the shell command. [Jason Kendall] - Merge pull request #5633 from JakubOnderka/patch-91. [Andras Iklody] chg: [internal] Removed unused function - Merge pull request #5628 from JakubOnderka/patch-87. [Andras Iklody] chg: [internal] Little bit faster ssdeep saving - Merge pull request #5631 from JakubOnderka/patch-90. [Andras Iklody] fix: [pubsub] Do not fetch setting for every push - Merge pull request #5630 from JakubOnderka/patch-89. [Andras Iklody] chg: [mispzmq] Do not create array every 0.1 sec - Merge pull request #5629 from JakubOnderka/patch-88. [Andras Iklody] fix: [UI] UUID term should be uppercase - Merge pull request #5623 from stricaud/2.4. [Andras Iklody] version 2.4.221 + ask about baseurl during package installation - * Adding baseurl as a question when finalizing the package installation. * bump to version 2.4.221. [Sebastien Tricaud] - Merge pull request #5625 from JakubOnderka/patch-86. [Andras Iklody] fix: [internal] Remove unused function - Merge pull request #5149 from JakubOnderka/update-composer. [Andras Iklody] chg: [internal] Update composer.phar to version 1.9.0 - Merge pull request #5616 from jay-carter/patch-1. [Andras Iklody] chg: [version] bump - Merge pull request #5617 from stricaud/debian. [Andras Iklody] Adding instructions to build a Debian Package - Remove useless test. [Sebastien Tricaud] - Adding instructions to build a Debian Package. [Sebastien Tricaud] It does not build a Debian package that can be pushed to the distribution yet, but it provides an easy way to have a Debian package for MISP for minimal configuration efforts. It is installed in /usr/share/misp and there are too many things happening in that directory, such as logs, instead of being in /var/log/misp/. However it can be useful to a lot of people, and I will gradually improve it over time. -- STR v2.4.121 (2020-02-10) --------------------- New ~~~ - [config load task] Added a task that will reload the settings on any console shell execution, fixes #5498. [iglocska] - helps with background workers being forced to fetch new settings whenever they start a new job - [objects] pass the /breakOnDuplicate:1 flag to the /objects/add endpoint to deduplicate. [iglocska] - returns an error if the object already exists - objects of the same template_uuid are compared - non deleted attributes only - type + category + value + object_relation tuple is compared - [API] Enveloping improvements. [iglocska] - user controlled envelope settings to control memory estimation for attribute/event sizes - logging of potentially too large events for the current memory envelope - tuning of the default values - added a divider for the event:attribute conversion to account for objects / event level contextualisation / correlations - [UI] Show thumbnails at List Attributes view. [Jakub Onderka] - [internal] Attribute::isImage method. [Jakub Onderka] - [sync] Add additional pull filters to the sync, fixes #5510. [iglocska] - uses the same format as the index filters Changes ~~~~~~~ - [version] bump. [iglocska] - [internal] mispzmqtest.py. [Jakub Onderka] - Also check if Redis Python library is installed - Do not print "OK" if libraries doesn't exists - Return error code 1 if library doesn't exists - [cleanup] Taking out the trash. [iglocska] - old unused functions removed - [pgpPopover] Transformed text into i18n. [mokaddem] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - Bump PyMISP. [Raphaël Vinot] - [dbSchema] Removed log table from the whitelisted tables. [mokaddem] - [diagnostic:dbSchema] Added SQL queries to fix issues. [mokaddem] - [UI] Check if ssdeep PHP extension is installed. [Jakub Onderka] - Bump expected PyMISP version. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [user] GPG key fetching by server. [Jakub Onderka] - [attribute:add] Actually show invalid datetime format message in the UI. [mokaddem] - [attribute:add] Rephrased missing timezone message. [mokaddem] - [attribute:type] Datetime value is forced to be a valid ISO format. [mokaddem] - It is converted into UTC in the server - /attribute/add Form includes javascript validation part - [misp-object] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - Do not use the merge functionality. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - [Feed] Change all non MISP feed format feeds to fixed events. [Raphaël Vinot] - [PyMISP] Bump, fix tz issues. [Raphaël Vinot] - [PyMISP] Bump. [Raphaël Vinot] - Changed error messages into translatable strings. [mokaddem] - [internal] Much better error handling for feed preview. [Jakub Onderka] - [UI] Resizing images. [Jakub Onderka] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [dbschema] Pretty print db_schema and removed Object.comment and ShadowAttr.comment from the index list. [mokaddem] - Selectively choose what you want to import. [Pierre-Jean Grenier] - [internal] Much faster GalaxyCluster::attachClustersToEventIndex. [Jakub Onderka] - [console:server] Stop execution if user does not exists. [mokaddem] Fix ~~~ - [security] Correctly sanitize search string in Galaxy view. [mokaddem] - As reported by Dawid Czarnecki - [object] object deduplication fixed. [iglocska] - [UI] Disable autocomplete for authkey. [Jakub Onderka] To prevent saving it into browser cache - [internal] Remove unused line. [Jakub Onderka] - [indexes] Added SQL index for tag numerical_value. [mokaddem] - [security] Further fixes to the bruteforce handling. [iglocska] - resolved a potential failure of the subsystem when the MySQL and the webserver time settings are diverged - as reported by Dawid Czarnecki - several tightenings of the checks to avoid potential foul play - [security] discussion thread ACL issues fixed. [iglocska] - as reported by Dawid Czarnecki - [security] brutefoce protection rules tightened. [iglocska] - as reported by Dawid Czarnecki - [API] make param tag alias of tags for /events/restSearch. [Jeroen Pinoy] - [kali] Fixed kali install script (#5586) [Steve Clement] fix: [kali] Fixed kali install script - [tools] Removed Viper until working again, fixed #5582. [Steve Clement] - [sum] Fixed checksums. [Steve Clement] - [kali] Fixed kali install script. [Steve Clement] - [sync] Pull filters ignored if no custom url params added, fixes #5594. [iglocska] - [export] fixed the export page breaking for text exports, fixes #5563. [iglocska] - [UI] Icons in network distribution graph. [Jakub Onderka] - [internal] cleanup of unused line. [iglocska] - [API] several fixes to the Bro API. [iglocska] - always use flatten:1 to also include object attributes - fix the generated full export to only include the header once - [internal] fetcher logic fail fixed. [iglocska] - A few feeds should use fixed events by default. [Raphaël Vinot] Related to https://github.com/MISP/MISP/issues/5544 - [API] taxonomies controller index call fixed for API calls. [iglocska] - no longer limiting at 60 elements - [log] Proper format log message for reset auth key. [Jakub Onderka] In future, it will be also possible to filter auth keys in logs. - [objects:edit] Added *_seen validation and error reporting. [mokaddem] - [CLI] Die if setting name is not correct. [Jakub Onderka] - [server:edit] Correctly escape `%` re-enabling server setting editing. [mokaddem] - Proper logout when `CustomAuth_custom_logout` is set. [Jakub Onderka] - `DefaultRoleId` is not implemented for ApacheShibbAuth. [Jakub Onderka] - [UI] Remove double escaping. [Jakub Onderka] - [ui:galaxy] Correctly display galaxy info. [mokaddem] - [attribute:search] Unset filtering rules on *_seen if unset. [mokaddem] - [internal] AttributesController::viewPicture can be used just for fetching images. [Jakub Onderka] - [UI] small username helper changes. [iglocska] - [internal] slight tuning to the attribute restsearch memory envelop size. [iglocska] - [UI] Add space after ':' in error text. [Jakub Onderka] - [serverShell] Stopped usage of reserver keyword. [Sami Mokaddem] Renamed function name to let PHP 5.x parse the shell script correctly - [diagnostic:dbSchema] Updated schema with the Attribute.comment indexing change nad pretty-printed it. [mokaddem] Other ~~~~~ - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5615 from JakubOnderka/patch-85. [Andras Iklody] chg: [internal] mispzmqtest.py - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' into enforce-iso-datetime. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into pr-5210. [mokaddem] - Merge pull request #5614 from JakubOnderka/patch-84. [Andras Iklody] fix: [UI] Disable autocomplete for authkey - Merge pull request #5607 from JakubOnderka/patch-83. [Andras Iklody] fix: [internal] Remove unused lines - Merge branch '2.4' of github.com:MISP/MISP into pr-5210. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [Alexandre Dulaunoy] - Merge pull request #5601 from JakubOnderka/ssdeep_ext. [Andras Iklody] chg: [UI] Check if ssdeep PHP extension is installed - Fixup! chg: [user] GPG key fetching by server. [Jakub Onderka] - Merge remote-tracking branch 'origin/2.4' into enforce-iso-datetime. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5585 from Wachizungu/fix-tag-alias-events- restsearch. [Andras Iklody] fix: [API] make param 'tag' alias of 'tags' for /events/restSearch - Merge branch '2.4' into tools. [Steve Clement] - Merge pull request #5579 from StefanKelm/2.4. [Andras Iklody] tiny typo - Update update_progress.ctp. [StefanKelm] tiny typo - Update db_schema_diagnostic.ctp. [StefanKelm] tiny typo - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5573 from JakubOnderka/patch-79. [Andras Iklody] fix: [UI] Icons in network distribution graph - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5569 from MISP/Rafiot-patch-4. [Andras Iklody] chg: Do not use the merge functionality. - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge pull request #5562 from raw-data/2.4. [Alexandre Dulaunoy] [add] malsilo.domain feed - [add] malsilo.domain feed. [raw-data] - Merge pull request #5559 from JakubOnderka/patch-77. [Andras Iklody] fix: [log] Proper format log message for reset auth key - Merge branch 'pr-5295' into 2.4. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into pr-5295. [mokaddem] - Merge pull request #5555 from JakubOnderka/patch-76. [Andras Iklody] fix: [CLI] Die if setting name is not correct - Merge pull request #5541 from JakubOnderka/proper_logout. [Andras Iklody] fix: Proper logout when `CustomAuth_custom_logout` is set - Merge pull request #5553 from ZeroDot1/patch-1. [Andras Iklody] Fix the CoinBlockerLists - Fix the CoinBlockerLists. [ZeroDot1] Delete the MiningServerIPList.txt feed because the feed is no longer available. All current downloads can be found via the CoinBlockerLists homepage. https://zerodot1.gitlab.io/CoinBlockerListsWeb/downloads.html Thanks to everyone for using the CoinBlockerLists, I appreciate it very much. ' { "Feed": { "id": "68", "name": "This list contains all IPs - A additional list for administrators to prevent mining in networks", "provider": "CoinBlockerLists", "url": "https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/MiningServerIPList.txt?inline=false", "rules": "", "enabled": true, "distribution": "3", "sharing_group_id": "0", "tag_id": "0", "default": false, "source_format": "freetext", "fixed_event": false, "delta_merge": false, "event_id": "0", "publish": false, "override_ids": false, "settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}", "input_source": "network", "delete_local_file": false, "lookup_visible": true, "headers": "" } }, ' - Merge pull request #5548 from JakubOnderka/patch-75. [Andras Iklody] fix: `DefaultRoleId` is not implemented for ApacheShibbAuth - Merge branch '2.4' of github.com:MISP/MISP into pr-view_picutre. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5542 from JakubOnderka/patch-74. [Sami Mokaddem] fix: [UI] Remove double escaping - Merge branch '2.4' of github.com:MISP/MISP into pr-patch-67. [mokaddem] - Merge remote-tracking branch 'origin/2.4' into pr-selective_import_v2. [mokaddem] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska] - Merge branch '2.4' of github.com:MISP/MISP into 2.4. [mokaddem] - Merge pull request #5530 from legoguy1000/2.4. [Andras Iklody] Add SAML (Shibboleth) login button - Add SAML (Shibboleth) login button. [Alex Resnick] With Shibboleth and SAML you have 2 options, for SAML login and don't allow local login or allow both. The example in the documentation forces (requires) SAML authentication and thus doesn't allow you to use local credentials if needed. This adds a button below the login form to redirect to the Shibboleth login page if using passive Shibboleth auth. To use passive auth set "ShibRequestSetting requireSession 0/false" instead of "ShibRequestSetting requireSession 1/true" - Merge pull request #5527 from JakubOnderka/patch-72. [Andras Iklody] fix: [UI] Add space after ':' in error text v2.4.120 (2020-01-21) --------------------- New ~~~ - [shadowAttribute] first_seen and last_seen on shadowAttributes. [mokaddem] - [timeline/*-seen] Initial import of the timeline code from the zoidberg branch. [mokaddem] - [attribute type] kusto-query attribute type. [Alexandre Dulaunoy] Kusto query is the query language for the Kusto services in Azure used to search large dataset. It's used in Windows Defender ATP Hunting-Queries and also Azure Sentinel (Cloud-native SIEM). To fix #5475 - [generic index] added lambda function based requirements for actions. [iglocska] - [diagnostic:DBIndexes] Added complete diagnostic for database indexes. [mokaddem] - [diagnostic:DBIndex] Show table columns having indexes. [mokaddem] - [UI] first implementation of the modal forms. [iglocska] Changes ~~~~~~~ - [PyMISP] update to the latest version. [Alexandre Dulaunoy] - [attributes] new attribute type 'chrome-extension-id' [Alexandre Dulaunoy] This attribute is used by Chrome to uniquely identify extension. - [timeline:display_threshold] Increased display threshold. [mokaddem] - [worker:diagnostic] typo. [mokaddem] - Cleanup python install on travis. [Raphaël Vinot] - [misp-objects] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [queryVersion] Bumped version. [mokaddem] - [pymisp] bump. [iglocska] - [UI:formSeenInput] Re-vamped the UI to be more usuable. [mokaddem] - [stix2] Bumped the latest stix2 python library version. [chrisr3d] - [versions] requirements for languages changed. [iglocska] - [VERSION] bump. [iglocska] - [PyMISP] bump. [iglocska] - [Attribute:seen] Moved conversion iso<->utc of fs/ls in dedicated functions. [mokaddem] - [eventTimeline] Cleaner array append. [mokaddem] - [popoverPopup] Display errors whenever available. [mokaddem] - [timeline] Synchronize *-seen at Object and ObjectAttribute level, few fixes and Improved UI. [mokaddem] - [appModel] Fixed merge conflict. [mokaddem] - [object:quickAddAttribute] Improved feedback when creation fails. [mokaddem] - [timeline:ui] Replaced typeahead by chosen. [mokaddem] - [timeline] Improved loading icon UI. [mokaddem] - [object:quickAddAttribute:ui] Adjusted qcuik add buton placement. [mokaddem] - [object:edit] Reverted useless code. [mokaddem] - [attribute:edit] reverted useless line of code. [mokaddem] - [mysql] Reverted all changes in `MYSQL.sql` as the update is done when logging in for the first time. [mokaddem] - [shadow_attributes:edit] Support of first_seen and last_seen. [mokaddem] - [attribute:restSearch] Search support for first_seen and last_seen. [mokaddem] - [object:edit] Support of fs/ls sync on object for `edit` and `addQuickField` [mokaddem] - [object] Set fs/ls on all attributes when an object got its fs/ls sets. [mokaddem] - [attribute:restSearch] Added filtering conditions for first_seen and last_seen. [mokaddem] - [restResponse] Updated doc about first_seen and last_seen. [mokaddem] - [event:view] Added first_seen/last_seen column (event, server and feed) [mokaddem] - [diagnostic] Style tweaking to be consistent with the UI. [mokaddem] - [index] Index Attribute.comment. [mokaddem] - Bumped queryversion. [mokaddem] - [internationalisation] Support of multi-lang for the administrator update notice message. [mokaddem] - [update:seen] Switch back to the usage of worker for the update. [mokaddem] - [update] DO not execute pre-update test for the timeline update anymore (pre-update feature not fully supported yet) [mokaddem] - [timeline] Removed missleading text in tooltip. [mokaddem] - [update] Usage of `indexArray` instead of raw sql. [mokaddem] - [object:delta] No deletion of ObjectAttribute when sync. with Object's FS/LS. [mokaddem] - [timeline] Improved controller name parsing (used in form) - WiP. [mokaddem] - [object:quickAttributeAdd] Replace popover selection by the generic picker. [mokaddem] - [app] Improved and integrated *-seen database update. [mokaddem] - Use default bionic release. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [attributeTag] Stop pruning outdated attribute tag when syncing. Will be re-enabled in the future. [mokaddem] - Bump PyMISP, fix dummy event creator. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [taxonomies] updated to the latest version. [Alexandre Dulaunoy] - [install] Updated the way the SHASUM of composer-setup.php… (#5494) [Steve Clement] chg: [install] Updated the way the SHASUM of composer-setup.php is handled - [install] Updated the way the SHASUM of composer-setup.php is handled as per: https://getcomposer.org/doc/faqs/how-to-install-composer- programmatically.md. [Steve Clement] - [install] Updated installer (#5493) [Steve Clement] chg: [install] Updated installer - [install] Updated installer. [Steve Clement] - [composer] Updated composer checksum. [Steve Clement] - [decaying-model] updated to the latest version. [Alexandre Dulaunoy] - [warning-lists] updated to the latest version. [Alexandre Dulaunoy] - [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] - [PyMISP] updated to the latest version which includes kusto-query attribute type. [Alexandre Dulaunoy] new: [attribute type] kusto-query attribute type Kusto query is the query language for the Kusto services in Azure used to search large dataset. It's used in Windows Defender ATP Hunting-Queries and also Azure Sentinel (Cloud-native SIEM). - [view:genericIndex] Auto extract datapaths and pass them to evaluation function. [mokaddem] - [screenshots] updates with new functionalities. [Alexandre Dulaunoy] - [diagnostic:DBIndexes] Hide notice message if index diagnostic not shown. [mokaddem] - [diagnostic:DBIndexes] Cleanup, bug fix and updated db_schema. [mokaddem] - Bump PyMISP. [Raphaël Vinot] - Bump PyMISP, again. [Raphaël Vinot] - Bump PyMISP. [Raphaël Vinot] - [dianostic:DBSchema] Consider quoted default_value as non-critical. [m