Recent Releases
2.4.9327 Jun 2018 19:25
minor feature:
New: Initial skeleton of Mitre attack matrix
.
Enable python3 for php-fpm for RHEL/CentOS.
.
Chg: attackMatrix UI improvement.
.
: EventView Still allows object edition event if the event hasn't.
.
.
.
New: Add schema for feed-metadata.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
Chg: Add enums in feed-metadata schema.
.
: version comparison for old vs new db versions.
.
New: attackMatrix addition of heatmap on tiles depending on occurence.
.
New: attackMatrix force kill chaine header order.
.
: Made sure that object edit buttons are only visible to those tha .
.
Merge branch 'samimagic' into 2.4.
.
Chg: misp-object updated to the latest version.
.
New: Added event lock table.
.
New: Added event lock functionality.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
New: attackMatrix legend scale of the heatmap with dynamic updates.
.
New: Add email field autofocus on login page.
.
.
.
: eventView Hide galaxy tags after search.
.
Add: Diagnostic Added maec python library requirements.
.
Chg: Diagnostic View Updated Diagnostic View for STIX1 related pyth .
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
Chg: attackMatrix search capabilities and table auto resize.
.
: Added impfuzzy validation.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
New: UI/UX Event lock initial version.
.
: extended events Correctly handle event extensions via event ID .
.
: Diagnostic typo in python libraries testing.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
New: attackMatrix Ability to attach Mitre att ck galaxy from the.
.
New: GalaxyPicking Choose the galaxy namespace first before showing.
.
Chg: attackMatrix Restrict view to be ajax only.
.
Add: stix1 export Exporting credential MISP objects.
.
: invalid function call for the event lock via the objects c .
.
New: functionality Kick user out if the session is expired instead .
.
Merge branch
2.4.9208 Jun 2018 11:05
minor feature:
Add config mapping for 'gpgconf' option in Crypt_GPG library.
.
: stix1 export Cleaned indentation typo.
.
add: stix1 export Exporting network connection MISP objects.
.
: stix1 export Quick on variables.
.
add: stix1 export Exporting network-socket MISP objects.
.
chg: misp-galaxy updated to the latest version.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: stix1 import name of MISP objects parsing for import.
.
: stix1 import Commented atm not used attribute in object process.
.
add: stix1 export Exporting Process MISP objects.
.
add: stix1 import Little update following the process object export .
.
: invalid org lookup on the attribute index resulting in som .
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
.
add: stix1 export Added reference between process and other objects.
.
stix1 export Edited indicator id.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
add: stix1 export Supporting windows-service-name attribute export.
.
: stix1 export reference creation for process object when .
.
: stix1 export Atm skipping objects not mapped yet for export.
.
add: stix1 export Added namespaces for WindowsService object.
.
stix1 export typo.
.
: stix1 import test to define if a STIX file is from MISP.
.
: stix1 import uuid fetching when a STIX object has no id.
.
new: New flash message system.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: some with the new notifications.
.
Chg: misp-taxonomies updated to the latest version.
.
: Minor cleanup of the default layout.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: some menu misalignment with demode off.
.
: layout.
.
: invalid pluralisation.
.
: user add form loses checkbox settings on failed submission when .
.
: Ignore camelised vs underscored controller name differences in t .
.
: Various to the add feed action/view.
.
: a DOM based XSS with cortex type attributes.
.
: editing servers to add a
2.4.9115 May 2018 10:05
minor feature:
/var/www/MISP/app/Console/cake Admin getSetting setting .
Setting is optional, if none set "all" is assumed
Returns all or a specific setting's current value and metadata
.
Setting is optional, if none set "all" is assumed.
Returns all or a specific setting's current value and metadata.
/var/www/MISP/app/Console/cake Admin setSetting setting value .
Set a given server setting by full setting name
For example the following will enable the import services:
/var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" 1.
.
Set a given server setting by full setting name.
For example the following will enable the import services:
/var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" 1.
2.4.9022 Apr 2018 03:15
minor feature:
Screencast of the new event graph editor: https://www.misp-project.org/assets/images/misp/video/event-graph.webm.
Sanitisation is now properly done from misp-modules especially to avoid XSS from potential malicious expansion modules. CVE-2018-8948.
An API integrity where an authenticated user could edit and overwrite an attribute without the UUID set. CVE-2018-8949.
2.4.8924 Mar 2018 03:15
minor feature:
Merge remote-tracking branch 'origin/i18n_prep' into 2.4
.
initial regexp to match rule pattern.
.
added validation function for global syntax.
.
added options extraction function.
.
wrote dns validation func, checking modifier after dns_query keyword.
.
Merge branch '2.4' of github.com:SteveClement/MISP into 2.4.
.
Merge remote-tracking branch 'upstream/2.4' into 2.4.
.
Merge remote-tracking branch 'upstream/2.4' into 2.4.
.
new: Allow requesting of misp standard format for the export modules.
.
: Removed left in de/thrown exception.
.
: warning lists updated to the latest version.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: annoying download list only having one side clickable.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: disable_correlation now works correctly as expected.
.
Add attribute shortcut now triggers the popup instead of changing pag .
.
: MISP objects updated.
.
: Attribute distribution defaults for adding objects.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: No distribution set on the server should default to inherit for .
.
: typo for the previous commit.
.
.
.
: Misleading failure message when failing to create Attributes par .
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: Don't try to refang filepaths.
: Reverted PR with alternate way of starting scheduler worker.
.
: an where editing an object with an attachment contai .
.
: an invalid translation in the attributeRestorationForm cau .
.
: GUI: Listing Attributes creates many de.log entries.
new: Include the attribute UUID in the attribute level restsearch.
.
: Changed stupid parameter name to better reflec what it does.
.
: Nicer error message when trying to add a tag to an event that do .
.
: Added /tags/add to restresponse.
.
: tags/add on a GET requ
2.4.8822 Feb 2018 03:15
minor feature:
Add field filter for galaxy cluster
.
Apply filter to pagination :).
.
add filter on GalaxyCluster description too .
.
chg: Bump PyMISP.
.
chg: Bump PyMISP, again.
.
.
.
chg: Bump PyMISP recommended version.
.
chg: Bump PyMISP to 2.4.87.
.
.
.
: Graceful handling of gnupg not being set up on an instnace.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: MISP objects updated.
.
: taxonomies updated.
.
: an invalid call to saving a log entry without initialising t .
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: Galaxy updated to the latest version.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: adding tags via the API fails if not encapsulated in "Tag": .
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: MISP objects latest version imported (ip-port with dom .
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: user_id in tag table was not included in MYSQL.sql.
.
: set the default PGP keyserver to pgp.circl.lu (faster than.
.
- wipe objects.
.
.
.
new: Allow overriding the action names in the stringified restrespons .
.
new: New APIs to add/remove orgs and servers from sharing groups.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: Added new APIs to ACL component.
.
add: GENE: Go Evtx sigNature Engine attribute type added.
.
add: a default category for GENE attribute type.
.
: PyMISP updated to the latest version.
.
new: Added returnMetaAttributes flag to the /events/freeTextImport API.
.
Merge branch '2.4' of github.com:MISP/MISP into 2.4.
.
: Added missing db field to users.
.
: Run the db update before trying to add users/orgs.
.
added vendor and CakeResque folders to gitignore.
.
new: Add a "search all tags" input field on the taxonomy modal when a .
.
: Escaping user controlled variable.
.
.
.
2.4.8729 Jan 2018 03:15
minor feature:
Add option 'sign' in GPG section
.
Description of the option 'sign'.
.
Implement 'sign' option.
.
Merge branch '2.4' into GPG_sign_option.
.
Merge branch 'i18n_prep' of github.com:SteveClement/MISP into 2.4.
.
- __('')-ized labels, buttons, styles.
.
- Attributes folder scavenged for Translatables .
.
- __(' added where needed.
.
- Removed some echo ('foo') / echo('bar') - Coding rules want: echo foo.
.
- Final files in View/Attributes for now.
.
- Removed Sublime fail :(.
.
- View/Elements/dashboard - __(' - Done! #i18n_prep.
.
- __(' where needed.
.
- Typo.
.
- __(' - Added where needed.
.
Merge remote-tracking branch 'origin' into i18n_prep.
.
Merge remote-tracking branch 'upstream/2.4' into 2.4.
.
Merge remote-tracking branch 'origin' into i18n_prep.
.
Merge remote-tracking branch 'upstream/2.4' into i18n_prep.
.
- View/Elements/Feeds - __(' checked and added where needed.
.
- View/Servers - __(' done.
.
- View/Events/index.ctp - __('.
.
- Replaced random '.......' with ' '.
.
- Elements/Events/View - __('.
.
- Elements/healthElements - __('.
.
- Elements/Events/eventIndexTable.ctp - __('.
.
- typo and spacing.
.
- typo, added __(' where missing.
.
- Elements/Servers - __('.
.
- Elements/histogram.ctp - __('.
.
- Elements/side_menu.ctp - __('.
.
- Events/view.ctp - __('.
.
- Elements/ajaxAttributeTags.ctp Elements/ajaxTags.ctp Elements/ajaxT .
.
- Elements/Users/userIndexTable.ctp - __('.
.
- Elements/templateElements/populateTemplateAttribute.ctp - __('.
.
Merge remote-tracking branch 'upstream/2.4' into i18n_prep.
.
Merge branch 'i18n_prep' of github.com:SteveClement/MISP into i18n_prep.
.
- View/EventBlacklists - __(' done.
.
- View/Errors - __(' done.
.
- View/EventDelegations/ajax - __(' done.
.
- Vie
2.4.8616 Jan 2018 03:15
minor feature:
Removed threat level and analysis from the index as they're eclipsed by the taxonomies for most use-cases.
Changed the behaviour when users click on org logoes (redirect to filtered index).
X509-fingerprint-sha256 - to support the updated x509 object.
X509-fingerprint-md5 - to support the updated x509 object.
Stix2-pattern - to a new stix2-pattern object.
Whois-registrant-org - to support the updated whois object.
2.4.8506 Jan 2018 03:15
minor feature:
Removed threat level and analysis from the index as they're eclipsed by the taxonomies for most use-cases.
Changed the behaviour when users click on org logoes (redirect to filtered index).
X509-fingerprint-sha256 - to support the updated x509 object.
X509-fingerprint-md5 - to support the updated x509 object.
Stix2-pattern - to a new stix2-pattern object.
Whois-registrant-org - to support the updated whois object.
03 Jan 2018 00:24
minor feature:
Homepage
Download