http://open-source-security-software.net/releases.atom Recent releases 2021-11-27T21:30:38.531845+00:00 python-feedgen Loki 0.44.0 Loki 0.44.0 2021-08-25T07:54:02+00:00 - new command line flags `--allhds` and `--alldrives` allow scanning all local hard drives or all drives in general including removable drives and network drives - You can use `--force` to force scan a directory that has been excluded by default (e.g. `/dev`, `/media`, `/mnt` etc.) - The usage description in the README has been updated 2021-08-25T07:54:02+00:00 uBlock 1.37.3b18 uBlock 1.37.3b18 2021-08-25T14:57:29+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b18...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b18.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b18/uBlock0_1.37.3b18.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b18.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b18/uBlock0_1.37.3b18.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **NodeJS**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.37.3b18.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.37.3b18/uBlock0_1.37.3b18.npm.tgz). --- ## New ### :matches-path(...) New cosmetic procedural operator, `:matches-path(...)`. See ["Add $path modifier of Adguard or any equivalents of this"](https://github.com/uBlockOrigin/uBlock-issues/issues/1690). ### Node.js A new NodeJS package will now published with every release. The package allows to import and use uBO's static and dynamic filtering engines into NodeJS. This is currently minimal and a first iteration, and issues regarding the NodeJS package are accepted in order to improve usability of uBO's filtering engines in a NodeJS package. The ability to run code from a NodeJS package also opens the door to have [test coverage](https://en.wikipedia.org/wiki/Code_coverage) in uBO. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with NodeJS environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [Scriptlets don't work randomly in Firefox](https://github.com/uBlockOrigin/uBlock-issues/issues/1694) - [Security: comments can be used to smuggle url() functions into css values](https://github.com/uBlockOrigin/uBlock-issues/issues/1693) - [Prevent uBO from hiding html or body when matched by a generic cosmetic filter](https://github.com/uBlockOrigin/uBlock-issues/issues/1692) - [On Android Popup Overlays [or Underlays] On-Screen Navigation Buttons](https://github.com/uBlockOrigin/uBlock-issues/issues/1691) - [Add $path modifier of Adguard or any equivalents of this](https://github.com/uBlockOrigin/uBlock-issues/issues/1690) - [The overview panel will not show everything if the uBO's icon is placed in the Firefox overflow menu](https://github.com/uBlockOrigin/uBlock-issues/issues/1604) - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of supported browsers has been increased to Chromium 61, Firefox 60, and Opera 48. ## Notable commits without en entry in the issue tracker - [Refactor hntrie to avoid the need for boundary cells](https://github.com/gorhill/uBlock/commit/c6fb70b1f0acb1003b516ceb678df27f6657b4f8) - [Fix bad test in WASM version of HNTrieContainer](https://github.com/gorhill/uBlock/commit/b54bf554a80c8640fb8c8064eeea48576974b0c2) - [Export the rule-based filtering engines to the nodejs package](https://github.com/gorhill/uBlock/commit/89c5653bc60d0a457358d6e862c8574bfc819675) - [Rewrite logical expressions for ESLint](https://github.com/gorhill/uBlock/commit/6ef74fc21ba87717330de12cfade8d1e65c702d5) - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-08-25T14:57:29+00:00 wazuh v4.2.0 wazuh v4.2.0 2021-08-25T18:14:22+00:00 ### Added - **Core:** - Added support for bookmarks in Logcollector, allowing to follow the log file at the point where the agent stopped. ([#3368](https://github.com/wazuh/wazuh/issues/3368)) - Improved support for multi-line logs with a variable number of lines in Logcollector. ([#5652](https://github.com/wazuh/wazuh/issues/5652)) - Added an option to limit the number of files per second in FIM. ([#6830](https://github.com/wazuh/wazuh/pull/6830)) - Added a statistics file to Logcollector. Such data is also available via API queries. ([#7109](https://github.com/wazuh/wazuh/pull/7109)) - Allow statistical data queries to the agent. ([#7239](https://github.com/wazuh/wazuh/pull/7239)) - Allowed quoting in commands to group arguments in the command wodle and SCA checks. ([#7307](https://github.com/wazuh/wazuh/pull/7307)) - Let agents running on Solaris send their IP to the manager. ([#7408](https://github.com/wazuh/wazuh/pull/7408)) - New option `<ip_update_interval>` to set how often the agent refresh its IP address. ([#7444](https://github.com/wazuh/wazuh/pull/7444)) - Added support for testing location information in Wazuh Logtest. ([#7661](https://github.com/wazuh/wazuh/issues/7661)) - Added Vulnerability Detector reports to Wazuh DB to know which CVE’s affect an agent. ([#7731](https://github.com/wazuh/wazuh/issues/7731)) - Introduced an option to enable or disable listening Authd TLS port. ([#8755](https://github.com/wazuh/wazuh/pull/8755)) - **API:** - Added new endpoint to get agent stats from different components. ([#7200](https://github.com/wazuh/wazuh/pull/7200)) - Added new endpoint to modify users' allow_run_as flag. ([#7588](https://github.com/wazuh/wazuh/pull/7588)) - Added new endpoint to get vulnerabilities that affect an agent. ([#7647](https://github.com/wazuh/wazuh/pull/7647)) - Added API configuration validator. ([#7803](https://github.com/wazuh/wazuh/pull/7803)) - Added the capability to disable the max_request_per_minute API configuration option using 0 as value. ([#8115](https://github.com/wazuh/wazuh/pull/8115)) - **Ruleset:** - Added support for UFW firewall to decoders. ([#7100](https://github.com/wazuh/wazuh/pull/7100)) ### Changed - **Cluster:** - Improved the cluster nodes integrity calculation process. It only calculates the MD5 of the files that have been modified since the last integrity check. ([#8175](https://github.com/wazuh/wazuh/pull/8175)) - Changed the synchronization of agent information between cluster nodes to complete the synchronization in a single task for each worker. ([#8182](https://github.com/wazuh/wazuh/pull/8182)) - Changed cluster logs to show more useful information. ([#8002](https://github.com/wazuh/wazuh/pull/8002)) - **Core:** - Wazuh daemons have been renamed to a unified standard. ([#6912](https://github.com/wazuh/wazuh/pull/6912)) - Wazuh CLIs have been renamed to a unified standard. ([#6903](https://github.com/wazuh/wazuh/pull/6903)) - Wazuh internal directories have been renamed to a unified standard. ([#6920](https://github.com/wazuh/wazuh/pull/6920)) - Prevent a condition in FIM that may lead to a memory error. ([#6759](https://github.com/wazuh/wazuh/pull/6759)) - Let FIM switch to real-time mode for directories where who-data is not available (Audit in immutable mode). ([#6828](https://github.com/wazuh/wazuh/pull/6828)) - Changed the Active Response protocol to receive messages in JSON format that include the full alert. ([#7317](https://github.com/wazuh/wazuh/pull/7317)) - Changed references to the product name in logs. ([#7264](https://github.com/wazuh/wazuh/pull/7264)) - Remoted now supports both TCP and UDP protocols simultaneously. ([#7541](https://github.com/wazuh/wazuh/pull/7541)) - Improved the unit tests for the os_net library. ([#7595](https://github.com/wazuh/wazuh/pull/7595)) - FIM now removes the audit rules when their corresponding symbolic links change their target. ([#6999](https://github.com/wazuh/wazuh/pull/6999)) - Compilation from sources now downloads the external dependencies prebuilt. ([#7797](https://github.com/wazuh/wazuh/pull/7797)) - Added the old implementation of Logtest as `wazuh-logtest-legacy`. ([#7807](https://github.com/wazuh/wazuh/pull/7807)) - Improved the performance of Analysisd when running on multi-core hosts. ([#7974](https://github.com/wazuh/wazuh/pull/7974)) - Agents now report the manager when they stop. That allows the manager to log an alert and immediately set their state to "disconnected". ([#8021](https://github.com/wazuh/wazuh/pull/8021)) - Wazuh building is now independent from the installation directory. ([#7327](https://github.com/wazuh/wazuh/pull/7327)) - The embedded python interpreter is provided in a preinstalled, portable package. ([#7327](https://github.com/wazuh/wazuh/pull/7327)) - Wazuh resources are now accessed by a relative path to the installation directory. ([#7327](https://github.com/wazuh/wazuh/pull/7327)) - The error log that appeared when the agent cannot connect to SCA has been switched to warning. ([#8201](https://github.com/wazuh/wazuh/pull/8201)) - The agent now validates the Audit connection configuration when enabling whodata for FIM on Linux. ([#8921](https://github.com/wazuh/wazuh/pull/8921)) - **API:** - Removed ruleset version from `GET /cluster/{node_id}/info` and `GET /manager/info` as it was deprecated. ([#6904](https://github.com/wazuh/wazuh/issues/6904)) - Changed the `POST /groups` endpoint to specify the group name in a JSON body instead of in a query parameter. ([#6909](https://github.com/wazuh/wazuh/pull/6909)) - Changed the `PUT /active-response` endpoint function to create messages with the new JSON format. ([#7312](https://github.com/wazuh/wazuh/pull/7312)) - New parameters added to `DELETE /agents` endpoint and `older_than` field removed from response. ([#6366](https://github.com/wazuh/wazuh/issues/6366)) - Changed login security controller to avoid errors in Restful API reference links. ([#7909](https://github.com/wazuh/wazuh/pull/7909)) - Changed the PUT /agents/group/{group_id}/restart response format when there are no agents assigned to the group. ([#8123](https://github.com/wazuh/wazuh/pull/8123)) - Agent keys used when adding agents are now obscured in the API log. ([#8149](https://github.com/wazuh/wazuh/pull/8149)) - Improved all agent restart endpoints by removing active-response check. ([#8457](https://github.com/wazuh/wazuh/pull/8457)) - Improved API requests processing time by applying cache to token RBAC permissions extraction. It will be invalidated if any resource related to the token is modified. ([#8615](https://github.com/wazuh/wazuh/pull/8615)) - Increased to 100000 the maximum value accepted for `limit` API parameter, default value remains at 500. ([#8841](https://github.com/wazuh/wazuh/pull/8841)) - **Framework:** - Improved agent insertion algorithm when Authd is not available. ([#8682](https://github.com/wazuh/wazuh/pull/8682)) - **Ruleset:** - The ruleset was normalized according to the Wazuh standard. ([#6867](https://github.com/wazuh/wazuh/pull/6867)) - Added CIS policy "Ensure XD/NX support is enabled" back for SCA. ([#7316](https://github.com/wazuh/wazuh/pull/7316)) - **External dependencies:** - Upgrade boto3, botocore, requests, s3transfer and urllib3 Python dependencies to latest stable versions. ([#8886](https://github.com/wazuh/wazuh/pull/8886)) - Update Python to latest stable version (3.9.6). ([#9389](https://github.com/wazuh/wazuh/pull/9389)) - Upgrade GCP dependencies and pip to latest stable version. - Upgrade python-jose to 3.1.0. - Add tabulate dependency. ### Fixed - **Cluster:** - Fixed memory usage when creating cluster messages. ([#6736](https://github.com/wazuh/wazuh/pull/6736)) - Fixed a bug when unpacking incomplete headers in cluster messages. ([#8142](https://github.com/wazuh/wazuh/pull/8142)) - Changed error message to debug when iterating a file listed that is already deleted. ([#8499](https://github.com/wazuh/wazuh/pull/8499)) - Fixed cluster timeout exceptions. ([#8901](https://github.com/wazuh/wazuh/pull/8901)) - Fixed unhandled KeyError when an error command is received in any cluster node. ([#8872](https://github.com/wazuh/wazuh/pull/8872)) - **Core:** - Fixed a bug in FIM when setting scan_time to "12am" or "12pm". ([#6934](https://github.com/wazuh/wazuh/pull/6934)) - Fixed a bug in FIM that produced wrong alerts when the file limit was reached. ([#6802](https://github.com/wazuh/wazuh/pull/6802)) - Fixed a bug in Analysisd that reserved the static decoder field name "command" but never used it. ([#7105](https://github.com/wazuh/wazuh/pull/7105)) - Fixed evaluation of fields in the tag `<description>` of rules. ([#7073](https://github.com/wazuh/wazuh/pull/7073)) - Fixed bugs in FIM that caused symbolic links to not work correctly. ([#6789](https://github.com/wazuh/wazuh/pull/6789)) - Fixed path validation in FIM configuration. ([#7018](https://github.com/wazuh/wazuh/pull/7018)) - Fixed a bug in the "ignore" option on FIM where relative paths were not resolved. ([#7018](https://github.com/wazuh/wazuh/pull/7018)) - Fixed a bug in FIM that wrongly detected that the file limit had been reached. ([#7268](https://github.com/wazuh/wazuh/pull/7268)) - Fixed a bug in FIM that did not produce alerts when a domain user deleted a file. ([#7265](https://github.com/wazuh/wazuh/pull/7265)) - Fixed Windows agent compilation with GCC 10. ([#7359](https://github.com/wazuh/wazuh/pull/7359)) - Fixed a bug in FIM that caused to wrongly expand environment variables. ([#7332](https://github.com/wazuh/wazuh/pull/7332)) - Fixed the inclusion of the rule description in archives when matched a rule that would not produce an alert. ([#7476](https://github.com/wazuh/wazuh/pull/7476)) - Fixed a bug in the regex parser that did not accept empty strings. ([#7495](https://github.com/wazuh/wazuh/pull/7495)) - Fixed a bug in FIM that did not report deleted files set with real-time in agents on Solaris. ([#7414](https://github.com/wazuh/wazuh/pull/7414)) - Fixed a bug in Remoted that wrongly included the priority header in syslog when using TCP. ([#7633](https://github.com/wazuh/wazuh/pull/7633)) - Fixed a stack overflow in the XML parser by limiting 1024 levels of recursion. ([#7782](https://github.com/wazuh/wazuh/pull/7782)) - Prevented Vulnerability Detector from scanning all the agents in the master node that are connected to another worker. ([#7795](https://github.com/wazuh/wazuh/pull/7795)) - Fixed an issue in the database sync module that left dangling agent group files. ([#7858](https://github.com/wazuh/wazuh/pull/7858)) - Fixed memory leaks in the regex parser in Analysisd. ([#7919](https://github.com/wazuh/wazuh/pull/7919)) - Fixed a typo in the initial value for the hotfix scan ID in the agents' database schema. ([#7905](https://github.com/wazuh/wazuh/pull/7905)) - Fixed a segmentation fault in Vulnerability Detector when parsing an unsupported package version format. ([#8003](https://github.com/wazuh/wazuh/pull/8003)) - Fixed false positives in FIM when the inode of multiple files change, due to file inode collisions in the engine database. ([#7990](https://github.com/wazuh/wazuh/pull/7990)) - Fixed the error handling when wildcarded Redhat feeds are not found. ([#6932](https://github.com/wazuh/wazuh/pull/6932)) - Fixed the `equals` comparator for OVAL feeds in Vulnerability Detector. ([#7862](https://github.com/wazuh/wazuh/pull/7862)) - Fixed a bug in FIM that made the Windows agent crash when synchronizing a Windows Registry value that starts with a colon (`:`). ([#8098](https://github.com/wazuh/wazuh/pull/8098) [#8143](https://github.com/wazuh/wazuh/pull/8143)) - Fixed a starving hazard in Wazuh DB that might stall incoming requests during the database commitment. ([#8151](https://github.com/wazuh/wazuh/pull/8151)) - Fixed a race condition in Remoted that might make it crash when closing RID files. ([#8224](https://github.com/wazuh/wazuh/pull/8224)) - Fixed a descriptor leak in the agent when failed to connect to Authd. ([#8789](https://github.com/wazuh/wazuh/pull/8789)) - Fixed a potential error when starting the manager due to a delay in the creation of Analysisd PID file. ([#8828](https://github.com/wazuh/wazuh/pull/8828)) - Fixed an invalid memory access hazard in Vulnerability Detector. ([#8551](https://github.com/wazuh/wazuh/pull/8551)) - Fixed an error in the FIM decoder at the manager when the agent reports a file with an empty ACE list. ([#8571](https://github.com/wazuh/wazuh/pull/8571)) - Prevented the agent on macOS from getting corrupted after an operating system upgrade. ([#8620](https://github.com/wazuh/wazuh/pull/8620)) - Fixed an error in the manager that could not check its configuration after a change by the API when Active response is disabled. ([#8357](https://github.com/wazuh/wazuh/pull/8357)) - Fixed a problem in the manager that left remote counter and agent group files when removing an agent. ([#8630](https://github.com/wazuh/wazuh/pull/8630)) - Fixed an error in the agent on Windows that could corrupt the internal FIM databas due to disabling the disk sync. ([#8905](https://github.com/wazuh/wazuh/pull/8905)) - Fixed a crash in Logcollector on Windows when handling the position of the file. ([#9364](https://github.com/wazuh/wazuh/pull/9364)) - Fixed a buffer underflow hazard in Remoted when handling input messages. ([#9285](https://github.com/wazuh/wazuh/pull/9285)) - Fixed a bug in the agent that tried to verify the WPK CA certificate even when verification was disabled. ([#9547](https://github.com/wazuh/wazuh/pull/9547)) - **API:** - Fixed wrong API messages returned when getting agents' upgrade results. ([#7587](https://github.com/wazuh/wazuh/pull/7587)) - Fixed wrong `user` string in API logs when receiving responses with status codes 308 or 404. ([#7709](https://github.com/wazuh/wazuh/pull/7709)) - Fixed API errors when cluster is disabled and node_type is worker. ([#7867](https://github.com/wazuh/wazuh/pull/7867)) - Fixed redundant paths and duplicated tests in API integration test mapping script. ([#7798](https://github.com/wazuh/wazuh/pull/7798)) - Fixed an API integration test case failing in test_rbac_white_all and added a test case for the enable/disable run_as endpoint.([8014](https://github.com/wazuh/wazuh/pull/8014)) - Fixed a thread race condition when adding or deleting agents without authd ([8148](https://github.com/wazuh/wazuh/pull/8148)) - Fixed CORS in API configuration. ([#8496](https://github.com/wazuh/wazuh/pull/8496)) - Fixed api.log to avoid unhandled exceptions on API timeouts. ([#8887](https://github.com/wazuh/wazuh/pull/8887)) - **Ruleset:** - Fixed usb-storage-attached regex pattern to support blank spaces. ([#7837](https://github.com/wazuh/wazuh/issues/7837)) - Fixed SCA checks for RHEL7 and CentOS 7. Thanks to J. Daniel Medeiros (@jdmedeiros). ([#7645](https://github.com/wazuh/wazuh/pull/7645)) - Fixed the match criteria of the AWS WAF rules. ([#8111](https://github.com/wazuh/wazuh/pull/8111)) ### Removed - **Core:** - File /etc/ossec-init.conf does not exist anymore. ([#7175](https://github.com/wazuh/wazuh/pull/7175)) - Unused files have been removed from the repository, including TAP tests. ([#7398](https://github.com/wazuh/wazuh/issues/7398)) - **API:** - Removed the `allow_run_as` parameter from endpoints `POST /security/users` and `PUT /security/users/{user_id}`. ([#7588](https://github.com/wazuh/wazuh/pull/7588)) - Removed `behind_proxy_server` option from configuration. ([#7006](https://github.com/wazuh/wazuh/issues/7006)) - **Framework:** - Deprecated `update_ruleset` script. ([#6904](https://github.com/wazuh/wazuh/issues/6904)) 2021-08-25T18:14:22+00:00 rita v4.4.0 rita v4.4.0 2021-08-25T20:00:50+00:00 Changes: - Add timestamp to HTML report templates (#662) - Use the past 24 hours of data to analyze proxy beacons rather than just the last hour (#690) - The RITA parser has been updated with a number of performance tweaks (#654, #695) - Gather IPs for FQDN beacon analysis using DNS lookups from the past 24 hours of data rather than just the last hour (#676, #700) - Drop stobe limit down to 86400 (#697) - Add option to configuration file which filters out connections from external hosts to internal hosts (#655) Bug Fixes: - Add unique indexes to `beaconFQDN` and `beaconProxy` collections (#689) - Add additional indexes to `host` collection (#687) - Prevented duplicate threat intel records from being created in the `host` collection (#683) - Fixed a bug where threat intel records in the `host` collection were not being updated when using rolling imports (#683) - Fixed a bug where the max beacon score listed in the `host` collection for a pair of hosts would never decrease when using rolling imports (#683) - Fixed a bug where rare signature entries might not be added to the `host` collection due to a race condition (#683) - Fixed a bug where the connection counts for each host in the `host` collection were under-counted when using rolling imports (#683) - Removed unused/ broken code in max duration analysis (#683) 2021-08-25T20:00:50+00:00 json v3.10.2 json v3.10.2 2021-08-26T07:09:36+00:00 Release date: 2021-08-26 SHA-256: 059743e48b37e41579ee3a92e82e984bfa0d2a9a2b20b175d04db8089f46f047 (json.hpp), 61e605be15e88deeac4582aaf01c09d616f8302edde7adcaba9261ddc3b4ceca (include.zip) ### Summary This release is made days after the 3.10.1 release due to a bug in the release script: The [3.10.1 release](https://github.com/nlohmann/json/releases/tag/v3.10.1) at GitHub contained the correct files, but the associated tag [v3.10.1](https://github.com/nlohmann/json/tree/v3.10.1) points to the wrong commit. This release is made with a fixed build script. All changes are backward-compatible. :moneybag: Note you can **support this project** via [GitHub sponsors](https://github.com/sponsors/nlohmann) or [PayPal](http://paypal.me/nlohmann). ### :zap: Improvements - Fix the release scripts to correctly tag releases. #2973 - Fix some `-Wunused` warnings on `JSON_DIAGNOSTICS` when the library is built without CMake. #2975 #2976 ### :fire: Deprecated functions Passing iterator pairs or pointer/length pairs to parsing functions (`basic_json::parse`, `basic_json::accept`, `basic_json::sax_parse`, `basic_json::from_cbor`, `basic_json::from_msgpack`, `basic_json::from_ubjson`, `basic_json::from_bson`) via initializer lists is deprecated. Instead, pass two iterators; for instance, call `basic_json::from_cbor(ptr, ptr+len)` instead of `basic_json::from_cbor({ptr, len})`. The following functions have been deprecated in earlier versions and will be removed in the next major version (i.e., 4.0.0): - Function [`iterator_wrapper`](https://nlohmann.github.io/json/doxygen/classnlohmann_1_1basic__json_a0a8051760196ac813fd5eb3c8d5a2976.html#a0a8051760196ac813fd5eb3c8d5a2976) are deprecated. Please use the member function [`items()`](https://nlohmann.github.io/json/doxygen/classnlohmann_1_1basic__json_a5961446010dfc494e0c247b4e9026977.html#a5961446010dfc494e0c247b4e9026977) instead. - Functions [`friend std::istream& operator<<(basic_json&, std::istream&)`](https://nlohmann.github.io/json/doxygen/classnlohmann_1_1basic__json_a60ca396028b8d9714c6e10efbf475af6.html#a60ca396028b8d9714c6e10efbf475af6) and [`friend std::ostream& operator>>(const basic_json&, std::ostream&)`](https://nlohmann.github.io/json/doxygen/classnlohmann_1_1basic__json_a34d6a60dd99e9f33b8273a1c8db5669b.html#a34d6a60dd99e9f33b8273a1c8db5669b) are deprecated. Please use [`friend std::istream& operator>>(std::istream&, basic_json&)`](https://nlohmann.github.io/json/doxygen/classnlohmann_1_1basic__json_aaf363408931d76472ded14017e59c9e8.html#aaf363408931d76472ded14017e59c9e8) and [`friend operator<<(std::ostream&, const basic_json&)`](https://nlohmann.github.io/json/doxygen/classnlohmann_1_1basic__json_a5e34c5435e557d0bf666bd7311211405.html#a5e34c5435e557d0bf666bd7311211405) instead. All deprecations are annotated with [`HEDLEY_DEPRECATED_FOR`](https://nemequ.github.io/hedley/api-reference.html#HEDLEY_DEPRECATED_FOR) to report which function to use instead. 2021-08-26T07:09:36+00:00 mattermost-server v5.37.2 mattermost-server v5.37.2 2021-08-26T15:33:08+00:00 Mattermost Platform Release v5.37.2 2021-08-26T15:33:08+00:00 CyberChef v9.32.2 CyberChef v9.32.2 2021-08-26T15:59:25+00:00 See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details. 2021-08-26T15:59:25+00:00 mattermost-server v5.38.2 mattermost-server v5.38.2 2021-08-26T16:09:22+00:00 Mattermost Platform Release v5.38.2 2021-08-26T16:09:22+00:00 osquery 5.0.0 osquery 5.0.0 2021-08-26T18:25:13+00:00 Initial draft of the 5.0. This release may be deleted! 2021-08-26T18:25:13+00:00 uBlock 1.37.3b19 uBlock 1.37.3b19 2021-08-26T22:38:38+00:00 2021-08-26T22:38:38+00:00 turbinia 20210826 turbinia 20210826 2021-08-27T04:38:03+00:00 2021-08-27T04:38:03+00:00 ida_ifl v1.4.2.2 ida_ifl v1.4.2.2 2021-08-27T05:04:05+00:00 IFL v1.4.x - for IDA 7.x (SDK version >= 7.4) using Python 3 Small fixes 2021-08-27T05:04:05+00:00 edk2 edk2-stable202108 edk2 edk2-stable202108 2021-08-27T07:03:54+00:00 # Release Date 2021-08-27 ## New Features * [OvmfPkg: remove Xen support from OvmfPkg*.dsc, in favor of OvmfXen.dsc](https://bugzilla.tianocore.org/show_bug.cgi?id=2122) * [Add CLANGDWARF toolchain for generating ELF+DWARF](https://bugzilla.tianocore.org/show_bug.cgi?id=3431) * [NetworkPkg/IScsiDxe: remotely exploitable buffer overflows](https://bugzilla.tianocore.org/show_bug.cgi?id=3356) * [NetworkPkg/IScsiDxe: add sha256 support to CHAP](https://bugzilla.tianocore.org/show_bug.cgi?id=3355) * [Create header files and multiple Hobs for Universal Payload](https://bugzilla.tianocore.org/show_bug.cgi?id=3447) * [Add search feature in config editor](https://bugzilla.tianocore.org/show_bug.cgi?id=3482) * [Add additional build option to treat Dynamic Pcd as DynamicEx Pcd](https://bugzilla.tianocore.org/show_bug.cgi?id=1688) * [Add a new MicrocodeLib for microcode loading](https://bugzilla.tianocore.org/show_bug.cgi?id=3303) * [Implement key enrolment from default key variables](https://bugzilla.tianocore.org/show_bug.cgi?id=3481) * [StandaloneMm support for 32bit Arm machines](https://bugzilla.tianocore.org/show_bug.cgi?id=3381) * [Add firmware support for Cloud Hypervisor on arm64](https://bugzilla.tianocore.org/show_bug.cgi?id=3393) * [Support architecture-specific openssl acceleration](https://bugzilla.tianocore.org/show_bug.cgi?id=2507) * [Support measured AMD SEV boot with kernel/initrd/cmdline](https://bugzilla.tianocore.org/show_bug.cgi?id=3457) * [Add ACPI 6.4 header](https://bugzilla.tianocore.org/show_bug.cgi?id=3516) * [Add new BootDiscoveryPolicyUiLib](https://bugzilla.tianocore.org/show_bug.cgi?id=3551) ## [Bugzilla List](https://bugzilla.tianocore.org/buglist.cgi?bug_status=RESOLVED&chfield=bug_status&chfieldfrom=2021-05-28&chfieldto=2021-08-27&chfieldvalue=RESOLVED&component=Code&component=Security%20Issue&component=Tools&list_id=16128&product=EDK2&product=Tianocore%20Feature%20Requests&product=Tianocore%20Security%20Issues&query_format=advanced&resolution=---&resolution=FIXED&resolution=INVALID&resolution=WONTFIX&resolution=DUPLICATE&resolution=WORKSFORME) 2021-08-27T07:03:54+00:00 TheHive 4.1.10 TheHive 4.1.10 2021-08-27T08:05:02+00:00 ## [4.1.10](https://github.com/TheHive-Project/TheHive/milestone/79) (2021-08-26) **Fixed bugs:** - [Bug] Reload last case number from database periodically [\#2182](https://github.com/TheHive-Project/TheHive/issues/2182) 2021-08-27T08:05:02+00:00 tidb v5.2.0 tidb v5.2.0 2021-08-27T10:32:09+00:00 ## Improvements * Support pushing down the built-in function `json_unquote()` to TiKV [#24415](https://github.com/pingcap/tidb/issues/24415) * Support removing the `union` branch from the dual table [#25614](https://github.com/pingcap/tidb/pull/25614) * Optimize the aggregate operator's cost factor [#25241](https://github.com/pingcap/tidb/pull/25241) * Allow the MPP outer join to choose the build table based on the table row count [#25142](https://github.com/pingcap/tidb/pull/25142) * Support balancing the MPP query workload among different TiFlash nodes based on Regions [#24724](https://github.com/pingcap/tidb/pull/24724) * Support invalidating stale Regions in the cache after the MPP query is executed [#24432](https://github.com/pingcap/tidb/pull/24432) * Improve the MySQL compatibility of the built-in function`str_to_date` for the format specifiers `%b/%M/%r/%T` [#25767](https://github.com/pingcap/tidb/pull/25767) * Fix the issue that inconsistent binding caches might be created in multiple TiDB after recreating different bindings for the same query [#26015](https://github.com/pingcap/tidb/pull/26015) * Fix the issue that the existing bindings cannot be loaded into cache after upgrade [#23295](https://github.com/pingcap/tidb/pull/23295) * Support ordering the result of `SHOW BINDINGS` by (`original_sql`, `update_time`) [#26139](https://github.com/pingcap/tidb/pull/26139) * Improve the logic of query optimization when bindings exist, and reduce optimization times of a query [#26141](https://github.com/pingcap/tidb/pull/26141) * Support completing the garbage collection automatically for the bindings in the "deleted" status [#26206](https://github.com/pingcap/tidb/pull/26206) * Support showing whether a binding is used for query optimization in the result of `EXPLAIN VERBOSE` [#26930](https://github.com/pingcap/tidb/pull/26930) * Add a new status variation `last_plan_binding_update_time` to view the timestamp corresponding to the binding cache in the current TiDB instance [#26340](https://github.com/pingcap/tidb/pull/26340) * Support reporting an error when starting binding evolution or running `admin evolve bindings` to ban the baseline evolution (currently disabled in the on-premises TiDB version because it is an experimental feature) affecting other features [#26333](https://github.com/pingcap/tidb/pull/26333) ## Bug Fixes * Fix the issue that an incorrect result is returned when using merge join on the `SET` type column [#25669](https://github.com/pingcap/tidb/issues/25669) * Fix the data corruption issue in the `IN` expression's arguments [#25591](https://github.com/pingcap/tidb/issues/25591) * Avoid the sessions of GC being affected by global variables [#24976](https://github.com/pingcap/tidb/issues/24976) * Fix the panic issue that occurs when using `limit` in the window function queries [#25344](https://github.com/pingcap/tidb/issues/25344) * Fix the wrong value returned when querying a partitioned table using `Limit` [#24636](https://github.com/pingcap/tidb/issues/24636) * Fix the issue that `IFNULL` does not correctly take effect on the `ENUM` or `SET` type column [#24944](https://github.com/pingcap/tidb/issues/24944) * Fix the wrong results caused by changing the `count` in the join subqueries to `first_row` [#24865](https://github.com/pingcap/tidb/issues/24865) * Fix the query hang issue that occurs when `ParallelApply` is used under the `TopN` operator [#24930](https://github.com/pingcap/tidb/issues/24930) * Fix the issue that more results than expected are returned when executing SQL statements using multi-column prefix indexes [#24356](https://github.com/pingcap/tidb/issues/24356) * Fix the issue that the `<=>` operator cannot correctly take effect [#24477](https://github.com/pingcap/tidb/issues/24477) * Fix the data race issue of the parallel `Apply` operator [#23280](https://github.com/pingcap/tidb/issues/23280) * Fix the issue that the `index out of range` error is reported when sorting the IndexMerge results of the PartitionUnion operator [#23919](https://github.com/pingcap/tidb/issues/23919) * Fix the issue that setting the `tidb_snapshot` variable to an unexpectedly large value might damage the transaction isolation [#25680](https://github.com/pingcap/tidb/issues/25680) * Fix the issue that the ODBC-styled constant (for example, `{d '2020-01-01'}`) cannot be used as the expression [#25531](https://github.com/pingcap/tidb/issues/25531) * Fix the issue that `SELECT DISTINCT` converted to `Batch Get` causes incorrect results [#25320](https://github.com/pingcap/tidb/issues/25320) * Fix the issue that backing off queries from TiFlash to TiKV cannot be triggered [#23665](https://github.com/pingcap/tidb/issues/23665) [#24421](https://github.com/pingcap/tidb/issues/24421) * Fix the `index-out-of-range` error that occurs when checking `only_full_group_by` [#23839](https://github.com/pingcap/tidb/issues/23839)) * Fix the issue that the result of index join in correlated subqueries is wrong [#25799](https://github.com/pingcap/tidb/issues/25799) 2021-08-27T10:32:09+00:00 uBlock 1.37.3b20 uBlock 1.37.3b20 2021-08-27T14:58:02+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b20...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b20.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b20/uBlock0_1.37.3b20.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b20.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b20/uBlock0_1.37.3b20.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **NodeJS**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.37.3b20.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.37.3b20/uBlock0_1.37.3b20.npm.tgz). --- ## New ### :matches-path(...) New cosmetic procedural operator, `:matches-path(...)`. See ["Add $path modifier of Adguard or any equivalents of this"](https://github.com/uBlockOrigin/uBlock-issues/issues/1690). ### Node.js A new NodeJS package will now published with every release. The package allows to import and use uBO's static and dynamic filtering engines into NodeJS. This is currently minimal and a first iteration, and issues regarding the NodeJS package are accepted in order to improve usability of uBO's filtering engines in a NodeJS package. The ability to run code from a NodeJS package also opens the door to have [test coverage](https://en.wikipedia.org/wiki/Code_coverage) in uBO. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with NodeJS environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [Scriptlets don't work randomly in Firefox](https://github.com/uBlockOrigin/uBlock-issues/issues/1694) - [Security: comments can be used to smuggle url() functions into css values](https://github.com/uBlockOrigin/uBlock-issues/issues/1693) - [Prevent uBO from hiding html or body when matched by a generic cosmetic filter](https://github.com/uBlockOrigin/uBlock-issues/issues/1692) - [On Android Popup Overlays [or Underlays] On-Screen Navigation Buttons](https://github.com/uBlockOrigin/uBlock-issues/issues/1691) - [Add $path modifier of Adguard or any equivalents of this](https://github.com/uBlockOrigin/uBlock-issues/issues/1690) - [The overview panel will not show everything if the uBO's icon is placed in the Firefox overflow menu](https://github.com/uBlockOrigin/uBlock-issues/issues/1604) - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of supported browsers has been increased to Chromium 61, Firefox 60, and Opera 48. ## Notable commits without en entry in the issue tracker - [Refactor hntrie to avoid the need for boundary cells](https://github.com/gorhill/uBlock/commit/c6fb70b1f0acb1003b516ceb678df27f6657b4f8) - [Fix bad test in WASM version of HNTrieContainer](https://github.com/gorhill/uBlock/commit/b54bf554a80c8640fb8c8064eeea48576974b0c2) - [Export the rule-based filtering engines to the nodejs package](https://github.com/gorhill/uBlock/commit/89c5653bc60d0a457358d6e862c8574bfc819675) - [Rewrite logical expressions for ESLint](https://github.com/gorhill/uBlock/commit/6ef74fc21ba87717330de12cfade8d1e65c702d5) - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-08-27T14:58:02+00:00 chipsec 1.7.1 chipsec 1.7.1 2021-08-27T16:22:33+00:00 __New or Updated Modules/UtilCmds:__ * `common.memlock` - Add usage documentation * `common.remap` - Add usage documentation * `common.smm` - Add usage documentation * `common.uefi.access_uefispec` - Add & update usage documentation * `common.uefi.s3bootscript` - Add & update usage documentation __New or Updated Configurations:__ * `8086/apl` - Add fixed address to PWMRBASE * `8086/ivt` - Fix MMCFG definition * `8086/jkt` - Fix MMCFG definition __Removed Modules:__ * None __Additional Changes:__ * `.github/workflows/tests.yml` - Update to support the move to python3 * `chipset` - Warn about missing debug logs in init function in comment * `debian/control` - Update to support the move to python3 * `hal.uefi_search` - Convert regexp rule to bytes * `helper.oshelper` - Warn and force user to interact if running python2 in an OS * `helper.win.win32helper` - Hide by default handled windows exceptions, Align win32helper.py MMIO reg debug text * Remove exception definitions from individual files and co-located them in `chipsec.exceptions` * Remove `#!/usr/bin/python` from the top of python files that were not entry points. * Update `#!` to `#!/usr/bin/env python3` for entry points: * chipsec_main.py, chipsec_util.py, setup.py, __Additional Notes:__ * __For Windows, Linux and MacOS: Python2 support has been deprecated as of June 2020. Please use Python3.__ * Any modules under the `modules.tools` directory have not yet been fully validated to work with Python3. __New Module Details:__ Module Name | Supported Platforms | Flags :---: | :---: | :---: 2021-08-27T16:22:33+00:00 SecLists 2021.3 SecLists 2021.3 2021-08-27T20:26:39+00:00 Third release of 2021! 🎉 This release includes multiple updates from the community 🎉 2021-08-27T20:26:39+00:00 node_redis v4.0.0-rc.0 node_redis v4.0.0-rc.0 2021-08-27T20:48:23+00:00 This version is a major change and refactor, adding modern JavaScript capabilities and multiple breaking changes. See the [migration guide](./docs/v3-to-v4.md) for tips on how to upgrade. ### Breaking Changes - All functions return Promises by default - Dropped support for Node.js 10.x, the minimum supported Node.js version is now 12.x - `createClient` takes new and different arguments - The `prefix`, `rename_commands` configuration options to `createClient` have been removed - Login credentials are no longer saved when using `.auth()` directly ### Features - Added support for Promises - Added built-in TypeScript declaration files enabling code completion - Added support for [clustering](./README.md#cluster) - Added idiomatic arguments and responses to [Redis commands](./README.md#redis-commands) - Added full support for [Lua Scripts](./README.md#lua-scripts) - Added support for [SCAN iterators](./README.md#scan-iterator) - Added the ability to extend Node Redis with Redis Module commands 2021-08-27T20:48:23+00:00 AIL-framework v3.7 AIL-framework v3.7 2021-08-27T21:09:10+00:00 AIL Framework version 3.7 released with many bugs fixed and improvement. The term tracker has been improved including the first_seen and last_seen. Various bugs were fixed and documentation improved. Thanks to all the contributors and especially Tony Jabbour for the new CentOS installation documentation. Thanks to Relega for the improved documentation about the pystemon integration. And a huge thank to @Fbroy for the new feeders: [Discord](https://github.com/ail-project/ail-feeder-discord), [ActivityPub feeder](https://github.com/ail-project/ail-feeder-activity-pub) and [RSS/Atom feeder](https://github.com/ail-project/ail-feeder-atom-rss). There is an ongoing feeder to include AIL2AIL synchronisation and a [first draft of the message format](https://github.com/ail-project/ail-exchange-format/blob/main/ail-stream.md) has been proposed. Feedback is more than welcome. ![ail-bitcoin](https://user-images.githubusercontent.com/3309/131188566-4b345df9-8c93-48fd-9ab9-7e03e0e9e6bb.png) # v3.7 (2021-08-27) ### Changes * [tracker + update] add update v3.7 + add map item_id:tracker_uuid (data retention) + fix tracker first_seen/last_seen. [Terrtia] * [tracker] typo fixed. [Alexandre Dulaunoy] * [Credential + tags] add misp-taxonomies submodule + fix typo. [Terrtia] * [gitchangelog.rc] updated to output Markdown. [Alexandre Dulaunoy] ### Fix * [tracker] global tracker list: fix first/last seen. [Terrtia] * [v3.7] add missing file. [Terrtia] * [trackers] items by daterange. [Terrtia] * [correlation graph] fix legend, remove icon text. [Terrtia] * [Credential] fix moduleStats. [Terrtia] * [Credemtial module] fix stats. [Terrtia] * [Yara + regex trackers] remove tests. [Terrtia] * [Decoder] log level. [Terrtia] * [abstract_modules + Global] log message on error + fix Global exception on invalid gzip. [Terrtia] * [Credential] fix old funct call. [Terrtia] * [UI Item submit] tags input: avoid browser and password managers autocomplete. [Terrtia] * [term tracker] typo. [Terrtia] ### Other * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Merge pull request #123 from TonyJabbour/master. [Alexandre Dulaunoy] CentOS 8 installation script Fixed a problem * CentOS 8 installation script Fixed a problem Added centos installation guide in README.md. [Tony Jabbour] * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Merge pull request #122 from TonyJabbour/master. [Alexandre Dulaunoy] Added CentOS 8 installation script * Added CentOS 8 installation script. [Tony Jabbour] * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Merge pull request #119 from Relega/patch-1. [Alexandre Dulaunoy] Update HOWTO.md * Update HOWTO.md. [Relega] * replaced pystemon url (from circl repository to the original repository) * refined pystemon instructions 2021-08-27T21:09:10+00:00 seaweedfs 2.65 seaweedfs 2.65 2021-08-28T12:28:16+00:00 * [Cloud Drive](https://github.com/chrislusf/seaweedfs/wiki/Cloud-Drive-Architecture) cache and sync cloud data to local SeaweedFS cluster * Supports Azure * Supports BackBlaze * Supports Aliyun * Supports Tencent * Supports Wasabi * Distributed parallel downloading. * Mount * Invalidate mount meta cache #2289 2021-08-28T12:28:16+00:00 gopass v1.12.8 gopass v1.12.8 2021-08-28T14:30:32+00:00 ## 1.12.8 / 2021-08-28 * [BUGFIX] Use same default for partial config files (#1968) * [CLEANUP] Remove GOPASS_NOCOLOR in favor of NO_COLOR (#1937, #1936) * [ENHACNEMENT] Add gopass merge (#1979, #1948) * [ENHANCEMENT] Add --symbols to gopass pwgen (#1966) * [ENHANCEMENT] Warn on untracked files (#1972) 2021-08-28T14:30:32+00:00 SecLists 2021.3.1 SecLists 2021.3.1 2021-08-28T21:35:53+00:00 Third release of 2021! 🎉 This release includes multiple updates from the community 🎉 2021-08-28T21:35:53+00:00 SmallerC v1.0.0+dos.win.2a18041 SmallerC v1.0.0+dos.win.2a18041 2021-08-29T00:56:38+00:00 This release includes: * DOS binaries: regular (under ```bind```) and DPMI (under ```bindp```). * Windows binaries (under ```binw```). They need to be assembled from parts (with the ```copy /b``` command, see ```binw/readme.txt``` for details). The reason being false positives in antivirus software, which may hinder downloading the pre-compiled Windows binaries. * CWSDPMI r5 dependency for the DOS DPMI binaries. * Include and library files (under ```include``` and ```lib``` respectively). * Test programs (under ```tests```). This release doesn't include: * The compiler sources. * NASM (you'll need version 2.03 or later). * Binaries for Linux and MacOS. Installation: * Create a directory as close as possible to the disk root, e.g. ```C:\SMLRC```. * Unpack the contents of the archive there. * Set your ```PATH``` environment variable to point to ```C:\SMLRC\BIND``` or ```C:\SMLRC\BINDP``` or ```C:\SMLRC\BINW```, as appropriate. * Make ```NASM.EXE``` (you'll need version 2.03 or later) available through the ```PATH``` environment variable as well. 2021-08-29T00:56:38+00:00 hashcat v6.2.4 hashcat v6.2.4 2021-08-29T15:27:37+00:00 Welcome to hashcat 6.2.4 release! This release adds performance improvements, a new rule-engine function, several new hash-modes, and bug fixes. This is a minor release. If you are looking for release notes please refer to docs/changes.txt. 2021-08-29T15:27:37+00:00 wire-server v2021-08-27 wire-server v2021-08-27 2021-08-30T07:58:44+00:00 ## Release Notes ## API Changes * Deprecate `DELETE /conversations/:cnv/members/:usr` (#1697) * Add `DELETE /conversations/:cnv/members/:domain/:usr` (#1697) ## Features ## Bug fixes and other updates * Fix case sensitivity in schema parser in hscim library (#1714) * [helm charts] resolve a rate-limiting issue when using certificate-manager alongside wire-server and nginx-ingress-services helm charts (#1715) ## Documentation * Improve Swagger for `DELETE /conversations/:cnv/members/:usr` (#1697) ## Internal changes * Integration test script now displays output interactively (#1700) * Fixed a few issues with error response documentation in Swagger (#1707) * Make mapping between (team) permissions and roles more lenient (#1711) * The `DELETE /conversations/:cnv/members/:usr` endpoint rewritten to Servant (#1697) * Remove leftover auto-connect internal endpoint and code (#1716) * Bump wire-webapp (#1720) * Bump team-settings (#1721) * Bump account-pages (#1666) ## Federation changes * Added client certificate support for server to server authentication (#1682) * Implemented full server-to-server authentication (#1687) * Add an endpoint for removing a qualified user from a local conversation (#1697) 2021-08-30T07:58:44+00:00 Lookyloo v1.8.0 Lookyloo v1.8.0 2021-08-30T13:34:31+00:00 **New Features**: * Integration with [urlscan.io](https://urlscan.io) - [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-integration.html#_urlscan_io) * Trigger a capture from the URL - https://github.com/Lookyloo/lookyloo/issues/248 * Archiving: the captures more than 6 month old ([configurable](https://www.lookyloo.eu/docs/main/lookyloo-configuration.html#_core_config)) are moved to an archive directory so they're not listed on the index anymore, but the captures can still be accessed by UUID (doesn't break permanent URLs) * Index file by directory for each captures (archived or not). Greatly reduces the I/O when initializing the known captures in redis. **Fixes**: * Missing 3rd party web dependencies in docker (thanks to @FafnerKeyZee) **Changes** - This release is implementing a lot of back end changes : * The captures are now stored a by year and month (instead of in a single directory) to avoid having too many entries in the same directory (ext4 dislikes it). All the new captures are following this new architecture, but you need to run `tools/change_captures_dir.py` to move the existing ones to the new format (only useful if you feel restarting the app takes too much time) * Move all the capture-related code from `Lookyloo` to `AsyncCapture` * Move all the services management code to abstractmanager * Use redis pooling to manage connections to the database in `Lookyloo` and `Indexing` * New process to trigger occasional actions, currently: generate the daily user-agent file if Lookyloo is using the UAs of its own users. * Reinitialize the list of captures UUIDs when starting the app instead of the in website itself * Improvements in processes handling (TL;DR: don't stop redis until all the async captures processes are down) * Move some methods from `Lookyloo` to the helpers * Simplify code in `Lookyloo` to make it more readable, remove dead code. * Bump dependencies, add `hiredis` to speed up redis interactions * Return proper HTTP error codes (mostly 4XX), when appropriate 2021-08-30T13:34:31+00:00 netbox v3.0.0 netbox v3.0.0 2021-08-30T18:48:11+00:00 **WARNING:** Upgrading an existing NetBox deployment to version 3.0 **must** be done from version 2.11.0 or later. If attempting to upgrade a deployment of NetBox v2.10 or earlier, first upgrade to a NetBox v2.11 release, and then upgrade from v2.11 to v3.0. This will avoid any problems with the database migration optimizations implemented in version 3.0. (This is not necessary for _new_ installations.) ### Breaking Changes * Python 3.6 is no longer supported. NetBox v3.0 supports Python 3.7, 3.8, and 3.9. * The secrets functionality present in prior releases of NetBox has been removed. The NetBox maintainers strongly recommend the adoption of [Hashicorp Vault](https://github.com/hashicorp/vault) in place of this feature. Development of a NetBox plugin to replace the legacy secrets functionality is also underway. * The default CSV export format for all objects now includes all available data from the object list. Additionally, the CSV headers now use human-friendly titles rather than raw field names. If backward compatibility with the old format is desired, export templates can be written to reproduce it. * The `invalidate` management command (which clears cached database queries) is no longer needed and has been removed (see [#6639](https://github.com/netbox-community/netbox/issues/6639)). * Support for queryset caching configuration (`caching_config`) has been removed from the plugins API (see [#6639](https://github.com/netbox-community/netbox/issues/6639)). * The `cacheops_*` metrics have been removed from the Prometheus exporter (see [#6639](https://github.com/netbox-community/netbox/issues/6639)). * The `display_field` keyword argument has been removed from custom script ObjectVar and MultiObjectVar fields. These widgets will use the `display` value provided by the REST API. * The deprecated `display_name` field has been removed from all REST API serializers. (API clients should reference the `display` field instead.) * The redundant REST API endpoints for console, power, and interface connections have been removed. The same data can be retrieved by querying the respective model endpoints with the `?connected=True` filter applied. ### New Features #### Updated User Interface ([#5893](https://github.com/netbox-community/netbox/issues/5893)) The NetBox user interface has been completely overhauled with a fresh new look! Beyond the cosmetic improvements, this initiative has allowed us to modernize the entire front end, upgrading from Bootstrap 3 to Bootstrap 5, and eliminating dependencies on outdated libraries such as jQuery and jQuery-UI. The new user interface also features a dark mode option. A huge thank you to NetBox maintainer [Matt Love](https://github.com/thatmattlove) for his tremendous work on this! #### GraphQL API ([#2007](https://github.com/netbox-community/netbox/issues/2007)) A new [GraphQL API](https://graphql.org/) has been added to complement NetBox's REST API. GraphQL allows the client to specify which fields of the available data to return in each request. NetBox's implementation, which employs [Graphene](https://graphene-python.org/), also includes a user-friendly query interface known as GraphiQL. Here's an example GraphQL request: ``` { circuit_list { cid provider { name } termination_a { id } termination_z { id } } } ``` And the response: ``` { "data": { "circuit_list": [ { "cid": "1002840283", "provider": { "name": "CenturyLink" }, "termination_a": null, "termination_z": { "id": "23" } }, ... ``` All GraphQL requests are made at the `/graphql` URL (which also serves the GraphiQL UI). The API is currently read-only, however users who wish to disable it until needed can do so by setting the `GRAPHQL_ENABLED` configuration parameter to False. For more detail on NetBox's GraphQL implementation, see [the GraphQL API documentation](https://netbox.readthedocs.io/en/stable/graphql-api/overview/). #### IP Ranges ([#834](https://github.com/netbox-community/netbox/issues/834)) NetBox now supports modeling arbitrary IP ranges, which are defined by specifying a starting and ending IP address (e.g. to denote DHCP pools). Similar to prefixes, each IP range may optionally be assigned to a VRF and/or tenant, and can be assigned a functional role. An IP range must be assigned a status of active, reserved, or deprecated. The REST API implementation for this model also includes an "available IPs" endpoint which functions similarly to the endpoint for prefixes. More information about IP ranges is available [in the documentation](https://netbox.readthedocs.io/en/stable/core-functionality/ipam/#ip-ranges). #### Custom Model Validation ([#5963](https://github.com/netbox-community/netbox/issues/5963)) This release introduces the [`CUSTOM_VALIDATORS`](https://netbox.readthedocs.io/en/stable/configuration/optional-settings/#custom_validators) configuration parameter, which allows administrators to map NetBox models to custom validator classes to enforce custom validation logic. For example, the following configuration requires every site to have a name of at least ten characters and a description: ```python from extras.validators import CustomValidator CUSTOM_VALIDATORS = { 'dcim.site': ( CustomValidator({ 'name': { 'min_length': 10, }, 'description': { 'required': True, } }), ) } ``` CustomValidator can also be subclassed to enforce more complex logic by overriding its `validate()` method. See the [custom validation](https://netbox.readthedocs.io/en/stable/customization/custom-validation/) documentation for more details. #### SVG Cable Traces ([#6000](https://github.com/netbox-community/netbox/issues/6000)) Cable trace diagrams are now rendered as atomic SVG images, similar to rack elevations. These images are embedded in the UI and can be easily downloaded for use outside NetBox. SVG images can also be generated directly through the REST API, by specifying SVG as the render format for the `trace` endpoint on a cable termination: ```no-highlight GET /api/dcim/interfaces/<ID>>/trace/?render=svg ``` The width of the rendered image in pixels may optionally be specified by appending the `&width=<width>` parameter to the request. The default width is 400px. #### New Views for Models Previously Under the Admin UI ([#6466](https://github.com/netbox-community/netbox/issues/6466)) New UI views have been introduced to manage the following models: * Custom fields * Custom links * Export templates * Webhooks These models were previously managed under the admin section of the UI. Moving them to dedicated views ensures a more consistent and convenient user experience. #### REST API Token Provisioning ([#5264](https://github.com/netbox-community/netbox/issues/5264)) The new REST API endpoint `/api/users/tokens/` has been added, which includes a child endpoint for provisioning new REST API tokens using a username and password. This allows a user to gain REST API access without needing to first create a token via the web UI. ``` $ curl -X POST \ -H "Content-Type: application/json" \ -H "Accept: application/json; indent=4" \ https://netbox/api/users/tokens/provision/ \ --data '{ "username": "hankhill", "password: "I<3C3H8", }' ``` If the supplied credentials are valid, NetBox will create and return a new token for the user. #### New Housekeeping Command ([#6590](https://github.com/netbox-community/netbox/issues/6590)) A new management command has been added: `manage.py housekeeping`. This command is intended to be run nightly via a system cron job. It performs the following tasks: * Clear expired authentication sessions from the database * Delete change log records which have surpassed the configured retention period (if configured) * Check for new NetBox releases (if enabled) A convenience script for calling this command via an automated scheduler has been included at `/contrib/netbox-housekeeping.sh`. Please see the [housekeeping documentation](https://netbox.readthedocs.io/en/stable/administration/housekeeping/) for further details. #### Custom Queue Support for Plugins ([#6651](https://github.com/netbox-community/netbox/issues/6651)) NetBox uses Redis and Django-RQ for background task queuing. Whereas previous releases employed only a single default queue, NetBox now provides a high-, medium- (default), and low-priority queue for use by plugins. (These will also likely be used internally as new functionality is added in future releases.) Plugins can also now create their own custom queues by defining a `queues` list within their PluginConfig class: ```python class MyPluginConfig(PluginConfig): name = 'myplugin' ... queues = [ 'queue1', 'queue2', 'queue-whatever-the-name' ] ``` Note that NetBox's `rqworker` process will _not_ service custom queues by default, since it has no way to infer the priority of each queue. Plugin authors should be diligent in including instructions for proper worker configuration in their plugin's documentation. ### Enhancements * [#2434](https://github.com/netbox-community/netbox/issues/2434) - Add option to assign IP address upon creating a new interface * [#3665](https://github.com/netbox-community/netbox/issues/3665) - Enable rendering export templates via REST API * [#3682](https://github.com/netbox-community/netbox/issues/3682) - Add `color` field to front and rear ports * [#4609](https://github.com/netbox-community/netbox/issues/4609) - Allow marking prefixes as fully utilized * [#5203](https://github.com/netbox-community/netbox/issues/5203) - Remember user preference when toggling display of device images in rack elevations * [#5806](https://github.com/netbox-community/netbox/issues/5806) - Add kilometer and mile as choices for cable length unit * [#6154](https://github.com/netbox-community/netbox/issues/6154) - Allow decimal values for cable lengths * [#6328](https://github.com/netbox-community/netbox/issues/6328) - Build and serve documentation locally ### Bug Fixes (from v3.2-beta2) * [#6977](https://github.com/netbox-community/netbox/issues/6977) - Truncate global search dropdown on small screens * [#6979](https://github.com/netbox-community/netbox/issues/6979) - Hide "create & add another" button for circuit terminations * [#6982](https://github.com/netbox-community/netbox/issues/6982) - Fix styling of empty dropdown list under dark mode * [#6996](https://github.com/netbox-community/netbox/issues/6996) - Global search bar should be full width on mobile * [#7001](https://github.com/netbox-community/netbox/issues/7001) - Fix page focus on load * [#7034](https://github.com/netbox-community/netbox/issues/7034) - Fix toggling of VLAN group scope selector fields * [#7045](https://github.com/netbox-community/netbox/issues/7045) - Fix navigation menu rendering under Chrome ### Other Changes * [#5223](https://github.com/netbox-community/netbox/issues/5223) - Remove the console/power/interface connections REST API endpoints * [#5278](https://github.com/netbox-community/netbox/issues/5278) - Remove the secrets functionality from NetBox core * [#5532](https://github.com/netbox-community/netbox/issues/5532) - Drop support for Python 3.6 * [#5994](https://github.com/netbox-community/netbox/issues/5994) - Drop support for `display_field` argument on ObjectVar * [#6068](https://github.com/netbox-community/netbox/issues/6068) - Drop support for legacy static CSV export * [#6338](https://github.com/netbox-community/netbox/issues/6338) - Decimal fields are no longer coerced to strings in REST API * [#6471](https://github.com/netbox-community/netbox/issues/6471) - Optimize database migrations * [#6639](https://github.com/netbox-community/netbox/issues/6639) - Drop support for queryset caching (django-cacheops) * [#6713](https://github.com/netbox-community/netbox/issues/6713) - Checking for new releases is now done as part of the housekeeping routine * [#6767](https://github.com/netbox-community/netbox/issues/6767) - Add support for Python 3.9 ### Configuration Changes * The `CACHE_TIMEOUT` configuration parameter has been removed. * The `RELEASE_CHECK_TIMEOUT` configuration parameter has been removed. ### REST API Changes * Removed all endpoints related to the secrets functionality: * `/api/secrets/generate-rsa-key-pair/` * `/api/secrets/get-session-key/` * `/api/secrets/secrets/` * `/api/secrets/secret-roles/` * Removed the following "connections" endpoints: * `/api/dcim/console-connections/` * `/api/dcim/power-connections/` * `/api/dcim/interface-connections/` * Added the `/api/ipam/ip-ranges/` endpoint * Added the `/api/users/tokens/` endpoint * The `provision/` child endpoint can be used to provision new REST API tokens by supplying a valid username and password * dcim.Cable * `length` is now a decimal value * dcim.Device * Removed the `display_name` attribute (use `display` instead) * dcim.DeviceType * Removed the `display_name` attribute (use `display` instead) * dcim.FrontPort * Added `color` field * dcim.FrontPortTemplate * Added `color` field * dcim.Rack * Removed the `display_name` attribute (use `display` instead) * dcim.RearPort * Added `color` field * dcim.RearPortTemplate * Added `color` field * dcim.Site * `latitude` and `longitude` are now decimal fields rather than strings * extras.ContentType * Removed the `display_name` attribute (use `display` instead) * ipam.Prefix * Added the `mark_utilized` boolean field * ipam.VLAN * Removed the `display_name` attribute (use `display` instead) * ipam.VRF * Removed the `display_name` attribute (use `display` instead) * virtualization.VirtualMachine * `vcpus` is now a decimal field rather than a string 2021-08-30T18:48:11+00:00 julia v1.7.0-beta4 julia v1.7.0-beta4 2021-08-30T20:00:24+00:00 This is the fourth beta release for Julia v1.7.0. 2021-08-30T20:00:24+00:00 caddy v2.4.4 caddy v2.4.4 2021-08-30T23:10:42+00:00 This release contains numerous bug fixes, updated dependencies, and QoL improvements. Thanks to all contributors, and a special thanks to @francislavoie and @Mohammed90 for their dedication in helping to maintain the project and help others. ## Changelog 0bdb8aa8 acmeserver: Don't set host for directory links by default 2de7e14e acmeserver: Trim slashes from path prefix c131339c admin: Implement load_interval to pull config on a timer (#4246) a10910f3 admin: Sync server variables (fix #4260) (#4274) 51f125bd caddyfile: Better error message for missing site block braces (#4301) d74913f8 caddyfile: Error on invalid site addresses containing comma (#4302) b6f51254 caddyfile: keep error chain info in Dispenser.Errf (#4233) 1c6c7714 caddyhttp: Fix edgecase with auto HTTP->HTTPS logic (#4243) 42e140b1 caddyhttp: Fix incorrect determination of gRPC protocol (#4236) c1cd192e caddyhttp: Updated the documentation for MatchQuery (#4295) 81e53180 caddytls: Remove "IssuerRaw" field ce5a45db cmd: Fix paths when using an env file (#4296) 68c5c716 cmd: New `add-package` and `remove-package` commands (#4226) 9e333c39 cmd: use net.ErrClosed for matching returned error (#4289) 1b1e625c core: Unix ns and Unix ms time placeholders (#4280) 69c91448 encode: Tweak compression settings (#4215) 4245ceb6 fileserver: Add `disable_canonical_uris` Caddyfile subdirective (#4222) 191dc86f fileserver: Clarify docs about canonicalization 9e16e80f fileserver: Fix browse name_dir_first sorting (#4218) 885a9aaf go.mod: Update dependencies (close #4216) f43fd6f3 go.mod: Upgrade CertMagic to v0.14.4 84b906a2 go.mod: Upgrade some dependencies ab32440b httpcaddyfile: Add shortcut for proxy hostport placeholder (#4263) b3d35a49 httpcaddyfile: Don't put localhost in public APs (fix #4220) 569ecdbd httpcaddyfile: Ensure hosts to skip for logs can always be collected (#4258) bfbc459c httpcaddyfile: Improve unrecognized directive errors 403732c4 httpcaddyfile: Reorder some directives (#4311) 46d99aba logging: Add missing interface guards for replace filter (#4244) 124ba1ba logging: Prep for `common_log` removal (#4149) 8a974a4f logging: Warn for deprecated single_field encoder e6c29ce0 reverseproxy: Incorporate latest proxy changes from stdlib (#4266) d8822110 reverseproxy: Keep path to unix socket as dial address (#4232) f70a7578 reverseproxy: Remove redundant flushing (#4299) 2021-08-30T23:10:42+00:00 turbinia 20210831 turbinia 20210831 2021-09-01T00:58:50+00:00 2021-09-01T00:58:50+00:00 celery v5.2.0b2 celery v5.2.0b2 2021-09-01T16:19:20+00:00 2021-09-01T16:19:20+00:00 logstash v7.14.1 logstash v7.14.1 2021-09-01T16:31:13+00:00 Downloads: https://elastic.co/downloads/logstash Release notes: https://www.elastic.co/guide/en/logstash/7.14/logstash-7-14-1.html 2021-09-01T16:31:13+00:00 netbox v3.0.1 netbox v3.0.1 2021-09-01T19:10:59+00:00 ## Bug Fixes * [#7041](https://github.com/netbox-community/netbox/issues/7041) - Properly format JSON config object returned from a NAPALM device * [#7070](https://github.com/netbox-community/netbox/issues/7070) - Fix exception when filtering by prefix max length in UI * [#7071](https://github.com/netbox-community/netbox/issues/7071) - Fix exception when removing a primary IP from a device/VM * [#7072](https://github.com/netbox-community/netbox/issues/7072) - Fix table configuration under prefix child object views * [#7075](https://github.com/netbox-community/netbox/issues/7075) - Fix UI bug when a custom field has a space in the name * [#7080](https://github.com/netbox-community/netbox/issues/7080) - Fix missing image previews * [#7081](https://github.com/netbox-community/netbox/issues/7081) - Fix UI bug that did not properly request and handle paginated data * [#7082](https://github.com/netbox-community/netbox/issues/7082) - Avoid exception when referencing invalid content type in table * [#7083](https://github.com/netbox-community/netbox/issues/7083) - Correct labeling for VM memory attribute * [#7084](https://github.com/netbox-community/netbox/issues/7084) - Fix KeyError exception when editing access VLAN on an interface * [#7084](https://github.com/netbox-community/netbox/issues/7084) - Fix issue where hidden VLAN form fields were incorrectly included in the form submission * [#7089](https://github.com/netbox-community/netbox/issues/7089) - Fix filtering of change log by content type * [#7090](https://github.com/netbox-community/netbox/issues/7090) - Allow decimal input on length field when bulk editing cables * [#7091](https://github.com/netbox-community/netbox/issues/7091) - Ensure API requests from the UI are aware of `BASE_PATH` * [#7092](https://github.com/netbox-community/netbox/issues/7092) - Fix missing bulk edit buttons on Prefix IP Addresses table * [#7093](https://github.com/netbox-community/netbox/issues/7093) - Multi-select custom field filters should employ exact match * [#7096](https://github.com/netbox-community/netbox/issues/7096) - Home links should honor `BASE_PATH` configuration * [#7101](https://github.com/netbox-community/netbox/issues/7101) - Enforce `MAX_PAGE_SIZE` for table and REST API pagination * [#7106](https://github.com/netbox-community/netbox/issues/7106) - Fix incorrect "Map It" button URL on a site's physical address field * [#7107](https://github.com/netbox-community/netbox/issues/7107) - Fix missing search button and search results in IP address assignment "Assign IP" tab * [#7109](https://github.com/netbox-community/netbox/issues/7109) - Ensure human readability of exceptions raised during REST API requests * [#7113](https://github.com/netbox-community/netbox/issues/7113) - Show bulk edit/delete actions for prefix child objects * [#7123](https://github.com/netbox-community/netbox/issues/7123) - Remove "Global" placeholder for null VRF field * [#7124](https://github.com/netbox-community/netbox/issues/7124) - Fix duplicate static query param values in API Select 2021-09-01T19:10:59+00:00 uBlock 1.37.3b21 uBlock 1.37.3b21 2021-09-01T22:32:17+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b21...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b21.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b21/uBlock0_1.37.3b21.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b21.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b21/uBlock0_1.37.3b21.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **Node.js**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.37.3b21.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.37.3b21/uBlock0_1.37.3b21.npm.tgz). --- ## New ### :matches-path(...) New cosmetic procedural operator, `:matches-path(...)`. See ["Add $path modifier of Adguard or any equivalents of this"](https://github.com/uBlockOrigin/uBlock-issues/issues/1690). ### Node.js A new Node.js package will now published with every release. The package allows to import and use uBO's static and dynamic filtering engines into Node.js. This is currently minimal and a first iteration, and issues regarding the Node.js package are accepted in order to improve usability of uBO's filtering engines in a Node.js package. The ability to run code from a Node.js package also opens the door to have [test coverage](https://en.wikipedia.org/wiki/Code_coverage) in uBO. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with Node.js environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [Scriptlets don't work randomly in Firefox](https://github.com/uBlockOrigin/uBlock-issues/issues/1694) - [Security: comments can be used to smuggle url() functions into css values](https://github.com/uBlockOrigin/uBlock-issues/issues/1693) - [Prevent uBO from hiding html or body when matched by a generic cosmetic filter](https://github.com/uBlockOrigin/uBlock-issues/issues/1692) - [On Android Popup Overlays [or Underlays] On-Screen Navigation Buttons](https://github.com/uBlockOrigin/uBlock-issues/issues/1691) - [Add $path modifier of Adguard or any equivalents of this](https://github.com/uBlockOrigin/uBlock-issues/issues/1690) - [The overview panel will not show everything if the uBO's icon is placed in the Firefox overflow menu](https://github.com/uBlockOrigin/uBlock-issues/issues/1604) - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of supported browsers has been increased to Chromium 61, Firefox 60, and Opera 48. ## Notable commits without en entry in the issue tracker - [Refactor hntrie to avoid the need for boundary cells](https://github.com/gorhill/uBlock/commit/c6fb70b1f0acb1003b516ceb678df27f6657b4f8) - [Fix bad test in WASM version of HNTrieContainer](https://github.com/gorhill/uBlock/commit/b54bf554a80c8640fb8c8064eeea48576974b0c2) - [Export the rule-based filtering engines to the nodejs package](https://github.com/gorhill/uBlock/commit/89c5653bc60d0a457358d6e862c8574bfc819675) - [Rewrite logical expressions for ESLint](https://github.com/gorhill/uBlock/commit/6ef74fc21ba87717330de12cfade8d1e65c702d5) - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-09-01T22:32:17+00:00 pm2 5.1.1 pm2 5.1.1 2021-09-02T06:39:01+00:00 - add back Node 10.x support - make pm2-sysmonit module optional - remove fast-printf and replace with sprintfjs 2021-09-02T06:39:01+00:00 intelmq 3.0.1 intelmq 3.0.1 2021-09-02T08:36:14+00:00 Installation documentation: https://intelmq.readthedocs.io/en/maintenance/user/installation.html Upgrade documentation: https://intelmq.readthedocs.io/en/maintenance/user/upgrade.html ### Core - `intelmq.lib.bot_debugger`: Fix accessing the bot's destination queues (PR#2027 by Mikk Margus Möll). - `intelmq.lib.pipeline`: Fix handling of `load_balance` parameter (PR#2027 by Mikk Margus Möll). - `intelmq.lib.bot`: Fix handling of parameter `destination_queues` if value is an empty dictionary (PR#2051 by Sebastian Wagner, fixes #2034). ### Bots #### Collectors - `intelmq.bots.collectors.shodan.collector_stream`: Fix access to parameters, the bot wrongly used `self.parameters` (PR#2020 by Mikk Margus Möll). - `intelmq.bots.collectors.mail.collector_mail_attach`: Add attachment file name as `extra.file_name` also if the attachment is not compressed (PR#2021 by Alex Kaplan). - `intelmq.bots.collectors.http.collector_http_stream`: Fix access to parameters, the bot wrongly used `self.parameters` (by Sebastian Wagner). #### Parsers - `intelmq.bots.parsers.microsoft.parser_ctip`: Map `Payload.domain` to `destination.fqdn` instead of `extra.payload.domain` as it matches to `destination.ip` from `DestinationIp` (PR#2023 by Sebastian Wagner). - Removed `intelmq.bots.parsers.malwaredomains` because the upstream data source (malwaredomains.com) does not exist anymore (PR#2026 by Birger Schacht, fixes #2024). - `intelmq.bots.parsers.shadowserver.config`: - Add support for feed "Vulnerable SMTP Server" (PR#2037 by Mikk Margus Möll). - Fix differentiation between feeds "Accessible HTTP" and "Vulnerable HTTP" (PR#2037 by Mikk Margus Möll, fixes #1984). - Add support for the new feeds *Microsoft Sinkhole Events Report*, *Microsoft Sinkhole HTTP Events Report* (PR#2036 by Birger Schacht). - Complement feed mappings and documentation for feeds with IPv4 and IPv6 variants (PR#2046 by Mikk Margus Möll and Sebastian Wagner). - Feed names with and without the optional IPv4/IPv6 postfix can be used now consistently. - Add support for feed "Honeypot HTTP Scan" (PR#2047 by Mikk Margus Möll). - Update filename mapping for changed filename of feed "Accessible-MSRDPUDP" (PR#2060 by abr4xc). #### Experts - `intelmq.bots.experts.gethostbyname.expert`: Handle numeric values for the `gaierrors_to_ignore` parameter (PR#2073 by Sebastian Wagner, fixes #2072). - `intelmq.bots.experts.filter.expert`: Fix handling of empty-string parameters `not_after` and `not_before` (PR#2075 by Sebastian Wagner, fixes #2074). #### Outputs - `intelmq.bots.outputs.mcafee.output_esm_ip`: Fix access to parameters, the bot wrongly used `self.parameters` (by Sebastian Wagner). - `intelmq.bots.outputs.misp.output_api`: Fix access to parameters, the bot wrongly used `self.parameters` (by Sebastian Wagner). - `intelmq.bots.outputs.smtp.output`: Add `Content-Disposition`-header to the attachment, fixing the display in Mail Clients as actual attachment (PR#2052 by Sebastian Wagner, fixes #2018). ### Documentation - Various formatting fixes (by Sebastian Wagner). - Removed the malwaredomains feed from the feeds list because the upstream data source (malwaredomains.com) does not exist anymore (PR#2026 by Birger Schacht, fixes #2024). - Update Docker installation instructions (PR#2035 by Sebastian Waldbauer). ### Packaging - intelmq-update-database crontab: Add missing `recordedfuture_iprisk` update call (by Sebastian Wagner). ### Tests - Replace calls to deprecated/undocumented `logging.warn` with `logging.warning` (by Sebastian Wagner, fixes #2013). - `intelmq.tests.bots.experts.rdap.test_expert`: Declare cache use, fixes build failures (by Sebastian Wagner, fixes #2014). - `intelmq.tests.bots.collectors.mail.test_collector_attach`: Test text attachment (by Sebastian Wagner). ### Tools - `intelmqctl`: - Also honour parameters from environment variables (PR#2068 by Sebastian Wagner, fixes #2063). - Fix management actions (start/stop/status/reload/restart) for groups (PR#2086 by Sebastian Wagner, fixes #2085). - Do not use hardcoded logging path in `/opt/intelmq`, use the internal default instead (PR#2092 by Sebastian Wagner, fixes #2091). ### Known issues See [open bug reports](https://github.com/certtools/intelmq/issues?q=is%3Aissue+is%3Aopen+label%3Abug) for a more detailed list. - ParserBot: erroneous raw line recovery in error handling (#1850). 2021-09-02T08:36:14+00:00 MONARC v2.11.0 MONARC v2.11.0 2021-09-02T12:29:58+00:00 ### New - having the possibility to define custom scales for operational risks ([#353](https://github.com/monarc-project/MonarcAppFO/issues/353)); - introduction of the risk context and the risk owner ([#21](https://github.com/monarc-project/MonarcAppFO/issues/21), [#186](https://github.com/monarc-project/MonarcAppFO/issues/186)). ### Fix - update-all.sh: Could not read from remote repository ([#365](https://github.com/monarc-project/MonarcAppFO/issues/365)); - some files in script do not have the correct permissions ([#364](https://github.com/monarc-project/MonarcAppFO/issues/364)). ![Screenshot_20210902_133851](https://user-images.githubusercontent.com/465400/131843376-d9b7420c-0c9f-430e-8269-42ef3478dbf2.png) ![Screenshot_20210902_134102](https://user-images.githubusercontent.com/465400/131843404-3cad5d50-406d-431c-84a7-4e7b80460ad9.png) ![Screenshot_20210902_142720](https://user-images.githubusercontent.com/465400/131843437-4ff5953d-3e5b-42bd-94cb-012baf2e868f.png) 2021-09-02T12:29:58+00:00 intelmq-manager 3.0.1 intelmq-manager 3.0.1 2021-09-02T13:27:55+00:00 Installation instructions: https://intelmq.readthedocs.io/en/maintenance/user/intelmq-manager.html ### Pages - Login: Show error messages as returned from the API instead of a constant string (PR#277 by Sebastian Wagner, fixes intelmq-api#35). #### Configuration - Fix working with edges between bots, by transmitting new edges to the server with the new API (PR#264 by Mikk Margus Möll). - Correctly hide the `destination_queues` parameter in the bot editor (PR#264 by Mikk Margus Möll). - Restore sane default bot IDs (PR#264 by Mikk Margus Möll, fixes #263). - Removed redundant `pipeline.js` file (PR#264 by Mikk Margus Möll). - Fix a race condition trying to call both the `/runtime` and `/positions` API endpoints at the same time, when `/runtime` is updating `runtime.yaml` at the same time that `/positions` is trying to parse it (PR#264 by Mikk Margus Möll). - internal improvements (PR#264 by Mikk Margus Möll): - edge IDs are now `${source_node}|${destination_node}|${edge_name}`. - some loops which previously iterated over every single edge should be a bit faster now. - various tweaks, like reducing the scope of variables and using string templates instead of string concatenation. - Fix saving new bots, led to an JS exception (PR#273 by Sebastian Wagner, fixes #272). - Open bot documentation in a new page (PR#274 by Birger Schacht, fixes #262). - Prohibit the user from creating a bot with an ID collision (PR#276 by Mikk Margus Möll, fixes #152). - Ask the user for confirmation to exit the page in case of unsaved changes (PR#276 by Mikk Margus Möll, fixes #212) #### Monitor - `ALLOWED_PATH` and `CONTROLLER_CMD` are defined in a separate JavaScript file, rather than being templated into the HTML, fixing Content-Security-Policy issues (PR#264 by Mikk Margus Möll, fixes #183). ### Known issues - Graph jumps around on "Add edge" (#148). - Monitor page: Automatic log refresh reset log page to first one (#190). - Load error if a bot has not optional `parameters` field in runtime configuration (#237). - Better error message for missing authentication (#238). - Configuration page: Keyboard shortcuts don't work (#260). - Edit Defaults: Documentation link just reloads (#261). 2021-09-02T13:27:55+00:00 tachyon 3.4.1 tachyon 3.4.1 2021-09-02T14:43:34+00:00 2021-09-02T14:43:34+00:00 traefik v2.5.2 traefik v2.5.2 2021-09-02T15:28:49+00:00 **Bug fixes:** - **[http3]** Upgrade github.com/lucas-clemente/quic-go to v0.23.0 ([#8413](https://github.com/traefik/traefik/pull/8413) by [sylr](https://github.com/sylr)) - **[middleware]** Fix empty body error for mirroring middleware ([#8381](https://github.com/traefik/traefik/pull/8381) by [antgubarev](https://github.com/antgubarev)) - **[tracing]** Bump go.elastic.co/apm version to v1.13.1 ([#8399](https://github.com/traefik/traefik/pull/8399) by [rtribotte](https://github.com/rtribotte)) - Update x/sys to support go 1.17 ([#8368](https://github.com/traefik/traefik/pull/8368) by [roopakv](https://github.com/roopakv)) - Bump Alpine docker image version from 3.11 to 3.14 for official Traefik images **Documentation:** - **[k8s/ingress,k8s]** Adds pathType for v1 ingresses examples ([#8392](https://github.com/traefik/traefik/pull/8392) by [rtribotte](https://github.com/rtribotte)) - Fix http scheme urls in documentation ([#8395](https://github.com/traefik/traefik/pull/8395) by [rtribotte](https://github.com/rtribotte)) 2021-09-02T15:28:49+00:00 PacketFence v11.0.0 PacketFence v11.0.0 2021-09-02T17:19:12+00:00 ![v11](https://www.packetfence.org/campaigns/img/v11/pf.png) The Inverse team is pleased to announce the immediate availability of PacketFence v11 - a breakthrough release in network security! ## RHEL v8 and Debian 11 Support PacketFence v11 now fully supports Red Hat Enterprise Linux 8 (RHEL v8) and Debian 11. Both operating systems bring major performance, stability, and security improvements to PacketFence for many years to come. RHEL v8 alternatives such as AlmaLinux, Oracle Linux, and Rocky Linux can be used. ## Google Workspace Integration PacketFence v11 now natively integrates with Google Workspace for LDAP-based authentication. Moreover, PacketFence now provides a Google Workspace Chromebook provisioner to automatically onboard organization-owned Chromebook devices and assign them a role. PacketFence can now also raise a security event when a Chromebook becomes inactive and provides a way to import all activated Chromebooks part of an organization. ## Microsoft Azure Integration PacketFence now integrates with Microsoft Azure Active Directory for authenticating users on the captive portal, the admin interface, and performing 802.1X user authentication using EAP-TTLS PAP. Greatly enhances the integration possibilities of PacketFence in Azure-based Cloud environments. ## Automation of Upgrades Starting from PacketFence v11, upgrades are fully automated. No more scripts to run, database schema changes to apply, and more. This release also provides a way to export your v10.3 installation and migrate to v11 in a snap! ## Logs Forwarding PacketFence now supports forwarding of all database-stored logs. That means that the RADIUS audit log, DHCP audit log, DNS audit log, and admin access audit log can be fully exported to a remote syslog server - ensuring compliance with more security regulations. ## ... and more! PacketFence v11 provides additional important features such as SCEP support for Microsoft Intune and AirWatch, Venom tests for Inline L3, massive performance improvements to the admin interface, multi-tenancy improvements, and much more. --- Here's the complete list of changes included in this release: #### New Features * Red Hat Enterprise Linux 8 and Debian 11 support * Microsoft Azure AD authentication and authorization support (#6380) * Google Workspace integration for LDAP and Chromebooks * Automation of upgrades from 10.3 and above (#6438) * Forwarding support for audit logs stored in database #### Enhancements * Microsoft Intune SCEP support (#6360) * Venom inline L3 (PR #6266) * Massively improved web admin performance * LDAP source now supports client certificates * AirWatch SCEP documentation * Rewrite the username of the request from RADIUS `preProcess` filter (#6293) * Upgrade to golang 1.16.3 (#6343) * pfpki: configure OCSP to listen on specific interfaces (#5825) * Get maintenance patches through package manager (#6378) * Adjust Intune integration to support pagination of the managed devices (#6135) * Add an option to force the vip as the default gateway on layer2 registration network (#6406) * Firewall SSO is tenant aware (#6384) * Added conditions on owner information in the RADIUS filters (#6324) * CLI access support for Avaya Switches (#6398) * Authorize a MAC address on all APs of the switch group when using the Unifi module (#6134) * Macro documentation for filter engine (#6392) * Expose the source directory of documentation from Caddy (#6315) * Audit successful admin login in the admin audit log. (#6345) * Allow users to resend the SMS pin * Improve the speed of retrieving switches (#6321) #### Bug Fixes * Configurator sets valid_from field to current time in place of 1970-01-01 00:00:00 * Support switch_group in advanced filters (#6379) * Authentication rule condition basedn matching does not work (Authentication rule condition basedn matching does not work #6402) * Filter netdata incoming connection (#6303) * CLI switch access for Avaya ERS Switches (#6399) * Avoid duplicate log entries "User <username> has authenticated on the portal" * Backup DB using MariaDB-backup does not work on standalone installations (#6424) * Normalize connection_sub_type to use the numeric value (#6326) * Expired switches for all tenants (#6024) 2021-09-02T17:19:12+00:00 DevSkim v0.4.250 DevSkim v0.4.250 2021-09-02T19:21:57+00:00 ## Changes: * 423c423edf0b824a8bfabdcfe93c67326469a929 Output the column and line information for findings. (#315) * a9c65ecf802dacff319b3a3bd32a3e546d592e83 Gfs/fix blazor (#314) * 9b6c40f0052819c422420774e6934c638f9a10db Update Index.razor (#313) * 38eb8b430c4a88d553bd4a916d15abcff67688ba Bump path-parse from 1.0.6 to 1.0.7 in /DevSkim-VSCode-Plugin (#312) * 82277de8cbb9b19daf8e00dd5a80a9c24021adf6 Bump path-parse from 1.0.6 to 1.0.7 in /DevSkim-VSCode-Plugin/client (#311) * 1a15e7a55f76c2de9b1c64fb3ce9bb7ded15f385 Bump tar from 4.4.13 to 4.4.15 in /DevSkim-VSCode-Plugin (#310) This list of changes was [auto generated](https://twcsecurityassurance.visualstudio.com/SecurityEngineering/_build/results?buildId=10175&view=logs). 2021-09-02T19:21:57+00:00 maltrail 0.37 maltrail 0.37 2021-09-02T19:35:17+00:00 Start-of-month release 2021-09-02T19:35:17+00:00 turbinia 20210902 turbinia 20210902 2021-09-02T22:07:03+00:00 2021-09-02T22:07:03+00:00 osquery 5.0.1 osquery 5.0.1 2021-09-03T03:39:13+00:00 Next 5.0 beta! Moving along 2021-09-03T03:39:13+00:00 CyberChef v9.32.3 CyberChef v9.32.3 2021-09-03T14:06:08+00:00 See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details. 2021-09-03T14:06:08+00:00 cfssl v1.6.1 cfssl v1.6.1 2021-09-03T15:28:11+00:00 ## Changelog 87f86f1 Add loglevel flag for multiroot-ca 29ae05f Merge pull request #1189 from cloudflare/nicky/fix-coreos-mod-rename 1f29b04 Merge pull request #1191 from Rutori/loglevel-multiroot-ca f4208c6 Merge pull request #1195 from BowonY/bowon/avoid-select-all b2552ca fix upgrading transitive coreos dependency breakage 19c09ff pick columns to get revoked/unexpired certs e582ed4 remove -u flag from readme, link to releases bea2d3d remove old go versions from travis 2021-09-03T15:28:11+00:00 caddy v2.4.5 caddy v2.4.5 2021-09-03T18:54:23+00:00 A hotfix for a regression introduced in v2.4.4 related to combining the `encode` and `reverse_proxy` directives. ## Changelog 9f6393c6 cmd: export CaddyVersion(), Commands() (#4316) 4ebf100f encode: ignore flushing until after first write (#4318) 46ab93be go.mod: Update CertMagic 2021-09-03T18:54:23+00:00 DevSkim v0.4.251 DevSkim v0.4.251 2021-09-03T19:53:55+00:00 ## Changes: * 4daf5f442a05302cb3ac351b583baa6fe09e129f Map the devskim levels to sarif levels (#317) This list of changes was [auto generated](https://twcsecurityassurance.visualstudio.com/SecurityEngineering/_build/results?buildId=10185&view=logs). 2021-09-03T19:53:55+00:00 beef v5.0.1.0 beef v5.0.1.0 2021-09-04T04:57:22+00:00 ## Fixes Added libcurl4-openssl-dev to apt command #1807 Added JSDoc to backend JS API #1813 Fixed Active Record tables #1814, #1816 Removed LiveCD directory and reference in Metasploit config.yaml #1815 Replaced yaml.load with yaml.safe_load #1816 Use SecureRandom for API token generation #1817 Updated copyright for 2021 #1821 Fixed broken admin ui access #1845 Fixed test to run in random order #1848 Improvements for AssetHandler #1853 Requester extension fixes #1858 Updated Ruby to 2.7.x for Travis Use OID-style key/value data for BrowserDetails network details #1861 Fixed build_recursive_tree() #1866 Added error handling when loading extensions #1873 Auto get geoipdb changed access #1870 Upates to Network Serivce model #1885 Fixed bug in ARE execution #1886 Changed how websocket hooked browsers time out #1888 Updating portscanner for modern browsers Made travis.ci only run on master #1893 Create SW Port Scanner Remove arerule from enabled by default #1895 Updated command js for more functionality #1896 Added a new rvm language for the docker container #1897 Updated command.js for sw_network_proxy #1898 General spelling mistake fixes #1912 Replace autocomplete_theft with get_autocomplete_creds #1874 BrowserStack Integration #1920 Bump jsdoc-to-markdown from 5.0.3 to 6.0.1 #1933 Sudo for gem install for Kali #1940 Ruby package manager check #1940 Fixed array unique function in browser.js #1966 Fixed Pretty Theft Missing Credentials JS Error #1956 Fixed ARE New Zombie Execution Error #1957 Update dependencies Sinatra, rack, Rack Protections, Ugifier, Nokogiri, Rake and OTR Active Record #1961 Fix country_code is null #1975 Update contextis url in config.yml #1982 Fix XSSRays error when using ActiveRecord #1984 Excluded hooking subnet improvements #1973 Click Jack Attack CSS fixes #2046 Include URI query string in proxied requests #1971 Bump nokogiri version due to CVE #2048 Fix could not find table webcloners #2010 AdminUI: Use correct hook file path for bookmarlet hook URL #2099 Fix No connection pool for 'ActiveRecord::Base' found #2134   Thanks to   @klezVirus, @bcoles, @jcrew, @wheatley, @sopsmattw, @1124219777, @P-arag, @justinsteven, @raskoln1kov, @jackdwalker,  @JessWil, @P-arag, @grantrburgess, @sopsmattw, @H4xl0r, @superuserx, @aburro, @DeezyE 2021-09-04T04:57:22+00:00 celery v5.2.0b3 celery v5.2.0b3 2021-09-04T15:58:18+00:00 2021-09-04T15:58:18+00:00 uBlock 1.37.3rc0 uBlock 1.37.3rc0 2021-09-04T15:59:23+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3rc0...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3rc0.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3rc0/uBlock0_1.37.3rc0.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3rc0.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3rc0/uBlock0_1.37.3rc0.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **Node.js**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.37.3rc0.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.37.3rc0/uBlock0_1.37.3rc0.npm.tgz). --- ## New ### :matches-path(...) New cosmetic procedural operator, `:matches-path(...)`. See ["Add $path modifier of Adguard or any equivalents of this"](https://github.com/uBlockOrigin/uBlock-issues/issues/1690). ### Node.js A new Node.js package will now published with every release. The package allows to import and use uBO's static and dynamic filtering engines into Node.js. This is currently minimal and a first iteration, and issues regarding the Node.js package are accepted in order to improve usability of uBO's filtering engines in a Node.js package. The ability to run code from a Node.js package also opens the door to have [test coverage](https://en.wikipedia.org/wiki/Code_coverage) in uBO. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with Node.js environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [Scriptlets don't work randomly in Firefox](https://github.com/uBlockOrigin/uBlock-issues/issues/1694) - [Security: comments can be used to smuggle url() functions into css values](https://github.com/uBlockOrigin/uBlock-issues/issues/1693) - [Prevent uBO from hiding html or body when matched by a generic cosmetic filter](https://github.com/uBlockOrigin/uBlock-issues/issues/1692) - [On Android Popup Overlays [or Underlays] On-Screen Navigation Buttons](https://github.com/uBlockOrigin/uBlock-issues/issues/1691) - [Add $path modifier of Adguard or any equivalents of this](https://github.com/uBlockOrigin/uBlock-issues/issues/1690) - [The overview panel will not show everything if the uBO's icon is placed in the Firefox overflow menu](https://github.com/uBlockOrigin/uBlock-issues/issues/1604) - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of supported browsers has been increased to Chromium 61, Firefox 60, and Opera 48. ## Notable commits without en entry in the issue tracker - [Refactor hntrie to avoid the need for boundary cells](https://github.com/gorhill/uBlock/commit/c6fb70b1f0acb1003b516ceb678df27f6657b4f8) - [Fix bad test in WASM version of HNTrieContainer](https://github.com/gorhill/uBlock/commit/b54bf554a80c8640fb8c8064eeea48576974b0c2) - [Export the rule-based filtering engines to the nodejs package](https://github.com/gorhill/uBlock/commit/89c5653bc60d0a457358d6e862c8574bfc819675) - [Rewrite logical expressions for ESLint](https://github.com/gorhill/uBlock/commit/6ef74fc21ba87717330de12cfade8d1e65c702d5) - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-09-04T15:59:23+00:00 asciidoctor-pdf v1.6.1 asciidoctor-pdf v1.6.1 2021-09-05T07:12:34+00:00 ## Summary This is a bug fix release for the v1.6.x line to fix a regression introduced into Prawn by a change in Ruby 3. It also includes a backport of the footnotes alignment from the v2.0.x line. ## Distribution - [RubyGem (asciidoctor-pdf)](https://rubygems.org/gems/asciidoctor-pdf) ## Changelog ### Enhancements * align footnotes block to the bottom of the page it is placed on (#1833) ### Bug Fixes * don't strip leading null character from fragment text when arranging lines when running on Ruby 3 (#1963) ## Release meta Released on: 2021-05-10 Released by: @mojavelinux Release beer: Dragon's Milk Reserve by New Holland Brewing Logs: [full diff](https://github.com/asciidoctor/asciidoctor-pdf/compare/v1.6.0...v1.6.1) ## Credits A very special thanks to all the **awesome** [supporters of the Asciidoctor OpenCollective campaign](https://opencollective.com/asciidoctor) who provided critical funding for the development of this release as well as ongoing development of the project. 2021-09-05T07:12:34+00:00 seaweedfs 2.66 seaweedfs 2.66 2021-09-05T23:22:54+00:00 * [Cloud Drive](https://github.com/chrislusf/seaweedfs/wiki/Cloud-Drive-Architecture) cache and sync cloud data to local SeaweedFS cluster * Adds [Gateway to Remote Object Storage](https://github.com/chrislusf/seaweedfs/wiki/Gateway-to-Remote-Object-Storage) to automatically create or delete buckets on remote object storage. * Adds support for Storj. * Adds support for Filebase * Adds support for HDFS (WIP) * Volume Server * Moving files also copies modification time, to ensure TTL volumes can work as expected. * Filer Store * Supports TiKV * S3 API * CopyObject return http Status 400 Bad Request for non-existing source #2306 Improvements * Detect IPv6 adddresses #2310 * Grafana page improves on S3 cost analysis #2290 2021-09-05T23:22:54+00:00 wazuh v4.2.1 wazuh v4.2.1 2021-09-06T07:19:50+00:00 ## Fixed - **Installer:** - Fixed a bug in the upgrade to 4.2.0 that disabled Eventchannel support on Windows agent. ([#9973](https://github.com/wazuh/wazuh/issues/9973)) - **Modules:** - Fixed a bug with Python-based integration modules causing the integrations to stop working in agents for Wazuh v4.2.0. ([#9975](https://github.com/wazuh/wazuh/issues/9975)) 2021-09-06T07:19:50+00:00 BGPalerter v1.28.3 BGPalerter v1.28.3 2021-09-06T09:57:25+00:00 2021-09-06T09:57:25+00:00 MONARC v2.11.0-p1 MONARC v2.11.0-p1 2021-09-06T11:03:55+00:00 [small fix](https://github.com/monarc-project/zm-client/commit/57368ae4a234f923ed339d2d4795b7e862323851) in the zm-client dependency for the import of risks. 2021-09-06T11:03:55+00:00 Loki v0.44.1 Loki v0.44.1 2021-09-06T12:03:25+00:00 - workaround for "owner" field supported in THOR only 2021-09-06T12:03:25+00:00 httpie 2.5.0 httpie 2.5.0 2021-09-06T18:29:23+00:00 - Added `--raw` to allow specifying the raw request body without extra processing as an alternative to `stdin`. ([#534](https://github.com/httpie/httpie/issues/534)) - Added support for XML formatting. ([#1129](https://github.com/httpie/httpie/issues/1129)) - Added internal support for file-like object responses to improve adapter plugin support. ([#1094](https://github.com/httpie/httpie/issues/1094)) - Fixed `--continue --download` with a single byte to be downloaded left. ([#1032](https://github.com/httpie/httpie/issues/1032)) - Fixed `--verbose` HTTP 307 redirects with streamed request body. ([#1088](https://github.com/httpie/httpie/issues/1088)) - Fixed handling of session files with `Cookie:` followed by other headers. ([#1126](https://github.com/httpie/httpie/issues/1126)) Join our Discord community: https://httpie.io/chat Install HTTPie: https://httpie.io/docs#installation Learn more: https://httpie.io 2021-09-06T18:29:23+00:00 seaweedfs 2.67 seaweedfs 2.67 2021-09-07T09:40:55+00:00 * S3 * Fix wrong checking during object copy. * `filer.remote.sync` * Automatically detect the primary remote storage * Randomize bucket name in remote storage to avoid bucket name conflicts. 2021-09-07T09:40:55+00:00 syncthing v1.18.2 syncthing v1.18.2 2021-09-07T11:52:20+00:00 Bugfixes: - #7827: The error message "given name ... differs from filesystem name ..." does not help users to resolve the issue - #7893: Updating ignores blocks GUI when IO slots are unavailable 2021-09-07T11:52:20+00:00 osv v0.0.5 osv v0.0.5 2021-09-08T03:15:43+00:00 First PyPI release. 2021-09-08T03:15:43+00:00 pia v3.0.2 pia v3.0.2 2021-09-08T12:24:12+00:00 ## FR Cette version contient les correctifs suivants : - Ajout langue Lettone (lv) - Ajout langue Bulgare (bg) (https://github.com/LINCnil/pia/issues/500) - Résolution d'un problème avec l'export .docx (https://github.com/LINCnil/pia/issues/565) - Résolution d'un problème avec l'export/import des bases de connaissances (https://github.com/LINCnil/pia/issues/556) - Le document .doc de l'analyse PIA a été transformé en .odt et la date a été ajouté dans le nom du fichier (https://github.com/LINCnil/pia/issues/356) - Autre : Traduction en FR du Wiki d'installation de pia-back, en plus de la version EN : https://github.com/LINCnil/pia-back/wiki ## EN This release contains the following fixes: - Add Latvian language (lv) - Add Bulgarian language (bg) (https://github.com/LINCnil/pia/issues/500) - Fix some error with the .doc export (https://github.com/LINCnil/pia/issues/565) - Fix some export/import error with knowledge bases (https://github.com/LINCnil/pia/issues/556) - The PIA report in .doc is now in .odt, and the date has been added in the filename (https://github.com/LINCnil/pia/issues/356) - Misc: French translations has been added to the pia-back installation wiki: https://github.com/LINCnil/pia-back/wiki 2021-09-08T12:24:12+00:00 syncthing v1.18.3-rc.1 syncthing v1.18.3-rc.1 2021-09-15T05:50:23+00:00 Bugfixes: - #7935: Panic after POST /rest/system/reset Enhancements: - #7940: "Currently Shared With Devices" list in the folder Sharing tab should be sorted alphabetically 2021-09-15T05:50:23+00:00 MOSP v0.16.0 MOSP v0.16.0 2021-09-15T09:05:12+00:00 This release introduces the locking of objects: #40 See the changelog for more details. ![Screenshot_20210915_110414](https://user-images.githubusercontent.com/465400/133404598-5b298b95-4d8f-4b9a-98ad-710ac36a6de1.png) 2021-09-15T09:05:12+00:00 reko version-0.10.1 reko version-0.10.1 2021-09-21T22:48:38+00:00 This maintenance release moves Reko from .NET Core 3.1 to .NET 5.0, resulting in some performance gains. It also fixes the MSI installers for Windows, which had several issues (including #1066 and #1067). Special thanks to @smx-smx for his work on his CI integration work. * The Reko build system now assumes C# 9.0 * Crude support for `#define` directives in the Reko C parser * Overhaul of PA-RISC and HP SOM loader * The command line driver `--version` switch displays the git hash used to build the binary. * Improvements in AArch64 disassembler and rewriter (with @rfalke as a driving force) 2021-09-21T22:48:38+00:00 pcileech v4.12 pcileech v4.12 2021-09-25T19:05:10+00:00 32-bit support (pcileech binary). 2021-09-25T19:05:10+00:00 syncthing v1.18.3-rc.2 syncthing v1.18.3-rc.2 2021-09-28T06:20:00+00:00 Bugfixes: - #7853: gui: Superfluous quotes - #7935: Panic after POST /rest/system/reset Enhancements: - #7940: "Currently Shared With Devices" list in the folder Sharing tab should be sorted alphabetically 2021-09-28T06:20:00+00:00 Lookyloo v1.9.0 Lookyloo v1.9.0 2021-09-28T16:23:08+00:00 # New features * Integration with [Phishtank](https://phishtank.org/) via [Phishtank Lookup](https://github.com/Lookyloo/phishtank-lookup) - [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-integration.html#_phishtank_lookup_v1_9). --- ![Screenshot_20210928_230824](https://user-images.githubusercontent.com/248875/135165983-d0329cec-42b8-45a5-86bf-6bb2d7da2ac0.png) --- * Simple [monitoring script](https://github.com/Lookyloo/lookyloo/blob/main/tools/monitoring.py) to keep an eye on the health of the instance, run it in a tmux/screen with watch. --- ![Screenshot_20210928_231107](https://user-images.githubusercontent.com/248875/135166271-1c893e8f-ef07-4419-8232-32f7c3c1aaf0.png) --- * Link in the tree menu to re-trigger a capture on the same URL. # Fixes * Improve logging entries, the date was incomplete. * Add UUID file in export. * Inform users when a capture failed critically and we have nothing to show. * Catch timeout when pushing to MISP (avoid exception) # Changes * Major improvements in caching, better handling of exceptions and keep a limited amount of pickles in memory. * Simplify code in the async capture script. * Add urlscan.io permalink in MISP export * Add phishtank permalink in MISP export * Move modules to dedicated files 2021-09-28T16:23:08+00:00 dalton v3.1.1 dalton v3.1.1 2021-09-30T03:02:20+00:00 - Fixed UI issue where the "Dump buffers" option was being shown for incompatible engine versions. (issue #139) - Server side enforcement ensuring "Dump buffers" will only be attempted for compatible versions. - Bumped the default agent versions in the ``docker-compose.yml`` file to be the latest. - Added ``INSTALL-AWS.rst`` file with instructions for quickly and easily spinning up Dalton in AWS. 2021-09-30T03:02:20+00:00 MOSP v0.17.0 MOSP v0.17.0 2021-09-30T12:32:57+00:00 This release introduces the management of collection of objects (https://github.com/CASES-LU/MOSP/issues/9). See the changelog for more details. ![Screenshot_20210930_145437](https://user-images.githubusercontent.com/465400/135458978-3c81e61a-287a-415d-b44e-c72c01b7ba76.png) 2021-09-30T12:32:57+00:00 maltrail 0.38 maltrail 0.38 2021-10-03T19:39:27+00:00 Start-of-month release 2021-10-03T19:39:27+00:00 syncthing v1.18.3 syncthing v1.18.3 2021-10-05T08:31:28+00:00 Bugfixes: - #7853: gui: Superfluous quotes - #7935: Panic after POST /rest/system/reset Enhancements: - #7940: "Currently Shared With Devices" list in the folder Sharing tab should be sorted alphabetically 2021-10-05T08:31:28+00:00 TheHive 4.1.11 TheHive 4.1.11 2021-10-07T03:17:17+00:00 ## [4.1.11](https://github.com/TheHive-Project/TheHive/milestone/81) (2021-10-06) **Implemented enhancements:** - [Feature Request] Add the ability to update type of observable [\#2125](https://github.com/TheHive-Project/TheHive/issues/2125) **Closed issues:** - [Bug] Editing Someone Else's Dashboard [\#2212](https://github.com/TheHive-Project/TheHive/issues/2212) **Fixed bugs:** - [Bug] Dashboard are shared in read only by default [\#2190](https://github.com/TheHive-Project/TheHive/issues/2190) - [Bug] Analyzer reports migration to 4.1.10 problem [\#2203](https://github.com/TheHive-Project/TheHive/issues/2203) 2021-10-07T03:17:17+00:00 syncthing v1.18.4-rc.1 syncthing v1.18.4-rc.1 2021-10-12T07:20:49+00:00 Bugfixes: - #7991: Encryption trailer not updated on shortcut - #7994: Index "out of sync with reality" on receive-encrypted folder - #8000: stdiscosrv + strelaysrv systemd services not restarting on upgrade 2021-10-12T07:20:49+00:00 MISP v2.4.149 MISP v2.4.149 2021-10-12T12:44:49+00:00 # MISP 2.4.149 released (Autumn care-package - STIX 2.1 support and Cerebrate integration) ![](https://www.misp-project.org/assets/images/misp-long.png) MISP 2.4.149 released including many bugs fixed along with some new and improved functionalities # New features - First stage of a massive rework of our STIX integration - Various improvements to the integration with Cerebrate # New STIX libraries - The first version of a long ongoing project to rework our entire STIX integration has finally been merged, thanks to the tireless work of @chrisr3d - Our converter libraries have embarked on a path of their own, becoming a standalone repository included by default in MISP, but also serving as a useful tool for anyone looking for a clean way of converting between the [MISP standard format](https://www.misp-standard.org/) and various STIX versions (1.1.1, 1.2, 2.0, 2.1). - The libraries are still work in progress, but continuously improved, follow [misp-stix](https://github.com/MISP/misp-stix) - Included is also a detailed documentation, which also serves as a knowledge base for the mapping between the two formats, available under the [documentation](https://github.com/MISP/misp-stix/tree/main/documentation) sub-directory - From this release on, you have more control over which STIX version is used when exporting STIX data from MISP, by specifying the "stix_version" to be returned (supported versions for STIX 1: 1.1.1 and 1.2. For STIX 2: 2.0 and 2.1) # Cerebrate integration - Allow the fetching of sharing group data from Cerebrate instances, our new open source tool in development aiming to solve a host of issues revolving around community management and orchestration. Our first official release of the tool is scheduled for the MISP summit coming up this month - To follow the cerebrate project, head over to its [github page](https://github.com/cerebrate-project/cerebrate) - For the MISP summit to be held on the 21st of October, don't forget to watch the [misp-summit](https://www.misp-project.org/misp-summit). You can still apply for the [Call-for-Presentation](https://cfp.hack.lu/misp-2021/cfp). # mail2misp release 1.0 First [official release 1.0 of mail2misp](https://github.com/MISP/mail_to_misp/releases/tag/v1.0), it's a tool to connect your mail infrastructure to MISP to create events based on the information contained within mail. The solution can be also used to feed MISP instance with honeypot receiving emails. # Various improvements - A long list of improvements, massive thanks to @JakubOnderka for the continuous stream of improvements and quality of life changes - Thanks to the work of @righel, our [OpenAPI documentation](https://www.misp-project.org/documentation/openapi.html) is becoming more and more complete, now covering a long list of the more exotic endpoints and options # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-10-12T12:44:49+00:00 rocksdb v6.23.3 rocksdb v6.23.3 2021-10-13T22:57:24+00:00 ## 6.23.3 (2021-08-09) ### Bug Fixes * Removed a call to `RenameFile()` on a non-existent info log file ("LOG") when opening a new DB. Such a call was guaranteed to fail though did not impact applications since we swallowed the error. Now we also stopped swallowing errors in renaming "LOG" file. * Fixed a bug affecting the batched `MultiGet` API when used with keys spanning multiple column families and `sorted_input == false`. ## 6.23.2 (2021-08-04) ### Bug Fixes * Fixed a race related to the destruction of `ColumnFamilyData` objects. The earlier logic unlocked the DB mutex before destroying the thread-local `SuperVersion` pointers, which could result in a process crash if another thread managed to get a reference to the `ColumnFamilyData` object. * Fixed an issue where `OnFlushCompleted` was not called for atomic flush. ## 6.23.1 (2021-07-22) ### Bug Fixes * Fix a race condition during multiple DB instances opening. ## 6.23.0 (2021-07-16) ### Behavior Changes * Obsolete keys in the bottommost level that were preserved for a snapshot will now be cleaned upon snapshot release in all cases. This form of compaction (snapshot release triggered compaction) previously had an artificial limitation that multiple tombstones needed to be present. ### Bug Fixes * Blob file checksums are now printed in hexadecimal format when using the `manifest_dump` `ldb` command. * `GetLiveFilesMetaData()` now populates the `temperature`, `oldest_ancester_time`, and `file_creation_time` fields of its `LiveFileMetaData` results when the information is available. Previously these fields always contained zero indicating unknown. * Fix mismatches of OnCompaction{Begin,Completed} in case of DisableManualCompaction(). * Fix continuous logging of an existing background error on every user write * Fix a bug that `Get()` return Status::OK() and an empty value for non-existent key when `read_options.read_tier = kBlockCacheTier`. * Fix a bug that stat in `get_context` didn't accumulate to statistics when query is failed. ### New Features * ldb has a new feature, `list_live_files_metadata`, that shows the live SST files, as well as their LSM storage level and the column family they belong to. * The new BlobDB implementation now tracks the amount of garbage in each blob file in the MANIFEST. * Integrated BlobDB now supports Merge with base values (Put/Delete etc.). * RemoteCompaction supports sub-compaction, the job_id in the user interface is changed from `int` to `uint64_t` to support sub-compaction id. * Expose statistics option in RemoteCompaction worker. ### Public API change * Added APIs to the Customizable class to allow developers to create their own Customizable classes. Created the utilities/customizable_util.h file to contain helper methods for developing new Customizable classes. * Change signature of SecondaryCache::Name(). Make SecondaryCache customizable and add SecondaryCache::CreateFromString method. 2021-10-13T22:57:24+00:00 rocksdb v6.24.2 rocksdb v6.24.2 2021-10-13T23:22:17+00:00 ## 6.24.2 (2021-09-16) ### Bug Fixes * Add checks for validity of the IO uring completion queue entries, and fail the BlockBasedTableReader MultiGet sub-batch if there's an invalid completion ## 6.24.1 (2021-08-31) ### Bug Fixes * Fix a race in item ref counting in LRUCache when promoting an item from the SecondaryCache. ## 6.24.0 (2021-08-20) ### Bug Fixes * If the primary's CURRENT file is missing or inaccessible, the secondary instance should not hang repeatedly trying to switch to a new MANIFEST. It should instead return the error code encountered while accessing the file. * Restoring backups with BackupEngine is now a logically atomic operation, so that if a restore operation is interrupted, DB::Open on it will fail. Using BackupEngineOptions::sync (default) ensures atomicity even in case of power loss or OS crash. * Fixed a race related to the destruction of `ColumnFamilyData` objects. The earlier logic unlocked the DB mutex before destroying the thread-local `SuperVersion` pointers, which could result in a process crash if another thread managed to get a reference to the `ColumnFamilyData` object. * Removed a call to `RenameFile()` on a non-existent info log file ("LOG") when opening a new DB. Such a call was guaranteed to fail though did not impact applications since we swallowed the error. Now we also stopped swallowing errors in renaming "LOG" file. * Fixed an issue where `OnFlushCompleted` was not called for atomic flush. * Fixed a bug affecting the batched `MultiGet` API when used with keys spanning multiple column families and `sorted_input == false`. * Fixed a potential incorrect result in opt mode and assertion failures caused by releasing snapshot(s) during compaction. * Fixed passing of BlobFileCompletionCallback to Compaction job and Atomic flush job which was default paramter (nullptr). BlobFileCompletitionCallback is internal callback that manages addition of blob files to SSTFileManager. * Fixed MultiGet not updating the block_read_count and block_read_byte PerfContext counters ### New Features * Made the EventListener extend the Customizable class. * EventListeners that have a non-empty Name() and that are registered with the ObjectRegistry can now be serialized to/from the OPTIONS file. * Insert warm blocks (data blocks, uncompressed dict blocks, index and filter blocks) in Block cache during flush under option BlockBasedTableOptions.prepopulate_block_cache. Previously it was enabled for only data blocks. * BlockBasedTableOptions.prepopulate_block_cache can be dynamically configured using DB::SetOptions. * Add CompactionOptionsFIFO.age_for_warm, which allows RocksDB to move old files to warm tier in FIFO compactions. Note that file temperature is still an experimental feature. * Add a comment to suggest btrfs user to disable file preallocation by setting `options.allow_fallocate=false`. * Fast forward option in Trace replay changed to double type to allow replaying at a lower speed, by settings the value between 0 and 1. This option can be set via `ReplayOptions` in `Replayer::Replay()`, or via `--trace_replay_fast_forward` in db_bench. * Add property `LiveSstFilesSizeAtTemperature` to retrieve sst file size at different temperature. * Added a stat rocksdb.secondary.cache.hits * Added a PerfContext counter secondary_cache_hit_count * The integrated BlobDB implementation now supports the tickers `BLOB_DB_BLOB_FILE_BYTES_READ`, `BLOB_DB_GC_NUM_KEYS_RELOCATED`, and `BLOB_DB_GC_BYTES_RELOCATED`, as well as the histograms `BLOB_DB_COMPRESSION_MICROS` and `BLOB_DB_DECOMPRESSION_MICROS`. * Added hybrid configuration of Ribbon filter and Bloom filter where some LSM levels use Ribbon for memory space efficiency and some use Bloom for speed. See NewRibbonFilterPolicy. This also changes the default behavior of NewRibbonFilterPolicy to use Bloom for flushes under Leveled and Universal compaction and Ribbon otherwise. The C API function `rocksdb_filterpolicy_create_ribbon` is unchanged but adds new `rocksdb_filterpolicy_create_ribbon_hybrid`. ### Public API change * Added APIs to decode and replay trace file via Replayer class. Added `DB::NewDefaultReplayer()` to create a default Replayer instance. Added `TraceReader::Reset()` to restart reading a trace file. Created trace_record.h, trace_record_result.h and utilities/replayer.h files to access the decoded Trace records, replay them, and query the actual operation results. * Added Configurable::GetOptionsMap to the public API for use in creating new Customizable classes. * Generalized bits_per_key parameters in C API from int to double for greater configurability. Although this is a compatible change for existing C source code, anything depending on C API signatures, such as foreign function interfaces, will need to be updated. ### Performance Improvements * Try to avoid updating DBOptions if `SetDBOptions()` does not change any option value. ### Behavior Changes * `StringAppendOperator` additionally accepts a string as the delimiter. * BackupEngineOptions::sync (default true) now applies to restoring backups in addition to creating backups. This could slow down restores, but ensures they are fully persisted before returning OK. (Consider increasing max_background_operations to improve performance.) 2021-10-13T23:22:17+00:00 rocksdb v6.25.1 rocksdb v6.25.1 2021-10-13T23:31:48+00:00 ## 6.25.1 (2021-09-28) ### Bug Fixes * Fixes a bug in directed IO mode when calling MultiGet() for blobs in the same blob file. The bug is caused by not sorting the blob read requests by file offsets. ## 6.25.0 (2021-09-20) ### Bug Fixes * Allow secondary instance to refresh iterator. Assign read seq after referencing SuperVersion. * Fixed a bug of secondary instance's last_sequence going backward, and reads on the secondary fail to see recent updates from the primary. * Fixed a bug that could lead to duplicate DB ID or DB session ID in POSIX environments without /proc/sys/kernel/random/uuid. * Fix a race in DumpStats() with column family destruction due to not taking a Ref on each entry while iterating the ColumnFamilySet. * Fix a race in item ref counting in LRUCache when promoting an item from the SecondaryCache. * Fix a race in BackupEngine if RateLimiter is reconfigured during concurrent Restore operations. * Fix a bug on POSIX in which failure to create a lock file (e.g. out of space) can prevent future LockFile attempts in the same process on the same file from succeeding. * Fix a bug that backup_rate_limiter and restore_rate_limiter in BackupEngine could not limit read rates. * Fix the implementation of `prepopulate_block_cache = kFlushOnly` to only apply to flushes rather than to all generated files. * Fix WAL log data corruption when using DBOptions.manual_wal_flush(true) and WriteOptions.sync(true) together. The sync WAL should work with locked log_write_mutex_. * Add checks for validity of the IO uring completion queue entries, and fail the BlockBasedTableReader MultiGet sub-batch if there's an invalid completion * Add an interface RocksDbIOUringEnable() that, if defined by the user, will allow them to enable/disable the use of IO uring by RocksDB * Fix the bug that when direct I/O is used and MultiRead() returns a short result, RandomAccessFileReader::MultiRead() still returns full size buffer, with returned short value together with some data in original buffer. This bug is unlikely cause incorrect results, because (1) since FileSystem layer is expected to retry on short result, returning short results is only possible when asking more bytes in the end of the file, which RocksDB doesn't do when using MultiRead(); (2) checksum is unlikely to match. ### New Features * RemoteCompaction's interface now includes `db_name`, `db_id`, `session_id`, which could help the user uniquely identify compaction job between db instances and sessions. * Added a ticker statistic, "rocksdb.verify_checksum.read.bytes", reporting how many bytes were read from file to serve `VerifyChecksum()` and `VerifyFileChecksums()` queries. * Added ticker statistics, "rocksdb.backup.read.bytes" and "rocksdb.backup.write.bytes", reporting how many bytes were read and written during backup. * Added properties for BlobDB: `rocksdb.num-blob-files`, `rocksdb.blob-stats`, `rocksdb.total-blob-file-size`, and `rocksdb.live-blob-file-size`. The existing property `rocksdb.estimate_live-data-size` was also extended to include live bytes residing in blob files. * Added two new RateLimiter IOPriorities: `Env::IO_USER`,`Env::IO_MID`. `Env::IO_USER` will have superior priority over all other RateLimiter IOPriorities without being subject to fair scheduling constraint. * `SstFileWriter` now supports `Put`s and `Delete`s with user-defined timestamps. Note that the ingestion logic itself is not timestamp-aware yet. * Allow a single write batch to include keys from multiple column families whose timestamps' formats can differ. For example, some column families may disable timestamp, while others enable timestamp. * Add compaction priority information in RemoteCompaction, which can be used to schedule high priority job first. * Added new callback APIs `OnBlobFileCreationStarted`,`OnBlobFileCreated`and `OnBlobFileDeleted` in `EventListener` class of listener.h. It notifies listeners during creation/deletion of individual blob files in Integrated BlobDB. It also log blob file creation finished event and deletion event in LOG file. * Batch blob read requests for `DB::MultiGet` using `MultiRead`. * Add support for fallback to local compaction, the user can return `CompactionServiceJobStatus::kUseLocal` to instruct RocksDB to run the compaction locally instead of waiting for the remote compaction result. * Add built-in rate limiter's implementation of `RateLimiter::GetTotalPendingRequest(int64_t* total_pending_requests, const Env::IOPriority pri)` for the total number of requests that are pending for bytes in the rate limiter. * Charge memory usage during data buffering, from which training samples are gathered for dictionary compression, to block cache. Unbuffering data can now be triggered if the block cache becomes full and `strict_capacity_limit=true` for the block cache, in addition to existing conditions that can trigger unbuffering. ### Public API change * Remove obsolete implementation details FullKey and ParseFullKey from public API * Change `SstFileMetaData::size` from `size_t` to `uint64_t`. * Made Statistics extend the Customizable class and added a CreateFromString method. Implementations of Statistics need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Extended `FlushJobInfo` and `CompactionJobInfo` in listener.h to provide information about the blob files generated by a flush/compaction and garbage collected during compaction in Integrated BlobDB. Added struct members `blob_file_addition_infos` and `blob_file_garbage_infos` that contain this information. * Extended parameter `output_file_names` of `CompactFiles` API to also include paths of the blob files generated by the compaction in Integrated BlobDB. * Most `BackupEngine` functions now return `IOStatus` instead of `Status`. Most existing code should be compatible with this change but some calls might need to be updated. 2021-10-13T23:31:48+00:00 DC3-MWCP 3.4.0 DC3-MWCP 3.4.0 2021-10-15T01:14:44+00:00 2021-10-15T01:14:44+00:00 rocksdb v6.25.3 rocksdb v6.25.3 2021-10-15T21:13:42+00:00 ## 6.25.3 (2021-10-14) ### Bug Fixes * Fixed bug in calls to `IngestExternalFiles()` with files for multiple column families. The bug could have introduced a delay in ingested file keys becoming visible after `IngestExternalFiles()` returned. Furthermore, mutations to ingested file keys while they were invisible could have been dropped (not necessarily immediately). * Fixed a possible race condition impacting users of `WriteBufferManager` who constructed it with `allow_stall == true`. The race condition led to undefined behavior (in our experience, typically a process crash). * Fixed a bug where stalled writes would remain stalled forever after the user calls `WriteBufferManager::SetBufferSize()` with `new_size == 0` to dynamically disable memory limiting. ## 6.25.2 (2021-10-11) ### Bug Fixes * Fix `DisableManualCompaction()` to cancel compactions even when they are waiting on automatic compactions to drain due to `CompactRangeOptions::exclusive_manual_compactions == true`. * Fix contract of `Env::ReopenWritableFile()` and `FileSystem::ReopenWritableFile()` to specify any existing file must not be deleted or truncated. 2021-10-15T21:13:42+00:00 MONARC v2.11.1 MONARC v2.11.1 2021-10-26T10:37:30+00:00 ### New - Add import of referential mapping from MOSP ([#391](https://github.com/monarc-project/MonarcAppFO/issues/391)). ### Fix - Subsuming CIA criteria according to the maximum criteria does not work ([#339](https://github.com/monarc-project/MonarcAppFO/issues/339)). - Incorrect sum and list of risks under the secondary assets ([#367](https://github.com/monarc-project/MonarcAppFO/issues/367)). - If impact adjustments are made not only at the level of the primary assets but also at the level of the secondary assets, these assets are listed more than once ([#387](https://github.com/monarc-project/MonarcAppFO/issues/387)). - Recommendation status change error in the Knowledge Base ([#393](https://github.com/monarc-project/MonarcAppFO/issues/393)). - Import issue of setting operational risks values ([#394](https://github.com/monarc-project/MonarcAppFO/issues/394)). - Fix possible circular iteration of the instance root -> parent -> child rendering ([#395](https://github.com/monarc-project/MonarcAppFO/issues/395)). - Mathematical representation of large numbers in the dashboard ([#398](https://github.com/monarc-project/MonarcAppFO/issues/398)). 2021-10-26T10:37:30+00:00 syncthing v1.18.4-rc.2 syncthing v1.18.4-rc.2 2021-10-27T13:35:19+00:00 Bugfixes: - #7991: Encryption trailer not updated on shortcut - #7994: Index "out of sync with reality" on receive-encrypted folder - #8000: stdiscosrv + strelaysrv systemd services not restarting on upgrade - #8012: Not retrying to sync when a new connection is established Enhancements: - #4293: make "Reduced by ignore patterns" label act like "editIgnoresButton" 2021-10-27T13:35:19+00:00 MOSP v0.17.1 MOSP v0.17.1 2021-10-28T11:13:40+00:00 ## What's Changed - Translated using Weblate (French) in https://github.com/CASES-LU/MOSP/pull/48 and many more new languages. - Added type check with mypy. - [templates] added functionality to share a collection on social websites via the btn-group menu. **Full Changelog**: https://github.com/CASES-LU/MOSP/compare/v0.17.0...v0.17.1 2021-10-28T11:13:40+00:00 TheHive 4.1.12 TheHive 4.1.12 2021-10-29T07:49:59+00:00 ## [4.1.12](https://github.com/TheHive-Project/TheHive/milestone/82) (2021-10-29) **Fixed bugs:** - [Bug] Upon case merge: missing webhook events about the operation performed on merged cases [\#1969](https://github.com/TheHive-Project/TheHive/issues/1969) - [Bug] Uploading zipped observables raises a ClassCastException [\#2224](https://github.com/TheHive-Project/TheHive/issues/2224) - [Bug] The search for an observable data is slow [\#2225](https://github.com/TheHive-Project/TheHive/issues/2225) - [Bug] Uploading files could cause TheHive crash with "too many open files" errror [\#2226](https://github.com/TheHive-Project/TheHive/issues/2226) - [Bug] Configuration containing endpoint with "authentication: none" cannot be written [\#2231](https://github.com/TheHive-Project/TheHive/issues/2231) 2021-10-29T07:49:59+00:00 maltrail 0.39 maltrail 0.39 2021-10-31T23:11:08+00:00 Start-of-month release 2021-10-31T23:11:08+00:00 syncthing v1.18.4 syncthing v1.18.4 2021-11-02T16:46:34+00:00 Bugfixes: - #7991: Encryption trailer not updated on shortcut - #7994: Index "out of sync with reality" on receive-encrypted folder - #8000: stdiscosrv + strelaysrv systemd services not restarting on upgrade - #8012: Not retrying to sync when a new connection is established Enhancements: - #4293: make "Reduced by ignore patterns" label act like "editIgnoresButton" 2021-11-02T16:46:34+00:00 OpenTAXII 0.2.1 OpenTAXII 0.2.1 2021-11-04T12:55:36+00:00 Changelog ========= 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-11-04T12:55:36+00:00 OpenTAXII 0.2.2 OpenTAXII 0.2.2 2021-11-05T16:11:01+00:00 Changelog ========= 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-11-05T16:11:01+00:00 osv v0.0.6 osv v0.0.6 2021-11-08T00:52:37+00:00 - Add Maven version expansion support. 2021-11-08T00:52:37+00:00 caddy v2.4.6 caddy v2.4.6 2021-11-08T21:47:28+00:00 This release contains bug fixes and minor enhancements, including [one patch](https://github.com/caddyserver/caddy/pull/4407) with potential security implications related to path matching. Notable patches: - Path matchers unescape/clean URI paths to normalize match space - Fix regex matching in `map` handler Notable enhancements: - `try_files` can now accept `=nnn` (e.g. `=404`) to yield a status code instead of a file. - Template actions `httpError` (stop eval and return HTTP error) and `import` (like `include` but changes template context) were added - New placeholder `{http.request.tls.client.certificate_der_base64}` ## Changelog 749e55c7 caddycmd: Add `--keep-backup` to upgrade commands (#4387) 062657d0 caddycmd: Add `--skip-standard` to `list-modules` command, quieter output (#4386) be5f77e8 caddycmd: fix caddy validate/fmt help message (#4377) 907e2d8d caddyhttp: Add support for triggering errors from `try_files` (#4346) cbb045a1 caddyhttp: Placeholder for client cert in DER + base64 format (#4241) e7457b43 caddyhttp: Sanitize the path before evaluating path matchers (#4407) 837cdc56 caddyhttp: reverseproxy: clarify warning for -insecure (#4379) 24fda751 caddytls: Mark storage clean timestamp at end of routine (#4401) a779e1b3 fastcgi: Fix Caddyfile parsing when `handle_response` is used (#4342) 3f2c3ecf fastcgi: Implement `try_files` override in Caddyfile directive (#4347) 64f8b557 fileserver: Fix compression breaks using httpInclude (#4352) (#4358) d3a02599 fileserver: Fix displayed file size if it is symlink (#4354) 0a5f7a67 fileserver: Make file listing links purple once visited (#4356) a21d5a00 fileserver: Prevent focusing filter from scrolling on page load (#4393) 33c70f41 fileserver: properly handle escaped/non-ascii paths (#4332) c4790d7f go.mod: Carefully upgrade some dependencies (fix #4251) 997e41de go.mod: Replace promptui with Apache-compatible fork (fix #4394) f376a38b go.mod: Update ACMEz and CertMagic a4372066 headers: Canonicalize case in replace (fix #4330) 012d2353 httpcaddyfile: Empty tls policy for internal http localhost (#4398) 0ffb2229 httpcaddyfile: Preserve IPv6 addresses through normalization (fix #4381) a2119c09 map: Fix 95c03506 (avoid repeated expansions) 95c03506 map: Fix regex mappings 3336faf2 reverseproxy: Log error at error level (fix #4360) b0920615 reverseproxy: Prevent copying the response if a response handler ran (#4388) f73f55db reverseproxy: Sanitize scheme and host on incoming requests (#4237) 5fda9610 templates: Add 'import' action (#4321) 16f75212 templates: Add tests for funcInclude and funcImport (#4357) 2392478b templates: Propagate httpError to HTTP response 2021-11-08T21:47:28+00:00 syncthing v1.18.5-rc.1 syncthing v1.18.5-rc.1 2021-11-10T10:18:20+00:00 Bugfixes: - #7715: Deleted encrypted files don't show up as locally changed in web UI 2021-11-10T10:18:20+00:00 rocksdb v6.26.0 rocksdb v6.26.0 2021-11-10T18:08:50+00:00 ## 6.26.0 (2021-10-20) ### Bug Fixes * Fixes a bug in directed IO mode when calling MultiGet() for blobs in the same blob file. The bug is caused by not sorting the blob read requests by file offsets. * Fix the incorrect disabling of SST rate limited deletion when the WAL and DB are in different directories. Only WAL rate limited deletion should be disabled if its in a different directory. * Fix `DisableManualCompaction()` to cancel compactions even when they are waiting on automatic compactions to drain due to `CompactRangeOptions::exclusive_manual_compactions == true`. * Fix contract of `Env::ReopenWritableFile()` and `FileSystem::ReopenWritableFile()` to specify any existing file must not be deleted or truncated. * Fixed bug in calls to `IngestExternalFiles()` with files for multiple column families. The bug could have introduced a delay in ingested file keys becoming visible after `IngestExternalFiles()` returned. Furthermore, mutations to ingested file keys while they were invisible could have been dropped (not necessarily immediately). * Fixed a possible race condition impacting users of `WriteBufferManager` who constructed it with `allow_stall == true`. The race condition led to undefined behavior (in our experience, typically a process crash). * Fixed a bug where stalled writes would remain stalled forever after the user calls `WriteBufferManager::SetBufferSize()` with `new_size == 0` to dynamically disable memory limiting. * Make `DB::close()` thread-safe. * Fix a bug in atomic flush where one bg flush thread will wait forever for a preceding bg flush thread to commit its result to MANIFEST but encounters an error which is mapped to a soft error (DB not stopped). ### New Features * Print information about blob files when using "ldb list_live_files_metadata" * Provided support for SingleDelete with user defined timestamp. * Experimental new function DB::GetLiveFilesStorageInfo offers essentially a unified version of other functions like GetLiveFiles, GetLiveFilesChecksumInfo, and GetSortedWalFiles. Checkpoints and backups could show small behavioral changes and/or improved performance as they now use this new API. * Add remote compaction read/write bytes statistics: `REMOTE_COMPACT_READ_BYTES`, `REMOTE_COMPACT_WRITE_BYTES`. * Introduce an experimental feature to dump out the blocks from block cache and insert them to the secondary cache to reduce the cache warmup time (e.g., used while migrating DB instance). More information are in `class CacheDumper` and `CacheDumpedLoader` at `rocksdb/utilities/cache_dump_load.h` Note that, this feature is subject to the potential change in the future, it is still experimental. * Introduced a new BlobDB configuration option `blob_garbage_collection_force_threshold`, which can be used to trigger compactions targeting the SST files which reference the oldest blob files when the ratio of garbage in those blob files meets or exceeds the specified threshold. This can reduce space amplification with skewed workloads where the affected SST files might not otherwise get picked up for compaction. * Added EXPERIMENTAL support for table file (SST) unique identifiers that are stable and universally unique, available with new function `GetUniqueIdFromTableProperties`. Only SST files from RocksDB >= 6.24 support unique IDs. * Added `GetMapProperty()` support for "rocksdb.dbstats" (`DB::Properties::kDBStats`). As a map property, it includes DB-level internal stats accumulated over the DB's lifetime, such as user write related stats and uptime. ### Public API change * Made SystemClock extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Made SliceTransform extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. The Capped and Prefixed transform classes return a short name (no length); use GetId for the fully qualified name. * Made FileChecksumGenFactory, SstPartitionerFactory, TablePropertiesCollectorFactory, and WalFilter extend the Customizable class and added a CreateFromString method. * Some fields of SstFileMetaData are deprecated for compatibility with new base class FileStorageInfo. * Add `file_temperature` to `IngestExternalFileArg` such that when ingesting SST files, we are able to indicate the temperature of the this batch of files. * If `DB::Close()` failed with a non aborted status, calling `DB::Close()` again will return the original status instead of Status::OK. * Add CacheTier to advanced_options.h to describe the cache tier we used. Add a `lowest_used_cache_tier` option to `DBOptions` (immutable) and pass it to BlockBasedTableReader. By default it is `CacheTier::kNonVolatileBlockTier`, which means, we always use both block cache (kVolatileTier) and secondary cache (kNonVolatileBlockTier). By set it to `CacheTier::kVolatileTier`, the DB will not use the secondary cache. * Even when options.max_compaction_bytes is hit, compaction output files are only cut when it aligns with grandparent files' boundaries. options.max_compaction_bytes could be slightly violated with the change, but the violation is no more than one target SST file size, which is usually much smaller. ### Performance Improvements * Improved CPU efficiency of building block-based table (SST) files (#9039 and #9040). ### Java API Changes * Add Java API bindings for new integrated BlobDB options * `keyMayExist()` supports ByteBuffer. * Fix multiget throwing Null Pointer Exception for num of keys > 70k (https://github.com/facebook/rocksdb/issues/8039). 2021-11-10T18:08:50+00:00 TheHive 4.1.13 TheHive 4.1.13 2021-11-12T10:05:06+00:00 ## [4.1.13](https://github.com/TheHive-Project/TheHive/milestone/83) (2021-11-08) **Implemented enhancements:** - [Feature Request] Add API to link alert and case after a broken migration from TH3 [\#2238](https://github.com/TheHive-Project/TheHive/issues/2238) **Fixed bugs:** - [Bug] Migration breaks links between alerts and cases thus rendering all alert statuses as ignored [\#2232](https://github.com/TheHive-Project/TheHive/issues/2232) - [Bug] Search Section results missing (Observables) [\#2233](https://github.com/TheHive-Project/TheHive/issues/2233) - [Enhancement] Accept slash in attachment filename [\#2240](https://github.com/TheHive-Project/TheHive/issues/2240) 2021-11-12T10:05:06+00:00 rocksdb v6.26.1 rocksdb v6.26.1 2021-11-18T22:47:43+00:00 ## 6.26.1 (2021-11-18) ### Bug Fixes * Fix builds for some platforms. ## 6.26.0 (2021-10-20) ### Bug Fixes * Fixes a bug in directed IO mode when calling MultiGet() for blobs in the same blob file. The bug is caused by not sorting the blob read requests by file offsets. * Fix the incorrect disabling of SST rate limited deletion when the WAL and DB are in different directories. Only WAL rate limited deletion should be disabled if its in a different directory. * Fix `DisableManualCompaction()` to cancel compactions even when they are waiting on automatic compactions to drain due to `CompactRangeOptions::exclusive_manual_compactions == true`. * Fix contract of `Env::ReopenWritableFile()` and `FileSystem::ReopenWritableFile()` to specify any existing file must not be deleted or truncated. * Fixed bug in calls to `IngestExternalFiles()` with files for multiple column families. The bug could have introduced a delay in ingested file keys becoming visible after `IngestExternalFiles()` returned. Furthermore, mutations to ingested file keys while they were invisible could have been dropped (not necessarily immediately). * Fixed a possible race condition impacting users of `WriteBufferManager` who constructed it with `allow_stall == true`. The race condition led to undefined behavior (in our experience, typically a process crash). * Fixed a bug where stalled writes would remain stalled forever after the user calls `WriteBufferManager::SetBufferSize()` with `new_size == 0` to dynamically disable memory limiting. * Make `DB::close()` thread-safe. * Fix a bug in atomic flush where one bg flush thread will wait forever for a preceding bg flush thread to commit its result to MANIFEST but encounters an error which is mapped to a soft error (DB not stopped). ### New Features * Print information about blob files when using "ldb list_live_files_metadata" * Provided support for SingleDelete with user defined timestamp. * Experimental new function DB::GetLiveFilesStorageInfo offers essentially a unified version of other functions like GetLiveFiles, GetLiveFilesChecksumInfo, and GetSortedWalFiles. Checkpoints and backups could show small behavioral changes and/or improved performance as they now use this new API. * Add remote compaction read/write bytes statistics: `REMOTE_COMPACT_READ_BYTES`, `REMOTE_COMPACT_WRITE_BYTES`. * Introduce an experimental feature to dump out the blocks from block cache and insert them to the secondary cache to reduce the cache warmup time (e.g., used while migrating DB instance). More information are in `class CacheDumper` and `CacheDumpedLoader` at `rocksdb/utilities/cache_dump_load.h` Note that, this feature is subject to the potential change in the future, it is still experimental. * Introduced a new BlobDB configuration option `blob_garbage_collection_force_threshold`, which can be used to trigger compactions targeting the SST files which reference the oldest blob files when the ratio of garbage in those blob files meets or exceeds the specified threshold. This can reduce space amplification with skewed workloads where the affected SST files might not otherwise get picked up for compaction. * Added EXPERIMENTAL support for table file (SST) unique identifiers that are stable and universally unique, available with new function `GetUniqueIdFromTableProperties`. Only SST files from RocksDB >= 6.24 support unique IDs. * Added `GetMapProperty()` support for "rocksdb.dbstats" (`DB::Properties::kDBStats`). As a map property, it includes DB-level internal stats accumulated over the DB's lifetime, such as user write related stats and uptime. ### Public API change * Made SystemClock extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Made SliceTransform extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. The Capped and Prefixed transform classes return a short name (no length); use GetId for the fully qualified name. * Made FileChecksumGenFactory, SstPartitionerFactory, TablePropertiesCollectorFactory, and WalFilter extend the Customizable class and added a CreateFromString method. * Some fields of SstFileMetaData are deprecated for compatibility with new base class FileStorageInfo. * Add `file_temperature` to `IngestExternalFileArg` such that when ingesting SST files, we are able to indicate the temperature of the this batch of files. * If `DB::Close()` failed with a non aborted status, calling `DB::Close()` again will return the original status instead of Status::OK. * Add CacheTier to advanced_options.h to describe the cache tier we used. Add a `lowest_used_cache_tier` option to `DBOptions` (immutable) and pass it to BlockBasedTableReader. By default it is `CacheTier::kNonVolatileBlockTier`, which means, we always use both block cache (kVolatileTier) and secondary cache (kNonVolatileBlockTier). By set it to `CacheTier::kVolatileTier`, the DB will not use the secondary cache. * Even when options.max_compaction_bytes is hit, compaction output files are only cut when it aligns with grandparent files' boundaries. options.max_compaction_bytes could be slightly violated with the change, but the violation is no more than one target SST file size, which is usually much smaller. ### Performance Improvements * Improved CPU efficiency of building block-based table (SST) files (#9039 and #9040). ### Java API Changes * Add Java API bindings for new integrated BlobDB options * `keyMayExist()` supports ByteBuffer. * Fix multiget throwing Null Pointer Exception for num of keys > 70k (https://github.com/facebook/rocksdb/issues/8039). 2021-11-18T22:47:43+00:00 osv v0.0.7 osv v0.0.7 2021-11-22T06:20:35+00:00 - Various bug fixes. 2021-11-22T06:20:35+00:00 TheHive 4.1.14 TheHive 4.1.14 2021-11-22T10:20:10+00:00 ## [4.1.14](https://github.com/TheHive-Project/TheHive/milestone/84) (2021-11-19) **Implemented enhancements:** - [FR] Add user/org in Analyzers requests parameters [\#2245](https://github.com/TheHive-Project/TheHive/issues/2245) - [Feature Request] Add sort capability on "Profile" field of a organisations users list [\#2246](https://github.com/TheHive-Project/TheHive/issues/2246) - [Feature Request] Add API for change observable from a type to another [\#2251](https://github.com/TheHive-Project/TheHive/issues/2251) **Fixed bugs:** - [Bug] Fix observable type inconsistencies [\#2248](https://github.com/TheHive-Project/TheHive/issues/2248) - [Bug] Send notification to all viewing organisations [\#2249](https://github.com/TheHive-Project/TheHive/issues/2249) - [Bug] Update the field caseId in alert when it is imported in case [\#2250](https://github.com/TheHive-Project/TheHive/issues/2250) - [Bug] Incomplete alert observable details in search page [\#2252](https://github.com/TheHive-Project/TheHive/issues/2252) 2021-11-22T10:20:10+00:00 MISP v2.4.150 MISP v2.4.150 2021-11-23T10:01:11+00:00 # MISP 2.4.150 released MISP 2.4.150 released, including a new CA bundle to combat the issues with the Letsencrypt root CA expiration. This is a follow-up release to 2.4.149 and has no other major changes besides pointing to our own repository of the framework that includes the new CA bundle. # Sync issues due to the expiration of a Letsencrypt root CA As described in their [blog post](https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/#:~:text=On%20September%2030%202021%2C%20there,accept%20your%20Let's%20Encrypt%20certificate), Letsencrpyt had to retire an old Root CA, meaning that that SSL connections when synchronising MISP with other instances would fail if the remote side used letsencrypt. This update includes a new CA bundle that should help you avoid any issues with this. # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-11-23T10:01:11+00:00 MISP v2.4.151 MISP v2.4.151 2021-11-23T13:47:51+00:00 # MISP 2.4.151 released ![](https://www.misp-project.org/assets/images/misp/blog/graph-syria.png) MISP 2.4.151 released including a host of bug fixes and a bunch of new features. # New features - New background processor by @righel - Improvements to the CLI tools - Bug fixes and improvements # New background processor - MISP has been using CakeResque for its background jobs for the better part of a decade. Whilst it has served us well, the library has been stale for a long time and carries a (for us) unnecessary complexity and is generally the most difficult part of the application to debug - Luciano "@righel" Righetti has implemented a completely new, compatible background processing engine using Supervisord - Queue and execute jobs the same way as you are used to from before, monitor worker progress via the tools provided by supervisord in addition to MISP - No scheduling capabilities, these were an unnecessary overhead for us before as we relied on corn jobs as our preferred scheduling mechanism anyway - Expect more improvements to this library over the course of the next months, but feel free to switch to using it already now - Currently it is completely optional and the old background processor will still be supported for a while - Be aware that manual setup steps are required to get the new processor working, refer to [the upgrade guide](https://gist.github.com/righel/8ebc6c84341f2aea7d0bfa124e535ef8) on the procedure, if you decide to start using it already now # Various CLI changes - Jakub Onderka has been doing a fair bit of refactoring and improvement of the CLI libraries - additional administrative tools added to help monitor and manage your MISP instance (such as redis memory diagnostics, mysql table optimisation tool, etc) # Option to move the system settings to the database - Traditionally all system config settings were stored in the config.php file, with a new configuration thanks to Jakub Onderka's implementation the settings can be moved to the database rather than the file. - This should help with persistence for containerised installations # Various improvements - The previous version introduced a new STIX library as a replacement for the old one. This change did end up causing some update issues for some installations, the built in updater is now aware of this change and should allow you to easily update via the UI/API updater, with the new STIX library working as intended - A long list of improvements, thanks to all contributors! For a detailed list of changes, head over to the [changelog](https://www.misp-project.org/Changelog.txt) # MISP Modules - New [Passive SSH expansion](https://github.com/D4-project/passive-ssh) expansion module. - Updated [Recorded Future](https://misp.github.io/misp-modules/expansion/#recordedfuture) expansion module included links and related data. - New [CIRCL hashlookup expansion](https://circl.lu/services/hashlookup/) module added. The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt). # MISP Taxonomies - Updated taxonomies for [Interactive Cyber Training setup and environment](https://www.misp-project.org/taxonomies.html#_interactive_cyber_training_audience). - Updated [fr-classification](https://www.misp-project.org/taxonomies.html#_fr_classif) to match IGI1300. [MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available. # MISP Galaxy - Updated to MITRE ATT&CK version 10. - Multiple updates in malpedia, threat actor galaxy and Office 365 techniques. [MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt) # MISP Objects - New JA3 server object added. - New Security playbook object added. - New submarine object added - New Passive SSH object added. - Updated device object. - New hashlookup object added. - New edr-report object added. [MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt) # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-11-23T13:47:51+00:00