http://open-source-security-software.net/releases.atomRecent releases2024-12-06T21:10:49.631350+00:00python-feedgennode_redis redis@4.6.12node_redis redis@4.6.122023-12-18T20:21:31+00:00## Enhancements
* Upgrade `@redis/client` from `1.5.121` to `1.5.13`2023-12-18T20:21:31+00:00julia v1.10.0-rc3julia v1.10.0-rc32023-12-18T20:52:30+00:00This is the third release candidate in the upcoming 1.10 release series. See [NEWS.md](https://github.com/JuliaLang/julia/tree/release-1.10/NEWS.md) for what will be new in 1.10.
Changes since v1.10.0-rc2: https://github.com/JuliaLang/julia/compare/v1.10.0-rc2...v1.10.0-rc32023-12-18T20:52:30+00:00cve-search v5.0.0cve-search v5.0.02023-12-18T21:49:48+00:00cve-search v5.0.0 released with major improvements for the NVD NIST API import, other improvements and many bugs fixed.
The update is now done via [CveXplore](https://github.com/cve-search/CveXplore).
Thanks to all the contributors to make this release a reality.
## What's Changed
* Configurable DownloadMaxWorkers (#890) by @oh2fih in https://github.com/cve-search/cve-search/pull/998
* Update requirements.txt by @nsmfoo in https://github.com/cve-search/cve-search/pull/1002
* Rewrite of database update to use NVD NIST API from cvexplore lib by @P-T-I in https://github.com/cve-search/cve-search/pull/1010
* wrong key when populating redis cache by @P-T-I in https://github.com/cve-search/cve-search/pull/1019
* mongodb connections by @P-T-I in https://github.com/cve-search/cve-search/pull/1022
* Pass mongodb connection string when initialize CveXplore by @baonq-me in https://github.com/cve-search/cve-search/pull/1030
* Use count_documents() to count mongo documents instead of old and deprecated count() by @baonq-me in https://github.com/cve-search/cve-search/pull/1032
* Fixed Inappropriate Logical Expression by @fazledyn-or in https://github.com/cve-search/cve-search/pull/1031
* Improve CVEs search speed in bin/search.py by @baonq-me in https://github.com/cve-search/cve-search/pull/1033
* Fix counting results when searching for CVE using cli by @baonq-me in https://github.com/cve-search/cve-search/pull/1034
## New Contributors
* @nsmfoo made their first contribution in https://github.com/cve-search/cve-search/pull/1002
* @baonq-me made their first contribution in https://github.com/cve-search/cve-search/pull/1030
* @fazledyn-or made their first contribution in https://github.com/cve-search/cve-search/pull/1031
**Full Changelog**: https://github.com/cve-search/cve-search/compare/v4.2.2...v5.0.02023-12-18T21:49:48+00:00truffleHog v3.63.5truffleHog v3.63.52023-12-19T01:03:49+00:00## What's Changed
* [chore] Prevent panic when ChunkError has a nil Unit by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2227
* [feat] - Make skipping binaries configurable by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2226
* [chore] Add skip_binaries field to AzureRepos proto message by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2232
* Don't run detector tests on forks by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2234
* Update Freshworks verification to check for valid JSON response by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2212
* Enhance HuggingFace extra data by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2222
* Convert Shortcut detector to tri-state verification by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2211
* add secretID to chunk by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2242
* fix(deps): update module golang.org/x/crypto to v0.17.0 [security] by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2243
**Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.4...v3.63.52023-12-19T01:03:49+00:00chipsec 1.12.6chipsec 1.12.62023-12-19T01:08:50+00:00## What's Changed
* Improvements to iommu_cmd list command by @Sae86 in https://github.com/chipsec/chipsec/pull/2012
* Fix EFI binary scanning due to bad efi_data_search calls at build_efi_file_tree by @platomav in https://github.com/chipsec/chipsec/pull/2016
* Update to 1.12.6 by @chipsec-bbci in https://github.com/chipsec/chipsec/pull/2029
**Full Changelog**: https://github.com/chipsec/chipsec/compare/1.12.5...1.12.6
## Additional Notes
* Some modules under the modules.tools directory have not been fully validated to work with Python3. Please report any issues.2023-12-19T01:08:50+00:00HyperDbg v0.7.1HyperDbg v0.7.12023-12-19T23:41:54+00:00# HyperDbg v0.7.1 is released!
**If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!**
Please visit [Build & Install](https://docs.hyperdbg.org/getting-started/build-and-install) to configure the environment for running **HyperDbg**. Check out the [Quick Start](https://docs.hyperdbg.org/getting-started/quick-start) and [Frequently Asked Questions (FAQs)](https://docs.hyperdbg.org/getting-started/faq) to learn more. You can use the examples of [using the debugger](https://docs.hyperdbg.org/using-hyperdbg/kernel-mode-debugging/examples) and the [script engine](https://docs.hyperdbg.org/commands/scripting-language/examples) to get started with **HyperDbg**.
### Changed
- Fix the single core broadcasting events issue ([link](https://github.com/HyperDbg/HyperDbg/commit/ab95cd76285ef9aad084560c5c9dc8970bba84b7))
- Evaluate the '.pagin' ranges as expressions ([link](https://github.com/HyperDbg/HyperDbg/commit/ab95cd76285ef9aad084560c5c9dc8970bba84b7))
- Add hexadecimal escape sequence as string parameter for string functions ([link](https://github.com/HyperDbg/HyperDbg/commit/60fbec6936330643d8de1ec7b548f651ac8f106d))
- Add hexadecimal escape sequence as wstring parameter for wstring functions ([link](https://github.com/HyperDbg/HyperDbg/commit/e6dbc3f49e2d20a51d2f20120316fd0392067fa2))
- Fix breakpoint and the '!epthook' problems in the same address ([link](https://github.com/HyperDbg/HyperDbg/pull/326))2023-12-19T23:41:54+00:00cytoscape.js v3.27.2cytoscape.js v3.27.22023-12-20T23:42:59+00:00Release version v3.27.22023-12-20T23:42:59+00:00cytoscape.js v3.28.1cytoscape.js v3.28.12023-12-21T00:06:34+00:00Release version v3.28.12023-12-21T00:06:34+00:00tidb v7.1.3tidb v7.1.32023-12-21T03:11:42+00:00For new features, improvements, and bug fixes released in 7.1.3 for tidb-server, see [TiDB 7.1.3 release notes](https://docs.pingcap.com/tidb/v7.1/release-7.1.3/).
See the difference from the issue perspective:
<details>
- pingcap/tidb#47788
- pingcap/tidb#47650
- pingcap/tidb#47445
- pingcap/tidb#35948
- pingcap/tidb#47781
- pingcap/tidb#47992
- pingcap/tidb#48082
- pingcap/tidb#46950
- pingcap/tidb#47930
- pingcap/tidb#47442
- pingcap/tidb#47779
- pingcap/tidb#48342
- pingcap/tidb#48162
- pingcap/tidb#48431
- pingcap/tidb#47711
- pingcap/tidb#48212
- pingcap/tidb#47464
- pingcap/tidb#48643
- pingcap/tidb#48693
- pingcap/tidb#48814
- pingcap/tidb#46980
- pingcap/tidb#42739
- pingcap/tidb#47807
- pingcap/tidb#48307
- pingcap/tidb#48741
- pingcap/tidb#48411
- pingcap/tidb#48281
- pingcap/tidb#49156
- pingcap/tidb#48528
- pingcap/tidb#49133
- pingcap/tidb#48808
- pingcap/tidb#49096
- pingcap/tidb#49196
- pingcap/tidb#48607
- pingcap/tidb#47881
- pingcap/tidb#48983
- pingcap/tidb#47236
- pingcap/tidb#48869
- pingcap/tidb#48253
- pingcap/tidb#48164
- pingcap/tidb#49174
- pingcap/tidb#46321, close pingcap/tidb#48352
- pingcap/tidb#44919, close pingcap/tidb#48191
- pingcap/tidb#47634
- pingcap/tidb#46177
- pingcap/tidb#48000
- pingcap/tidb#48755
- pingcap/tidb#48372
- pingcap/tidb#48991
- pingcap/tidb#48452
- pingcap/tidb#48899
- pingcap/tidb#49273
- pingcap/tidb#47531
- pingcap/tidb#47331
- pingcap/tidb#46296
- pingcap/tidb#48505
- pingcap/tidb#47656
- pingcap/tidb#45507
- pingcap/tidb#48629
- pingcap/tidb#48372
- tikv/pd#7509
- pingcap/tidb#45044
- pingcap/tidb#44830
- pingcap/tidb#49241
- pingcap/tidb#49369
- pingcap/tidb#49285
- pingcap/tidb#49526
- pingcap/tidb#49487
</details>2023-12-21T03:11:42+00:00sigma r2023-12-21sigma r2023-12-212023-12-21T20:12:34+00:00### New Rules
- new: Access To Potentially Sensitive Sysvol Files By Uncommon Application
- new: Access To Sysvol Policies Share By Uncommon Process
- new: Cloudflared Portable Execution
- new: Cloudflared Quick Tunnel Execution
- new: Cloudflared Tunnels Related DNS Requests
- new: Communication To Uncommon Destination Ports
- new: Compressed File Creation Via Tar.EXE
- new: Compressed File Extraction Via Tar.EXE
- new: DLL Names Used By SVR For GraphicalProton Backdoor
- new: Enable LM Hash Storage
- new: Enable LM Hash Storage - ProcCreation
- new: Potential Base64 Decoded From Images
- new: Potentially Suspicious Desktop Background Change Using Reg.EXE
- new: Potentially Suspicious Desktop Background Change Via Registry
- new: Potentially Suspicious Execution Of Regasm/Regsvcs With Uncommon Extension
- new: Renamed Cloudflared.EXE Execution
- new: Scheduled Tasks Names Used By SVR For GraphicalProton Backdoor
- new: Scheduled Tasks Names Used By SVR For GraphicalProton Backdoor - Task Scheduler
- new: System Information Discovery Using Ioreg
- new: System Information Discovery Using sw_vers
- new: System Information Discovery Via Wmic.EXE
### Updated Rules
- update: ADFS Database Named Pipe Connection By Uncommon Tool - Enhance coverage by improving paths selection
- update: Access To Browser Credential Files By Uncommon Application - Increase level to medium and enhance filters and selections
- update: Account Created And Deleted By Non Approved Users - Add missing `expand` modifier
- update: Add Potential Suspicious New Download Source To Winget - Reduce level to medium
- update: Authentication Occuring Outside Normal Business Hours - Add missing `expand` modifier
- update: Cloudflared Tunnel Connections Cleanup - Enhanced CLI flag selection to remove the unnecessary double dash
- update: Cloudflared Tunnel Execution - Enhanced CLI flag selection to remove the unnecessary double dash
- update: CodeIntegrity - Unmet Signing Level Requirements By File Under Validation - Reduce level to low
- update: Compress-Archive Cmdlet Execution - Reudced Level to low and moved to Threat Hunting folder.
- update: Copy From Or To Admin Share Or Sysvol Folder - Enhance selection to be more accurate
- update: Disabled Volume Snapshots - Update logic by removing the reg string to also account for potential renamed executions
- update: Eventlog Cleared - Update FP filter to remove "Application" log and increase coverage
- update: Failed Code Integrity Checks - Reduce level to informational
- update: Folder Compress To Potentially Suspicious Output Via Compress-Archive Cmdlet - Update logic to be more specific
- update: HH.EXE Execution - Reduce level to low
- update: Interactive Logon to Server Systems - Add missing `expand` modifier
- update: Locked Workstation - Reduce level to informational
- update: Malicious Driver Load By Name - Increase coverage based on LOLDrivers data
- update: Malware User Agent
- update: Meterpreter or Cobalt Strike Getsystem Service Installation - Security - Reduce level to high and restructure selections
- update: Meterpreter or Cobalt Strike Getsystem Service Installation - System - Reduce level to high and restructure selections
- update: PUA - Nmap/Zenmap Execution - Reduce level to medium
- update: PUA - Process Hacker Execution - Reduce level to medium
- update: PUA - Radmin Viewer Utility Execution - Reduce level to medium
- update: Potential Credential Dumping Activity Via LSASS - Reduce level to medium and comment out noisy access masks
- update: Potential Pass the Hash Activity - Add missing `expand` modifier
- update: Potential PowerShell Execution Policy Tampering - Remove "RemoteSigned" as it doesn't fit with the current logic
- update: Potential Recon Activity Via Nltest.EXE - Add dnsgetdc coverage and enhance logic by removing /
- update: Potential System DLL Sideloading From Non System Locations - Enhance logic by removing hardcoded C: value to account for other potential system locations
- update: Potential Zerologon (CVE-2020-1472) Exploitation - Add missing `expand` modifier
- update: Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location - Reduce level to medium and update logic
- update: Potentially Suspicious Malware Callback Communication - Increase coverage by adding new additional ports
- update: PowerShell Execution With Potential Decryption Capabilities
- update: Privilege Role Elevation Not Occuring on SAW or PAW - Add missing `expand` modifier
- update: Privilege Role Sign-In Outside Expected Controls - Add missing `expand` modifier
- update: Privilege Role Sign-In Outside Of Normal Hours - Add missing `expand` modifier
- update: Remote Registry Management Using Reg Utility - Add missing `expand` modifier
- update: RestrictedAdminMode Registry Value Tampering - ProcCreation - Update logic the logic to not care about the data. As this registry value has use cases either be it "0" or "1"
- update: RestrictedAdminMode Registry Value Tampering - Update logic the logic to not care about the data. As this registry value has use cases either be it "0" or "1"
- update: Rundll32 Execution With Uncommon DLL Extension - Enhance DLL extension list
- update: SASS Access From Non System Account - Reduce level to medium and enhance false positive filters
- update: Suspicious Executable File Creation - Enhance coverage by removing hardocded "C:"
- update: Suspicious Program Location with Network Connections - Increase accuracy by enhancing the selection to focus on the start of the folder and partition
- update: Suspicious Schtasks From Env Var Folder - Reduce level to medium
- update: Suspicious Shim Database Patching Activity - Add new processes to increase coverage
- update: Uncommon Extension Shim Database Installation Via Sdbinst.EXE - Reduce level to medium
- update: Uncommon System Information Discovery Via Wmic.EXE - Updated logic to focus on more specific WMIC query sequence to increase the level and added a related rule to cover the missing gaps in d85ecdd7-b855-4e6e-af59-d9c78b5b861e
- update: WMI Event Consumer Created Named Pipe - Reduce leve to medium
- update: Whoami Utility Execution - Reduce level to low
- update: Whoami.EXE Execution With Output Option - Reduce level to medium
- update: Windows Defender Malware Detection History Deletion - Reduce level to informational
- update: Write Protect For Storage Disabled - Update logic by removing the reg string to also account for potential renamed executions
- update: Zip A Folder With PowerShell For Staging In Temp - PowerShell - Update logic to be more specific
- update: Zip A Folder With PowerShell For Staging In Temp - PowerShell Module - Update logic to be more specific
- update: Zip A Folder With PowerShell For Staging In Temp - PowerShell Script - Update logic to be more specific
### Removed / Deprecated Rules
- remove: Credential Dumping Tools Service Execution
- remove: New Service Uses Double Ampersand in Path
- remove: PowerShell Scripts Run by a Services
- remove: Powershell File and Directory Discovery
- remove: Security Event Log Cleared
- remove: Suspicious Get-WmiObject
- remove: Windows Defender Threat Detection Disabled
### Fixed Rules
- fix: Access To Windows Credential History File By Uncommon Application - Enhance FP filters
- fix: Access To Windows DPAPI Master Keys By Uncommon Application - Enhance FP filters
- fix: Amsi.DLL Load By Uncommon Process - Moved to threat hunting folder and update false positive filters to remove hardcoded C:
- fix: Bad Opsec Defaults Sacrificial Processes With Improper Arguments - Typo in condition
- fix: Credential Manager Access By Uncommon Application - Enhance FP filters
- fix: Elevated System Shell Spawned From Uncommon Parent Location - Enhance FP filters
- fix: Execution of Suspicious File Type Extension - Add new extensions to reduce FP
- fix: HackTool - EfsPotato Named Pipe Creation - Add exclusion for pipe names starting with `\pipe\`
- fix: Important Windows Eventlog Cleared - Update selection to remove "Application" log as it was generating a lot of FP in some environments
- fix: Malicious PowerShell Commandlets - ScriptBlock - Remove some part of the selection due to FP matches as they were generic cmdlet names
- fix: PSScriptPolicyTest Creation By Uncommon Process - Add new filter for "sdiagnhost"
- fix: Potential Direct Syscall of NtOpenProcess - Add "Adobe" filter
- fix: Potential Shim Database Persistence via Sdbinst.EXE - Update FP filter for "iisexpressshim" sdb
- fix: Potentially Suspicious AccessMask Requested From LSASS - Add new FP filter for "procmon" process
- fix: PowerView PowerShell Cmdlets - ScriptBlock - Remove some part of the selection due to FP matches as they were generic cmdlet names
- fix: Relevant Anti-Virus Signature Keywords In Application Log - Update false positive filters
- fix: Remote Access Tool Services Have Been Installed - Security - Fix typo in field name
- fix: Suspicious Command Patterns In Scheduled Task Creation - Fix error in modifier usage
- fix: Suspicious File Creation Activity From Fake Recycle.Bin Folder - Remove RECYCLE.BIN\ as it was added as a typo and is a legitimate location.
- fix: Suspicious Office Outbound Connections - Enhanced the filter by adding new ports that cause FP with SMTP and IMAP communications
- fix: Suspicious SYSTEM User Process Creation - add additional filters to cover both program file folders for FP with Java process
- fix: Uncommon Child Process Of Conhost.EXE - Add new FP filters
- fix: Uncommon File Created In Office Startup Folder - Add new extension to filter out FP generated with MS Access databases
- fix: Uncommon PowerShell Hosts - Moved to threat hunting folder and updated false positive filter list
- fix: Unusual Parent Process For Cmd.EXE - Fix typo in `wermgr` process name
- fix: Use Of Remove-Item to Delete File - ScriptBlock - Moved to threat hunting folder and Update logic to be more accurate
- fix: User with Privileges Logon - Move to placeholder rules and update the FP filter to account for different workstations
- fix: WMI Module Loaded By Uncommon Process - Moved to threat hunting folder and update and restructure false positive filters
- fix: Windows Event Auditing Disabled - Enhance list of false positive filters with additional GUID
- fix: title: LSASS Access From Program In Potentially Suspicious Folder - Filter out Webex binary
### Acknowledgement
Thanks to @AaronS97, @AdmU3, @Blackmore-Robert, @celalettin-turgut, @frack113, @GtUGtHGtNDtEUaE, @jstnk9, @mcdave2k1, @mostafa, @nasbench, @phantinuss, @qasimqlf, @ruppde, @slincoln-aiq, @ssnkhan, @swachchhanda000, @tr0mb1r, @X-Junior for their contribution to this release
### Which Sigma rule package should I use?
A detailed explanation can be found in the [Releases.md](Releases.md) file. If you are new to Sigma, we recommend starting with the "Core" ruleset.
The [latest release package on GitHub](https://docs.github.com/en/repositories/releasing-projects-on-github/linking-to-releases#linking-to-the-latest-release) can always be found [here](https://github.com/SigmaHQ/sigma/releases/latest).
2023-12-21T20:12:34+00:00PyPCAPKit v1.3.1PyPCAPKit v1.3.12023-12-22T02:38:14+00:002023-12-22T02:38:14+00:00wazuh v4.7.1wazuh v4.7.12023-12-22T03:07:01+00:00## Manager
### Changed
- Improved WPK upgrade scripts to ensure safe execution and backup generation in various circumstances. ([#20616](https://github.com/wazuh/wazuh/pull/20616))
### Fixed
- Fixed a bug causing the Canonical feed parser to fail in Vulnerability Detector. ([#20580](https://github.com/wazuh/wazuh/pull/20580))
- Fixed a bug that allowed two simultaneous updates to occur through WPK. ([#20545](https://github.com/wazuh/wazuh/pull/20545))
- Fixed a thread lock bug that slowed down wazuh-db performance. ([#20178](https://github.com/wazuh/wazuh/pull/20178))
- Fixed a bug in Vulnerability detector that skipped vulnerabilities for Windows 11 21H2. ([#20386](https://github.com/wazuh/wazuh/pull/20386))
- The installer now updates the merged.mg file permissions on upgrade. ([#5941](https://github.com/wazuh/wazuh/pull/5941))
- Fixed an insecure request warning in the shuffle integration. ([#19993](https://github.com/wazuh/wazuh/pull/19993))
- Fixed a bug that corrupted cluster logs when they were rotated. ([#19888](https://github.com/wazuh/wazuh/pull/19888))
## Agent
### Fixed
- Fixed a bug that prevented the local IP from appearing in the port inventory from macOS agents. ([#20332](https://github.com/wazuh/wazuh/pull/20332))
- Fixed the default Logcollector settings on macOS to collect logs out-of-the-box. ([#20180](https://github.com/wazuh/wazuh/pull/20180))
- Fixed a bug in the FIM decoder at wazuh-analysisd that ignored Windows Registry events from agents under 4.6.0. ([#20169](https://github.com/wazuh/wazuh/pull/20169))
- Fixed multiple bugs in the Syscollector decoder at wazuh-analysisd that did not sanitize the input data properly. ([#20250](https://github.com/wazuh/wazuh/pull/20250))
- Added the pyarrow_hotfix dependency to fix the pyarrow CVE-2023-47248 vulnerability in the AWS integration. ([#20284](https://github.com/wazuh/wazuh/pull/20284))
## RESTful API
### Fixed
- Fixed inconsistencies in the behavior of the `q` parameter of some endpoints. ([#18423](https://github.com/wazuh/wazuh/pull/18423))
- Fixed a bug in the `q` parameter of the `GET /groups/{group_id}/agents` endpoint. ([#18495](https://github.com/wazuh/wazuh/pull/18495))
- Fixed bug in the regular expression used to to reject non ASCII characters in some endpoints. ([#19533](https://github.com/wazuh/wazuh/pull/19533))
## Other
### Changed
- Upgraded external certifi library dependency version to 2023.07.22. ([#20149](https://github.com/wazuh/wazuh/pull/20149))
- Upgraded external requests library dependency version to 2.31.0. ([#20149](https://github.com/wazuh/wazuh/pull/20149))
- Upgraded embedded Python version to 3.9.18. ([#18800](https://github.com/wazuh/wazuh/issues/18800))
2023-12-22T03:07:01+00:00MISP v2.4.180MISP v2.4.1802023-12-22T14:28:11+00:00MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements.
v2.4.180 (2023-11-30)
---------------------
# New
- [api] added X-MISP-AUTH as an alternative header to Authorization,
fixes #9418. [iglocska]
# Changes
- [VERSION] bump. [iglocska]
- [workflows] restored 7.2 and 7.3. [iglocska]
- [user login profile] old version compatibility. [iglocska]
- [event index] hover over ID will show the info field, generally more
useful than the threat level. [iglocska]
# Fix
- [login] fixes bad fix and catches first login after update.
[Christophe Vandeplas]
- [revert] dumb check. [iglocska]
- [compatibility] make the ancient gods happy. [iglocska]
- [user login profile] skip checks for ancient php versions. [iglocska]
- [Attribute:EditPostProcessing] Make sure the ID is set. [Sami
Mokaddem]
- [attribute:editPostProcessing] Fixed typo in condition preventing tags
to be detached. [Sami Mokaddem]
- [attributes] type field added to editable fields. [iglocska]
- [RPZ] export custom parameters ingored, fixes #9420. [iglocska]
- [Attribute:editPostProcessing] Fixed sighting capture. [Sami Mokaddem]
- [Attribute:EditPostProcessing] Make sure the ID is set. [Sami
Mokaddem]
- [attribute:validation] Typo in function name. [Sami Mokaddem]
- [attribute:editPostProcessing] Fixed typo in condition preventing tags
to be detached. [Sami Mokaddem]
# Other
- Merge remote-tracking branch 'origin/develop' into 2.4. [Christophe
Vandeplas]
- Merge branch 'develop' into 2.4. [iglocska]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch 'develop' into 2.4. [iglocska]
- Revert "chg: [workflows] restored 7.2 and 7.3" [iglocska]
This reverts commit 206d2af439ae22c35a41568b4dc79562f2cb29e4.
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami
Mokaddem]
- Merge remote-tracking branch 'origin/2.4' into develop. [Sami
Mokaddem]
- Merge branch '2.4' of github.com:MISP/MISP into develop. [Sami
Mokaddem]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[iglocska]
- Merge branch 'develop' of github.com:MISP/MISP into develop. [Sami
Mokaddem]
- Feature/user login profiles2 (#9379) [Christophe Vandeplas, iglocska]
* new: [userloginprofiles] start over with previous code
* fix: [user_login_profiles] fixes catching up the backlog
* chg: [userloginprofile] email to org_admin for suspicious login
* chg: [userloginprofile] only inform new device
* chg: [userloginprofiles] view_login_history instead of view_auth_history
* chg: [userloginprofile] make login history visually better
* chg: [userloginprofile] inform admins of malicious report
* fix: [userloginprofile] cleanup
* fix: [userloginprofile] fixes Attribute include in Console
* fix: [userloginprofile] db schema and changes
* chg: [CI] log emails
* chg: [PyMISP] branch change
* chg: [test] test
* fix: [userloginprofile] unique rows
* fix: [userloginprofile] unique rows
* chg: [cleanup]
* Revert "chg: [PyMISP] branch change"
This reverts commit 3f6fb46fee9745437998fc013a97af874679c87b.
* fix: [userloginprofile] fix worksers with monolog=1.25 browcap=5.1
* fix: [db] dump schema version
* fix: [CI] newer php versions
* fix: [composer] php version
* fix: [php] revert to normal php7.4 tests
---------
- Merge branch '2.4' into develop. [iglocska]
2023-12-22T14:28:11+00:00MISP v2.4.181MISP v2.4.1812023-12-22T14:31:58+00:00# MISP 2.4.181 hot fix release to disable by default the alert on suspicious login plus some minor fixes.
# Changes
- [tools:misp-delegation] Do not use self-documented expression in
f-string anymore. [Sami Mokaddem]
- [version] bump. [iglocska]
- [warning-lists] updated to the latest version. [Alexandre Dulaunoy]
- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
- [tests] search for errors in logs. [Christophe Vandeplas]
- [warning-lists] updated to the latest version. [Alexandre Dulaunoy]
- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
# Fix
- [Alert on suspicious logins] disabled by default. [iglocska]
- requires logs table to be better indexed currently to not be a bottleneck (user_id and action fields)
- Will be made default in an upcoming version once the performance issues are resolved
- [tests] fix path in logs_tests.sh. [Christophe Vandeplas]
- [tests] fixes path of logs_tests. [Christophe Vandeplas]
- [userloginprofiles] undefined variable #9424. [Christophe Vandeplas]
- [customauth] missing Class init fixes #9425. [Christophe Vandeplas]
2023-12-22T14:31:58+00:00MISP v2.4.182MISP v2.4.1822023-12-22T14:47:58+00:00MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix.
# MISP Core
## New Features
- [event:view] Added new option `show_server_correlations_for_all_users`
allowing non-privileged users to view server correlations. [Sami
Mokaddem]
## Changes
- [Version] bump. [iglocska]
- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
- [misp-stix] Bumped latest version. [Christian Studer]
- [warning-lists] updated to the latest version. [Alexandre Dulaunoy]
- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
- [Geo-Open] updated to the latest version. [Alexandre Dulaunoy]
- [PyMISP] Bump. [Raphaël Vinot]
- [CLI] runUpdates updated to purge any pending db lock first.
[iglocska]
- [event reports] content field size changed to mediumtext. [Andras
Iklody]
- [logging] fail silently if logging entry can't be saved. [iglocska]
- can happen when the log change is too large for example
- no need to roll back / break sync for example if a log entry is too large, just fail silently.
- [events:event-graph] Allow expansion of nodes by double-clicking.
[Sami Mokaddem]
In response to significant demand from Terrtia and subsequent evaluation by adulau
- [feed:attachFeedCorrelations] Added comment. [Sami Mokaddem]
- [event:view] Show feed meta-information as popup. [Sami Mokaddem]
- [misp-stix] Bump. [Jakub Onderka]
## Fix
- [db_schema] dump. [iglocska]
- [correlation] exclusion cleaning was broken for noacl correlations,
fixes #8899. [iglocska]
- [eventReport:editReport] Generate an UUID if new report added from
pull. [Sami Mokaddem]
- [workflows:editor] Prepend baseurl to url. [Lukasz Rzasik]
- [TOTP] allow deletion of TOTP from edit page. [Christophe Vandeplas]
- [security] new audit logs lack of ACL controls. [iglocska]
- added proper ACL handling to the new audit logs
- as reported by fukusuket(Fukusuke Takahashi)
- Assigned [CVE-2023-50918](https://cvepremium.circl.lu/cve/CVE-2023-50918) for this vulnerability. The new audit log is not enabled by default.
- [case sensitivity] fix. [iglocska]
- [login_history] fixes str_contains #9433. [Christophe Vandeplas]
- [login_history] fixes str_contains #9433. [Christophe Vandeplas]
- [password reset] required current password for token based reset.
[iglocska]
- [diag] diagnostics page loading issue. [Michael Hirt]
- [openapi] add version to match spec. fixes #9058. [Luciano Righetti]
- [caching] remove uuid validation from the feed caching. [iglocska]
- not really needed and it breaks the entire caching if a single old event has an invalid uuid
- [attribute bulk update] separate out tag deletion as it builds a
ridiculously large query at times. [iglocska]
- [caching] remove uuid validation from the feed caching. [iglocska]
- not really needed and it breaks the entire caching if a single old event has an invalid uuid
# MISP project knowledge bases
## MISP Objects
Improved [shadowserver-malware-url-report](https://www.misp-project.org/objects.html#_shadowserver_malware_url_report) and [cs-beacon-config](https://www.misp-project.org/objects.html#_cs_beacon_config) object template. Updates in the [victim object template](https://www.misp-project.org/objects.html#_victim) and [report object template](https://www.misp-project.org/objects.html#_report).
## MISP Galaxy
Improved [Sigma rules galaxy](https://github.com/MISP/misp-galaxy/blob/main/clusters/sigma-rules.json), [threat-actors database](https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json) with many new threat-actors
## MISP warning-lists
[Warning-lists updated](https://github.com/MISP/misp-warninglists) to the latest version from the different sources.
# Don't forget to follow us on Mastodon
The MISP project has its own Mastodon server [misp-community.org](https://misp-community.org/) - don't forget to follow @misp@misp-community.org on the fediverse. Core contributors of MISP can sign-up if they wish to have an account.
# MISP Professional Services
[MISP Professional Services (MPS)](https://www.misp-project.org/professional-services/) is a program handled by the lead developers of MISP Project, in order to offer highly skilled services around MISP and to support the sustainability of the MISP project. This initiative is meant to address the policy requirements of companies/organisations requiring commercial support contracts. Don't hesitate to get in touch with us if you need specific services.2023-12-22T14:47:58+00:00truffleHog v3.63.6truffleHog v3.63.62023-12-22T15:54:23+00:00## What's Changed
* Adds basic if/else check if pid slice is empty by @codevbus in https://github.com/trufflesecurity/trufflehog/pull/2244
* [fixup] - move cleanup to run by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2245
* shallow cloning + GitHub Action by @joeleonjr in https://github.com/trufflesecurity/trufflehog/pull/2138
* Update GitHub extradata by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2219
* Avoid extraneous authentication attempts when verifying Snowflake by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2057
* Add missing import by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2246
* [bug] - Bug archive handler memory leak by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2247
* [chore] - use snake_case for naming by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2238
* [chore] - add additional binary extensions to skip by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2235
* [chore] - lower logging level by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2249
* [bug] - Fix Context Timeout-Induced Goroutine Leak in readInChunks by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2251
* Dedupe some source log keys by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2250
* [fixup] - Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2253
* Use walkdir for tmp cleanup by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2255
**Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.5...v3.63.62023-12-22T15:54:23+00:00ghidra Ghidra_11.0_buildghidra Ghidra_11.0_build2023-12-22T19:02:53+00:00* [What's New](https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.0_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html)
* [Change History](https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.0_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html)
* [Installation Guide](https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.0_build/GhidraDocs/InstallationGuide.html)
* SHA-256: `f1f240f91cf6b1dffc9a4148384ee3c6b269a8ae27c6f981577973e00043ad94`2023-12-22T19:02:53+00:00mattermost-server v9.4.0-rc4mattermost-server v9.4.0-rc42023-12-22T19:17:53+00:00Mattermost Platform Release 9.4.0-rc42023-12-22T19:17:53+00:00truffleHog v3.63.7truffleHog v3.63.72023-12-23T06:46:17+00:00## What's Changed
* Add skip archive support by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2257
* Skip all binaries by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/2256
* Add handlerOpts back by @bill-rich in https://github.com/trufflesecurity/trufflehog/pull/2258
* Use directory iterator instead of walkdir by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2260
**Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.6...v3.63.72023-12-23T06:46:17+00:00OpenWPM v0.26.0OpenWPM v0.26.02023-12-24T15:55:32+00:00## What's Changed
* Type cleanup by @vringar in https://github.com/openwpm/OpenWPM/pull/1069
* fix(storage_controller): fix race condition during shutdown by @vringar in https://github.com/openwpm/OpenWPM/pull/1073
* Documenting the JS Instrument by @vringar in https://github.com/openwpm/OpenWPM/pull/949
* Release by @vringar in https://github.com/openwpm/OpenWPM/pull/1078
**Full Changelog**: https://github.com/openwpm/OpenWPM/compare/v0.25.0...v0.26.02023-12-24T15:55:32+00:00etherpad-lite v1.9.6etherpad-lite v1.9.62023-12-24T19:35:44+00:00### Notable enhancements and fixes
* Prevent etherpad crash when update server is not reachable
* Use npm@6 in Docker build
* Fix setting the log level in settings.json
Merry Christmas and an awesome start in 2024 from the Etherpad team 🌲🎁2023-12-24T19:35:44+00:00syncthing v1.27.2-rc.2syncthing v1.27.2-rc.22023-12-25T16:21:29+00:00Bugfixes:
- #9041: cli subcommand does not use STHOMEDIR env var
- #9183: Filesystem watching (kqueue) is enabled … with a lot of files
- #9274: Missing lock in DeviceStatistics ("fatal error: concurrent map read and map write")
Enhancements:
- #7406: Add UPnP support for IPv6
Other issues:
- #9247: Embed binary releases signing key as a file instead of hardcoding a string
- #9287: quic-go v0.40.1 (CVE-2023-49295)
2023-12-25T16:21:29+00:00julia v1.10.0julia v1.10.02023-12-26T21:23:17+00:00This is Julia version 1.10.0, the tenth minor release in the 1.x series of releases.
Release notes: https://github.com/JuliaLang/julia/tree/v1.10.0/NEWS.md2023-12-26T21:23:17+00:00nsq v1.3.0nsq v1.3.02023-12-27T05:04:56+00:00**Upgrading**
* #1427 / #1373 / #1371 - fix staticcheck warnings, remove support for gobindata / go 1.16
Features:
* #1473 - `nsqd`: use --tls-root-ca-file in nsqauth request (thanks @intellitrend-team)
* #1470 / #1469 - `nsqadmin`: upgrade supported ECMA from ES5 to ES2020 (thanks @dudleycarr)
* #1468 - `nsqadmin`: add paused label to topic within the node view (thanks @dudleycarr)
* #1462 - `nsqadmin`: add admin check for topic/node thombstone endpoint (thanks @dudleycarr)
* #1434 - `nsqd`: add support of unix sockets for tcp, http, https listeners (thanks @telepenin)
* #1424 - `nsqd`: add /debug/freememory API (thanks @guozhao-coder)
* #1421 - `nsqd`: nicer tls-min-version help text default
* #1376 - `nsqd`: allow unbuffered memory chan if ephemeral or deferred
* #1380 - `nsqd`: use metadata struct for both marshal and unmarshal (thanks @karalabe)
* #1403 - `nsqd`: /info api returns more info (thanks @arshabbir)
* #1384 - `nsqd`: allow disabling both HTTP and HTTPS interfaces (thanks @karalabe)
* #1385 - `nsqd`: enable support for TLS1.3 (thanks @karalabe)
* #1372 - `nsqadmin`: new flag --dev-static-dir instead of debug build tag
Bugs:
* #1478 - `Dockerfile`: remove nsswitch.conf check (thanks @dudleycarr)
* #1467 - `nsqadmin`: fix counter by bounding animation steps (thanks @dudleycarr)
* #1466 - `nsqadmin`: fix broken graph template in nsqadmin node view (thanks @dudleycarr)
* #1455 / #1387 - update dependencies
* #1445 - `nsqd`: fix unsafe concurrency read in RemoveClient (thanks @gueFDF)
* #1441 - `nsqd`: fix panic when statsd enabled and memstats disabled with no topics (thanks @carl-reverb)
* #1428 - delete `validTopicChannelNameRegex` useless escape characters (thanks @sjatsh)
* #1419 - contrib: update nsqadmin.cfg.example (thanks @StellarisW)2023-12-27T05:04:56+00:00netbox v3.6.8netbox v3.6.82023-12-27T21:12:49+00:00## Enhancements
* [#11039](https://github.com/netbox-community/netbox/issues/11039) - List parent prefixes under IP range view
* [#14507](https://github.com/netbox-community/netbox/issues/14507) - Print new NetBox version when running upgrade script
* [#14538](https://github.com/netbox-community/netbox/issues/14538) - Add the `available_at_site` filter for VLANs
* [#14596](https://github.com/netbox-community/netbox/issues/14596) - Match against description field when searching for devices
## Bug Fixes
* [#11816](https://github.com/netbox-community/netbox/issues/11816) - Correct display of error message when attempting invalid VLAN site & group assignment
* [#12731](https://github.com/netbox-community/netbox/issues/12731) - Fix custom validation for many-to-many fields
* [#13606](https://github.com/netbox-community/netbox/issues/13606) - Fix filtering custom multi-choice fields by null
* [#13649](https://github.com/netbox-community/netbox/issues/13649) - Correct calculation of absolute lengths for zero-length cables
* [#13812](https://github.com/netbox-community/netbox/issues/13812) - Update status of remote data source when syncing fails via `syncdatasource` management command
* [#13909](https://github.com/netbox-community/netbox/issues/13909) - Fix cloning of objects which have a multi-choice custom field
* [#14517](https://github.com/netbox-community/netbox/issues/14517) - Ensure reservations tab is always displayed under rack view
* [#14532](https://github.com/netbox-community/netbox/issues/14532) - Device/VM change record should accurately reflect when primary/OOB IP is deleted
* [#14549](https://github.com/netbox-community/netbox/issues/14549) - Fix association of job results when executing scripts via `runscript` management command
* [#14560](https://github.com/netbox-community/netbox/issues/14560) - Do not escape exclamation marks in custom link URLs
* [#14575](https://github.com/netbox-community/netbox/issues/14575) - Fix display of the tags column under VDC table
* [#14613](https://github.com/netbox-community/netbox/issues/14613) - Fix display of current configuration parameters in UI2023-12-27T21:12:49+00:00osquery 5.11.0osquery 5.11.02023-12-27T22:55:41+00:00Draft2023-12-27T22:55:41+00:00pycryptodome v3.19.1pycryptodome v3.19.12023-12-28T07:35:53+00:00Resolved issues
---------------
* Fixed a side-channel leakage with OAEP decryption that could be
exploited to carry out a Manger attack. Thanks to Hubert Kario.2023-12-28T07:35:53+00:00pycryptodome v3.19.1xpycryptodome v3.19.1x2023-12-28T07:36:16+00:00Resolved issues
---------------
* Fixed a side-channel leakage with OAEP decryption that could be
exploited to carry out a Manger attack. Thanks to Hubert Kario.2023-12-28T07:36:16+00:00netbox v3.6.9netbox v3.6.92023-12-28T19:13:59+00:00### Enhancements
* [#14631](https://github.com/netbox-community/netbox/issues/14631) - All models can be filtered and searched by their description field (where applicable)
### Bug Fixes
* [#14482](https://github.com/netbox-community/netbox/issues/14482) - Fix validation error when attempting to move a primary IP address to a new parent object
* [#14620](https://github.com/netbox-community/netbox/issues/14620) - Permit setting device type U height to 0 during bulk edit
* [#14621](https://github.com/netbox-community/netbox/issues/14621) - Fix error when using the device search filter2023-12-28T19:13:59+00:00rtl_433 nightlyrtl_433 nightly2023-12-29T13:35:47+00:00- Add mqtt base topic option (closes #2768)
- Add reading mqtt auth from env vars (closes #2769)
- Add support for Fine Offset WN32B (closes #2303)
- Add support for Fine Offset / Ecowitt WH55 water leak sensor (closes #2756)
- Add support for TechniSat IMETEO X6 and improve Holman-AOK (#2759)
- Fix converting inches to mm (#2755)
- Change rtl_433_mqtt_hass.py to support storm_dist_km from WH31L (#2748)
- Add channel/button to Acurite-606TX
- Add Motonet MTX, MarQuant Rain note to Schou-72543 (#2686)
- Fix TFA-303151 negative temps (closes #2538)
- Fix temperature for Bresser 3-in-1 Wind Gauge (closes #2523)
- Improve code and annotations for cpplint (#2683)
2023-12-29T13:35:47+00:00netbox v3.7.0netbox v3.7.02023-12-29T15:03:26+00:00### Breaking Changes
* The following fields have been removed from the Webhook model: `content_types`, `type_create`, `type_update`, `type_delete`, `type_job_start`, `type_job_end`, `enabled`, and `conditions`. Webhooks are now tied to events via [event rules](https://docs.netbox.dev/en/stable/features/event-rules/). New event rules will be created for any existing webhooks automatically upon upgrade.
* The `ui_visibility` field on the [custom field model](https://docs.netbox.dev/en/stable/models/extras/customfield/) has been replaced with two new fields: `ui_visible` and `ui_editable`. These new fields will have their values mapped from the original field automatically upon upgrade.
* The `FeatureQuery` class used internally for querying content types by model feature has been removed. It has been replaced by the new `with_feature()` manager method on NetBox's proxy model for ContentType (`core.models.ContentType`).
* The internal ConfigRevision model has moved from `extras` to `core`. Configuration history will be retained throughout the upgrade process.
* The [L2VPN](https://docs.netbox.dev/en/stable/models/vpn/l2vpn/) and [L2VPNTermination](https://docs.netbox.dev/en/stable/models/vpn/l2vpntermination/) models have moved from the `ipam` app to the new `vpn` app. All object data will be retained, however please note that the relevant API endpoints have likewise moved to `/api/vpn/`.
* The `CustomFieldsMixin`, `SavedFiltersMixin`, and `TagsMixin` classes have moved from the `extras.forms.mixins` module to `netbox.forms.mixins`.
### New Features
#### VPN Tunnels ([#9816](https://github.com/netbox-community/netbox/issues/9816))
Several new models have been introduced to enable [VPN tunnel management](https://docs.netbox.dev/en/stable/features/vpn-tunnels/). Users can now define tunnels with two or more terminations to represent peer-to-peer or hub-and-spoke topologies. Each termination is made to a virtual interface on a device or virtual machine. Additionally, users can define IKE and IPSec proposals and policies, which can be applied to tunnels to document encryption and authentication strategies.
#### Event Rules ([#14132](https://github.com/netbox-community/netbox/issues/14132))
This release introduces [event rules](https://docs.netbox.dev/en/stable/features/event-rules/), which can be used to send webhooks or execute custom scripts automatically in response to events that occur in NetBox. For example, it's now possible to run a custom script whenever a new site is created with a particular status or tag.
Event rules replace and extend functionality that was previously built into the webhook model. New event rules will be created for any existing webhooks automatically upon upgrade.
#### Virtual Machine Disks ([#8356](https://github.com/netbox-community/netbox/issues/8356))
A new [VirtualDisk](https://docs.netbox.dev/en/stable/models/virtualization/virtualdisk/) model has been introduced to enable tracking the assignment of discrete virtual disks to virtual machines. The `size` field has been retained on the VirtualMachine model, and will be populated automatically with the aggregate size of all assigned virtual disks. (Users who opt to eschew the new model may continue using the VirtualMachine `size` attribute independently as in previous releases.)
#### Object Protection Rules ([#10244](https://github.com/netbox-community/netbox/issues/10244))
A new [`PROTECTION_RULES`](https://docs.netbox.dev/en/stable/configuration/data-validation.md#protection_rules) configuration parameter has been introduced. Similar to how [custom validation rules](https://docs.netbox.dev/en/stable/customization/custom-validation/) can be used to enforce certain values for object attributes, protection rules guard against the deletion of objects which do not meet specified criteria. This enables an administrator to prevent, for example, the deletion of a site which has a status of "active."
#### Improved Custom Field Visibility Controls ([#13299](https://github.com/netbox-community/netbox/issues/13299))
The `ui_visible` field on [the custom field model](https://docs.netbox.dev/en/stable/models/extras/customfield/) has been superseded by two new fields, `ui_visible` and `ui_editable`, which control how and whether a custom field is displayed when view and editing an object, respectively. Separating these two functions into discrete fields allows more control over how each custom field is presented to users. The values of these fields will be appropriately set automatically during the upgrade process from the value of the original field.
#### Improved Global Search Results ([#14134](https://github.com/netbox-community/netbox/issues/14134))
Global search results now include additional context about each object, such as a description, status, and/or related objects. The set of attributes to be displayed is specific to each object type, and is defined by setting `display_attrs` under the object's [SearchIndex class](https://docs.netbox.dev/en/stable/plugins/development/search.md#netbox.search.SearchIndex).
#### Table Column Registration for Plugins ([#14173](https://github.com/netbox-community/netbox/issues/14173))
Plugins can now [register their own custom columns](https://docs.netbox.dev/en/stable/plugins/development/tables.md#extending-core-tables) for inclusion on core NetBox tables. For example, a plugin can register a new column on SiteTable using the new `register_table_column()` utility function, and it will become available for users to select for display.
#### Data Backend Registration for Plugins ([#13381](https://github.com/netbox-community/netbox/issues/13381))
Plugins can now [register their own data backends](https://docs.netbox.dev/en/stable/plugins/development/data-backends/) for use with [synchronized data sources](https://docs.netbox.dev/en/stable/features/synchronized-data/). This enables plugins to introduce new backends in addition to the git, S3, and local path backends provided natively.
### Enhancements
* [#12135](https://github.com/netbox-community/netbox/issues/12135) - Avoid orphaned interfaces by preventing the deletion of interfaces which have children assigned
* [#12216](https://github.com/netbox-community/netbox/issues/12216) - Add a `color` field for circuit types
* [#13230](https://github.com/netbox-community/netbox/issues/13230) - Allow device types to be excluded from consideration when calculating a rack's utilization
* [#13334](https://github.com/netbox-community/netbox/issues/13334) - Add an `error` field to the Job model to record any errors associated with its execution
* [#13427](https://github.com/netbox-community/netbox/issues/13427) - Introduce a mechanism for excluding models from general-purpose lists of object types
* [#13690](https://github.com/netbox-community/netbox/issues/13690) - Display any dependent objects to be deleted prior to deleting an object via the web UI
* [#13794](https://github.com/netbox-community/netbox/issues/13794) - Any models with a relationship to Tenant are now included automatically in the list of related objects under the tenant view
* [#13808](https://github.com/netbox-community/netbox/issues/13808) - Add a `/render-config` REST API endpoint for virtual machines
* [#14035](https://github.com/netbox-community/netbox/issues/14035) - Order objects of equivalent weight by value in global search results to improve readability
* [#14147](https://github.com/netbox-community/netbox/issues/14147) - Avoid recording empty changelog entries via the new `CHANGELOG_SKIP_EMPTY_CHANGES` config parameter
* [#14156](https://github.com/netbox-community/netbox/issues/14156) - Enable custom fields for contact assignments
* [#14240](https://github.com/netbox-community/netbox/issues/14240) - Increase maximum values for custom field minimum & maximum numeric validators
* [#14361](https://github.com/netbox-community/netbox/issues/14361) - Add a `description` field for webhooks
* [#14365](https://github.com/netbox-community/netbox/issues/14365) - Introduce `job_start` and `job_end` signals to allow automated plugin actions
* [#14434](https://github.com/netbox-community/netbox/issues/14434) - Add model-specific termination object filters for cables (e.g. `interface_id` and `consoleport_id`)
* [#14436](https://github.com/netbox-community/netbox/issues/14436) - Add PostgreSQL indexes for all GenericForeignKey fields
* [#14579](https://github.com/netbox-community/netbox/issues/14579) - Allow users to specify a preferred language for UI translations
### Translations
* [#14075](https://github.com/netbox-community/netbox/issues/14075) - Add Spanish translation
* [#14096](https://github.com/netbox-community/netbox/issues/14096) - Add French translation
* [#14145](https://github.com/netbox-community/netbox/issues/14145) - Add Portuguese translation
* [#14266](https://github.com/netbox-community/netbox/issues/14266) - Add Russian translation
### Bug Fixes
* [#14432](https://github.com/netbox-community/netbox/issues/14432) - Fix hyperlinks for global search result attributes
* [#14472](https://github.com/netbox-community/netbox/issues/14472) - Fix display of hidden custom fields in object edit forms
* [#14499](https://github.com/netbox-community/netbox/issues/14499) - Relax requirements for encryption/auth algorithms on IKE & IPSec proposals
* [#14550](https://github.com/netbox-community/netbox/issues/14550) - Fix changing action type of existing event rule
### Other Changes
* [#13550](https://github.com/netbox-community/netbox/issues/13550) - Optimize the format for declaring view actions under `ActionsMixin` (backward compatibility has been retained)
* [#13645](https://github.com/netbox-community/netbox/issues/13645) - Installation of the `sentry-sdk` Python library is now required only if Sentry reporting is enabled
* [#14036](https://github.com/netbox-community/netbox/issues/14036) - Move plugin resources from the `extras` app into `netbox` (backward compatibility has been retained)
* [#14153](https://github.com/netbox-community/netbox/issues/14153) - Replace `FeatureQuery` with new `with_feature()` method on proxy ContentType manager
* [#14311](https://github.com/netbox-community/netbox/issues/14311) - Move the L2VPN models from the `ipam` app to the new `vpn` app
* [#14312](https://github.com/netbox-community/netbox/issues/14312) - Move the ConfigRevision model from the `extras` app to `core`
* [#14326](https://github.com/netbox-community/netbox/issues/14326) - Form feature mixin classes have been moved from the `extras` app to `netbox`
* [#14395](https://github.com/netbox-community/netbox/issues/14395) - Move `extras.webhooks_worker.process_webhook()` to `extras.webhooks.send_webhook()` (backward compatibility has been retained)
* [#14424](https://github.com/netbox-community/netbox/issues/14424) - Remove change logging functionality from StagedChange
* [#14458](https://github.com/netbox-community/netbox/issues/14458) - Remove the obsolete `clearcache` management command
* [#14536](https://github.com/netbox-community/netbox/issues/14536) - Enforce uniqueness by default for non-VRF prefixes & IP addresses (`ENFORCE_GLOBAL_UNIQUE` now defaults to true)
2023-12-29T15:03:26+00:00PyPCAPKit v1.3.1.post1PyPCAPKit v1.3.1.post12023-12-30T10:11:41+00:002023-12-30T10:11:41+00:00maltrail 0.65maltrail 0.652023-12-31T23:11:03+00:00Start-of-month release2023-12-31T23:11:03+00:00fzf 0.45.0fzf 0.45.02024-01-01T06:41:32+00:00- Added `transform` action to conditionally perform a series of actions
```sh
# Disallow selecting an empty line
echo -e "1. Hello\n2. Goodbye\n\n3. Exit" |
fzf --height '~100%' --reverse --header 'Select one' \
--bind 'enter:transform:[[ -n {} ]] && echo accept || echo "change-header:Invalid selection"'
# Move cursor past the empty line
echo -e "1. Hello\n2. Goodbye\n\n3. Exit" |
fzf --height '~100%' --reverse --header 'Select one' \
--bind 'enter:transform:[[ -n {} ]] && echo accept || echo "change-header:Invalid selection"' \
--bind 'focus:transform:[[ -n {} ]] && exit; [[ {fzf:action} =~ up$ ]] && echo up || echo down'
# A single key binding to toggle between modes
fd --type file |
fzf --prompt 'Files> ' \
--header 'CTRL-T: Switch between Files/Directories' \
--bind 'ctrl-t:transform:[[ ! {fzf:prompt} =~ Files ]] &&
echo "change-prompt(Files> )+reload(fd --type file)" ||
echo "change-prompt(Directories> )+reload(fd --type directory)"'
```
- Added placeholder expressions
- `{fzf:action}` - The name of the last action performed
- `{fzf:prompt}` - Prompt string (including ANSI color codes)
- `{fzf:query}` - Synonym for `{q}`
- Added support for negative height
```sh
# Terminal height minus 1, so you can still see the command line
fzf --height=-1
```
- This handles a terminal resize better than `--height=$(($(tput lines) - 1))`
- Added `accept-or-print-query` action that acts like `accept` but prints the current query when there's no match for the query
```sh
# You can make CTRL-R paste the current query when there's no match
export FZF_CTRL_R_OPTS='--bind enter:accept-or-print-query'
```
- Note that there are alternative ways to implement the same strategy
```sh
# 'become' is apparently more versatile but it's not available on Windows.
export FZF_CTRL_R_OPTS='--bind "enter:become:if [ -z {} ]; then echo {q}; else echo {}; fi"'
# Using the new 'transform' action
export FZF_CTRL_R_OPTS='--bind "enter:transform:[ -z {} ] && echo print-query || echo accept"'
```
- Added `show-header` and `hide-header` actions
- Bug fixes
2024-01-01T06:41:32+00:00seaweedfs 3.60seaweedfs 3.602024-01-02T03:31:30+00:00## What's Changed
* FUSE Mount
* Waiting for writes to complete with acquired lock may lead to deadlock by @kvaster in https://github.com/seaweedfs/seaweedfs/pull/
* Fix OOM from increasing RSS memory usage on long term https://github.com/seaweedfs/seaweedfs/issues/5082
* Weed Fix
* Fix weed fix by @SmsS4 in https://github.com/seaweedfs/seaweedfs/pull/5020
* Filer
* Set allowed origins in config by @jerebear12 in https://github.com/seaweedfs/seaweedfs/pull/5109
* chore: add dsn for connection to mysql by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5060
* [filerstore] mysql falls back to update only if error contains msg "duplicate entry" by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5085
* Add a way to use a JWT sent in an HTTP only cookie by @jerebear12 in https://github.com/seaweedfs/seaweedfs/pull/5077
* verify content-md5 in header by @julor in https://github.com/seaweedfs/seaweedfs/pull/5016
* S3
* [s3api] add default response for GetBucketVersioning by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/4998
* Helm Charts
* fix: k8s-chart-helm master metrics scraping by @sberthier in https://github.com/seaweedfs/seaweedfs/pull/5142
* Fix: helm: remove deprecated values that caused helm template error for post install hook by @jessebot in https://github.com/seaweedfs/seaweedfs/pull/5108
* Update helm_ci.yml - add `ct` flag `--target-branch ${{ github.event.repository.default_branch }}` by @jessebot in https://github.com/seaweedfs/seaweedfs/pull/5106
* #5122 Add support for sidecar containers by @Davidsod in https://github.com/seaweedfs/seaweedfs/pull/5125
* Always include volumes in statefulsets by @dzsibi in https://github.com/seaweedfs/seaweedfs/pull/5081
* Helm: add post install hook to support creating default buckets by @cloudymax in https://github.com/seaweedfs/seaweedfs/pull/5048
* Use `global.serviceAccountName` to populate `ServiceAccount`, `ClusterRole`, and `ClusterRoleBinding` by @jessebot in https://github.com/seaweedfs/seaweedfs/pull/5049
* support tls in master-ingress by @Programmeris in https://github.com/seaweedfs/seaweedfs/pull/4946
* Helm chart: Allow existing S3 config secret for the filer statefulset and the s3 deployment by @jessebot in https://github.com/seaweedfs/seaweedfs/pull/5039
* Enable support for Restic-based tools (K8up, Velero) to perform backup and restore operations by @cloudymax in https://github.com/seaweedfs/seaweedfs/pull/5034
* Update helm_chart_release.yml - run helm chart release on push to master on changes to k8s/chart files by @jessebot in https://github.com/seaweedfs/seaweedfs/pull/5035
* helm chart: fix annotations templating for s3.ingress.annotations and document it and s3.ingress.tls in values.yaml by @jessebot in https://github.com/seaweedfs/seaweedfs/pull/5023
* [helm] fix: use metricsPort correctly by @niuqg in https://github.com/seaweedfs/seaweedfs/pull/5010
* Shell
* shell meta load add concurrency by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/4529
* Add modifyTimeAgo to volume.fsck by @SmsS4 in https://github.com/seaweedfs/seaweedfs/pull/5133
* Fix cutoffTimeAgo in findMissingChunksInFiler by @SmsS4 in https://github.com/seaweedfs/seaweedfs/pull/5132
* fs.mergeVolumes: Make a plan based on volumes size by @yeganemehr in https://github.com/seaweedfs/seaweedfs/pull/4999
* fs.mergeVolumes: change dir to a named parameter by @yeganemehr in https://github.com/seaweedfs/seaweedfs/pull/5003
* Filer Backup
* filer backup add option for exclude file names that match regexp to sync on filer by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5002
* fix: add doDeleteFile option for filer backup by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5018
* Filer Remote Sync
* Using filer.remote.sync concurrency in filer.remote.gateway by @itsfarbod in https://github.com/seaweedfs/seaweedfs/pull/5123
* Remote gateway Bug fix by @itsfarbod in https://github.com/seaweedfs/seaweedfs/pull/5100
* Fix wrong option https://github.com/seaweedfs/seaweedfs/pull/5102
* Filer Copy
* Add option to filer.copy with public volume server url https://github.com/seaweedfs/seaweedfs/pull/5126
* Minor
* Minor cleanup & gitignore update by @varunu28 in https://github.com/seaweedfs/seaweedfs/pull/5144
* weed/server: remove unneeded err from streamReadOneVolume() signature by @alrs in https://github.com/seaweedfs/seaweedfs/pull/5143
* weed/storage: fix dropped test errors by @alrs in https://github.com/seaweedfs/seaweedfs/pull/5083
* logging PickForWrite error by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/4920
* fix TestMisplacedChecking() and add test-case by @zehweh in https://github.com/seaweedfs/seaweedfs/pull/5040
* weed/command: fix dropped error by @alrs in https://github.com/seaweedfs/seaweedfs/pull/5027
* Fix shell 'help' for all commands by @yeganemehr in https://github.com/seaweedfs/seaweedfs/pull/5000
## New Contributors
* @niuqg made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5010
* @jessebot made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5023
* @julor made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5016
* @cloudymax made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5034
* @dzsibi made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5081
* @itsfarbod made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5100
* @Davidsod made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5125
* @vivekkoya made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5134
* @sberthier made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5142
* @varunu28 made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5144
**Full Changelog**: https://github.com/seaweedfs/seaweedfs/compare/3.59...3.60
2024-01-02T03:31:30+00:00syncthing v1.27.2syncthing v1.27.22024-01-02T07:19:25+00:00Bugfixes:
- #9041: cli subcommand does not use STHOMEDIR env var
- #9183: Filesystem watching (kqueue) is enabled … with a lot of files
- #9274: Missing lock in DeviceStatistics ("fatal error: concurrent map read and map write")
Enhancements:
- #7406: Add UPnP support for IPv6
Other issues:
- #9247: Embed binary releases signing key as a file instead of hardcoding a string
- #9287: quic-go v0.40.1 (CVE-2023-49295)
2024-01-02T07:19:25+00:00Stegano v0.11.3Stegano v0.11.32024-01-02T09:16:06+00:00Stegano now supports Python 3.12. Support of Python 3.8 has been removed.
The updated tutorial with the new features is available here:
https://stegano.readthedocs.io2024-01-02T09:16:06+00:00faraday v5.0.1faraday v5.0.12024-01-02T18:44:37+00:002024-01-02T18:44:37+00:00wallabag 2.6.8wallabag 2.6.82024-01-03T08:18:20+00:00Happy new year to everyone!
📈 **To update your instance**, [just run `make update`](https://doc.wallabag.org/en/admin/upgrade.html).
Don't forget to make a backup of your instance (database and files).
_🤝 A little reminder that **you can support our work** on wallabag by sponsoring us on [Liberapay](https://liberapay.com/wallabag) or subscribe on [wallabag.it](https://www.wallabag.it/en). Thanks!_
## What's Changed
* Update deps & Node 20 by @j0k3r in https://github.com/wallabag/wallabag/pull/7134
* Fix dark mode disabled url 2.6 by @Simounet in https://github.com/wallabag/wallabag/pull/7133
* Make database dependent commands lazy by @yguedidi in https://github.com/wallabag/wallabag/pull/7142
* Fix docker setup by @yguedidi in https://github.com/wallabag/wallabag/pull/7141
* Remove session-based redirection by @yguedidi in https://github.com/wallabag/wallabag/pull/7140
* Prepare 2.6.8 release by @j0k3r in https://github.com/wallabag/wallabag/pull/7143
**Full Changelog**: https://github.com/wallabag/wallabag/compare/2.6.7...2.6.82024-01-03T08:18:20+00:00traefik v2.11.0-rc1traefik v2.11.0-rc12024-01-03T10:47:10+00:00**Enhancements:**
- **[middleware]** Deprecate IPWhiteList middleware in favor of IPAllowList ([#10249](https://github.com/traefik/traefik/pull/10249) by [lbenguigui](https://github.com/lbenguigui))
- **[redis]** Add Redis Sentinel support ([#10245](https://github.com/traefik/traefik/pull/10245) by [youkoulayley](https://github.com/youkoulayley))
- **[server]** Add KeepAliveMaxTime and KeepAliveMaxRequests features to entrypoints ([#10247](https://github.com/traefik/traefik/pull/10247) by [juliens](https://github.com/juliens))
- **[sticky-session]** Hash WRR sticky cookies ([#10243](https://github.com/traefik/traefik/pull/10243) by [youkoulayley](https://github.com/youkoulayley))
**Bug fixes:**
- **[file]** Update github.com/fsnotify/fsnotify to v1.7.0 ([#10313](https://github.com/traefik/traefik/pull/10313) by [ldez](https://github.com/ldez))
- **[http3]** Update quic-go to v0.40.1 ([#10296](https://github.com/traefik/traefik/pull/10296) by [ldez](https://github.com/ldez))
- **[server]** Fix ReadHeaderTimeout for PROXY protocol ([#10320](https://github.com/traefik/traefik/pull/10320) by [juliens](https://github.com/juliens))
**Documentation:**
- **[acme]** Fix TLS challenge explanation ([#10293](https://github.com/traefik/traefik/pull/10293) by [cavokz](https://github.com/cavokz))
- **[docker,acme]** Fix typo ([#10294](https://github.com/traefik/traefik/pull/10294) by [youpsla](https://github.com/youpsla))
- **[docker]** Update wording of compose example ([#10276](https://github.com/traefik/traefik/pull/10276) by [svx](https://github.com/svx))
- **[k8s/crd]** Adjust deprecation notice for Kubernetes CRD provider ([#10317](https://github.com/traefik/traefik/pull/10317) by [rtribotte](https://github.com/rtribotte))
- Fix description for anonymous usage statistics references ([#10287](https://github.com/traefik/traefik/pull/10287) by [ariyonaty](https://github.com/ariyonaty))
- Documentation enhancements ([#10261](https://github.com/traefik/traefik/pull/10261) by [svx](https://github.com/svx))2024-01-03T10:47:10+00:00uBlock 1.55.0uBlock 1.55.02024-01-03T20:17:30+00:00[Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.55.0...master)
[Commits since last release](https://github.com/gorhill/uBlock/compare/1.54.0...1.55.0)
To install the stable build:
- **Firefox**: Click [uBlock0_1.55.0.firefox.signed.xpi](https://addons.mozilla.org/firefox/downloads/file/4216633/ublock_origin-1.55.0.xpi)
[uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox).
- **Chromium**: Install from the Chrome store: <https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm>
- **Edge**: Install from Microsoft Store: <https://microsoftedge.microsoft.com/addons/detail/odfafepnkmbhccpbejgmiehpchacaeak>
The Microsoft Store version of uBO is published by [Nicole Rolls](https://github.com/nicole-ashley/uBlock-Edge)
- **Opera**: Install from Opera addons: <https://addons.opera.com/en/extensions/details/ublock/>
---
## Fixes / changes
- [Mind drop events in filter expression field of logger](https://github.com/gorhill/uBlock/commit/c8b7d1a526)
- [Improve `xml-prune` scriptlet](https://github.com/gorhill/uBlock/commit/d7063a052f)
- [Fix message entries overflowing in logger](https://github.com/gorhill/uBlock/commit/49c8310e22)
- [Add support for `application/x-javascript` in `replace=` option](https://github.com/gorhill/uBlock/commit/abeadf18eb)
- [Extend support for differential updates to imported lists](https://github.com/gorhill/uBlock/commit/443c1f81e1)
- [Add detection of mismatched `!#if`-`!#endif` in linter](https://github.com/gorhill/uBlock/commit/9f4b31a96f)
- [Support links to update lists which are differential update-friendly](https://github.com/gorhill/uBlock/commit/5e3f9695b4)
- [Remove "Purge all caches" button from "Filter lists" pane](https://github.com/gorhill/uBlock/commit/bd7ce41224)
- [Add support for `all` list token in updater-link feature](https://github.com/gorhill/uBlock/commit/14926913f7)
- [Fix logging of broad exception filter `#@#+js()`](https://github.com/gorhill/uBlock/commit/4305ea9c0c)
- [Improve `no-xhr-if` scriptlet](https://github.com/gorhill/uBlock/commit/d01ad24291)
- [Ensure cache storage backend is selected before access](https://github.com/gorhill/uBlock/commit/bfa28b960e)
- [Fix popup panel rendering when embedded in logger](https://github.com/gorhill/uBlock/commit/4183ce477a)
- [Add visual hint in support information re. differential update](https://github.com/gorhill/uBlock/commit/7e44db763e)
- [Remove obsolete web accessible resources](https://github.com/gorhill/uBlock/commit/310bfec6a1)
- [Rename `urltransform` to `uritransform`](https://github.com/gorhill/uBlock/commit/cdc5e89f52)
- [Vertically expand/collapse in steps in dom inspector](https://github.com/gorhill/uBlock/commit/885bc3875b)
- [Reset the DOM inspector when URL in top context changes](https://github.com/gorhill/uBlock/commit/c744c87607)
- [Support shadow-piercing combinator `>>>` in `trusted-click-element`](https://github.com/gorhill/uBlock/commit/941077a25c)
- [Isolate DOM inspector layers from page context](https://github.com/gorhill/uBlock/commit/ee83a4304a)
- [Refactoring: Replace DOM events with broadcast channels](https://github.com/gorhill/uBlock/commit/67fb969572)
- [Support non-default sticky lists](https://github.com/gorhill/uBlock/commit/ea7d411bc2)
- [Add enableLazyLoad function](https://github.com/gorhill/uBlock/commit/a8cf08325d) (by @spazmodius )
- [Change frequency of save-to-storage blocking stats](https://github.com/gorhill/uBlock/commit/5a338b7210)
- [Improve `prevent-fetch` scriptlet](https://github.com/gorhill/uBlock/commit/6aeab2adbc)
- [Catch cases of `! Expires:` field with no value](https://github.com/gorhill/uBlock/commit/9ce958432d)2024-01-03T20:17:30+00:00mitmproxy 10.2.0mitmproxy 10.2.02024-01-04T12:00:27+00:00Changes: See [CHANGELOG.md](https://github.com/mitmproxy/mitmproxy/blob/main/CHANGELOG.md).
You can find the latest release packages at https://mitmproxy.org/downloads/.
2024-01-04T12:00:27+00:00mattermost-server v9.4.0mattermost-server v9.4.02024-01-04T18:47:08+00:00Pre-release of 9.4.0.2024-01-04T18:47:08+00:00mvt v2.5.0mvt v2.5.02024-01-04T19:11:43+00:00## What's Changed
* [auto] Update iOS releases and versions by @github-actions in https://github.com/mvt-project/mvt/pull/437
* Impovements for SMS module by @DonnchaC in https://github.com/mvt-project/mvt/pull/438
* Add `uri=True` in mvt/ios/modules/base.py by @msx98 in https://github.com/mvt-project/mvt/pull/442
* Circular reference in SMS module serialization by @roaree in https://github.com/mvt-project/mvt/pull/444
* dumpsys_accessibility.py: Spell accessibility correctly by @cclauss in https://github.com/mvt-project/mvt/pull/441
* [auto] Update iOS releases and versions by @github-actions in https://github.com/mvt-project/mvt/pull/439
## New Contributors
* @msx98 made their first contribution in https://github.com/mvt-project/mvt/pull/442
**Full Changelog**: https://github.com/mvt-project/mvt/compare/v2.4.5...v2.5.02024-01-04T19:11:43+00:00openlibrary deploy-2024-01-04openlibrary deploy-2024-01-042024-01-04T19:11:47+00:00Features:
- @xonx4l Add new "Volunteering" card to the "Welcome to Open Library" carousel (#8593)
- @jimchamp Always show CTA banner if no reading goal exists (#8606)
Design/UX:
- @bobmatyas Left-align "Add Cover Image" form (#8494)
- @mekarpeles Refactors and improves the My Books UI + architecture (#8597)
- @mekarpeles Fixes mybooks sidebar error on account settings (#8621)
- @jimchamp Change header titles for lists, shelves (#8666)
- @mekarpeles My Books visual fixes (#8629)
- @KshitijThareja Standardize the Edit button on Books page (#8594)
- @Abhishektharu Add `cursor: pointer` to non-standard buttons (#8578)
Librarians/Editing:
- @jimchamp Bulk Tagger updates (#8575)
- Can now remove tags
- Displays selected works' tags on load
- @Eds-Dbug Merge Queue tweaks (#8591)
- @xonx4l Disable bulk tagger's "Submit" button after submission is made (#8660)
- @jimchamp Gather stats on bulk tagging operations (#8644)
Performance:
- @cdrini Make some image/js lazy/late loading (#8568)
- @cdrini Only load recaptcha JS when needed + DRY recaptcha code (#8569)
- @JaydenTeoh Cache patron's loans to reduce IA requests (#7929)
Search:
- @stardust-s Allow special character to be handled in title search (#8624)
- Out in next solr deploy
- @cdrini Boost search via reading log, phrase boosting (#8628)
- @cdrini Make search results use userlang even if no ed query (#8642)
- @cdrini Lists in Solr (#8627)
- Out in next solr deploy
Internationalization:
- @benbdeitch Fix homepage books carousel shows english text after loading (#8586)
- @Nick3791 Fixes translated languages not being localized on edition edit page (#8622)
Fixes:
- @ClementineAccount Clear cookies when switching accounts (#8490)
- @sop-kim Limit textarea resize within page/container border (#8600)
- @rishabhkr-r111 Fixed inconsistent margin gap between search box and search button #8595 (#8647)
- @ClementineAccount Add non-link version of 'Not in Library' Button (#8524)
- @cdrini Revert blue "Check Options" but keep click behaviour (#8685)
- @siddoinghisjob Adds work subtitles to reading stats (#8638)
Imports:
- @jimchamp Trigger JIT imports during promise item import flow (#8516)
- @scottbarnes Fix: deduplicate subjects on works and list items on editions (#8663)
- @scottbarnes Make isbndb.py take an optional 'status' argument (#8648)
Process/Docs:
- @mekarpeles Create Design Proposal GitHub template (#8603)
- @mekarpeles updating good first issues url (#8619)
- @mekarpeles adds theme design to Design Proposal template (#8605)
- @mekarpeles moving readme to wiki (#8612)
- @jimchamp Add cautionary message to our Github issue templates (#8635)
- @jimchamp Emphasize importance of testing before opening a PR in CONTRIBUTING.md (#8673)
Code Quality:
- @jimchamp Remove `bookshelves_votes` table from `schema.sql` and pg dumps (#8616)
- @cdrini Re-architect openlibrary.solr / update_work for easier expansion (#8618)
- @cdrini Hotfix some bug in solr updater refactor (#8631)
- @jimchamp Address deprecation warnings during build (#8630)
- @jimchamp Add trailing space to `import_item` DB query (#8625)
Dev environemnt:
- @jimchamp Update commands for `pg_dump` generation (#8617)
Updates:
- @pre-commit-ci[bot] [pre-commit.ci] pre-commit autoupdate (#8613)
- @pre-commit-ci[bot] [pre-commit.ci] pre-commit autoupdate (#8641)
Stats:
- PR Authors: @jimchamp (11), @cdrini (8), @mekarpeles (7), @ClementineAccount (2), @pre-commit-ci[bot] (2), @scottbarnes (2), @xonx4l (2), @Abhishektharu (1), @Eds-Dbug (1), @JaydenTeoh (1), @KshitijThareja (1), @Nick3791 (1), @benbdeitch (1), @bobmatyas (1), @rishabhkr-r111 (1), @siddoinghisjob (1), @sop-kim (1), @stardust-s (1)
- PR Assignees: @mekarpeles (14), @jimchamp (12), @cdrini (11), @scottbarnes (5)
Full diff: https://github.com/internetarchive/openlibrary/compare/deploy-2023-12-07...deploy-2024-01-04
PRs: [is:pr is:merged merged:2023-12-07T22:40:25Z..2024-01-04T18:23:48Z sort:updated-asc](https://github.com/internetarchive/openlibrary/pulls?q=is%3Apr%20is%3Amerged%20merged%3A2023-12-07T22%3A40%3A25Z..2024-01-04T18%3A23%3A48Z%20sort%3Aupdated-asc)
2024-01-04T19:11:47+00:00bookmark-archiver v0.7.2bookmark-archiver v0.7.22024-01-04T19:25:10+00:00<img width="300" alt="Web version screenshot" align="right" src="https://github.com/ArchiveBox/ArchiveBox/assets/511499/ffb2d603-05e4-4481-b568-efa2825ab85f"/>
Get this release via `pip`, `docker`, `brew`, or `dpkg` (`apt` & `brew` releases are delayed).
```bash
# Get it with Pip on any OS (`amd64`, `arm64`, `arm/v7`)
pip install --upgrade 'archivebox==0.7.2'`
```
```bash
# Get it with Docker on any OS (`amd64`, `arm64`, `arm/v7`)
docker pull archivebox/archivebox:0.7.2
```
```bash
# Get it with brew on macOS (`amd64`, `arm64`)
brew tap archivebox/archivebox
brew install archivebox
pip install --upgrade 'archivebox==0.7.2'`
```
```bash
# Get it with apt on Ubuntu/Debian based systems (`any`)
wget 'https://github.com/ArchiveBox/debian-archivebox/raw/main/archivebox-0.7.1.deb'
apt install ./archivebox-0.7.1.deb
# OR
dpkg -i ./archivebox-0.7.1.deb
# then run pip install after
pip install --upgrade 'archivebox==0.7.2'`
```
<sup>Note: this is not packaged using "proper" debian techniques like 0.6.2 was, instead it's just a wrapper for executing `pip install archivebox` w/ a few extras. This is because ArchiveBox relies on some binary and dynamic dependencies (node, chrome, playwright, ffmpeg, yt-dlp, etc.) which aren't allowed in Debian packages.<br/>
(Launchpad `apt` `ppa` & `brew` updates coming eventually, packaging all the vendored binaries that archivebox depends on has gotten harder lately)</sup>
---
<img width="300" alt="CLI version screenshot" align="right" src="https://github.com/ArchiveBox/ArchiveBox/assets/511499/df00a0b8-a42f-4236-8e12-5e881c47d44e"/>
```bash
# Then run this to upgrade an existing collection data dir to 0.7.2
cd ~/path/to/data/dir
archivebox init
```
### What's Changed
- add `--tag=tag1,tag2,tag3` support to `archivebox schedule` command
- allow `PGID=0` root-group ownership of data dir (but PUID=0 is still not allowed)
- improve error messages, hints, and logging about permissions issues in Docker
- notify users when new ArchiveBox version is available on Github (thanks @benmuth!)
- bump dependency versions (yt-dlp, chrome, readability, node, python)
- warn when Docker `/` or `/data` volume mounts don't have any space available
- limit to compatible python version to >= 3.8 and <= 3.11
### Bug Fixes
- fix action buttons in Snapshot admin page not showing up correctly
- tag links immediately in first stage of `archivebox add` instead of at the end (so that imports that are paused or interrupted still get tagged correctly)
- fix config variables in `CHROME_USER_AGENT` format string not getting interpolated properly
- switch readability to prefer Chrome DOM dumps for article text instead of singlefile (because singlefile output is often huge and crashes readability/times out)
- make Docker image smaller by removing unneeded docs files
- better current version detection and remove annoying `+editable` string and also add BUILD_TIME
- fix `/browsers/*` does not exist warning on startup2024-01-04T19:25:10+00:00chipsec 1.12.7chipsec 1.12.72024-01-04T19:55:23+00:00## What's Changed
* Update README.md - Add OpenSSF badge by @npmitche in https://github.com/chipsec/chipsec/pull/2042
* Create SECURITY.md by @npmitche in https://github.com/chipsec/chipsec/pull/2043
* Fix UEFI Shell issue when importing options.py by @npmitche in https://github.com/chipsec/chipsec/pull/2044
**Full Changelog**: https://github.com/chipsec/chipsec/compare/1.12.6...1.12.72024-01-04T19:55:23+00:00influxdb v2.7.5influxdb v2.7.52024-01-05T19:23:19+00:00In addition to the list of changes below, please also see the [official release notes] (https://docs.influxdata.com/influxdb/v2.7/reference/release-notes/influxdb/) for other important information about this release.
v2.7.5 [2024/01/05]
------------------------------
### Bug Fixes
1. [cb1701f](https://github.com/influxdata/influxdb/commit/cb1701f): Only execute "init_config" on install
1. [66ebe36](https://github.com/influxdata/influxdb/commit/66ebe36): Enable Secure when using TLS and enable HttpOnly
1. [c169e98](https://github.com/influxdata/influxdb/commit/c169e98): Corrrectly return 4XX errors instead of 5XX errors
1. [09a9607](https://github.com/influxdata/influxdb/commit/09a9607): Prevent retention service creating orphaned shard files
### Features
1. [6159c85](https://github.com/influxdata/influxdb/commit/6159c85): Add authenticating ID and user ID to request logging
1. [6f7dc94](https://github.com/influxdata/influxdb/commit/6f7dc94): Write detailed logs from EDR failures
### Other
1. [306215d](https://github.com/influxdata/influxdb/commit/306215d): Chore: emit build commands during tests
1. [3688c45](https://github.com/influxdata/influxdb/commit/3688c45): Chore: upgrade flux
| OSS BINARY FILES | SHA256 |
| ---------------- | ------ |
| [influxdb2-2.7.5_linux_amd64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb2-2.7.5_linux_amd64.tar.gz) | a82b47634bf4925b66c4e461057df96521a2f1f225f9d93e8d733983e53fe529 |
| [influxdb2-2.7.5_darwin_amd64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb2-2.7.5_darwin_amd64.tar.gz) | 79f286dfaeedb02b545449674c2621d1c1a0e019cd9ed3ffd0bbdf06b22d42f1 |
| [influxdb2-2.7.5-windows.zip](https://dl.influxdata.com/influxdb/releases/influxdb2-2.7.5-windows.zip) | 93fc7c675bf7830c7b6a1108ae149ec45852eb6c771765583d4a5825c7cfaeac |
| [influxdb2-2.7.5_linux_arm64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb2-2.7.5_linux_arm64.tar.gz) | 3d2f7713c0bd7ccf3925ead15f1de83e29726e8211ffbd8542b9f5f69ba781df |
| OSS UBUNTU & DEBIAN PACKAGE FILES | SHA256 |
| --------------------------------- | ------ |
| [influxdb2_2.7.5-1_amd64.deb](https://dl.influxdata.com/influxdb/releases/influxdb2_2.7.5-1_amd64.deb) | ad07d065d2d3407640ca13d43a67ca6e2e1128e923f1e188082d7f78adcfb33b |
| [influxdb2_2.7.5-1_arm64.deb](https://dl.influxdata.com/influxdb/releases/influxdb2_2.7.5-1_arm64.deb) | 4986c8fbdbb133823b1750e2ae8e08a134a1b950f2de17aa1a77ea644681002b |
| OSS REDHAT & CENTOS PACKAGE FILES | SHA256 |
| --------------------------------- | ------ |
| [influxdb2-2.7.5-1.aarch64.rpm](https://dl.influxdata.com/influxdb/releases/influxdb2-2.7.5-1.aarch64.rpm) | 95ad31496fe46dc5b9f32664197cd1f2e821cf626d61919201b67a2c7a9f9652 |
| [influxdb2-2.7.5-1.x86_64.rpm](https://dl.influxdata.com/influxdb/releases/influxdb2-2.7.5-1.x86_64.rpm) | ca680bbc80b1e2dc168d55b46f5fb001c287edcae682bad07f2817e1debbd71d |2024-01-05T19:23:19+00:00PyPCAPKit v1.3.1.post2PyPCAPKit v1.3.1.post22024-01-06T10:11:32+00:002024-01-06T10:11:32+00:00mitmproxy 10.2.1mitmproxy 10.2.12024-01-06T14:17:27+00:00Changes: See [CHANGELOG.md](https://github.com/mitmproxy/mitmproxy/blob/main/CHANGELOG.md).
You can find the latest release packages at https://mitmproxy.org/downloads/.
2024-01-06T14:17:27+00:00BGPalerter v1.33.0BGPalerter v1.33.02024-01-06T19:22:09+00:00TODO2024-01-06T19:22:09+00:00ripgrep 14.1.0ripgrep 14.1.02024-01-06T19:41:59+00:00[Sponsorship is appreciated!](https://github.com/sponsors/BurntSushi/)
This is a minor release with a few small new features and bug fixes. This
release contains a bug fix for unbounded memory growth while walking a
directory tree. This release also includes improvements to the completions for
the `fish` shell, and release binaries for several additional ARM targets.
> In case you haven't heard of it before, ripgrep is a line-oriented search
> tool that recursively searches the current directory for a regex pattern.
> By default, ripgrep will respect gitignore rules and automatically skip
> hidden files/directories and binary files.
Bug fixes:
* [BUG #2664](https://github.com/BurntSushi/ripgrep/issues/2690):
Fix unbounded memory growth in the `ignore` crate.
Feature enhancements:
* Added or improved file type filtering for Lean and Meson.
* [FEATURE #2684](https://github.com/BurntSushi/ripgrep/issues/2684):
Improve completions for the `fish` shell.
* [FEATURE #2702](https://github.com/BurntSushi/ripgrep/pull/2702):
Add release binaries for `armv7-unknown-linux-gnueabihf`,
`armv7-unknown-linux-musleabihf` and `armv7-unknown-linux-musleabi`.2024-01-06T19:41:59+00:00bulk_extractor v2.0.6bulk_extractor v2.0.62024-01-07T21:03:24+00:00Minor packaging updates. 2024-01-07T21:03:24+00:00reckon v0.9.5reckon v0.9.52024-01-08T01:13:42+00:00## What's Changed
* Pin highline to 2.x branch. Fixes #127 by @benprew in https://github.com/cantino/reckon/pull/128
**Full Changelog**: https://github.com/cantino/reckon/compare/v0.9.4...v0.9.52024-01-08T01:13:42+00:00tidb v6.5.7tidb v6.5.72024-01-08T03:12:33+00:00For new features, improvements, and bug fixes released in 6.5.7 for tidb-server, see [TiDB 6.5.7 release notes](https://docs.pingcap.com/tidb/v6.5/release-6.5.7/).
See the difference from the issue perspective:
<details>
- pingcap/tidb#48808
- pingcap/tidb#49096
- pingcap/tidb#42739
- pingcap/tidb#48741
- pingcap/tidb#48983
- pingcap/tidb#49273
- pingcap/tidb#36004, close pingcap/tidb#38189
- pingcap/tidb#43385
- pingcap/tidb#47071
- pingcap/tidb#47071
- pingcap/tidb#49033
- pingcap/tidb#48164
- pingcap/tidb#49308
- pingcap/tidb#49526
- pingcap/tidb#49631
- pingcap/tidb#49369
- pingcap/tidb#46522
- pingcap/tidb#42337
- pingcap/tidb#49616
- pingcap/tidb#47634
- pingcap/tidb#49377
- pingcap/tidb#49285
- pingcap/tidb#49487
- pingcap/tidb#42931
- pingcap/tidb#44830
- pingcap/tidb#49414
- pingcap/tidb#48969
- pingcap/tidb#49498
- pingcap/tidb#48301
- pingcap/tidb#49801
</details>2024-01-08T03:12:33+00:00seaweedfs 3.61seaweedfs 3.612024-01-08T08:08:12+00:00## What's Changed
* Filer
* Fix v3.60 bug : panic: runtime error: invalid memory address or nil pointer dereference #5153
* WebDAV
* fix: return etag with md5 in webdav responses by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5158
* fix: webdav avoid create empty files by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5160
* chore: add maxMB option for webdav by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5165
* S3 API
* Fix missing VersionConfiguration node in get-bucket-versioning response by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5162
* Filer Sync
* chore: filer sync add doDeleteFiles option for create only mode by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5166
**Full Changelog**: https://github.com/seaweedfs/seaweedfs/compare/3.60...3.612024-01-08T08:08:12+00:00mattermost-server v9.4.1mattermost-server v9.4.12024-01-08T15:39:29+00:00Mattermost Platform Release 9.4.1 includes various new improvements and bug fixes.2024-01-08T15:39:29+00:00truffleHog v3.63.8truffleHog v3.63.82024-01-08T19:35:02+00:00## What's Changed
* Fix commit message single quote escaping on GitHub Action by @0x2b3bfa0 in https://github.com/trufflesecurity/trufflehog/pull/2259
* fix(deps): update module github.com/go-git/go-git/v5 to v5.11.0 [security] by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2263
* Fix non-ASCII whitespace on GitHub Action by @0x2b3bfa0 in https://github.com/trufflesecurity/trufflehog/pull/2270
* Update GitParse logic to handle edge case. by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2206
* [chore] Add test to check all versioned detectors are non-zero by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2272
* Update stripe detector regex by @NikhilPanwar in https://github.com/trufflesecurity/trufflehog/pull/2261
* Update to Sourcegraph Access token format by @shivasurya in https://github.com/trufflesecurity/trufflehog/pull/2254
* Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2278
* Bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0 by @dependabot in https://github.com/trufflesecurity/trufflehog/pull/2279
* Wrap temp deletion err by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2277
* 1833 Fix syslog udp by @df3rry in https://github.com/trufflesecurity/trufflehog/pull/1835
## New Contributors
* @0x2b3bfa0 made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/2259
* @NikhilPanwar made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/2261
* @df3rry made their first contribution in https://github.com/trufflesecurity/trufflehog/pull/1835
**Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.7...v3.63.82024-01-08T19:35:02+00:00syncthing v1.27.3-rc.1syncthing v1.27.3-rc.12024-01-09T07:18:24+00:00Bugfixes:
- #9039: Sync from Linux to Mac with ownership - Local additions after rescan
Enhancements:
- #8616: Add CLI completion
- #9151: Add "stay logged in" checkbox to login dialog
Other issues:
- #9267: Inconsistent version requirements in lib/build and lib/upgrade
- #9313: Different lengths used for short device IDs in UI
2024-01-09T07:18:24+00:00redis 7.0.15redis 7.0.152024-01-09T11:52:48+00:00Upgrade urgency SECURITY: See security fixes below.
Security fixes
==============
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
2024-01-09T11:52:48+00:00redis 7.2.4redis 7.2.42024-01-09T11:53:43+00:00Upgrade urgency SECURITY: See security fixes below.
Security fixes
==============
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes
=========
* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
* Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
* Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
2024-01-09T11:53:43+00:00mattermost-server v9.2.4mattermost-server v9.2.42024-01-09T14:42:17+00:00Mattermost Platform Release 9.2.4 contains Medium severity level security fixes.2024-01-09T14:42:17+00:00mattermost-server v9.1.5mattermost-server v9.1.52024-01-09T14:53:01+00:00Mattermost Platform Release 9.1.5 contains Medium severity level security fixes.2024-01-09T14:53:01+00:00wazuh v4.8.0-alpha2wazuh v4.8.0-alpha22024-01-09T14:55:00+00:00## Manager
### Added
- Added new query "rollback" to wazuh-db. ([#16058](https://github.com/wazuh/wazuh/pull/16058))
### Changed
- Vulnerability Detection refactor. ([#21201](https://github.com/wazuh/wazuh/pull/21201))
- Improved wazuh-db detection of deleted database files. ([#18476](https://github.com/wazuh/wazuh/pull/18476))
- Added timeout and retry parameters to the VirusTotal integration. ([#16893](https://github.com/wazuh/wazuh/pull/16893))
- Extended wazuh-analysisd EPS metrics with events dropped by overload and remaining credits in the previous cycle. ([#18988](https://github.com/wazuh/wazuh/pull/18988))
- Replaced Filebeat's date index name processor. ([#19819](https://github.com/wazuh/wazuh/pull/19819))
- Updated API and framework packages installation commands to use pip instead of direct invocation of setuptools. ([#18466](https://github.com/wazuh/wazuh/pull/18466))
- Upgraded docker-compose V1 to V2 in API Integration test scripts. ([#17750](https://github.com/wazuh/wazuh/pull/17750))
- Refactored how cluster status dates are treated in the cluster. ([#17015](https://github.com/wazuh/wazuh/pull/17015))
### Fixed
- Updated cluster connection cleanup to remove temporary files when the connection between a worker and a master is broken. ([#17886](https://github.com/wazuh/wazuh/pull/17886))
## Agent
### Added
- Added snap package manager support to Syscollector. ([#15740](https://github.com/wazuh/wazuh/pull/15740))
- Added event size validation for the external integrations. ([#17932](https://github.com/wazuh/wazuh/pull/17932))
- Added new unit tests for the AWS integration. ([#17623](https://github.com/wazuh/wazuh/pull/17623))
- Added mapping geolocation for AWS WAF integration. ([#20649](https://github.com/wazuh/wazuh/pull/20649))
### Changed
- Disabled host's IP query by Logcollector when ip_update_interval=0. ([#18574](https://github.com/wazuh/wazuh/pull/18574))
- The MS Graph integration module now supports multiple tenants. ([#19064](https://github.com/wazuh/wazuh/pull/19064))
- FIM now buffers the Linux audit events for who-data to prevent side effects in other components. ([#16200](https://github.com/wazuh/wazuh/pull/16200))
- The sub-process execution implementation has been improved. ([#19720](https://github.com/wazuh/wazuh/pull/19720))
- Refactored and modularized the AWS integration code. ([#17623](https://github.com/wazuh/wazuh/pull/17623))
### Fixed
- Fixed process path retrieval in Syscollector on Windows XP. ([#16839](https://github.com/wazuh/wazuh/pull/16839))
- Fixed detection of the OS version on Alpine Linux. ([#16056](https://github.com/wazuh/wazuh/pull/16056))
- Fixed Solaris 10 name not showing in the Dashboard. ([#18642](https://github.com/wazuh/wazuh/pull/18642))
## RESTful API
### Added
- Added new `GET /manager/version/check` endpoint to obtain information about new releases of Wazuh. ([#19952](https://github.com/wazuh/wazuh/pull/19952))
- Introduced an `auto` option for the ssl_protocol setting in the API configuration. This enables automatic negotiation of the TLS certificate to be used. ([#20420](https://github.com/wazuh/wazuh/pull/20420))
### Fixed
- Fixed a warning from SQLAlchemy involving detached Roles instances in RBAC. ([#20527](https://github.com/wazuh/wazuh/pull/20527))
### Removed
- Removed `PUT /vulnerability`, `GET /vulnerability/{agent_id}`, `GET /vulnerability/{agent_id}/last_scan` and `GET /vulnerability/{agent_id}/summary/{field}` API endpoints as they were deprecated in version 4.7.0. Use the Wazuh indexer REST API instead. ([#20119](https://github.com/wazuh/wazuh/pull/20119))
## Ruleset
### Added
- Added new SCA policy for Amazon Linux 2023. ([#17780](https://github.com/wazuh/wazuh/pull/17780))
- Added new SCA policy for Rocky Linux 8. ([#17784](https://github.com/wazuh/wazuh/pull/17784))
- Added rules to detect IcedID attacks. ([#19528](https://github.com/wazuh/wazuh/pull/19528))
### Changed
- SCA policy for Ubuntu Linux 18.04 rework. ([#18721](https://github.com/wazuh/wazuh/pull/18721))
- SCA policy for Ubuntu Linux 22.04 rework. ([#17515](https://github.com/wazuh/wazuh/pull/17515))
- SCA policy for Red Hat Enterprise Linux 7 rework. ([#18440](https://github.com/wazuh/wazuh/pull/18440))
- SCA policy for Red Hat Enterprise Linux 8 rework. ([#17770](https://github.com/wazuh/wazuh/pull/17770))
- SCA policy for Red Hat Enterprise Linux 9 rework. ([#17412](https://github.com/wazuh/wazuh/pull/17412))
- SCA policy for CentOS 7 rework. ([#17624](https://github.com/wazuh/wazuh/pull/17624))
- SCA policy for CentOS 8 rework. ([#18439](https://github.com/wazuh/wazuh/pull/18439))
- SCA policy for Debian 8 rework. ([#18010](https://github.com/wazuh/wazuh/pull/18010))
- SCA policy for Debian 10 rework. ([#17922](https://github.com/wazuh/wazuh/pull/17922))
- SCA policy for Amazon Linux 2 rework. ([#18695](https://github.com/wazuh/wazuh/pull/18695))
- SCA policy for SUSE Linux Enterprise 15 rework. ([#18985](https://github.com/wazuh/wazuh/pull/18985))
- SCA policy for macOS 13.0 Ventura rework. ([#19037](https://github.com/wazuh/wazuh/pull/19037))
- SCA policy for Microsoft Windows 10 Enterprise rework. ([#19515](https://github.com/wazuh/wazuh/pull/19515))
- SCA policy for Microsoft Windows 11 Enterprise rework. ([#20044](https://github.com/wazuh/wazuh/pull/20044))
- Update MITRE DB to v13.1. ([#17518](https://github.com/wazuh/wazuh/pull/17518))
## Other
### Changed
- Upgraded external aiohttp library dependency version to 3.8.5. ([#20003](https://github.com/wazuh/wazuh/pull/20003))
- Upgraded external cryptography library dependency version to 41.0.4. ([#20003](https://github.com/wazuh/wazuh/pull/20003))
- Upgraded external numpy library dependency version to 1.26.0. ([#20003](https://github.com/wazuh/wazuh/pull/20003))
- Upgraded external grpcio library dependency version to 1.58.0. ([#20003](https://github.com/wazuh/wazuh/pull/20003))
- Upgraded external pyarrow library dependency version to 14.0.1. ([#20003](https://github.com/wazuh/wazuh/pull/20003))
- Upgraded embedded Python version to 3.10.13. ([#20003](https://github.com/wazuh/wazuh/pull/20003))2024-01-09T14:55:00+00:00mattermost-server v8.1.8mattermost-server v8.1.82024-01-09T15:02:18+00:00Mattermost Platform Release 8.1.8 contains Medium severity level security fixes.2024-01-09T15:02:18+00:00MISP v2.4.183MISP v2.4.1832024-01-09T17:33:32+00:00![MISP screenshot](https://www.misp-project.org/img/blog/lookyloo-misp.png)
MISP 2.4.183 released with a new ECS log feature, improvements and bugs fixed.
- MISP now supports Elastic Common Schema (ECS) security logging. A new option has been added `Security.ecs_log` to enable this new functionality. A new `Security.alert_on_suspicious_logins` to security audit has been added.
- The sync configuration in MISP now supports sharing group blueprints for a simple creation of filter rules based on dynamically updated organisation lists.
- Major improvement to STIX import handling and especially the [misp-stix library](https://github.com/MISP/misp-stix) such as Parsing PE binary extensions within File observable objects and many more improvements/fixes.
- API add tag functions updated to also work with uuids, rather than just local IDs.
- [event:view] Added option to mass local cluster tag.
Many bugs fixed and minor improvements. Feel free to read the detailed [changelog](https://www.misp-project.org/Changelog.txt)
# MISP project knowledge bases
## MISP Objects
- New [flowintel CM](https://github.com/flowintel/flowintel-cm) object added.
## MISP Galaxy
A [new dedicated website has been developed](https://www.misp-galaxy.org/) to easily reference galaxy outside MISP.
- Improved [Sigma rules galaxy](https://github.com/MISP/misp-galaxy/blob/main/clusters/sigma-rules.json), [threat-actors database](https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json) with many new threat-actors
- New [disarm](https://www.disarm.foundation/) galaxy is now available. Including [Actor Types](https://www.misp-galaxy.org/disarm-actortypes/), [Countermeasures](https://www.misp-galaxy.org/disarm-countermeasures/), [Detections](https://www.misp-galaxy.org/disarm-detections/) and [Techniques](https://www.misp-galaxy.org/disarm-techniques/).
- New MITRE Atlas framework added. [MITRE ATLAS Attack Pattern](https://www.misp-galaxy.org/mitre-atlas-attack-pattern/), [MITRE ATLAS Course of Action](https://www.misp-galaxy.org/mitre-atlas-course-of-action/)
## MISP warning-lists
[Warning-lists updated](https://github.com/MISP/misp-warninglists) to the latest version from the different sources.
# Don't forget to follow us on Mastodon
The MISP project has its own Mastodon server [misp-community.org](https://misp-community.org/) - don't forget to follow @misp@misp-community.org on the fediverse. Core contributors of MISP can sign-up if they wish to have an account.
# MISP Professional Services
[MISP Professional Services (MPS)](https://www.misp-project.org/professional-services/) is a program handled by the lead developers of MISP Project, in order to offer highly skilled services around MISP and to support the sustainability of the MISP project. This initiative is meant to address the policy requirements of companies/organisations requiring commercial support contracts. Don't hesitate to get in touch with us if you need specific services.
2024-01-09T17:33:32+00:00moloch v5.0.0-rc2moloch v5.0.0-rc22024-01-09T19:43:56+00:00### [Installation Instructions](https://raw.githubusercontent.com/arkime/arkime/main/release/README.txt) | [5.x Upgrade instructions](https://arkime.com/faq#how_do_i_upgrade_to_arkime_5) | [Copyright Notices](https://s3.amazonaws.com/files.molo.ch/NOTICE.txt) | [FAQ](https://arkime.com/faq) | [CHANGELOG](https://raw.githubusercontent.com/arkime/arkime/main/CHANGELOG) | [JA4+ Install](https://arkime.com/ja4)
A db.pl upgrade is required when upgrading from 4.x
# ✨ What's new ✨
## BREAKING
- #2297 s3Compression/simpleCompression now defaults to zstd
- #2297 s3WriteGzip removed, use s3Compression=gzip for gzip instead of new zstd default
- #2297 s3GapPacketPos defaults to TRUE
- #2297 enablePacketDedup defaults to TRUE
- #2299 #2308 authMode defaults to digest now
- #2312 removed old v1 viewer APIs
- #2349 parliament password removed, must configure common auth via the UI before upgrading or manually in the config file see [parliament](https://arkime.com/settings#parliament) and [how do I upgrade to 5](https://arkime.com/faq#how_do_i_upgrade_to_arkime_5)
- #2402 WISE/tagger must now use http.request.FIELD/http.response.FIELD when referencing header defined with headers-http-request/headers-http-response
- #2450 Centos 7 build no longers includes pfring support
- #2453 Increase simpleCompressionBlockSize default to 64000
## Release
- #2448 zstd 1.5.5, nghttp2 1.57.0, maxmind 1.7.1, yara 4.2.3
- #2443 Centos 7, Ubuntu 18, Alpine use unofficial builds of node
- #2543 node v18.19.0
- #2447 support building on alpine
- #2549 use configure prefix more places (thanks @vpiserchia)
## All
- #2316 programs support same config file formats (ini/json/yaml) and retrieval (file, elasticsearch)
- #2419 json/yaml config file formats now allow arrays instead of comma/semi separated
- #2299 #2308 authMode setting added
- #2299 #2408 #2463 added authMode: basic, form, basic+form, basic+oidc, headerOnly, header+digest (same as header), header+basic
- #2387 notifiers for parliament and arkime merged conflicts mitigated by appending "Parliament" to parliament notifiers
- #2396 drop privileges is now AFTER http(s) list
- #2509 add optional login message for form auth
- #2511 new authOIDCScope setting
- #2482 new logoutUrl setting
- #2571 new scheme pcap reading
## Capture
- #2295 moloch converted to arkime
- #2312 override ips can now set any field
- #2312 overrideIpsFiles setting
- #2314 packetDropIpsFiles setting
- #2390 can have negative cert.validDays/cert.remainingDays (thanks @mcgillowen)
- #2390 added cert.remainingSeconds/cert.remainingSeconds (thanks @mcgillowen)
- #2390 cert.remainingDays is now based on the firstPacket of session instead of current time (thanks @mcgillowen)
- #2409 JA4 support
- #2409 JA3/JA4 support for smtp STARTTLS
- #2297 always build zstd (except arch)
- #2517 new custom-fields-remap feature
- #2186 count the number of http methods per session
- #2528 new oui.txt location, some names have changes, fixes #2347
- #2539 new tls:has_esni tag if the client hello has esni
- #2553 fix rules range matching not working always
- #2554 support fieldSet tcpflag rules
- #2576 support different dlt for pcap-over-ip
## Cont3xt
- #2121 new bulk UI and support for bulk queries
- #2271 lots of keyboard shortcut improvements
- #2383 new array syntax for links substitution
- #2382 new OpenSearch/Elasticsearch integration (config file only)
- #2441 new csv/json file/url/redis integration (config file only)
- #2385 new viewRoles in config file per integration to control access
- #2407 transfer ownership of resources
- #2437 new csv/json data source supports
- #2441 new redis data source support
- #2507 demoMode added
- #2527 skipChildren added
- #2532 new wise integration
## ESProxy
- #2483 #2484 support field updates/deletes
## Viewer
- #2296 removed x-moloch-auth
- #2392 files/history/stats now have cluster dropdown for multiviewer
- #2402 http.request.FIELD and http.response.FIELD supported
- #2404 add editor for resources
- #2407 transfer ownership of resources
- #2482 added uploadRoles to control who can upload
- #2501 add defaultTimeRange setting
- #2521 add footerTemplate setting
- #2525 add [config setting](https://arkime.com/settings#spiViewCategoryOrder) to set spiview category order
- #2523 resize session detail field label/values
- #2552 added %URIEncodedText% for URI encoded substitution (thanks @vpiserchia)
## Parliament
- #2377 dashboard-only mode removed, if you want users to just see the dashboard don't assign them the parliamentUser role
- #2395 configuration is now stored in opensearch/elasticsearch
- #2530 add Users page
## WISE
- #2537 new urlScrapePrefix/urlScrapeSuffix used with urlScrapeRedirect
- #2537 new jsonl format supported
### Download Info
We offer downloads for many different OS versions because of library differences. For example, use the el7 download for Centos 7 or RHEL 7. If you have a libssl version error, it is most likely that the wrong download was used for your OS. The moloch builds have the old filesystem layouts, we will stop providing the moloch builds in 2024
2024-01-09T19:43:56+00:00pycryptodome v3.20.0pycryptodome v3.20.02024-01-10T10:39:42+00:00New features
---------------
* Added support for TurboSHAKE128 and TurboSHAKE256.
* Added method ``Crypto.Hash.new()`` to generate a hash
object given a hash name.
* Added support for AES-GCM encryption of PBES2 and PKCS#8
containers.
* Added support for SHA-2 and SHA-3 algorithms in PBKDF2
when creating PBES2 and PKCS#8 containers.
* Export of RSA keys accepts the ``prot_params`` dictionary
as parameter to control the number of iterations for PBKDF2
and scrypt.
* C unit tests also run on non-x86 architectures.
Resolved issues
---------------
* GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.
2024-01-10T10:39:42+00:00pycryptodome v3.20.0xpycryptodome v3.20.0x2024-01-10T10:42:08+00:00New features
---------------
* Added support for TurboSHAKE128 and TurboSHAKE256.
* Added method ``Crypto.Hash.new()`` to generate a hash
object given a hash name.
* Added support for AES-GCM encryption of PBES2 and PKCS#8
containers.
* Added support for SHA-2 and SHA-3 algorithms in PBKDF2
when creating PBES2 and PKCS#8 containers.
* Export of RSA keys accepts the ``prot_params`` dictionary
as parameter to control the number of iterations for PBKDF2
and scrypt.
* C unit tests also run on non-x86 architectures.
Resolved issues
---------------
* GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.
2024-01-10T10:42:08+00:00DomainClassifier v1.1DomainClassifier v1.12024-01-10T15:50:59+00:00## v1.1 (2024-01-10)
### New
* [domainclassifier] add a simple cache of the TLDs list from IANA (to avoid downloading at each start of the library) [Alexandre Dulaunoy]
### Changes
* [dep] remove PyBGPranking for the time being. [Alexandre Dulaunoy]
* [domclassifier] add dns records redis cache + regex timeout. [terrtia]
* [domainclassifier] update req user-agent. [terrtia]
* [domainclassifier] clean-up code. [Alexandre Dulaunoy]
* [doc] updated. [Alexandre Dulaunoy]
* [lib] add the port option for recursive resolver outside the standard TCP/UDP 53 port. [Alexandre Dulaunoy]
* [doc] another cloud service vanished into a black hole. [Alexandre Dulaunoy]
### Fix
* [DomainClassifier] set optional dns port. [Alexandre Dulaunoy]
### Other
* Merge branch 'master' of github.com:adulau/DomainClassifier. [Alexandre Dulaunoy]
* Merge pull request #6 from Terrtia/master. [Alexandre Dulaunoy]
chg: [domclassifier] add dns records redis cache + regex timeout
* Merge pull request #5 from Terrtia/master. [Alexandre Dulaunoy]
chg: [domainclassifier] update req user-agent
2024-01-10T15:50:59+00:00rocksdb v8.10.0rocksdb v8.10.02024-01-10T19:52:20+00:00## 8.10.0 (12/15/2023)
### New Features
* Provide support for async_io to trim readahead_size by doing block cache lookup
* Added initial wide-column support in `WriteBatchWithIndex`. This includes the `PutEntity` API and support for wide columns in the existing read APIs (`GetFromBatch`, `GetFromBatchAndDB`, `MultiGetFromBatchAndDB`, and `BaseDeltaIterator`).
### Public API Changes
* Custom implementations of `TablePropertiesCollectorFactory` may now return a `nullptr` collector to decline processing a file, reducing callback overheads in such cases.
### Behavior Changes
* Make ReadOptions.auto_readahead_size default true which does prefetching optimizations for forward scans if iterate_upper_bound and block_cache is also specified.
* Compactions can be scheduled in parallel in an additional scenario: high compaction debt relative to the data size
* HyperClockCache now has built-in protection against excessive CPU consumption under the extreme stress condition of no (or very few) evictable cache entries, which can slightly increase memory usage such conditions. New option `HyperClockCacheOptions::eviction_effort_cap` controls the space-time trade-off of the response. The default should be generally well-balanced, with no measurable affect on normal operation.
### Bug Fixes
* Fix a corner case with auto_readahead_size where Prev Operation returns NOT SUPPORTED error when scans direction is changed from forward to backward.
* Avoid destroying the periodic task scheduler's default timer in order to prevent static destruction order issues.
* Fix double counting of BYTES_WRITTEN ticker when doing writes with transactions.
* Fix a WRITE_STALL counter that was reporting wrong value in few cases.
* A lookup by MultiGet in a TieredCache that goes to the local flash cache and finishes with very low latency, i.e before the subsequent call to WaitAll, is ignored, resulting in a false negative and a memory leak.
### Performance Improvements
* Java API extensions to improve consistency and completeness of APIs
- Extended `RocksDB.get([ColumnFamilyHandle columnFamilyHandle,] ReadOptions opt, ByteBuffer key, ByteBuffer value)` which now accepts indirect buffer parameters as well as direct buffer parameters
- Extended `RocksDB.put( [ColumnFamilyHandle columnFamilyHandle,] WriteOptions writeOpts, final ByteBuffer key, final ByteBuffer value)` which now accepts indirect buffer parameters as well as direct buffer parameters
- Added `RocksDB.merge([ColumnFamilyHandle columnFamilyHandle,] WriteOptions writeOptions, ByteBuffer key, ByteBuffer value)` methods with the same parameter options as `put(...)` - direct and indirect buffers are supported
- Added `RocksIterator.key( byte[] key [, int offset, int len])` methods which retrieve the iterator key into the supplied buffer
- Added `RocksIterator.value( byte[] value [, int offset, int len])` methods which retrieve the iterator value into the supplied buffer
- Deprecated `get(final ColumnFamilyHandle columnFamilyHandle, final ReadOptions readOptions, byte[])` in favour of `get(final ReadOptions readOptions, final ColumnFamilyHandle columnFamilyHandle, byte[])` which has consistent parameter ordering with other methods in the same class
- Added `Transaction.get( ReadOptions opt, [ColumnFamilyHandle columnFamilyHandle, ] byte[] key, byte[] value)` methods which retrieve the requested value into the supplied buffer
- Added `Transaction.get( ReadOptions opt, [ColumnFamilyHandle columnFamilyHandle, ] ByteBuffer key, ByteBuffer value)` methods which retrieve the requested value into the supplied buffer
- Added `Transaction.getForUpdate( ReadOptions readOptions, [ColumnFamilyHandle columnFamilyHandle, ] byte[] key, byte[] value, boolean exclusive [, boolean doValidate])` methods which retrieve the requested value into the supplied buffer
- Added `Transaction.getForUpdate( ReadOptions readOptions, [ColumnFamilyHandle columnFamilyHandle, ] ByteBuffer key, ByteBuffer value, boolean exclusive [, boolean doValidate])` methods which retrieve the requested value into the supplied buffer
- Added `Transaction.getIterator()` method as a convenience which defaults the `ReadOptions` value supplied to existing `Transaction.iterator()` methods. This mirrors the existing `RocksDB.iterator()` method.
- Added `Transaction.put([ColumnFamilyHandle columnFamilyHandle, ] ByteBuffer key, ByteBuffer value [, boolean assumeTracked])` methods which supply the key, and the value to be written in a `ByteBuffer` parameter
- Added `Transaction.merge([ColumnFamilyHandle columnFamilyHandle, ] ByteBuffer key, ByteBuffer value [, boolean assumeTracked])` methods which supply the key, and the value to be written/merged in a `ByteBuffer` parameter
- Added `Transaction.mergeUntracked([ColumnFamilyHandle columnFamilyHandle, ] ByteBuffer key, ByteBuffer value)` methods which supply the key, and the value to be written/merged in a `ByteBuffer` parameter
2024-01-10T19:52:20+00:00logstash v8.11.4logstash v8.11.42024-01-11T12:26:54+00:00Downloads: https://elastic.co/downloads/logstash
Release notes: https://www.elastic.co/guide/en/logstash/8.11/logstash-8-11-4.html2024-01-11T12:26:54+00:00py_webauthn v2.0.0py_webauthn v2.0.02024-01-11T16:18:23+00:00**Changes:**
- See **Breaking Changes** below
**Breaking Changes:**
- [Pydantic](https://docs.pydantic.dev/latest/) is no longer used by py_webauthn. If your project
calls any Pydantic-specific methods on classes provided by py_webauthn then you will need to
refactor those calls accordingly. Typical use of py_webauthn should not need any major refactor
related to this change, but please see **Breaking Changes** below ([#195](https://github.com/duo-labs/py_webauthn/pull/195))
- `webauthn.helpers.generate_challenge()` now always generates 64 random bytes and no longer accepts any arguments. Refactor your existing calls to remove any arguments ([#198](https://github.com/duo-labs/py_webauthn/pull/198))
- `webauthn.helpers.exceptions.InvalidClientDataJSONStructure` has been replaced by `webauthn.helpers.exceptions.InvalidJSONStructure` ([#195](https://github.com/duo-labs/py_webauthn/pull/195))
- `webauthn.helpers.json_loads_base64url_to_bytes()` has been removed ([#195](https://github.com/duo-labs/py_webauthn/pull/195))
- The `user_id` argument passed into `generate_registration_options()` is now `Optional[bytes]`
instead of a required `str` value. A random sequence of 64 bytes will be generated for `user_id`
if it is `None` ([#197](https://github.com/duo-labs/py_webauthn/pull/197))
- There are a few options available to refactor existing calls:
### Option 1: Use the `base64url_to_bytes()` helper
If you already store your WebAuthn user ID bytes as base64url-encoded strings then you can simply decode these strings to bytes using an included helper:
**Before:**
```py
options = generate_registration_options(
# ...
user_id: "3ZPk1HGhX_cul7z5UydfZE_vgnUYkOVshDNcvI1ILyQ",
)
```
**After:**
```py
from webauthn.helpers import bytes_to_base64url
options = generate_registration_options(
# ...
user_id: bytes_to_base64url("3ZPk1HGhX_cul7z5UydfZE_vgnUYkOVshDNcvI1ILyQ"),
)
```
### Option 2: Generate unique WebAuthn-specific identifiers for existing and new users
WebAuthn **strongly** encourages Relying Parties to use 64 randomized bytes for **every** user ID you pass into `navigator.credentials.create()`. This would be a second identifier used exclusively for WebAuthn that you associate along with your typical internal user ID.
py_webauthn includes a `generate_user_handle()` helper that can simplify the task of creating this special user identifier for your existing users in one go:
```py
from webauthn.helpers import generate_user_handle
# Pseudocode (imagine this is in some kind of migration script)
for user in get_all_users_in_db():
add_webauthn_user_id_to_db_for_user(
current_user=user.id,
webauthn_user_id=generate_user_handle(), # Generates 64 random bytes
)
```
You can also use this method when creating new users to ensure that all subsequent users have a WebAuthn-specific identifier as well:
```py
from webauthn.helpers import generate_user_handle
# ...existing user onboarding logic...
# Pseudocode
create_new_user_in_db(
# ...
webauthn_user_id=generate_user_handle(),
)
```
Once your users are assigned their second WebAuthn-specific ID you can then pass those bytes into `generate_registration_options()` on subsequent calls:
```py
# Pseudocode
webauthn_user_id: bytes = get_webauthn_user_id_bytes_from_db(current_user.id)
options = generate_registration_options(
# ...
user_id=webauthn_user_id,
)
```
### Option 3: Let `generate_registration_options()` generate a user ID for you
When the `user_id` argument is omitted then a random 64-byte identifier will be generated for you:
**Before:**
```py
options = generate_registration_options(
# ...
user_id: "USERIDGOESHERE",
)
```
**After:**
```py
# Pseudocode
webauthn_user_id: bytes | None = get_webauthn_user_id_bytes_from_db(
current_user=current_user.id,
)
options = generate_registration_options(
# ...
user_id=webauthn_user_id,
)
if webauthn_user_id is None:
# Pseudocode
store_webauthn_user_id_bytes_in_your_db(
current_user=current_user.id,
webauthn_user_id=options.user.id, # Randomly generated 64-bytes
)
```
### Option 4: Encode existing `str` argument to UTF-8 bytes
This technique is a quick win, but can be prone to base64url-related encoding and decoding quirks between browsers. **It is recommended you quickly follow this up with Option 2 or Option 3 above:**
**Before:**
```py
options = generate_registration_options(
# ...
user_id: "USERIDGOESHERE",
)
```
**After:**
```py
options = generate_registration_options(
# ...
user_id: "USERIDGOESHERE".encode('utf-8'),
)
```2024-01-11T16:18:23+00:00panda v1.6panda v1.62024-01-11T17:49:11+00:002024-01-11T17:49:11+00:00wazuh v4.7.2wazuh v4.7.22024-01-11T18:30:56+00:00## Manager
### Added
- Added minimum time constraint of 1 hour for Vulnerability Detector feed downloads. ([#21142](https://github.com/wazuh/wazuh/pull/21142))
### Fixed
- wazuh-remoted now includes the offending bytes in the warning about invalid message size from agents. ([#21011](https://github.com/wazuh/wazuh/pull/21011))
- Fixed a bug in the Windows Eventchannel decoder on handling Unicode characters. ([#20658](https://github.com/wazuh/wazuh/pull/20658))
- Fixed data validation at Windows Eventchannel decoder. ([#20735](https://github.com/wazuh/wazuh/pull/20735))
## Agent
### Added
- Added timeouts to external and Cloud integrations to prevent indefinite waiting for a response. ([#20638](https://github.com/wazuh/wazuh/pull/20638))
### Fixed
- The host_deny Active response now checks the IP parameter format. ([#20656](https://github.com/wazuh/wazuh/pull/20656))
- Fixed a bug in the Windows agent that might lead it to crash when gathering forwarded Windows events. ([#20594](https://github.com/wazuh/wazuh/pull/20594))
- The AWS integration now finds AWS configuration profiles that do not contain the `profile` prefix. ([#20447](https://github.com/wazuh/wazuh/pull/20447))
- Fixed parsing for regions argument of the AWS integration. ([#20660](https://github.com/wazuh/wazuh/pull/20660))
## Ruleset
### Added
- Added new SCA policy for Debian 12. ([#17565](https://github.com/wazuh/wazuh/pull/17565))
### Fixed
- Fixed AWS Macie fields used in some rules and removed unused AWS Macie Classic rules. ([#20663](https://github.com/wazuh/wazuh/pull/20663))
## Other
### Changed
- Upgraded external aiohttp library dependency version to 3.9.1. ([#20798](https://github.com/wazuh/wazuh/pull/20798))
- Upgraded pip dependency version to 23.3.2. ([#20632](https://github.com/wazuh/wazuh/issues/20632))2024-01-11T18:30:56+00:00uBlock 1.55.1b5uBlock 1.55.1b52024-01-12T23:02:18+00:00## Fixes / changes
- [Add support to toggle no-scripting switch with keyboard shortcut](https://github.com/gorhill/uBlock/commit/936444883f)
- [Do not exceed rate-limited calls to `handlerBehaviorChanged()`](https://github.com/gorhill/uBlock/commit/63fe18a761)
- [Shield some code paths against potentially tampered global properties](https://github.com/gorhill/uBlock/commit/534d877e95) (in scriptlets)
- [Do not prevent applying changes when lists are updating](https://github.com/gorhill/uBlock/commit/f6b726136c)
- [Add `elements` vararg to `prevent-addEventListener` scriptlet](https://github.com/gorhill/uBlock/commit/060f9d68fc)
- [Do not use tab character as field separator](https://github.com/gorhill/uBlock/commit/a9eb9630cf) (in logger)
- [Prevent `:others()` from hiding `html` tag](https://github.com/gorhill/uBlock/commit/9a104bcbd2)
----------
[Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.55.1b5...master)
To install the developer build:
- **Firefox**: Click [uBlock0_1.55.1b5.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.55.1b5/uBlock0_1.55.1b5.firefox.signed.xpi)
- [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox).
- **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>.
- **Thunderbird**: Download [uBlock0_1.55.1b5.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.55.1b5/uBlock0_1.55.1b5.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 91+ required)
- **Node.js**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.55.1b5.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.55.1b5/uBlock0_1.55.1b5.npm.tgz).
2024-01-12T23:02:18+00:00faker v3.2.3faker v3.2.32024-01-13T00:34:36+00:00## What's Changed
## [v3.2.3](https://github.com/faker-ruby/faker/tree/v3.2.3) (2024-01-12)
Happy 2024 with a new faker-ruby release.
This version includes bug fixes, docs typos fixes, and some changes on the contributing guides.
## faker-ruby is is not accepting new features proposals
As we [discussed here](https://github.com/orgs/faker-ruby/discussions/2877), we want to improve faker's performance and organization. There hasn't been to many bug reports and most of the open issues are related to performance and confusion around using faker.
As we have limited time to invest in faker, reviewing new generators and locales prevent us from focusing on the big picture work. With this decision, we hope to make the necessary changes for faker to go to the next level. Please read the Contributing guides for ways to help us get there.
## Bug fixes
* Fix Phone number long number and other updates by @stefannibrasil in https://github.com/faker-ruby/faker/pull/2842
* Favor 'The Room' instead of 'Room' by @kirkkwang in https://github.com/faker-ruby/faker/pull/2854
* Limit generated Discover cards to 19 digits by @jamie in https://github.com/faker-ruby/faker/pull/2845
* Fix Typo in README Link: Update sports.md to sport.md by @hatsu38 in https://github.com/faker-ruby/faker/pull/2859
* Fix country names and codes in address by @sudeeptarlekar in https://github.com/faker-ruby/faker/pull/2850
* fixed typo for README. Faker::JapaneseMedia::CowboyBebop by @jacoyutorius in https://github.com/faker-ruby/faker/pull/2863
* Fix typo in `Faker::Movies::HarryPotter.location` (Castelobruxo) by @leomartins1999 in https://github.com/faker-ruby/faker/pull/2866
* Fix flaky spec on `TestFakerFile#test_file_name` by @keshavbiswa in https://github.com/faker-ruby/faker/pull/2868
* Update `Internet#username` separator param to match with the example by @AlexandreL0pes in https://github.com/faker-ruby/faker/pull/2882
* fix polish bban_pattern by @artur1313 in https://github.com/faker-ruby/faker/pull/2887
## What's Changed
* Add benchmark by @salochara in https://github.com/faker-ruby/faker/pull/2855
* Freeze new generator and locales by @stefannibrasil in https://github.com/faker-ruby/faker/pull/2886
* Remove deprecate safe_email and free_email methods by @hatsu38 in https://github.com/faker-ruby/faker/pull/2841
* Update contribution guidelines and PULL_REQUEST_TEMPLATE by @stefannibrasil in https://github.com/faker-ruby/faker/pull/2878
* Remove unmaintained `History.md` by @y-yagi in https://github.com/faker-ruby/faker/pull/2880
* Adds Ruby 3.3 to the CI matrix by @m-nakamura145 in https://github.com/faker-ruby/faker/pull/2883
## Update local dependencies
* Bump rubocop from 1.58.0 to 1.59.0 by @dependabot in https://github.com/faker-ruby/faker/pull/2865
* Bump rubocop-minitest from 0.34.3 to 0.34.4 by @dependabot in https://github.com/faker-ruby/faker/pull/2884
* Bump minitest version by @stefannibrasil in https://github.com/faker-ruby/faker/pull/2889
## New Contributors
* @kirkkwang made their first contribution in https://github.com/faker-ruby/faker/pull/2854
* @jamie made their first contribution in https://github.com/faker-ruby/faker/pull/2845
* @hatsu38 made their first contribution in https://github.com/faker-ruby/faker/pull/2859
* @salochara made their first contribution in https://github.com/faker-ruby/faker/pull/2855
* @jacoyutorius made their first contribution in https://github.com/faker-ruby/faker/pull/2863
* @leomartins1999 made their first contribution in https://github.com/faker-ruby/faker/pull/2866
* @keshavbiswa made their first contribution in https://github.com/faker-ruby/faker/pull/2868
* @y-yagi made their first contribution in https://github.com/faker-ruby/faker/pull/2880
* @AlexandreL0pes made their first contribution in https://github.com/faker-ruby/faker/pull/2882
* @m-nakamura145 made their first contribution in https://github.com/faker-ruby/faker/pull/2883
* @artur1313 made their first contribution in https://github.com/faker-ruby/faker/pull/2887
**Full Changelog**: https://github.com/faker-ruby/faker/compare/v3.2.2...v.3.2.32024-01-13T00:34:36+00:00artifacts 20240112artifacts 202401122024-01-13T07:38:12+00:00Pre-release of version 20240112, for testing purposes2024-01-13T07:38:12+00:00PyPCAPKit v1.3.1.post3PyPCAPKit v1.3.1.post32024-01-13T10:11:38+00:00 - 4bcf604a Bumped version to 1.3.1.post3
- 64d0d235 Bumped build to 1
- 98c7406f Bumped version to 1.3.1.post2
- c970703f Bumped build to 1
2024-01-13T10:11:38+00:00truffleHog v3.63.9truffleHog v3.63.92024-01-14T03:54:00+00:00## What's Changed
* [chore] - update docs for pre-commit by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2280
* Ignore common false positives for Parseur Detector by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2229
* Ignore common Signable false positives by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2230
* fix(deps): update golang.org/x/exp digest to be819d1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2281
* [chore] - update test by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2283
* adding postgres detector by @dylanTruffle in https://github.com/trufflesecurity/trufflehog/pull/2108
* fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.1 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2282
* fix(deps): update golang.org/x/exp digest to 0dcbfd6 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2284
* fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.3 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2285
* Extend memory cache by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2275
* fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.19 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2286
* chore(deps): update alpine docker tag to v3.19 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2287
* chore(deps): update sigstore/cosign-installer action to v3.3.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2290
* fix(deps): update module cloud.google.com/go/storage to v1.36.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2291
* fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2292
* feat(installation): Implement checksum signature verification by @hibare in https://github.com/trufflesecurity/trufflehog/pull/2157
* fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2294
* fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0 by @renovate in https://github.com/trufflesecurity/trufflehog/pull/2295
* [chore] - small updates by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2288
* [feat] - Allow for the use of include/exclude path files for filesystem scans by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2297
* Individuate archive tests by @rosecodym in https://github.com/trufflesecurity/trufflehog/pull/2293
* [feat] - Provide CLI flag to only use custom verifiers by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2299
* Disable postgres detector because it it too sensitive by @dustin-decker in https://github.com/trufflesecurity/trufflehog/pull/2303
**Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.8...v3.63.92024-01-14T03:54:00+00:00jsPsych @jspsych/plugin-visual-search-circle@1.2.0jsPsych @jspsych/plugin-visual-search-circle@1.2.02024-01-14T18:11:10+00:00### Minor Changes
- [#3211](https://github.com/jspsych/jsPsych/pull/3211) [`37430e13`](https://github.com/jspsych/jsPsych/commit/37430e13e9645d90e853471010bee0c95c895954) Thanks [@jodeleeuw](https://github.com/jodeleeuw)! - Adds response_ends_trial parameter, with a default value of `true`
2024-01-14T18:11:10+00:00uBlock 1.55.1b7uBlock 1.55.1b72024-01-14T18:36:33+00:00## Fixes / changes
- [Provide visual feedback when applying changes in "Filter lists" pane](https://github.com/gorhill/uBlock/commit/c4bb8a0f64)
- [Empty query parameters must still use `=`](https://github.com/gorhill/uBlock/commit/1cac61a9a4)
- [Add support to toggle no-scripting switch with keyboard shortcut](https://github.com/gorhill/uBlock/commit/936444883f)
- [Do not exceed rate-limited calls to `handlerBehaviorChanged()`](https://github.com/gorhill/uBlock/commit/63fe18a761)
- [Shield some code paths against potentially tampered global properties](https://github.com/gorhill/uBlock/commit/534d877e95) (in scriptlets)
- [Do not prevent applying changes when lists are updating](https://github.com/gorhill/uBlock/commit/f6b726136c)
- [Add `elements` vararg to `prevent-addEventListener` scriptlet](https://github.com/gorhill/uBlock/commit/060f9d68fc)
- [Do not use tab character as field separator](https://github.com/gorhill/uBlock/commit/a9eb9630cf) (in logger)
- [Prevent `:others()` from hiding `html` tag](https://github.com/gorhill/uBlock/commit/9a104bcbd2)
----------
[Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.55.1b7...master)
To install the developer build:
- **Firefox**: Click [uBlock0_1.55.1b7.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.55.1b7/uBlock0_1.55.1b7.firefox.signed.xpi)
- [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox).
- **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>.
- **Thunderbird**: Download [uBlock0_1.55.1b7.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.55.1b7/uBlock0_1.55.1b7.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 91+ required)
- **Node.js**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.55.1b7.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.55.1b7/uBlock0_1.55.1b7.npm.tgz).
2024-01-14T18:36:33+00:00restic v0.16.3restic v0.16.32024-01-14T19:36:47+00:00This release fixes a couple of bugs on Windows and in the `restore` command. It also works around an unlikely yet possible situation with `rclone` which could potentially result in data loss.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at [the GitHub issue tracker](https://github.com/restic/restic/issues/new) or visit [the forum](https://forum.restic.net). If you already have restic >= 0.9.4, you can use `restic self-update` to get the latest version in a secure way.
The binaries released with each restic version are [reproducible](https://reproducible-builds.org/), which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the [Developer Documentation](https://github.com/restic/restic/blob/master/doc/developer_information.rst).
Changelog for restic 0.16.3 (2024-01-14)
=======================================
The following sections list the changes in restic 0.16.3 relevant to restic users. The changes are ordered by importance.
Summary
-------
* Fix [#4560](https://github.com/restic/restic/issues/4560): Improve errors for irregular files on Windows
* Fix [#4574](https://github.com/restic/restic/issues/4574): Support backup of deduplicated files on Windows again
* Fix [#4612](https://github.com/restic/restic/issues/4612): Improve error handling for `rclone` backend
* Fix [#4624](https://github.com/restic/restic/pull/4624): Correct `restore` progress information if an error occurs
* Fix [#4626](https://github.com/restic/restic/pull/4626): Improve reliability of restoring large files
Details
-------
* Bugfix #4560: Improve errors for irregular files on Windows
Since Go 1.21, most filesystem reparse points on Windows are considered to be irregular files. This caused restic to show an `error: invalid node type ""` error message for those files.
This error message has now been improved and includes the relevant file path: `error: nodeFromFileInfo path/to/file: unsupported file type "irregular"`. As irregular files are not required to behave like regular files, it is not possible to provide a generic way to back up those files.
[#4560](https://github.com/restic/restic/issues/4560) [#4620](https://github.com/restic/restic/pull/4620) https://forum.restic.net/t/windows-backup-error-invalid-node-type/6875
* Bugfix #4574: Support backup of deduplicated files on Windows again
With the official release builds of restic 0.16.1 and 0.16.2, it was not possible to back up files that were deduplicated by the corresponding Windows Server feature. This also applied to restic versions built using Go 1.21.0-1.21.4.
The Go version used to build restic has now been updated to fix this.
[#4574](https://github.com/restic/restic/issues/4574) [#4621](https://github.com/restic/restic/pull/4621)
* Bugfix #4612: Improve error handling for `rclone` backend
Since restic 0.16.0, if rclone encountered an error while listing files, this could in rare circumstances cause restic to assume that there are no files. Although unlikely, this situation could result in data loss if it were to happen right when the `prune` command is listing existing snapshots.
Error handling has now been improved to detect and work around this case.
[#4612](https://github.com/restic/restic/issues/4612) [#4618](https://github.com/restic/restic/pull/4618)
* Bugfix #4624: Correct `restore` progress information if an error occurs
If an error occurred while restoring a snapshot, this could cause the `restore` progress bar to show incorrect information. In addition, if a data file could not be loaded completely, then errors would also be reported for some already restored files.
Error reporting of the `restore` command has now been made more accurate.
[#4624](https://github.com/restic/restic/pull/4624) https://forum.restic.net/t/errors-restoring-with-restic-on-windows-server-s3/6943
* Bugfix #4626: Improve reliability of restoring large files
In some cases restic failed to restore large files that frequently contain the same file chunk. In combination with certain backends, this could result in network connection timeouts that caused incomplete restores.
Restic now includes special handling for such file chunks to ensure reliable restores.
[#4626](https://github.com/restic/restic/pull/4626) https://forum.restic.net/t/errors-restoring-with-restic-on-windows-server-s3/6943
2024-01-14T19:36:47+00:00jsPsych @jspsych/plugin-visual-search-circle@1.2.1jsPsych @jspsych/plugin-visual-search-circle@1.2.12024-01-14T19:41:01+00:00### Patch Changes
- [#3213](https://github.com/jspsych/jsPsych/pull/3213) [`7b797727`](https://github.com/jspsych/jsPsych/commit/7b797727fa3b2b384ef964eb53d74f474ec902ef) Thanks [@jodeleeuw](https://github.com/jodeleeuw)! - Fix display clearing problem introduced with version 1.2.0
2024-01-14T19:41:01+00:00svg2tikz v3.0.1svg2tikz v3.0.12024-01-14T21:04:01+00:00# What changed
- Version is now displayed in the inkscape extension
- Fix bug with arc where angles values were not replaced
- Fix trailing slash on shebang
2024-01-14T21:04:01+00:00Hashrat v1.16Hashrat v1.162024-01-14T23:57:55+00:002024-01-14T23:57:55+00:00Hashrat v1.17Hashrat v1.172024-01-15T10:22:13+00:002024-01-15T10:22:13+00:00Hashrat v1.18Hashrat v1.182024-01-15T11:10:07+00:002024-01-15T11:10:07+00:00Hashrat v1.19Hashrat v1.192024-01-15T11:23:53+00:002024-01-15T11:23:53+00:00kinto 16.3.0kinto 16.3.02024-01-15T13:17:05+00:00
**New features**
- Add a new ``kinto.admin_assets_path`` setting to specify the location on the Admin UI assets.
**Internal Changes**
- Publish to docker hub on tag (#3329)
- Publish to Pypi on tag (#3328)
- Switch to ruff insteaf of therapist+flake8+black+isort (#3321)
- Upgrade to SQLAlchemy 2 (fixes #3128)2024-01-15T13:17:05+00:00mattermost-server v9.4.2-rc1mattermost-server v9.4.2-rc12024-01-15T14:36:37+00:00Mattermost Platform Release 9.4.2-rc12024-01-15T14:36:37+00:00mattermost-server v9.3.1-rc1mattermost-server v9.3.1-rc12024-01-15T14:45:53+00:00Mattermost Platform Release 9.3.1-rc12024-01-15T14:45:53+00:00mattermost-server v9.2.5-rc1mattermost-server v9.2.5-rc12024-01-15T14:55:17+00:00Mattermost Platform Release 9.2.5-rc12024-01-15T14:55:17+00:00mattermost-server v8.1.9-rc1mattermost-server v8.1.9-rc12024-01-15T15:10:13+00:00Mattermost Platform Release 8.1.9-rc12024-01-15T15:10:13+00:00sigma r2024-01-15sigma r2024-01-152024-01-15T18:31:01+00:00### New Rules
- new: Binary Proxy Execution Via Dotnet-Trace.EXE
- new: Forfiles.EXE Child Process Masquerading
- new: GCP Access Policy Deleted
- new: GCP Break-glass Container Workload Deployed
- new: Google Workspace Application Access Levels Modified
- new: HackTool - EDRSilencer Execution
- new: HackTool - NoFilter Execution
- new: PUA - PingCastle Execution
- new: PUA - PingCastle Execution From Potentially Suspicious Parent
- new: Peach Sandstorm APT Process Activity Indicators
- new: Potential Peach Sandstorm APT C2 Communication Activity
- new: Potential Persistence Via AppCompat RegisterAppRestart Layer
- new: Potential Pikabot Infection - Suspicious Command Combinations Via Cmd.EXE
- new: Renamed PingCastle Binary Execution
- new: System Control Panel Item Loaded From Uncommon Location
- new: System Information Discovery Using System_Profiler
- new: System Integrity Protection (SIP) Disabled
- new: System Integrity Protection (SIP) Enumeration
- new: Windows Filtering Platform Blocked Connection From EDR Agent Binary
### Updated Rules
- update: Creation Of Non-Existent System DLL - Remove driver anchor and the System32 filter. The reason behind this is that an attacker can copy the file elsewhere and then use a system utility such as copy or xcopy located in the system32 folder to create it again. Which will bypass the rule.
- update: Findstr Launching .lnk File - Increase coverage by adding cases where the commandline ends with a double or a single quote.
- update: Forfiles Command Execution - Remove unnecessary selection and enhance metadata information
- update: Hacktool Execution - Imphash - Add additional imphash values to increase coverage
- update: Hacktool Named File Stream Created - Added new Imphash values for `EDRSandBlast`, `EDRSilencer` and `Forensia` utilities.
- update: Hypervisor Enforced Code Integrity Disabled - Add additional path for the HVCI config
- update: Potential DLL Sideloading Of Non-Existent DLLs From System Folders - Add SignatureStatus in the filter to exclude only valid signatures and decrease bypass.
- update: Potential Persistence Via MyComputer Registry Keys - Remove `SOFTWARE` registry key anchor to increase coverage for `WOW6432Node` cases
- update: Potential System DLL Sideloading From Non System Locations - Add iernonce.dll
- update: Potential System DLL Sideloading From Non System Locations - Remove the driver anchor from the filter to catch cases where the system is installed on non default C: driver
- update: Powershell Defender Disable Scan Feature - Add additional PowerShell MpPreference Cmdlets
- update: Remote PowerShell Session (PS Classic) - Reduce level to low
- update: Screen Capture Activity Via Psr.EXE - Add -start commandline variation
- update: System Information Discovery Using Ioreg - enhanced coverage with additional flags and cli options
- update: Tamper Windows Defender - PSClassic - Add additional PowerShell MpPreference Cmdlets
- update: Tamper Windows Defender - ScriptBlockLogging - Add additional PowerShell MpPreference Cmdlets
- update: Uncommon Extension Shim Database Installation Via Sdbinst.EXE - Add additional commandline flag that might trigger FPs
### Removed / Deprecated Rules
- remove: Svchost DLL Search Order Hijack - Deprecated in favor of the rule 6b98b92b-4f00-4f62-b4fe-4d1920215771. The reason is that for legit cases where the DLL is still present we can't filter out anything. We assume that the loading is done by a non valid/signed DLLs which will catch most cases. In cas the attacker had the option to sign the DLL with a valid signature he can bypass the rule.
### Fixed Rules
- fix: Enable LM Hash Storage - ProcCreation - Removed trailing slash from registry path
- fix: Potentially Suspicious EventLog Recon Activity Using Log Query Utilities - Fix typo in WMIC image name
- fix: Suspicious Greedy Compression Using Rar.EXE - Fix error in path selection
- fix: Suspicious Redirection to Local Admin Share - Add missing CommandLine field selection
- fix: System Information Discovery Via Wmic.EXE - Move to threat hunting and add additional filter to reduce noise coming from VMware Tools
### Acknowledgement
Thanks to @ahouspan, @bohops, @danielgottt, @frack113, @joshnck, @jstnk9, @meiliumeiliu, @MrSeccubus, @nasbench, @Neo23x0, @phantinuss, @qasimqlf, @slincoln-aiq, @st0pp3r, @tr0mb1r, @Tuutaans, @X-Junior, @zestsg for their contribution to this release
### Which Sigma rule package should I use?
A detailed explanation can be found in the [Releases.md](Releases.md) file. If you are new to Sigma, we recommend starting with the "Core" ruleset.
The [latest release package on GitHub](https://docs.github.com/en/repositories/releasing-projects-on-github/linking-to-releases#linking-to-the-latest-release) can always be found [here](https://github.com/SigmaHQ/sigma/releases/latest).
2024-01-15T18:31:01+00:00seaweedfs 3.62seaweedfs 3.622024-01-16T04:47:52+00:00## What's Changed
* Filer
* Removed problematic if statement by @jerebear12 in https://github.com/seaweedfs/seaweedfs/pull/5180
* chore: add status code for request_total metrics by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5188
* Volume Server
* fix write volume over size MaxPossibleVolumeSize by @kungf in https://github.com/seaweedfs/seaweedfs/pull/5190
* can vacuum volume when size mismatch by @kungf in https://github.com/seaweedfs/seaweedfs/pull/5200
* factor in existing ec volume count when estimating max volume count [#5191](https://github.com/seaweedfs/seaweedfs/issues/5191)
* Filer.sync
* Fix filer sync set offset by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5197
* Fix doDeleteFiles deletes files by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/5198
## New Contributors
* @kungf made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/5190
**Full Changelog**: https://github.com/seaweedfs/seaweedfs/compare/3.61...3.622024-01-16T04:47:52+00:00uBlock 1.55.1b8uBlock 1.55.1b82024-01-16T15:10:21+00:00## Fixes / changes
- [Fix improperly assembled `!#include` sublists](https://github.com/gorhill/uBlock/commit/0e00010b91)
- [Mark procedural filters with pseudo-elements selector as invalid](https://github.com/gorhill/uBlock/commit/757b8be9cd)
- [Prevent access to picker when "My filters" is not enabled](https://github.com/gorhill/uBlock/commit/bc641fc024)
- [Provide visual feedback when applying changes in "Filter lists" pane](https://github.com/gorhill/uBlock/commit/c4bb8a0f64)
- [Empty query parameters must still use `=`](https://github.com/gorhill/uBlock/commit/1cac61a9a4)
- [Add support to toggle no-scripting switch with keyboard shortcut](https://github.com/gorhill/uBlock/commit/936444883f)
- [Do not exceed rate-limited calls to `handlerBehaviorChanged()`](https://github.com/gorhill/uBlock/commit/63fe18a761)
- [Shield some code paths against potentially tampered global properties](https://github.com/gorhill/uBlock/commit/534d877e95) (in scriptlets)
- [Do not prevent applying changes when lists are updating](https://github.com/gorhill/uBlock/commit/f6b726136c)
- [Add `elements` vararg to `prevent-addEventListener` scriptlet](https://github.com/gorhill/uBlock/commit/060f9d68fc)
- [Do not use tab character as field separator](https://github.com/gorhill/uBlock/commit/a9eb9630cf) (in logger)
- [Prevent `:others()` from hiding `html` tag](https://github.com/gorhill/uBlock/commit/9a104bcbd2)
----------
[Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.55.1b8...master)
To install the developer build:
- **Firefox**: Click [uBlock0_1.55.1b8.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.55.1b8/uBlock0_1.55.1b8.firefox.signed.xpi)
- [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox).
- **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>.
- **Thunderbird**: Download [uBlock0_1.55.1b8.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.55.1b8/uBlock0_1.55.1b8.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 91+ required)
- **Node.js**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.55.1b8.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.55.1b8/uBlock0_1.55.1b8.npm.tgz).
2024-01-16T15:10:21+00:00dnstwist 20240116dnstwist 202401162024-01-16T20:51:37+00:00Changes:
- Full HTTP proxy support - including headless browser (perceptual hashing)
- New fuzzer: plural
- Added context manager support to class Fuzzer()
- Quicker permutations sorting
- Reduced exceptions
- Extended input validation for --fuzzers argument2024-01-16T20:51:37+00:00truffleHog v3.63.10truffleHog v3.63.102024-01-16T23:28:16+00:00## What's Changed
* added azure protos by @roxanne-tampus in https://github.com/trufflesecurity/trufflehog/pull/2304
* [fixup ] - Allow ssh cloning with AWS Code Commit by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2307
* Assume unauthenticated github scans have public visibility by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2308
* [chore] - Add regex and keyword for api_org tokens by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2240
**Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.63.9...v3.63.102024-01-16T23:28:16+00:00turbinia 20231116.1turbinia 20231116.12024-01-17T00:27:06+00:00* [add workaround for pinfo warning output](https://github.com/google/turbinia/commit/5f00e9bc31cc7df0d51fe3443e1ba007faab97a9)
**Full Changelog**: https://github.com/google/turbinia/compare/20231116...20231116.12024-01-17T00:27:06+00:00