http://open-source-security-software.net/releases.atom Recent releases 2022-05-25T20:49:10.466327+00:00 python-feedgen dnstwist 20211204 dnstwist 20211204 2021-12-04T15:53:14+00:00 2021-12-04T15:53:14+00:00 syncthing v1.18.5 syncthing v1.18.5 2021-12-07T10:16:21+00:00 Bugfixes: - #7715: Deleted encrypted files don't show up as locally changed in web UI Enhancements: - #7115: Use CRLF instead of LF in config.xml and .stignore on Windows - #8014: Send TLS SNI to relay server - #8021: Provide a way to preset GUI credentials with password hashing 2021-12-07T10:16:21+00:00 whids v1.8.0-beta.5 whids v1.8.0-beta.5 2021-12-07T21:25:35+00:00 ## Changes - Improved EDR event action handler - Improved file upload to manager to reduce memory impact of big file upload - migration to sod v1.5 - changed the way user are managed - changed logic around user authentication - added a way to create user from manager's CLI - auto generating OpenAPI definition from tests - OpenAPI definition ## Fixes - #87: Improve golang unit testing - #86: Fix golang unit tests - #85: Add API endpoint to manage IOCs spread on endpoints for detection - #84: Ability to config default actions on different criticality thresholds - #82: Action to produce short reports - #81: Change "Api-Key" Authentication header - #78: request feature - list closed report on a defined time period - #77: Missing query criticality parameter on get /endpoint call - #65: Archive reports - #66: Implement /endpoint/{UUID}/report/archive - #63: Make manager's data persistent 2021-12-07T21:25:35+00:00 whids v1.8.0.beta.5 whids v1.8.0.beta.5 2021-12-07T21:25:35+00:00 ## Changes - Improved EDR event action handler - Improved file upload to manager to reduce memory impact of big file upload - migration to sod v1.4 - changed the way user are managed - changed logic around user authentication - added a way to create user from manager's CLI - auto generating OpenAPI definition from tests - OpenAPI definition ## Fixes - #87: Improve golang unit testing - #86: Fix golang unit tests - #85: Add API endpoint to manage IOCs spread on endpoints for detection - #84: Ability to config default actions on different criticality thresholds - #82: Action to produce short reports - #81: Change "Api-Key" Authentication header - #78: request feature - list closed report on a defined time period - #77: Missing query criticality parameter on get /endpoint call - #65: Archive reports - #66: Implement /endpoint/{UUID}/report/archive - #63: Make manager's data persistent 2021-12-07T21:25:35+00:00 HyperDbg v0.1.0-beta HyperDbg v0.1.0-beta 2021-12-08T23:12:08+00:00 HyperDbg is **not** yet released but it is now available for testing! Please test it and provide us with your valuable feedback and possible bugs. Please follow the instructions [here](https://docs.hyperdbg.org/getting-started/build-and-install) to start using HyperDbg. **Full Changelog**: https://github.com/HyperDbg/HyperDbg/commits/v0.1.0-beta 2021-12-08T23:12:08+00:00 TheHive 4.1.15 TheHive 4.1.15 2021-12-09T10:20:06+00:00 ## [4.1.15](https://github.com/TheHive-Project/TheHive/milestone/85) (2021-12-06) **Implemented enhancements:** - [Feature Request] Add query to retrieve audit from an object [\#2266](https://github.com/TheHive-Project/TheHive/issues/2266) - [Feature Request] Sort similar Alerts by Observables [\#2270](https://github.com/TheHive-Project/TheHive/issues/2270) - [Enhancement] Add space after the title prefix from case template [\#2278](https://github.com/TheHive-Project/TheHive/issues/2278) **Fixed bugs:** - [Bug] Search without sort make queries slow [\#2261](https://github.com/TheHive-Project/TheHive/issues/2261) - [Bug] Marking an alert as read do not update it's "updatedAt" field [\#2262](https://github.com/TheHive-Project/TheHive/issues/2262) - [Bug] dataType removal doesn't work [\#2263](https://github.com/TheHive-Project/TheHive/issues/2263) - [Bug] Fix index creation and rebuild [\#2265](https://github.com/TheHive-Project/TheHive/issues/2265) 2021-12-09T10:20:06+00:00 whids v1.8.0-beta.6 whids v1.8.0-beta.6 2021-12-10T14:57:59+00:00 ## Fixes - #90 v1.8.0 beta5 bug - #91 Correlate and enrich Microsoft-Windows-Kernel-File ETW logs 2021-12-10T14:57:59+00:00 ursadb v1.4.0 ursadb v1.4.0 2021-12-14T01:19:06+00:00 Release refs/tags/v1.4.0 2021-12-14T01:19:06+00:00 ursadb v1.4.1 ursadb v1.4.1 2021-12-14T01:19:14+00:00 Release refs/tags/v1.4.1 2021-12-14T01:19:14+00:00 TheHive 4.1.16 TheHive 4.1.16 2021-12-20T07:08:59+00:00 ## [4.1.16](https://github.com/TheHive-Project/TheHive/milestone/86) (2021-12-17) **Implemented enhancements:** - [Feature Request] Remove persistent filters on "Similar Cases" tab [\#2282](https://github.com/TheHive-Project/TheHive/issues/2282) - [Enhancement] When observable data is too big, use hash [\#2288](https://github.com/TheHive-Project/TheHive/issues/2288) - Remove unnecessary log4j dependency [\#2291](https://github.com/TheHive-Project/TheHive/issues/2291) **Fixed bugs:** - [Bug] Index fails with immense terms [\#2289](https://github.com/TheHive-Project/TheHive/issues/2289) - [Bug] Marking an alert as read do not update it's "updatedAt" nor "updatedBy" field [\#2292](https://github.com/TheHive-Project/TheHive/issues/2292) 2021-12-20T07:08:59+00:00 rocksdb v6.27.3 rocksdb v6.27.3 2021-12-20T18:59:42+00:00 ## 6.27.3 (2021-12-10) ### Bug Fixes * Fixed a bug in TableOptions.prepopulate_block_cache which causes segmentation fault when used with TableOptions.partition_filters = true and TableOptions.cache_index_and_filter_blocks = true. * Fixed a bug affecting custom memtable factories which are not registered with the `ObjectRegistry`. The bug could result in failure to save the OPTIONS file. ## 6.27.2 (2021-12-01) ### Bug Fixes * Fixed a bug in rocksdb automatic implicit prefetching which got broken because of new feature adaptive_readahead and internal prefetching got disabled when iterator moves from one file to next. ## 6.27.1 (2021-11-29) ### Bug Fixes * Fixed a bug that could, with WAL enabled, cause backups, checkpoints, and `GetSortedWalFiles()` to fail randomly with an error like `IO error: 001234.log: No such file or directory` ## 6.27.0 (2021-11-19) ### New Features * Added new ChecksumType kXXH3 which is faster than kCRC32c on almost all x86\_64 hardware. * Added a new online consistency check for BlobDB which validates that the number/total size of garbage blobs does not exceed the number/total size of all blobs in any given blob file. * Provided support for tracking per-sst user-defined timestamp information in MANIFEST. * Added new option "adaptive_readahead" in ReadOptions. For iterators, RocksDB does auto-readahead on noticing sequential reads and by enabling this option, readahead_size of current file (if reads are sequential) will be carried forward to next file instead of starting from the scratch at each level (except L0 level files). If reads are not sequential it will fall back to 8KB. This option is applicable only for RocksDB internal prefetch buffer and isn't supported with underlying file system prefetching. * Added the read count and read bytes related stats to Statistics for tiered storage hot, warm, and cold file reads. * Added an option to dynamically charge an updating estimated memory usage of block-based table building to block cache if block cache available. It currently only includes charging memory usage of constructing (new) Bloom Filter and Ribbon Filter to block cache. To enable this feature, set `BlockBasedTableOptions::reserve_table_builder_memory = true`. * Add a new API OnIOError in listener.h that notifies listeners when an IO error occurs during FileSystem operation along with filename, status etc. * Added compaction readahead support for blob files to the integrated BlobDB implementation, which can improve compaction performance when the database resides on higher-latency storage like HDDs or remote filesystems. Readahead can be configured using the column family option `blob_compaction_readahead_size`. ### Bug Fixes * Prevent a `CompactRange()` with `CompactRangeOptions::change_level == true` from possibly causing corruption to the LSM state (overlapping files within a level) when run in parallel with another manual compaction. Note that setting `force_consistency_checks == true` (the default) would cause the DB to enter read-only mode in this scenario and return `Status::Corruption`, rather than committing any corruption. * Fixed a bug in CompactionIterator when write-prepared transaction is used. A released earliest write conflict snapshot may cause assertion failure in dbg mode and unexpected key in opt mode. * Fix ticker WRITE_WITH_WAL("rocksdb.write.wal"), this bug is caused by a bad extra `RecordTick(stats_, WRITE_WITH_WAL)` (at 2 place), this fix remove the extra `RecordTick`s and fix the corresponding test case. * EventListener::OnTableFileCreated was previously called with OK status and file_size==0 in cases of no SST file contents written (because there was no content to add) and the empty file deleted before calling the listener. Now the status is Aborted. * Fixed a bug in CompactionIterator when write-preared transaction is used. Releasing earliest_snapshot during compaction may cause a SingleDelete to be output after a PUT of the same user key whose seq has been zeroed. * Added input sanitization on negative bytes passed into `GenericRateLimiter::Request`. * Fixed an assertion failure in CompactionIterator when write-prepared transaction is used. We prove that certain operations can lead to a Delete being followed by a SingleDelete (same user key). We can drop the SingleDelete. * Fixed a bug of timestamp-based GC which can cause all versions of a key under full_history_ts_low to be dropped. This bug will be triggered when some of the ikeys' timestamps are lower than full_history_ts_low, while others are newer. * In some cases outside of the DB read and compaction paths, SST block checksums are now checked where they were not before. * Explicitly check for and disallow the `BlockBasedTableOptions` if insertion into one of {`block_cache`, `block_cache_compressed`, `persistent_cache`} can show up in another of these. (RocksDB expects to be able to use the same key for different physical data among tiers.) * Users who configured a dedicated thread pool for bottommost compactions by explicitly adding threads to the `Env::Priority::BOTTOM` pool will no longer see RocksDB schedule automatic compactions exceeding the DB's compaction concurrency limit. For details on per-DB compaction concurrency limit, see API docs of `max_background_compactions` and `max_background_jobs`. * Fixed a bug of background flush thread picking more memtables to flush and prematurely advancing column family's log_number. * Fixed an assertion failure in ManifestTailer. ### Behavior Changes * `NUM_FILES_IN_SINGLE_COMPACTION` was only counting the first input level files, now it's including all input files. * `TransactionUtil::CheckKeyForConflicts` can also perform conflict-checking based on user-defined timestamps in addition to sequence numbers. * Removed `GenericRateLimiter`'s minimum refill bytes per period previously enforced. ### Public API change * When options.ttl is used with leveled compaction with compactinon priority kMinOverlappingRatio, files exceeding half of TTL value will be prioritized more, so that by the time TTL is reached, fewer extra compactions will be scheduled to clear them up. At the same time, when compacting files with data older than half of TTL, output files may be cut off based on those files' boundaries, in order for the early TTL compaction to work properly. * Made FileSystem extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Clarified in API comments that RocksDB is not exception safe for callbacks and custom extensions. An exception propagating into RocksDB can lead to undefined behavior, including data loss, unreported corruption, deadlocks, and more. * Marked `WriteBufferManager` as `final` because it is not intended for extension. * Removed unimportant implementation details from table_properties.h * Add API `FSDirectory::FsyncWithDirOptions()`, which provides extra information like directory fsync reason in `DirFsyncOptions`. File system like btrfs is using that to skip directory fsync for creating a new file, or when renaming a file, fsync the target file instead of the directory, which improves the `DB::Open()` speed by ~20%. * `DB::Open()` is not going be blocked by obsolete file purge if `DBOptions::avoid_unnecessary_blocking_io` is set to true. * In builds where glibc provides `gettid()`, info log ("LOG" file) lines now print a system-wide thread ID from `gettid()` instead of the process-local `pthread_self()`. For all users, the thread ID format is changed from hexadecimal to decimal integer. * In builds where glibc provides `pthread_setname_np()`, the background thread names no longer contain an ID suffix. For example, "rocksdb:bottom7" (and all other threads in the `Env::Priority::BOTTOM` pool) are now named "rocksdb:bottom". Previously large thread pools could breach the name size limit (e.g., naming "rocksdb:bottom10" would fail). * Deprecating `ReadOptions::iter_start_seqnum` and `DBOptions::preserve_deletes`, please try using user defined timestamp feature instead. The options will be removed in a future release, currently it logs a warning message when using. ### Performance Improvements * Released some memory related to filter construction earlier in `BlockBasedTableBuilder` for `FullFilter` and `PartitionedFilter` case (#9070) 2021-12-20T18:59:42+00:00 MISP v2.4.152 MISP v2.4.152 2021-12-22T16:38:02+00:00 # MISP 2.4.152 released ![](https://www.misp-project.org/assets/images/misp/blog/timeline-improvement.png) MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more. The LinOTP authentication module has been improved to include a mixed mode where both OTP and MISP's usual password authentication can be used together. The timelining has been improved in several ways, such as the inclusion of images from objects, as well as various improvements in the timeline's sighting view. Several bugs were affecting this feature have also been fixed. A new optional synchronisation filtering has been added to allow for the removal of specific attribute or object types when syncing. The functionality is meant to be used by the final recipient organisations of a synchronisation chain, in order to filter out specific types of information due to legal or specific internal policies. The filtering feature is disabled by default and needs to be enabled in the general configuration. This feature is for ISACs or consumer organisations, not redistributing information to other MISP communities. A new STIX 1 and 2 export for attribute restSearch has been added in complement to the existing event export in STIX 1 and 2. The export works just like the other event level STIX export, all you need to do is specify the given STIX format as the return type when querying the attribute restSearch endpoint. Many internal improvements and bugs fixed. # MISP Modules - New [Qintel sentry module](https://misp.github.io/misp-modules/expansion/#qintel_qsentry) added. - [CIRCL hashlookup expansion](https://circl.lu/services/hashlookup/) SHA-256 support added. The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt). # MISP Taxonomies - New [political spectrum taxonomy](https://www.misp-project.org/taxonomies.html#_political_spectrum) added. - Improvement in exercise taxonomy. - New [deception taxonomy](https://www.misp-project.org/taxonomies.html#_deception) added. [MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available. # MISP Galaxy - New matrix [CONCORDIA Mobile Modelling Framework - Attack Pattern](https://www.misp-project.org/galaxy.html#_concordia_mobile_modelling_framework_attack_pattern) added (thanks to [Concordia H2020 project](https://www.concordia-h2020.eu/)). - Many update in threat actor, RAT and tools galaxy. [MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt) # MISP Objects - New Concordia intrusion set object. - New temporal event object. - Many improvements in user, person, postal-address, email object. - New relationships added such as `found-in`, `works-with`, `drives`. [MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt) # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . 2021-12-22T16:38:02+00:00 OpenTAXII 0.2.3 OpenTAXII 0.2.3 2021-12-27T14:49:38+00:00 Changelog ========= 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-12-27T14:49:38+00:00 OpenTAXII 0.3.0a2 OpenTAXII 0.3.0a2 2021-12-27T15:35:34+00:00 Changelog ========= 0.3.0a2 (2021-12-27) ------- * Merge changes from 0.2.3 maintenance release 0.3.0a1 ------- * Add python 3.10 support 0.3.0a0 ------- * Enablement for future taxii2 implementation * Fix documentation build issues 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-12-27T15:35:34+00:00 osquery 5.2.0 osquery 5.2.0 2021-12-29T02:28:52+00:00 Apple M1 Support! Release notes coming soon 2021-12-29T02:28:52+00:00 maltrail 0.41 maltrail 0.41 2021-12-31T23:11:06+00:00 Start-of-month release 2021-12-31T23:11:06+00:00 syncthing v1.18.6-rc.2 syncthing v1.18.6-rc.2 2022-01-04T08:25:40+00:00 Enhancements: - #8050: Display a warning when the ignore delete option is enabled - #8068: Request: show pending devices/folders in CLI 2022-01-04T08:25:40+00:00 pcileech v4.13 pcileech v4.13 2022-01-07T07:55:38+00:00 * Bug fixes. * Mount improvements: - Windows host file system support: Upgrade to [Dokany2](https://github.com/dokan-dev/dokany/releases) (NB! Dokany2 will have to be installed!). - Linux host file system support: FUSE support added. <br/>Example: `./pcileech mount /home/user/fusemnt/leechfs -kmd <your_kmd_address>` - Now possible to access other local drives than C: on Windows targets. * Visual Studio 2022 Support. 2022-01-07T07:55:38+00:00 DC3-MWCP 3.5.0 DC3-MWCP 3.5.0 2022-01-10T22:25:58+00:00 2022-01-10T22:25:58+00:00 osv v0.0.10 osv v0.0.10 2022-01-11T02:18:59+00:00 - Fix a version enumeration issue. 2022-01-11T02:18:59+00:00 syncthing v1.18.6 syncthing v1.18.6 2022-01-11T06:44:12+00:00 Enhancements: - #8050: Display a warning when the ignore delete option is enabled - #8068: Request: show pending devices/folders in CLI 2022-01-11T06:44:12+00:00 FIR python3.8 FIR python3.8 2022-01-11T10:24:38+00:00 2022-01-11T10:24:38+00:00 PyMOSP v0.4.3 PyMOSP v0.4.3 2022-01-12T11:21:48+00:00 ## Changes - [dependencies] Updated request and mypy. [Cédric Bonhomme] - Cosmethic changes. [Cédric Bonhomme] - Fixed conflict in AUTHORS.md file. [Cédric Bonhomme] - Minor changes in README file. [Cédric Bonhomme] ## Fix - [tests] fixed key name of the result. [Cédric Bonhomme] - Removed useless import and fixed duplicate value in mospobject.py. [Cédric Bonhomme] ## Other - Merge branch 'master' of github.com:CASES-LU/PyMOSP. [Cédric Bonhomme] - PEP 561 -- Distributing and Packaging Type Information. [Cédric Bonhomme] 2022-01-12T11:21:48+00:00 syncthing v1.19.0-rc.1 syncthing v1.19.0-rc.1 2022-01-18T13:01:41+00:00 Bugfixes: - #8103: API: /rest/system/connections has misleading "total" entries Enhancements: - #7428: Add ignore patterns to folder defaults - #8090: Allow specifying ports in --generate 2022-01-18T13:01:41+00:00 lynis 3.0.7 lynis 3.0.7 2022-01-18T13:28:06+00:00 ## Lynis 3.0.7 (2022-01-18) ### Added - MALW-3290 - Show status of malware components - OS detection for RHEL 6 and Funtoo Linux - Added service manager openrc ### Changed - DBS-1804 - Added alias for MariaDB - FINT-4316 - Support for newer Ubuntu versions - MALW-3280 - Added Trend Micro malware agent - NETW-3200 - Allow unknown number of spaces in modprobe blacklists - PKGS-7320 - Support for Garuda Linux and arch-audit - Several improvements for busybox shell - Russian translation of Lynis extended 2022-01-18T13:28:06+00:00 osquery 5.2.1 osquery 5.2.1 2022-01-18T18:47:56+00:00 yara bug fix 2022-01-18T18:47:56+00:00 PyMOSP v0.5.0 PyMOSP v0.5.0 2022-01-20T14:07:20+00:00 ### New - [object] it is now possible to delete an object from a MOSP instance with the API. [Cédric Bonhomme] ### Changes - [dependencies] Updated Python dependencies. [Cédric Bonhomme] - [tests] rename a test name. [Cédric Bonhomme] - Get MOSP instance URL from environment variable. [Cédric Bonhomme] - [workflow] Updated GitHub workflow. [Cédric Bonhomme] - [tests] enable test_create_object. [Cédric Bonhomme] - [tests] tests are now using the test instance of MOSP. [Cédric Bonhomme] ### Fix - [typing] delete_object returns the id of the deleted object. [Cédric Bonhomme] - Fixed an issue when creating new objects. [Cédric Bonhomme] - [workflow] Updated GitHub workflow. [Cédric Bonhomme] 2022-01-20T14:07:20+00:00 dnstwist 20220120 dnstwist 20220120 2022-01-20T17:26:24+00:00 2022-01-20T17:26:24+00:00 pia v3.0.3 pia v3.0.3 2022-01-21T08:31:50+00:00 ## What's Changed * docs: add missing MD Files from previous PIA versions by @brunto in https://github.com/LINCnil/pia/pull/582 * Update styles for tinymce by @kevin-atnos in https://github.com/LINCnil/pia/pull/583 * feat: prepare new architect version for pia-i18n by @syl-p in https://github.com/LINCnil/pia/pull/578 * fix: replace odt by doc by @Timothee-Picard in https://github.com/LINCnil/pia/pull/597 * v.3.0.1 → v3.0.2 by @DimitriPapadopoulos in https://github.com/LINCnil/pia/pull/592 ## New Contributors * @DimitriPapadopoulos made their first contribution in https://github.com/LINCnil/pia/pull/592 **Full Changelog**: https://github.com/LINCnil/pia/compare/v3.0.2...v3.0.3 2022-01-21T08:31:50+00:00 OpenTAXII 0.3.0a3 OpenTAXII 0.3.0a3 2022-01-21T19:19:41+00:00 Changelog ========= 0.3.0a3 (2022-01-21) -------------------- * Fix bug that prevented booting with only taxii1 config (`#217 <https://github.com/eclecticiq/OpenTAXII/issues/217>`_ thanks `@azurekid <https://github.com/azurekid>`_ for the report) 0.3.0a2 (2021-12-27) -------------------- * Merge changes from 0.2.3 maintenance release 0.3.0a1 ------- * Add python 3.10 support 0.3.0a0 ------- * Enablement for future taxii2 implementation * Fix documentation build issues 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/210>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2022-01-21T19:19:41+00:00 TheHive 4.1.17 TheHive 4.1.17 2022-01-26T06:29:08+00:00 ## [4.1.17](https://github.com/TheHive-Project/TheHive/milestone/87) (2022-01-24) **Implemented enhancements:** - [Enhancement] Improve migration tool by accepting old versions of TheHive [\#2305](https://github.com/TheHive-Project/TheHive/issues/2305) - Security concern [\#2309](https://github.com/TheHive-Project/TheHive/issues/2309) **Fixed bugs:** - [Bug] Action 'mergeCase' not mapped in v0 [\#2304](https://github.com/TheHive-Project/TheHive/issues/2304) - Can't start after upgrade thehive4 (4.1.16-1) over (4.0.0-1) [Bug] [\#2308](https://github.com/TheHive-Project/TheHive/issues/2308) - [Bug] Notifications are executed several times [\#2317](https://github.com/TheHive-Project/TheHive/issues/2317) 2022-01-26T06:29:08+00:00 syncthing v1.19.0-rc.2 syncthing v1.19.0-rc.2 2022-01-27T13:34:57+00:00 Bugfixes: - #8103: API: /rest/system/connections has misleading "total" entries Enhancements: - #7428: Add ignore patterns to folder defaults - #8090: Allow specifying ports in --generate 2022-01-27T13:34:57+00:00 dnstwist 20220131 dnstwist 20220131 2022-01-31T19:46:27+00:00 2022-01-31T19:46:27+00:00 maltrail 0.42 maltrail 0.42 2022-01-31T23:11:08+00:00 Start-of-month release 2022-01-31T23:11:08+00:00 syncthing v1.19.0 syncthing v1.19.0 2022-02-01T11:55:53+00:00 Bugfixes: - #8103: API: /rest/system/connections has misleading "total" entries Enhancements: - #7428: Add ignore patterns to folder defaults - #8090: Allow specifying ports in --generate 2022-02-01T11:55:53+00:00 rocksdb v6.28.2 rocksdb v6.28.2 2022-02-02T17:56:55+00:00 ## 6.28.2 (2022-01-31) ### Bug Fixes * Fixed a major bug in which batched MultiGet could return old values for keys deleted by DeleteRange when memtable Bloom filter is enabled (memtable_prefix_bloom_size_ratio > 0). (The fix includes a substantial MultiGet performance improvement in the unusual case of both memtable_whole_key_filtering and prefix_extractor.) ## 6.28.1 (2022-01-10) ### Bug Fixes * Fixed compilation errors on newer compiler, e.g. clang-12 ## 6.28.0 (2021-12-17) ### New Features * Introduced 'CommitWithTimestamp' as a new tag. Currently, there is no API for user to trigger a write with this tag to the WAL. This is part of the efforts to support write-commited transactions with user-defined timestamps. ### Bug Fixes * Fixed a bug in rocksdb automatic implicit prefetching which got broken because of new feature adaptive_readahead and internal prefetching got disabled when iterator moves from one file to next. * Fixed a bug in TableOptions.prepopulate_block_cache which causes segmentation fault when used with TableOptions.partition_filters = true and TableOptions.cache_index_and_filter_blocks = true. * Fixed a bug affecting custom memtable factories which are not registered with the `ObjectRegistry`. The bug could result in failure to save the OPTIONS file. * Fixed a bug causing two duplicate entries to be appended to a file opened in non-direct mode and tracked by `FaultInjectionTestFS`. * Fixed a bug in TableOptions.prepopulate_block_cache to support block-based filters also. * Block cache keys no longer use `FSRandomAccessFile::GetUniqueId()` (previously used when available), so a filesystem recycling unique ids can no longer lead to incorrect result or crash (#7405). For files generated by RocksDB >= 6.24, the cache keys are stable across DB::Open and DB directory move / copy / import / export / migration, etc. Although collisions are still theoretically possible, they are (a) impossible in many common cases, (b) not dependent on environmental factors, and (c) much less likely than a CPU miscalculation while executing RocksDB. ### Behavior Changes * MemTableList::TrimHistory now use allocated bytes when max_write_buffer_size_to_maintain > 0(default in TrasactionDB, introduced in PR#5022) Fix #8371. ### Public API change * Extend WriteBatch::AssignTimestamp and AssignTimestamps API so that both functions can accept an optional `checker` argument that performs additional checking on timestamp sizes. * Introduce a new EventListener callback that will be called upon the end of automatic error recovery. ### Performance Improvements * Replaced map property `TableProperties::properties_offsets` with uint64_t property `external_sst_file_global_seqno_offset` to save table properties's memory. * Block cache accesses are faster by RocksDB using cache keys of fixed size (16 bytes). ### Java API Changes * Removed Java API `TableProperties.getPropertiesOffsets()` as it exposed internal details to external users. 2022-02-02T17:56:55+00:00 MISP v2.4.153 MISP v2.4.153 2022-02-04T16:13:01+00:00 # MISP 2.4.153 released ![](https://www.misp-project.org/img/blog/timeline-improvement.png) - MISP UI translation in Thai added. - Improved the debugging of the synchronisation, including more meaningful messages in debug logs. - Significant improvements in the [misp-stix library](https://github.com/MISP/misp-stix), to support additional import coverage of files along with improvements to the STIX export. - Improved debugging in the TLS handshake for synchronisation. - Additional CLI tests for security. - Markdown-IT library updated to the latest version, including security fixes to version 12.3.2. - Improvements in the various MISP install scripts. Many internal improvements and bug fixes. As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. # MISP Modules - New [VirusTotal collection export](https://misp.github.io/misp-modules/export_mod/#virustotal_collections) module added. - Improved i[Crowdstrike falcon expansion](https://misp.github.io/misp-modules/expansion/#crowdstrike_falcon) module. - [Censys enrich module](https://misp.github.io/misp-modules/expansion/#censys_enrich) updated for the new API of Censys. - [New MWDB push module](https://misp.github.io/misp-modules/expansion/#mwdb) for malware sample in MISP. - Various fixes to existing modules. The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt). # MISP Taxonomies - New [State responsibility taxonomy](https://www.misp-project.org/taxonomies.html#_state_responsibility) added. - [Workflow taxonomy](https://www.misp-project.org/taxonomies.html#_workflow) improved. - [runtime-packers](https://www.misp-project.org/taxonomies.html#_runtime_packer) taxonomy improved. - New [Unified Kill Chain taxonomy](https://www.misp-project.org/taxonomies.html#_unified_kill_chain) added. [MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available. # MISP Galaxy - New surveillance group added "Cytrox". - New [threat-actor](https://www.misp-project.org/galaxy.html#_threat_actor) such as SideCopy, AQUATIC PANDA and others. - Many updates. [MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt) # MISP Objects - New social and personal relationships for MISP objects based on [FOAF relationships](https://www.perceive.net/schemas/20020722/relationship/). - [Probabilistic data structure object](https://www.misp-project.org/objects.html#_probabilistic_data_structure) added and describes a space-efficient data structure such as Bloom filter or similar structure. - Many improvements in GTP, diameter and SS7 attack template objects. - New STIX 2.1 objects such artifact and identity available as MISP template object. - Many improvements to different MISP object templates. [MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt) # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . 2022-02-04T16:13:01+00:00 osquery 5.2.2 osquery 5.2.2 2022-02-04T16:30:54+00:00 Native M1 Support. Very Exciting. Release notes coming soon 2022-02-04T16:30:54+00:00 pcileech v4.14 pcileech v4.14 2022-02-05T15:21:05+00:00 * Process Virtual Memory support (Windows only). - Commands: search, patch, write, display, pagedisplay - Example: pcileech patch -pid 732 -sig unlock_win10x64.sig 2022-02-05T15:21:05+00:00 TheHive 4.1.18 TheHive 4.1.18 2022-02-07T13:53:30+00:00 ## [4.1.18](https://github.com/TheHive-Project/TheHive/milestone/88) (2022-02-07) **Implemented enhancements:** - [Enhancement] Integrity check improvement [\#2334](https://github.com/TheHive-Project/TheHive/issues/2334) - [Enhancement] Improve migration tool [\#2335](https://github.com/TheHive-Project/TheHive/issues/2335) **Fixed bugs:** - [Bug] "Character 8211 cannot match AsciiSet because it is out of range" error when downloading a report [\#1534](https://github.com/TheHive-Project/TheHive/issues/1534) - [Bug] Can add a "space" as observable [\#2324](https://github.com/TheHive-Project/TheHive/issues/2324) - [Bug]- Migration from Hive 3.4.4 to Hive 4.1.17 not working [\#2331](https://github.com/TheHive-Project/TheHive/issues/2331) - [Bug] Duplicated entities after "db.janusgraph.forceDropAndRebuildIndex: true" with Elasticsearch index [\#2333](https://github.com/TheHive-Project/TheHive/issues/2333) - [Bug] Query with parendId filter doesn't work (v0) [\#2336](https://github.com/TheHive-Project/TheHive/issues/2336) 2022-02-07T13:53:30+00:00 syncthing v1.19.1-rc.1 syncthing v1.19.1-rc.1 2022-02-08T07:07:17+00:00 Bugfixes: - #7850: junctionsAsDirs requires folder pause and resume to trigger - #7924: notify: File mode change events not emitted on MacOS/FSEvents watcher - #8083: Device ID should be read-only and "nearby devices" should be hidden when adding a new pending device - #8143: Behavior of discovery server doesn't match documentation - #8145: Folder ID not editable in add folder dialog Enhancements: - #7942: Improve error message about folder marker outside of folder - #8130: CLI: add command to print pending folders offered by specific device 2022-02-08T07:07:17+00:00 osv v0.0.11 osv v0.0.11 2022-02-15T00:03:22+00:00 - NuGet and RubyGems version expansion support 2022-02-15T00:03:22+00:00 osv v0.0.12 osv v0.0.12 2022-02-15T00:25:39+00:00 - Fix an import issue. 2022-02-15T00:25:39+00:00 osv v0.0.13 osv v0.0.13 2022-02-15T06:12:46+00:00 - Update NuGet API endpoint to fix outdated version expansion. 2022-02-15T06:12:46+00:00 rocksdb v6.29.3 rocksdb v6.29.3 2022-02-18T21:04:08+00:00 # Rocksdb Change Log ## 6.29.3 (02/17/2022) ### Bug Fixes * Fix a data loss bug for 2PC write-committed transaction caused by concurrent transaction commit and memtable switch (#9571). ## 6.29.2 (02/15/2022) ### Performance Improvements * DisableManualCompaction() doesn't have to wait scheduled manual compaction to be executed in thread-pool to cancel the job. ## 6.29.1 (01/31/2022) ### Bug Fixes * Fixed a major bug in which batched MultiGet could return old values for keys deleted by DeleteRange when memtable Bloom filter is enabled (memtable_prefix_bloom_size_ratio > 0). (The fix includes a substantial MultiGet performance improvement in the unusual case of both memtable_whole_key_filtering and prefix_extractor.) ## 6.29.0 (01/21/2022) Note: The next release will be major release 7.0. See https://github.com/facebook/rocksdb/issues/9390 for more info. ### Public API change * Added values to `TraceFilterType`: `kTraceFilterIteratorSeek`, `kTraceFilterIteratorSeekForPrev`, and `kTraceFilterMultiGet`. They can be set in `TraceOptions` to filter out the operation types after which they are named. * Added `TraceOptions::preserve_write_order`. When enabled it guarantees write records are traced in the same order they are logged to WAL and applied to the DB. By default it is disabled (false) to match the legacy behavior and prevent regression. * Made the Env class extend the Customizable class. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * `Options::OldDefaults` is marked deprecated, as it is no longer maintained. * Add ObjectLibrary::AddFactory and ObjectLibrary::PatternEntry classes. This method and associated class are the preferred mechanism for registering factories with the ObjectLibrary going forward. The ObjectLibrary::Register method, which uses regular expressions and may be problematic, is deprecated and will be in a future release. * Changed `BlockBasedTableOptions::block_size` from `size_t` to `uint64_t`. * Added API warning against using `Iterator::Refresh()` together with `DB::DeleteRange()`, which are incompatible and have always risked causing the refreshed iterator to return incorrect results. ### Behavior Changes * `DB::DestroyColumnFamilyHandle()` will return Status::InvalidArgument() if called with `DB::DefaultColumnFamily()`. * On 32-bit platforms, mmap reads are no longer quietly disabled, just discouraged. ### New Features * Added `Options::DisableExtraChecks()` that can be used to improve peak write performance by disabling checks that should not be necessary in the absence of software logic errors or CPU+memory hardware errors. (Default options are slowly moving toward some performance overheads for extra correctness checking.) ### Performance Improvements * Improved read performance when a prefix extractor is used (Seek, Get, MultiGet), even compared to version 6.25 baseline (see bug fix below), by optimizing the common case of prefix extractor compatible with table file and unchanging. ### Bug Fixes * Fix a bug that FlushMemTable may return ok even flush not succeed. * Fixed a bug of Sync() and Fsync() not using `fcntl(F_FULLFSYNC)` on OS X and iOS. * Fixed a significant performance regression in version 6.26 when a prefix extractor is used on the read path (Seek, Get, MultiGet). (Excessive time was spent in SliceTransform::AsString().) ### New Features * Added RocksJava support for MacOS universal binary (ARM+x86) 2022-02-18T21:04:08+00:00 syncthing v1.19.1-rc.2 syncthing v1.19.1-rc.2 2022-02-22T12:03:20+00:00 Bugfixes: - #7850: junctionsAsDirs requires folder pause and resume to trigger - #7924: notify: File mode change events not emitted on MacOS/FSEvents watcher - #8083: Device ID should be read-only and "nearby devices" should be hidden when adding a new pending device - #8143: Behavior of discovery server doesn't match documentation - #8145: Folder ID not editable in add folder dialog Enhancements: - #7942: Improve error message about folder marker outside of folder - #8130: CLI: add command to print pending folders offered by specific device 2022-02-22T12:03:20+00:00 maltrail 0.43 maltrail 0.43 2022-02-28T23:11:07+00:00 Start-of-month release 2022-02-28T23:11:07+00:00 syncthing v1.19.1 syncthing v1.19.1 2022-03-01T06:51:18+00:00 Bugfixes: - #7850: junctionsAsDirs requires folder pause and resume to trigger - #7924: notify: File mode change events not emitted on MacOS/FSEvents watcher - #8083: Device ID should be read-only and "nearby devices" should be hidden when adding a new pending device - #8143: Behavior of discovery server doesn't match documentation - #8145: Folder ID not editable in add folder dialog Enhancements: - #7942: Improve error message about folder marker outside of folder - #8130: CLI: add command to print pending folders offered by specific device 2022-03-01T06:51:18+00:00 syncthing v1.19.2-rc.1 syncthing v1.19.2-rc.1 2022-03-08T10:19:34+00:00 Enhancements: - #8180: Make error message upon reaching the free space quota more clear 2022-03-08T10:19:34+00:00 dalton v3.2.0 dalton v3.2.0 2022-03-09T01:53:36+00:00 - Added Zeek as a sensor 2022-03-09T01:53:36+00:00 caddy v2.5.0-beta.1 caddy v2.5.0-beta.1 2022-03-09T22:29:20+00:00 Caddy 2.5 introduces new features you'll love as well as a huge number of bug fixes and enhancements. Thank you to everyone who contributed. **:warning: This is a beta version. Please try it out! It needs to be used and tested for regressions. Let us know if there are any issues.** Documentation on the website will be [updated soon](https://github.com/caddyserver/website/pull/216). Feel free to ask on the [forum](https://caddy.community) if you have any questions or feedback! ## Highlights - **Reverse proxy:** [:sparkles: _Dynamic upstreams_](https://github.com/caddyserver/caddy/pull/4470), which is the ability to get the list of upstreams at every request (more specifically, every iteration in the proxy loop of every request) rather than just once at config-load time. Dynamic upstream modules can be plugged in to provide Caddy with the latest list of backends in real-time. Two standard modules have been implemented which can get upstreams from SRV and A/AAAA record lookups. - :warning: This deprecates the `lookup_srv` JSON field for upstreams (and `srv+` scheme prefix in the Caddyfile), which will be removed in the future. - **Automatic HTTPS:** Caddy will automatically try to get relevant certificates from the local [Tailscale](https://tailscale.com) instance (if running with permission to access the Tailscale socket). This makes services running on a Tailscale network [automatically available](https://github.com/caddyserver/caddy/pull/4541) over trusted HTTPS with Caddy. - **Tracing:** New [OpenTelemetry](https://opentelemetry.io/) integration with the [`tracing` handler module and associated `tracing` directive](https://github.com/caddyserver/caddy/pull/4361). - **Reverse proxy:** When using the response handlers, a new handler `copy_response` is available to copy the proxy's response back to the client, and `copy_response_headers` may be used to selectively copy header values from the proxy's response. - **API:** Added new endpoints `/pki/ca/<id>` and `/pki/ca/<id>/certificates` for getting information about Caddy's managed CAs, including the chain of root and intermediate certificates. ## Notable - **Reverse proxy:** The `X-Forwarded-Host` header will now be automatically set, along with `X-Forwarded-For` and `X-Forwarded-Proto`. - :warning: **Reverse proxy:** Incoming `X-Forwarded-*` headers will no longer be automatically trusted, to prevent spoofing. Now, `trusted_proxies` must be configured to specify a list of downstream proxies which are trusted to have sent good values. You only need to configure trusted proxies if Caddy is not the first server being connected to. For example, if you have Cloudflare in front of Caddy, then you should configure this with Cloudflare's [list of IP ranges](https://www.cloudflare.com/en-ca/ips/). - **Automatic HTTPS:** Revoked certificates will be automatically [replaced more reliably](https://github.com/caddyserver/certmagic/pull/166). - **Automatic HTTPS:** [Can now get certificates from _Managers_.](https://github.com/caddyserver/caddy/pull/4541) As opposed to _Issuers_ (such as the default ACME issuers) which give Caddy certificates to manage from a CSR, Managers give Caddy certificates to serve (rather than manage) during TLS handshakes. - **Automatic HTTPS:** A DNS challenge [domain override](https://github.com/caddyserver/caddy/issues/4071) can be configured to delegate the solving of the challenge to a different domain. - **Reverse proxy:** The default dial timeout for the HTTP transport [has been adjusted](https://github.com/caddyserver/caddy/pull/4436) down to `3s` (was `10s`), which should allow for more easily configuring load balancing retries. - **Logging:** HTTP access logs will now [render empty values](https://github.com/caddyserver/caddy/commit/7d5047c1f190421528695e1cc3a4ad71c97eb022) for often-sensitive HTTP headers such as Cookie, Authorization, and Proxy-Authorization. Logging such credentials is now [opt-in](https://github.com/caddyserver/caddy/commit/5bf0adad8748e96e10529d5fc5777afc9236a7b5) with the `log_credentials` global option in the Caddyfile, or the server's `logs > should_log_credentials` field in JSON. - **Logging:** Logs can now be filtered by [query string parameters](https://github.com/caddyserver/caddy/commit/bcac2beee7e419f8cdab2ed16f388d1af282a46b), [cookie values](https://github.com/caddyserver/caddy/commit/8887adb027982e844965b4707b8595cee5845d54), and [regular expressions](https://github.com/caddyserver/caddy/commit/789efa5deef53071b57479d37e4022bf372c4eef); and log values can be [hashed](https://github.com/caddyserver/caddy/commit/a1b417c832b4ab3dab9eaa9690e1d07672a949b8). These features are useful for redacting sensitive information. - **Logging:** Errors during request handling [will now be logged at `DEBUG` level](https://github.com/caddyserver/caddy/pull/4429) if the error was [handled via `errors` routes](https://github.com/caddyserver/caddy/pull/4584) (`handle_errors` in Caddyfile). - :warning: **Logging:** Removed the [deprecated](https://github.com/caddyserver/caddy/issues/4148) `common_log` field from HTTP access logs, and the `single_field` encoder. If you relied on this, you may use the [format encoder plugin](https://github.com/caddyserver/format-encoder) to encode logs in Common Log format. - :warning: **Logging:** The `remote_addr` field [has been replaced](https://github.com/caddyserver/caddy/commit/f55b123d63132e290789bcd07077375c76b6e1dd) by `remote_ip` and `remote_port` fields in HTTP access logs, which split up the two parts of the remote address. This improves ease of use for some tooling which only expect an IP address, without a port. - **HTTP server:** The [`vars` matcher](https://github.com/caddyserver/caddy/commit/ecac03cdcb6cceae743aac16faca7f32e5da1607) can now match on multiple possible values. - **HTTP server:** Requests [can now be assigned](https://github.com/caddyserver/caddy/commit/180ae0cc4843ecc3c7ddcb6e978ebfd474ed07f9) a random and unique UUID from the new `{http.request.uuid}` placeholder. - **HTTP server:** [New `http_redirect` listener wrapper](https://github.com/caddyserver/caddy/pull/4585) which can be used to redirect HTTP requests that come in on a server listening for HTTPS requests to be redirected to `https://`. - **Caddyfile:** [New `default_bind` global option](https://github.com/caddyserver/caddy/pull/4531) lets you specify the default interface all sockets should bind to. - **Caddyfile:** [New `pki` global option](https://github.com/caddyserver/caddy/pull/4450) lets you configure the properties of the internal CAs managed by Caddy. - **Caddyfile:** [New `method` directive](https://github.com/caddyserver/caddy/pull/4528) allows rewriting the request method via Caddyfile. - :warning: **Caddyfile:** The `reverse_proxy` directive's `handle_response` subdirective has had its status replacement functionality [moved to a new `replace_status`](https://github.com/caddyserver/caddy/pull/4300) subdirective. This makes sure that the functionality of `handle_response` is not overloaded, and usage is clearer. - :warning: **Admin:** [Renamed](https://github.com/caddyserver/caddy/commit/bc447e307f195b80eeec0f6157e0d8e641af9155) experimental property `load_interval` :arrow_right: `load_delay` for clarification, and improved dynamic config loading. --- :shield: Thanks to [David Leadbeater](https://github.com/dgl) for reporting a security vulnerability related to HTTP methods and metrics cardinality, which was fixed in this release. ## New Contributors * @adamburgess made their first contribution in https://github.com/caddyserver/caddy/pull/4460 * @12f23eddde made their first contribution in https://github.com/caddyserver/caddy/pull/4444 * @rayjlinden made their first contribution in https://github.com/caddyserver/caddy/pull/4023 * @GallopingKylin made their first contribution in https://github.com/caddyserver/caddy/pull/4522 * @ForestJohnson made their first contribution in https://github.com/caddyserver/caddy/pull/4534 * @VojtechVitek made their first contribution in https://github.com/caddyserver/caddy/pull/4535 * @Ikke made their first contribution in https://github.com/caddyserver/caddy/pull/4544 * @YourTechBud made their first contribution in https://github.com/caddyserver/caddy/pull/4603 * @BitWuehler made their first contribution in https://github.com/caddyserver/caddy/pull/4597 * @ttys3 made their first contribution in https://github.com/caddyserver/caddy/pull/4572 * @crccw made their first contribution in https://github.com/caddyserver/caddy/pull/4596 * @andriikushch made their first contribution in https://github.com/caddyserver/caddy/pull/4361 ## Changelog * 2e46c2ac admin, reverseproxy: Stop timers if canceled to avoid goroutine leak (#4482) * 40b54434 admin: Enforce and refactor origin checking * b4bfa29b admin: Require identity for remote (fix #4478) * 32aad909 admin: Write proper status on invalid requests (#4569) (fix #4561) * ff137d17 caddyconfig: Support placeholders in HTTP loader * b47af6ef caddyfile: Copy input before parsing (fix #4422) * e90d7517 caddyfile: impove fmt warning message (#4444) * 5e5af50e caddyfile: make renew_interval option configurable (#4451) * ddbb234d caddyhttp: Always log handled errors at debug level (#4584) * 6b385a36 caddyhttp: Don't attempt to manage Tailscale certs * ecac03cd caddyhttp: Enhance vars matcher (#4433) * 6e6ce2be caddyhttp: Fix HTTP->HTTPS redir not preferring HTTPS port if ambiguous (#4530) * 3fe2c73d caddyhttp: Fix `MatchPath` sanitizing (#4499) * 44e5e9e4 caddyhttp: Fix test when /tmp/etc already exists (#4544) * 2bb8550a caddyhttp: Honor wildcard hosts in log SkipHosts (#4606) * 180ae0cc caddyhttp: Implement http.request.uuid placeholder (#4285) * 7d5047c1 caddyhttp: Log empty value for typical password headers * eead3373 caddyhttp: Log non-500 handler errors at debug level (#4429) * 5bf0adad caddyhttp: Make logging of credential headers opt-in (#4438) * 186fdba9 caddyhttp: Move HTTP redirect listener to an optional module (#4585) * 80d7a356 caddyhttp: Redirect HTTP requests on the HTTPS port to https:// (#4313) * bf380d00 caddyhttp: Reject absurd methods (#4538) * 850e1605 caddyhttp: Return HTTP 421 for mismatched Host header (#4023) * f55b123d caddyhttp: Split up logged remote address into IP and port (#4403) * ac14b64e caddyhttp: Support zone identifiers in remote_ip matcher (#4597) * a1c41210 caddypki: Minor tweak, don't use context pointer * 78e381b2 caddypki: Refactor /pki/ admin endpoints * c634bbe9 caddypki: Return error if no PEM data found * 9b7cdfa2 caddypki: Try to fix lint warnings * a79b4055 caddytls: Add internal Caddyfile `lifetime`, `sign_with_root` opts (#4513) * 66de438a caddytls: Fix `MatchRemoteIP` provisoning with multiple CIDR ranges (#4522) * 57a708d1 caddytls: Support external certificate Managers (like Tailscale) (#4541) * d9b1d463 caddytls: dns_challenge_override_domain for challenge delegation (#4596) * 1a7a78a1 cmd: Print error if fmt overwrite fails (fix #4524) * bc447e30 core: Config LoadInterval -> LoadDelay for clarity * 7ea5b2a8 core: Config load interval only reloads if changed (#4603) * 7f364c77 core: Load config at interval instead of just once * a72acd21 core: Retry dynamic config load if config unchanged * ceef70db core: Retry dynamic config load if error or no-op (#4603) * acbee947 core: Revert 7f364c7; simplify dynamic config load * 64a3218f core: Simplify shared listeners, fix deadline bug * 8e5aafa5 fastcgi: Fix a TODO, prevent zap using reflection for logging env (#4437) * c8f2834b fastcgi: Protect against requests with null bytes in the path (#4614) * de490c7c fastcgi: Set SERVER_PORT to 80 or 443 depending on scheme (#4572) * 09ba9e99 fileserver: Add `pass_thru` Caddyfile option (#4613) * 15c95e9d fileserver: Canonical redir when whole path is stripped (#4549) * c8b5a816 fileserver: Fix handling of symlink sizes in directory listings (#4415) * e81369e2 fileserver: Move default browse template into a separate file (#4417) * 1e10f6f7 fileserver: browse: do not encode the paths in breadcrumbs and page title (#4410) * 78b5356f fileserver: do not double-escape paths (#4447) * 0de51593 go.mod: Revert version bump of CEL (#4587) * 6f9b6ad7 go.mod: Update smallstep/certificates, no longer need replace (#4475) * 4906b935 go.mod: Update smallstep/truststore, fix build on FreeBSD (#4473) * c1331534 go.mod: Update to latest smallstep/truststore, support FreeBSD (#4453) * ff74a0aa go.mod: Upgrade dependencies * e9dde230 headers: Fix `+` in Caddyfile to properly append rather than set (#4506) * 1b7ff5d7 httpcaddyfile: Add `default_bind` global option (#4531) * 5a071568 httpcaddyfile: Add pki app `root` and `intermediate` cert/key config (#4514) * 26d633ba httpcaddyfile: Disabling OCSP stapling for both managed and unmanaged (#4589) * 93a7a45e httpcaddyfile: Fix incorrect handling of IPv6 bind addresses (#4532) * 81ee34e9 httpcaddyfile: Fix sorting edgecase for nested `handle_path` (#4477) * 4b9849c7 httpcaddyfile: Support configuring `pki` app names via global options (#4450) * 5bd96a6a httpcaddyfile: Support explicitly turning off `strict_sni_host` (#4592) * c921e082 logging: Add `roll_local_time` Caddyfile option (#4583) * 0eb0b60f logging: Remove common_log field and single_field encoder (#4149) (#4282) * 249adc1c logging: Support turning off roll compression via Caddyfile (#4505) * 8887adb0 logging: add a filter for cookies (#4425) * bcac2bee logging: add a filter for query parameters (#4424) * 789efa5d logging: add a regexp filter (#4426) * a1b417c8 logging: add support for hashing data (#4434) * eb891d46 metrics: Enforce smaller set of method labels * c04d24ca pki: Avoid provisioning the `local` CA when not necessary (#4463) * bbad6931 pki: Implement API endpoints for certs and `caddy trust` (#4443) * 9ee68c1b reverseproxy: Adjust defaults, document defaults (#4436) * 7557d1d9 reverseproxy: Avoid returning a `nil` error during GetClientCertificate (#4550) * ab045592 reverseproxy: Dynamic upstreams (with SRV and A/AAAA support) (#4470) * 5333c352 reverseproxy: Fix incorrect `health_headers` Caddyfile parsing (#4485) * c50094fc reverseproxy: Implement trusted proxies for `X-Forwarded-*` headers (#4507) * f5e10494 reverseproxy: Make shallow-ish clone of the request (#4551) * 87a1f228 reverseproxy: Move status replacement intercept to `replace_status` (#4300) * d058dee1 reverseproxy: Refactor dial address parsing, augment command parsing (#4616) * c7d6c4cb reverseproxy: copy_response and copy_response_headers for handle_response routes (#4391) * bcb7a19c rewrite: Add `method` Caddyfile directive (#4528) * 1feb6595 rewrite: Fix a double-encode issue when using the `{uri}` placeholder (#4516) * 6cadb60f templates: Document .OriginalReq * 1d0425b2 templates: Elaborate on what's supported by the markdown function (#4564) * a6199cf8 templates: Fix docs for .Args * ec14ccdd templates: fix inconsistent nested includes (#4452) * d0b608af tracing: New OpenTelemetry module (#4361) **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.4.6...v2.5.0-beta.1 2022-03-09T22:29:20+00:00 dalton v3.2.1 dalton v3.2.1 2022-03-11T01:32:42+00:00 - Added Zeek as a sensor (Dalton v3.2.0) - Added explicit requirement for `itsdangerous==2.0.1` 2022-03-11T01:32:42+00:00 rocksdb v7.0.1 rocksdb v7.0.1 2022-03-12T00:02:48+00:00 # Rocksdb Change Log ## 7.0.1 (03/02/2022) ### Bug Fixes * Fix a race condition when cancel manual compaction with `DisableManualCompaction`. Also DB close can cancel the manual compaction thread. * Fixed a data race on `versions_` between `DBImpl::ResumeImpl()` and threads waiting for recovery to complete (#9496) * Fixed a bug caused by race among flush, incoming writes and taking snapshots. Queries to snapshots created with these race condition can return incorrect result, e.g. resurfacing deleted data. ## 7.0.0 (02/20/2022) ### Bug Fixes * Fixed a major bug in which batched MultiGet could return old values for keys deleted by DeleteRange when memtable Bloom filter is enabled (memtable_prefix_bloom_size_ratio > 0). (The fix includes a substantial MultiGet performance improvement in the unusual case of both memtable_whole_key_filtering and prefix_extractor.) * Fixed more cases of EventListener::OnTableFileCreated called with OK status, file_size==0, and no SST file kept. Now the status is Aborted. * Fixed a read-after-free bug in `DB::GetMergeOperands()`. * Fix a data loss bug for 2PC write-committed transaction caused by concurrent transaction commit and memtable switch (#9571). * Fixed NUM_INDEX_AND_FILTER_BLOCKS_READ_PER_LEVEL, NUM_DATA_BLOCKS_READ_PER_LEVEL, and NUM_SST_READ_PER_LEVEL stats to be reported once per MultiGet batch per level. ### Performance Improvements * Mitigated the overhead of building the file location hash table used by the online LSM tree consistency checks, which can improve performance for certain workloads (see #9351). * Switched to using a sorted `std::vector` instead of `std::map` for storing the metadata objects for blob files, which can improve performance for certain workloads, especially when the number of blob files is high. * DisableManualCompaction() doesn't have to wait scheduled manual compaction to be executed in thread-pool to cancel the job. ### Public API changes * Require C++17 compatible compiler (GCC >= 7, Clang >= 5, Visual Studio >= 2017) for compiling RocksDB and any code using RocksDB headers. See #9388. * Added `ReadOptions::rate_limiter_priority`. When set to something other than `Env::IO_TOTAL`, the internal rate limiter (`DBOptions::rate_limiter`) will be charged at the specified priority for file reads associated with the API to which the `ReadOptions` was provided. * Remove HDFS support from main repo. * Remove librados support from main repo. * Remove obsolete backupable_db.h and type alias `BackupableDBOptions`. Use backup_engine.h and `BackupEngineOptions`. Similar renamings are in the C and Java APIs. * Removed obsolete utility_db.h and `UtilityDB::OpenTtlDB`. Use db_ttl.h and `DBWithTTL::Open`. * Remove deprecated API DB::AddFile from main repo. * Remove deprecated API ObjectLibrary::Register() and the (now obsolete) Regex public API. Use ObjectLibrary::AddFactory() with PatternEntry instead. * Remove deprecated option DBOption::table_cache_remove_scan_count_limit. * Remove deprecated API AdvancedColumnFamilyOptions::soft_rate_limit. * Remove deprecated API AdvancedColumnFamilyOptions::hard_rate_limit. * Remove deprecated API DBOption::base_background_compactions. * Remove deprecated API DBOptions::purge_redundant_kvs_while_flush. * Remove deprecated overloads of API DB::CompactRange. * Remove deprecated option DBOptions::skip_log_error_on_recovery. * Remove ReadOptions::iter_start_seqnum which has been deprecated. * Remove DBOptions::preserved_deletes and DB::SetPreserveDeletesSequenceNumber(). * Remove deprecated API AdvancedColumnFamilyOptions::rate_limit_delay_max_milliseconds. * Removed timestamp from WriteOptions. Accordingly, added to DB APIs Put, Delete, SingleDelete, etc. accepting an additional argument 'timestamp'. Added Put, Delete, SingleDelete, etc to WriteBatch accepting an additional argument 'timestamp'. Removed WriteBatch::AssignTimestamps(vector<Slice>) API. Renamed WriteBatch::AssignTimestamp() to WriteBatch::UpdateTimestamps() with clarified comments. * Changed type of cache buffer passed to `Cache::CreateCallback` from `void*` to `const void*`. * Significant updates to FilterPolicy-related APIs and configuration: * Remove public API support for deprecated, inefficient block-based filter (use_block_based_builder=true). * Old code and configuration strings that would enable it now quietly enable full filters instead, though any built-in FilterPolicy can still read block-based filters. This includes changing the longstanding default behavior of the Java API. * Remove deprecated FilterPolicy::CreateFilter() and FilterPolicy::KeyMayMatch() * Remove `rocksdb_filterpolicy_create()` from C API, as the only C API support for custom filter policies is now obsolete. * If temporary memory usage in full filter creation is a problem, consider using partitioned filters, smaller SST files, or setting reserve_table_builder_memory=true. * Remove support for "filter_policy=experimental_ribbon" configuration string. Use something like "filter_policy=ribbonfilter:10" instead. * Allow configuration string like "filter_policy=bloomfilter:10" without bool, to minimize acknowledgement of obsolete block-based filter. * Made FilterPolicy Customizable. Configuration of filter_policy is now accurately saved in OPTIONS file and can be loaded with LoadOptionsFromFile. (Loading an OPTIONS file generated by a previous version only enables reading and using existing filters, not generating new filters. Previously, no filter_policy would be configured from a saved OPTIONS file.) * Change meaning of nullptr return from GetBuilderWithContext() from "use block-based filter" to "generate no filter in this case." * Also, when user specifies bits_per_key < 0.5, we now round this down to "no filter" because we expect a filter with >= 80% FP rate is unlikely to be worth the CPU cost of accessing it (esp with cache_index_and_filter_blocks=1 or partition_filters=1). * bits_per_key >= 0.5 and < 1.0 is still rounded up to 1.0 (for 62% FP rate) * Remove class definitions for FilterBitsBuilder and FilterBitsReader from public API, so these can evolve more easily as implementation details. Custom FilterPolicy can still decide what kind of built-in filter to use under what conditions. * Also removed deprecated functions * FilterPolicy::GetFilterBitsBuilder() * NewExperimentalRibbonFilterPolicy() * Remove default implementations of * FilterPolicy::GetBuilderWithContext() * Remove default implementation of Name() from FileSystemWrapper. * Rename `SizeApproximationOptions.include_memtabtles` to `SizeApproximationOptions.include_memtables`. * Remove deprecated option DBOptions::max_mem_compaction_level. * Return Status::InvalidArgument from ObjectRegistry::NewObject if a factory exists but the object ould not be created (returns NotFound if the factory is missing). * Remove deprecated overloads of API DB::GetApproximateSizes. * Remove deprecated option DBOptions::new_table_reader_for_compaction_inputs. * Add Transaction::SetReadTimestampForValidation() and Transaction::SetCommitTimestamp(). Default impl returns NotSupported(). * Add support for decimal patterns to ObjectLibrary::PatternEntry * Remove deprecated remote compaction APIs `CompactionService::Start()` and `CompactionService::WaitForComplete()`. Please use `CompactionService::StartV2()`, `CompactionService::WaitForCompleteV2()` instead, which provides the same information plus extra data like priority, db_id, etc. * `ColumnFamilyOptions::OldDefaults` and `DBOptions::OldDefaults` are marked deprecated, as they are no longer maintained. * Add subcompaction callback APIs: `OnSubcompactionBegin()` and `OnSubcompactionCompleted()`. * Add file Temperature information to `FileOperationInfo` in event listener API. * Change the type of SizeApproximationFlags from enum to enum class. Also update the signature of DB::GetApproximateSizes API from uint8_t to SizeApproximationFlags. * Add Temperature hints information from RocksDB in API `NewSequentialFile()`. backup and checkpoint operations need to open the source files with `NewSequentialFile()`, which will have the temperature hints. Other operations are not covered. ### Behavior Changes * Disallow the combination of DBOptions.use_direct_io_for_flush_and_compaction == true and DBOptions.writable_file_max_buffer_size == 0. This combination can cause WritableFileWriter::Append() to loop forever, and it does not make much sense in direct IO. * `ReadOptions::total_order_seek` no longer affects `DB::Get()`. The original motivation for this interaction has been obsolete since RocksDB has been able to detect whether the current prefix extractor is compatible with that used to generate table files, probably RocksDB 5.14.0. ## New Features * Introduced an option `BlockBasedTableOptions::detect_filter_construct_corruption` for detecting corruption during Bloom Filter (format_version >= 5) and Ribbon Filter construction. * Improved the SstDumpTool to read the comparator from table properties and use it to read the SST File. * Extended the column family statistics in the info log so the total amount of garbage in the blob files and the blob file space amplification factor are also logged. Also exposed the blob file space amp via the `rocksdb.blob-stats` DB property. * Introduced the API rocksdb_create_dir_if_missing in c.h that calls underlying file system's CreateDirIfMissing API to create the directory. * Added last level and non-last level read statistics: `LAST_LEVEL_READ_*`, `NON_LAST_LEVEL_READ_*`. * Experimental: Add support for new APIs ReadAsync in FSRandomAccessFile that reads the data asynchronously and Poll API in FileSystem that checks if requested read request has completed or not. ReadAsync takes a callback function. Poll API checks for completion of read IO requests and should call callback functions to indicate completion of read requests. 2022-03-12T00:02:48+00:00 reko version-0.11.0 reko version-0.11.0 2022-03-13T23:15:46+00:00 This release of Reko has breaking changes in interfaces and classes, and completes the move to .NET 5.0. Many classes were also moved to different namespaces: you'll need to recompile your project. The file loading code was refactored heavily to be easier to use and to support the reading of files stored in (potentially deeply nested) archives. Many fixes were made in the AArch64 rewriter (with gentle prodding from @rfalke). Some other new features are: * Wasm files can be loaded and disassembled. A rewriter will materialize in a later release. * Reko Gui is asynchronous. This will help the ongoing port to Avalonia. * Stack variable references that escape to other procedures are now tracked (courtesy of @ptomin). * The new ByteTrie<T> class can be used for pattern matching. * Added support for PDP-10 architecture. The PDP-10 is word-addressable, has 36-bit words, 18-bit addresses, and variable sized bytes, all of which contrast vividly with present day 8-bit-based architectures. * The MemoryControl displays sizes other than bytes. This accommodates PDP-10, Microchip PIC, and Mil-Std-1750A. * Intrinsic procedures can now have generic parameter and return types. * Added initial support for COFF files. * Adapted OllyLangInterpreter to other architectures than X86. * Added m6502 emulator, c64 emulator. * Various CI improvements and fixes. Also, Reko now builds on ARM64! (courtesy of @smx-smx) * Added support for constants larger than 64 bits. * Support for reading TAR and AR archives. * Support loading files from arbitrarily nested archives. * Rewrote the loader so it is much easier to use (and understand). * Extended C parser to handle more GCC attributes. * Support for Sanyo LC8670. Thanks to @nemerle, @ptomin, @shandianchengzi, @slartibardfast, and @smx-smx for their time and contributions to the Reko project! 2022-03-13T23:15:46+00:00 AIL-framework v4.1 AIL-framework v4.1 2022-03-14T15:39:04+00:00 # AIL Framework version 4.1 released with new investigation/case handling, improved MISP export and many improvements. ## Investigation in AIL The major new functionality is the investigation handling in AIL. An analyst can now easily create investigation where any objects from AIL can be added. This helps an analyst to build collection or cases to work on. The integration allows to export it as a standard [MISP](https://www.misp-project.org/) event. ![](https://www.ail-project.org/assets/img/ail-investigation.png) ## Support for Jabber/XMPP AIL has been extended to support Jabber/XMPP addresses. The source feeder just need to submit the keys such as `jabber:to`, `jabber:from`, `jabber:ts`, `jabber:id`. An example feeder is [available](https://gist.github.com/gallypette/8e4fc941443a2483b6b2fcaee4c76e47). The new feature can be used to inject existing leak or stream from XMPP/Jabber server. As an example, the Conti leak can be easily injected into AIL and show automatically all correlations between users. ![](https://www.ail-project.org/assets/img/bitcoinz.png) ![](https://www.ail-project.org/assets/img/friends-having-chats.png) ![](https://www.ail-project.org/assets/img/korben.png) Many bugs were fixed. The [complete changelog](https://www.ail-project.org/ChangeLog) can be seen below. ## v4.1 (2022-03-11) ### Changes * [flask] updated. [Alexandre Dulaunoy] * [flask] requirements for higher version of flask. [Alexandre Dulaunoy] * [v4.1] add Investigation with MISP Export + v4.1 update. [Terrtia] * [Telegram module] refactor module + fix str format. [Terrtia] ### Fix * [Investigation] edit misp event + add misp instance url. [Terrtia] * [Investigation] fix MISP Export + UI sidebar. [Terrtia] * [UI inestigations] add items link. [Terrtia] * [UI inestigations] add objects link. [Terrtia] * [telegram launcher] [Terrtia] * [items] abstract class. [Terrtia] * [Investigation] UI sidebar. [Terrtia] * [v4.1] fix ardb # tracking DB. [Terrtia] * [username] user icon. [Thirion Aurélien] * [Term tracker] fix item date. [Terrtia] * [Telegram module] fix launcher. [Terrtia] * [pybgpranking] package install. [Terrtia] * [popper install] rename popper repository. [Terrtia] https://github.com/floating-ui/floating-ui/discussions/1425 * [UI] remove update note. [Terrtia] * [trackers] fix get_all_items_sources. [Terrtia] * [crawler] fix is_splash_manager_connected #133. [Terrtia] ### Other * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Merge pull request #139 from gallypette/jabber-feeder. [Thirion Aurélien] add: [username] jabber support * Add: [username] jabber support. [Jean-Louis Huynen] * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Create SECURITY.md. [Alexandre Dulaunoy] 2022-03-14T15:39:04+00:00 rocksdb v7.0.2 rocksdb v7.0.2 2022-03-14T16:45:01+00:00 # Rocksdb Change Log ## 7.0.2 (03/12/2022) * Fixed a bug that DisableManualCompaction may assert when disable an unscheduled manual compaction. 2022-03-14T16:45:01+00:00 MISP v2.4.154 MISP v2.4.154 2022-03-18T11:52:08+00:00 MISP 2.4.154 released with a host of new features and fixes, including some new tools that help us navigate the current geo-political landscape when sharing information. # Sharing group blueprints Difficult times often call for radical measures, with the recent world events we've seen more and more communities rapidly reorganising as well as new large communities being established. Sharing information with only subsets of communities has become ever more important and whilst we've had the tools to facilitate this in MISP for a long time, rapidly managing different, often overlapping groups has been difficult. Sharing group blueprints allow us to programmatically define reusable blueprints for generating sharing groups, based on inheritance and various filters to automate the task of maintaining the groups. Sharing group blueprints accept JSON objects based on which they generate a sharing group each, where various filters can be set for the decision making. The syntax allows for boolean operators as well as the use of organisation metadata and existing sharing group inheritance. This can also be used to create derivative groups with certain members being excluded, for example the below would be such an example: ``` { "AND": { "OR": { "org_sector": "Financial", "sharing_group_id": 127 }, "NOT": { "org_nationality": [ "Russia", "Russian Federation", "Belarus", "Republic of Belarus" ] } } } ``` The above would generate a sharing group out of all organisations present in sharing group 127, any organisation that has "Financial" as its type, but excluding any of the specifically negated countries' orgnaisations. This system thrives on well maintained organisation lists, so make sure that you put in the extra effort of contextualising your organisations! Once a blueprint is created, you can review the organisations to be included and if you are satisfied, create the actual sharing group by clicking on (re)generate sharing group. ![sharing-group-blueprint](https://user-images.githubusercontent.com/3668672/158998299-52bfc259-ad7a-43a7-8287-a1f368cc9845.png) One of the advantages of this system is that the regeneration can be run at any time, for a single sharing group or for all, via the interface or the API. This means that creating a cron job that updates all sharing groups based on the rules regularly is trivial, ensuring that for example inherited organisations via updated child sharing groups are updated continuously. # Populate events using MISP JSON elements There's a new way to populate an individual, existing event: by uploading a JSON file containing MISP elements (such as attributes, objects, tags, galaxies, etc), one can now easily paste JSON blobs into a form that an be accessed by clicking on "Populate from..." and selecting "Populate using a JSON file containing MISP event content data". # Improvements to the OIDC authentication A host of improvements and fixes, including the switch to a new library, developed by Jakub Onderka. # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html). As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. 2022-03-18T11:52:08+00:00 MISP v2.4.155 MISP v2.4.155 2022-03-18T12:41:30+00:00 This release is a rapid follow up to v2.4.154, addressing several rather annoying issues # Bugfixes - Various bugfixes to the sharing group blueprint system (especially to it being more restrictive than intended) - Updating the DB schema to avoid the diagnostics complaining - Fixed an issue with organisation meta fields defaulting to null rather than '' (causing the blueprint issue mentioned above) - Rework of the DB schema dumper - Fixes to the Kali Linux installer # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html). As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. 2022-03-18T12:41:30+00:00 MISP v2.4.156 MISP v2.4.156 2022-03-18T16:22:37+00:00 We are pleased to announce the immediate availability of MISP v2.4.156 - a release bringing several new features and fixes two critical vulnerabilities. **We highly encourage everyone to update to this version as soon as possible**. # Protected mode - cryptographic signing of synchronisation With the current tensions, information assurance in many ways is becoming more and more important across the different MISP communities. Whilst foul play is often quickly discovered and leads to the ejection from a sharing community, leading to an inherent self-healing mechanism of the different networks, in some cases due to information's criticality, more active measures are needed. By design, MISP's sharing mechanisms rely on trust relationships between the different interconnected nodes in the various MISP networks. This means that in a mesh network of MISP nodes, information can travel via trusted synchronisation users, the information's veracity being ensured by the various site administrators of the different instances. In some cases this is not enough, especially when exchanging data that is meant to be adhered to blindly in a highly automated fashion. Vetted block lists for example affecting large constituencies and the automatic blocking of traffic for service providers for example. To support this use-case, MISP as of v2.4.156 has a new mechanism that allows event creators to attach a set of PGP instance signing keys to an event, which are used to sign the events on each hop of the synchronisation. This allows recipient MISPs to discard any updates coming from nodes that cannot produce a valid signature with one of the initial signing keys. ## An example Alice and Bob each have their own MISP instances, with Alice feeding Bob with critical information. Bob trusts this information immediately and blindly. Eвa, wanting to remove data points or diluting the information from Alice's stream, is also part of their broader network. Traditionally, Alice sharing an event to the network would propagate to both Bob's and Eвa's instance. Eвa could in this case abuse her administrative privileges to modify the event, perhaps injecting disinformation and removing valid data. By synchronising this back to Bob, Bob's instance would see an incoming synchronised edit, which in a mesh network could be legitimate and as such it would accept the change. Propagating it further back to Alice would be blocked by MISP's protection against remote modifications to data at origin. ![unprotected_sync_mode](https://user-images.githubusercontent.com/3668672/159035794-918f9c33-74dc-44e2-84db-34fdb1ba726a.png) With protected mode enabled, this situation changes drastically. Alice could add her own signing key as well as Bob's to the event, ensuring that the only parties able to relay modifications to the event would be Alice and Bob. When leaving Alice's instance, the event would get signed with Alice's signing key. Since the event contains both Alice's and Bob's key, any subsequent modifications from Alice would be accepted by Bob's instance. Incoming edits would be signed by Alice's key, meaning that Bob would validate the package with its locally stored public key of from the initial exchange. This means that Eвa modifying the event and attempting to share it with Bob would get rejected, as Eвa, lacking the private keys of Alice and Bob, can only sign it with her own key, which Bob's instance would immediately flag as suspicious and ultimately reject it. ![protected_sync_mode](https://user-images.githubusercontent.com/3668672/159036489-f2d457aa-cb23-42a8-b10b-6d9e9a02e7f9.png) ## Usage To get started with the feature, simply use the new protected mode field in the event view, you can convert any event into protected mode: ![protected1](https://user-images.githubusercontent.com/3668672/159038886-d82a516b-1281-4649-ac2d-ea456f7468ed.png) At which point you can start adding individual keys: ![protected2](https://user-images.githubusercontent.com/3668672/159039506-e896ca51-7a96-4f3f-a46b-718df9e0072c.png) Keep in mind that you can add multiple instance signing keys if you wish for your trusted partners (or your own instances, for example if you have an internal and a sharing MISP in the DMZ). ![protected3](https://user-images.githubusercontent.com/3668672/159039670-eb1e3b3d-8089-45c0-9511-aaf0ffc80b89.png) As a caveat, keep in mind that this mechanism limits the distribution of data inadvertently. Even if the distribution level would allow it, the synchronisation will be limited by who can sign the event for further propagation, so use this new functionality when the use-case really calls for it. A massive thank you to our good friend [Trey Darley](https://twitter.com/treyka) (@treyka) of Cert.be for the brainstorming session that lead to the implementation of this feature! # Context summary export A new export format was added that generates an HTML representation of a summary of all context information from a set of filtered data. One could for example use restsearch to generate all context from any event that is attributed to a threat actor. The resulting HTML will include the Mitre ATT&CK matrix of all leveraged techniques in the selected events as well as any other labelling and context. # Event warning system The new warning system warns users about potential improvements to an event they could be making, such as resolving tagging issues, improving the quality of the event, etc. The system comes with a plugable module system, easily build and deploy your own warning system. ![warning_system](https://user-images.githubusercontent.com/3668672/159040894-99d951e3-a076-40c7-9bbd-9ff619df2e5c.png) # Internal reworks @JakubOnderka continues his massive crusade against ugly spaghetti code, with a continuous stream of refactorings, this time massively improving the code-base of the synchronisation mechanism. # Pentest - Several security issues resolved We would like to thank Ianis BERNARD of NATO Cyber Security Centre. Based on the findings of their pentest we were able to resolve several security vulnerabilities and as such we highly encourage everyone to update to v2.4.156 ASAP. ## Security fixes resolved Four security vulnerabilities were fixed in this release. We strongly recommend everyone to install this version as soon as possible. - CVE-2022-27245 - [Potential SSRF attacks fixed](https://github.com/MISP/MISP/commit/8dcf414340c5ddedfebbc972601646d38e1d0717) on generateServerSettings(), the interface is now restricted to the cli interface only. - CVE-2022-27243 - [Potential LFI attack fixed](https://github.com/MISP/MISP/commit/8cc93687dcd68e1774b55a5c4e8125c0c8ddc288) via custom file setting. - CVE-2022-27246 - [Restrict SVG logo](https://github.com/MISP/MISP/commit/08a07a38ae81f3b55d81cfcd4501ac1eb1c9c4dc) upload for organisation by default and make it optional to limit potential risk of SVG with active payload. - CVE-2022-27244 - [Stored XSS in the user add/edit forms fixed](https://github.com/MISP/MISP/commit/61d4d3670593b78e4dab7a11eb620b7a372f30e6) in custom auth name with a potential malicious administrator. # LinOTP auth improvements Thanks to the lovely work submitted by @andurin, the LinOTP authentication subsystem now includes several improvements, amongst others the ability to conveniently manage and disable the subsystem directly via the system settings. Originally, the only way to disable the LinOTP authentication was to purge the related settings from the configuration files. In order not to break the expected functionality for users that already have LinOTP configured, the default behaviour for the new "LinOTP.enable" setting behaves a bit different from other similar settings: When no value was assigned by an administrator, the module is enabled by default if the LinOTP configuration keys exist in the configuration file. That means, if you've had it configured from before, by default it will be enabled. Other than that it will be disabled. Confirming the setting as either enabled or disabled by an administrator will override this behaviour with the selected setting. # A long list of other improvements We have received a massive list of pull requests for enhancements and fixes. Make sure you check out the [changelog](https://www.misp-project.org/Changelog.txt) for further details. # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html). As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. 2022-03-18T16:22:37+00:00 PeekabooAV v2.1rc1 PeekabooAV v2.1rc1 2022-03-21T06:57:19+00:00 Install using `./setup.py`. Uninstallable and yanked from pypi.org due to dependency on our modified cortex4py github repo. See [CHANGELOG.md](https://github.com/scVENUS/PeekabooAV/blob/v2.1rc1/CHANGELOG.md) for changes since last release. 2022-03-21T06:57:19+00:00 syncthing v1.19.2-rc.2 syncthing v1.19.2-rc.2 2022-03-22T19:31:51+00:00 Enhancements: - #8180: Make error message upon reaching the free space quota more clear 2022-03-22T19:31:51+00:00 rocksdb v6.29.4 rocksdb v6.29.4 2022-03-23T01:24:02+00:00 ## 6.29.4 (03/22/2022) ### Bug Fixes * Fixed a bug caused by race among flush, incoming writes and taking snapshots. Queries to snapshots created with these race condition can return incorrect result, e.g. resurfacing deleted data. * Fixed a bug that DisableManualCompaction may assert when disable an unscheduled manual compaction. * Fixed a bug that `Iterator::Refresh()` reads stale keys after DeleteRange() performed. * Fixed a race condition when disable and re-enable manual compaction. * Fix a race condition when cancel manual compaction with `DisableManualCompaction`. Also DB close can cancel the manual compaction thread. * Fixed a data race on `versions_` between `DBImpl::ResumeImpl()` and threads waiting for recovery to complete (#9496) * Fixed a read-after-free bug in `DB::GetMergeOperands()`. * Fixed NUM_INDEX_AND_FILTER_BLOCKS_READ_PER_LEVEL, NUM_DATA_BLOCKS_READ_PER_LEVEL, and NUM_SST_READ_PER_LEVEL stats to be reported once per MultiGet batch per level. 2022-03-23T01:24:02+00:00 PeekabooAV v2.1rc2 PeekabooAV v2.1rc2 2022-03-23T08:40:59+00:00 Install using venv/bin/pip install peekabooav==2.1rc2. See [CHANGELOG.md](https://github.com/scVENUS/PeekabooAV/blob/v2.1rc2/CHANGELOG.md) for changes since last release. 2022-03-23T08:40:59+00:00 DC3-MWCP 3.6.0 DC3-MWCP 3.6.0 2022-03-23T23:35:22+00:00 2022-03-23T23:35:22+00:00 MISP v2.4.157 MISP v2.4.157 2022-03-25T14:21:20+00:00 We are pleased to announce the immediate availability of MISP v2.4.157, following a series of bug fixes as a quick follow up to 2.4.156. As a reminder, MISP v2.4.156 included several critical vulnerability fixes, as such, **we highly encourage everyone to update to this version as soon as possible**. It also brought several new important features that help communities ensure the veracity of their most critical shared data. # Fixes to the authkey handling Manage auth keys of your team as an org admin, until now this feature was broken and org admins had to log in as their automation / sync users in order to generate new keys. This is no longer the case, simply view the user you wish to create a new key for and do it directly from the interface or via the API. Keep in mind that org admins can only create keys for non administrator users. Thank you to @oivindoh for pointing this shortcoming out. # Fix to a breaking bug with event publishing Due to a bug introduced by a regression in 2.4.156, publishing events ended up not pushing events with sharing groups to remote instances. This is now resolved and for this in itself we already highly recommend updating to this version. Full instance pushes and pulls were not affected. Neither were events that didn't rely on sharing groups as their distribution model. Thank you to @treyka for finding the bug. # New setting introduced to disable event lock checks Sometimes the addition of certain features, whilst having good intentions, ends up being more annoying that useful. In these cases, unless it's something absolutely hindering, we still do not want to modify the default behaviour of MISP over night. Such is the case with the event lock checks, which provide warnings on the event view that another user is also editing the event, a simple warning to users that their event's state may be outdated. This functionality is rather verbose when it comes to logging, gets in the way of debugging and can cause session persistence issues in certain cases. As such we've introduced a new setting to disable the functionality and unless you or your community are especially attached to it, we recommend heading over to the server settings and disabling it via the `MISP.disable_event_locks` setting. Thanks to @github-germ and @packet-rat for pointing the annoying nature of this feature out. # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html). As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. 2022-03-25T14:21:20+00:00 rocksdb v7.0.3 rocksdb v7.0.3 2022-03-25T17:00:11+00:00 ### Bug Fixes * Fixed a major performance bug in which Bloom filters generated by pre-7.0 releases are not read by early 7.0.x releases (and vice-versa) due to changes to FilterPolicy::Name() in #9590. This can severely impact read performance and read I/O on upgrade or downgrade with existing DB, but not data correctness. * Fixed a bug that `Iterator::Refresh()` reads stale keys after DeleteRange() performed. ### Public API changes * Added pure virtual FilterPolicy::CompatibilityName(), which is needed for fixing major performance bug involving FilterPolicy naming in SST metadata without affecting Customizable aspect of FilterPolicy. For source code, this change only affects those with their own custom or wrapper FilterPolicy classes, but does break compiled library binary compatibility in a patch release. 2022-03-25T17:00:11+00:00 DC3-MWCP 3.6.1 DC3-MWCP 3.6.1 2022-03-28T16:55:28+00:00 2022-03-28T16:55:28+00:00 rocksdb v6.29.5 rocksdb v6.29.5 2022-03-29T20:30:03+00:00 ## 6.29.5 (03/29/2022) ### Bug Fixes * Fixed a race condition for `alive_log_files_` in non-two-write-queues mode. The race is between the write_thread_ in WriteToWAL() and another thread executing `FindObsoleteFiles()`. The race condition will be caught if `__glibcxx_requires_nonempty` is enabled. * Fixed a race condition when mmaping a WritableFile on POSIX. * Fixed a race condition when 2PC is disabled and WAL tracking in the MANIFEST is enabled. The race condition is between two background flush threads trying to install flush results, causing a WAL deletion not tracked in the MANIFEST. A future DB open may fail. * Fixed a heap use-after-free race with DropColumnFamily. * Fixed a bug that `rocksdb.read.block.compaction.micros` cannot track compaction stats (#9722). 2022-03-29T20:30:03+00:00 rocksdb v7.0.4 rocksdb v7.0.4 2022-03-29T20:31:07+00:00 ## 7.0.4 (03/29/2022) ### Bug Fixes * Fixed a race condition when disable and re-enable manual compaction. * Fixed a race condition for `alive_log_files_` in non-two-write-queues mode. The race is between the write_thread_ in WriteToWAL() and another thread executing `FindObsoleteFiles()`. The race condition will be caught if `__glibcxx_requires_nonempty` is enabled. * Fixed a race condition when mmaping a WritableFile on POSIX. * Fixed a race condition when 2PC is disabled and WAL tracking in the MANIFEST is enabled. The race condition is between two background flush threads trying to install flush results, causing a WAL deletion not tracked in the MANIFEST. A future DB open may fail. * Fixed a heap use-after-free race with DropColumnFamily. * Fixed a bug that `rocksdb.read.block.compaction.micros` cannot track compaction stats (#9722). 2022-03-29T20:31:07+00:00 Lookyloo v1.11.0 Lookyloo v1.11.0 2022-03-31T11:17:11+00:00 # New Feature * Trigger multiple captures at once from web interface ![Screenshot_20220331_131600](https://user-images.githubusercontent.com/248875/161043117-d56ac8ce-aaeb-4cd6-bb55-87cb7c5e93e1.png) # Fixes * Improve MISP event publishing (make it asynchronous) * Improve legend with titles on hoover * Fix caches in modules * Improve stats page * Normalize buttons color * Improve rendering of capture page # Changes * Updates all web and python dependencies * Use bootstrap 5 2022-03-31T11:17:11+00:00 maltrail 0.44 maltrail 0.44 2022-03-31T22:11:06+00:00 Start-of-month release 2022-03-31T22:11:06+00:00 DC3-MWCP 3.6.2 DC3-MWCP 3.6.2 2022-04-04T20:01:55+00:00 2022-04-04T20:01:55+00:00 syncthing v1.19.2 syncthing v1.19.2 2022-04-05T04:47:28+00:00 Enhancements: - #8180: Make error message upon reaching the free space quota more clear 2022-04-05T04:47:28+00:00 osquery 5.2.3 osquery 5.2.3 2022-04-05T22:05:20+00:00 Full Commits: https://github.com/osquery/osquery/compare/5.2.2...5.2.3 2022-04-05T22:05:20+00:00 osv v0.0.14 osv v0.0.14 2022-04-06T03:09:00+00:00 2022-04-06T03:09:00+00:00 TheHive 4.1.19 TheHive 4.1.19 2022-04-07T14:43:23+00:00 ## [4.1.19](https://github.com/TheHive-Project/TheHive/milestone/89) (2022-04-07) **Implemented enhancements:** - Migrate hive3 to 4, migrate SSL error. Requesting SSL bypass option [\#2356](https://github.com/TheHive-Project/TheHive/issues/2356) - [Enhancement] Improve logging [\#2371](https://github.com/TheHive-Project/TheHive/issues/2371) **Fixed bugs:** - [Bug] Regression starting with 4.1.17 in the migration tool with certificate validation [\#2342](https://github.com/TheHive-Project/TheHive/issues/2342) - [Bug] Deadlock when the index backend changed [\#2351](https://github.com/TheHive-Project/TheHive/issues/2351) - [Bug][Security] TheHive4 libraries vulnerabilities [\#2362](https://github.com/TheHive-Project/TheHive/issues/2362) - [Bug] The Link given in /etc/thehive/application.conf says error. [\#2364](https://github.com/TheHive-Project/TheHive/issues/2364) - [Bug] An unshared case is still visible [\#2366](https://github.com/TheHive-Project/TheHive/issues/2366) - [Bug] Prevent custom field creation if it already exists [\#2367](https://github.com/TheHive-Project/TheHive/issues/2367) - [Bug] An user may exist without being member of any organisation [\#2368](https://github.com/TheHive-Project/TheHive/issues/2368) - [Bug] Tags can't be updated [\#2369](https://github.com/TheHive-Project/TheHive/issues/2369) - [Bug] Dashboarding on weeks provide incorrect results on specific dates [\#2370](https://github.com/TheHive-Project/TheHive/issues/2370) 2022-04-07T14:43:23+00:00 reko version-0.11.1 reko version-0.11.1 2022-04-07T22:17:52+00:00 This maintenance release provides minor enhancements and bugfixes, including: * More ARM32 rewriters. * More uses of generic `IntrinsicProcedures`. * Replace recursive `SccFinder` with an non-recursive implementation. * Initial support for Terse Executable format. * Don't try tracing into nonexecutable code. * Ctrl+0 resets the zoom level of the Graph Viewer * Many more PowerPC instructions supported * C parser issues reported by @smx-smx * Make SSA analysis use bit-accurate analysis for stack variables. * Multithreaded robustness. It also has some refactorings and new classes, setting the stage for a future refactoring of the Scanner: * New `RtlSwitch` subclass of `RtlInstruction` * Support for platform-specific patterns for procedure entries. 2022-04-07T22:17:52+00:00 PeekabooAV v2.1rc3 PeekabooAV v2.1rc3 2022-04-13T10:41:50+00:00 Install using venv/bin/pip install peekabooav==2.1rc3. See [CHANGELOG.md](https://github.com/scVENUS/PeekabooAV/blob/v2.1rc3/CHANGELOG.md) for changes since last release. 2022-04-13T10:41:50+00:00 OpenTAXII 0.2.4 OpenTAXII 0.2.4 2022-04-13T11:19:28+00:00 Changelog ========= 0.2.4 (2022-04-13) ------------------ * Make sure werkzeug <2.1 and >=2.1 work correctly with auth system 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2022-04-13T11:19:28+00:00 OpenTAXII 0.3.0a4 OpenTAXII 0.3.0a4 2022-04-13T12:20:59+00:00 Changelog ========= 0.3.0a4 (2022-04-13) -------------------- * Merge changes from 0.2.4 maintenance release 0.3.0a3 (2022-01-21) -------------------- * Fix bug that prevented booting with only taxii1 config (`#217 <https://github.com/eclecticiq/OpenTAXII/issues/217>`_ thanks `@azurekid <https://github.com/azurekid>`_ for the report) 0.3.0a2 (2021-12-27) -------------------- * Merge changes from 0.2.3 maintenance release 0.3.0a1 ------- * Add python 3.10 support 0.3.0a0 ------- * Enablement for future taxii2 implementation * Fix documentation build issues 0.2.4 (2022-04-13) ------------------ * Make sure werkzeug <2.1 and >=2.1 work correctly with auth system 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/210>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2022-04-13T12:20:59+00:00 OpenTAXII 0.3.0 OpenTAXII 0.3.0 2022-04-13T13:25:40+00:00 Changelog ========= 0.3.0 (2022-04-13) ------------------ * Implement taxii2.1 support 0.3.0a4 (2022-04-13) -------------------- * Merge changes from 0.2.4 maintenance release 0.3.0a3 (2022-01-21) -------------------- * Fix bug that prevented booting with only taxii1 config (`#217 <https://github.com/eclecticiq/OpenTAXII/issues/217>`_ thanks `@azurekid <https://github.com/azurekid>`_ for the report) 0.3.0a2 (2021-12-27) -------------------- * Merge changes from 0.2.3 maintenance release 0.3.0a1 ------- * Add python 3.10 support 0.3.0a0 ------- * Enablement for future taxii2 implementation * Fix documentation build issues 0.2.4 (2022-04-13) ------------------ * Make sure werkzeug <2.1 and >=2.1 work correctly with auth system 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/210>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2022-04-13T13:25:40+00:00 caddy v2.5.0-rc.1 caddy v2.5.0-rc.1 2022-04-13T18:56:51+00:00 Caddy 2.5 introduces new features you'll love as well as a huge number of bug fixes and enhancements. Thank you to everyone who contributed. **:warning: This is a release candidate version. We think it's stable enough to use in production, but we want to be extra sure, so please try it out! It needs to be used and tested for regressions. Let us know if there are any issues.** Documentation on the website has mostly been updated (JSON docs will be last). Feel free to ask on the [forum](https://caddy.community) if you have any questions or feedback! ## Highlights - **Reverse proxy:** [:sparkles: _Dynamic upstreams_](https://github.com/caddyserver/caddy/pull/4470), which is the ability to get the list of upstreams at every request (more specifically, every iteration in the proxy loop of every request) rather than just once at config-load time. Dynamic upstream modules can be plugged in to provide Caddy with the latest list of backends in real-time. Two standard modules have been implemented which can get upstreams from SRV and A/AAAA record lookups. - :warning: This deprecates the `lookup_srv` JSON field for upstreams (and `srv+` scheme prefix in the Caddyfile), which will be removed in the future. - **Automatic HTTPS:** Caddy will automatically try to get relevant certificates from the local [Tailscale](https://tailscale.com) instance (if running with permission to access the Tailscale socket). This makes services running on a Tailscale network [automatically available](https://github.com/caddyserver/caddy/pull/4541) over trusted HTTPS with Caddy. - **Tracing:** New [OpenTelemetry](https://opentelemetry.io/) integration with the [`tracing` handler module and associated `tracing` directive](https://github.com/caddyserver/caddy/pull/4361). - **Reverse proxy:** When using the response handlers, a new handler `copy_response` is available to copy the proxy's response back to the client, and `copy_response_headers` may be used to selectively copy header values from the proxy's response. - **API:** Added new endpoints `/pki/ca/<id>` and `/pki/ca/<id>/certificates` for getting information about Caddy's managed CAs, including the chain of root and intermediate certificates. ## Notable - **Reverse proxy:** The `X-Forwarded-Host` header will now be automatically set, along with `X-Forwarded-For` and `X-Forwarded-Proto`. - :warning: **Reverse proxy:** Incoming `X-Forwarded-*` headers will no longer be automatically trusted, to prevent spoofing. Now, `trusted_proxies` must be configured to specify a list of downstream proxies which are trusted to have sent good values. You only need to configure trusted proxies if Caddy is not the first server being connected to. For example, if you have Cloudflare in front of Caddy, then you should configure this with Cloudflare's [list of IP ranges](https://www.cloudflare.com/en-ca/ips/). - **Automatic HTTPS:** Revoked certificates will be automatically [replaced more reliably](https://github.com/caddyserver/certmagic/pull/166). - **Automatic HTTPS:** [Can now get certificates from _Managers_.](https://github.com/caddyserver/caddy/pull/4541) As opposed to _Issuers_ (such as the default ACME issuers) which give Caddy certificates to manage from a CSR, Managers give Caddy certificates to serve (rather than manage) during TLS handshakes. - **Automatic HTTPS:** A DNS challenge [domain override](https://github.com/caddyserver/caddy/issues/4071) can be configured to delegate the solving of the challenge to a different domain. - **Reverse proxy:** The default dial timeout for the HTTP transport [has been adjusted](https://github.com/caddyserver/caddy/pull/4436) down to `3s` (was `10s`), which should allow for more easily configuring load balancing retries. - **Logging:** HTTP access logs will now [render empty values](https://github.com/caddyserver/caddy/commit/7d5047c1f190421528695e1cc3a4ad71c97eb022) for often-sensitive HTTP headers such as Cookie, Authorization, and Proxy-Authorization. Logging such credentials is now [opt-in](https://github.com/caddyserver/caddy/commit/5bf0adad8748e96e10529d5fc5777afc9236a7b5) with the `log_credentials` global option in the Caddyfile, or the server's `logs > should_log_credentials` field in JSON. - **Logging:** Logs can now be filtered by [query string parameters](https://github.com/caddyserver/caddy/commit/bcac2beee7e419f8cdab2ed16f388d1af282a46b), [cookie values](https://github.com/caddyserver/caddy/commit/8887adb027982e844965b4707b8595cee5845d54), and [regular expressions](https://github.com/caddyserver/caddy/commit/789efa5deef53071b57479d37e4022bf372c4eef); and log values can be [hashed](https://github.com/caddyserver/caddy/commit/a1b417c832b4ab3dab9eaa9690e1d07672a949b8). These features are useful for redacting sensitive information. - **Logging:** Errors during request handling [will now be logged at `DEBUG` level](https://github.com/caddyserver/caddy/pull/4429) if the error was [handled via `errors` routes](https://github.com/caddyserver/caddy/pull/4584) (`handle_errors` in Caddyfile). - :warning: **Logging:** Removed the [deprecated](https://github.com/caddyserver/caddy/issues/4148) `common_log` field from HTTP access logs, and the `single_field` encoder. If you relied on this, you may use the [transform encoder plugin](https://github.com/caddyserver/transform-encoder) to encode logs in Common Log format. - :warning: **Logging:** The `remote_addr` field [has been replaced](https://github.com/caddyserver/caddy/commit/f55b123d63132e290789bcd07077375c76b6e1dd) by `remote_ip` and `remote_port` fields in HTTP access logs, which split up the two parts of the remote address. This improves ease of use for some tooling which only expect an IP address, without a port. - **HTTP server:** The [`vars` matcher](https://github.com/caddyserver/caddy/commit/ecac03cdcb6cceae743aac16faca7f32e5da1607) can now match on multiple possible values. - **HTTP server:** Requests [can now be assigned](https://github.com/caddyserver/caddy/commit/180ae0cc4843ecc3c7ddcb6e978ebfd474ed07f9) a random and unique UUID from the new `{http.request.uuid}` placeholder. - **HTTP server:** [New `http_redirect` listener wrapper](https://github.com/caddyserver/caddy/pull/4585) which can be used to redirect HTTP requests that come in on a server listening for HTTPS requests to be redirected to `https://`. - **Caddyfile:** [New `default_bind` global option](https://github.com/caddyserver/caddy/pull/4531) lets you specify the default interface all sockets should bind to. - **Caddyfile:** [New `pki` global option](https://github.com/caddyserver/caddy/pull/4450) lets you configure the properties of the internal CAs managed by Caddy. - **Caddyfile:** [New `method` directive](https://github.com/caddyserver/caddy/pull/4528) allows rewriting the request method via Caddyfile. - :warning: **Caddyfile:** The `reverse_proxy` directive's `handle_response` subdirective has had its status replacement functionality [moved to a new `replace_status`](https://github.com/caddyserver/caddy/pull/4300) subdirective. This makes sure that the functionality of `handle_response` is not overloaded, and usage is clearer. - :warning: **Admin:** [Renamed](https://github.com/caddyserver/caddy/commit/bc447e307f195b80eeec0f6157e0d8e641af9155) experimental property `load_interval` :arrow_right: `load_delay` for clarification, and improved dynamic config loading. --- :shield: Thanks to [David Leadbeater](https://github.com/dgl) for reporting a security vulnerability related to HTTP methods and metrics cardinality, which was fixed in this release. ## New Contributors * @adamburgess made their first contribution in https://github.com/caddyserver/caddy/pull/4460 * @12f23eddde made their first contribution in https://github.com/caddyserver/caddy/pull/4444 * @rayjlinden made their first contribution in https://github.com/caddyserver/caddy/pull/4023 * @GallopingKylin made their first contribution in https://github.com/caddyserver/caddy/pull/4522 * @ForestJohnson made their first contribution in https://github.com/caddyserver/caddy/pull/4534 * @VojtechVitek made their first contribution in https://github.com/caddyserver/caddy/pull/4535 * @Ikke made their first contribution in https://github.com/caddyserver/caddy/pull/4544 * @YourTechBud made their first contribution in https://github.com/caddyserver/caddy/pull/4603 * @BitWuehler made their first contribution in https://github.com/caddyserver/caddy/pull/4597 * @ttys3 made their first contribution in https://github.com/caddyserver/caddy/pull/4572 * @crccw made their first contribution in https://github.com/caddyserver/caddy/pull/4596 * @andriikushch made their first contribution in https://github.com/caddyserver/caddy/pull/4361 * @renbou made their first contribution in https://github.com/caddyserver/caddy/pull/4654 * @cuishuang made their first contribution in https://github.com/caddyserver/caddy/pull/4702 ## Changelog * 2e46c2ac admin, reverseproxy: Stop timers if canceled to avoid goroutine leak (#4482) * 40b54434 admin: Enforce and refactor origin checking * b4bfa29b admin: Require identity for remote (fix #4478) * 32aad909 admin: Write proper status on invalid requests (#4569) (fix #4561) * ff137d17 caddyconfig: Support placeholders in HTTP loader * b47af6ef caddyfile: Copy input before parsing (fix #4422) * e90d7517 caddyfile: impove fmt warning message (#4444) * 5e5af50e caddyfile: make renew_interval option configurable (#4451) * ddbb234d caddyhttp: Always log handled errors at debug level (#4584) * 6b385a36 caddyhttp: Don't attempt to manage Tailscale certs * ecac03cd caddyhttp: Enhance vars matcher (#4433) * 6e6ce2be caddyhttp: Fix HTTP->HTTPS redir not preferring HTTPS port if ambiguous (#4530) * 3fe2c73d caddyhttp: Fix `MatchPath` sanitizing (#4499) * 44e5e9e4 caddyhttp: Fix test when /tmp/etc already exists (#4544) * 2bb8550a caddyhttp: Honor wildcard hosts in log SkipHosts (#4606) * 180ae0cc caddyhttp: Implement http.request.uuid placeholder (#4285) * 7d5047c1 caddyhttp: Log empty value for typical password headers * eead3373 caddyhttp: Log non-500 handler errors at debug level (#4429) * 5bf0adad caddyhttp: Make logging of credential headers opt-in (#4438) * 186fdba9 caddyhttp: Move HTTP redirect listener to an optional module (#4585) * 80d7a356 caddyhttp: Redirect HTTP requests on the HTTPS port to https:// (#4313) * bf380d00 caddyhttp: Reject absurd methods (#4538) * 850e1605 caddyhttp: Return HTTP 421 for mismatched Host header (#4023) * f55b123d caddyhttp: Split up logged remote address into IP and port (#4403) * ac14b64e caddyhttp: Support zone identifiers in remote_ip matcher (#4597) * a1c41210 caddypki: Minor tweak, don't use context pointer * 78e381b2 caddypki: Refactor /pki/ admin endpoints * c634bbe9 caddypki: Return error if no PEM data found * 9b7cdfa2 caddypki: Try to fix lint warnings * a79b4055 caddytls: Add internal Caddyfile `lifetime`, `sign_with_root` opts (#4513) * 66de438a caddytls: Fix `MatchRemoteIP` provisoning with multiple CIDR ranges (#4522) * 57a708d1 caddytls: Support external certificate Managers (like Tailscale) (#4541) * d9b1d463 caddytls: dns_challenge_override_domain for challenge delegation (#4596) * 1a7a78a1 cmd: Print error if fmt overwrite fails (fix #4524) * bc447e30 core: Config LoadInterval -> LoadDelay for clarity * 7ea5b2a8 core: Config load interval only reloads if changed (#4603) * 7f364c77 core: Load config at interval instead of just once * a72acd21 core: Retry dynamic config load if config unchanged * ceef70db core: Retry dynamic config load if error or no-op (#4603) * acbee947 core: Revert 7f364c7; simplify dynamic config load * 64a3218f core: Simplify shared listeners, fix deadline bug * 8e5aafa5 fastcgi: Fix a TODO, prevent zap using reflection for logging env (#4437) * c8f2834b fastcgi: Protect against requests with null bytes in the path (#4614) * de490c7c fastcgi: Set SERVER_PORT to 80 or 443 depending on scheme (#4572) * 09ba9e99 fileserver: Add `pass_thru` Caddyfile option (#4613) * 15c95e9d fileserver: Canonical redir when whole path is stripped (#4549) * c8b5a816 fileserver: Fix handling of symlink sizes in directory listings (#4415) * e81369e2 fileserver: Move default browse template into a separate file (#4417) * 1e10f6f7 fileserver: browse: do not encode the paths in breadcrumbs and page title (#4410) * 78b5356f fileserver: do not double-escape paths (#4447) * 0de51593 go.mod: Revert version bump of CEL (#4587) * 6f9b6ad7 go.mod: Update smallstep/certificates, no longer need replace (#4475) * 4906b935 go.mod: Update smallstep/truststore, fix build on FreeBSD (#4473) * c1331534 go.mod: Update to latest smallstep/truststore, support FreeBSD (#4453) * ff74a0aa go.mod: Upgrade dependencies * e9dde230 headers: Fix `+` in Caddyfile to properly append rather than set (#4506) * 1b7ff5d7 httpcaddyfile: Add `default_bind` global option (#4531) * 5a071568 httpcaddyfile: Add pki app `root` and `intermediate` cert/key config (#4514) * 26d633ba httpcaddyfile: Disabling OCSP stapling for both managed and unmanaged (#4589) * 93a7a45e httpcaddyfile: Fix incorrect handling of IPv6 bind addresses (#4532) * 81ee34e9 httpcaddyfile: Fix sorting edgecase for nested `handle_path` (#4477) * 4b9849c7 httpcaddyfile: Support configuring `pki` app names via global options (#4450) * 5bd96a6a httpcaddyfile: Support explicitly turning off `strict_sni_host` (#4592) * c921e082 logging: Add `roll_local_time` Caddyfile option (#4583) * 0eb0b60f logging: Remove common_log field and single_field encoder (#4149) (#4282) * 249adc1c logging: Support turning off roll compression via Caddyfile (#4505) * 8887adb0 logging: add a filter for cookies (#4425) * bcac2bee logging: add a filter for query parameters (#4424) * 789efa5d logging: add a regexp filter (#4426) * a1b417c8 logging: add support for hashing data (#4434) * eb891d46 metrics: Enforce smaller set of method labels * c04d24ca pki: Avoid provisioning the `local` CA when not necessary (#4463) * bbad6931 pki: Implement API endpoints for certs and `caddy trust` (#4443) * 9ee68c1b reverseproxy: Adjust defaults, document defaults (#4436) * 7557d1d9 reverseproxy: Avoid returning a `nil` error during GetClientCertificate (#4550) * ab045592 reverseproxy: Dynamic upstreams (with SRV and A/AAAA support) (#4470) * 5333c352 reverseproxy: Fix incorrect `health_headers` Caddyfile parsing (#4485) * c50094fc reverseproxy: Implement trusted proxies for `X-Forwarded-*` headers (#4507) * f5e10494 reverseproxy: Make shallow-ish clone of the request (#4551) * 87a1f228 reverseproxy: Move status replacement intercept to `replace_status` (#4300) * d058dee1 reverseproxy: Refactor dial address parsing, augment command parsing (#4616) * c7d6c4cb reverseproxy: copy_response and copy_response_headers for handle_response routes (#4391) * bcb7a19c rewrite: Add `method` Caddyfile directive (#4528) * 1feb6595 rewrite: Fix a double-encode issue when using the `{uri}` placeholder (#4516) * 6cadb60f templates: Document .OriginalReq * 1d0425b2 templates: Elaborate on what's supported by the markdown function (#4564) * a6199cf8 templates: Fix docs for .Args * ec14ccdd templates: fix inconsistent nested includes (#4452) * d0b608af tracing: New OpenTelemetry module (#4361) * 134b8056 caddyfile: Prevent bad block opening tokens (#4655) * c5fffb4a caddyfile: Support for raw token values; improve `map`, `expression` (#4643) * b82e22b4 caddyhttp: retain all values of vars matcher when specified multiple times (#4629) * bc15b4b0 caddypki: Load intermediate for signing on-the-fly (#4669) * 6512832f cmd: Add `--diff` option for `caddy fmt` (#4695) * 30b6d1f4 cmd: Enhance .env (dotenv) file parsing * 22d8edb9 cmd: Fix defaulting admin address if empty in config, fixes `reload` (#4674) * c2327161 cmd: Set Origin header properly on API requests * d06d0e79 go.mod: Upgrade CertMagic to v0.16.0 * bf6a1b75 go.mod: Upgrade some dependencies * 79cbe7bf httpcaddyfile: Add 'vars' directive * a58f240d httpcaddyfile: Fix #4640 (auto-HTTPS edgecase) (#4661) * 7d229665 logging: Caddyfile support for `duration_format` (#4684) * 55b4c12e map: Evaluate placeholders in output vals (#4650) * 93c99f67 map: Support numeric and bool types with Caddyfile * 3d616e8c requestbody: Return HTTP 413 (fix #4558) * 3e3bb002 reverseproxy: Add `_ms` placeholders for proxy durations (#4666) * 2196c92c reverseproxy: Don't clear name in SRV upstreams * dc4d1473 reverseproxy: Expand SRV/A addrs for cache key * b8dbecb8 reverseproxy: Include port in A upstreams cache * e4ce40f8 reverseproxy: Sync up `handleUpgradeResponse` with stdlib (#4664) * afca2421 staticfiles: Expand placeholder for index files (#4679) * 00234c8a templates: Switch to `BurntSushi/toml` (#4700) **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.4.6...v2.5.0-rc.1 2022-04-13T18:56:51+00:00 rocksdb v7.1.1 rocksdb v7.1.1 2022-04-13T21:20:40+00:00 ## 7.1.1 (04/07/2022) ### Bug Fixes * Fix segfault in FilePrefetchBuffer with async_io as it doesn't wait for pending jobs to complete on destruction. ## 7.1.0 (03/23/2022) ### New Features * Allow WriteBatchWithIndex to index a WriteBatch that includes keys with user-defined timestamps. The index itself does not have timestamp. * Add support for user-defined timestamps to write-committed transaction without API change. The `TransactionDB` layer APIs do not allow timestamps because we require that all user-defined-timestamps-aware operations go through the `Transaction` APIs. * Added BlobDB options to `ldb` * `BlockBasedTableOptions::detect_filter_construct_corruption` can now be dynamically configured using `DB::SetOptions`. * Automatically recover from retryable read IO errors during backgorund flush/compaction. * Experimental support for preserving file Temperatures through backup and restore, and for updating DB metadata for outside changes to file Temperature (`UpdateManifestForFilesState` or `ldb update_manifest --update_temperatures`). * Experimental support for async_io in ReadOptions which is used by FilePrefetchBuffer to prefetch some of the data asynchronously, if reads are sequential and auto readahead is enabled by rocksdb internally. ### Bug Fixes * Fixed a major performance bug in which Bloom filters generated by pre-7.0 releases are not read by early 7.0.x releases (and vice-versa) due to changes to FilterPolicy::Name() in #9590. This can severely impact read performance and read I/O on upgrade or downgrade with existing DB, but not data correctness. * Fixed a data race on `versions_` between `DBImpl::ResumeImpl()` and threads waiting for recovery to complete (#9496) * Fixed a bug caused by race among flush, incoming writes and taking snapshots. Queries to snapshots created with these race condition can return incorrect result, e.g. resurfacing deleted data. * Fixed a bug that DB flush uses `options.compression` even `options.compression_per_level` is set. * Fixed a bug that DisableManualCompaction may assert when disable an unscheduled manual compaction. * Fix a race condition when cancel manual compaction with `DisableManualCompaction`. Also DB close can cancel the manual compaction thread. * Fixed a potential timer crash when open close DB concurrently. * Fixed a race condition for `alive_log_files_` in non-two-write-queues mode. The race is between the write_thread_ in WriteToWAL() and another thread executing `FindObsoleteFiles()`. The race condition will be caught if `__glibcxx_requires_nonempty` is enabled. * Fixed a bug that `Iterator::Refresh()` reads stale keys after DeleteRange() performed. * Fixed a race condition when disable and re-enable manual compaction. * Fixed automatic error recovery failure in atomic flush. * Fixed a race condition when mmaping a WritableFile on POSIX. ### Public API changes * Added pure virtual FilterPolicy::CompatibilityName(), which is needed for fixing major performance bug involving FilterPolicy naming in SST metadata without affecting Customizable aspect of FilterPolicy. This change only affects those with their own custom or wrapper FilterPolicy classes. * `options.compression_per_level` is dynamically changeable with `SetOptions()`. * Added `WriteOptions::rate_limiter_priority`. When set to something other than `Env::IO_TOTAL`, the internal rate limiter (`DBOptions::rate_limiter`) will be charged at the specified priority for writes associated with the API to which the `WriteOptions` was provided. Currently the support covers automatic WAL flushes, which happen during live updates (`Put()`, `Write()`, `Delete()`, etc.) when `WriteOptions::disableWAL == false` and `DBOptions::manual_wal_flush == false`. * Add DB::OpenAndTrimHistory API. This API will open DB and trim data to the timestamp specified by trim_ts (The data with timestamp larger than specified trim bound will be removed). This API should only be used at a timestamp-enabled column families recovery. If the column family doesn't have timestamp enabled, this API won't trim any data on that column family. This API is not compatible with avoid_flush_during_recovery option. * Remove BlockBasedTableOptions.hash_index_allow_collision which already takes no effect. 2022-04-13T21:20:40+00:00 syncthing v1.20.0-rc.1 syncthing v1.20.0-rc.1 2022-04-15T04:50:34+00:00 Bugfixes: - #7855: Watching for changes using too many system resources on BSDs (kqueue) - #8020: Dangling symlink prevents filesystem watcher on Solaris - #8232: Missing include file endlessly spams log - #8258: The latest version does not support go1.18 compilation!! Enhancements: - #8202: Indicate folders / devices where the remote end has not accepted sharing. Other issues: - #8279: Simplify tests using `T.TempDir` 2022-04-15T04:50:34+00:00 rocksdb v7.1.2 rocksdb v7.1.2 2022-04-20T01:48:15+00:00 ## 7.1.2 (04/19/2022) ### Bug Fixes * Fixed bug which caused rocksdb failure in the situation when rocksdb was accessible using UNC path * Fixed a race condition when 2PC is disabled and WAL tracking in the MANIFEST is enabled. The race condition is between two background flush threads trying to install flush results, causing a WAL deletion not tracked in the MANIFEST. A future DB open may fail. * Fixed a heap use-after-free race with DropColumnFamily. * Fixed a bug that `rocksdb.read.block.compaction.micros` cannot track compaction stats (#9722). * Fixed `file_type`, `relative_filename` and `directory` fields returned by `GetLiveFilesMetaData()`, which were added in inheriting from `FileStorageInfo`. * Fixed a bug affecting `track_and_verify_wals_in_manifest`. Without the fix, application may see "open error: Corruption: Missing WAL with log number" while trying to open the db. The corruption is a false alarm but prevents DB open (#9766). 2022-04-20T01:48:15+00:00 MISP v2.4.158 MISP v2.4.158 2022-04-20T07:43:37+00:00 We are pleased to announce the immediate availability of MISP v2.4.158. This release includes a series of security fixes and as such **we highly encourage everyone to update to this version as soon as possible**. Thanks to Dawid Czarnecki of Zigrin Security for the in-depth penetration test and its findings and thanks to the Luxembourg Army for financing the penetration test. This is the follow up to the Cerebrate penetration test also conducted by Zigrin Security on behalf of the Luxembourg Army, as described [here](https://www.cerebrate-project.org/2022/01/27/Cerebate-version-1.4-released.html). # Security fixes Several security issues have been resolved, head over to [the security page](https://www.misp-project.org/security/) for a detailed break-down of the advisories including the associated CVEs. Whilst most of the vulnerabilities listed are mitigated by requiring compromised high privilege accounts, we nevertheless advise all users to update their instances as soon as possible. - Phar deserialisation - [Global fix](https://github.com/MISP/MISP/commit/0108f1bde2117ac5c1e28d124128f60c8bb09a8e) - [Individual additional mitigations](https://github.com/MISP/MISP/commit/93821c0de6a7dd32262ce62212773f43136ca66e) - [XSS in LinOTP login](https://github.com/MISP/MISP/commit/9623de2f5cca011afc581d55cfa5ce87682894fd) - [XSS in Galaxy clusters](https://github.com/MISP/MISP/commit/107e271d78c255d658ce998285fe6f6c4f291b41) - [XSS in organisation fetchSGOrgRow](https://github.com/MISP/MISP/commit/ce6bc88e330f5ef50666b149d86c0d94f545f24e) - [XSS in Event graph via tags](https://github.com/MISP/MISP/commit/bb3b7a7e91862742cae228c43b3091bad476dcc0) - [XSS in Cerebrate view](https://github.com/MISP/MISP/commit/60c85b80e3ab05c3ef015bca5630e95eddbb1436) - [Password confirmation bypass](https://github.com/MISP/MISP/commit/01120163a6b4d905029d416e7305575df31df8af) ## Announcement of a silent fix of phar deserialisation RCE in a previous release (v2.4.156) As of the previous security release (v2.4.156), based on the pentest conducted by Ianis BERNARD of the NATO Cyber Security Centre, a high criticality vulnerability was also identiefied. We have opted for a silent fix to the critical vulnerability whilst upgrading the announced criticality of the other security fixes included in the release. This is an extreme measure that we take whenever we want to ensure that the community is both aware that they do need to update as soon as possible whilst not drawing attention to the actual critical vulnerability. If you have followed our guidance over the past month to update you are already safe - if you are running a MISP instance below 2.4.156 **we highly encourage you to update to the latest version as soon as possible**. - [Phar deserialisation silent fix](https://github.com/MISP/MISP/commit/8eff854fce1fea1521f33fffc2440df5b7e5c410) # Custom email templates Added the ability to override some of the standard e-mail templates with custom ones, just drop the templates mirroring the naming convention of the existing ones in `/var/www/MISP/app/View/Email/text` and `/var/www/MISP/app/View/Email/html` into `/var/www/MISP/app/View/Email/text/Custom/` and `/var/www/MISP/app/View/Email/html/Custom/`. Currently supported templates: alert, password_reset. # RestSearch improvements Fixing a baffling oversight on our side, thanks to Tom King we can now search by sharing groups besides just distribution levels. # A long list of refactors and bugfixes Massive thanks to Jakub Onderka for the continuous refactoring, simplifying and cleaning up of the code-base. For a full list of all the improvements that are part of this herculean effort, refer to the [changelog](https://www.misp-project.org/Changelog.txt) # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html). As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. 2022-04-20T07:43:37+00:00 syncthing v1.20.0-rc.2 syncthing v1.20.0-rc.2 2022-04-21T13:57:00+00:00 Bugfixes: - #7855: Watching for changes using too many system resources on BSDs (kqueue) - #8020: Dangling symlink prevents filesystem watcher on Solaris - #8232: Missing include file endlessly spams log - #8258: The latest version does not support go1.18 compilation!! Enhancements: - #8202: Indicate folders / devices where the remote end has not accepted sharing. - #8282: Change default log format to include date Other issues: - #8279: Simplify tests using `T.TempDir` 2022-04-21T13:57:00+00:00 caddy v2.5.0 caddy v2.5.0 2022-04-25T17:34:35+00:00 Caddy 2.5 introduces new features you'll love as well as a huge number of bug fixes and enhancements. Thank you to everyone who contributed! Feel free to ask on the [forum](https://caddy.community) if you have any questions or feedback. ## Highlights - **Reverse proxy:** [:sparkles: _Dynamic upstreams_](https://github.com/caddyserver/caddy/pull/4470), which is the ability to get the list of upstreams at every request (more specifically, every iteration in the proxy loop of every request) rather than just once at config-load time. Dynamic upstream modules can be plugged in to provide Caddy with the latest list of backends in real-time. Two standard modules have been implemented which can get upstreams from SRV and A/AAAA record lookups. - :warning: This deprecates the `lookup_srv` JSON field for upstreams (and `srv+` scheme prefix in the Caddyfile), which will be removed in the future. - **Automatic HTTPS:** Caddy will automatically try to get relevant certificates from the local [Tailscale](https://tailscale.com) instance (if running with permission to access the Tailscale socket). This makes services running on a Tailscale network [automatically available](https://github.com/caddyserver/caddy/pull/4541) over trusted HTTPS with Caddy. - **Tracing:** New [OpenTelemetry](https://opentelemetry.io/) integration with the [`tracing` handler module and associated `tracing` directive](https://github.com/caddyserver/caddy/pull/4361). - **Reverse proxy:** When using the response handlers, a new handler `copy_response` is available to copy the proxy's response back to the client, and `copy_response_headers` may be used to selectively copy header values from the proxy's response. - **API:** Added new endpoints `/pki/ca/<id>` and `/pki/ca/<id>/certificates` for getting information about Caddy's managed CAs, including the chain of root and intermediate certificates. ## Notable - **Reverse proxy:** The `X-Forwarded-Host` header will now be automatically set, along with `X-Forwarded-For` and `X-Forwarded-Proto`. - :warning: **Reverse proxy:** Incoming `X-Forwarded-*` headers will no longer be automatically trusted, to prevent spoofing. Now, `trusted_proxies` must be configured to specify a list of downstream proxies which are trusted to have sent good values. You only need to configure trusted proxies if Caddy is not the first server being connected to. For example, if you have Cloudflare in front of Caddy, then you should configure this with Cloudflare's [list of IP ranges](https://www.cloudflare.com/en-ca/ips/). - **Automatic HTTPS:** Revoked certificates will be automatically [replaced more reliably](https://github.com/caddyserver/certmagic/pull/166). - **Automatic HTTPS:** [Can now get certificates from _Managers_.](https://github.com/caddyserver/caddy/pull/4541) As opposed to _Issuers_ (such as the default ACME issuers) which give Caddy certificates to manage from a CSR, Managers give Caddy certificates to serve (rather than manage) during TLS handshakes. - **Automatic HTTPS:** A DNS challenge [domain override](https://github.com/caddyserver/caddy/issues/4071) can be configured to delegate the solving of the challenge to a different domain. - **Automatic HTTPS:** The DNS challenge propagation checks can now be delayed or disabled by setting `propagation_delay` or `propagation_timeout` to -1, respectively. - **Reverse proxy:** The default dial timeout for the HTTP transport [has been adjusted](https://github.com/caddyserver/caddy/pull/4436) down to `3s` (was `10s`), which should allow for more easily configuring load balancing retries. - **Logging:** HTTP access logs will now [render empty values](https://github.com/caddyserver/caddy/commit/7d5047c1f190421528695e1cc3a4ad71c97eb022) for often-sensitive HTTP headers such as Cookie, Authorization, and Proxy-Authorization. Logging such credentials is now [opt-in](https://github.com/caddyserver/caddy/commit/5bf0adad8748e96e10529d5fc5777afc9236a7b5) with the `log_credentials` global option in the Caddyfile, or the server's `logs > should_log_credentials` field in JSON. - **Logging:** Logs can now be filtered by [query string parameters](https://github.com/caddyserver/caddy/commit/bcac2beee7e419f8cdab2ed16f388d1af282a46b), [cookie values](https://github.com/caddyserver/caddy/commit/8887adb027982e844965b4707b8595cee5845d54), and [regular expressions](https://github.com/caddyserver/caddy/commit/789efa5deef53071b57479d37e4022bf372c4eef); and log values can be [hashed](https://github.com/caddyserver/caddy/commit/a1b417c832b4ab3dab9eaa9690e1d07672a949b8). These features are useful for redacting sensitive information. - **Logging:** Errors during request handling [will now be logged at `DEBUG` level](https://github.com/caddyserver/caddy/pull/4429) if the error was [handled via `errors` routes](https://github.com/caddyserver/caddy/pull/4584) (`handle_errors` in Caddyfile). - :warning: **Logging:** Removed the [deprecated](https://github.com/caddyserver/caddy/issues/4148) `common_log` field from HTTP access logs, and the `single_field` encoder. If you relied on this, you may use the [transform encoder plugin](https://github.com/caddyserver/transform-encoder) to encode logs in Common Log format. - :warning: **Logging:** The `remote_addr` field [has been replaced](https://github.com/caddyserver/caddy/commit/f55b123d63132e290789bcd07077375c76b6e1dd) by `remote_ip` and `remote_port` fields in HTTP access logs, which split up the two parts of the remote address. This improves ease of use for some tooling which only expect an IP address, without a port. - **HTTP server:** The [`vars` matcher](https://github.com/caddyserver/caddy/commit/ecac03cdcb6cceae743aac16faca7f32e5da1607) can now match on multiple possible values. - **HTTP server:** Requests [can now be assigned](https://github.com/caddyserver/caddy/commit/180ae0cc4843ecc3c7ddcb6e978ebfd474ed07f9) a random and unique UUID from the new `{http.request.uuid}` placeholder. - **HTTP server:** [New `http_redirect` listener wrapper](https://github.com/caddyserver/caddy/pull/4585) which can be used to redirect HTTP requests that come in on a server listening for HTTPS requests to be redirected to `https://`. - :warning: **Caddyfile:** [Deprecated paths in site addresses.](https://github.com/caddyserver/caddy/pull/4728) Prefer using path matchers within your site block instead. - **Caddyfile:** [New `default_bind` global option](https://github.com/caddyserver/caddy/pull/4531) lets you specify the default interface all sockets should bind to. - **Caddyfile:** [New `pki` global option](https://github.com/caddyserver/caddy/pull/4450) lets you configure the properties of the internal CAs managed by Caddy. - **Caddyfile:** [New `method` directive](https://github.com/caddyserver/caddy/pull/4528) allows rewriting the request method via Caddyfile. - :warning: **Caddyfile:** The `reverse_proxy` directive's `handle_response` subdirective has had its status replacement functionality [moved to a new `replace_status`](https://github.com/caddyserver/caddy/pull/4300) subdirective. This makes sure that the functionality of `handle_response` is not overloaded, and usage is clearer. - **Caddyfile**: The `map` directive [now casts outputs](https://github.com/caddyserver/caddy/commit/93c99f67342504efe9f6b58a734aaec3929fe785) to the appropriate scalar type if possible (int, float, bool). If you need to force a string, you may use double quotes or backticks https://github.com/caddyserver/caddy/pull/4643. - **Caddyfile**: [New `vars` directive](https://github.com/caddyserver/caddy/commit/79cbe7bfd06565d0e7ab0717119f78960ed54c08) allows setting some variables during request handling for later use in another handler or matcher. - **Caddyfile**: The Caddyfile adapter [is now stricter](https://github.com/caddyserver/caddy/pull/4655) about curly braces for block openers to try to prevent parsing ambiguities. - **Caddyfile**: The `caddy fmt` CLI command now has a [`--diff` option](https://github.com/caddyserver/caddy/pull/4695) which lets you visually see the formatting differences. - :warning: **Admin:** [Renamed](https://github.com/caddyserver/caddy/commit/bc447e307f195b80eeec0f6157e0d8e641af9155) experimental property `load_interval` :arrow_right: `load_delay` for clarification, and improved dynamic config loading. --- :shield: Thanks to [David Leadbeater](https://github.com/dgl) for reporting a security vulnerability related to HTTP methods and metrics cardinality, which was fixed in this release. ## New Contributors * @adamburgess made their first contribution in https://github.com/caddyserver/caddy/pull/4460 * @12f23eddde made their first contribution in https://github.com/caddyserver/caddy/pull/4444 * @rayjlinden made their first contribution in https://github.com/caddyserver/caddy/pull/4023 * @GallopingKylin made their first contribution in https://github.com/caddyserver/caddy/pull/4522 * @ForestJohnson made their first contribution in https://github.com/caddyserver/caddy/pull/4534 * @VojtechVitek made their first contribution in https://github.com/caddyserver/caddy/pull/4535 * @Ikke made their first contribution in https://github.com/caddyserver/caddy/pull/4544 * @YourTechBud made their first contribution in https://github.com/caddyserver/caddy/pull/4603 * @BitWuehler made their first contribution in https://github.com/caddyserver/caddy/pull/4597 * @ttys3 made their first contribution in https://github.com/caddyserver/caddy/pull/4572 * @crccw made their first contribution in https://github.com/caddyserver/caddy/pull/4596 * @andriikushch made their first contribution in https://github.com/caddyserver/caddy/pull/4361 * @renbou made their first contribution in https://github.com/caddyserver/caddy/pull/4654 * @cuishuang made their first contribution in https://github.com/caddyserver/caddy/pull/4702 ## Changelog * 2e46c2ac admin, reverseproxy: Stop timers if canceled to avoid goroutine leak (#4482) * 40b54434 admin: Enforce and refactor origin checking * b4bfa29b admin: Require identity for remote (fix #4478) * 32aad909 admin: Write proper status on invalid requests (#4569) (fix #4561) * ff137d17 caddyconfig: Support placeholders in HTTP loader * b47af6ef caddyfile: Copy input before parsing (fix #4422) * e90d7517 caddyfile: impove fmt warning message (#4444) * 5e5af50e caddyfile: make renew_interval option configurable (#4451) * ddbb234d caddyhttp: Always log handled errors at debug level (#4584) * 6b385a36 caddyhttp: Don't attempt to manage Tailscale certs * ecac03cd caddyhttp: Enhance vars matcher (#4433) * 6e6ce2be caddyhttp: Fix HTTP->HTTPS redir not preferring HTTPS port if ambiguous (#4530) * 3fe2c73d caddyhttp: Fix `MatchPath` sanitizing (#4499) * 44e5e9e4 caddyhttp: Fix test when /tmp/etc already exists (#4544) * 2bb8550a caddyhttp: Honor wildcard hosts in log SkipHosts (#4606) * 180ae0cc caddyhttp: Implement http.request.uuid placeholder (#4285) * 7d5047c1 caddyhttp: Log empty value for typical password headers * eead3373 caddyhttp: Log non-500 handler errors at debug level (#4429) * 5bf0adad caddyhttp: Make logging of credential headers opt-in (#4438) * 186fdba9 caddyhttp: Move HTTP redirect listener to an optional module (#4585) * 80d7a356 caddyhttp: Redirect HTTP requests on the HTTPS port to https:// (#4313) * bf380d00 caddyhttp: Reject absurd methods (#4538) * 850e1605 caddyhttp: Return HTTP 421 for mismatched Host header (#4023) * f55b123d caddyhttp: Split up logged remote address into IP and port (#4403) * ac14b64e caddyhttp: Support zone identifiers in remote_ip matcher (#4597) * a1c41210 caddypki: Minor tweak, don't use context pointer * 78e381b2 caddypki: Refactor /pki/ admin endpoints * c634bbe9 caddypki: Return error if no PEM data found * 9b7cdfa2 caddypki: Try to fix lint warnings * a79b4055 caddytls: Add internal Caddyfile `lifetime`, `sign_with_root` opts (#4513) * 77a77c02 caddytls: Add `propagation_delay`, support `propagation_timeout -1` (#4723) * 66de438a caddytls: Fix `MatchRemoteIP` provisoning with multiple CIDR ranges (#4522) * 57a708d1 caddytls: Support external certificate Managers (like Tailscale) (#4541) * d9b1d463 caddytls: dns_challenge_override_domain for challenge delegation (#4596) * 1a7a78a1 cmd: Print error if fmt overwrite fails (fix #4524) * bc447e30 core: Config LoadInterval -> LoadDelay for clarity * 7ea5b2a8 core: Config load interval only reloads if changed (#4603) * 7f364c77 core: Load config at interval instead of just once * a72acd21 core: Retry dynamic config load if config unchanged * ceef70db core: Retry dynamic config load if error or no-op (#4603) * acbee947 core: Revert 7f364c7; simplify dynamic config load * 64a3218f core: Simplify shared listeners, fix deadline bug * 8e5aafa5 fastcgi: Fix a TODO, prevent zap using reflection for logging env (#4437) * c8f2834b fastcgi: Protect against requests with null bytes in the path (#4614) * de490c7c fastcgi: Set SERVER_PORT to 80 or 443 depending on scheme (#4572) * 09ba9e99 fileserver: Add `pass_thru` Caddyfile option (#4613) * 15c95e9d fileserver: Canonical redir when whole path is stripped (#4549) * c8b5a816 fileserver: Fix handling of symlink sizes in directory listings (#4415) * e81369e2 fileserver: Move default browse template into a separate file (#4417) * 1e10f6f7 fileserver: browse: do not encode the paths in breadcrumbs and page title (#4410) * 78b5356f fileserver: do not double-escape paths (#4447) * 0de51593 go.mod: Revert version bump of CEL (#4587) * 6f9b6ad7 go.mod: Update smallstep/certificates, no longer need replace (#4475) * 4906b935 go.mod: Update smallstep/truststore, fix build on FreeBSD (#4473) * c1331534 go.mod: Update to latest smallstep/truststore, support FreeBSD (#4453) * ff74a0aa go.mod: Upgrade dependencies * e9dde230 headers: Fix `+` in Caddyfile to properly append rather than set (#4506) * 1b7ff5d7 httpcaddyfile: Add `default_bind` global option (#4531) * a8bb4a66 httpcaddyfile: Add `{vars.*}` placeholder shortcut, reverse `vars` sort order (#4726) * 5a071568 httpcaddyfile: Add pki app `root` and `intermediate` cert/key config (#4514) * 3a1e0dbf httpcaddyfile: Deprecate paths in site addresses; use zap logs (#4728) * 26d633ba httpcaddyfile: Disabling OCSP stapling for both managed and unmanaged (#4589) * 93a7a45e httpcaddyfile: Fix incorrect handling of IPv6 bind addresses (#4532) * 81ee34e9 httpcaddyfile: Fix sorting edgecase for nested `handle_path` (#4477) * 4b9849c7 httpcaddyfile: Support configuring `pki` app names via global options (#4450) * 5bd96a6a httpcaddyfile: Support explicitly turning off `strict_sni_host` (#4592) * c921e082 logging: Add `roll_local_time` Caddyfile option (#4583) * 0eb0b60f logging: Remove common_log field and single_field encoder (#4149) (#4282) * 249adc1c logging: Support turning off roll compression via Caddyfile (#4505) * 8887adb0 logging: add a filter for cookies (#4425) * bcac2bee logging: add a filter for query parameters (#4424) * 789efa5d logging: add a regexp filter (#4426) * a1b417c8 logging: add support for hashing data (#4434) * eb891d46 metrics: Enforce smaller set of method labels * c04d24ca pki: Avoid provisioning the `local` CA when not necessary (#4463) * bbad6931 pki: Implement API endpoints for certs and `caddy trust` (#4443) * 9ee68c1b reverseproxy: Adjust defaults, document defaults (#4436) * 7557d1d9 reverseproxy: Avoid returning a `nil` error during GetClientCertificate (#4550) * ab045592 reverseproxy: Dynamic upstreams (with SRV and A/AAAA support) (#4470) * 5333c352 reverseproxy: Fix incorrect `health_headers` Caddyfile parsing (#4485) * c50094fc reverseproxy: Implement trusted proxies for `X-Forwarded-*` headers (#4507) * f5e10494 reverseproxy: Make shallow-ish clone of the request (#4551) * 87a1f228 reverseproxy: Move status replacement intercept to `replace_status` (#4300) * d058dee1 reverseproxy: Refactor dial address parsing, augment command parsing (#4616) * c7d6c4cb reverseproxy: copy_response and copy_response_headers for handle_response routes (#4391) * bcb7a19c rewrite: Add `method` Caddyfile directive (#4528) * 1feb6595 rewrite: Fix a double-encode issue when using the `{uri}` placeholder (#4516) * 6cadb60f templates: Document .OriginalReq * 1d0425b2 templates: Elaborate on what's supported by the markdown function (#4564) * a6199cf8 templates: Fix docs for .Args * ec14ccdd templates: fix inconsistent nested includes (#4452) * d0b608af tracing: New OpenTelemetry module (#4361) * 134b8056 caddyfile: Prevent bad block opening tokens (#4655) * c5fffb4a caddyfile: Support for raw token values; improve `map`, `expression` (#4643) * b82e22b4 caddyhttp: retain all values of vars matcher when specified multiple times (#4629) * bc15b4b0 caddypki: Load intermediate for signing on-the-fly (#4669) * 6512832f cmd: Add `--diff` option for `caddy fmt` (#4695) * 30b6d1f4 cmd: Enhance .env (dotenv) file parsing * 22d8edb9 cmd: Fix defaulting admin address if empty in config, fixes `reload` (#4674) * c2327161 cmd: Set Origin header properly on API requests * d06d0e79 go.mod: Upgrade CertMagic to v0.16.0 * bf6a1b75 go.mod: Upgrade some dependencies * 79cbe7bf httpcaddyfile: Add 'vars' directive * a58f240d httpcaddyfile: Fix #4640 (auto-HTTPS edgecase) (#4661) * 7d229665 logging: Caddyfile support for `duration_format` (#4684) * 55b4c12e map: Evaluate placeholders in output vals (#4650) * 93c99f67 map: Support numeric and bool types with Caddyfile * 3d616e8c requestbody: Return HTTP 413 (fix #4558) * 3e3bb002 reverseproxy: Add `_ms` placeholders for proxy durations (#4666) * 2196c92c reverseproxy: Don't clear name in SRV upstreams * dc4d1473 reverseproxy: Expand SRV/A addrs for cache key * b8dbecb8 reverseproxy: Include port in A upstreams cache * e4ce40f8 reverseproxy: Sync up `handleUpgradeResponse` with stdlib (#4664) * afca2421 staticfiles: Expand placeholder for index files (#4679) * 00234c8a templates: Switch to `BurntSushi/toml` (#4700) **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.4.6...v2.5.0 2022-04-25T17:34:35+00:00 PeekabooAV v2.1 PeekabooAV v2.1 2022-04-26T08:20:37+00:00 - Peekaboo now provides a REST API. The old UNIX domain socket is gone and there's no longer a long-lived client connection providing a summary report on multiple samples. Samples are now submitted individually, yielding a job ID for subsequent attempts at retrieving a report. Both inputs and outputs of the API are JSON. The AMaViS plugin and peekaboo-util are updated to match. - Embedded Cuckoo mode and python2 support are removed. - Breaking change: Equality operators in expressions using regexes do now need to match the whole string up to the end. - New database schema version 9. Removes tables PeekabooMetadata and AnalysisJournal, and adds field analysis\_time as well as state to SampleInfo. - Generic rules can now make use of the new analyser `knownreport` - Introduce cortexreport toolbox analyser to connect to Cortex by TheHive. There already are a few sub analysers that can be used. - Reduce amount of data copied from Cuckoo reports for memory efficiency and security reasons. Reduces the amount of information available in Peekaboo processing failure dumps as well. URL to access original report via Cuckoo API is provided instead. - The CortexAnalyser or more precisely every CortexAnalyser can now access domain, hash, and ip artifacts from within the Generic rules. - FileInfoAnalyzerReport has new attibutes md5sum, sha256sum, and ssdeepsum (now don't get to excited, ssdeep hashes can only be used as strings) - Input validation of reports adds a new pip requirement: schema - Availability of external resources, particularly Cuckoo and Cortex APIs is no longer checked at startup. Lack of availability is reported as individual job failure. - PID file is no longer created by default (but can be re-enabled by specifying a path). 2022-04-26T08:20:37+00:00 syncthing v1.20.0-rc.3 syncthing v1.20.0-rc.3 2022-04-26T11:55:37+00:00 Bugfixes: - #7855: Watching for changes using too many system resources on BSDs (kqueue) - #8020: Dangling symlink prevents filesystem watcher on Solaris - #8232: Missing include file endlessly spams log - #8258: The latest version does not support go1.18 compilation!! - #8261: TypeError: Cannot read properties of null (reading 'status') in the GUI after killing Syncthing Enhancements: - #8202: Indicate folders / devices where the remote end has not accepted sharing. - #8282: Change default log format to include date Other issues: - #8279: Simplify tests using `T.TempDir` 2022-04-26T11:55:37+00:00 dalton v3.2.2 dalton v3.2.2 2022-04-28T14:34:15+00:00 - Added explicit requirement for `Jinja2==3.0.3` 2022-04-28T14:34:15+00:00 maltrail 0.45 maltrail 0.45 2022-04-30T22:11:05+00:00 Start-of-month release 2022-04-30T22:11:05+00:00 syncthing v1.20.0 syncthing v1.20.0 2022-05-03T15:24:19+00:00 Bugfixes: - #7855: Watching for changes using too many system resources on BSDs (kqueue) - #8020: Dangling symlink prevents filesystem watcher on Solaris - #8232: Missing include file endlessly spams log - #8258: The latest version does not support go1.18 compilation!! - #8261: TypeError: Cannot read properties of null (reading 'status') in the GUI after killing Syncthing Enhancements: - #8202: Indicate folders / devices where the remote end has not accepted sharing. - #8282: Change default log format to include date Other issues: - #8279: Simplify tests using `T.TempDir` 2022-05-03T15:24:19+00:00 syncthing v1.20.1 syncthing v1.20.1 2022-05-04T16:32:31+00:00 Bugfixes: - #8320: Spurious failure of new connections ("unknown (newer?) version of the protocol" etc) 2022-05-04T16:32:31+00:00 rocksdb v7.2.2 rocksdb v7.2.2 2022-05-05T22:33:28+00:00 ## 7.2.2 (2022-04-28) ### Bug Fixes * Fixed a bug in async_io path where incorrect length of data is read by FilePrefetchBuffer if data is consumed from two populated buffers and request for more data is sent. ## 7.2.1 (2022-04-26) ### Bug Fixes * Fixed a bug where RocksDB could corrupt DBs with `avoid_flush_during_recovery == true` by removing valid WALs, leading to `Status::Corruption` with message like "SST file is ahead of WALs" when attempting to reopen. * RocksDB calls FileSystem::Poll API during FilePrefetchBuffer destruction which impacts performance as it waits for read requets completion which is not needed anymore. Calling FileSystem::AbortIO to abort those requests instead fixes that performance issue. ## 7.2.0 (2022-04-15) ### Bug Fixes * Fixed bug which caused rocksdb failure in the situation when rocksdb was accessible using UNC path * Fixed a race condition when 2PC is disabled and WAL tracking in the MANIFEST is enabled. The race condition is between two background flush threads trying to install flush results, causing a WAL deletion not tracked in the MANIFEST. A future DB open may fail. * Fixed a heap use-after-free race with DropColumnFamily. * Fixed a bug that `rocksdb.read.block.compaction.micros` cannot track compaction stats (#9722). * Fixed `file_type`, `relative_filename` and `directory` fields returned by `GetLiveFilesMetaData()`, which were added in inheriting from `FileStorageInfo`. * Fixed a bug affecting `track_and_verify_wals_in_manifest`. Without the fix, application may see "open error: Corruption: Missing WAL with log number" while trying to open the db. The corruption is a false alarm but prevents DB open (#9766). * Fix segfault in FilePrefetchBuffer with async_io as it doesn't wait for pending jobs to complete on destruction. * Fix ERROR_HANDLER_AUTORESUME_RETRY_COUNT stat whose value was set wrong in portal.h * Fixed a bug for non-TransactionDB with avoid_flush_during_recovery = true and TransactionDB where in case of crash, min_log_number_to_keep may not change on recovery and persisting a new MANIFEST with advanced log_numbers for some column families, results in "column family inconsistency" error on second recovery. As a solution the corrupted WALs whose numbers are larger than the corrupted wal and smaller than the new WAL will be moved to archive folder. * Fixed a bug in RocksDB DB::Open() which may creates and writes to two new MANIFEST files even before recovery succeeds. Now writes to MANIFEST are persisted only after recovery is successful. ### New Features * For db_bench when --seed=0 or --seed is not set then it uses the current time as the seed value. Previously it used the value 1000. * For db_bench when --benchmark lists multiple tests and each test uses a seed for a RNG then the seeds across tests will no longer be repeated. * Added an option to dynamically charge an updating estimated memory usage of block-based table reader to block cache if block cache available. To enable this feature, set `BlockBasedTableOptions::reserve_table_reader_memory = true`. * Add new stat ASYNC_READ_BYTES that calculates number of bytes read during async read call and users can check if async code path is being called by RocksDB internal automatic prefetching for sequential reads. * Enable async prefetching if ReadOptions.readahead_size is set along with ReadOptions.async_io in FilePrefetchBuffer. * Add event listener support on remote compaction compactor side. * Added a dedicated integer DB property `rocksdb.live-blob-file-garbage-size` that exposes the total amount of garbage in the blob files in the current version. * RocksDB does internal auto prefetching if it notices sequential reads. It starts with readahead size `initial_auto_readahead_size` which now can be configured through BlockBasedTableOptions. * Add a merge operator that allows users to register specific aggregation function so that they can does aggregation using different aggregation types for different keys. See comments in include/rocksdb/utilities/agg_merge.h for actual usage. The feature is experimental and the format is subject to change and we won't provide a migration tool. * Meta-internal / Experimental: Improve CPU performance by replacing many uses of std::unordered_map with folly::F14FastMap when RocksDB is compiled together with Folly. * Experimental: Add CompressedSecondaryCache, a concrete implementation of rocksdb::SecondaryCache, that integrates with compression libraries (e.g. LZ4) to hold compressed blocks. ### Behavior changes * Disallow usage of commit-time-write-batch for write-prepared/write-unprepared transactions if TransactionOptions::use_only_the_last_commit_time_batch_for_recovery is false to prevent two (or more) uncommitted versions of the same key in the database. Otherwise, bottommost compaction may violate the internal key uniqueness invariant of SSTs if the sequence numbers of both internal keys are zeroed out (#9794). * Make DB::GetUpdatesSince() return NotSupported early for write-prepared/write-unprepared transactions, as the API contract indicates. ### Public API changes * Exposed APIs to examine results of block cache stats collections in a structured way. In particular, users of `GetMapProperty()` with property `kBlockCacheEntryStats` can now use the functions in `BlockCacheEntryStatsMapKeys` to find stats in the map. * Add `fail_if_not_bottommost_level` to IngestExternalFileOptions so that ingestion will fail if the file(s) cannot be ingested to the bottommost level. * Add output parameter `is_in_sec_cache` to `SecondaryCache::Lookup()`. It is to indicate whether the handle is possibly erased from the secondary cache after the Lookup. 2022-05-05T22:33:28+00:00 caddy v2.5.1 caddy v2.5.1 2022-05-06T17:23:16+00:00 This is a minor patch release that fixes some bugs and also enhances `reverse_proxy` with capabilities that weren't ready in time for v2.5.0. ### Highlights - Fixed regression in Unix socket admin endpoints. - Fixed regression in `caddy trust` commands. - Hash-based load balancing policies (ip_hash, uri_hash, header, and cookie) use an improved highest-random-weight (HRW) algorithm for increased consistency. The new rendezvous hash will ensure a client or request is _consistently_ mapped to a particular upstream even if the list of upstreams changes. - The reverse proxy is now able to rewrite the method and URI on its internal copy of the request that goes to the upstream. Combined with new `handle_response` capabilities, this enables the reverse proxy to fire off ["pre-check requests"](https://github.com/caddyserver/caddy/pull/4739) (for lack of a better term) to make routing decisions based on the results of that call. This enables a commonly-emerging pattern called _forward authentication_ wherein a backend is queried to assess a client's authorization to be proxied. The [full, verbose config for this](https://github.com/caddyserver/caddy/pull/4739#issuecomment-1113901951) is very flexible but tedious, so we made a new wrapper directive called `forward_auth` that eliminates the boilerplate (very similar to the [`php_fastcgi` directive](https://caddyserver.com/docs/caddyfile/directives/php_fastcgi#expanded-form)): ``` forward_auth authelia:9091 { uri /api/verify?rd=https://auth.example.com copy_headers Remote-User Remote-Groups Remote-Name Remote-Email } ``` This works with authentication providers like Authelia, and more. ## What's Changed * caddypki: Fix `caddy trust` command to use the correct API endpoint by @francislavoie in https://github.com/caddyserver/caddy/pull/4730 * reverseproxy: Improve hashing LB policies with HRW by @mholt in https://github.com/caddyserver/caddy/pull/4724 * Add missing backticks by @mahgoh in https://github.com/caddyserver/caddy/pull/4737 * caddyhttp: Improve listen addr error message for IPv6 by @francislavoie in https://github.com/caddyserver/caddy/pull/4740 * cmd: Fix unix socket addresses for admin API requests by @francislavoie in https://github.com/caddyserver/caddy/pull/4742 * logging: Use `RedirectStdLog` by @francislavoie in https://github.com/caddyserver/caddy/pull/4732 * logging: Implement rename filter, changes field key names by @francislavoie in https://github.com/caddyserver/caddy/pull/4745 * httpcaddyfile: Fix duplicate access log when debug is on by @francislavoie in https://github.com/caddyserver/caddy/pull/4746 * reverseproxy: Fix Caddyfile support for `replace_status` by @francislavoie in https://github.com/caddyserver/caddy/pull/4754 * templates: Add custom template function registration by @kroppt in https://github.com/caddyserver/caddy/pull/4757 * reverseproxy: Permit resolver addresses to not specify a port by @francislavoie in https://github.com/caddyserver/caddy/pull/4760 * caddyfile: Shortcut for `remote_ip` for private IP ranges by @francislavoie in https://github.com/caddyserver/caddy/pull/4753 * reverseproxy: Support performing pre-check requests by @francislavoie in https://github.com/caddyserver/caddy/pull/4739 * map: Prevent output destinations overlap with Caddyfile shorthands by @francislavoie in https://github.com/caddyserver/caddy/pull/4657 ## New Contributors * @mahgoh made their first contribution in https://github.com/caddyserver/caddy/pull/4737 ## Changelog * ec86a2f7 caddyfile: Shortcut for `remote_ip` for private IP ranges (#4753) * dcc98da4 caddyhttp: Improve listen addr error message for IPv6 (#4740) * d543ad1f caddypki: Fix `caddy trust` command to use the correct API endpoint (#4730) * 2e4c0915 cmd: Fix unix socket addresses for admin API requests (#4742) * af732151 httpcaddyfile: Fix duplicate access log when debug is on (#4746) * 0be3d995 logging: Implement rename filter, changes field key names (#4745) * 3017b245 logging: Use `RedirectStdLog` to capture more stdlib logs (#4732) * f7be0ee1 map: Prevent output destinations overlap with Caddyfile shorthands (#4657) * 4a223f52 reverseproxy: Fix Caddyfile support for `replace_status` (#4754) * 40b193fb reverseproxy: Improve hashing LB policies with HRW (#4724) * e7fbee8c reverseproxy: Permit resolver addresses to not specify a port (#4760) * f6900fcf reverseproxy: Support performing pre-check requests (#4739) * e84e19a0 templates: Add custom template function registration (#4757) * 3ab64838 templates: Add missing backticks in docs (#4737) **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.5.0...v2.5.1 2022-05-06T17:23:16+00:00 syncthing v1.20.2-rc.1 syncthing v1.20.2-rc.1 2022-05-10T06:35:01+00:00 Bugfixes: - #7289: TCP port 0 is announced in the LAN beacon - #8314: https://relays.syncthing.net/endpoint contains non-valid URLs with spaces Enhancements: - #8264: Include default ignore patterns in the GUI's advanced configuration editor 2022-05-10T06:35:01+00:00 TheHive 4.1.20 TheHive 4.1.20 2022-05-16T12:06:25+00:00 ## [4.1.20](https://github.com/TheHive-Project/TheHive/milestone/90) (2022-05-16) **Implemented enhancements:** - [Enhancement] Improve artifact creation from responder operation [\#2383](https://github.com/TheHive-Project/TheHive/issues/2383) - [Enhancement] Accept operations in analyzer reports [\#2384](https://github.com/TheHive-Project/TheHive/issues/2384) - [Enhancement] Add queries to filter observables based on the type of object it belongs to [\#2385](https://github.com/TheHive-Project/TheHive/issues/2385) **Fixed bugs:** - [Bug] Unable to use AWS S3 as storage backend [\#2316](https://github.com/TheHive-Project/TheHive/issues/2316) - [Bug] Typo on migration elasticsearch http config [\#2374](https://github.com/TheHive-Project/TheHive/issues/2374) 2022-05-16T12:06:25+00:00 lynis 3.0.8 lynis 3.0.8 2022-05-17T13:10:32+00:00 ### Added - MALW-3274 - Detect McAfee VirusScan Command Line Scanner - PKGS-7346 Check Alpine Package Keeper (apk) - PKGS-7395 Check Alpine upgradeable packages - EOL for Alpine Linux 3.14 and 3.15 ### Changed - AUTH-9408 - Check for pam_faillock as well (replacement for pam_tally2) - FILE-7524 - Test enhanced to support symlinks - HTTP-6643 - Support ModSecurity version 2 and 3 - KRNL-5788 - Only run relevant tests and improved logging - KRNL-5820 - Additional path for security/limits.conf - KRNL-5830 - Check for /var/run/needs_restarting (Slackware) - KRNL-5830 - Add a presence check for /boot/vmlinuz - PRNT-2308 - Bugfix that prevented test from storing values correctly - Extended location of PAM files for AARCH64 - Some messages in log improved 2022-05-17T13:10:32+00:00 OpenTAXII 0.4.0 OpenTAXII 0.4.0 2022-05-20T11:55:43+00:00 Changelog ========= 0.4.0 (2022-05-20) ------------------ * Move next_param handling into `OpenTAXII2PersistenceAPI` 0.3.0 (2022-04-13) ------------------ * Implement taxii2.1 support 0.3.0a4 (2022-04-13) -------------------- * Merge changes from 0.2.4 maintenance release 0.3.0a3 (2022-01-21) -------------------- * Fix bug that prevented booting with only taxii1 config (`#217 <https://github.com/eclecticiq/OpenTAXII/issues/217>`_ thanks `@azurekid <https://github.com/azurekid>`_ for the report) 0.3.0a2 (2021-12-27) -------------------- * Merge changes from 0.2.3 maintenance release 0.3.0a1 ------- * Add python 3.10 support 0.3.0a0 ------- * Enablement for future taxii2 implementation * Fix documentation build issues 0.2.4 (2022-04-13) ------------------ * Make sure werkzeug <2.1 and >=2.1 work correctly with auth system 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/210>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2022-05-20T11:55:43+00:00