http://open-source-security-software.net/releases.atom Recent releases 2022-01-20T18:13:53.369800+00:00 python-feedgen intelmq 3.0.1 intelmq 3.0.1 2021-09-02T08:36:14+00:00 Installation documentation: https://intelmq.readthedocs.io/en/maintenance/user/installation.html Upgrade documentation: https://intelmq.readthedocs.io/en/maintenance/user/upgrade.html ### Core - `intelmq.lib.bot_debugger`: Fix accessing the bot's destination queues (PR#2027 by Mikk Margus Möll). - `intelmq.lib.pipeline`: Fix handling of `load_balance` parameter (PR#2027 by Mikk Margus Möll). - `intelmq.lib.bot`: Fix handling of parameter `destination_queues` if value is an empty dictionary (PR#2051 by Sebastian Wagner, fixes #2034). ### Bots #### Collectors - `intelmq.bots.collectors.shodan.collector_stream`: Fix access to parameters, the bot wrongly used `self.parameters` (PR#2020 by Mikk Margus Möll). - `intelmq.bots.collectors.mail.collector_mail_attach`: Add attachment file name as `extra.file_name` also if the attachment is not compressed (PR#2021 by Alex Kaplan). - `intelmq.bots.collectors.http.collector_http_stream`: Fix access to parameters, the bot wrongly used `self.parameters` (by Sebastian Wagner). #### Parsers - `intelmq.bots.parsers.microsoft.parser_ctip`: Map `Payload.domain` to `destination.fqdn` instead of `extra.payload.domain` as it matches to `destination.ip` from `DestinationIp` (PR#2023 by Sebastian Wagner). - Removed `intelmq.bots.parsers.malwaredomains` because the upstream data source (malwaredomains.com) does not exist anymore (PR#2026 by Birger Schacht, fixes #2024). - `intelmq.bots.parsers.shadowserver.config`: - Add support for feed "Vulnerable SMTP Server" (PR#2037 by Mikk Margus Möll). - Fix differentiation between feeds "Accessible HTTP" and "Vulnerable HTTP" (PR#2037 by Mikk Margus Möll, fixes #1984). - Add support for the new feeds *Microsoft Sinkhole Events Report*, *Microsoft Sinkhole HTTP Events Report* (PR#2036 by Birger Schacht). - Complement feed mappings and documentation for feeds with IPv4 and IPv6 variants (PR#2046 by Mikk Margus Möll and Sebastian Wagner). - Feed names with and without the optional IPv4/IPv6 postfix can be used now consistently. - Add support for feed "Honeypot HTTP Scan" (PR#2047 by Mikk Margus Möll). - Update filename mapping for changed filename of feed "Accessible-MSRDPUDP" (PR#2060 by abr4xc). #### Experts - `intelmq.bots.experts.gethostbyname.expert`: Handle numeric values for the `gaierrors_to_ignore` parameter (PR#2073 by Sebastian Wagner, fixes #2072). - `intelmq.bots.experts.filter.expert`: Fix handling of empty-string parameters `not_after` and `not_before` (PR#2075 by Sebastian Wagner, fixes #2074). #### Outputs - `intelmq.bots.outputs.mcafee.output_esm_ip`: Fix access to parameters, the bot wrongly used `self.parameters` (by Sebastian Wagner). - `intelmq.bots.outputs.misp.output_api`: Fix access to parameters, the bot wrongly used `self.parameters` (by Sebastian Wagner). - `intelmq.bots.outputs.smtp.output`: Add `Content-Disposition`-header to the attachment, fixing the display in Mail Clients as actual attachment (PR#2052 by Sebastian Wagner, fixes #2018). ### Documentation - Various formatting fixes (by Sebastian Wagner). - Removed the malwaredomains feed from the feeds list because the upstream data source (malwaredomains.com) does not exist anymore (PR#2026 by Birger Schacht, fixes #2024). - Update Docker installation instructions (PR#2035 by Sebastian Waldbauer). ### Packaging - intelmq-update-database crontab: Add missing `recordedfuture_iprisk` update call (by Sebastian Wagner). ### Tests - Replace calls to deprecated/undocumented `logging.warn` with `logging.warning` (by Sebastian Wagner, fixes #2013). - `intelmq.tests.bots.experts.rdap.test_expert`: Declare cache use, fixes build failures (by Sebastian Wagner, fixes #2014). - `intelmq.tests.bots.collectors.mail.test_collector_attach`: Test text attachment (by Sebastian Wagner). ### Tools - `intelmqctl`: - Also honour parameters from environment variables (PR#2068 by Sebastian Wagner, fixes #2063). - Fix management actions (start/stop/status/reload/restart) for groups (PR#2086 by Sebastian Wagner, fixes #2085). - Do not use hardcoded logging path in `/opt/intelmq`, use the internal default instead (PR#2092 by Sebastian Wagner, fixes #2091). ### Known issues See [open bug reports](https://github.com/certtools/intelmq/issues?q=is%3Aissue+is%3Aopen+label%3Abug) for a more detailed list. - ParserBot: erroneous raw line recovery in error handling (#1850). 2021-09-02T08:36:14+00:00 MONARC v2.11.0 MONARC v2.11.0 2021-09-02T12:29:58+00:00 ### New - having the possibility to define custom scales for operational risks ([#353](https://github.com/monarc-project/MonarcAppFO/issues/353)); - introduction of the risk context and the risk owner ([#21](https://github.com/monarc-project/MonarcAppFO/issues/21), [#186](https://github.com/monarc-project/MonarcAppFO/issues/186)). ### Fix - update-all.sh: Could not read from remote repository ([#365](https://github.com/monarc-project/MonarcAppFO/issues/365)); - some files in script do not have the correct permissions ([#364](https://github.com/monarc-project/MonarcAppFO/issues/364)). ![Screenshot_20210902_133851](https://user-images.githubusercontent.com/465400/131843376-d9b7420c-0c9f-430e-8269-42ef3478dbf2.png) ![Screenshot_20210902_134102](https://user-images.githubusercontent.com/465400/131843404-3cad5d50-406d-431c-84a7-4e7b80460ad9.png) ![Screenshot_20210902_142720](https://user-images.githubusercontent.com/465400/131843437-4ff5953d-3e5b-42bd-94cb-012baf2e868f.png) 2021-09-02T12:29:58+00:00 intelmq-manager 3.0.1 intelmq-manager 3.0.1 2021-09-02T13:27:55+00:00 Installation instructions: https://intelmq.readthedocs.io/en/maintenance/user/intelmq-manager.html ### Pages - Login: Show error messages as returned from the API instead of a constant string (PR#277 by Sebastian Wagner, fixes intelmq-api#35). #### Configuration - Fix working with edges between bots, by transmitting new edges to the server with the new API (PR#264 by Mikk Margus Möll). - Correctly hide the `destination_queues` parameter in the bot editor (PR#264 by Mikk Margus Möll). - Restore sane default bot IDs (PR#264 by Mikk Margus Möll, fixes #263). - Removed redundant `pipeline.js` file (PR#264 by Mikk Margus Möll). - Fix a race condition trying to call both the `/runtime` and `/positions` API endpoints at the same time, when `/runtime` is updating `runtime.yaml` at the same time that `/positions` is trying to parse it (PR#264 by Mikk Margus Möll). - internal improvements (PR#264 by Mikk Margus Möll): - edge IDs are now `${source_node}|${destination_node}|${edge_name}`. - some loops which previously iterated over every single edge should be a bit faster now. - various tweaks, like reducing the scope of variables and using string templates instead of string concatenation. - Fix saving new bots, led to an JS exception (PR#273 by Sebastian Wagner, fixes #272). - Open bot documentation in a new page (PR#274 by Birger Schacht, fixes #262). - Prohibit the user from creating a bot with an ID collision (PR#276 by Mikk Margus Möll, fixes #152). - Ask the user for confirmation to exit the page in case of unsaved changes (PR#276 by Mikk Margus Möll, fixes #212) #### Monitor - `ALLOWED_PATH` and `CONTROLLER_CMD` are defined in a separate JavaScript file, rather than being templated into the HTML, fixing Content-Security-Policy issues (PR#264 by Mikk Margus Möll, fixes #183). ### Known issues - Graph jumps around on "Add edge" (#148). - Monitor page: Automatic log refresh reset log page to first one (#190). - Load error if a bot has not optional `parameters` field in runtime configuration (#237). - Better error message for missing authentication (#238). - Configuration page: Keyboard shortcuts don't work (#260). - Edit Defaults: Documentation link just reloads (#261). 2021-09-02T13:27:55+00:00 tachyon 3.4.1 tachyon 3.4.1 2021-09-02T14:43:34+00:00 2021-09-02T14:43:34+00:00 traefik v2.5.2 traefik v2.5.2 2021-09-02T15:28:49+00:00 **Bug fixes:** - **[http3]** Upgrade github.com/lucas-clemente/quic-go to v0.23.0 ([#8413](https://github.com/traefik/traefik/pull/8413) by [sylr](https://github.com/sylr)) - **[middleware]** Fix empty body error for mirroring middleware ([#8381](https://github.com/traefik/traefik/pull/8381) by [antgubarev](https://github.com/antgubarev)) - **[tracing]** Bump go.elastic.co/apm version to v1.13.1 ([#8399](https://github.com/traefik/traefik/pull/8399) by [rtribotte](https://github.com/rtribotte)) - Update x/sys to support go 1.17 ([#8368](https://github.com/traefik/traefik/pull/8368) by [roopakv](https://github.com/roopakv)) - Bump Alpine docker image version from 3.11 to 3.14 for official Traefik images **Documentation:** - **[k8s/ingress,k8s]** Adds pathType for v1 ingresses examples ([#8392](https://github.com/traefik/traefik/pull/8392) by [rtribotte](https://github.com/rtribotte)) - Fix http scheme urls in documentation ([#8395](https://github.com/traefik/traefik/pull/8395) by [rtribotte](https://github.com/rtribotte)) 2021-09-02T15:28:49+00:00 PacketFence v11.0.0 PacketFence v11.0.0 2021-09-02T17:19:12+00:00 ![v11](https://www.packetfence.org/campaigns/img/v11/pf.png) The Inverse team is pleased to announce the immediate availability of PacketFence v11 - a breakthrough release in network security! ## RHEL v8 and Debian 11 Support PacketFence v11 now fully supports Red Hat Enterprise Linux 8 (RHEL v8) and Debian 11. Both operating systems bring major performance, stability, and security improvements to PacketFence for many years to come. RHEL v8 alternatives such as AlmaLinux, Oracle Linux, and Rocky Linux can be used. ## Google Workspace Integration PacketFence v11 now natively integrates with Google Workspace for LDAP-based authentication. Moreover, PacketFence now provides a Google Workspace Chromebook provisioner to automatically onboard organization-owned Chromebook devices and assign them a role. PacketFence can now also raise a security event when a Chromebook becomes inactive and provides a way to import all activated Chromebooks part of an organization. ## Microsoft Azure Integration PacketFence now integrates with Microsoft Azure Active Directory for authenticating users on the captive portal, the admin interface, and performing 802.1X user authentication using EAP-TTLS PAP. Greatly enhances the integration possibilities of PacketFence in Azure-based Cloud environments. ## Automation of Upgrades Starting from PacketFence v11, upgrades are fully automated. No more scripts to run, database schema changes to apply, and more. This release also provides a way to export your v10.3 installation and migrate to v11 in a snap! ## Logs Forwarding PacketFence now supports forwarding of all database-stored logs. That means that the RADIUS audit log, DHCP audit log, DNS audit log, and admin access audit log can be fully exported to a remote syslog server - ensuring compliance with more security regulations. ## ... and more! PacketFence v11 provides additional important features such as SCEP support for Microsoft Intune and AirWatch, Venom tests for Inline L3, massive performance improvements to the admin interface, multi-tenancy improvements, and much more. --- Here's the complete list of changes included in this release: #### New Features * Red Hat Enterprise Linux 8 and Debian 11 support * Microsoft Azure AD authentication and authorization support (#6380) * Google Workspace integration for LDAP and Chromebooks * Automation of upgrades from 10.3 and above (#6438) * Forwarding support for audit logs stored in database #### Enhancements * Microsoft Intune SCEP support (#6360) * Venom inline L3 (PR #6266) * Massively improved web admin performance * LDAP source now supports client certificates * AirWatch SCEP documentation * Rewrite the username of the request from RADIUS `preProcess` filter (#6293) * Upgrade to golang 1.16.3 (#6343) * pfpki: configure OCSP to listen on specific interfaces (#5825) * Get maintenance patches through package manager (#6378) * Adjust Intune integration to support pagination of the managed devices (#6135) * Add an option to force the vip as the default gateway on layer2 registration network (#6406) * Firewall SSO is tenant aware (#6384) * Added conditions on owner information in the RADIUS filters (#6324) * CLI access support for Avaya Switches (#6398) * Authorize a MAC address on all APs of the switch group when using the Unifi module (#6134) * Macro documentation for filter engine (#6392) * Expose the source directory of documentation from Caddy (#6315) * Audit successful admin login in the admin audit log. (#6345) * Allow users to resend the SMS pin * Improve the speed of retrieving switches (#6321) #### Bug Fixes * Configurator sets valid_from field to current time in place of 1970-01-01 00:00:00 * Support switch_group in advanced filters (#6379) * Authentication rule condition basedn matching does not work (Authentication rule condition basedn matching does not work #6402) * Filter netdata incoming connection (#6303) * CLI switch access for Avaya ERS Switches (#6399) * Avoid duplicate log entries "User <username> has authenticated on the portal" * Backup DB using MariaDB-backup does not work on standalone installations (#6424) * Normalize connection_sub_type to use the numeric value (#6326) * Expired switches for all tenants (#6024) 2021-09-02T17:19:12+00:00 DevSkim v0.4.250 DevSkim v0.4.250 2021-09-02T19:21:57+00:00 ## Changes: * 423c423edf0b824a8bfabdcfe93c67326469a929 Output the column and line information for findings. (#315) * a9c65ecf802dacff319b3a3bd32a3e546d592e83 Gfs/fix blazor (#314) * 9b6c40f0052819c422420774e6934c638f9a10db Update Index.razor (#313) * 38eb8b430c4a88d553bd4a916d15abcff67688ba Bump path-parse from 1.0.6 to 1.0.7 in /DevSkim-VSCode-Plugin (#312) * 82277de8cbb9b19daf8e00dd5a80a9c24021adf6 Bump path-parse from 1.0.6 to 1.0.7 in /DevSkim-VSCode-Plugin/client (#311) * 1a15e7a55f76c2de9b1c64fb3ce9bb7ded15f385 Bump tar from 4.4.13 to 4.4.15 in /DevSkim-VSCode-Plugin (#310) This list of changes was [auto generated](https://twcsecurityassurance.visualstudio.com/SecurityEngineering/_build/results?buildId=10175&view=logs). 2021-09-02T19:21:57+00:00 maltrail 0.37 maltrail 0.37 2021-09-02T19:35:17+00:00 Start-of-month release 2021-09-02T19:35:17+00:00 turbinia 20210902 turbinia 20210902 2021-09-02T22:07:03+00:00 2021-09-02T22:07:03+00:00 osquery 5.0.1 osquery 5.0.1 2021-09-03T03:39:13+00:00 Next 5.0 beta! Moving along 2021-09-03T03:39:13+00:00 CyberChef v9.32.3 CyberChef v9.32.3 2021-09-03T14:06:08+00:00 See the [CHANGELOG](https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md) and [commit messages](https://github.com/gchq/CyberChef/commits/master) for details. 2021-09-03T14:06:08+00:00 cfssl v1.6.1 cfssl v1.6.1 2021-09-03T15:28:11+00:00 ## Changelog 87f86f1 Add loglevel flag for multiroot-ca 29ae05f Merge pull request #1189 from cloudflare/nicky/fix-coreos-mod-rename 1f29b04 Merge pull request #1191 from Rutori/loglevel-multiroot-ca f4208c6 Merge pull request #1195 from BowonY/bowon/avoid-select-all b2552ca fix upgrading transitive coreos dependency breakage 19c09ff pick columns to get revoked/unexpired certs e582ed4 remove -u flag from readme, link to releases bea2d3d remove old go versions from travis 2021-09-03T15:28:11+00:00 caddy v2.4.5 caddy v2.4.5 2021-09-03T18:54:23+00:00 A hotfix for a regression introduced in v2.4.4 related to combining the `encode` and `reverse_proxy` directives. ## Changelog 9f6393c6 cmd: export CaddyVersion(), Commands() (#4316) 4ebf100f encode: ignore flushing until after first write (#4318) 46ab93be go.mod: Update CertMagic 2021-09-03T18:54:23+00:00 DevSkim v0.4.251 DevSkim v0.4.251 2021-09-03T19:53:55+00:00 ## Changes: * 4daf5f442a05302cb3ac351b583baa6fe09e129f Map the devskim levels to sarif levels (#317) This list of changes was [auto generated](https://twcsecurityassurance.visualstudio.com/SecurityEngineering/_build/results?buildId=10185&view=logs). 2021-09-03T19:53:55+00:00 beef v5.0.1.0 beef v5.0.1.0 2021-09-04T04:57:22+00:00 ## Fixes Added libcurl4-openssl-dev to apt command #1807 Added JSDoc to backend JS API #1813 Fixed Active Record tables #1814, #1816 Removed LiveCD directory and reference in Metasploit config.yaml #1815 Replaced yaml.load with yaml.safe_load #1816 Use SecureRandom for API token generation #1817 Updated copyright for 2021 #1821 Fixed broken admin ui access #1845 Fixed test to run in random order #1848 Improvements for AssetHandler #1853 Requester extension fixes #1858 Updated Ruby to 2.7.x for Travis Use OID-style key/value data for BrowserDetails network details #1861 Fixed build_recursive_tree() #1866 Added error handling when loading extensions #1873 Auto get geoipdb changed access #1870 Upates to Network Serivce model #1885 Fixed bug in ARE execution #1886 Changed how websocket hooked browsers time out #1888 Updating portscanner for modern browsers Made travis.ci only run on master #1893 Create SW Port Scanner Remove arerule from enabled by default #1895 Updated command js for more functionality #1896 Added a new rvm language for the docker container #1897 Updated command.js for sw_network_proxy #1898 General spelling mistake fixes #1912 Replace autocomplete_theft with get_autocomplete_creds #1874 BrowserStack Integration #1920 Bump jsdoc-to-markdown from 5.0.3 to 6.0.1 #1933 Sudo for gem install for Kali #1940 Ruby package manager check #1940 Fixed array unique function in browser.js #1966 Fixed Pretty Theft Missing Credentials JS Error #1956 Fixed ARE New Zombie Execution Error #1957 Update dependencies Sinatra, rack, Rack Protections, Ugifier, Nokogiri, Rake and OTR Active Record #1961 Fix country_code is null #1975 Update contextis url in config.yml #1982 Fix XSSRays error when using ActiveRecord #1984 Excluded hooking subnet improvements #1973 Click Jack Attack CSS fixes #2046 Include URI query string in proxied requests #1971 Bump nokogiri version due to CVE #2048 Fix could not find table webcloners #2010 AdminUI: Use correct hook file path for bookmarlet hook URL #2099 Fix No connection pool for 'ActiveRecord::Base' found #2134   Thanks to   @klezVirus, @bcoles, @jcrew, @wheatley, @sopsmattw, @1124219777, @P-arag, @justinsteven, @raskoln1kov, @jackdwalker,  @JessWil, @P-arag, @grantrburgess, @sopsmattw, @H4xl0r, @superuserx, @aburro, @DeezyE 2021-09-04T04:57:22+00:00 celery v5.2.0b3 celery v5.2.0b3 2021-09-04T15:58:18+00:00 2021-09-04T15:58:18+00:00 uBlock 1.37.3rc0 uBlock 1.37.3rc0 2021-09-04T15:59:23+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3rc0...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3rc0.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3rc0/uBlock0_1.37.3rc0.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3rc0.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3rc0/uBlock0_1.37.3rc0.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **Node.js**: Import from [npm](https://www.npmjs.com/package/@gorhill/ubo-core), or download and unzip [uBlock0_1.37.3rc0.npm.tgz](https://github.com/gorhill/uBlock/releases/download/1.37.3rc0/uBlock0_1.37.3rc0.npm.tgz). --- ## New ### :matches-path(...) New cosmetic procedural operator, `:matches-path(...)`. See ["Add $path modifier of Adguard or any equivalents of this"](https://github.com/uBlockOrigin/uBlock-issues/issues/1690). ### Node.js A new Node.js package will now published with every release. The package allows to import and use uBO's static and dynamic filtering engines into Node.js. This is currently minimal and a first iteration, and issues regarding the Node.js package are accepted in order to improve usability of uBO's filtering engines in a Node.js package. The ability to run code from a Node.js package also opens the door to have [test coverage](https://en.wikipedia.org/wiki/Code_coverage) in uBO. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with Node.js environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [Scriptlets don't work randomly in Firefox](https://github.com/uBlockOrigin/uBlock-issues/issues/1694) - [Security: comments can be used to smuggle url() functions into css values](https://github.com/uBlockOrigin/uBlock-issues/issues/1693) - [Prevent uBO from hiding html or body when matched by a generic cosmetic filter](https://github.com/uBlockOrigin/uBlock-issues/issues/1692) - [On Android Popup Overlays [or Underlays] On-Screen Navigation Buttons](https://github.com/uBlockOrigin/uBlock-issues/issues/1691) - [Add $path modifier of Adguard or any equivalents of this](https://github.com/uBlockOrigin/uBlock-issues/issues/1690) - [The overview panel will not show everything if the uBO's icon is placed in the Firefox overflow menu](https://github.com/uBlockOrigin/uBlock-issues/issues/1604) - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of supported browsers has been increased to Chromium 61, Firefox 60, and Opera 48. ## Notable commits without en entry in the issue tracker - [Refactor hntrie to avoid the need for boundary cells](https://github.com/gorhill/uBlock/commit/c6fb70b1f0acb1003b516ceb678df27f6657b4f8) - [Fix bad test in WASM version of HNTrieContainer](https://github.com/gorhill/uBlock/commit/b54bf554a80c8640fb8c8064eeea48576974b0c2) - [Export the rule-based filtering engines to the nodejs package](https://github.com/gorhill/uBlock/commit/89c5653bc60d0a457358d6e862c8574bfc819675) - [Rewrite logical expressions for ESLint](https://github.com/gorhill/uBlock/commit/6ef74fc21ba87717330de12cfade8d1e65c702d5) - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-09-04T15:59:23+00:00 asciidoctor-pdf v1.6.1 asciidoctor-pdf v1.6.1 2021-09-05T07:12:34+00:00 ## Summary This is a bug fix release for the v1.6.x line to fix a regression introduced into Prawn by a change in Ruby 3. It also includes a backport of the footnotes alignment from the v2.0.x line. ## Distribution - [RubyGem (asciidoctor-pdf)](https://rubygems.org/gems/asciidoctor-pdf) ## Changelog ### Enhancements * align footnotes block to the bottom of the page it is placed on (#1833) ### Bug Fixes * don't strip leading null character from fragment text when arranging lines when running on Ruby 3 (#1963) ## Release meta Released on: 2021-05-10 Released by: @mojavelinux Release beer: Dragon's Milk Reserve by New Holland Brewing Logs: [full diff](https://github.com/asciidoctor/asciidoctor-pdf/compare/v1.6.0...v1.6.1) ## Credits A very special thanks to all the **awesome** [supporters of the Asciidoctor OpenCollective campaign](https://opencollective.com/asciidoctor) who provided critical funding for the development of this release as well as ongoing development of the project. 2021-09-05T07:12:34+00:00 seaweedfs 2.66 seaweedfs 2.66 2021-09-05T23:22:54+00:00 * [Cloud Drive](https://github.com/chrislusf/seaweedfs/wiki/Cloud-Drive-Architecture) cache and sync cloud data to local SeaweedFS cluster * Adds [Gateway to Remote Object Storage](https://github.com/chrislusf/seaweedfs/wiki/Gateway-to-Remote-Object-Storage) to automatically create or delete buckets on remote object storage. * Adds support for Storj. * Adds support for Filebase * Adds support for HDFS (WIP) * Volume Server * Moving files also copies modification time, to ensure TTL volumes can work as expected. * Filer Store * Supports TiKV * S3 API * CopyObject return http Status 400 Bad Request for non-existing source #2306 Improvements * Detect IPv6 adddresses #2310 * Grafana page improves on S3 cost analysis #2290 2021-09-05T23:22:54+00:00 wazuh v4.2.1 wazuh v4.2.1 2021-09-06T07:19:50+00:00 ## Fixed - **Installer:** - Fixed a bug in the upgrade to 4.2.0 that disabled Eventchannel support on Windows agent. ([#9973](https://github.com/wazuh/wazuh/issues/9973)) - **Modules:** - Fixed a bug with Python-based integration modules causing the integrations to stop working in agents for Wazuh v4.2.0. ([#9975](https://github.com/wazuh/wazuh/issues/9975)) 2021-09-06T07:19:50+00:00 BGPalerter v1.28.3 BGPalerter v1.28.3 2021-09-06T09:57:25+00:00 2021-09-06T09:57:25+00:00 MONARC v2.11.0-p1 MONARC v2.11.0-p1 2021-09-06T11:03:55+00:00 [small fix](https://github.com/monarc-project/zm-client/commit/57368ae4a234f923ed339d2d4795b7e862323851) in the zm-client dependency for the import of risks. 2021-09-06T11:03:55+00:00 Loki v0.44.1 Loki v0.44.1 2021-09-06T12:03:25+00:00 - workaround for "owner" field supported in THOR only 2021-09-06T12:03:25+00:00 httpie 2.5.0 httpie 2.5.0 2021-09-06T18:29:23+00:00 - Added `--raw` to allow specifying the raw request body without extra processing as an alternative to `stdin`. ([#534](https://github.com/httpie/httpie/issues/534)) - Added support for XML formatting. ([#1129](https://github.com/httpie/httpie/issues/1129)) - Added internal support for file-like object responses to improve adapter plugin support. ([#1094](https://github.com/httpie/httpie/issues/1094)) - Fixed `--continue --download` with a single byte to be downloaded left. ([#1032](https://github.com/httpie/httpie/issues/1032)) - Fixed `--verbose` HTTP 307 redirects with streamed request body. ([#1088](https://github.com/httpie/httpie/issues/1088)) - Fixed handling of session files with `Cookie:` followed by other headers. ([#1126](https://github.com/httpie/httpie/issues/1126)) Join our Discord community: https://httpie.io/chat Install HTTPie: https://httpie.io/docs#installation Learn more: https://httpie.io 2021-09-06T18:29:23+00:00 seaweedfs 2.67 seaweedfs 2.67 2021-09-07T09:40:55+00:00 * S3 * Fix wrong checking during object copy. * `filer.remote.sync` * Automatically detect the primary remote storage * Randomize bucket name in remote storage to avoid bucket name conflicts. 2021-09-07T09:40:55+00:00 syncthing v1.18.2 syncthing v1.18.2 2021-09-07T11:52:20+00:00 Bugfixes: - #7827: The error message "given name ... differs from filesystem name ..." does not help users to resolve the issue - #7893: Updating ignores blocks GUI when IO slots are unavailable 2021-09-07T11:52:20+00:00 osv v0.0.5 osv v0.0.5 2021-09-08T03:15:43+00:00 First PyPI release. 2021-09-08T03:15:43+00:00 pia v3.0.2 pia v3.0.2 2021-09-08T12:24:12+00:00 ## FR Cette version contient les correctifs suivants : - Ajout langue Lettone (lv) - Ajout langue Bulgare (bg) (https://github.com/LINCnil/pia/issues/500) - Résolution d'un problème avec l'export .docx (https://github.com/LINCnil/pia/issues/565) - Résolution d'un problème avec l'export/import des bases de connaissances (https://github.com/LINCnil/pia/issues/556) - Le document .doc de l'analyse PIA a été transformé en .odt et la date a été ajouté dans le nom du fichier (https://github.com/LINCnil/pia/issues/356) - Autre : Traduction en FR du Wiki d'installation de pia-back, en plus de la version EN : https://github.com/LINCnil/pia-back/wiki ## EN This release contains the following fixes: - Add Latvian language (lv) - Add Bulgarian language (bg) (https://github.com/LINCnil/pia/issues/500) - Fix some error with the .doc export (https://github.com/LINCnil/pia/issues/565) - Fix some export/import error with knowledge bases (https://github.com/LINCnil/pia/issues/556) - The PIA report in .doc is now in .odt, and the date has been added in the filename (https://github.com/LINCnil/pia/issues/356) - Misc: French translations has been added to the pia-back installation wiki: https://github.com/LINCnil/pia-back/wiki 2021-09-08T12:24:12+00:00 syncthing v1.18.3-rc.1 syncthing v1.18.3-rc.1 2021-09-15T05:50:23+00:00 Bugfixes: - #7935: Panic after POST /rest/system/reset Enhancements: - #7940: "Currently Shared With Devices" list in the folder Sharing tab should be sorted alphabetically 2021-09-15T05:50:23+00:00 MOSP v0.16.0 MOSP v0.16.0 2021-09-15T09:05:12+00:00 This release introduces the locking of objects: #40 See the changelog for more details. ![Screenshot_20210915_110414](https://user-images.githubusercontent.com/465400/133404598-5b298b95-4d8f-4b9a-98ad-710ac36a6de1.png) 2021-09-15T09:05:12+00:00 reko version-0.10.1 reko version-0.10.1 2021-09-21T22:48:38+00:00 This maintenance release moves Reko from .NET Core 3.1 to .NET 5.0, resulting in some performance gains. It also fixes the MSI installers for Windows, which had several issues (including #1066 and #1067). Special thanks to @smx-smx for his work on his CI integration work. * The Reko build system now assumes C# 9.0 * Crude support for `#define` directives in the Reko C parser * Overhaul of PA-RISC and HP SOM loader * The command line driver `--version` switch displays the git hash used to build the binary. * Improvements in AArch64 disassembler and rewriter (with @rfalke as a driving force) 2021-09-21T22:48:38+00:00 pcileech v4.12 pcileech v4.12 2021-09-25T19:05:10+00:00 32-bit support (pcileech binary). 2021-09-25T19:05:10+00:00 syncthing v1.18.3-rc.2 syncthing v1.18.3-rc.2 2021-09-28T06:20:00+00:00 Bugfixes: - #7853: gui: Superfluous quotes - #7935: Panic after POST /rest/system/reset Enhancements: - #7940: "Currently Shared With Devices" list in the folder Sharing tab should be sorted alphabetically 2021-09-28T06:20:00+00:00 Lookyloo v1.9.0 Lookyloo v1.9.0 2021-09-28T16:23:08+00:00 # New features * Integration with [Phishtank](https://phishtank.org/) via [Phishtank Lookup](https://github.com/Lookyloo/phishtank-lookup) - [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-integration.html#_phishtank_lookup_v1_9). --- ![Screenshot_20210928_230824](https://user-images.githubusercontent.com/248875/135165983-d0329cec-42b8-45a5-86bf-6bb2d7da2ac0.png) --- * Simple [monitoring script](https://github.com/Lookyloo/lookyloo/blob/main/tools/monitoring.py) to keep an eye on the health of the instance, run it in a tmux/screen with watch. --- ![Screenshot_20210928_231107](https://user-images.githubusercontent.com/248875/135166271-1c893e8f-ef07-4419-8232-32f7c3c1aaf0.png) --- * Link in the tree menu to re-trigger a capture on the same URL. # Fixes * Improve logging entries, the date was incomplete. * Add UUID file in export. * Inform users when a capture failed critically and we have nothing to show. * Catch timeout when pushing to MISP (avoid exception) # Changes * Major improvements in caching, better handling of exceptions and keep a limited amount of pickles in memory. * Simplify code in the async capture script. * Add urlscan.io permalink in MISP export * Add phishtank permalink in MISP export * Move modules to dedicated files 2021-09-28T16:23:08+00:00 dalton v3.1.1 dalton v3.1.1 2021-09-30T03:02:20+00:00 - Fixed UI issue where the "Dump buffers" option was being shown for incompatible engine versions. (issue #139) - Server side enforcement ensuring "Dump buffers" will only be attempted for compatible versions. - Bumped the default agent versions in the ``docker-compose.yml`` file to be the latest. - Added ``INSTALL-AWS.rst`` file with instructions for quickly and easily spinning up Dalton in AWS. 2021-09-30T03:02:20+00:00 MOSP v0.17.0 MOSP v0.17.0 2021-09-30T12:32:57+00:00 This release introduces the management of collection of objects (https://github.com/CASES-LU/MOSP/issues/9). See the changelog for more details. ![Screenshot_20210930_145437](https://user-images.githubusercontent.com/465400/135458978-3c81e61a-287a-415d-b44e-c72c01b7ba76.png) 2021-09-30T12:32:57+00:00 maltrail 0.38 maltrail 0.38 2021-10-03T19:39:27+00:00 Start-of-month release 2021-10-03T19:39:27+00:00 syncthing v1.18.3 syncthing v1.18.3 2021-10-05T08:31:28+00:00 Bugfixes: - #7853: gui: Superfluous quotes - #7935: Panic after POST /rest/system/reset Enhancements: - #7940: "Currently Shared With Devices" list in the folder Sharing tab should be sorted alphabetically 2021-10-05T08:31:28+00:00 TheHive 4.1.11 TheHive 4.1.11 2021-10-07T03:17:17+00:00 ## [4.1.11](https://github.com/TheHive-Project/TheHive/milestone/81) (2021-10-06) **Implemented enhancements:** - [Feature Request] Add the ability to update type of observable [\#2125](https://github.com/TheHive-Project/TheHive/issues/2125) **Closed issues:** - [Bug] Editing Someone Else's Dashboard [\#2212](https://github.com/TheHive-Project/TheHive/issues/2212) **Fixed bugs:** - [Bug] Dashboard are shared in read only by default [\#2190](https://github.com/TheHive-Project/TheHive/issues/2190) - [Bug] Analyzer reports migration to 4.1.10 problem [\#2203](https://github.com/TheHive-Project/TheHive/issues/2203) 2021-10-07T03:17:17+00:00 syncthing v1.18.4-rc.1 syncthing v1.18.4-rc.1 2021-10-12T07:20:49+00:00 Bugfixes: - #7991: Encryption trailer not updated on shortcut - #7994: Index "out of sync with reality" on receive-encrypted folder - #8000: stdiscosrv + strelaysrv systemd services not restarting on upgrade 2021-10-12T07:20:49+00:00 MISP v2.4.149 MISP v2.4.149 2021-10-12T12:44:49+00:00 # MISP 2.4.149 released (Autumn care-package - STIX 2.1 support and Cerebrate integration) ![](https://www.misp-project.org/assets/images/misp-long.png) MISP 2.4.149 released including many bugs fixed along with some new and improved functionalities # New features - First stage of a massive rework of our STIX integration - Various improvements to the integration with Cerebrate # New STIX libraries - The first version of a long ongoing project to rework our entire STIX integration has finally been merged, thanks to the tireless work of @chrisr3d - Our converter libraries have embarked on a path of their own, becoming a standalone repository included by default in MISP, but also serving as a useful tool for anyone looking for a clean way of converting between the [MISP standard format](https://www.misp-standard.org/) and various STIX versions (1.1.1, 1.2, 2.0, 2.1). - The libraries are still work in progress, but continuously improved, follow [misp-stix](https://github.com/MISP/misp-stix) - Included is also a detailed documentation, which also serves as a knowledge base for the mapping between the two formats, available under the [documentation](https://github.com/MISP/misp-stix/tree/main/documentation) sub-directory - From this release on, you have more control over which STIX version is used when exporting STIX data from MISP, by specifying the "stix_version" to be returned (supported versions for STIX 1: 1.1.1 and 1.2. For STIX 2: 2.0 and 2.1) # Cerebrate integration - Allow the fetching of sharing group data from Cerebrate instances, our new open source tool in development aiming to solve a host of issues revolving around community management and orchestration. Our first official release of the tool is scheduled for the MISP summit coming up this month - To follow the cerebrate project, head over to its [github page](https://github.com/cerebrate-project/cerebrate) - For the MISP summit to be held on the 21st of October, don't forget to watch the [misp-summit](https://www.misp-project.org/misp-summit). You can still apply for the [Call-for-Presentation](https://cfp.hack.lu/misp-2021/cfp). # mail2misp release 1.0 First [official release 1.0 of mail2misp](https://github.com/MISP/mail_to_misp/releases/tag/v1.0), it's a tool to connect your mail infrastructure to MISP to create events based on the information contained within mail. The solution can be also used to feed MISP instance with honeypot receiving emails. # Various improvements - A long list of improvements, massive thanks to @JakubOnderka for the continuous stream of improvements and quality of life changes - Thanks to the work of @righel, our [OpenAPI documentation](https://www.misp-project.org/documentation/openapi.html) is becoming more and more complete, now covering a long list of the more exotic endpoints and options # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-10-12T12:44:49+00:00 rocksdb v6.23.3 rocksdb v6.23.3 2021-10-13T22:57:24+00:00 ## 6.23.3 (2021-08-09) ### Bug Fixes * Removed a call to `RenameFile()` on a non-existent info log file ("LOG") when opening a new DB. Such a call was guaranteed to fail though did not impact applications since we swallowed the error. Now we also stopped swallowing errors in renaming "LOG" file. * Fixed a bug affecting the batched `MultiGet` API when used with keys spanning multiple column families and `sorted_input == false`. ## 6.23.2 (2021-08-04) ### Bug Fixes * Fixed a race related to the destruction of `ColumnFamilyData` objects. The earlier logic unlocked the DB mutex before destroying the thread-local `SuperVersion` pointers, which could result in a process crash if another thread managed to get a reference to the `ColumnFamilyData` object. * Fixed an issue where `OnFlushCompleted` was not called for atomic flush. ## 6.23.1 (2021-07-22) ### Bug Fixes * Fix a race condition during multiple DB instances opening. ## 6.23.0 (2021-07-16) ### Behavior Changes * Obsolete keys in the bottommost level that were preserved for a snapshot will now be cleaned upon snapshot release in all cases. This form of compaction (snapshot release triggered compaction) previously had an artificial limitation that multiple tombstones needed to be present. ### Bug Fixes * Blob file checksums are now printed in hexadecimal format when using the `manifest_dump` `ldb` command. * `GetLiveFilesMetaData()` now populates the `temperature`, `oldest_ancester_time`, and `file_creation_time` fields of its `LiveFileMetaData` results when the information is available. Previously these fields always contained zero indicating unknown. * Fix mismatches of OnCompaction{Begin,Completed} in case of DisableManualCompaction(). * Fix continuous logging of an existing background error on every user write * Fix a bug that `Get()` return Status::OK() and an empty value for non-existent key when `read_options.read_tier = kBlockCacheTier`. * Fix a bug that stat in `get_context` didn't accumulate to statistics when query is failed. ### New Features * ldb has a new feature, `list_live_files_metadata`, that shows the live SST files, as well as their LSM storage level and the column family they belong to. * The new BlobDB implementation now tracks the amount of garbage in each blob file in the MANIFEST. * Integrated BlobDB now supports Merge with base values (Put/Delete etc.). * RemoteCompaction supports sub-compaction, the job_id in the user interface is changed from `int` to `uint64_t` to support sub-compaction id. * Expose statistics option in RemoteCompaction worker. ### Public API change * Added APIs to the Customizable class to allow developers to create their own Customizable classes. Created the utilities/customizable_util.h file to contain helper methods for developing new Customizable classes. * Change signature of SecondaryCache::Name(). Make SecondaryCache customizable and add SecondaryCache::CreateFromString method. 2021-10-13T22:57:24+00:00 rocksdb v6.24.2 rocksdb v6.24.2 2021-10-13T23:22:17+00:00 ## 6.24.2 (2021-09-16) ### Bug Fixes * Add checks for validity of the IO uring completion queue entries, and fail the BlockBasedTableReader MultiGet sub-batch if there's an invalid completion ## 6.24.1 (2021-08-31) ### Bug Fixes * Fix a race in item ref counting in LRUCache when promoting an item from the SecondaryCache. ## 6.24.0 (2021-08-20) ### Bug Fixes * If the primary's CURRENT file is missing or inaccessible, the secondary instance should not hang repeatedly trying to switch to a new MANIFEST. It should instead return the error code encountered while accessing the file. * Restoring backups with BackupEngine is now a logically atomic operation, so that if a restore operation is interrupted, DB::Open on it will fail. Using BackupEngineOptions::sync (default) ensures atomicity even in case of power loss or OS crash. * Fixed a race related to the destruction of `ColumnFamilyData` objects. The earlier logic unlocked the DB mutex before destroying the thread-local `SuperVersion` pointers, which could result in a process crash if another thread managed to get a reference to the `ColumnFamilyData` object. * Removed a call to `RenameFile()` on a non-existent info log file ("LOG") when opening a new DB. Such a call was guaranteed to fail though did not impact applications since we swallowed the error. Now we also stopped swallowing errors in renaming "LOG" file. * Fixed an issue where `OnFlushCompleted` was not called for atomic flush. * Fixed a bug affecting the batched `MultiGet` API when used with keys spanning multiple column families and `sorted_input == false`. * Fixed a potential incorrect result in opt mode and assertion failures caused by releasing snapshot(s) during compaction. * Fixed passing of BlobFileCompletionCallback to Compaction job and Atomic flush job which was default paramter (nullptr). BlobFileCompletitionCallback is internal callback that manages addition of blob files to SSTFileManager. * Fixed MultiGet not updating the block_read_count and block_read_byte PerfContext counters ### New Features * Made the EventListener extend the Customizable class. * EventListeners that have a non-empty Name() and that are registered with the ObjectRegistry can now be serialized to/from the OPTIONS file. * Insert warm blocks (data blocks, uncompressed dict blocks, index and filter blocks) in Block cache during flush under option BlockBasedTableOptions.prepopulate_block_cache. Previously it was enabled for only data blocks. * BlockBasedTableOptions.prepopulate_block_cache can be dynamically configured using DB::SetOptions. * Add CompactionOptionsFIFO.age_for_warm, which allows RocksDB to move old files to warm tier in FIFO compactions. Note that file temperature is still an experimental feature. * Add a comment to suggest btrfs user to disable file preallocation by setting `options.allow_fallocate=false`. * Fast forward option in Trace replay changed to double type to allow replaying at a lower speed, by settings the value between 0 and 1. This option can be set via `ReplayOptions` in `Replayer::Replay()`, or via `--trace_replay_fast_forward` in db_bench. * Add property `LiveSstFilesSizeAtTemperature` to retrieve sst file size at different temperature. * Added a stat rocksdb.secondary.cache.hits * Added a PerfContext counter secondary_cache_hit_count * The integrated BlobDB implementation now supports the tickers `BLOB_DB_BLOB_FILE_BYTES_READ`, `BLOB_DB_GC_NUM_KEYS_RELOCATED`, and `BLOB_DB_GC_BYTES_RELOCATED`, as well as the histograms `BLOB_DB_COMPRESSION_MICROS` and `BLOB_DB_DECOMPRESSION_MICROS`. * Added hybrid configuration of Ribbon filter and Bloom filter where some LSM levels use Ribbon for memory space efficiency and some use Bloom for speed. See NewRibbonFilterPolicy. This also changes the default behavior of NewRibbonFilterPolicy to use Bloom for flushes under Leveled and Universal compaction and Ribbon otherwise. The C API function `rocksdb_filterpolicy_create_ribbon` is unchanged but adds new `rocksdb_filterpolicy_create_ribbon_hybrid`. ### Public API change * Added APIs to decode and replay trace file via Replayer class. Added `DB::NewDefaultReplayer()` to create a default Replayer instance. Added `TraceReader::Reset()` to restart reading a trace file. Created trace_record.h, trace_record_result.h and utilities/replayer.h files to access the decoded Trace records, replay them, and query the actual operation results. * Added Configurable::GetOptionsMap to the public API for use in creating new Customizable classes. * Generalized bits_per_key parameters in C API from int to double for greater configurability. Although this is a compatible change for existing C source code, anything depending on C API signatures, such as foreign function interfaces, will need to be updated. ### Performance Improvements * Try to avoid updating DBOptions if `SetDBOptions()` does not change any option value. ### Behavior Changes * `StringAppendOperator` additionally accepts a string as the delimiter. * BackupEngineOptions::sync (default true) now applies to restoring backups in addition to creating backups. This could slow down restores, but ensures they are fully persisted before returning OK. (Consider increasing max_background_operations to improve performance.) 2021-10-13T23:22:17+00:00 rocksdb v6.25.1 rocksdb v6.25.1 2021-10-13T23:31:48+00:00 ## 6.25.1 (2021-09-28) ### Bug Fixes * Fixes a bug in directed IO mode when calling MultiGet() for blobs in the same blob file. The bug is caused by not sorting the blob read requests by file offsets. ## 6.25.0 (2021-09-20) ### Bug Fixes * Allow secondary instance to refresh iterator. Assign read seq after referencing SuperVersion. * Fixed a bug of secondary instance's last_sequence going backward, and reads on the secondary fail to see recent updates from the primary. * Fixed a bug that could lead to duplicate DB ID or DB session ID in POSIX environments without /proc/sys/kernel/random/uuid. * Fix a race in DumpStats() with column family destruction due to not taking a Ref on each entry while iterating the ColumnFamilySet. * Fix a race in item ref counting in LRUCache when promoting an item from the SecondaryCache. * Fix a race in BackupEngine if RateLimiter is reconfigured during concurrent Restore operations. * Fix a bug on POSIX in which failure to create a lock file (e.g. out of space) can prevent future LockFile attempts in the same process on the same file from succeeding. * Fix a bug that backup_rate_limiter and restore_rate_limiter in BackupEngine could not limit read rates. * Fix the implementation of `prepopulate_block_cache = kFlushOnly` to only apply to flushes rather than to all generated files. * Fix WAL log data corruption when using DBOptions.manual_wal_flush(true) and WriteOptions.sync(true) together. The sync WAL should work with locked log_write_mutex_. * Add checks for validity of the IO uring completion queue entries, and fail the BlockBasedTableReader MultiGet sub-batch if there's an invalid completion * Add an interface RocksDbIOUringEnable() that, if defined by the user, will allow them to enable/disable the use of IO uring by RocksDB * Fix the bug that when direct I/O is used and MultiRead() returns a short result, RandomAccessFileReader::MultiRead() still returns full size buffer, with returned short value together with some data in original buffer. This bug is unlikely cause incorrect results, because (1) since FileSystem layer is expected to retry on short result, returning short results is only possible when asking more bytes in the end of the file, which RocksDB doesn't do when using MultiRead(); (2) checksum is unlikely to match. ### New Features * RemoteCompaction's interface now includes `db_name`, `db_id`, `session_id`, which could help the user uniquely identify compaction job between db instances and sessions. * Added a ticker statistic, "rocksdb.verify_checksum.read.bytes", reporting how many bytes were read from file to serve `VerifyChecksum()` and `VerifyFileChecksums()` queries. * Added ticker statistics, "rocksdb.backup.read.bytes" and "rocksdb.backup.write.bytes", reporting how many bytes were read and written during backup. * Added properties for BlobDB: `rocksdb.num-blob-files`, `rocksdb.blob-stats`, `rocksdb.total-blob-file-size`, and `rocksdb.live-blob-file-size`. The existing property `rocksdb.estimate_live-data-size` was also extended to include live bytes residing in blob files. * Added two new RateLimiter IOPriorities: `Env::IO_USER`,`Env::IO_MID`. `Env::IO_USER` will have superior priority over all other RateLimiter IOPriorities without being subject to fair scheduling constraint. * `SstFileWriter` now supports `Put`s and `Delete`s with user-defined timestamps. Note that the ingestion logic itself is not timestamp-aware yet. * Allow a single write batch to include keys from multiple column families whose timestamps' formats can differ. For example, some column families may disable timestamp, while others enable timestamp. * Add compaction priority information in RemoteCompaction, which can be used to schedule high priority job first. * Added new callback APIs `OnBlobFileCreationStarted`,`OnBlobFileCreated`and `OnBlobFileDeleted` in `EventListener` class of listener.h. It notifies listeners during creation/deletion of individual blob files in Integrated BlobDB. It also log blob file creation finished event and deletion event in LOG file. * Batch blob read requests for `DB::MultiGet` using `MultiRead`. * Add support for fallback to local compaction, the user can return `CompactionServiceJobStatus::kUseLocal` to instruct RocksDB to run the compaction locally instead of waiting for the remote compaction result. * Add built-in rate limiter's implementation of `RateLimiter::GetTotalPendingRequest(int64_t* total_pending_requests, const Env::IOPriority pri)` for the total number of requests that are pending for bytes in the rate limiter. * Charge memory usage during data buffering, from which training samples are gathered for dictionary compression, to block cache. Unbuffering data can now be triggered if the block cache becomes full and `strict_capacity_limit=true` for the block cache, in addition to existing conditions that can trigger unbuffering. ### Public API change * Remove obsolete implementation details FullKey and ParseFullKey from public API * Change `SstFileMetaData::size` from `size_t` to `uint64_t`. * Made Statistics extend the Customizable class and added a CreateFromString method. Implementations of Statistics need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Extended `FlushJobInfo` and `CompactionJobInfo` in listener.h to provide information about the blob files generated by a flush/compaction and garbage collected during compaction in Integrated BlobDB. Added struct members `blob_file_addition_infos` and `blob_file_garbage_infos` that contain this information. * Extended parameter `output_file_names` of `CompactFiles` API to also include paths of the blob files generated by the compaction in Integrated BlobDB. * Most `BackupEngine` functions now return `IOStatus` instead of `Status`. Most existing code should be compatible with this change but some calls might need to be updated. 2021-10-13T23:31:48+00:00 DC3-MWCP 3.4.0 DC3-MWCP 3.4.0 2021-10-15T01:14:44+00:00 2021-10-15T01:14:44+00:00 rocksdb v6.25.3 rocksdb v6.25.3 2021-10-15T21:13:42+00:00 ## 6.25.3 (2021-10-14) ### Bug Fixes * Fixed bug in calls to `IngestExternalFiles()` with files for multiple column families. The bug could have introduced a delay in ingested file keys becoming visible after `IngestExternalFiles()` returned. Furthermore, mutations to ingested file keys while they were invisible could have been dropped (not necessarily immediately). * Fixed a possible race condition impacting users of `WriteBufferManager` who constructed it with `allow_stall == true`. The race condition led to undefined behavior (in our experience, typically a process crash). * Fixed a bug where stalled writes would remain stalled forever after the user calls `WriteBufferManager::SetBufferSize()` with `new_size == 0` to dynamically disable memory limiting. ## 6.25.2 (2021-10-11) ### Bug Fixes * Fix `DisableManualCompaction()` to cancel compactions even when they are waiting on automatic compactions to drain due to `CompactRangeOptions::exclusive_manual_compactions == true`. * Fix contract of `Env::ReopenWritableFile()` and `FileSystem::ReopenWritableFile()` to specify any existing file must not be deleted or truncated. 2021-10-15T21:13:42+00:00 MONARC v2.11.1 MONARC v2.11.1 2021-10-26T10:37:30+00:00 ### New - Add import of referential mapping from MOSP ([#391](https://github.com/monarc-project/MonarcAppFO/issues/391)). ### Fix - Subsuming CIA criteria according to the maximum criteria does not work ([#339](https://github.com/monarc-project/MonarcAppFO/issues/339)). - Incorrect sum and list of risks under the secondary assets ([#367](https://github.com/monarc-project/MonarcAppFO/issues/367)). - If impact adjustments are made not only at the level of the primary assets but also at the level of the secondary assets, these assets are listed more than once ([#387](https://github.com/monarc-project/MonarcAppFO/issues/387)). - Recommendation status change error in the Knowledge Base ([#393](https://github.com/monarc-project/MonarcAppFO/issues/393)). - Import issue of setting operational risks values ([#394](https://github.com/monarc-project/MonarcAppFO/issues/394)). - Fix possible circular iteration of the instance root -> parent -> child rendering ([#395](https://github.com/monarc-project/MonarcAppFO/issues/395)). - Mathematical representation of large numbers in the dashboard ([#398](https://github.com/monarc-project/MonarcAppFO/issues/398)). 2021-10-26T10:37:30+00:00 syncthing v1.18.4-rc.2 syncthing v1.18.4-rc.2 2021-10-27T13:35:19+00:00 Bugfixes: - #7991: Encryption trailer not updated on shortcut - #7994: Index "out of sync with reality" on receive-encrypted folder - #8000: stdiscosrv + strelaysrv systemd services not restarting on upgrade - #8012: Not retrying to sync when a new connection is established Enhancements: - #4293: make "Reduced by ignore patterns" label act like "editIgnoresButton" 2021-10-27T13:35:19+00:00 MOSP v0.17.1 MOSP v0.17.1 2021-10-28T11:13:40+00:00 ## What's Changed - Translated using Weblate (French) in https://github.com/CASES-LU/MOSP/pull/48 and many more new languages. - Added type check with mypy. - [templates] added functionality to share a collection on social websites via the btn-group menu. **Full Changelog**: https://github.com/CASES-LU/MOSP/compare/v0.17.0...v0.17.1 2021-10-28T11:13:40+00:00 TheHive 4.1.12 TheHive 4.1.12 2021-10-29T07:49:59+00:00 ## [4.1.12](https://github.com/TheHive-Project/TheHive/milestone/82) (2021-10-29) **Fixed bugs:** - [Bug] Upon case merge: missing webhook events about the operation performed on merged cases [\#1969](https://github.com/TheHive-Project/TheHive/issues/1969) - [Bug] Uploading zipped observables raises a ClassCastException [\#2224](https://github.com/TheHive-Project/TheHive/issues/2224) - [Bug] The search for an observable data is slow [\#2225](https://github.com/TheHive-Project/TheHive/issues/2225) - [Bug] Uploading files could cause TheHive crash with "too many open files" errror [\#2226](https://github.com/TheHive-Project/TheHive/issues/2226) - [Bug] Configuration containing endpoint with "authentication: none" cannot be written [\#2231](https://github.com/TheHive-Project/TheHive/issues/2231) 2021-10-29T07:49:59+00:00 maltrail 0.39 maltrail 0.39 2021-10-31T23:11:08+00:00 Start-of-month release 2021-10-31T23:11:08+00:00 syncthing v1.18.4 syncthing v1.18.4 2021-11-02T16:46:34+00:00 Bugfixes: - #7991: Encryption trailer not updated on shortcut - #7994: Index "out of sync with reality" on receive-encrypted folder - #8000: stdiscosrv + strelaysrv systemd services not restarting on upgrade - #8012: Not retrying to sync when a new connection is established Enhancements: - #4293: make "Reduced by ignore patterns" label act like "editIgnoresButton" 2021-11-02T16:46:34+00:00 OpenTAXII 0.2.1 OpenTAXII 0.2.1 2021-11-04T12:55:36+00:00 Changelog ========= 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-11-04T12:55:36+00:00 OpenTAXII 0.2.2 OpenTAXII 0.2.2 2021-11-05T16:11:01+00:00 Changelog ========= 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-11-05T16:11:01+00:00 osv v0.0.6 osv v0.0.6 2021-11-08T00:52:37+00:00 - Add Maven version expansion support. 2021-11-08T00:52:37+00:00 caddy v2.4.6 caddy v2.4.6 2021-11-08T21:47:28+00:00 This release contains bug fixes and minor enhancements, including [one patch](https://github.com/caddyserver/caddy/pull/4407) with potential security implications related to path matching. Notable patches: - Path matchers unescape/clean URI paths to normalize match space - Fix regex matching in `map` handler Notable enhancements: - `try_files` can now accept `=nnn` (e.g. `=404`) to yield a status code instead of a file. - Template actions `httpError` (stop eval and return HTTP error) and `import` (like `include` but changes template context) were added - New placeholder `{http.request.tls.client.certificate_der_base64}` ## Changelog 749e55c7 caddycmd: Add `--keep-backup` to upgrade commands (#4387) 062657d0 caddycmd: Add `--skip-standard` to `list-modules` command, quieter output (#4386) be5f77e8 caddycmd: fix caddy validate/fmt help message (#4377) 907e2d8d caddyhttp: Add support for triggering errors from `try_files` (#4346) cbb045a1 caddyhttp: Placeholder for client cert in DER + base64 format (#4241) e7457b43 caddyhttp: Sanitize the path before evaluating path matchers (#4407) 837cdc56 caddyhttp: reverseproxy: clarify warning for -insecure (#4379) 24fda751 caddytls: Mark storage clean timestamp at end of routine (#4401) a779e1b3 fastcgi: Fix Caddyfile parsing when `handle_response` is used (#4342) 3f2c3ecf fastcgi: Implement `try_files` override in Caddyfile directive (#4347) 64f8b557 fileserver: Fix compression breaks using httpInclude (#4352) (#4358) d3a02599 fileserver: Fix displayed file size if it is symlink (#4354) 0a5f7a67 fileserver: Make file listing links purple once visited (#4356) a21d5a00 fileserver: Prevent focusing filter from scrolling on page load (#4393) 33c70f41 fileserver: properly handle escaped/non-ascii paths (#4332) c4790d7f go.mod: Carefully upgrade some dependencies (fix #4251) 997e41de go.mod: Replace promptui with Apache-compatible fork (fix #4394) f376a38b go.mod: Update ACMEz and CertMagic a4372066 headers: Canonicalize case in replace (fix #4330) 012d2353 httpcaddyfile: Empty tls policy for internal http localhost (#4398) 0ffb2229 httpcaddyfile: Preserve IPv6 addresses through normalization (fix #4381) a2119c09 map: Fix 95c03506 (avoid repeated expansions) 95c03506 map: Fix regex mappings 3336faf2 reverseproxy: Log error at error level (fix #4360) b0920615 reverseproxy: Prevent copying the response if a response handler ran (#4388) f73f55db reverseproxy: Sanitize scheme and host on incoming requests (#4237) 5fda9610 templates: Add 'import' action (#4321) 16f75212 templates: Add tests for funcInclude and funcImport (#4357) 2392478b templates: Propagate httpError to HTTP response 2021-11-08T21:47:28+00:00 syncthing v1.18.5-rc.1 syncthing v1.18.5-rc.1 2021-11-10T10:18:20+00:00 Bugfixes: - #7715: Deleted encrypted files don't show up as locally changed in web UI 2021-11-10T10:18:20+00:00 rocksdb v6.26.0 rocksdb v6.26.0 2021-11-10T18:08:50+00:00 ## 6.26.0 (2021-10-20) ### Bug Fixes * Fixes a bug in directed IO mode when calling MultiGet() for blobs in the same blob file. The bug is caused by not sorting the blob read requests by file offsets. * Fix the incorrect disabling of SST rate limited deletion when the WAL and DB are in different directories. Only WAL rate limited deletion should be disabled if its in a different directory. * Fix `DisableManualCompaction()` to cancel compactions even when they are waiting on automatic compactions to drain due to `CompactRangeOptions::exclusive_manual_compactions == true`. * Fix contract of `Env::ReopenWritableFile()` and `FileSystem::ReopenWritableFile()` to specify any existing file must not be deleted or truncated. * Fixed bug in calls to `IngestExternalFiles()` with files for multiple column families. The bug could have introduced a delay in ingested file keys becoming visible after `IngestExternalFiles()` returned. Furthermore, mutations to ingested file keys while they were invisible could have been dropped (not necessarily immediately). * Fixed a possible race condition impacting users of `WriteBufferManager` who constructed it with `allow_stall == true`. The race condition led to undefined behavior (in our experience, typically a process crash). * Fixed a bug where stalled writes would remain stalled forever after the user calls `WriteBufferManager::SetBufferSize()` with `new_size == 0` to dynamically disable memory limiting. * Make `DB::close()` thread-safe. * Fix a bug in atomic flush where one bg flush thread will wait forever for a preceding bg flush thread to commit its result to MANIFEST but encounters an error which is mapped to a soft error (DB not stopped). ### New Features * Print information about blob files when using "ldb list_live_files_metadata" * Provided support for SingleDelete with user defined timestamp. * Experimental new function DB::GetLiveFilesStorageInfo offers essentially a unified version of other functions like GetLiveFiles, GetLiveFilesChecksumInfo, and GetSortedWalFiles. Checkpoints and backups could show small behavioral changes and/or improved performance as they now use this new API. * Add remote compaction read/write bytes statistics: `REMOTE_COMPACT_READ_BYTES`, `REMOTE_COMPACT_WRITE_BYTES`. * Introduce an experimental feature to dump out the blocks from block cache and insert them to the secondary cache to reduce the cache warmup time (e.g., used while migrating DB instance). More information are in `class CacheDumper` and `CacheDumpedLoader` at `rocksdb/utilities/cache_dump_load.h` Note that, this feature is subject to the potential change in the future, it is still experimental. * Introduced a new BlobDB configuration option `blob_garbage_collection_force_threshold`, which can be used to trigger compactions targeting the SST files which reference the oldest blob files when the ratio of garbage in those blob files meets or exceeds the specified threshold. This can reduce space amplification with skewed workloads where the affected SST files might not otherwise get picked up for compaction. * Added EXPERIMENTAL support for table file (SST) unique identifiers that are stable and universally unique, available with new function `GetUniqueIdFromTableProperties`. Only SST files from RocksDB >= 6.24 support unique IDs. * Added `GetMapProperty()` support for "rocksdb.dbstats" (`DB::Properties::kDBStats`). As a map property, it includes DB-level internal stats accumulated over the DB's lifetime, such as user write related stats and uptime. ### Public API change * Made SystemClock extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Made SliceTransform extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. The Capped and Prefixed transform classes return a short name (no length); use GetId for the fully qualified name. * Made FileChecksumGenFactory, SstPartitionerFactory, TablePropertiesCollectorFactory, and WalFilter extend the Customizable class and added a CreateFromString method. * Some fields of SstFileMetaData are deprecated for compatibility with new base class FileStorageInfo. * Add `file_temperature` to `IngestExternalFileArg` such that when ingesting SST files, we are able to indicate the temperature of the this batch of files. * If `DB::Close()` failed with a non aborted status, calling `DB::Close()` again will return the original status instead of Status::OK. * Add CacheTier to advanced_options.h to describe the cache tier we used. Add a `lowest_used_cache_tier` option to `DBOptions` (immutable) and pass it to BlockBasedTableReader. By default it is `CacheTier::kNonVolatileBlockTier`, which means, we always use both block cache (kVolatileTier) and secondary cache (kNonVolatileBlockTier). By set it to `CacheTier::kVolatileTier`, the DB will not use the secondary cache. * Even when options.max_compaction_bytes is hit, compaction output files are only cut when it aligns with grandparent files' boundaries. options.max_compaction_bytes could be slightly violated with the change, but the violation is no more than one target SST file size, which is usually much smaller. ### Performance Improvements * Improved CPU efficiency of building block-based table (SST) files (#9039 and #9040). ### Java API Changes * Add Java API bindings for new integrated BlobDB options * `keyMayExist()` supports ByteBuffer. * Fix multiget throwing Null Pointer Exception for num of keys > 70k (https://github.com/facebook/rocksdb/issues/8039). 2021-11-10T18:08:50+00:00 TheHive 4.1.13 TheHive 4.1.13 2021-11-12T10:05:06+00:00 ## [4.1.13](https://github.com/TheHive-Project/TheHive/milestone/83) (2021-11-08) **Implemented enhancements:** - [Feature Request] Add API to link alert and case after a broken migration from TH3 [\#2238](https://github.com/TheHive-Project/TheHive/issues/2238) **Fixed bugs:** - [Bug] Migration breaks links between alerts and cases thus rendering all alert statuses as ignored [\#2232](https://github.com/TheHive-Project/TheHive/issues/2232) - [Bug] Search Section results missing (Observables) [\#2233](https://github.com/TheHive-Project/TheHive/issues/2233) - [Enhancement] Accept slash in attachment filename [\#2240](https://github.com/TheHive-Project/TheHive/issues/2240) 2021-11-12T10:05:06+00:00 rocksdb v6.26.1 rocksdb v6.26.1 2021-11-18T22:47:43+00:00 ## 6.26.1 (2021-11-18) ### Bug Fixes * Fix builds for some platforms. ## 6.26.0 (2021-10-20) ### Bug Fixes * Fixes a bug in directed IO mode when calling MultiGet() for blobs in the same blob file. The bug is caused by not sorting the blob read requests by file offsets. * Fix the incorrect disabling of SST rate limited deletion when the WAL and DB are in different directories. Only WAL rate limited deletion should be disabled if its in a different directory. * Fix `DisableManualCompaction()` to cancel compactions even when they are waiting on automatic compactions to drain due to `CompactRangeOptions::exclusive_manual_compactions == true`. * Fix contract of `Env::ReopenWritableFile()` and `FileSystem::ReopenWritableFile()` to specify any existing file must not be deleted or truncated. * Fixed bug in calls to `IngestExternalFiles()` with files for multiple column families. The bug could have introduced a delay in ingested file keys becoming visible after `IngestExternalFiles()` returned. Furthermore, mutations to ingested file keys while they were invisible could have been dropped (not necessarily immediately). * Fixed a possible race condition impacting users of `WriteBufferManager` who constructed it with `allow_stall == true`. The race condition led to undefined behavior (in our experience, typically a process crash). * Fixed a bug where stalled writes would remain stalled forever after the user calls `WriteBufferManager::SetBufferSize()` with `new_size == 0` to dynamically disable memory limiting. * Make `DB::close()` thread-safe. * Fix a bug in atomic flush where one bg flush thread will wait forever for a preceding bg flush thread to commit its result to MANIFEST but encounters an error which is mapped to a soft error (DB not stopped). ### New Features * Print information about blob files when using "ldb list_live_files_metadata" * Provided support for SingleDelete with user defined timestamp. * Experimental new function DB::GetLiveFilesStorageInfo offers essentially a unified version of other functions like GetLiveFiles, GetLiveFilesChecksumInfo, and GetSortedWalFiles. Checkpoints and backups could show small behavioral changes and/or improved performance as they now use this new API. * Add remote compaction read/write bytes statistics: `REMOTE_COMPACT_READ_BYTES`, `REMOTE_COMPACT_WRITE_BYTES`. * Introduce an experimental feature to dump out the blocks from block cache and insert them to the secondary cache to reduce the cache warmup time (e.g., used while migrating DB instance). More information are in `class CacheDumper` and `CacheDumpedLoader` at `rocksdb/utilities/cache_dump_load.h` Note that, this feature is subject to the potential change in the future, it is still experimental. * Introduced a new BlobDB configuration option `blob_garbage_collection_force_threshold`, which can be used to trigger compactions targeting the SST files which reference the oldest blob files when the ratio of garbage in those blob files meets or exceeds the specified threshold. This can reduce space amplification with skewed workloads where the affected SST files might not otherwise get picked up for compaction. * Added EXPERIMENTAL support for table file (SST) unique identifiers that are stable and universally unique, available with new function `GetUniqueIdFromTableProperties`. Only SST files from RocksDB >= 6.24 support unique IDs. * Added `GetMapProperty()` support for "rocksdb.dbstats" (`DB::Properties::kDBStats`). As a map property, it includes DB-level internal stats accumulated over the DB's lifetime, such as user write related stats and uptime. ### Public API change * Made SystemClock extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Made SliceTransform extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. The Capped and Prefixed transform classes return a short name (no length); use GetId for the fully qualified name. * Made FileChecksumGenFactory, SstPartitionerFactory, TablePropertiesCollectorFactory, and WalFilter extend the Customizable class and added a CreateFromString method. * Some fields of SstFileMetaData are deprecated for compatibility with new base class FileStorageInfo. * Add `file_temperature` to `IngestExternalFileArg` such that when ingesting SST files, we are able to indicate the temperature of the this batch of files. * If `DB::Close()` failed with a non aborted status, calling `DB::Close()` again will return the original status instead of Status::OK. * Add CacheTier to advanced_options.h to describe the cache tier we used. Add a `lowest_used_cache_tier` option to `DBOptions` (immutable) and pass it to BlockBasedTableReader. By default it is `CacheTier::kNonVolatileBlockTier`, which means, we always use both block cache (kVolatileTier) and secondary cache (kNonVolatileBlockTier). By set it to `CacheTier::kVolatileTier`, the DB will not use the secondary cache. * Even when options.max_compaction_bytes is hit, compaction output files are only cut when it aligns with grandparent files' boundaries. options.max_compaction_bytes could be slightly violated with the change, but the violation is no more than one target SST file size, which is usually much smaller. ### Performance Improvements * Improved CPU efficiency of building block-based table (SST) files (#9039 and #9040). ### Java API Changes * Add Java API bindings for new integrated BlobDB options * `keyMayExist()` supports ByteBuffer. * Fix multiget throwing Null Pointer Exception for num of keys > 70k (https://github.com/facebook/rocksdb/issues/8039). 2021-11-18T22:47:43+00:00 osv v0.0.7 osv v0.0.7 2021-11-22T06:20:35+00:00 - Various bug fixes. 2021-11-22T06:20:35+00:00 TheHive 4.1.14 TheHive 4.1.14 2021-11-22T10:20:10+00:00 ## [4.1.14](https://github.com/TheHive-Project/TheHive/milestone/84) (2021-11-19) **Implemented enhancements:** - [FR] Add user/org in Analyzers requests parameters [\#2245](https://github.com/TheHive-Project/TheHive/issues/2245) - [Feature Request] Add sort capability on "Profile" field of a organisations users list [\#2246](https://github.com/TheHive-Project/TheHive/issues/2246) - [Feature Request] Add API for change observable from a type to another [\#2251](https://github.com/TheHive-Project/TheHive/issues/2251) **Fixed bugs:** - [Bug] Fix observable type inconsistencies [\#2248](https://github.com/TheHive-Project/TheHive/issues/2248) - [Bug] Send notification to all viewing organisations [\#2249](https://github.com/TheHive-Project/TheHive/issues/2249) - [Bug] Update the field caseId in alert when it is imported in case [\#2250](https://github.com/TheHive-Project/TheHive/issues/2250) - [Bug] Incomplete alert observable details in search page [\#2252](https://github.com/TheHive-Project/TheHive/issues/2252) 2021-11-22T10:20:10+00:00 MISP v2.4.150 MISP v2.4.150 2021-11-23T10:01:11+00:00 # MISP 2.4.150 released MISP 2.4.150 released, including a new CA bundle to combat the issues with the Letsencrypt root CA expiration. This is a follow-up release to 2.4.149 and has no other major changes besides pointing to our own repository of the framework that includes the new CA bundle. # Sync issues due to the expiration of a Letsencrypt root CA As described in their [blog post](https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/#:~:text=On%20September%2030%202021%2C%20there,accept%20your%20Let's%20Encrypt%20certificate), Letsencrpyt had to retire an old Root CA, meaning that that SSL connections when synchronising MISP with other instances would fail if the remote side used letsencrypt. This update includes a new CA bundle that should help you avoid any issues with this. # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-11-23T10:01:11+00:00 MISP v2.4.151 MISP v2.4.151 2021-11-23T13:47:51+00:00 # MISP 2.4.151 released ![](https://www.misp-project.org/assets/images/misp/blog/graph-syria.png) MISP 2.4.151 released including a host of bug fixes and a bunch of new features. # New features - New background processor by @righel - Improvements to the CLI tools - Bug fixes and improvements # New background processor - MISP has been using CakeResque for its background jobs for the better part of a decade. Whilst it has served us well, the library has been stale for a long time and carries a (for us) unnecessary complexity and is generally the most difficult part of the application to debug - Luciano "@righel" Righetti has implemented a completely new, compatible background processing engine using Supervisord - Queue and execute jobs the same way as you are used to from before, monitor worker progress via the tools provided by supervisord in addition to MISP - No scheduling capabilities, these were an unnecessary overhead for us before as we relied on corn jobs as our preferred scheduling mechanism anyway - Expect more improvements to this library over the course of the next months, but feel free to switch to using it already now - Currently it is completely optional and the old background processor will still be supported for a while - Be aware that manual setup steps are required to get the new processor working, refer to [the upgrade guide](https://gist.github.com/righel/8ebc6c84341f2aea7d0bfa124e535ef8) on the procedure, if you decide to start using it already now # Various CLI changes - Jakub Onderka has been doing a fair bit of refactoring and improvement of the CLI libraries - additional administrative tools added to help monitor and manage your MISP instance (such as redis memory diagnostics, mysql table optimisation tool, etc) # Option to move the system settings to the database - Traditionally all system config settings were stored in the config.php file, with a new configuration thanks to Jakub Onderka's implementation the settings can be moved to the database rather than the file. - This should help with persistence for containerised installations # Various improvements - The previous version introduced a new STIX library as a replacement for the old one. This change did end up causing some update issues for some installations, the built in updater is now aware of this change and should allow you to easily update via the UI/API updater, with the new STIX library working as intended - A long list of improvements, thanks to all contributors! For a detailed list of changes, head over to the [changelog](https://www.misp-project.org/Changelog.txt) # MISP Modules - New [Passive SSH expansion](https://github.com/D4-project/passive-ssh) expansion module. - Updated [Recorded Future](https://misp.github.io/misp-modules/expansion/#recordedfuture) expansion module included links and related data. - New [CIRCL hashlookup expansion](https://circl.lu/services/hashlookup/) module added. The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt). # MISP Taxonomies - Updated taxonomies for [Interactive Cyber Training setup and environment](https://www.misp-project.org/taxonomies.html#_interactive_cyber_training_audience). - Updated [fr-classification](https://www.misp-project.org/taxonomies.html#_fr_classif) to match IGI1300. [MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available. # MISP Galaxy - Updated to MITRE ATT&CK version 10. - Multiple updates in malpedia, threat actor galaxy and Office 365 techniques. [MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt) # MISP Objects - New JA3 server object added. - New Security playbook object added. - New submarine object added - New Passive SSH object added. - Updated device object. - New hashlookup object added. - New edr-report object added. [MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt) # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-11-23T13:47:51+00:00 syncthing v1.18.5-rc.2 syncthing v1.18.5-rc.2 2021-11-23T20:29:45+00:00 Bugfixes: - #7715: Deleted encrypted files don't show up as locally changed in web UI Enhancements: - #7115: Use CRLF instead of LF in config.xml and .stignore on Windows - #8014: Send TLS SNI to relay server - #8021: Provide a way to preset GUI credentials with password hashing 2021-11-23T20:29:45+00:00 osv v0.0.8 osv v0.0.8 2021-11-29T03:30:16+00:00 - Add support for `Ecosystem.next_version` 2021-11-29T03:30:16+00:00 osv v0.0.9 osv v0.0.9 2021-11-29T04:18:02+00:00 2021-11-29T04:18:02+00:00 Stegano v0.10.0 Stegano v0.10.0 2021-11-29T22:07:50+00:00 ## What's Changed * Update index.rst by @kapkic in https://github.com/cedricbonhomme/Stegano/pull/31 * added: shi-tomashi corner generator by @thundersparkf in https://github.com/cedricbonhomme/Stegano/pull/32 ## New Contributors * @kapkic made their first contribution in https://github.com/cedricbonhomme/Stegano/pull/31 * @thundersparkf made their first contribution in https://github.com/cedricbonhomme/Stegano/pull/32 **Full Changelog**: https://github.com/cedricbonhomme/Stegano/compare/v0.9.9...v0.10.0 For more details see the project page: https://sr.ht/~cedric/stegano 2021-11-29T22:07:50+00:00 Stegano v0.10.1 Stegano v0.10.1 2021-11-30T08:23:48+00:00 **Full Changelog**: https://github.com/cedricbonhomme/Stegano/compare/v0.10.0...v0.10.1 For more details see the project page: https://sr.ht/~cedric/stegano 2021-11-30T08:23:48+00:00 maltrail 0.40 maltrail 0.40 2021-11-30T23:11:08+00:00 Start-of-month release 2021-11-30T23:11:08+00:00 AIL-framework v4.0 AIL-framework v4.0 2021-12-02T14:57:30+00:00 # AIL Framework version 4.0 has been released including a major new feature to allow synchronisation to other AIL instance(s). The new synchronisation mechanism allow the sync from one AIL instance to another AIL using a standard WebSocket using AIL JSON protocol. The synchronisation allows to filter and sync specific collected items including crawled items or specific tagged items matching defined rules. This feature can be very useful to limit the scope of analysis in specific fields or resource intensive activity. This sync can be also used to share filtered streams with other partners. ![An overview of the configuration in AIL sync](https://www.ail-project.org/assets/img/ail-sync.png) ![Webhook configuration in AIL tracker](https://www.ail-project.org/assets/img/ail-webhook.png) A new functionality has been added to trigger a webhook when a tracker is matched in AIL. This is in addition to email notification. The webhook can be used to trigger additional pipelines in AIL. Additional API endpoints were added such `get_item_sources` `get_check_item_source` and `get_default_yara_rule_content`. Thanks to the numerous external contributors such as Olivier Sagit and Tony Jabbour. A special thank for the webhook and API developed by Tony Jabbour from [CSIRT POST Cyberforce in Luxembourg](https://business.post.lu/grandes-entreprises/csirt). The first version of the synchronisation protocol has been developed in the scope of the JTAN (Joint Threat Analysis Network), a CEF co-funded project (2020-EU-IA-0260). Many bugs were fixed in this release and many small improvements were added. ![](https://www.ail-project.org/assets/img/ail-new.png) ![](https://www.ail-project.org/assets/img/ail-new2.png) Detailed changelog is available on [https://www.ail-project.org/ChangeLog](https://www.ail-project.org/ChangeLog). # Changelog ## v4.0 (2021-12-01) ### Changes * [sync UI] disable pull. [Terrtia] * [sync UI] dashboard, show nb of imported items + launch/kill ail servers when a queue is subscribed/unsubscribed. [Terrtia] * [ail sync UI] restarr/launch/kill sync connections + show sync mode api/pull/push. [Terrtia] * [ail sync server] add server controller + list connected clients ail_uuid->sync_modes. [Terrtia] * [ail sync ui] copy to clipboard ail_uuid, ail server key. [Terrtia] * [ail sync] edit ail_servers/sync_queues + fix logs. [Terrtia] * [api] rename endpoints. [Terrtia] * [ail sync] add sync api (ping, version) + UI/client error handler. [Terrtia] * [doc] GI Badge. [Steve Clement] * [v4.0 AIL SYNC / AIL 2 AIL] SYNC Manager + fixs + views. [Terrtia] * [crawler] add auto crawler functions. [Terrtia] ### Fix * [sync client] don't launch client if ail server not linked with a sync queue. [Terrtia] * [sync server] remove hardcoded host. [Terrtia] * [sync server] host. [Terrtia] * [sync client] fix websockets client connect for python >= 3.8. [Terrtia] * [ail sync] fix refresh_ail_instance_connection. [Terrtia] * [ail sync] fix refresh_ail_instance_connection. [Terrtia] * [ail sync] server + client: resend object in queue on ConnectionClosedError. [Terrtia] * [crawler] add comment. [Terrtia] * [UI ail sync] fix nav. [Terrtia] * [UI ail sync] add missing ail icon. [Terrtia] * [doc] Remove Travis. [Steve Clement] * [py] Minor python dependency change. [Steve Clement] * Inherit AbstractModule to prevent stuck queues. [osagit] regex compiled only at start, not in the loop no duplicate warning string comments * Error message contains http protocol twice. [osagit] Error Can't connect to AIL Splash Manager, http://https://localhost:7001/ ### Other * Merge pull request #130 from TonyJabbour/master. [Thirion Aurélien] New restAPIs * Merge branch 'dev' into master. [Thirion Aurélien] * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Merge branch 'master' of github.com:ail-project/ail-framework. [Alexandre Dulaunoy] * Merge pull request #569 from SteveClement/master. [Steve Clement] * Chg_ [AIL 2 AIL] add backend. [Terrtia] * Merge branch 'master' of github.com:ail-project/ail-framework. [Terrtia] * Add tracker fixed api function replaced it with internal function. [TonyJabbour] * Added get_tracker_metadata_api Removed unnecessarily parentheses. [TonyJabbour] * New API Endpoint: Fixed get_item_content_encoded_text Added get_item_sources Added get_check_item_source Added get_default_yara_rule_content. [TonyJabbour] * Removed unnecessarily parentheses. [TonyJabbour] * New API Endpoint: Return Item Content in base64 in non JSON format. [TonyJabbour] * Merge remote-tracking branch 'origin/master' [TonyJabbour] * Merge branch 'ail-project:master' into master. [Tony] * Merge pull request #129 from TonyJabbour/master. [Thirion Aurélien] Webhook implementation * Unnecessarily parenthesis removed. [TonyJabbour] * Base64 Problem. [TonyJabbour] * Base64 Problem. [TonyJabbour] * Type fixed. [TonyJabbour] * Type fixed. [TonyJabbour] * Error Fixed. [TonyJabbour] * Add new API endpoint that return only content encoded in base64. [TonyJabbour] * Webhook unnecessarily line removed Removed unnecessarily parentheses. [TonyJabbour] * Type fixed. [TonyJabbour] * Added a try/catch to handle exceptions Replaced the raise to send message to redis_logger. [TonyJabbour] * Fixed tracker_metadata. [TonyJabbour] * Typo Fixed. [TonyJabbour] * Fixed UI Datatable in showTracker Page Removed "Advanced Search" text from menu misleading button. [TonyJabbour] * Fixed Webhook integration with Trackers. [TonyJabbour] * -Fixed "get_tracker_metedata" typo -Typo Fixed. [TonyJabbour] * -Fixed "description" arg -Typo Fixed. [TonyJabbour] * -Fixed the 500 error issue when installing new instance of ail when adding new trackers -Fixed missing arguments -Typo Fixed. [TonyJabbour] * Fix webhook. [TonyJabbour] * Remove dict from Trackers. [TonyJabbour] * Add webhook post support in yara and regex trackers. [TonyJabbour] * Fix get_term_webhook. [TonyJabbour] * Add some changes for webhook. [TonyJabbour] * Add initial support for Webhook in Term Trackers. [TonyJabbour] * Fix spelling issue in Webhook. [TonyJabbour] * Add more support for Webhook URL. [TonyJabbour] * Add initial UI support for Webhook in tracker. [TonyJabbour] * Merge pull request #127 from osagit/patch-3. [Thirion Aurélien] fix: inherit AbstractModule to prevent stuck queues * Merge pull request #126 from osagit/patch-2. [Thirion Aurélien] fix: error message contains http protocol twice 2021-12-02T14:57:30+00:00 Lookyloo v1.10 Lookyloo v1.10 2021-12-03T11:00:08+00:00 # New features * [Hashlookup](https://www.circl.lu/services/hashlookup/) integration - [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-integration.html#_hashlookup_v1_10) * Pass arbitrary HTTP headers to captures - [Documentation](https://www.lookyloo.eu/docs/main/usage.html#_capture_configuration) * Pass arbitrary User-Agents to captures - [Documentation](https://www.lookyloo.eu/docs/main/usage.html#_browser_configuration) * Get hashes of all the resources using any algorithm supported by Python (API) * Add configuration setting to make captures private by default - See `default_public` in the [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-configuration.html#_core_config) * Add [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings to allow JavaScript submissions (required for the [browser extension](https://github.com/Lookyloo/webext)) * Defang URLs in email notifications # Fixes * Avoid exception when the timestamp of a capture has no millisecond * Avoid exceptions in archiver when indexes are broken # Changes * Improve logging * Improve capture page * Normalize tooltips across the app * Save redis databases to disk less often * Programmatically shutdown redis databases (synchronous) * Bump dependencies 2021-12-03T11:00:08+00:00 Lookyloo v1.10.0 Lookyloo v1.10.0 2021-12-03T11:00:08+00:00 # New features * [Hashlookup](https://www.circl.lu/services/hashlookup/) integration - [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-integration.html#_hashlookup_v1_10) * Pass arbitrary HTTP headers to captures - [Documentation](https://www.lookyloo.eu/docs/main/usage.html#_capture_configuration) * Pass arbitrary User-Agents to captures - [Documentation](https://www.lookyloo.eu/docs/main/usage.html#_browser_configuration) * Get hashes of all the resources using any algorithm supported by Python (API) * Add configuration setting to make captures private by default - See `default_public` in the [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-configuration.html#_core_config) * Add [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings to allow JavaScript submissions (required for the [browser extension](https://github.com/Lookyloo/webext)) * Defang URLs in email notifications # Fixes * Avoid exception when the timestamp of a capture has no millisecond * Avoid exceptions in archiver when indexes are broken # Changes * Improve logging * Improve capture page * Normalize tooltips across the app * Save redis databases to disk less often * Programmatically shutdown redis databases (synchronous) * Bump dependencies 2021-12-03T11:00:08+00:00 osquery 5.1.0 osquery 5.1.0 2021-12-03T15:06:13+00:00 5.1.0 notes coming soon! 2021-12-03T15:06:13+00:00 dnstwist 20211204 dnstwist 20211204 2021-12-04T15:53:14+00:00 2021-12-04T15:53:14+00:00 syncthing v1.18.5 syncthing v1.18.5 2021-12-07T10:16:21+00:00 Bugfixes: - #7715: Deleted encrypted files don't show up as locally changed in web UI Enhancements: - #7115: Use CRLF instead of LF in config.xml and .stignore on Windows - #8014: Send TLS SNI to relay server - #8021: Provide a way to preset GUI credentials with password hashing 2021-12-07T10:16:21+00:00 whids v1.8.0.beta.5 whids v1.8.0.beta.5 2021-12-07T21:25:35+00:00 ## Changes - Improved EDR event action handler - Improved file upload to manager to reduce memory impact of big file upload - migration to sod v1.4 - changed the way user are managed - changed logic around user authentication - added a way to create user from manager's CLI - auto generating OpenAPI definition from tests - OpenAPI definition ## Fixes - #87: Improve golang unit testing - #86: Fix golang unit tests - #85: Add API endpoint to manage IOCs spread on endpoints for detection - #84: Ability to config default actions on different criticality thresholds - #82: Action to produce short reports - #81: Change "Api-Key" Authentication header - #78: request feature - list closed report on a defined time period - #77: Missing query criticality parameter on get /endpoint call - #65: Archive reports - #66: Implement /endpoint/{UUID}/report/archive - #63: Make manager's data persistent 2021-12-07T21:25:35+00:00 whids v1.8.0-beta.5 whids v1.8.0-beta.5 2021-12-07T21:25:35+00:00 ## Changes - Improved EDR event action handler - Improved file upload to manager to reduce memory impact of big file upload - migration to sod v1.5 - changed the way user are managed - changed logic around user authentication - added a way to create user from manager's CLI - auto generating OpenAPI definition from tests - OpenAPI definition ## Fixes - #87: Improve golang unit testing - #86: Fix golang unit tests - #85: Add API endpoint to manage IOCs spread on endpoints for detection - #84: Ability to config default actions on different criticality thresholds - #82: Action to produce short reports - #81: Change "Api-Key" Authentication header - #78: request feature - list closed report on a defined time period - #77: Missing query criticality parameter on get /endpoint call - #65: Archive reports - #66: Implement /endpoint/{UUID}/report/archive - #63: Make manager's data persistent 2021-12-07T21:25:35+00:00 HyperDbg v0.1.0-beta HyperDbg v0.1.0-beta 2021-12-08T23:12:08+00:00 HyperDbg is **not** yet released but it is now available for testing! Please test it and provide us with your valuable feedback and possible bugs. Please follow the instructions [here](https://docs.hyperdbg.org/getting-started/build-and-install) to start using HyperDbg. **Full Changelog**: https://github.com/HyperDbg/HyperDbg/commits/v0.1.0-beta 2021-12-08T23:12:08+00:00 TheHive 4.1.15 TheHive 4.1.15 2021-12-09T10:20:06+00:00 ## [4.1.15](https://github.com/TheHive-Project/TheHive/milestone/85) (2021-12-06) **Implemented enhancements:** - [Feature Request] Add query to retrieve audit from an object [\#2266](https://github.com/TheHive-Project/TheHive/issues/2266) - [Feature Request] Sort similar Alerts by Observables [\#2270](https://github.com/TheHive-Project/TheHive/issues/2270) - [Enhancement] Add space after the title prefix from case template [\#2278](https://github.com/TheHive-Project/TheHive/issues/2278) **Fixed bugs:** - [Bug] Search without sort make queries slow [\#2261](https://github.com/TheHive-Project/TheHive/issues/2261) - [Bug] Marking an alert as read do not update it's "updatedAt" field [\#2262](https://github.com/TheHive-Project/TheHive/issues/2262) - [Bug] dataType removal doesn't work [\#2263](https://github.com/TheHive-Project/TheHive/issues/2263) - [Bug] Fix index creation and rebuild [\#2265](https://github.com/TheHive-Project/TheHive/issues/2265) 2021-12-09T10:20:06+00:00 whids v1.8.0-beta.6 whids v1.8.0-beta.6 2021-12-10T14:57:59+00:00 ## Fixes - #90 v1.8.0 beta5 bug - #91 Correlate and enrich Microsoft-Windows-Kernel-File ETW logs 2021-12-10T14:57:59+00:00 ursadb v1.4.0 ursadb v1.4.0 2021-12-14T01:19:06+00:00 Release refs/tags/v1.4.0 2021-12-14T01:19:06+00:00 ursadb v1.4.1 ursadb v1.4.1 2021-12-14T01:19:14+00:00 Release refs/tags/v1.4.1 2021-12-14T01:19:14+00:00 TheHive 4.1.16 TheHive 4.1.16 2021-12-20T07:08:59+00:00 ## [4.1.16](https://github.com/TheHive-Project/TheHive/milestone/86) (2021-12-17) **Implemented enhancements:** - [Feature Request] Remove persistent filters on "Similar Cases" tab [\#2282](https://github.com/TheHive-Project/TheHive/issues/2282) - [Enhancement] When observable data is too big, use hash [\#2288](https://github.com/TheHive-Project/TheHive/issues/2288) - Remove unnecessary log4j dependency [\#2291](https://github.com/TheHive-Project/TheHive/issues/2291) **Fixed bugs:** - [Bug] Index fails with immense terms [\#2289](https://github.com/TheHive-Project/TheHive/issues/2289) - [Bug] Marking an alert as read do not update it's "updatedAt" nor "updatedBy" field [\#2292](https://github.com/TheHive-Project/TheHive/issues/2292) 2021-12-20T07:08:59+00:00 rocksdb v6.27.3 rocksdb v6.27.3 2021-12-20T18:59:42+00:00 ## 6.27.3 (2021-12-10) ### Bug Fixes * Fixed a bug in TableOptions.prepopulate_block_cache which causes segmentation fault when used with TableOptions.partition_filters = true and TableOptions.cache_index_and_filter_blocks = true. * Fixed a bug affecting custom memtable factories which are not registered with the `ObjectRegistry`. The bug could result in failure to save the OPTIONS file. ## 6.27.2 (2021-12-01) ### Bug Fixes * Fixed a bug in rocksdb automatic implicit prefetching which got broken because of new feature adaptive_readahead and internal prefetching got disabled when iterator moves from one file to next. ## 6.27.1 (2021-11-29) ### Bug Fixes * Fixed a bug that could, with WAL enabled, cause backups, checkpoints, and `GetSortedWalFiles()` to fail randomly with an error like `IO error: 001234.log: No such file or directory` ## 6.27.0 (2021-11-19) ### New Features * Added new ChecksumType kXXH3 which is faster than kCRC32c on almost all x86\_64 hardware. * Added a new online consistency check for BlobDB which validates that the number/total size of garbage blobs does not exceed the number/total size of all blobs in any given blob file. * Provided support for tracking per-sst user-defined timestamp information in MANIFEST. * Added new option "adaptive_readahead" in ReadOptions. For iterators, RocksDB does auto-readahead on noticing sequential reads and by enabling this option, readahead_size of current file (if reads are sequential) will be carried forward to next file instead of starting from the scratch at each level (except L0 level files). If reads are not sequential it will fall back to 8KB. This option is applicable only for RocksDB internal prefetch buffer and isn't supported with underlying file system prefetching. * Added the read count and read bytes related stats to Statistics for tiered storage hot, warm, and cold file reads. * Added an option to dynamically charge an updating estimated memory usage of block-based table building to block cache if block cache available. It currently only includes charging memory usage of constructing (new) Bloom Filter and Ribbon Filter to block cache. To enable this feature, set `BlockBasedTableOptions::reserve_table_builder_memory = true`. * Add a new API OnIOError in listener.h that notifies listeners when an IO error occurs during FileSystem operation along with filename, status etc. * Added compaction readahead support for blob files to the integrated BlobDB implementation, which can improve compaction performance when the database resides on higher-latency storage like HDDs or remote filesystems. Readahead can be configured using the column family option `blob_compaction_readahead_size`. ### Bug Fixes * Prevent a `CompactRange()` with `CompactRangeOptions::change_level == true` from possibly causing corruption to the LSM state (overlapping files within a level) when run in parallel with another manual compaction. Note that setting `force_consistency_checks == true` (the default) would cause the DB to enter read-only mode in this scenario and return `Status::Corruption`, rather than committing any corruption. * Fixed a bug in CompactionIterator when write-prepared transaction is used. A released earliest write conflict snapshot may cause assertion failure in dbg mode and unexpected key in opt mode. * Fix ticker WRITE_WITH_WAL("rocksdb.write.wal"), this bug is caused by a bad extra `RecordTick(stats_, WRITE_WITH_WAL)` (at 2 place), this fix remove the extra `RecordTick`s and fix the corresponding test case. * EventListener::OnTableFileCreated was previously called with OK status and file_size==0 in cases of no SST file contents written (because there was no content to add) and the empty file deleted before calling the listener. Now the status is Aborted. * Fixed a bug in CompactionIterator when write-preared transaction is used. Releasing earliest_snapshot during compaction may cause a SingleDelete to be output after a PUT of the same user key whose seq has been zeroed. * Added input sanitization on negative bytes passed into `GenericRateLimiter::Request`. * Fixed an assertion failure in CompactionIterator when write-prepared transaction is used. We prove that certain operations can lead to a Delete being followed by a SingleDelete (same user key). We can drop the SingleDelete. * Fixed a bug of timestamp-based GC which can cause all versions of a key under full_history_ts_low to be dropped. This bug will be triggered when some of the ikeys' timestamps are lower than full_history_ts_low, while others are newer. * In some cases outside of the DB read and compaction paths, SST block checksums are now checked where they were not before. * Explicitly check for and disallow the `BlockBasedTableOptions` if insertion into one of {`block_cache`, `block_cache_compressed`, `persistent_cache`} can show up in another of these. (RocksDB expects to be able to use the same key for different physical data among tiers.) * Users who configured a dedicated thread pool for bottommost compactions by explicitly adding threads to the `Env::Priority::BOTTOM` pool will no longer see RocksDB schedule automatic compactions exceeding the DB's compaction concurrency limit. For details on per-DB compaction concurrency limit, see API docs of `max_background_compactions` and `max_background_jobs`. * Fixed a bug of background flush thread picking more memtables to flush and prematurely advancing column family's log_number. * Fixed an assertion failure in ManifestTailer. ### Behavior Changes * `NUM_FILES_IN_SINGLE_COMPACTION` was only counting the first input level files, now it's including all input files. * `TransactionUtil::CheckKeyForConflicts` can also perform conflict-checking based on user-defined timestamps in addition to sequence numbers. * Removed `GenericRateLimiter`'s minimum refill bytes per period previously enforced. ### Public API change * When options.ttl is used with leveled compaction with compactinon priority kMinOverlappingRatio, files exceeding half of TTL value will be prioritized more, so that by the time TTL is reached, fewer extra compactions will be scheduled to clear them up. At the same time, when compacting files with data older than half of TTL, output files may be cut off based on those files' boundaries, in order for the early TTL compaction to work properly. * Made FileSystem extend the Customizable class and added a CreateFromString method. Implementations need to be registered with the ObjectRegistry and to implement a Name() method in order to be created via this method. * Clarified in API comments that RocksDB is not exception safe for callbacks and custom extensions. An exception propagating into RocksDB can lead to undefined behavior, including data loss, unreported corruption, deadlocks, and more. * Marked `WriteBufferManager` as `final` because it is not intended for extension. * Removed unimportant implementation details from table_properties.h * Add API `FSDirectory::FsyncWithDirOptions()`, which provides extra information like directory fsync reason in `DirFsyncOptions`. File system like btrfs is using that to skip directory fsync for creating a new file, or when renaming a file, fsync the target file instead of the directory, which improves the `DB::Open()` speed by ~20%. * `DB::Open()` is not going be blocked by obsolete file purge if `DBOptions::avoid_unnecessary_blocking_io` is set to true. * In builds where glibc provides `gettid()`, info log ("LOG" file) lines now print a system-wide thread ID from `gettid()` instead of the process-local `pthread_self()`. For all users, the thread ID format is changed from hexadecimal to decimal integer. * In builds where glibc provides `pthread_setname_np()`, the background thread names no longer contain an ID suffix. For example, "rocksdb:bottom7" (and all other threads in the `Env::Priority::BOTTOM` pool) are now named "rocksdb:bottom". Previously large thread pools could breach the name size limit (e.g., naming "rocksdb:bottom10" would fail). * Deprecating `ReadOptions::iter_start_seqnum` and `DBOptions::preserve_deletes`, please try using user defined timestamp feature instead. The options will be removed in a future release, currently it logs a warning message when using. ### Performance Improvements * Released some memory related to filter construction earlier in `BlockBasedTableBuilder` for `FullFilter` and `PartitionedFilter` case (#9070) 2021-12-20T18:59:42+00:00 MISP v2.4.152 MISP v2.4.152 2021-12-22T16:38:02+00:00 # MISP 2.4.152 released ![](https://www.misp-project.org/assets/images/misp/blog/timeline-improvement.png) MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more. The LinOTP authentication module has been improved to include a mixed mode where both OTP and MISP's usual password authentication can be used together. The timelining has been improved in several ways, such as the inclusion of images from objects, as well as various improvements in the timeline's sighting view. Several bugs were affecting this feature have also been fixed. A new optional synchronisation filtering has been added to allow for the removal of specific attribute or object types when syncing. The functionality is meant to be used by the final recipient organisations of a synchronisation chain, in order to filter out specific types of information due to legal or specific internal policies. The filtering feature is disabled by default and needs to be enabled in the general configuration. This feature is for ISACs or consumer organisations, not redistributing information to other MISP communities. A new STIX 1 and 2 export for attribute restSearch has been added in complement to the existing event export in STIX 1 and 2. The export works just like the other event level STIX export, all you need to do is specify the given STIX format as the return type when querying the attribute restSearch endpoint. Many internal improvements and bugs fixed. # MISP Modules - New [Qintel sentry module](https://misp.github.io/misp-modules/expansion/#qintel_qsentry) added. - [CIRCL hashlookup expansion](https://circl.lu/services/hashlookup/) SHA-256 support added. The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt). # MISP Taxonomies - New [political spectrum taxonomy](https://www.misp-project.org/taxonomies.html#_political_spectrum) added. - Improvement in exercise taxonomy. - New [deception taxonomy](https://www.misp-project.org/taxonomies.html#_deception) added. [MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available. # MISP Galaxy - New matrix [CONCORDIA Mobile Modelling Framework - Attack Pattern](https://www.misp-project.org/galaxy.html#_concordia_mobile_modelling_framework_attack_pattern) added (thanks to [Concordia H2020 project](https://www.concordia-h2020.eu/)). - Many update in threat actor, RAT and tools galaxy. [MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt) # MISP Objects - New Concordia intrusion set object. - New temporal event object. - Many improvements in user, person, postal-address, email object. - New relationships added such as `found-in`, `works-with`, `drives`. [MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt) # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . 2021-12-22T16:38:02+00:00 OpenTAXII 0.2.3 OpenTAXII 0.2.3 2021-12-27T14:49:38+00:00 Changelog ========= 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-12-27T14:49:38+00:00 OpenTAXII 0.3.0a2 OpenTAXII 0.3.0a2 2021-12-27T15:35:34+00:00 Changelog ========= 0.3.0a2 (2021-12-27) ------- * Merge changes from 0.2.3 maintenance release 0.3.0a1 ------- * Add python 3.10 support 0.3.0a0 ------- * Enablement for future taxii2 implementation * Fix documentation build issues 0.2.3 (2021-12-22) ------------------ * Fix bug in multithreaded use of sqlite (`#210 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_ thanks `@rohits144 <https://github.com/rohits144>`_ for the report) 0.2.2 (2021-11-05) ------------------ * Fix readthedocs build 0.2.1 (2021-11-03) ------------------ * Add tests for python 3.6, 3.7, 3.8, 3.9, pypy * Add tests for sqlite, mysql, mariadb, postgresql * Fix bug that broke ``delete_content_blocks`` when using mysql on sqlalchemy 1.3 * Docs: Add db schema diagram * Docs: Clarify how to get default data in a default (development) docker instance * Fix implicit routing in TAXII 1.1 Inboxes * Update jwt usage to pyjwt >= 2.0 (thanks `@SanyaKapoor <https://github.com/SanyaKapoor>`_) 0.2.0 (2020-06-30) ------------------ * Enforce UTC usage in datetime fields in SQL DB Persistence API. * `Fix for #114 <https://github.com/eclecticiq/OpenTAXII/issues/114>`_: reintroduce ``opentaxii-create-account`` CLI command. * `Fix for #153 <https://github.com/eclecticiq/OpenTAXII/issues/152>`_: check if user can modify a collection before advertising it over inbox service. * Multiple coding style fixes. * Various documentation updates. 0.1.12 (2019-03-06) ------------------- * Remove unnecessary print statements. 0.1.11 (2019-02-13) ------------------- * Make JSON logging consistent when the application is run via Gunicorn. * Set ``acceptable_destination`` key in status details instead of extended headers * Allow passing ``engine_parameters`` to ``SQLDatabaseAPI`` for those who want to customize SQLAlchemy engine parameters. * Require recent version of ``lxml`` for security reasons. * Various test and Docker infrastructure improvements. 0.1.10 (2018-06-03) ------------------- * Replace separate service/collection/account creation process with single ``opentaxii-sync-data`` CLI command. * Persistence and Auth APIs extended with missing CRUD methods, that are used by ``opentaxii-sync-data``. * Read/modify collection level ACL added. * DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration. * Drop python2.7 from testing scope. * Various bug fixes and improvements. 0.1.9 (2017-06-19) ------------------ * `libtaxii <https://github.com/TAXIIProject/libtaxii>`_ dependency upgraded to 1.1.111. * Various bug fixes and improvements (thanks to `@bjigmp <https://github.com/bjigmp>`_, `@chorsley <https://github.com/chorsley>`_, `@rjprins <https://github.com/rjprins>`_). 0.1.8 (2017-02-21) ------------------ * Ability to enable/disable "huge trees" support in XML parser. Configuration property ``xml_parser_supports_huge_tree`` set to ``yes`` or ``true`` will disable security restrictions and force XML parser to support very deep trees and very long text content. * Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend. * Use Python 3.5 instead of Python 3.4 for tests. 0.1.7 (2016-10-18) ------------------ * Minor fixes. * Dependencies were changed from hard-pinned to more flexible. * Example of production DB configuration added to docs. 0.1.6 (2016-06-01) ------------------ * Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run. * Flake8 full style compatibility. Flake8 check added to Tox configuration. * SQLAlchemy session scope issue fixed (related to `#38 <https://github.com/EclecticIQ/OpenTAXII/issues/38>`_). * `opentaxii-delete-blocks` CLI command added (related to `#45 <https://github.com/EclecticIQ/OpenTAXII/issues/45>`_). * `delete_content_blocks` method `added <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-6814849ac352b2b74132f8fa52e0ec4eR213>`_ to Persistence API. * Collection's name is `required <https://github.com/EclecticIQ/OpenTAXII/commit/dc6fddc27a98e8450c7e05e583b2bfb741f6e197#diff-ce3f7b939e5c540480ac655aef32c513R116>`_ to be unique in default SQL DB Auth API implementation. 0.1.5 (2016-03-15) ------------------ * Fix for the issue with persistence backend returning ``None`` instead of ``InboxMessage`` object 0.1.4 (2016-02-25) ------------------ * Hard-coded dependencies in ``setup.py`` removed. 0.1.3 (2016-02-25) ------------------ * Versions of dependencies are pinned. * Code adjusted for a new version of `anyconfig <https://pypi.python.org/pypi/anyconfig>`_ API. * Test for configuration loading added. 0.1.2 (2015-07-24) ------------------ * Docker configuration added. * Health check endpoint added. * Basic authentication support added. * Temporary workaround for `Issue #191 <https://github.com/TAXIIProject/libtaxii/issues/191>`_. * Method ``get_domain`` in Persistence API returns domain value configured for ``service_id``. If nothing returned, value set in configuration file will be used. * Performance optimisations. * Bug fixes and style improvements. 0.1.1 (2015-04-08) ------------------ * Alias for Root Logger added to logging configuration. * Context object in a request scope that holds account and token added. * Support for OPTIONS HTTP request to enable auto version negotiation added. * Documentation improved. 0.1.0 (2015-03-31) ------------------ * Initial release 2021-12-27T15:35:34+00:00 osquery 5.2.0 osquery 5.2.0 2021-12-29T02:28:52+00:00 Apple M1 Support! Release notes coming soon 2021-12-29T02:28:52+00:00 maltrail 0.41 maltrail 0.41 2021-12-31T23:11:06+00:00 Start-of-month release 2021-12-31T23:11:06+00:00 syncthing v1.18.6-rc.2 syncthing v1.18.6-rc.2 2022-01-04T08:25:40+00:00 Enhancements: - #8050: Display a warning when the ignore delete option is enabled - #8068: Request: show pending devices/folders in CLI 2022-01-04T08:25:40+00:00 pcileech v4.13 pcileech v4.13 2022-01-07T07:55:38+00:00 * Bug fixes. * Mount improvements: - Windows host file system support: Upgrade to [Dokany2](https://github.com/dokan-dev/dokany/releases) (NB! Dokany2 will have to be installed!). - Linux host file system support: FUSE support added. <br/>Example: `./pcileech mount /home/user/fusemnt/leechfs -kmd <your_kmd_address>` - Now possible to access other local drives than C: on Windows targets. * Visual Studio 2022 Support. 2022-01-07T07:55:38+00:00 DC3-MWCP 3.5.0 DC3-MWCP 3.5.0 2022-01-10T22:25:58+00:00 2022-01-10T22:25:58+00:00 osv v0.0.10 osv v0.0.10 2022-01-11T02:18:59+00:00 - Fix a version enumeration issue. 2022-01-11T02:18:59+00:00 syncthing v1.18.6 syncthing v1.18.6 2022-01-11T06:44:12+00:00 Enhancements: - #8050: Display a warning when the ignore delete option is enabled - #8068: Request: show pending devices/folders in CLI 2022-01-11T06:44:12+00:00 FIR python3.8 FIR python3.8 2022-01-11T10:24:38+00:00 2022-01-11T10:24:38+00:00 PyMOSP v0.4.3 PyMOSP v0.4.3 2022-01-12T11:21:48+00:00 ## Changes - [dependencies] Updated request and mypy. [Cédric Bonhomme] - Cosmethic changes. [Cédric Bonhomme] - Fixed conflict in AUTHORS.md file. [Cédric Bonhomme] - Minor changes in README file. [Cédric Bonhomme] ## Fix - [tests] fixed key name of the result. [Cédric Bonhomme] - Removed useless import and fixed duplicate value in mospobject.py. [Cédric Bonhomme] ## Other - Merge branch 'master' of github.com:CASES-LU/PyMOSP. [Cédric Bonhomme] - PEP 561 -- Distributing and Packaging Type Information. [Cédric Bonhomme] 2022-01-12T11:21:48+00:00 syncthing v1.19.0-rc.1 syncthing v1.19.0-rc.1 2022-01-18T13:01:41+00:00 Bugfixes: - #8103: API: /rest/system/connections has misleading "total" entries Enhancements: - #7428: Add ignore patterns to folder defaults - #8090: Allow specifying ports in --generate 2022-01-18T13:01:41+00:00 lynis 3.0.7 lynis 3.0.7 2022-01-18T13:28:06+00:00 ## Lynis 3.0.7 (2022-01-18) ### Added - MALW-3290 - Show status of malware components - OS detection for RHEL 6 and Funtoo Linux - Added service manager openrc ### Changed - DBS-1804 - Added alias for MariaDB - FINT-4316 - Support for newer Ubuntu versions - MALW-3280 - Added Trend Micro malware agent - NETW-3200 - Allow unknown number of spaces in modprobe blacklists - PKGS-7320 - Support for Garuda Linux and arch-audit - Several improvements for busybox shell - Russian translation of Lynis extended 2022-01-18T13:28:06+00:00 osquery 5.2.1 osquery 5.2.1 2022-01-18T18:47:56+00:00 yara bug fix 2022-01-18T18:47:56+00:00