SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python311-pymisp-2.4.170.2-110.2.noarch.rpm :

* Sat Aug 12 2023 Sebastian Wagner - update to version 2.4.170.2:- update to version 2.4.170.1: - Changes - Disable fail fast in GHA. - Fix - Update lief code to v0.13.- update to version 2.4.170: - Changes - Other - Add: support breakOnDuplicate option for attributes:add() - Update reportlab_generator.py.- update to version 2.4.169.3: - Changes - Fix - Invalid check if taxo is enabled.- update to version 2.4.169.2: - Changes - Include event reports by default in feed. - Fix - Use proper parameter to trigger the request in search_galaxy_clusters. - Use POST in search galaxy cluster. - Other - Rename include_event_reports kwarg to with_event_reports, in-line with other kwarg naming. - Add kwarg to allow the inclusion of event reports into to_feed(), honour with_distribution and valid_distributions kwargs.- update to version 2.4.169.1: - Changes - Add greynoise-ip object. Fix #951- update to version 2.4.169: - Changes - Bump templates. - Fix - Add local key in MISPTag. Related #947 - Use pytest for the tests.- update to version 2.4.168.1: - New - [doc] added the Jupyter notebook used in a.7-rest-api-extensive- restsearch. - Bump templates. - Fix - Properly handle missing parameter in CSV importer. Fix #931 - Undefined variable in event delegation. - Remove reference to old pydeep. Fix #914- update to version 2.4.168:- update to version 2.4.167.2: - Changes - Fix - Set relationship_type default in MISPTag to empty string.- update to version 2.4.167.1: - New - Add relationship_type in Tag entries for feeds. - Changes - Fix - Update whl files. - Nvm, readthedocs requires python 3.8 at most.- update to version 2.4.167: - Changes - Re-order classes. - Other - Creation fo \"add_attributes_from_csv.py\" The file aims to ingest a formated CSV file containing attributes for MISP ingestion. - Graceful handling of tagging when name attribute is missing. - Add: Galaxy test sample. - Add: Added very straight forward tests to make sure the galaxy clusters are properly defined. - Add: Added the `Galaxy` field to MISPAttribute using the MISPGalaxy class. - Including an `add_galaxy` method similar to the one used for events - `attribute.galaxies` gives the list of attached galaxy clusters
* Fri Jan 06 2023 Yogalakshmi Arunachalam
* Sat Dec 3 2022 Yogalakshmi Arunachalam - Update to version 2.4.166 (2022-11-28): New - Basic support for listing, enabling and disabling decaying models. - [tests] Test for local tags. Changes - Bump changelog. - Bump deps, version. - [types] added azure-application-id. - Bump deps. - Bump deps. - Bump deps. Fix - [describetypes] updated with the latest output from MISP. - [types] added missing type value.- Update to version v2.4.165.1 (2022-11-10) Changes - Bump changelog. - Bump deps. Fix - Properly bump version. Other - Update __init__.py. Regardless of running the latest PyMISP version, the message below is presented: ``` The version of PyMISP recommended by the MISP instance (2.4.165) is newer than the one you\'re using now (2.4.162.1). Please upgrade PyMISP. ```- Update to v2.4.165 (2022-11-09) Changes - Bump changelog. - Bump mypy. - Add links to doc. - Bump deps. Fix - Issue with EMailObject.
* Mon Sep 26 2022 Sebastian Wagner - update to version 2.4.162: - New - Pass arbitrary headers to a PyMISP request - Allow to force the timestamps in to_dict/to_json, even if a change was made - Changes - Add in sort/desc for sorting results and limit/page for pagination. - Improve documentation for add_attribute- update to version 2.4.160.1: - Fix - Make keepalive configuration linux only
* Tue Aug 09 2022 Sebastian Wagner - update to version 2.4.160: - New - Enable TCP keepalive. - Changes - Bump version, deps. - Improve warning on invalid template, bump deps. - Bump deps. - Make mypy happy. - Bump deps. - Bump deps. - Bump deps. - Add in test case. - Add ability to filter by sharing group for RestSearch for MISP >= v2.4.158. - Fix - Delete sharing group after deleting the event. - Give more time to MISP to publish the events before searching. - Improper json check on non-json responses. Fix #854 - Mark all attributes in a soft deleted object as soft deleted too. Bump misp-objects, deps. - Make flake8 happy. - Properly convert MSG to EML. - Update lock file. - [feed] fixes bug when template_uuid does not exist. - Other - Update api.py. - Fix typo in logging message. - Fig: [feed] fixes bugs during export with old data. - Update pyproject.toml. Add publicsuffixlist optional package for URL Object, which has a more current list than pyfaup - Fix multiple_space warning. - Option to include more URLObject attributes Add publicsuffixlist faup for URLObject Windows support URLObject with PSLFaup prefers IP to host/domain. - Ensure that keys are sorted in the returned `_to_feed()` dictionary. [Yun Zheng Hu] This allows for better deterministic feed output generation.- update to version 2.4.159: - New - [example:copyTagsFromAttributesToEvent] Added script to copy tags from attributes to the event level. - Changes - Bump version. - Bump deps. - Massive bump deps for python 3.7.
* Fri Mar 25 2022 Sebastian Wagner - update to version 2.4.157: - Changes - Bump changelog. - Bump version. - Bump deps, objects. - [tests] reverted. - [misp-objects] updated to the latest version. - [tests] subversion are supported. - Fix - [tests] check if the version is a substring as PyMISP might contain sub version.- update to version 2.4.155.1: - Changes - Bump changelog. - Bump required python version for doc. - Remove python 3.6 from metadata. - Fix - Incorrect call when requesting a new API key.
* Fri Mar 04 2022 Sebastian Wagner - - update to version 2.4.155.1: - Changes - Bump required python version for doc. - Remove python 3.6 from metadata. - Fix - Incorrect call when requesting a new API key.- update to version 2.4.155: - New - Get_new_authkey for a user. - [dep] Use pydeep2 instead of pydeep. [Jakub Onderka] - Changes - Re-bump changelog. - Bump version. - Bump changelog. - Bump misp-objects. - Bump deps. - Bump new minimal python version to 3.7. - Perl dependencies not longer required. [Jakub Onderka] - Simplify submodules checkout. [Jakub Onderka] - Use https for link to documentation. [Jakub Onderka] - Bump deps. - [misp-objects] updated to the latest version. - [FIPS] no clean way to support OpenSSL hashlib interface for FIPS. - [FIPS] falling back on older version of Python not having usedforsecurity. - [FIPS] in some cases, the `usedforsecurity` is not used. So fail if the FIPS compliance is required and then the `usedforsecurity` is disabled. - [feeds] FIPS: when MD5 hashes are generated for fast-lookup it\'s not for security. hashlib provides an option to tell if the hash is used for security or not. By default, it\'s set to True. For the feed cache generation, it\'s not. Then usedforsecurity=False - Bump deps. - Bump deps, objects. - Fix - Libfuzzy-dev is not longer required. [Jakub Onderka] - [mispevent] cannot type. - Make mypy happy. - Other - Create add_filetype_object_from_csv.py. [Félix Herrenschmidt] - Add feed option for local tag exclusion #817. [deku]- update to version 2.4.152: - Changes - Bump changelog. - Bump version. - Bump deps, object templates. - Bump objects templates. - Bump misp-objects. - Lief doesn\'t supports python 3.10. - Debug poetry install, freezes on the GHA. - Bump deps, use pytest. - [feed-generator] support for distribution and sharing groups. [Christophe Vandeplas] - Fix - Update live tests to support proper format of SGs. - [sharinggroups] Fixes wrong model for SharingGroupOrg. [Christophe Vandeplas] - [feed-generator] code style fixes. [Christophe Vandeplas] - [feed-generator] keeping function compatibility. [Christophe Vandeplas] - [feed-generator] fix missing except type. [Christophe Vandeplas]
* Wed Dec 22 2021 Sebastian Wagner - - update to version 2.4.152: - Changes - Bump version. - Bump deps, object templates. - Bump objects templates. - Bump misp-objects. - Lief doesn\'t supports python 3.10. - Debug poetry install, freezes on the GHA. - Bump deps, use pytest. - [feed-generator] support for distribution and sharing groups. [Christophe Vandeplas] - Fix - Update live tests to support proper format of SGs. - [sharinggroups] Fixes wrong model for SharingGroupOrg. [Christophe Vandeplas] - [feed-generator] code style fixes. [Christophe Vandeplas] - [feed-generator] keeping function compatibility. [Christophe Vandeplas] - [feed-generator] fix missing except type. [Christophe Vandeplas]- update to version 2.4.151: - New - Add Blind Carbon Copy (bcc) headers. [Sami Tainio] - Changes - Bump changelog. - Bump version. - Bump misp-objects. - [feed-generator] Make the feature to exlude attribute type more generic. [Sami Mokaddem] - [feed-generator] Added exclude malware samples option. [Sami Mokaddem] - Bump deps, chardet is required by pyfaup. - Removed a whitespace. [Sami Tainio] - Keep strict and generate attributes when needed. - Slight changes regarding timezones. - Bump deps. - Unified constructors. [Thomas Dupuy] - Slight changes regarding timezones. - Bump deps. - [types] remove the duplicate. - [describeTypes] remove duplicate filename-pattern. [Alexandre Dulaunoy] - [misp-objects] updated. - [misp-objects] updated to the latest version. - Bump many dependencies. - Add in test case for get_sharing_group and validate orgs are present. - Improve sharing groups, bring back organsations included and ability to get specific SG. - Add in test case for searching against orgs and users. - Add ability to search against orgs and users by freetext search (both) or organisation (users) - [test] Check if all category types exists. [Jakub Onderka] - Bump changelog. - [py] Typo. [Steve Clement] - [describeTypes] updated to include ssh-fingerprint. [Alexandre Dulaunoy] - Fix - [feed-generator] Revert back the event initial search to use the index endpoint instead of RestSearch. [Sami Mokaddem] Relying on RestSearch was offering more flexibility than index in terms of filtering options, however, it might introduce a significant overhead potentially leading to timeout. - PyMISP.get_user_setting method. [Jakub Onderka] - [tests] Remove debug prints. [Jakub Onderka] - Fix final nosetest. - Fix nosetests. - [types] Update types to use `filename-pattern` type. [Jakub Onderka] - [test] Remove debug print. [Jakub Onderka] - [test] Correct error messages for blocked event. [Jakub Onderka] - Missing import in __init__ Fix #796 - [tests] Fixed stix test. [chrisr3d] - [py] Typo. [Steve Clement] - Other - Update README.md.
* Tue Dec 14 2021 pgajdosAATTsuse.com- pytest-runner is not required for build
* Sat Nov 20 2021 Sebastian Wagner - - update to version 2.4.151: - New - Add Blind Carbon Copy (bcc) headers. [Sami Tainio] - Changes - Bump version. - Bump misp-objects. - [feed-generator] Make the feature to exlude attribute type more generic. [Sami Mokaddem] - [feed-generator] Added exclude malware samples option. [Sami Mokaddem] - Bump deps, chardet is required by pyfaup. - Removed a whitespace. [Sami Tainio] - Keep strict and generate attributes when needed. - Slight changes regarding timezones. - Bump deps. - Unified constructors. [Thomas Dupuy] - Slight changes regarding timezones. - Bump deps. - [types] remove the duplicate. - [describeTypes] remove duplicate filename-pattern. [Alexandre Dulaunoy] - [misp-objects] updated. - [misp-objects] updated to the latest version. - Bump many dependencies. - Add in test case for get_sharing_group and validate orgs are present. - Improve sharing groups, bring back organsations included and ability to get specific SG. - Add in test case for searching against orgs and users. - Add ability to search against orgs and users by freetext search (both) or organisation (users) - [test] Check if all category types exists. [Jakub Onderka] - Bump changelog. - [py] Typo. [Steve Clement] - [describeTypes] updated to include ssh-fingerprint. [Alexandre Dulaunoy] - Fix - [feed-generator] Revert back the event initial search to use the index endpoint instead of RestSearch. [Sami Mokaddem] Relying on RestSearch was offering more flexibility than index in terms of filtering options, however, it might introduce a significant overhead potentially leading to timeout. - PyMISP.get_user_setting method. [Jakub Onderka] - [tests] Remove debug prints. [Jakub Onderka] - Fix final nosetest. - Fix nosetests. - [types] Update types to use `filename-pattern` type. [Jakub Onderka] - [test] Remove debug print. [Jakub Onderka] - [test] Correct error messages for blocked event. [Jakub Onderka] - Missing import in __init__ Fix #796 - [tests] Fixed stix test. [chrisr3d] - [py] Typo. [Steve Clement] - Other - Update README.md.
* Sat Oct 02 2021 Sebastian Wagner - update to version 2.4.148.1: - New - Add few keys to email object creator. Fix #787 - Test cases for edit objects and upload stix. - Changes - Bump misp-objects. - Bump version. - Bump deps. - [doc] Minor fixes, note and typo. [Steve Clement] - Bump deps. - [misp-objects] updated to the latest version. - [misp-objects] updated to the latest version. - Update tutorial for custom objects. - Bump deps. - Bump live tests. - [misp-objects] updated to the latest version. - [types] updated types/categories mapping. [Christophe Vandeplas] - Remove test files. - Automatically pull the malwares repo when running tests/testlive_comprehensive.py. - Remove submodules with malware. - Add test for updating a objects from a custom template. [Raphaël Vinot] - Re-bump changelog. - Fix - Message_from_bytes really dislikes newline at the beginning of a mail. - Skip IPs in Received header. - Name is passed to super. - Do not create empty manifest, json load dislikes it. - Initial round of cleanup on redis feed generator. - Upload of STIX document with non-ascii characters. Due to: https://github.com/psf/requests/issues/5560 TL;DR: a variable of type str passed to data in a POST request will be silently re-encoded to ISO-8859-1, making MISP barf on the other side. - Remove outdated deps from setup.py. Fix https://github.com/MISP/MISP/issues/7729 - Other - Update README.md. Not using travis anymore.
* Wed Sep 01 2021 Sebastian Wagner - remove executable permissions on example files.
* Sun Aug 08 2021 Sebastian Wagner - update to version 2.4.148: - New - Method `sharing_group_exists` [Jakub Onderka] - Method `update_sharing_group` [Jakub Onderka] - Save one REST call when initialize PyMISP class. [Jakub Onderka] - Method `organisation_exists` [Jakub Onderka] - Method `sharing_group_exists` [Jakub Onderka] - Method `update_sharing_group` [Jakub Onderka] - `to_dict` method supports `json_format` parameter. [Jakub Onderka] - Method `organisation_exists` [Jakub Onderka] - Method `sharing_group_exists` [Jakub Onderka] - Method `update_sharing_group` [Jakub Onderka] - Save one REST call when initialize PyMISP class. [Jakub Onderka] - Method `organisation_exists` [Jakub Onderka] - Method `sharing_group_exists` [Jakub Onderka] - Method `update_sharing_group` [Jakub Onderka] - Exclude decayed attributes in search. Fix #753 - Changes - Bump objects template. - Bump changelog. - Bump version. - Remove duplicates tests. - [testlive_comprehensive] correct path to access sharing group releasability after edit. - Properly validate update_sharing_group without pythonify. [Raphaël Vinot] - Bump missing dep. - Bump deps. - [testlive_comprehensive] correct path to access sharing group releasability after edit. - [authkey test] removed from testlive_comprehensive. - the default now enables advanced authkeys making the retriaval of keys impossible after the user creation - Do not load schema for event when not necessary. [Jakub Onderka] - Bump deps. - `get_taxonomy` supports namespace. [Jakub Onderka] - Properly validate update_sharing_group without pythonify. [Raphaël Vinot] - Bump missing dep. - Bump deps. - [testlive_comprehensive] correct path to access sharing group releasability after edit. - [authkey test] removed from testlive_comprehensive. - the default now enables advanced authkeys making the retriaval of keys impossible after the user creation - Do not load schema for event when not necessary. [Jakub Onderka] - Bump deps. - `get_taxonomy` supports namespace. [Jakub Onderka] - Properly validate update_sharing_group without pythonify. [Raphaël Vinot] - Bump missing dep. - Bump deps. - [testlive_comprehensive] correct path to access sharing group releasability after edit. - [authkey test] removed from testlive_comprehensive. - the default now enables advanced authkeys making the retriaval of keys impossible after the user creation - Do not load schema for event when not necessary. [Jakub Onderka] - Bump deps. - `get_taxonomy` supports namespace. [Jakub Onderka] - Update mypy, change accordingly. - Fix - Typo in key name. - [test] test_sharing_groups. [Jakub Onderka] - [test] test_sharing_groups again. [Jakub Onderka] - [test] test_sharing_groups. [Jakub Onderka] - Typo in key name. - [test] test_sharing_groups again. [Jakub Onderka] - [test] test_sharing_groups. [Jakub Onderka] - [test] test_sharing_groups again. [Jakub Onderka] - [test] test_sharing_groups. [Jakub Onderka] - Flake8 stuff. - Revert rename, fix mypy. - Properly handle the case MISP is in a sub redirect. Fix #757 - Other - Revert \"chg: Remove legacy stix converter.\" This reverts commit 94ce4a367bbde9284a6f29e6e6152c91de386879. - breaks misp-stix converter, reverting it for now, let\'s find a way to deprecate this without outright removing it - Revert \"chg: Remove legacy stix converter.\" This reverts commit 94ce4a367bbde9284a6f29e6e6152c91de386879. - breaks misp-stix converter, reverting it for now, let\'s find a way to deprecate this without outright removing it - Revert \"chg: Remove legacy stix converter.\" This reverts commit 94ce4a367bbde9284a6f29e6e6152c91de386879. - breaks misp-stix converter, reverting it for now, let\'s find a way to deprecate this without outright removing it
* Sat Jul 03 2021 Sebastian Wagner - update to version 2.4.144: - Changes - Bump version. - Bump object templates. - Bump deps. - Bump deps. - Bump deps. - Other - Fix misp API response content parsing. [Silvian I]
* Fri May 14 2021 Sebastian Wagner - update to version 2.4.143: - New - Method to get the raw object template. - Changes - Bump version, deps. - Bump deps. - Bump objects templates. - Fix - First-seen and last-seen on attributes and objects were not checked for sanity. - Remove search_all example, use search instead.
* Thu Apr 29 2021 Sebastian Wagner - update to version 2.4.142: - New - Support for correlation exclusion list. Fix #732 - Changes - Bump version. - Bump deps. - Fix test suite. - Bump objects templates. - Bump deps. - Bump deps. - Add comment for controller attribute in search. - Fix - Enable/disable feeds. - Mistake in mypy config. - Exclude data from mypy.- update to version 2.4.141.1: - Changes - Bump changelog. - Re-bump changelog. - Bump version. - Other - Fix bump version, deps, templates. - Update README.md.
* Tue Apr 06 2021 Sebastian Wagner - update to version 2.4.141.1: - Changes - Re-bump changelog. - Bump version. - Other - Fix bump version, deps, templates. - Update README.md.- update to version 2.4.141: - Changes - Bump changelog. - Bump deps. - Get_uuid_or_id_from_abstract_misp accepts dict. - Remove references to ExpandedPyMISP. Fix #721 - Follow best practices and remove the logging handler. - Strip NULL string from value. https://github.com/MISP/PyMISP/issues/678 - Bump deps. - Raise exception on missing template in CSVLoader. - Bump templates. - Re-bump objects. - Bump object templates. - Add test case, fix mypy. - Take simple_value as value in MISPObject.add_attribute. [Raphaël Vinot] - Fix - Use get_uuid_or_id_from_abstract_misp in tag methods. Fix #725 - Skip nameless sections in ELF. - Make reportlab tests optional if missing dep. - Enable taxonomy failed if global pythonify is on. - Properly pass content-type. - Re-enable support for uploading STIX 1 documents. Fix #711- update to version 2.4.140: - New - Soft delete object in MISPEvent. Fix #706 - Add in ability to add a new cluster relation. - MISP Galaxy 2.0 capability. - Soft delete object in MISPEvent. Fix #706 - Changes - Bump changelog. - Bump version. - Bump object templates. - Bump deps. - [describetypes] updated. - Bump objects templates. - Bump deps. - Bump tests for galaxy cluster. - Improve Pydoc on search method\'s timestamp parameter. Fix #708 - Bump poetry file. - Bump deps. - [data] describeTypes updated. - Add deprecation warning for Python < 3.8. - Bump deps. - Bump deps. - Don\'t parse the meta key into cluster elements on a MISPEvent, but allow users to manually perform this action. - Add in nosetests for MISP Galaxy functions, check default key as a dict attribute not MISPAbstract attribute. - Add in more Galaxy 2.0 functions and code cleanup. - Add in add_cluster function and ability to search clusters within a galaxy. - Remove legacy stix converter. - Improve Pydoc on search method\'s timestamp parameter. Fix #708 - Bump poetry file. - Bump deps. - [data] describeTypes updated. - Add deprecation warning for Python < 3.8. - Bump deps. - Bump deps. - Fix - Typo in tests. - Make mypy happy in python 3.6 and 3.7. - Cosmetic changes, fix mypy. - Support text search again. Fix #705 - Do not add the serial-number twice. - Skip PE section if name is none AND size is 0. - Urllib3.__version__ may not have a patch number. fix https://github.com/MISP/PyMISP/issues/698 - Fix mispevent edit test by including default and distribution keys on a GalaxyCluster. - Support text search again. Fix #705 - Do not add the serial-number twice. - Skip PE section if name is none AND size is 0. - Urllib3.__version__ may not have a patch number. fix https://github.com/MISP/PyMISP/issues/698 - Other - Removed unused import. [Nick] - Supress ssl warnings. [Nick] - Re-added error checking for defaults. [Nick] - Deleted all references to org as it\'s unneeded. [Nick] - Re-added brackets. [Nick] - Multiple updates to proofpoint example. [Nick] - Added additionally necessary keys to keys.py.example - Added error check for unset keys - Used built-in HTTP Basic Auth for requests instead of manually-created header - Removed setting of orgc as that\'s pulled from the MISP key being used - - Removed cast of str to str. [Nick] - Added check for invalid creds. [Nick] Without the added check, the script will error out on line 29 since the key doesn\'t exist in the dict. This at least gives a reason. - Removed unused import. [Nick] - Supress ssl warnings. [Nick] - Re-added error checking for defaults. [Nick] - Deleted all references to org as it\'s unneeded. [Nick] - Re-added brackets. [Nick] - Multiple updates to proofpoint example. [Nick] - Added additionally necessary keys to keys.py.example - Added error check for unset keys - Used built-in HTTP Basic Auth for requests instead of manually-created header - Removed setting of orgc as that\'s pulled from the MISP key being used - - Removed cast of str to str. [Nick] - Added check for invalid creds. [Nick] Without the added check, the script will error out on line 29 since the key doesn\'t exist in the dict. This at least gives a reason.
* Sat Feb 20 2021 Sebastian Wagner - Add a rpmlintrc file to ignore warning about an empty file in the examples of the documentation- update to version 2.4.138: - Changes - Bump version. - Bump deps.- update to version 2.4.137.4: - Changes - Bump changelog. - Bump version. - Bump objects. - Add kw_params to tags. - Bump objects. - Bump template ID in test case.- update to version 2.4.137.3: - Changes - Bump version. - Bump changelog. - Bump objects. - Fix and improve optional dependencies. - Make brotli optional.- update to version 2.4.137.2: - New - Add in ability to create/update/delete MISP Event Reports. - Hard delete flag for objects. - Fail if a duplicate object is added to an event. - Support brotli compression. [Jakub Onderka] - Hard delete flag for objects. - Fail if a duplicate object is added to an event. - Add in ability to create/update/delete MISP Event Reports. - Add in ability to create/update/delete MISP Event Reports. - Hard delete flag for objects. - Changes - Bump changelog. - Bump version. - Add brotli support in the dependencies. - Make mypy happy. - Make clear that to_json returns str. - Disable correlation on malware-sample for FileObject. - Bump objects templates. - Add missing autodoc. fix #693 - Add in delete function for a MISP Object. - Fix return of delete_event_report. - Remove critical warning if lief is not installed. Fix https://github.com/MISP/MISP/issues/6908 - Bump deps. - Allow response of delete to be pythonify, add in nosetest. - Add ability to get event reports from the Event ID. - Remove travis file, GH Actions is better. - Bump deps. - Remove critical warning if lief is not installed. Fix https://github.com/MISP/MISP/issues/6908 - Add test case fir add_attribute and enforceWarninglist=True. [Raphaël Vinot] - Add testcase with breakOnDuplicate in a MISPObject. - Bump changelog. - Bump version. - Add test case for page/limit in logs search. - Bump deps. - Improve docstring for get_event. fix #686 - Bump changelog. - Bump version. - Show size when the json is not loadable. - Add authenticode support in generate_file_objects. - Use lief 0.11.0, generate authenticode entries. - Bump objects. - Bump deps, add 3.9 in GH. - Bump deps. - Bump deps, objects templates. - Make clear that to_json returns str. - Disable correlation on malware-sample for FileObject. - Bump objects templates. - Bump deps. - Add missing autodoc. fix #693 - Add in delete function for a MISP Object. - Bump deps. - Fix return of delete_event_report. - Remove travis file, GH Actions is better. - Bump deps. - Remove critical warning if lief is not installed. Fix https://github.com/MISP/MISP/issues/6908 - Add test case fir add_attribute and enforceWarninglist=True. [Raphaël Vinot] - Add testcase with breakOnDuplicate in a MISPObject. - Bump changelog. - Bump version. - Add test case for page/limit in logs search. - Bump deps. - Improve docstring for get_event. fix #686 - Bump changelog. - Bump version. - Show size when the json is not loadable. - Add authenticode support in generate_file_objects. - Use lief 0.11.0, generate authenticode entries. - Bump objects. - Bump deps, add 3.9 in GH. - Bump deps. - Bump deps, objects templates. - Allow response of delete to be pythonify, add in nosetest. - Add ability to get event reports from the Event ID. - Remove travis file, GH Actions is better. - Bump deps. - Remove critical warning if lief is not installed. Fix https://github.com/MISP/MISP/issues/6908 - Add test case fir add_attribute and enforceWarninglist=True. [Raphaël Vinot] - Add testcase with breakOnDuplicate in a MISPObject. - Fix - Flake error. - Update testlive accordingly. - Better warning if lief is outdated. - Call the AbstractMISP.from_dict at the end of the function to ensure the edited flag remains false. - Better warning if lief is outdated. - Update minimal dependency for lief in setup.py. - [dev mode only] force older jedi to avoid ipython exception. [Raphaël Vinot] - Add python 3.9 in GH Actions. - Update testlive accordingly. - Better warning if lief is outdated. - Update minimal dependency for lief in setup.py. - [dev mode only] force older jedi to avoid ipython exception. [Raphaël Vinot] - Add python 3.9 in GH Actions. - Call the AbstractMISP.from_dict at the end of the function to ensure the edited flag remains false.- update to version 2.4.137.1: - New - Fail if a duplicate object is added to an event. - Changes - Bump changelog. - Bump version. - Add test case for page/limit in logs search. - Bump deps. - Improve docstring for get_event. fix #686 - Bump changelog. - Fix - Better warning if lief is outdated. - Update minimal dependency for lief in setup.py.- update to version 2.4.137: - New - Allow to pass an object template to MISPObject.__init__ [Raphaël Vinot] MISPObject part of #6670 - Changes - Bump version. - Show size when the json is not loadable. - Add authenticode support in generate_file_objects. - Use lief 0.11.0, generate authenticode entries. - Bump objects. - Bump deps, add 3.9 in GH. - Bump deps. - Bump deps, objects templates. - Add controller argument to get_csv script. - [test] file object template are now 24. - [test] file object template is now at version 24. - [misp-objects] updated. - [type] favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan. - [misp-objects] updated to the latest version. - Clarify misp_objects_template_custom. - Add docstring for misp_objects_template_custom. - Trigger GH actions on PR. - Improve documentation of MISPAttribute.malware_binary. - Remove trailing space. - On-demand decryption of malware-binary, speeds up pythonify. [Raphaël Vinot] - Force a few packages versions. - Fix - [dev mode only] force older jedi to avoid ipython exception. [Raphaël Vinot] - Add python 3.9 in GH Actions. - Do not fail if extract_msg is missing. - Properly decode the body depending on the encoding of the email. Fix #671 - Properly match IO in load event. - Typing on recent mypy. - Typing edge case. - Add attribute dict as proposal. - Other - Noticed that test data mail_5.msg was malformatted. Replaced with working test msg. [seamus tuohy] - Updated emailobject. [seamus tuohy] Email object no longer requires extra php libraries for install. Tests have been expanded to improve coverage. RTF encapsulated HTML and Plain Text will now be de-encapsulated. The raw MSG binary will now be included in the extracted email object. - Adding check if \"from\" is in the \"received\" header row. [nighttardis] - Update `vmray_automation` to stay compatible with the changes made to `vmray_import` MISP modules. [Jens Thom] - Update mispevent.py.- update to version 2.4.135.3: - Changes - Bump changelog. - Bump version. - Improve typing. - Improve add_attribute with a list. - Fix - Do not fail on PyMISP import when mail-parser is not present. [Raphaël Vinot]- update to version 2.4.135.2: - New - Add Github workflow. - Changes - Bump changelog. - Bump version. - Improve error message if a type in missing. - [type] process-state added. - Bump misp-objects. - [misp-objects] updated. - Add path to CSV sample files. - [types] jarm-fingerprint added. - Fix - Remove python 3.9 from action (lief not supported yet) - Initialize submodules in gh action. - Make mail-parser really optional.- update to version 2.4.135.1: - Changes - Bump changelog. - Bump version, travis install. - Make mail-parser an optional dependency.
* Wed Nov 25 2020 Sebastian Wagner - update to version 2.4.135.3: - Changes - Bump version. - Improve typing. - Improve add_attribute with a list. - Fix - Do not fail on PyMISP import when mail-parser is not present. [Raphaël Vinot]- update to version 2.4.135.2: - New - Add Github workflow. - Changes - Bump changelog. - Bump version. - Improve error message if a type in missing. - [type] process-state added. - Bump misp-objects. - [misp-objects] updated. - Add path to CSV sample files. - [types] jarm-fingerprint added. - Fix - Remove python 3.9 from action (lief not supported yet) - Initialize submodules in gh action. - Make mail-parser really optional.- update to version 2.4.135.1: - Changes - Bump changelog. - Bump version, travis install. - Make mail-parser an optional dependency.- update to version 2.4.135: - New - Test parsing just email header. [Jakub Onderka] - Test parsing outlook message format. [Jakub Onderka] - Add tests for EmailObject. [Jakub Onderka] - Refactored emailobject generator. [Jakub Onderka] - Export display name from email. [Jakub Onderka] - Parse date from email. [Jakub Onderka] - Method to check attribute and object existence. [Jakub Onderka] - Allow to get just event metadata after add_event and edit_event. [Jakub Onderka] - Method to check event existence. [Jakub Onderka] - Add method to search for tags. fix #648 - Changes - Bump changelog. - Bump version. - Bump deps. - Add search info field with \"\\\" - Improve documentation of search_index. - Improve error handling for Outlook emails. - Bump object templates. - Bump dependencies. - Update gitignore. fix #613 - Do not split a string into a list in complex query builder. [Raphaël Vinot] fix #597 - Force enable debug in test, test update tags. - Use REST search for the tags. Related to comments on a1326f2cf2bcfd6e285188e0661b12076fe92747 - Add typing meta. - Fix - [emailobject] Correctly parse multiple addresses. [Jakub Onderka] - Test suite for exists calls. - Path for event creating and editing. [Jakub Onderka] - Object_uuid could be None. Fix #640 - Last_seen has to be after first_seen, and it should habe been failing before. - Missing f-string marker. - Fix: Docstring improvment based on AATTchrisinmtown\'s feedback. [Raphaël Vinot] - Other - We can now upload stix object directly. File is not necessary. [Remy Dewailly] - We can now upload stix object directly. File is not necessary. [Remy Dewailly]
* Mon Nov 02 2020 Sebastian Wagner - update to version 2.4.134: - Changes - Bump version. - Bump misp-objects. - Keep connection alive between requests. [Jakub Onderka] - Bump deps. - Format docstrings in mispevent.py. [Lott, Christopher (cl778h)] Add \":param \" prefix to parameters to improve ReadTheDocs output. Fix some minor typos in docstrings. - Bump deps. - Bump deps. - Bump changelog. - Fix - Remove duplicate check if debug logging is enabled. [Jakub Onderka] - Do now fail on requests returning plain text. Fix #639 - Other - Revert \"Update .travis.yml\" lief isn\'t compatible with python 3.9 This reverts commit e10843fa33c9a08b7da4ef24cbce457be53a7459. - Update .travis.yml. Add python 3.9 - Drop `encoding=` in Python 3.9. [Friedrich Lindenberg]
* Sun Nov 01 2020 Sebastian Wagner - update to version 2.4.133: - New - [attribute type] telfhash added. - [add_gitlab_user] new gitlab user fetch script to MISP object. usage: add_gitlab_user.py [-h] -e EVENT [-f] -u USERNAME [-l LINK] Fetch GitLab user details and add it in object in MISP optional arguments: - h, --help show this help message and exit - e EVENT, --event EVENT Event ID to update - f, --force-template-update - u USERNAME, --username USERNAME GitLab username to add - l LINK, --link LINK Url to access the GitLab instance, Default is www.gitlab.com. - [example] add_github_user example - WiP. usage: add_github_user.py [-h] -e EVENT [-f] -u USERNAME Fetch GitHub user details and add it in object in MISP optional arguments: - h, --help show this help message and exit - e EVENT, --event EVENT Event ID to update - f, --force-template-update - u USERNAME, --username USERNAME GitHub username to add - Method to get the new version of the templates. - Delete tags via update_attribute, search by sharing group. - Changes - Bump version. - Bump test cases. - [type] updated. - Bump file obj version in tests. - [data] misp-objects updated. - Bump build system to poetry 1.1. - [type] new type added. - [add_github_user] add ssh keys of the user in the MISP object. - [add_github_user] more fields added from the GitHub API. [Alexandre Dulaunoy] - Bump deps, objects. - Add test for delete=True in get_event. - [add_github_user] add following to the MISP object. [Alexandre Dulaunoy] - Bump dependencies. - Pass a list to add_attributes. - Use MISPObject instead of GenericObjectGenerator. - [doc] add a reference to the license. - Add docstrings and extend conf.py for RTD. [Lott, Christopher (cl778h)] Add minimal docstrings to public methods so ReadTheDocs will display them. Add autodoc mock import for lief so RTD can generate HTML for tools. This fixes issue #626 - Remove PyMISPExpanded from the docs. - Add comments to ELF, PE, and MachO object generators. - Improve error message, add comments, rename whitelist->allowedlist. - Remove SG search for search() func as this doesn\'t support SG searching, but the index does. - Fix - Test on macosx. Fix #630 - Do not modify default_attributes_parameters in MISPObject. [Raphaël Vinot] - Wrong call to pymisp.search_index. - Few outdated calls in the tutorial. - Make flake8 happy. - Merge SG params to allow search. - Other - Fix PyMISP repo URL. [garanews] MISP/PyMISP vs CIRCL/PyMISP - Fix typo. [garanews] fix typo - Attempt to decode utf-8-sig encoded emails. [seamus tuohy] eml files downloaded from Windows Online security on some Windows 11 systems are automatically encoded in UTF with a byte order mark (BOM) at the front of the file. This will cause the email parser to fail. This is a somewhat isolated problem. It only will affects a small subset of Windows users who download and re-upload eml files. But, this small subset of users is the target user-base for the MISP email module: low expertiese users who wish to quickly share high-value indicators on an ad-hoc basis. While this fix could be tacked onto the MISP email module instead of here, I beleive that this fix is more appropriate in the PyMISP object code. As the \"email\" object parser this object should be built to parse all manner of emails that it may encounter. This includes common malformations such as this one and, even horrors such as, the .msg format. This commit adds a generically named \"attempt_decoding\" function which can be expanded to address all manner of sins that are encountered in the future.- update to version 2.4.131: - New - [test] Validate tag removal. - [describeTypes] sha3 added. - Changes - Bump changelog. - Bump version. - Bump objects. - [describeTypes] updated. - [describeTypes] updated. - Bump objects. - Bump dependencies. - Bump file template version. - Bump objects. - Rename blacklist -> blocklist. - Bump dependencies.- update to version 2.4.130: - New - Blacklist methods. - Add list of missing calls. - Add test_obj_references_export. [louis] - Add MISPObject.standalone property. [louis] Setting MISPObject.standalone updates MISPObject._standalone and add/removes \"ObjectReference\" from AbstractMISP.__not_jsonable using update_not_jsonable/_remove_from_not_jsonable. - Add AbstractMISP._remove_from_not_jsonable. [louis] - Changes - Bump changelog. - Bump version. - Bump dependencies. - Bump objects. - Bump types. - [testlive_comprehensive] Updated generic tagging method to match changes in MISP. [mokaddem] - Cleanup blocklist methods. - Remove outdated example. Fix #611 - New test_get_non_exists_event. [Jakub Onderka] - Bump dependencies. - Enable more tests. - Make get_object return a not standalone object. [louis] - Remove standalone default value from MISPObject children c\'tor. [louis] MISPObject.__init__ sets standalone=True by default, so there is no need to do it in its child classes. - Make MISPObject standalone by default. [louis] standalone defaults to True in MISPObject.__init__, and is set to False when the object is added to an event. - Add MISPObject._standalone type. [louis] - Fix - Bump file template version. - Test_get_non_exists_event. [Jakub Onderka] - IP removed from the public DNS list. - Example using deprecated calls. fix #602 - Add STIX XML output for the search. Use stix-xml as return_format. Fix #600 https://github.com/MISP/MISP/issues/5618 - Dummy event example. Fix #598 - Other - Exclude section correlation .rsrc and zero-filled. [deku] - Linting/Add missing whitespace. [Paal Braathen] - Remove explicit loglevel checking. [Paal Braathen] - Remove explicit traceback printing. [Paal Braathen] - Master branch has been renamed to main. [Arcuri Davide] - Update README.md. fix: #599
* Sat Jul 04 2020 Sebastian Wagner - update to version 2.4.128: - Changes - Bump changelog. - Bump version. - Add a few test cases. - Bump objects.- update to version 2.4.127.1: - New - Optionally include deleted attributes/objects in feed. - Changes - Bump changelog. - Bump version. - Bump misp-objects. - Add test case for get event deleted. - Add test case for search deleted. - Update comments for search. - Fix - Keep deleted key in MISPObject and MISPObjectAttribute. [Raphaël Vinot]- update to version 2.4.127: - New - Add helper and test case for GitVulnFinderObject. - Add git-commit-id type. - Add deleted in field export. Fix #586 - Timeout for connection/request, fixes #584. [Christophe Vandeplas] - Changes - Bump Changelog. - Rename master -> main. - Bump changelog. - Bump version. - Bump misp-objects. - Bump dependencies. - Rename branches master -> main. - Remove extra parameter in change_user_password. - Fix - Do not fail if the attribute value is not a string. - Properly strip value in MISPObject.add_attribute, take 2. [Raphaël Vinot] Fix #546 - Properly strip value in MISPObject.add_attribute. Fix #546 - Deleted is not always required in the feed export. - Make mypy happy. - Fixes bug in timeout change. [Christophe Vandeplas] - Fixes bug in timeout change. [Christophe Vandeplas] - Fixes bug in timeout change. [Christophe Vandeplas] - Fixes bug in timeout change. [Christophe Vandeplas] - Fixes bug in timeout change. [Christophe Vandeplas] hail to Rafiot - Fixes bug in timeout change. [Christophe Vandeplas] - Fixes bug in timeout change. [Christophe Vandeplas] - Other - Previously file object was reporting the libmagic description of a file instead of the mimetype. According to [MISP DataModels](https://www.misp-project.org/datamodels/#types) ``` mime- type: A media type (also MIME type and content type) is a two-part identifier for file formats and format contents transmitted on the Internet ``` more precisely defined in [RFC2045](https://tools.ietf.org/html/rfc2045) and others. [Troy Ross] The description returned by libmagic is more useful than the generic mime-type, but I did not find a place to put the description in the current data model. - Fix end of line encoding of examples/cytomic_orion.py. [Sebastian Wagner]
* Thu May 21 2020 Sebastian Wagner - update to version 2.4.126: - New - Test search with timestamp. - Add testcase for updating partial event. - Add pyfaup as optional dependency. - [dev] add microblog object tool. [VVX7] - Very simple test case for rest search on objects. - Self registration, object level search (initial) - [dev] add flag to get extended misp event. [VVX7] - [dev] add flag to get extended misp event. [VVX7] - Changes - Bump version. - Bump misp-object. - Bump dependencies. - Add test for feed partial update. - Strip empty parameters in build_complex_query. Fix #577 - Simplify delete_attribute. - Bump travis install. - Add comment in microblog object. - Bump dependencies. - [dev] clean up how keys are accessed in self._parameters. [VVX7] - [dev] use isinstance() type check. [VVX7] - [dev] fix abstract generator import. add logger. [VVX7] - [dev] change type() == list. [VVX7] - Bump misp-objects. - Bump dependencies. - [dev] remove duplicate line. [VVX7] - [dev] add extend_event() test. chg typo in get_event() [VVX7] - Re-Bump CHANGELOG. - Fix - Settings is not required in MISPFeed. - Properly skip timestamp in __iter__ when needed. - Catch exception when liblua-5.3 is not present. - Make flake8 happy. - Properly load feeds, fix undefined variable. - Make flake8 happy. - Remove extra print. - Typo, add test for extended event. - Other - Update docstring in api.py. [Bernhard E. Reiter]
* remove typo in ssl parameter docstring.
* Add hint that other certs (which are not in the default CAs, but also are not self signed in a strict sense) can also use the CA_BUNDLE function of the ssl parameter.
* Sun May 03 2020 Sebastian Wagner - update to version 2.4.125: - New - Extended option on get event. Related to #567 - Changes - Bump objects, deps. - Bump dependencies. - Remove old suricata script, keep reference to old code. [Raphaël Vinot] - Fix - Enable autoalert on admin user. - [abstract] Forces file to be read with utf8 encoding. [mokaddem] - Properly handle timezone in tests. - Other - Update up.py. Fix #563 - Fixed __query_virustotal return type. [DocArmoryTech] __query_virustotal returned a Response object and not the json expected; modified so that report_json is returned instead of report.
* Mon Apr 20 2020 Tomáš Chvátal - Remove the py2 packages as the package is set to build only on python3
* Fri Apr 03 2020 Sebastian Wagner - update to version 2.4.124: - Changes - Bump version. - Bump dependencies. - Bump misp-objects. - Add option to aggregare by country. - [CSSE COVID] Publish the event immediately. - Add changelog and readme in the package. - Bump version in pyproject. - Fix - Strip every string in AbstractMISP. fix #546 - Incorrect expectation of attribute value to be a str - take 2. Related #553 - Incorrect expectation of attribute value to be a str. Fix #553 - Other - Dos2unix examples/stats_report.py. [Sebastian Wagner] - Cytomic Orion API access. [Koen Van Impe] - Add organisations from CSV. [Koen Van Impe] - Minor updates to vmray_automation for travis. [Koen Van Impe] - VMRay Automation with ExpandedPyMISP. [Koen Van Impe]
* Tue Mar 17 2020 Sebastian Wagner - set UTF-8 encoding for test, fixes Leap 15.1 buildc
* Sun Mar 15 2020 Sebastian Wagner - change source URL to github, as the pypi archive misses some files.- add misp-objects source as github archive misses it.- update to version 2.4.123: - New - Add import script for dxy data. - Csse covid19 daily report importer. - Changes - Bump version. - Bump changelog. - Bump dependencies. - Bump misp-objects. - JSON files are UTF8. Bump dev deps, update comment - Add tag, set distribution, add file and source (CSSE importer) - Bump misp-objects.- update to version 2.4.122: - New - Add uuid by default in MISPEvent, add F/L seen in feed output. - Admin script to setup a sync server. - Add feed generation example in notebook. - Changes - Bump changelog. - Comments were still referencing pipenv. - Bump misp-objects. - Bump misp-objects. - Bump changelog. - Bump version. - Bump misp-objects. - Bump dependencies. - Bump dep. - Fix typo in readme. - Use bionic on travis. - Add poetry support. - Fix - Test cases & template version. - Mypy, more typing. - Do not skip data in add_attribute methods. - Remove references to the old API. - Other - Use poetry everywhere, fix readme.- update to version 2.4.121.1: - Changes - Bump changelog. - Bump objects. - Bump changelog. - Bump version. - Fix - Make lief optional again. fix #538
* Sat Feb 08 2020 Sebastian Wagner - update to version 2.4.121.1: - Fix - Make lief optional again. fix #538- remove fix-tests-template-version.patch, merged upstream
* Thu Feb 06 2020 Sebastian Wagner - update to version 2.4.121: - New - Add includeDecayScore to rest search. [VVX7] - Support for first_seen/last_seen. Cleaner import of datetime - [attributes] chrome-extension-id added. - Changes - Do not install neo by default. - Bump objects. - More flexible when an event is in a weird state. - Str to int, properly load SharingGroup. Fix #535 - Bump deps, add pep8 test. - Bump objects. - Support dict in tag/untag. - Test update last seen. - Add test cases in feed. - Add test cases. - Normalize to_datetime conversion. - Trustar example uses objects. - Add lief in the generic requirements. - Refactorize typing, validate. - Fix - Issue with readme. - Remove debugging. - [
*-seen] Consider that `-` can also be in the date component while parsing. [mokaddem] - First seen was after last seen, trigerring the exception. [Raphaël Vinot] - Tests failing if local tz was not CET. - Syntax and typos. - Bugs introduced by last commit. - Other - Doc: fix Search-FullOverview.ipynb code example. [Bernhard E. Reiter] - Chore: delete old examples. [Manabu Niseki] Delete examples which use deprecated/deleted methods - Scrape trustar intel platform reports and create misp events. [th3jiv3r] - Configuration for trustar integration. [th3jiv3r] - Fixed trailing lines. [turtlefac3] - Fixed trailing lines. [turtlefac3] - Custom integration written in python to scrape Proofpoint VAP API for metrics of top Very Attacked Persons and create MISP events. [turtlefac3] - Fix typos on FullOverview.ipynb. [Bernhard E. Reiter]
* Sat Jan 18 2020 Sebastian Wagner - drop python2, not supported anymore upstream- add fix-tests-template-version.patch from upstream commit to fix tests- update to version 2.4.120: - New - [attribute type] kusto-query attribute type. Kusto query is the query language for the Kusto services in Azure used to search large dataset. It\'s used in Windows Defender ATP Hunting-Queries and also Azure Sentinel (Cloud-native SIEM). - Remove python < 3.6 support. - Changes - Bump version. - Bump Changelog. - Bump misp-objects. - Bump dependencies, add debug. - Upate dummy events creator. - Add tests on more version of Python. - Search with the STIX output returns a json STIX. Was XML before. - Bump dependencies. - Add more typing information. - Add typing markup. - Bump misp-objects. - Bump Dependencies. - Bump misp-objects. - Fix - Add missing variable in dummy creator. - Et2misp was python2 only. - Feed generator was broken. Fix #506 - Event without hashable attribute. Related #506 - Other - Update api.py. [AaronK] minor typo, can;t help it noticing those. sorry, - Fixed TODO, added quarantineFolder/quarantineRule from messagesBlocked, added some error handling to prevent empty attributes from trying to be added. [th3jiv3r] - Scrape proofpoint tap api for messages blocked/delivered & clicks blocked/permitted and create misp events. [th3jiv3r] - Add variable for proofpoint tap api auth. [th3jiv3r] - Update README.md. [AaronK] minor typo - Define the number of entries to output. [AndreC10002] Allow for defining in the settings.py file the number of entries to output - Update generate.py. [AndreC10002] - Cleanup of code and \'quick-n-dirty\' sanitizing of tags. [Koen Van Impe] - Sync. [Koen Van Impe] - Update README.md.
* Wed Jan 01 2020 Sebastian Wagner - update to version 2.4.119.1:- New - URLObject (requires pyfaup)- Changes - Version bump. - Bump test files. - Bump misp-objects. - Debug travis error message. - [types] eppn type added. - Fix typo. - Move scrippsco2 feed generator to a sub directory. - Update documentation. Fix #396 - Bump objects.- Fix - Properly test custom objects. - Adding a sighting takes a little bit of time. - Test case on reference. - Add missing fields to event & attribute for the feed output. [Raphaël Vinot] - Make sure the publish timestamp is bumped on update.
  
ICM