Skip to content

Latest commit

 

History

History
533 lines (389 loc) · 36 KB

CHANGELOG.md

File metadata and controls

533 lines (389 loc) · 36 KB

Change Log

3.0.10 (2018-05-29)

Full Changelog

Implemented enhancements:

  • Rotate logs #579
  • Send caseId to Cortex analyzer #564
  • Poll for connectors status and display #563
  • Sort related cases by related artifacts amount #548
  • Time Calculation for individual tasks #546

Fixed bugs:

  • Wrong error message when creating a observable with invalid data #592
  • Analyzer name not reflected in modal view of mini-reports #586
  • Invalid searches lead to read error messages #584
  • Merge case by ID brings red error message if not a number in textfield #583
  • Open cases not listed after deletion of merged case in UI #557
  • Making dashboards private makes them "invisible" #555
  • MISP Synchronisation error #522
  • Short Report is not shown on observables (3.0.8) #512
  • Artifacts reports are not merged when merging cases #446

Closed issues:

  • Max Age Filter Not Working? #577
  • Support X-Pack authentication/encryption for elastic #570
  • Order the cases list by custom field [Feature Request] #567
  • Using Postman to test the API, getting "No CSRF token found in headers" #549

3.0.9 (2018-04-13)

Full Changelog

Fixed bugs:

  • Cortex connection can fail without any error log #543
  • PhishTank Cortex Tag is transparent #535
  • Naming inconsistencies in Live-Channel #531
  • Error when trying to analyze a filename with the Hybrid Analysis analyzer #530
  • Long Report isn't shown #527
  • Artifacts' sighted flags are not merged when merging cases #518
  • TheHive MISP cert validation, the trustAnchors parameter must be non-empty #452

Closed issues:

  • The Hive - MISP SSL configuration: General SSLEngine problem #544
  • Dropdown menu for case templates doesnt have scroll #541

Merged pull requests:

  • Update spacing for elasticsearch section in docker-compose yml file #539 (jbarlow-mcafee)

3.0.8 (2018-04-04)

Full Changelog

Fixed bugs:

  • Mini reports is not shown when Cortex 2 is used #526
  • Session collision when TheHive & Cortex 2 share the same URL #525
  • "Run all" in single observable context does not work #524
  • Error on displaying analyzers name in report template admin page #523
  • Job Analyzer is no longer named in 3.0.7 with Cortex2 #521

Merged pull requests:

  • Add ElasticSearch file descriptor limit to docker-compose.yml #505 (flmsc)

3.0.7 (2018-04-03)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • Display only cortex servers available for each analyzer, in observable details page #513
  • Can't save case template in 3.0.6 #502

3.0.6 (2018-03-08)

Full Changelog

Implemented enhancements:

  • Add compatibility with Cortex 2 #466

Fixed bugs:

  • Tasks are stripped when merging cases #489

3.0.5 (2018-02-08)

Full Changelog

Fixed bugs:

  • No reports available for "domain" type #469
  • Importing Template Button Non-Functional #404

3.0.4 (2018-02-06)

Full Changelog

Implemented enhancements:

  • Make alerts searchable through the global search field #456
  • Make counts on Counter dashboard's widget clickable #455
  • MISP feeds cause the growing of ES audit docs #450
  • Case metrics sort #418
  • Filter MISP Events Using MISP Tags & More Before Creating Alerts #370
  • OAuth2 single sign-on implementation (BE + FE) #430 (saibot94)

Fixed bugs:

  • Remove uppercase filter on template name #464
  • Fix the alert bulk update timeline message #463
  • "too many substreams open" on alerts #462
  • Fix MISP export error dialog column's wrap #460
  • More than 20 users prevents assignment in tasks #459
  • Type is not used when generating alert id #457
  • Fix link to default report templates #454
  • Make dashboard donuts clickable #453
  • Refresh custom fields on open cases by background changes #440
  • Bug: Case metrics not shown when creating case from template #417
  • Observable report taxonomies bug #409

Closed issues:

  • GET request with Content-Type ends up in HTTP 400 #438
  • Feature Request: Ability to bulk upload files as observables. #435
  • Add metadata to MISP event when exporting case from TheHive #433
  • How to limit by date amount of events pulled from MISP initially? #432

3.0.3 (2018-01-10)

Full Changelog

Fixed bugs:

  • THP-SEC-ADV-2017-001: Privilege Escalation in all Versions of TheHive #408

3.0.2 (2017-12-20)

Full Changelog

Implemented enhancements:

  • Add multiline/multi entity graph to dashboards #399
  • Can not configure ElasticSearch authentication #384

Fixed bugs:

  • "Mark as Sighted" Option not available for "File" observable type #400

3.0.1 (2017-12-07)

Full Changelog

Fixed bugs:

  • MISP Event Export Error #387
  • During migration, dashboards are not created #386
  • Error when configuring multiple ElasticSearch nodes #383

3.0.0 (2017-12-05)

Full Changelog

Implemented enhancements:

  • Assign default values to case templates' custom fields #375
  • Add the Ability to Import and Export Case Templates #369
  • Add a sighted flag for IOCs #365
  • Alert id should not be used to build case title when using case templates #364
  • Set task assignee in case template #362
  • Add Autonomous Systems to the Default Datatype List #359
  • Display more than 10 users per page and sort them by alphanumerical order #346
  • [Minor] Add user dialog title issue #345
  • Deleted cases showing in statistics #317
  • Dynamic dashboard #312
  • Add health check in status API #306
  • Alerts in Statistics #274
  • Statistics: Observables and IOC over time #215
  • Export Statistics/Metrics #197
  • Msg_Parser analyser show for all files #184
  • Assign default metric values #176
  • Display Cortex Version, Instance Name, Status and Available Analyzers #130
  • Feature Request: Webhooks #20
  • Remove the From prefix and template suffix around a template name in the New Case menu #348
  • Keep the alert date when creating a case from it #320
  • Export to MISP: add TLP #314
  • Show already known observables in Import MISP Events preview window #137

Fixed bugs:

  • The misp > instance name > tags parameter is not honored when importing MISP events #373
  • [Bug] Merging an alert into case with duplicate artifacts does not merge descriptions #357
  • Share a case if MISP is not enabled raise an error #349
  • Validate alert's TLP and severity attributes values #326
  • Merge of cases overrides task log owners #303

Closed issues:

  • MISP Connection Error with Cortex/HIVE #371
  • Single Sign-On with X.509 certificates #297
  • Remove the deprecated "user" property #316
  • Run observable analyzers through API #308

Merged pull requests:

2.13.2 (2017-10-24)

Full Changelog

Fixed bugs:

  • Security issue on Play 2.6.5 #356
  • Incorrect stats: non-IOC observables counted as IOC and IOC word displayed twice #347
  • Deleted Observables, Show up on the statistics tab under Observables by Type #343
  • Statistics on metrics doesn't work #342
  • Error on custom fields format when merging cases #331

2.13.1 (2017-09-18)

Full Changelog

Fixed bugs:

  • Tasks Tab Elasticsearch exception: Fielddata is disabled on text fields by default. Set fielddata=true on [title] #311

2.13.0 (2017-09-15)

Full Changelog

Implemented enhancements:

  • Group ownership in Docker image prevents running on OpenShift #307
  • Improve the content of alert flow items #304
  • Add a basic support for webhooks #293
  • Add basic authentication to Stream API #291
  • Add Support for Play 2.6.x and Elasticsearch 5.x #275
  • Fine grained user permissions for API access #263
  • Alert Pane: Catch Incorrect Keywords #241
  • Specify multiple AD servers in TheHive configuration #231
  • Export cases in MISP events #52

Fixed bugs:

  • Download attachment with non-latin filename #302
  • Undefined threat level from MISP events becomes severity "4" #300
  • File name is not displayed in observable conflict dialog #295
  • A colon punctuation mark in a search query results in 500 #285
  • Previewing alerts fails with "too many substreams open" due to case similarity process #280

Closed issues:

  • Threat level/severity code inverted between The Hive and MISP #292

2.12.1 (2017-08-01)

Full Changelog

Implemented enhancements:

  • Fix warnings in debian package #267
  • Merging alert into existing case does not merge alert description into case description #255

Fixed bugs:

  • Cortex Connector Not Found #256
  • Case similarity reports merged cases #272
  • Closing a case with an open task does not dismiss task in "My tasks" #269
  • API: cannot create alert if one alert artifact contains the IOC field set #268
  • Can't get logs of a task via API #259
  • Add multiple attachments in a single task log doesn't work #257
  • TheHive doesn't send the file name to Cortex #254
  • Renaming of users does not work #249

2.12.0 (2017-07-04)

Full Changelog

Implemented enhancements:

  • Use local font files #250
  • Sort the analyzers list in observable details page #245
  • More options to sort cases #243
  • Alert Preview and management improvements #232
  • Show case status and category (FP, TP, IND) in related cases #229
  • Open External Links in New Tab #228
  • Observable analyzers view reports. #191
  • Specifying tags on statistics page or performing a search #186
  • Choose case template while importing events from MISP #175
  • Ability to Reopen Tasks #156
  • Display short reports on the Observables tab #131
  • Custom fields for case template #12

Fixed bugs:

  • A locked user can use the API to create / delete / list cases (and more) #251
  • Fix case metrics malformed definitions #248
  • Sorting alerts by severity fails #242
  • Alerting Panel: Typo Correction #240
  • files in alerts are limited to 32kB #237
  • Alert can contain inconsistent data #234
  • Search do not work with non-latin characters #223
  • report status not updated after finish #212

2.11.3 (2017-06-14)

Full Changelog

Fixed bugs:

  • Unable to add tasks to case template #239
  • Problem Start TheHive on Ubuntu 16.04 #238
  • MISP synchronization doesn't retrieve all events #236

2.11.2 (2017-05-24)

Full Changelog

Implemented enhancements:

  • Visually distinguish between analyzed and non analyzer observables #224
  • Add Description Field to Alert Preview Modal #218
  • Show case severity in lists #188

Fixed bugs:

  • MISP synchronization - attributes are not retrieve #221
  • MISP synchronization - Alerts are wrongly updated #220
  • Cortex jobs from thehive fail silently #219

Merged pull requests:

2.11.1 (2017-05-17)

Full Changelog

Implemented enhancements:

  • Show available reports number for each observable #211
  • Merge Duplicate Tasks during Case Merge #180

Fixed bugs:

  • Case templates not applied when converting an alert to a case #206
  • Observable of merged cased might have duplicate tags #205
  • Error updating case templates #204

2.11.0 (2017-05-14)

Full Changelog

Implemented enhancements:

  • Display the logos of the integrated external services #198
  • TheHive send to many information to Cortex when an analyze is requested #196
  • Sort the list of report templates #195
  • Add support to .deb and .rpm package generation #193
  • Cannot distinguish which analysers run on which cortex instance #179
  • Connect to Cortex protected by Basic Auth #173
  • Implement the alerting framework feature #170
  • Make the flow collapsible, in case details page #167
  • Update the datalist filter previews to display meaningful values #166
  • Show severity on the "Cases Page" #165
  • Add pagination component at the top of all the data lists #151
  • Connect to Cortex instance via proxy #147
  • Disable field autocomplete on the login form #146
  • Refresh the UI's skin #145
  • Add support of case template in back-end API #144
  • Proxy authentication #143
  • Improve logs browsing #128
  • Improve logs browsing #128
  • Feature request: Autocomplete tags #119
  • Ignored MISP events are no longer visible and cannot be imported #107
  • MISP import filter / filtering of events #86
  • Reordering Tasks #21

Fixed bugs:

  • Authentication fails with wrong message if database migration is needed #200
  • Fix the success message when running a set of analyzers #199
  • Duplicate HTTP calls in case page #187
  • Job status refresh #171

Closed issues:

  • Support for cuckoo malware analysis plattform (link analysis) #181
  • Scala code cleanup #153

Merged pull requests:

  • Fixed minor typo in template creation and update notifications. #194 (dewoodruff)

2.10.2 (2017-04-19)

Full Changelog

Implemented enhancements:

  • Run all analyzers on multiple observables from observables view #174
  • Add CSRF protection #158
  • Persistence for task viewing options #157

Fixed bugs:

  • MISP import fails #169
  • Unauthenticated access to some pages doesn't redirect to login page #161
  • Disable readonly access to admin pages, for users without 'admin' role #160
  • Secure the usage of angular-ui-notification library #159
  • Pagination does not work with 100 results per page #152

Closed issues:

  • Observable Tags not displayed in 2.10.1 #155

2.10.1 (2017-03-08)

Full Changelog

Implemented enhancements:

  • Feature Request: Ansible build scripts #124
  • Remove the "Run all analyzers" option from observables list #141
  • Remove duplicate stream callbacks registration #138
  • Typo in quick filters #134
  • Display a warning when trying to merge an already merged case #129
  • Restyle avatar's upload button #126
  • Add pagination component at the top of the task log #116
  • Disable buttons in MISP event's preview dialog #115
  • Make The Hive working on any URL path and not only / #114
  • Misleading MISP Event Date and Time #101
  • Upgrade to the last version of UI-Bootstrap UI library #79

Fixed bugs:

  • Fix OTXQuery report template #142
  • 401 HTTP responses don't trigger redirection to login page #140
  • Fix a JS issue related to inactivity dialog #139
  • Flow is not shown #127
  • Case merge does not close tasks in merged cases #118
  • Web UI doesn't refresh once a report template is deleted #113
  • Open log in new windows #108
  • Cannot add an observable which datatype has been added by an admin #106
  • Observables password hint does not reflect backend change #83

2.10.0 (2017-02-01)

Full Changelog

Implemented enhancements:

  • Improve cases listing page #76
  • Feature Request - Add Case Statistics by Severity #70
  • Use avatars in user profiles #69
  • Allow (un)set observable as IOC from the observable's page #68
  • When closing a task, close the associated tab as well #66
  • Load the Current Cases View when Closing a Case #61
  • Externalize observable analysis #53
  • Changeable case owner #30
  • Make release process easier #28
  • Newly created case template not visible in NEW case until logout/login #26

Fixed bugs:

  • Template Limit Bug #105
  • Bug related case #97
  • Case TLP should be set to AMBER by default #96
  • User is not notified on MISP error #88
  • Locked users cannot be assignee of cases #77
  • Task descriptions from case templates are not applied #65
  • Add an already exist observable returns an unexpected error #63
  • Don't use deleted obserables to link cases #62
  • Assign a default role to new users and remove the ability to assign empty roles #60
  • Locked users are still able to log in #59
  • MISP events counter is not refreshed #58
  • Make sure to clear new task log editor #57
  • Missing markdown editor in case close dialog #42

Closed issues:

  • Database schema update (v8) #67
  • Add support for more filetypes to PE_info analyser #54
  • Create an analyzer to get information about PE file #51
  • PhishTank Analyzer #40
  • OTX Analyzer #32

Merged pull requests:

2.9.2 (2017-01-19)

Full Changelog

Implemented enhancements:

  • Feature Request - Add observable statistics #71

Fixed bugs:

  • docker image: $.post(...).success is not a function #95

2.9.1 (2016-11-28)

Implemented enhancements:

  • Statistics on a per case template name / prefix basis #31
  • Observable Viewing Page #17
  • Update logo and favicon #45
  • Inconsistent wording between the login and user management pages #44
  • MaxMind Analyzer 'Short Report' has hard-coded language #23
  • Don't update imported case from MISP if it is deleted or merged #22
  • Case merging #14
  • New analyzer to check URL categories #24 (ecapuano)

Fixed bugs:

  • Resource not found by Assets controller #38
  • NPE occurs at startup if conf directory doesn't exists #41
  • Systemd startup script does not work #29
  • MISP event parsing error when it doesn't contain any attribute #25
  • Phantom tabs #18
  • The Action button of observables list is blank #15
  • Description becomes empty when you cancel an edition #13
  • Metric Labels Not Showing in Case View #10
  • chrome on os x - header alignment #5
  • Tags not saving when creating observable. #4

Closed issues:

  • Statistics based on Tags #37
  • Give us something to work with! #2

Merged pull requests:

* This Change Log was automatically generated by github_changelog_generator