August 25, 2017
A new version of MISP 2.4.79 has been released including an important security fix (persistent XSS on comment field), multiple bug fixes and new functionalities.
All the taxonomies actions (including index, view, enable, disable) are now accessible via the API.
The feed previews are now exposed to the API in addition to the graphical user-interface.
Additional command line tool such as enabling/disabling misp or changing baseurl can be done from command line (e.g. easing the automation and deployment of MISP instances at large scales).
Set the current password confirmation requirement for any user profile edits as optional (off by default).
Feeds (caching and updates) can now be updated via the scheduler.
MISP taxonomies, galaxies (including the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™)) and PyMISP updated to the latest version.
Multiple annoying bugs were fixed in the UI and API including #2394, #2387, #2381.
The full change log is available here. PyMISP change log is also available.
Don’t hesitate to open an issue if you have any feedback, found a bug or want to propose new features.
Don’t forget our MISP summit 0x3 before the hack.lu 2017 conference which will take place from 14:00 to 18:00, Monday 16 October 2017. The core team of MISP will also join the hack.lu open source security software hackathon 0x2 which will take place 19-20 October 2017.
A new MISP training will take place in Luxembourg the 21st November 2017, registration is now open.