Malware repository component for samples & static configuration with REST API interface.
Upgrade highlights:
If you use plugins that are adding new endpoints to the API, you need to fix Resource
imports before upgrade: What's changed
New features and improvements:
execute
attribute that is passed to Karton to enable/disable execution in sandbox (https://github.com/CERT-Polska/mwdb-core/pull/904, thanks @msm-cert)Bug fixes:
Full Changelog: https://github.com/CERT-Polska/mwdb-core/compare/v2.11.0...v2.12.0
New features and improvements:
Full Changelog: https://github.com/CERT-Polska/mwdb-core/compare/v2.10.3...v2.11.0
Bugfixes:
Bugfixes:
Most important change in this bugfix release is rollback to libfuzzy2 for ssdeep hash evaluation instead of ppdeep introduced in v2.9.0. It means that for standalone installation (from PyPi) you need to install libfuzzy2
before applying this upgrade.
Bugfixes:
ppdeep
dependency in favor of previously used python-ssdeep
(libfuzzy2) that caused worker timeouts when big file (>30MB) was uploaded (https://github.com/CERT-Polska/mwdb-core/pull/868)Other changes:
Small, minor release that provides bugfixes and Karton integration improvements:
It's recommended to upgrade karton-system to v5.2.0 before upgrading mwdb-core (if Karton is used within your pipeline).
Minor improvements:
quality
and share_3rd_party
headers are using persistent headers and they're automatically added to all tasks within analysis (https://github.com/CERT-Polska/mwdb-core/pull/858)Bugfixes:
This release includes huge database migrations made for query optimization, which includes rewriting of object permission tables. Database backup is highly recommended before upgrade.
Also there is a long changelog ahead, so please read information about most important changes in What's changed section before upgrade.
Major changes:
access_all_objects
capability, exclusive object permissions are not even considered in query (https://github.com/CERT-Polska/mwdb-core/pull/783). It also means that access_all_objects
really gives access to all
objects in system (it's not "autosharing" of all added objects as before), so everything
group is effectively useless and is not created by default.certpl/mwdb
Docker image uses gunicorn instead of uwsgi, as uwsgi project was mostly abandoned (https://github.com/CERT-Polska/mwdb-core/pull/735)services
tab in Karton Dashboardcount
parameter, so you can load them in chunks bigger than 10 (https://github.com/CERT-Polska/mwdb-core/pull/755)Minor changes and improvements:
sharing_objects
capability was renamed to sharing_with_all
which better describes its real meaning (https://github.com/CERT-Polska/mwdb-core/pull/696){{@value}}
syntax (https://github.com/CERT-Polska/mwdb-core/pull/628)access_uploader_info
capability to make users able to search for uploaders from the outside of our groups without giving powerful sharing_with_all
capability (#705)Relations
tab when number of relations exceeds 1000 (https://github.com/CERT-Polska/mwdb-core/pull/791)use_x_forwarded_for
option in configuration to respect X-Forwarded-For
header, enabled by default in Docker images (https://github.com/CERT-Polska/mwdb-core/pull/845)Bugfixes:
NetworkError
exceptions in Web are a bit better handled and they shouldn't crash whole application so often (https://github.com/CERT-Polska/mwdb-core/pull/846)Special thanks to @yankovs for tracking some regressions during development!
And finally thanks to development team that worked on this release: @KWMORALE, @Repumba, @postrowinski, @olivergav, @nazywam.
Hopefully we'll be publishing stable releases a bit more often so the changelogs won't be that long :smiling_face_with_tear:
This release contains bugfixes related mostly with S3 object storage. Regressions were introduced by migration from py-minio to Boto3 AWS SDK which apparently wasn't tested enough.
Bugfixes:
Bugfixes:
This release includes huge database migrations made for query optimization, which includes rewriting of Object and Tag tables. Database backup is highly recommended before upgrade.
New features and improvements:
sha1
is exposed in /api/file
listing (https://github.com/CERT-Polska/mwdb-core/pull/683, thanks @DISREL!)Bugfixes:
mwdb-core configure
(https://github.com/CERT-Polska/mwdb-core/pull/595)Thanks @jvoisin and @JohnConnorRF for contributions!