Base
- Refactor Ontology
- Prune OID usage
- Include heuristic score and the number of times a heuristic was raised
Service Base
- Update to reflect changes from Base
- Add logging to ontology helper class; catch exceptions instead of letting service crash
v4.2.0.stable98
Service Base
- Added custom magic to ID UDF files
v4.2.0.stable97
Core
- Add vacuum component to core
- Have expiry process run in batches
v4.2.0.stable96
Core
- Replay: Terminate workers on detection of stale file handles when using an NFS mount
v4.2.0.stable95
Service Base
- Globally ignore warnings from service libraries
- Will help reduce random logs from being created and sent to logging stack
v4.2.0.stable94
Base
- Stop using bulk save for heuristics / signature updates as it was causing issues
UI - API Server
- Patch to match changes in base
v4.2.0.stable93
Base
- Always re-create heuristics stats to reduce load on server
Core
- Stop using lookback time for heuristics stats
v4.2.0.stable92
Base
- Trying to fix the missing id issue
v4.2.0.stable91
Base
- Fix case where the signature can't be found
v4.2.0.stable90
Base
- Improve the way signature/heuristics statistics are generated
- Increase non-json log spacing
- Better Random alerts for debugging
Core
- Improve stat aggregator to use a rolling window
UI - API Server
- Change stats generation to fit new model
- Fix file download for files that are not scanned
UI - Frontend
- Fix extra double quote when URL encoding params
- Propagate sid to supplementary file download
v4.2.0.stable89
UI - Frontend
- Remove extra double quote in URL encoding
v4.2.0.stable88
UI - API Server
- Strip default_zip_password from submission params
v4.2.0.stable87
Base
- Add file type/size to results
- Add URIs to Alerts
- Add a detailed version of the tags to Alerts
- Add APPEND_IF_MISSING operation to DB Update method
- Stricter domain validation using TLD table
Core
- Have alerter populate URIs in Alerts
- Have alerter generate the detailed AL results in Alerts
- Switch workflow to use APPEND_IF_MISSING update operation for labels
Service Base
- Add file type and size to service results
UI - API Server
- Make sure the summary tags display their highest verdict
- Use APPEND_IF_MISSING update operation for changing labels on alerts
UI - Frontend
- Add file type to the result search output
- Use the new detailed version of the tags to generate the alert items and detail view
- Keep alert detail menu opened when the space allows it
v4.2.0.stable86
Base
- Configuration:
- Allow option to enable use of downloading files as password-protected ZIPs from system
- Add user setting to define password used for protected downloads
- Add download encoding called 'zip'
- Add zip package to al_dev for development purposes
UI/API
- File
- Add ability to perform zip downloads from API
- Allow user to provide a custom password to the API (default: user-defined in Settings)
- User: Update references to configuration block
- Dockerfile: Add zip packages to Dockerfile
Frontend
- User Settings
- Reveal textbox for updating password for zip downloads when File Encoding is set to 'Password-Protected ZIP'
v4.2.0.stable85
Base
- Simplify, improve and remove duplicate items in tree builder
- Completely re-write identify to use yara rules instead of regexes
- Allow identify configuration to be modified and hot-reloaded
Core
- Fix dispatcher double counting service results
- Use new identify
Service server
- Use new identify
Service base
- Use new identify
UI - API Server
- Use new identify
- Provide new APIs to save the different modifiable identify parts
UI - Frontend
- Fix URL params not being escaped
- Provide the interface to modify the different modifiable identify parts
v4.2.0.stable84
Service Base
- Bug fix: Prevent missing fields in ontology to halt service output on completion
v4.2.0.stable83
Core
- Replay - Loader: Don't attempt to load files that don't seem to be valid files created by the Creator counterpart
v4.2.0.stable82
Service Base
- Handle exceptions regarding attaching ontology results
- Exceptions in this process shouldn't halt service analysis since we consider the ontology optional output
v4.2.0.stable81
Frontend
- Provide interface for (re-)submitting using SHA256
- Submit Page will contain a tab to submit a SHA256 or a URL to the system
- Submitting a URL will perform the same operations as it has prior to release
- Submitting a SHA256 will check to see if the string submitted is indeed a valid SHA256 hash
- File Detail View will contain a button to redirect the user to the Submit page; giving the user the ability to submit with different parameters without having to re-upload the file!
UI/API
- Modifed Ingest/Submit APIs to guard analysis-by-hash against file classification tampering
- Ensures changes to the file's classification can only be made to those in possession of the file
- Ensures that users with access to the file (defined by classification) can use it when creating a new submission
v4.2.0.stable80
Base
- Adding useful method for truncating data
- Adding method to determine if IP is in network
Service Base
- Adding method to sort by relationship in dynamic_service_helper
- Pulling out useful methods from the Cuckoo service that can be used by multiple services. Methods such as: checking if a value contains a safelisted component, checking if a value lives in the system safelist, and validating a value before adding that value as a tag.
v4.2.0.stable79
Base
- Adding useful method for truncating data
- Adding method to determine if IP is in network
Service Base
- Adding method to sort by relationship in dynamic_service_helper
- Pulling out useful methods from the Cuckoo service that can be used by multiple services. Methods such as: checking if a value contains a safelisted component, checking if a value lives in the system safelist, and validating a value before adding that value as a tag.
v4.2.0.stable78
Service Base
- Bugfix: Fix condition for resizing large images for WEBP format on `add_image()`
v4.2.0.stable77
Build pipeline
- Allow base container to still be able to load assemblyline python packages even with and invalid UID
Base
- Allow base container to still be able to load assemblyline python packages even with and invalid UID