Version 6.3.13

Bug Fixes:

• #9042 Organization mapping is not working with Microsoft when "." is present in path
• #9026 PDF viewer is broken everywhere

Full Changelog: 6.3.12...6.3.13

Version 6.3.12

Enhancements:

• #8966 Improve auto fixing platform at start for missing queues in rabbitmq
• #8923 Improve error message notification in the UI
• #8870 Improve errors in httpPlatform to not always propagate to the last middleware
• #8793 Add integration tests to playbooks

Bug Fixes:

• #9015 File markings are not present in the stream
• #8996 Create a public dashboard: when accessing the dashboard an error message in widget shown "you must be logged to do this"
• #8976 PDF export of HTML content is broken
• #8973 Empty SHA256/SHA1 field when modifying File Observable
• #8899 [RBAC - Dashboard] Need "Manage credentials" capability for "Activity & History" perspective
• #8838 Prevent deletion of the organization that is used as plateforme organization or attibuted to a user
• #8761 TAXII collection not accessible which is created by user on the demo website.
• #8721 [Playbooks] unable to filter on "Platform Creation Date" on "Query knowledge on regular basis"
• #8688 Container: in Source mode, you need to click twice on Source mode to quit the source mode
• #8611 Indicator pattern and standard id are not updated through stream sync
• #8425 Massive relationships creation screen is not respecting default radius of 4 (left entity + match)
• #8413 [AI] "Summaries file"on all files does not always work
• #8324 Fail to ingest CSV feed
• #8279 Threat actor top bar right loading is not properly aligned

Pull Requests:

• [frontend] Improve error message notification in the UI (#8923) by @richard-julien in #8924
• [backend] secure organization deletion (#8838) by @SouadHadjiat in #8903
• [backend] add playbook test (#8793) by @frapuks in #8795
• [frontend] align isGrantedToSettings in AuditsDistributionList widget (#8899) by @JeremyCloarec in #8948
• [frontend] use inline for header loader variant (#8279) by @frapuks in #8936
• Update dependency ckeditor5 to v43.3.1 by @renovate in #8850
• Update dependency react-pdf to v9.1.1 by @renovate in #8864
• [frontend]Massive relationships creation screen is not respecting default radius (#8425) by @ValentinBouzinFiligran in #8896
• [frontend] fix content export pdf (#8976) by @marieflorescontact in #8979
• [frontend] CK Editor Scrollbar in Source mode (#8687) by @Archidoit in #8970
• [backend] Improve errors in httpPlatform to not always propagate to the last middleware (#8870) by @richard-julien in #8871
• [frontend] Empty SHA256/SHA1 field when modifying File Observable (#8973) by @ValentinBouzinFiligran in #8991
• [backend] add external ref files into AI summarize (#8413) by @frapuks in #8926
• [backend] check playbook filters & add playbook nodes tests (#8721) by @Archidoit in #8955
• [frontend] fix user context error (#8996) by @marieflorescontact in #9004
• [frontend] Integrate react-timeline-range-slider (#8816) by @richard-julien in #9012
• [backend] Add file marking definitions to the stream (#9015) by @SamuelHassine in #9017

Full Changelog: 6.3.11...6.3.12

Version 6.3.11

Bug Fixes:

• #8942 Possible performance drop at ingestion due to heavy regular expression
• #8911 [Request for takedown case] Related entities weird behavior
• #8910 The design of the ‘create’ button for an observable must be aligned with the other create buttons
• #8908 Investigation: cannot expand observables of type File
• #8884 Header in creation drawer is not correct on observable
• #8831 Investigation: Unable to expand any indicators linked to a file obervable
• #8818 [Workbench] Relationships not created
• #8809 [entities merging] incorrect kept file when files names conflicts
• #8646 Long title on dashboards can mess with UI
• #8571 Regression in massive operations on data tables

Pull Requests:

• [frontend] Fix data tables interactions between selected elements and filters (#8571) by @lndrtrbn in #8796
• [frontend] Header in creation drawer is not correct on observable (#8884) by @SarahBocognano in #8919
• [backend] keep base entity file if files names conflicts at entities merging (#8809) by @Archidoit in #8810
• [frontend] fix unable to expand indicators based on file (#8831) by @marieflorescontact in #8933
• [backend] Domain observable with hyphen/dash is incorrectly rejected (#8927) by @SarahBocognano in #8929
• [frontend] Long title on dashboards can mess with UI (#8646) by @SarahBocognano in #8830
• [frontend] Add types filtering for related entities in cases (#8911) by @Kedae in #8922

Full Changelog: 6.3.10...6.3.11

Version 6.3.10

Enhancements:

• #8869 [backend] Improve performance by better targeting indices for query

Bug Fixes:

• #8901 Public dashboard erros on some widgets when not configuring any time range
• #8867 Permissions from External Auth Server Not Mapped to OpenCTI Platform Groups When Logging in via loginFromProvider
• #8675 [OPENCTI-MODULE] INGESTION - Error with taxii handler CISA-GOV - Atribute Must be a string
• #8560 Title not taken into account in Text widget
• #8330 Hamburger buttons to update or delete an attack pattern within an incident doesn't work and redirect to the attack pattern page.
• #8178 Entities validated in a report's analyst workbench are not included in the report
• #7965 ImportFileStix2 - Importing STIX file from within a Grouping does not add the imported objects to the Grouping
• #7620 Domain observable with underscore is incorrectly rejected
• #6361 Creating a lot of relationships at once causes a timeout error

Pull Requests:

• Permissions from External Auth Server Not Mapped to OpenCTI Platform Groups When Logging in via loginFromProvider by @savannah030 in #8868
• [backend] Improve performance by better targeting indices for query by @richard-julien in #8615
• Update dependency react-syntax-highlighter to v15.6.1 by @renovate in #8866
• Update dependency react-grid-layout to v1.5.0 by @renovate in #8862
• [frontend] Display the title in widgetText by @CelineSebe in #8841
• [frontend] Remove "update" or "delete" button on attack pattern within an incident kill chain view(#8330) by @CelineSebe in #8836
• [backend] fix taxii cursor number error (#8675) by @aHenryJard in #8840
• [backend] Fix logging for tests / Enforce report creation and adapt test by @richard-julien in #8900
• [frontend] fix startDate and endDate default values in public dashboard widgets (#8901) by @JeremyCloarec in #8902
• [backend] Domain observable checker is incorrect (#7620) by @SarahBocognano in #8768
• [frontend] fix enrichment buttons (#8825) by @labo-flg in #8907

New Contributors:

• @savannah030 made their first contribution in #8868

Full Changelog: 6.3.9...6.3.10

Version 6.3.9

Bug Fixes:

• #8837 Bug may lead to deletion of all entities in OpenCTI
• #8800 Finding report duplicates does not work properly
• #8767 Having a large number of Organizations slows down the playbooks
• #8642 Extremely high CPU usage in workers
• #8575 Report export to STIX2 brings start_time == stop_time for relations
• #8282 Useless vertical scrollbar in custom dashboard + hidden by the header

Pull Requests:

• [frontend] UI fix scrollbar useless in custom dashboard (#8282) by @CelineSebe in #8823
• [frontend] Fix global search toolbar (#8837) by @SouadHadjiat in #8845
• [backend/frontend] Fix playbook organization sharing schema (#8767) by @SouadHadjiat in #8811

Full Changelog: 6.3.8...6.3.9

Version 6.3.8

Bug Fixes:

• #8825 Enrichment panel do not open for SCOs
• #8720 Improve info log level for task manager to help troubleshoot issues
• #8682 Reset of the "display as" settings
• #8656 [CI] multi-repository PR should default as PR target branch and not master
• #7720 Extension is not always set to ".json" in dashboard export, which lead to not be able to re-import without renaming the file
• #7697 [filters] 'lower than / equals' operator for date filters doesn't take 'equals' into account

Pull Requests:

• [frontend] Fix enrichment button (#8825) by @Kedae in #8828
• [frontend] Add defaultStartTime and stopTime for StixCoreRelationship creation (#8575) by @marieflorescontact in #8782
• [frontend] filters: lte and gt operators with dates (#7697) by @Archidoit in #7942

Full Changelog: 6.3.7...6.3.8

Version 6.3.7

Enhancements:

• #8636 Avoid breaking UI when too many labels are associated to an entity
• #8151 Upgrade CKeditor to latest version
• #6643 Leaked Tokens are not revokable

Bug Fixes:

• #8742 Retro-compatibility mappings mode for reindexing broke the SSO login
• #8740 Data is not deduplicated when an entity under restriction (marking) is updated
• #8726 [Dashboard] Two "name" filter
• #8712 Missing author column in the home dashboard reports list
• #8683 No error when updating an indicator with incorrectly formatted pattern
• #8681 Not possible to view the list of reports authored by an organization
• #8649 cannot create a public dashboard from the dashboard list
• #8630 [Dashboard] Counter in knowledge perspective no longer takes into account time filter
• #8599 Observables distribution graph is not respecting the height of the box
• #8557 Creation Date display error after node edit in Investigation graph
• #8506 open a new tab from listing
• #8501 Not possible to CTRL+click directly on the left menu (first level)
• #8483 Sightings tabs in observables are broken
• #8442 English grammar errors in the titles of the default dashboard widgets
• #8333 Missing entites in shared report
• #8291 OpenCTI failed to validate YARA rules containing "\r" escape sequence in text strings.
• #8288 The 'entities overview' loader is not the one used in the rest of the application
• #8225 Bad icon used in connector overview
• #8180 Inconsistency in potential duplicate warning messages
• #8175 Layout issue when loading cases
• #8101 Organisation Admins: multiple issues
• #8058 Multiple issues in opinions
• #7992 CSV import is buggy
• #7797 [Workbench] Sightings default value displayed as Unknown
• #7796 Error at relationships export in json
• #7719 N subscribers is not correctly vertically centered within the button
• #6361 Creating a lot of relationships at once causes a timeout error

Pull Requests:

• [frontend] Bad icons replaced in connector overview(#8225) by @CelineSebe in #8669
• [frontend] Fix the height of the Observables distribution graph(#8599) by @CelineSebe in #8670
• [frontend] Fix time filters in relationships counters (#8630) by @Archidoit in #8668
• [frontend] In Investigation graph fix date display after node modification (#8557) by @Gwendoline-FAVRE-FELIX in #8678
• [frontend] use new loader in report overview (#8288) by @frapuks in #8385
• Initial Changes to support dynamic configurable required fields via settings --> customization by @ParamConstructor in #6972
• [backend] Fix missing entites in shared report (#8333) by @marieflorescontact in #8587
• [backend/frontend] fix multiple issues for Organisation Admins (#8101) by @marieflorescontact in #8459
• [frontend] Containers list in Analysis tab of Organization display as Author (#8681) by @Archidoit in #8690
• [frontend] redirect link updated for observables (#8483) by @ValentinBouzinFiligran in #8695
• [backend/frontend] Allow security admin to renew users token (#6643) by @aHenryJard in #8667
• [frontend] Missing author column in the home dashboard reports list (#8712) by @ValentinBouzinFiligran in #8719
• [frontend] Danger zone: rule engine, EE deactivation, marking lists and file indexing (#8284) by @marieflorescontact in #8699
• Popover Removal - Locations by @daimyo007 in #8199
• [backend] check indicator pattern syntax when update (#8683) by @marieflorescontact in #8717
• [backend] replace plyara with yara-python for yara indicator check (#8291) by @JeremyCloarec in #8731
• Bump http-proxy-middleware from 3.0.2 to 3.0.3 in /opencti-platform/opencti-front by @dependabot in #8744
• [backend] update cookie from 0.6.0 to 0.7.0 by @labo-flg in #8775
• Update dependency @xmldom/xmldom to v0.9.4 by @renovate in #8773
• Update dependency @playwright/test to v1.48.1 by @renovate in #8772
• [frontend] Migrate CK Editor to 9.3 (#8151) by @labo-flg in #8787
• Update dependency convert to v5.5.1 by @renovate in #8774
• Update dependency filigran-ui to v0.20.3 by @renovate in #8780
• [backend] Revert "Update dependency @xmldom/xmldom to v0.9.4" by @Kedae in #8791
• Popover Removal - Cases by @daimyo007 in #8121
• Update dependency i18n-auto-translation to v1.8.2 by @renovate in #8781
• [backend] deduplication check is now done with SYSTEM user (#8740) by @JeremyCloarec in #8786
• Update aws-sdk-js-v3 monorepo to v3.679.0 by @renovate in #8770
• Update Node.js to v20.18.0 by @renovate in #8769
• Update dependency file-type to v19.6.0 by @renovate in #8779
• Update dependency eslint-plugin-react to v7.37.2 by @renovate in #8778
• Update dependency @escape.tech/graphql-armor to v3.1.1 by @renovate in #8771
• Update dependency eslint-plugin-import to v2.31.0 by @renovate in #8776
• [front] Fix potential duplicate warning messages (#8180) by @CelineSebe in #8765
• Popover Removal - Analyses (Updated) by @daimyo007 in #8106
• [backend] Adding info logs to task manager (#8720) by @aHenryJard in #8725
• [CI] Update scripts to use PR target branch instead of hardcoded master (#8656) by @aHenryJard in #8732
• [frontend] filter utils tests by @Archidoit in #8718
• [backend] Attributes can't have same label and different names in schema (#8726) by @Archidoit in #8738
• [frontend] Extension is not always set to .json (#7720) by @ValentinBouzinFiligran in #8746
• [frontend] Fix delete button behaviour by @marieflorescontact in #8802

New Contributors:

• @daimyo007 made their first contribution in #8199

Full Changelog: 6.3.6...6.3.7

Version 6.3.6

Enhancements:

• #8498 Add "Vulnerabilities" view in the knowledge tab of a System entity
• #8453 Support of "has" relationship between a System and a Vulnerability

Bug Fixes:

• #8665 Ingestion performance issue on related-to from obserable to entities
• #8650 objects (labels, kill chain phases) are clickable resulting in an empty page
• #8647 Editing some objects titles from the view list is broken - edition drawer is not responsive
• #8642 Extremely high CPU usage in workers
• #8641 [Kill chain phase ordering] We can't modify the order
• #8635 [Regression] IP location flag no longer appears
• #8626 Results of OpenBAS scenarios are not displayed anymore in OpenCTI
• #8624 Bulk search is not working properly anymore
• #8579 Knowledge graph is not displaying all entities
• #8576 Relationship " authored by " not properly displayed in Knowledge tab
• #8547 Internal document identifier are case sensitive
• #8545 [live stream] external references are not synced
• #8533 Narrative list wrong icon + alignment issue
• #8495 In some old instances, we have objectOrganization indexed, which causes an issue when deleting entity
• #8310 Playbook "log data in standard output" warning option should use "warn" level instead of "warning"
• #8223 External reference overview panels not aligned
• #7962 The derived-from relationship is not supported for all STIX domain objects and cyber observables
• #6657 When having a trigger covering URLs or an Indicator genreated from an URL Observable, URL is clickable in the notification or the description

Pull Requests:

• [frontend] Narrative list wrong icon + alignment issue (#8533) by @SarahBocognano in #8594
• Update dependency react-router-dom to v6.26.2 by @renovate in #8565
• Update dependency react-force-graph-3d to v1.24.4 by @renovate in #8564
• Update dependency qrcode to v1.5.4 by @renovate in #8562
• [backend] change file upload to be case insensitive (#8547) by @JeremyCloarec in #8554
• [Backend] External reference fail creation as checked attribute is not the good one (#8545) by @richard-julien in #8548
• [Backend] Get all objects pagination can stop for invalid global count (#8579) by @richard-julien in #8592
• [frontend] Fix english grammar errors in the titles of the default dashboard widgets (#8442) by @CelineSebe in #8605
• [backend/frontend] Use ID instead of label when resolving expectation from OpenBAS by @RomuDeuxfois in #8589
• Update dependency react-force-graph-2d to v1.25.6 by @renovate in #8563
• [backend] use component name in traces and fix warn issue.(#8352)(#8310) by @aHenryJard in #8625
• Update dependency apexcharts to v3.54.0 by @renovate in #8618
• Update dependency filigran-ui to v0.19.4 by @renovate in #8622
• Update dependency file-type to v19.5.0 by @renovate in #8620
• [frontend] Remove links from Notifications (#6657) by @Kedae in #8591
• [frontend] External reference overview panels not aligned (#8223) by @SarahBocognano in #8628
• [frontend] Display fixes (#8284) by @Kedae in #8632
• [backend] Add feed queue control. Only add jobs if current queue is empty by @richard-julien in #8617
• [frontend] Fix flag display for observables (#8635) by @Kedae in #8637
• [frontend] Fix bulk search by @Kedae in #8633
• Update dependency esbuild to v0.24.0 by @renovate in #8619
• Update dependency filigran-icon to v0.9.0 by @renovate in #8621
• Update quay.io/keycloak/keycloak Docker tag to v25.0.6 by @renovate in #8544
• [frontend] fix ui after apexcharts update 3.54.0 by @labo-flg in #8645
• Update dependency helmet to v7.2.0 by @renovate in #8623
• [backend/frontend] Add derived-from relationship in SDO & SCO of same type (#7962) by @SarahBocognano in #8220
• Update dependency vite-plugin-static-copy to v1.0.6 by @renovate in #8541
• Update dependency @types/nconf to v0.10.7 by @renovate in #8530
• Update dependency openai to v4.67.3 by @renovate in #8500
• [frontend + backend] added vulnerabilitties tab and 'has' relationship by @stefan1anuby in #8458
• Additional Threat Actor Relationship Types by @Bonsai8863 in #8341
• [backend] Do not impact entities targeted by related to relations from observables (#8665) by @SamuelHassine in #8666
• [frontend] Rollback on unclear code and fix navigation (#8647) by @Kedae in #8662
• [backend] Ensure that all connectors queues are initialized at platform start (#8642) by @richard-julien in #8664
• [frontend] Update relationship creation and display (#8576) by @Kedae in #8634
• [backend] ignore objectOrganization in reindexing (#8495) by @JeremyCloarec in #8496

Full Changelog: 6.3.5...6.3.6

Version 6.3.5

Enhancements:

• #8536 [Backend] Add SAML option to get email from attribute
• #7255 [Investigation]: Change the "representation" key used in an investigation for an observable of type "File"
• #4864 Enhance retention policy deletion performances / speed

Bug Fixes:

• #8568 Not enough margin top in entity => history (search bar hidden)
• #8520 Indicator valid_until field is not displayed in list view
• #8514 Different font styles in correlated reports list
• #8445 English grammar errors in the toggle labels for the "Update a group" panel
• #8433 [Dashboards] Can't modify dashboards settings even in admin (bypass all cap)
• #8316 Infinite load is broken in container add entity
• #8273 Right menu in security is not correctly highlighted when entering roles / users / groups
• #8249 Update Observable header has wrong color
• #8174 Multiple issues in markdown content files
• #8050 Group members are inconsistent and can lead to mistakes on managing RBAC
• #7634 Cannot search by hashes in knowledge graph
• #7043 User can merge entities without the full visibility of entities merged
• #6656 Autocomplete in filters return odd results

Pull Requests:

• Update docker.elastic.co/kibana/kibana Docker tag to v8.15.2 by @renovate in #8543
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.15.2 by @renovate in #8542
• [backend] store enum filters values in constants by @Archidoit in #8436
• Update dependency @types/ramda to v0.30.2 by @renovate in #8532
• Update dependency @types/node to v20.16.10 by @renovate in #8531
• Update dependency http-proxy-middleware to v3.0.2 by @renovate in #8526
• Update dependency jsdom to v24.1.3 by @renovate in #8527
• Update dependency vite to v5.4.8 by @renovate in #8540
• Update dependency express to v4.21.0 by @renovate in #8476
• [frontend] Allow middle-mouse button to click on DataTable (#8394) by @Kedae in #8464
• [frontend] remove valid_until column in indicators list (#8520) by @labo-flg in #8521
• [frontend] correlated reports policies size (#8514) by @Archidoit in #8555
• [frontend] Fix right menu in security not being correctly highlighted when entering roles, users, or groups. (#8273) by @CelineSebe in #8567
• Update dependency html-to-pdfmake to v2.5.13 by @renovate in #8525
• [frontend] Group members are inconsistent and can lead to mistakes on managing RBAC (#8050) by @SarahBocognano in #8098
• [frontend] Fix margin (#8568) by @Kedae in #8573
• [frontend] Change the "representation" key used in an investigation for an observable of type "File" (#7634) by @Gwendoline-FAVRE-FELIX in #8504
• [Backend] Add SAML option to get email from attribute (#8536) by @richard-julien in #8537
• [frontend] fixed header colors (#8249) by @stefan1anuby in #8277
• [frontend] Add pop up warning when activate organization segregation (#8284) by @marieflorescontact in #8586
• [frontend] English grammar errors in the toggle labels for the "Update a group" panel (#8445) by @SarahBocognano in #8595
• [backend/frontend] Dashboard selection fix + some widget alignment (#8433) by @Kedae in #8590
• [backend/frontend] Implementation of sensitive configuration protection (#8284) by @aHenryJard in #8509
• [frontend] Improve PDF handling in Content (#8174) by @Kedae in #8593
• [frontend] Trial for color in DangerZone (#8284) by @Kedae in #8603
• [Backend] Enhance retention policy deletion performances / speed (#4864) by @richard-julien in #8569
• [frontend] fix danger zone display in capabilities (#8284) by @labo-flg in #8609

Full Changelog: 6.3.4...6.3.5

Version 6.3.4

Bug Fixes:

• #7477 OpenCTI fails to detect successfully authenticated OpenID Connect SSO via ADFS
• #8512 [livestream] update and removal are not done anymore on destination
• #7925 OIDC logout remote not working
• #8451 [Export] Inconsistency in the number of exported entities
• #8515 [RSS feed] Author set in ingester not applied
• #8265 Worbench creation pop-up freezes if workbench of same name already exists
• #8440 Can't remove latitude and longitude of locations in UI

Pull Requests:

• Bump rollup from 4.21.3 to 4.22.4 in /opencti-platform/opencti-graphql by @dependabot in #8461
• Bump rollup from 4.21.0 to 4.22.4 in /opencti-platform/opencti-front by @dependabot in #8462
• [frontend] enable latitude and longitude removing from UI (#8440) by @Archidoit in #8450
• Left Nav Menu Changes by @Bonsai8863 in #8137
• [frontend] fixed workbench creation pop-up in case of error (#8265) by @stefan1anuby in #8285
• [frontend] Need to refresh the page to see the new attack patterns added in Techniques / Attack Patterns (#8516) by @Gwendoline-FAVRE-FELIX in #8517
• Update dependency react-intl to v6.7.0 by @renovate in #8503
• Update dependency pdfmake to v0.2.13 by @renovate in #8474
• Update aws-sdk-js-v3 monorepo to v3.658.1 by @renovate in #8475
• Update dependency nodemailer to v6.9.15 by @renovate in #8473
• Update dependency axios to v1.7.7 by @renovate in #8471
• Update dependency antlr4 to v4.13.2 by @renovate in #8470
• Update dependency @playwright/test to v1.47.2 by @renovate in #8355
• [backend] Add remote logout_remote value to openId options (#7766) by @aHenryJard in #8466
• [dev] Add a profile to run opensearch locally by @aHenryJard in #8397
• [backend] Fix the detection and usage of dedicated headers by @richard-julien in #8528
• [Backend] Add OpenID Connect SSO support for Microsoft ADFS to get user claims from the id_token by @animedbz16 in #7478

New Contributors:

• @animedbz16 made their first contribution in #7478

Full Changelog: 6.3.3...6.3.4