From ab0fee0cfa86789e26b8ccea532908272404fec9 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Fri, 10 Mar 2023 14:12:19 -0300 Subject: [PATCH 01/31] allow capitalize workpsaced --- faraday/server/api/modules/workspaces.py | 2 +- tests/test_api_workspace.py | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/faraday/server/api/modules/workspaces.py b/faraday/server/api/modules/workspaces.py index 5835d43fd65..34833ef1632 100644 --- a/faraday/server/api/modules/workspaces.py +++ b/faraday/server/api/modules/workspaces.py @@ -84,7 +84,7 @@ def validate_workspace_name(name): blacklist = ["filter"] if name in blacklist: raise ValidationError(f"Not possible to create workspace of name: {name}") - if not re.match(r"^[a-z0-9][a-z0-9_$()+-]{0,250}$", name): + if not re.match(r"^[A-z0-9][A-z0-9_$()+-]{0,250}$", name): raise ValidationError("The workspace name must validate with the regex " "^[a-z0-9][a-z0-9_$()+-]{0,250}$") diff --git a/tests/test_api_workspace.py b/tests/test_api_workspace.py index 5269fea90d4..34ba65dff72 100644 --- a/tests/test_api_workspace.py +++ b/tests/test_api_workspace.py @@ -539,12 +539,12 @@ def test_create_fails_with_valid_duration(self, session, test_client): assert res.json['duration']['start_date'] == start_date assert res.json['duration']['end_date'] == end_date - def test_create_fails_with_mayus(self, session, test_client): + def test_create_succeeds_with_mayus(self, session, test_client): workspace_count_previous = session.query(Workspace).count() raw_data = {'name': 'sWtr'} res = test_client.post(self.url(), data=raw_data) - assert res.status_code == 400 - assert workspace_count_previous == session.query(Workspace).count() + assert res.status_code == 201 + assert workspace_count_previous + 1 == session.query(Workspace).count() def test_create_fails_with_special_character(self, session, test_client): workspace_count_previous = session.query(Workspace).count() From 84b87bad51be4015cb5f4518ecf27540f1fd981a Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Fri, 10 Mar 2023 14:14:26 -0300 Subject: [PATCH 02/31] allow capitalize workpsaced --- CHANGELOG/current/7426.json | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 CHANGELOG/current/7426.json diff --git a/CHANGELOG/current/7426.json b/CHANGELOG/current/7426.json new file mode 100644 index 00000000000..5ace7840ad1 --- /dev/null +++ b/CHANGELOG/current/7426.json @@ -0,0 +1,4 @@ +{ + "level": "community", + "md": "[MOD] Allow workspace to start with capital letter. #7426" +} From 76aeed299c948d9c83fbca7589e936d87c811273 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Mon, 13 Mar 2023 16:20:35 -0300 Subject: [PATCH 03/31] add whitespaces --- faraday/server/api/modules/workspaces.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/faraday/server/api/modules/workspaces.py b/faraday/server/api/modules/workspaces.py index 34833ef1632..4988fe66be2 100644 --- a/faraday/server/api/modules/workspaces.py +++ b/faraday/server/api/modules/workspaces.py @@ -84,7 +84,7 @@ def validate_workspace_name(name): blacklist = ["filter"] if name in blacklist: raise ValidationError(f"Not possible to create workspace of name: {name}") - if not re.match(r"^[A-z0-9][A-z0-9_$()+-]{0,250}$", name): + if not re.match(r"^[A-z0-9][A-z0-9_$()\s+-]{0,250}$", name): raise ValidationError("The workspace name must validate with the regex " "^[a-z0-9][a-z0-9_$()+-]{0,250}$") From b53f1da80d10ae2fca91a442a1870831ef4aedd0 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Mon, 13 Mar 2023 17:17:05 -0300 Subject: [PATCH 04/31] espacio vacio en ws --- faraday/server/api/modules/workspaces.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/faraday/server/api/modules/workspaces.py b/faraday/server/api/modules/workspaces.py index 4988fe66be2..536193364ab 100644 --- a/faraday/server/api/modules/workspaces.py +++ b/faraday/server/api/modules/workspaces.py @@ -84,7 +84,7 @@ def validate_workspace_name(name): blacklist = ["filter"] if name in blacklist: raise ValidationError(f"Not possible to create workspace of name: {name}") - if not re.match(r"^[A-z0-9][A-z0-9_$()\s+-]{0,250}$", name): + if not re.match(r"^[A-z0-9\s][A-z0-9_$()\s+-]{0,250}$", name): raise ValidationError("The workspace name must validate with the regex " "^[a-z0-9][a-z0-9_$()+-]{0,250}$") From a33b5d9cc8a3f99c8117bc7cca1b4c0b3cbbcab1 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Mon, 20 Mar 2023 16:35:57 -0300 Subject: [PATCH 05/31] fix ci --- .gitlab/ci/fetch-secrets.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitlab/ci/fetch-secrets.yaml b/.gitlab/ci/fetch-secrets.yaml index e5d2c8cd673..e1112cae242 100644 --- a/.gitlab/ci/fetch-secrets.yaml +++ b/.gitlab/ci/fetch-secrets.yaml @@ -9,4 +9,3 @@ - if [ -z "$FARADAY_USER" ]; then export FARADAY_USER="$(vault kv get -field=FARADAY_USER secrets/gitlab/faraday)"; fi; if [ -z "$FARADAY_USER" ]; then exit 1; fi - if [ -z "$FARADAY_PASSWORD" ]; then export FARADAY_PASSWORD="$(vault kv get -field=FARADAY_PASSWORD secrets/gitlab/faraday)"; fi; if [ -z "$FARADAY_PASSWORD" ]; then exit 1; fi - echo $FARADAY_URL - From ab8d7236832446a32f384c5b8428312977de0d45 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Mon, 20 Mar 2023 16:37:09 -0300 Subject: [PATCH 06/31] rollback --- faraday/server/api/modules/workspaces.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/faraday/server/api/modules/workspaces.py b/faraday/server/api/modules/workspaces.py index 536193364ab..34833ef1632 100644 --- a/faraday/server/api/modules/workspaces.py +++ b/faraday/server/api/modules/workspaces.py @@ -84,7 +84,7 @@ def validate_workspace_name(name): blacklist = ["filter"] if name in blacklist: raise ValidationError(f"Not possible to create workspace of name: {name}") - if not re.match(r"^[A-z0-9\s][A-z0-9_$()\s+-]{0,250}$", name): + if not re.match(r"^[A-z0-9][A-z0-9_$()+-]{0,250}$", name): raise ValidationError("The workspace name must validate with the regex " "^[a-z0-9][a-z0-9_$()+-]{0,250}$") From ef43dd59aec85935c7703596720a91a268a4c0f6 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Tue, 28 Mar 2023 14:30:48 -0300 Subject: [PATCH 07/31] Add not_any operator. Also add tests. --- faraday/server/utils/filters.py | 2 +- faraday/server/utils/search.py | 1 + tests/test_api_vulnerability.py | 40 +++++++++++++++++++++++++++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) diff --git a/faraday/server/utils/filters.py b/faraday/server/utils/filters.py index 082ecb351dd..58f8ba2d78c 100644 --- a/faraday/server/utils/filters.py +++ b/faraday/server/utils/filters.py @@ -128,7 +128,7 @@ def _validate_filter_types(self, filter_): raise ValidationError('Relationship attribute to compare to must be a string') return [filter_] # has and any should be used with fields that has a relationship with other table - if filter_['op'].lower() in ['has', 'any']: + if filter_['op'].lower() in ['has', 'any', 'not_any']: return [filter_] else: raise ValidationError('Field does not support in operator') diff --git a/faraday/server/utils/search.py b/faraday/server/utils/search.py index e0252afe5ea..ecb3c473df6 100644 --- a/faraday/server/utils/search.py +++ b/faraday/server/utils/search.py @@ -155,6 +155,7 @@ def _sub_operator(model, argument, fieldname): # Operators which accept three arguments. 'has': lambda f, a, fn: f.has(_sub_operator(f, a, fn)), 'any': lambda f, a, fn: f.any(_sub_operator(f, a, fn)), + 'not_any': lambda f, a, fn: ~f.any(_sub_operator(f, a, fn)), } diff --git a/tests/test_api_vulnerability.py b/tests/test_api_vulnerability.py index 7096d28aa2f..9c16f3f1666 100644 --- a/tests/test_api_vulnerability.py +++ b/tests/test_api_vulnerability.py @@ -1616,6 +1616,46 @@ def test_create_vuln_with_cve(self, cve_list, host_with_hostnames, test_client, assert session.query(CVE).count() == cve_list['cve']['count'] assert vuln_count_previous + 1 == session.query(Vulnerability).count() + @pytest.mark.usefixtures("ignore_nplusone") + def test_filter_vulns_not_contains_cve(self, test_client, session, host, vulnerability_factory, + vulnerability_web_factory): + VulnerabilityGeneric.query.delete() + session.commit() + + cve1 = CVE(name="CVE-2014-0160") + session.add(cve1) + + cve2 = CVE(name="CVE-2014-0161") + session.add(cve2) + + session.commit() + + vuln = vulnerability_factory.create(name="first_cve", host=host, workspace=self.workspace) + vuln.cve = [cve1.name] + session.add(vuln) + + vuln = vulnerability_factory.create(name="with_both_cve", host=host, workspace=self.workspace) + vuln.cve = [cve1.name, cve2.name] + session.add(vuln) + + vuln_web = vulnerability_web_factory.create(name="second_cve", host=host, workspace=self.workspace) + vuln_web.cve = [cve2.name] + session.add(vuln_web) + + vuln_web = vulnerability_web_factory.create(name="with_no_cve", host=host, workspace=self.workspace) + session.add(vuln_web) + session.commit() + + data = { + 'q': '{"filters":[{"name":"cve_instances","op":"not_any","val":{"name":"name","op":"eq","val":"CVE-2014-0160"}}]}' + } + res = test_client.get(f'/v3/ws/{self.workspace.name}/vulns/filter', query_string=data) + + assert res.status_code == 200 + assert len(res.json['vulnerabilities']) == 2 + assert 'first_cve' not in res.json['vulnerabilities'][0]['value']['name'] + assert 'first_cve' not in res.json['vulnerabilities'][1]['value']['name'] + # TODO: Esta repetido este test? def test_patch_vuln_with_cve_list(self, host_with_hostnames, test_client, session): session.commit() # flush host_with_hostnames From 3710ead8a88fb4df306d7feec8443260d7ca839c Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Tue, 28 Mar 2023 14:34:13 -0300 Subject: [PATCH 08/31] Add changelog --- CHANGELOG/current/7394.json | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 CHANGELOG/current/7394.json diff --git a/CHANGELOG/current/7394.json b/CHANGELOG/current/7394.json new file mode 100644 index 00000000000..039d36bb2af --- /dev/null +++ b/CHANGELOG/current/7394.json @@ -0,0 +1,4 @@ +{ + "level": "community", + "md": "[FIX] Add `not_any` filter operator which will retrieve results that not contains the value requested. #7494" +} From 0624626d35639cdcc46f59afd656cbc807a10812 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Tue, 28 Mar 2023 14:42:28 -0300 Subject: [PATCH 09/31] Fix changelog --- CHANGELOG/current/7394.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG/current/7394.json b/CHANGELOG/current/7394.json index 039d36bb2af..3dbb75376d7 100644 --- a/CHANGELOG/current/7394.json +++ b/CHANGELOG/current/7394.json @@ -1,4 +1,4 @@ { "level": "community", - "md": "[FIX] Add `not_any` filter operator which will retrieve results that not contains the value requested. #7494" + "md": "[FIX] Add `not_any` filter operator which will retrieve results that not contains the value requested. #7394" } From 92bc3ca2bd3070f3463d3514d411b85fb03e8b57 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Thu, 30 Mar 2023 19:39:23 -0300 Subject: [PATCH 10/31] improve commands --- CHANGELOG/current/7447.json | 4 +++ ...5efa88414_add_warnings_to_command_model.py | 28 ++++++++++++++++ .../b7fd0a314a4b_add_warnings_to_commands.py | 32 +++++++++++++++++++ faraday/server/models.py | 1 + 4 files changed, 65 insertions(+) create mode 100644 CHANGELOG/current/7447.json create mode 100644 faraday/migrations/versions/1145efa88414_add_warnings_to_command_model.py create mode 100644 faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py diff --git a/CHANGELOG/current/7447.json b/CHANGELOG/current/7447.json new file mode 100644 index 00000000000..2c5bb4f6613 --- /dev/null +++ b/CHANGELOG/current/7447.json @@ -0,0 +1,4 @@ +{ + "level": "prof", + "md": "[ADD] Add global assets endpoint and when the maximum number of hosts is exceeded, the command will have a warning. #7447" +} diff --git a/faraday/migrations/versions/1145efa88414_add_warnings_to_command_model.py b/faraday/migrations/versions/1145efa88414_add_warnings_to_command_model.py new file mode 100644 index 00000000000..c21e8cfbaba --- /dev/null +++ b/faraday/migrations/versions/1145efa88414_add_warnings_to_command_model.py @@ -0,0 +1,28 @@ +"""Add warnings to command model + +Revision ID: 1145efa88414 +Revises: b5065f401599 +Create Date: 2023-03-30 19:49:28.651868+00:00 + +""" +from alembic import op +import sqlalchemy as sa + + +# revision identifiers, used by Alembic. +revision = '1145efa88414' +down_revision = 'b5065f401599' +branch_labels = None +depends_on = None + + +def upgrade(): + # ### commands auto generated by Alembic - please adjust! ### + op.add_column('command', sa.Column('warnings', sa.String(length=250), nullable=True)) + # ### end Alembic commands ### + + +def downgrade(): + # ### commands auto generated by Alembic - please adjust! ### + op.drop_column('command', 'warnings') + # ### end Alembic commands ### diff --git a/faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py b/faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py new file mode 100644 index 00000000000..a96e576782f --- /dev/null +++ b/faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py @@ -0,0 +1,32 @@ +"""add warnings to commands + +Revision ID: b7fd0a314a4b +Revises: 1145efa88414 +Create Date: 2023-03-30 22:24:55.022733+00:00 + +""" +from alembic import op +import sqlalchemy as sa + + +# revision identifiers, used by Alembic. +revision = 'b7fd0a314a4b' +down_revision = '1145efa88414' +branch_labels = None +depends_on = None + + +def upgrade(): + # ### commands auto generated by Alembic - please adjust! ### + op.alter_column('command', 'warnings', + existing_type=sa.VARCHAR(length=250), + nullable=True) + # ### end Alembic commands ### + + +def downgrade(): + # ### commands auto generated by Alembic - please adjust! ### + op.alter_column('command', 'warnings', + existing_type=sa.VARCHAR(length=250), + nullable=False) + # ### end Alembic commands ### diff --git a/faraday/server/models.py b/faraday/server/models.py index fe70eb3b5e5..113e2cfce20 100644 --- a/faraday/server/models.py +++ b/faraday/server/models.py @@ -1090,6 +1090,7 @@ class Command(Metadata): foreign_keys=[workspace_id], backref=backref('commands', cascade="all, delete-orphan") ) + warnings = Column(String(250)) sum_created_vulnerabilities = _make_created_objects_sum('vulnerability') sum_created_vulnerabilities_web = _make_created_objects_sum_joined('vulnerability', From ca2463c810a2d416be60beefa18c0588d9fed3d1 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 29 Mar 2023 16:17:02 -0300 Subject: [PATCH 11/31] Add field type check in order by --- faraday/server/utils/search.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/faraday/server/utils/search.py b/faraday/server/utils/search.py index ed0bf3a07b7..6fa6f574e78 100644 --- a/faraday/server/utils/search.py +++ b/faraday/server/utils/search.py @@ -632,12 +632,12 @@ def create_query(session, model, search_params, _ignore_order_by=False): field = getattr(model, val.field) direction = getattr(field, val.direction) if val.direction == 'desc': - if isinstance(field.expression, AnnotatedLabel): + if isinstance(field.expression, AnnotatedLabel) and not field._is_internal_proxy: query = query.order_by(nullslast(desc(text(val.field)))) else: query = query.order_by(nullsfirst(direction())) else: - if isinstance(field.expression, AnnotatedLabel): + if isinstance(field.expression, AnnotatedLabel) and not field._is_internal_proxy: query = query.order_by(nullslast(asc(text(val.field)))) else: query = query.order_by(nullsfirst(direction())) From 53eb426b8f5d4e53fcb4a8999375be7fb025ac43 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Thu, 30 Mar 2023 15:31:30 -0300 Subject: [PATCH 12/31] Add test --- faraday/server/models.py | 2 +- tests/test_api_hosts.py | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/faraday/server/models.py b/faraday/server/models.py index d2d946f7a81..fe70eb3b5e5 100644 --- a/faraday/server/models.py +++ b/faraday/server/models.py @@ -335,7 +335,7 @@ def _make_vuln_generic_count_by_severity(severity): vulnerability_generic_count = column_property( vuln_count + vuln_web_count, deferred=True - ) + ).expression.label(f'vulnerability_{severity}_generic_count') return vulnerability_generic_count diff --git a/tests/test_api_hosts.py b/tests/test_api_hosts.py index 608b015e950..d7a16f01c1f 100644 --- a/tests/test_api_hosts.py +++ b/tests/test_api_hosts.py @@ -299,7 +299,16 @@ def test_filter_restless_by_os_exact(self, test_client, session, workspace, host_factory.create_batch(5, workspace=second_workspace, os='Unix') session.commit() - res = test_client.get(join(self.url(), 'filter?q={"filters":[{"name": "os", "op":"eq", "val":"Unix"}]}')) + res = test_client.get(join(self.url(), 'filter?q={' + '"filters":[{"name": "os", "op":"eq", "val":"Unix"}], ' + '"order_by": [' + '{' + '"field": "vulnerability_critical_generic_count", ' + '"direction": "desc"' + '}' + '] ' + '}')) + assert res.status_code == 200 self.compare_results(hosts, res) From ebd0d4682a62402e97f6acc620570ea0293c2ebd Mon Sep 17 00:00:00 2001 From: Ivan Deleonibus Date: Thu, 30 Mar 2023 16:00:57 -0300 Subject: [PATCH 13/31] [FIX] fixing sqlite issue --- .gitlab/ci/testing/.nix-testing-gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitlab/ci/testing/.nix-testing-gitlab-ci.yml b/.gitlab/ci/testing/.nix-testing-gitlab-ci.yml index 4bb2e306a8b..4045c6eb862 100644 --- a/.gitlab/ci/testing/.nix-testing-gitlab-ci.yml +++ b/.gitlab/ci/testing/.nix-testing-gitlab-ci.yml @@ -70,6 +70,8 @@ pylint: stage: test coverage: '/TOTAL\s+\d+\s+\d+\s+(\d+%)/' script: + - apk update + - apk add git bash - nix-env -if pynixify/nixpkgs.nix -A vault - !reference [ .get_secrets, script ] - nix-env -if pynixify/nixpkgs.nix -A cachix From 6bca61f51e0616dc55015b3476affd9c99641c6e Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 12 Apr 2023 09:15:58 -0300 Subject: [PATCH 14/31] Add service_id and host_id modification update --- faraday/server/api/modules/vulns.py | 32 +++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index bff21f7cfc2..fad0577c312 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -252,6 +252,10 @@ class VulnerabilitySchema(AutoSchema): '_id', 'ports', 'status', 'protocol', 'name', 'version', 'summary' ]), dump_only=True) host = fields.Integer(dump_only=True, attribute='host_id') + # + host_id = fields.Integer(attribute='host_id') + service_id = fields.Integer(attribute='service_id') + # severity = SeverityField(required=True) status = fields.Method( serialize='get_status', @@ -284,7 +288,7 @@ class Meta: 'target', 'host_os', 'resolution', 'metadata', 'custom_fields', 'external_id', 'tool', 'cvss2', 'cvss3', 'cwe', 'cve', 'owasp', 'refs', 'reference_instances', 'command_id', - 'risk' + 'risk', 'host_id', 'service_id' ) @staticmethod @@ -450,7 +454,7 @@ class Meta: 'target', 'host_os', 'resolution', 'method', 'metadata', 'status_code', 'custom_fields', 'external_id', 'tool', 'cve', 'cwe', 'owasp', 'cvss2', 'cvss3', 'refs', 'reference_instances', 'command_id', - 'risk' + 'risk', 'host_id', 'service_id' ) @@ -700,6 +704,30 @@ def _update_object(self, obj, data, **kwargs): data.pop('type', '') # It's forbidden to change vuln type! data.pop('tool', '') + # host + if 'host_id' in data: + new_host_id = data.pop("host_id") + if new_host_id: + if obj.type == 'vulnerability_web': + flask.abort(400, "Vulnerability web can't have a host assigned") + host = Host.query.filter(Host.workspace_id == obj.workspace_id, Host.id == new_host_id).first() + if not host: + # TODO: que deberia retornar? Para evitar enumeracion. + flask.abort(400, "The host that you are trying to assign was not found") + obj.host_id = host.id + obj.service_id = None + + # service + if 'service_id' in data: + new_service_id = data.pop("service_id") + if new_service_id: + service = Service.query.filter(Service.workspace_id == obj.workspace_id, + Service.id == new_service_id).first() + if not service: + flask.abort(400, "The service that you are trying to assign was not found") + obj.service_id = service.id + obj.host_id = None + cwe_list = data.pop('cwe', None) if cwe_list: # We need to instantiate cwe objects before updating From df1368bb40fd35e2864c608903971a5f8d47c273 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 12 Apr 2023 09:51:53 -0300 Subject: [PATCH 15/31] Add joined load for cwe in filter endpoint because of n+1 --- faraday/server/api/modules/vulns.py | 1 + 1 file changed, 1 insertion(+) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index fad0577c312..d5898c46f54 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -1056,6 +1056,7 @@ def _generate_filter_query(vulnerability_class, filters, hostname_filters, works joinedload(Vulnerability.host), joinedload(Vulnerability.service), joinedload(VulnerabilityWeb.service), + joinedload(VulnerabilityGeneric.cwe), ) return vulns From 7a722f8f37437b28c6d5fef1156f690397cc24ae Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Fri, 14 Apr 2023 13:44:20 -0300 Subject: [PATCH 16/31] Add optional enviroment variables to get_manifest endpoint --- faraday/server/api/modules/agent.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/faraday/server/api/modules/agent.py b/faraday/server/api/modules/agent.py index a4c16e50f76..81b82c3ec8e 100644 --- a/faraday/server/api/modules/agent.py +++ b/faraday/server/api/modules/agent.py @@ -282,7 +282,18 @@ def manifests_get(self): description: Ok """ try: - return flask.jsonify(get_manifests(request.args.get("agent_version"))) + manifest = get_manifests(request.args.get("agent_version")) + manifest["burp"]["optional_environment_variables"] = [ + manifest["burp"]["environment_variables"].pop( + manifest["burp"]["environment_variables"].index("BURP_API_PULL_INTERVAL") + ) + ] + manifest["tenableio"]["optional_environment_variables"] = [ + manifest["tenableio"]["environment_variables"].pop( + manifest["tenableio"]["environment_variables"].index("TENABLE_PULL_INTERVAL") + ) + ] + return flask.jsonify(manifest) except ValueError as e: flask.abort(400, e) From 9201fac78e845c542f7ed0c780017894d1270e5b Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Fri, 14 Apr 2023 13:47:50 -0300 Subject: [PATCH 17/31] Add changelog --- CHANGELOG/current/7481.json | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 CHANGELOG/current/7481.json diff --git a/CHANGELOG/current/7481.json b/CHANGELOG/current/7481.json new file mode 100644 index 00000000000..547a756b530 --- /dev/null +++ b/CHANGELOG/current/7481.json @@ -0,0 +1,4 @@ +{ + "level": "community", + "md": "[MOD] Now /get_manifest separate the optional environment variables from the rest" +} From 2259dd62628eb0ec4168b01046bdb1270c9101ce Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Fri, 14 Apr 2023 13:51:51 -0300 Subject: [PATCH 18/31] fix changelog --- CHANGELOG/current/7481.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG/current/7481.json b/CHANGELOG/current/7481.json index 547a756b530..574c2c62a3a 100644 --- a/CHANGELOG/current/7481.json +++ b/CHANGELOG/current/7481.json @@ -1,4 +1,4 @@ { "level": "community", - "md": "[MOD] Now /get_manifest separate the optional environment variables from the rest" + "md": "[MOD] Now /get_manifest separate the optional environment variables from the rest. #7481" } From 0e7f71f3de5c814ca3b2f164eb7cb73801ab3b7e Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Tue, 18 Apr 2023 12:36:31 -0300 Subject: [PATCH 19/31] remove useless migration --- .../b7fd0a314a4b_add_warnings_to_commands.py | 32 ------------------- faraday/server/models.py | 2 +- 2 files changed, 1 insertion(+), 33 deletions(-) delete mode 100644 faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py diff --git a/faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py b/faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py deleted file mode 100644 index a96e576782f..00000000000 --- a/faraday/migrations/versions/b7fd0a314a4b_add_warnings_to_commands.py +++ /dev/null @@ -1,32 +0,0 @@ -"""add warnings to commands - -Revision ID: b7fd0a314a4b -Revises: 1145efa88414 -Create Date: 2023-03-30 22:24:55.022733+00:00 - -""" -from alembic import op -import sqlalchemy as sa - - -# revision identifiers, used by Alembic. -revision = 'b7fd0a314a4b' -down_revision = '1145efa88414' -branch_labels = None -depends_on = None - - -def upgrade(): - # ### commands auto generated by Alembic - please adjust! ### - op.alter_column('command', 'warnings', - existing_type=sa.VARCHAR(length=250), - nullable=True) - # ### end Alembic commands ### - - -def downgrade(): - # ### commands auto generated by Alembic - please adjust! ### - op.alter_column('command', 'warnings', - existing_type=sa.VARCHAR(length=250), - nullable=False) - # ### end Alembic commands ### diff --git a/faraday/server/models.py b/faraday/server/models.py index cc2b4a1bef6..c458fe0458e 100644 --- a/faraday/server/models.py +++ b/faraday/server/models.py @@ -1090,7 +1090,7 @@ class Command(Metadata): foreign_keys=[workspace_id], backref=backref('commands', cascade="all, delete-orphan") ) - warnings = Column(String(250)) + warnings = Column(String(250), nullable=True) sum_created_vulnerabilities = _make_created_objects_sum('vulnerability') sum_created_vulnerabilities_web = _make_created_objects_sum_joined('vulnerability', From 41feb46660ad5d2bdbe17ae11d3c9acc280f443d Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 19 Apr 2023 15:05:24 -0300 Subject: [PATCH 20/31] Add tests --- tests/factories.py | 2 +- tests/test_api_vulnerability.py | 101 ++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 1 deletion(-) diff --git a/tests/factories.py b/tests/factories.py index e196939ba30..3c680805bd8 100644 --- a/tests/factories.py +++ b/tests/factories.py @@ -262,7 +262,7 @@ class VulnerabilityGenericFactory(WorkspaceObjectFactory): class HasParentHostOrService(WorkspaceObjectFactory): """ Mixins for objects that must have either a host or a service, - but ont both, as a parent. + but not both, as a parent. By default it randomly select one of them and set the other to None, but this behavior can be modified as with other factory diff --git a/tests/test_api_vulnerability.py b/tests/test_api_vulnerability.py index 7096d28aa2f..15569b0e9f3 100644 --- a/tests/test_api_vulnerability.py +++ b/tests/test_api_vulnerability.py @@ -2092,6 +2092,107 @@ def test_create_vuln_with_invalid_severity(self, assert vuln_count_previous == session.query(Vulnerability).count() assert b'Invalid severity type.' in res.data + def test_modify_assigned_host(self, test_client, session, workspace): + host = HostFactory.create(ip='127.0.0.1', workspace=workspace) + session.add(host) + session.commit() + vulnerability = VulnerabilityFactory.create( + name='test', + host=host, + service=None, + workspace=workspace, + severity='low' + ) + session.add(vulnerability) + session.commit() + + assert vulnerability.host_id == host.id + + new_host = HostFactory(ip="192.168.10.1", workspace=workspace) + session.add(new_host) + session.commit() + + data = { + "host_id": new_host.id + } + res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) + assert res.status_code == 200 + assert res.json['host_id'] == new_host.id + + def test_modify_assigned_host_to_web_vuln_must_fail(self, test_client, session, workspace): + service = ServiceFactory.create(name="ssh", workspace=workspace) + session.add(service) + session.commit() + vulnerability = VulnerabilityWebFactory.create( + name='test', + host=None, + service=service, + workspace=workspace, + severity='low' + ) + session.add(vulnerability) + session.commit() + + assert vulnerability.service_id == service.id + + new_host = HostFactory(ip="192.168.10.1", workspace=workspace) + session.add(new_host) + session.commit() + + data = { + "host_id": new_host.id + } + res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) + assert res.status_code == 400 + assert vulnerability.service_id == service.id + + def test_modify_assigned_service_to_vulnerability(self, test_client, session, workspace): + host = HostFactory.create(ip='127.0.0.1', workspace=workspace) + session.add(host) + session.commit() + + vulnerability = VulnerabilityFactory.create( + name='test', + host=host, + service=None, + workspace=workspace, + severity='low' + ) + session.add(vulnerability) + session.commit() + assert vulnerability.host_id == host.id + + service = ServiceFactory.create(name="ssh2", workspace=workspace) + session.add(service) + session.commit() + web_vulnerability = VulnerabilityWebFactory.create( + name='test', + host=None, + service=service, + workspace=workspace, + severity='low' + ) + session.add(web_vulnerability) + session.commit() + assert web_vulnerability.service_id == service.id + + new_service = ServiceFactory.create(name="ssh1", workspace=workspace) + session.add(new_service) + session.commit() + + data = { + "service_id": new_service.id + } + res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) + assert res.status_code == 200 + assert res.json['service_id'] == new_service.id + assert res.json['host_id'] is None + + res = test_client.patch(f'{self.url(workspace=workspace)}/{web_vulnerability.id}', data=data) + assert res.status_code == 200 + assert res.json['service_id'] == new_service.id + assert res.json['host_id'] is None + def test_create_vuln_with_invalid_ease_of_resolution(self, host_with_hostnames, test_client, From 00eda8d3b677a919e14383c208b4ee95c7632705 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 19 Apr 2023 15:08:37 -0300 Subject: [PATCH 21/31] Add Changelog --- CHANGELOG/current/7476.json | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 CHANGELOG/current/7476.json diff --git a/CHANGELOG/current/7476.json b/CHANGELOG/current/7476.json new file mode 100644 index 00000000000..ec512857a22 --- /dev/null +++ b/CHANGELOG/current/7476.json @@ -0,0 +1,4 @@ +{ + "level": "community", + "md": "[ADD] Now it's possible to modify the host or service assigned of a vulnerability. #7476" +} From 850150711f76fa3d6d5550e9fc0d62b69dc59c93 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 19 Apr 2023 16:30:54 -0300 Subject: [PATCH 22/31] Add host_id and service_id patch one at a time. --- faraday/server/api/modules/vulns.py | 14 ++++++++++++- tests/test_api_vulnerability.py | 32 +++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index d5898c46f54..b0a87fc67ff 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -18,7 +18,7 @@ from flask import Blueprint, make_response from flask_classful import route from filteralchemy import Filter, FilterSet, operators -from marshmallow import Schema, fields, post_load, ValidationError, post_dump +from marshmallow import Schema, fields, post_load, ValidationError, post_dump, pre_load from marshmallow.validate import OneOf from sqlalchemy import desc, or_, func from sqlalchemy.inspection import inspect @@ -409,6 +409,18 @@ def post_load_parent(self, data, **kwargs): # service to host or viceverse return data + @pre_load + def host_and_service(self, data, **kwargs): + """ + Only one of host_id or service_id can be modified (at the same time) in patch. + """ + partial = kwargs.get("partial", False) + if partial and\ + 'host_id' in data and \ + 'service_id' in data: + raise ValidationError("Host and service can't be modified simultaneously") + return data + @post_load def post_load_cvss2(self, data, **kwargs): return self._get_vector_string(data, 'cvss2') diff --git a/tests/test_api_vulnerability.py b/tests/test_api_vulnerability.py index 15569b0e9f3..ee0004fcc34 100644 --- a/tests/test_api_vulnerability.py +++ b/tests/test_api_vulnerability.py @@ -2119,6 +2119,38 @@ def test_modify_assigned_host(self, test_client, session, workspace): assert res.status_code == 200 assert res.json['host_id'] == new_host.id + def test_modify_assigned_host_and_service_at_same_time_fails(self, test_client, session, workspace): + host = HostFactory.create(ip='127.0.0.1', workspace=workspace) + session.add(host) + session.commit() + + service = ServiceFactory.create(name="ssh", workspace=workspace) + session.add(service) + session.commit() + + vulnerability = VulnerabilityFactory.create( + name='test', + host=host, + service=None, + workspace=workspace, + severity='low' + ) + session.add(vulnerability) + session.commit() + + assert vulnerability.host_id == host.id + + new_host = HostFactory(ip="192.168.10.1", workspace=workspace) + session.add(new_host) + session.commit() + + data = { + "host_id": new_host.id, + "service_id": service.id, + } + res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) + assert res.status_code == 400 + def test_modify_assigned_host_to_web_vuln_must_fail(self, test_client, session, workspace): service = ServiceFactory.create(name="ssh", workspace=workspace) session.add(service) From 166e065b57e7bd800991f304862256d29a531acd Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Wed, 19 Apr 2023 17:32:02 -0300 Subject: [PATCH 23/31] Add host_id and service_id validation in vuln update --- faraday/server/api/modules/vulns.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index b0a87fc67ff..590e1dec974 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -253,8 +253,8 @@ class VulnerabilitySchema(AutoSchema): ]), dump_only=True) host = fields.Integer(dump_only=True, attribute='host_id') # - host_id = fields.Integer(attribute='host_id') - service_id = fields.Integer(attribute='service_id') + host_id = fields.Integer(attribute='host_id', allow_none=True) + service_id = fields.Integer(attribute='service_id', allow_none=True) # severity = SeverityField(required=True) status = fields.Method( @@ -419,6 +419,10 @@ def host_and_service(self, data, **kwargs): 'host_id' in data and \ 'service_id' in data: raise ValidationError("Host and service can't be modified simultaneously") + else: + if 'host_id' in data and 'service_id' in data: + if data['host_id'] is None and data['service_id'] is None: + raise ValidationError("Host and service cant't be null") return data @post_load From d3d83f60cb1daeb9afcf718492cac8ad227c375f Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Thu, 20 Apr 2023 11:24:56 -0300 Subject: [PATCH 24/31] Modify parent modification --- faraday/server/api/modules/vulns.py | 82 +++++++++++++++++------------ tests/test_api_vulnerability.py | 38 +++++++------ 2 files changed, 72 insertions(+), 48 deletions(-) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index 590e1dec974..d5c83772cee 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -253,8 +253,8 @@ class VulnerabilitySchema(AutoSchema): ]), dump_only=True) host = fields.Integer(dump_only=True, attribute='host_id') # - host_id = fields.Integer(attribute='host_id', allow_none=True) - service_id = fields.Integer(attribute='service_id', allow_none=True) + # host_id = fields.Integer(attribute='host_id', allow_none=True) + # service_id = fields.Integer(attribute='service_id', allow_none=True) # severity = SeverityField(required=True) status = fields.Method( @@ -288,7 +288,8 @@ class Meta: 'target', 'host_os', 'resolution', 'metadata', 'custom_fields', 'external_id', 'tool', 'cvss2', 'cvss3', 'cwe', 'cve', 'owasp', 'refs', 'reference_instances', 'command_id', - 'risk', 'host_id', 'service_id' + # 'risk', 'host_id', 'service_id' + 'risk' ) @staticmethod @@ -357,7 +358,6 @@ def load_parent(value): # sometimes api requests send str or unicode. value = int(value) except ValueError: - raise ValidationError("Invalid parent type") return value @@ -383,20 +383,35 @@ def post_load_parent(self, data, **kwargs): parent_field = None parent_type = data.pop('parent_type', None) parent_id = data.pop('parent', None) - if not (parent_type and parent_id): - # Probably a partial load, since they are required - return data + # if not (parent_type and parent_id): + # # Probably a partial load, since they are required + # return data + if kwargs.get('partial', False): + if not parent_type and not parent_id: + return data + if parent_id and parent_type is None: + raise ValidationError('Trying to modify parent with no parent_type') + if parent_type and parent_id is None: + raise ValidationError('Trying to modify parent_type but parent not sent') if parent_type == 'Host': parent_class = Host parent_field = 'host_id' + data['service_id'] = None if parent_type == 'Service': parent_class = Service parent_field = 'service_id' + data['host_id'] = None if not parent_class: raise ValidationError('Unknown parent type') - if parent_type == 'Host' and data['type'] == 'vulnerability_web': - raise ValidationError('Trying to set a host for a vulnerability web') - + if parent_type == 'Host': + if 'type' in data: + if data['type'] == 'vulnerability_web': + raise ValidationError('Trying to set a host for a vulnerability web') + elif kwargs.get("partial", False): + vulnerability = self.context.get("object", None) + if vulnerability: + if vulnerability.type == 'vulnerability_web': + raise ValidationError('Trying to set a host for a vulnerability web') try: parent = db.session.query(parent_class).join(Workspace).filter( Workspace.name == self.context['workspace_name'], @@ -470,7 +485,8 @@ class Meta: 'target', 'host_os', 'resolution', 'method', 'metadata', 'status_code', 'custom_fields', 'external_id', 'tool', 'cve', 'cwe', 'owasp', 'cvss2', 'cvss3', 'refs', 'reference_instances', 'command_id', - 'risk', 'host_id', 'service_id' + # 'risk', 'host_id', 'service_id' + 'risk' ) @@ -721,28 +737,28 @@ def _update_object(self, obj, data, **kwargs): data.pop('tool', '') # host - if 'host_id' in data: - new_host_id = data.pop("host_id") - if new_host_id: - if obj.type == 'vulnerability_web': - flask.abort(400, "Vulnerability web can't have a host assigned") - host = Host.query.filter(Host.workspace_id == obj.workspace_id, Host.id == new_host_id).first() - if not host: - # TODO: que deberia retornar? Para evitar enumeracion. - flask.abort(400, "The host that you are trying to assign was not found") - obj.host_id = host.id - obj.service_id = None - - # service - if 'service_id' in data: - new_service_id = data.pop("service_id") - if new_service_id: - service = Service.query.filter(Service.workspace_id == obj.workspace_id, - Service.id == new_service_id).first() - if not service: - flask.abort(400, "The service that you are trying to assign was not found") - obj.service_id = service.id - obj.host_id = None + # if 'host_id' in data: + # new_host_id = data.pop("host_id") + # if new_host_id: + # if obj.type == 'vulnerability_web': + # flask.abort(400, "Vulnerability web can't have a host assigned") + # host = Host.query.filter(Host.workspace_id == obj.workspace_id, Host.id == new_host_id).first() + # if not host: + # # TODO: que deberia retornar? Para evitar enumeracion. + # flask.abort(400, "The host that you are trying to assign was not found") + # obj.host_id = host.id + # obj.service_id = None + # + # # service + # if 'service_id' in data: + # new_service_id = data.pop("service_id") + # if new_service_id: + # service = Service.query.filter(Service.workspace_id == obj.workspace_id, + # Service.id == new_service_id).first() + # if not service: + # flask.abort(400, "The service that you are trying to assign was not found") + # obj.service_id = service.id + # obj.host_id = None cwe_list = data.pop('cwe', None) if cwe_list: diff --git a/tests/test_api_vulnerability.py b/tests/test_api_vulnerability.py index a31b5902253..df9e38aed69 100644 --- a/tests/test_api_vulnerability.py +++ b/tests/test_api_vulnerability.py @@ -2132,7 +2132,7 @@ def test_create_vuln_with_invalid_severity(self, assert vuln_count_previous == session.query(Vulnerability).count() assert b'Invalid severity type.' in res.data - def test_modify_assigned_host(self, test_client, session, workspace): + def test_modify_parent(self, test_client, session, workspace): host = HostFactory.create(ip='127.0.0.1', workspace=workspace) session.add(host) session.commit() @@ -2153,13 +2153,14 @@ def test_modify_assigned_host(self, test_client, session, workspace): session.commit() data = { - "host_id": new_host.id + "parent": new_host.id, + "parent_type": "Host" } res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) assert res.status_code == 200 - assert res.json['host_id'] == new_host.id + assert res.json['parent'] == new_host.id - def test_modify_assigned_host_and_service_at_same_time_fails(self, test_client, session, workspace): + def test_modify_parent_with_no_parent_type_or_parent(self, test_client, session, workspace): host = HostFactory.create(ip='127.0.0.1', workspace=workspace) session.add(host) session.commit() @@ -2185,13 +2186,18 @@ def test_modify_assigned_host_and_service_at_same_time_fails(self, test_client, session.commit() data = { - "host_id": new_host.id, - "service_id": service.id, + "parent": new_host.id, } res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) assert res.status_code == 400 - def test_modify_assigned_host_to_web_vuln_must_fail(self, test_client, session, workspace): + data = { + "parent_type": "Service", + } + res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) + assert res.status_code == 400 + + def test_modify_web_vuln_parent_with_host_parent_type(self, test_client, session, workspace): service = ServiceFactory.create(name="ssh", workspace=workspace) session.add(service) session.commit() @@ -2212,13 +2218,14 @@ def test_modify_assigned_host_to_web_vuln_must_fail(self, test_client, session, session.commit() data = { - "host_id": new_host.id + "parent": new_host.id, + "parent_type": "Host" } res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) assert res.status_code == 400 - assert vulnerability.service_id == service.id + assert vulnerability.parent.id == service.id - def test_modify_assigned_service_to_vulnerability(self, test_client, session, workspace): + def test_modify_vulnerability_parent_from_host_parent_to_service_parent(self, test_client, session, workspace): host = HostFactory.create(ip='127.0.0.1', workspace=workspace) session.add(host) session.commit() @@ -2253,17 +2260,18 @@ def test_modify_assigned_service_to_vulnerability(self, test_client, session, wo session.commit() data = { - "service_id": new_service.id + "parent": new_service.id, + "parent_type": "Service" } res = test_client.patch(f'{self.url(workspace=workspace)}/{vulnerability.id}', data=data) assert res.status_code == 200 - assert res.json['service_id'] == new_service.id - assert res.json['host_id'] is None + assert res.json['parent'] == new_service.id + assert res.json['parent_type'] == "Service" res = test_client.patch(f'{self.url(workspace=workspace)}/{web_vulnerability.id}', data=data) assert res.status_code == 200 - assert res.json['service_id'] == new_service.id - assert res.json['host_id'] is None + assert res.json['parent'] == new_service.id + assert res.json['parent_type'] == "Service" def test_create_vuln_with_invalid_ease_of_resolution(self, host_with_hostnames, From 38efc3f6ebbbe97d9595b77edad9c8392d478e2f Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Thu, 20 Apr 2023 11:58:27 -0300 Subject: [PATCH 25/31] Modify test --- tests/test_api_vulnerability.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/test_api_vulnerability.py b/tests/test_api_vulnerability.py index df9e38aed69..d8f480bc32a 100644 --- a/tests/test_api_vulnerability.py +++ b/tests/test_api_vulnerability.py @@ -3462,9 +3462,8 @@ def test_add_vuln_without_parent_id(self, test_client): refs=[], policyviolations=[], ) - with pytest.raises(Exception) as err: - res = test_client.post(self.url(), data=raw_data) - assert err.typename in ['AssertionError', 'ValueError'] + res = test_client.post(self.url(), data=raw_data) + assert res.status_code == 400 def test_add_vuln_with_unknown_parent_type(self, test_client, session, host_with_hostnames): session.commit() From 3961dd1982c226b037438027009a05b17695387b Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Thu, 20 Apr 2023 12:00:26 -0300 Subject: [PATCH 26/31] Remove comments --- faraday/server/api/modules/vulns.py | 51 +---------------------------- 1 file changed, 1 insertion(+), 50 deletions(-) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index d5c83772cee..a81047b337f 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -18,7 +18,7 @@ from flask import Blueprint, make_response from flask_classful import route from filteralchemy import Filter, FilterSet, operators -from marshmallow import Schema, fields, post_load, ValidationError, post_dump, pre_load +from marshmallow import Schema, fields, post_load, ValidationError, post_dump from marshmallow.validate import OneOf from sqlalchemy import desc, or_, func from sqlalchemy.inspection import inspect @@ -252,10 +252,6 @@ class VulnerabilitySchema(AutoSchema): '_id', 'ports', 'status', 'protocol', 'name', 'version', 'summary' ]), dump_only=True) host = fields.Integer(dump_only=True, attribute='host_id') - # - # host_id = fields.Integer(attribute='host_id', allow_none=True) - # service_id = fields.Integer(attribute='service_id', allow_none=True) - # severity = SeverityField(required=True) status = fields.Method( serialize='get_status', @@ -288,7 +284,6 @@ class Meta: 'target', 'host_os', 'resolution', 'metadata', 'custom_fields', 'external_id', 'tool', 'cvss2', 'cvss3', 'cwe', 'cve', 'owasp', 'refs', 'reference_instances', 'command_id', - # 'risk', 'host_id', 'service_id' 'risk' ) @@ -383,9 +378,6 @@ def post_load_parent(self, data, **kwargs): parent_field = None parent_type = data.pop('parent_type', None) parent_id = data.pop('parent', None) - # if not (parent_type and parent_id): - # # Probably a partial load, since they are required - # return data if kwargs.get('partial', False): if not parent_type and not parent_id: return data @@ -424,22 +416,6 @@ def post_load_parent(self, data, **kwargs): # service to host or viceverse return data - @pre_load - def host_and_service(self, data, **kwargs): - """ - Only one of host_id or service_id can be modified (at the same time) in patch. - """ - partial = kwargs.get("partial", False) - if partial and\ - 'host_id' in data and \ - 'service_id' in data: - raise ValidationError("Host and service can't be modified simultaneously") - else: - if 'host_id' in data and 'service_id' in data: - if data['host_id'] is None and data['service_id'] is None: - raise ValidationError("Host and service cant't be null") - return data - @post_load def post_load_cvss2(self, data, **kwargs): return self._get_vector_string(data, 'cvss2') @@ -485,7 +461,6 @@ class Meta: 'target', 'host_os', 'resolution', 'method', 'metadata', 'status_code', 'custom_fields', 'external_id', 'tool', 'cve', 'cwe', 'owasp', 'cvss2', 'cvss3', 'refs', 'reference_instances', 'command_id', - # 'risk', 'host_id', 'service_id' 'risk' ) @@ -736,30 +711,6 @@ def _update_object(self, obj, data, **kwargs): data.pop('type', '') # It's forbidden to change vuln type! data.pop('tool', '') - # host - # if 'host_id' in data: - # new_host_id = data.pop("host_id") - # if new_host_id: - # if obj.type == 'vulnerability_web': - # flask.abort(400, "Vulnerability web can't have a host assigned") - # host = Host.query.filter(Host.workspace_id == obj.workspace_id, Host.id == new_host_id).first() - # if not host: - # # TODO: que deberia retornar? Para evitar enumeracion. - # flask.abort(400, "The host that you are trying to assign was not found") - # obj.host_id = host.id - # obj.service_id = None - # - # # service - # if 'service_id' in data: - # new_service_id = data.pop("service_id") - # if new_service_id: - # service = Service.query.filter(Service.workspace_id == obj.workspace_id, - # Service.id == new_service_id).first() - # if not service: - # flask.abort(400, "The service that you are trying to assign was not found") - # obj.service_id = service.id - # obj.host_id = None - cwe_list = data.pop('cwe', None) if cwe_list: # We need to instantiate cwe objects before updating From 3a47f3ca0e82b1a97e3f0187909a313fc354b2a0 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Thu, 20 Apr 2023 13:59:54 -0300 Subject: [PATCH 27/31] Modify parent validation in vuln schema --- faraday/server/api/modules/vulns.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/faraday/server/api/modules/vulns.py b/faraday/server/api/modules/vulns.py index a81047b337f..de6b6510a4c 100644 --- a/faraday/server/api/modules/vulns.py +++ b/faraday/server/api/modules/vulns.py @@ -378,13 +378,14 @@ def post_load_parent(self, data, **kwargs): parent_field = None parent_type = data.pop('parent_type', None) parent_id = data.pop('parent', None) - if kwargs.get('partial', False): - if not parent_type and not parent_id: - return data - if parent_id and parent_type is None: - raise ValidationError('Trying to modify parent with no parent_type') - if parent_type and parent_id is None: - raise ValidationError('Trying to modify parent_type but parent not sent') + + if not parent_type and not parent_id: + return data + if parent_id and parent_type is None: + raise ValidationError('Trying to modify parent with no parent_type') + if parent_type and parent_id is None: + raise ValidationError('Trying to modify parent_type but parent not sent') + if parent_type == 'Host': parent_class = Host parent_field = 'host_id' From 6fb541c9fd9e8053d00dca81a10ce04068596034 Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Thu, 20 Apr 2023 17:20:59 -0300 Subject: [PATCH 28/31] add test --- tests/test_api_agent.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/test_api_agent.py b/tests/test_api_agent.py index 16223e47f89..a8824f8f527 100644 --- a/tests/test_api_agent.py +++ b/tests/test_api_agent.py @@ -410,4 +410,6 @@ def test_get_manifests(self, session, csrf_token, test_client): session.add(agent) session.commit() res = test_client.get(join(self.url(), 'get_manifests')) + assert "BURP_API_PULL_INTERVAL" in res.json["burp"]["optional_environment_variables"] + assert "TENABLE_PULL_INTERVAL" in res.json["tenableio"]["optional_environment_variables"] assert res.status_code == 200 From 2c549b947aaf613ea1d491ba37026ebb773f4c0a Mon Sep 17 00:00:00 2001 From: GMartinez1995 Date: Tue, 9 May 2023 12:22:48 -0300 Subject: [PATCH 29/31] Fix get_manifest --- CHANGELOG/current/7500.json | 4 ++++ faraday/server/api/modules/agent.py | 24 +++++++++++++----------- 2 files changed, 17 insertions(+), 11 deletions(-) create mode 100644 CHANGELOG/current/7500.json diff --git a/CHANGELOG/current/7500.json b/CHANGELOG/current/7500.json new file mode 100644 index 00000000000..f756acbcfa8 --- /dev/null +++ b/CHANGELOG/current/7500.json @@ -0,0 +1,4 @@ +{ + "level": "community", + "md": "[FIX] Make get_manifest compatible with all version of dispatcher #7500" +} diff --git a/faraday/server/api/modules/agent.py b/faraday/server/api/modules/agent.py index 81b82c3ec8e..735399cc4f2 100644 --- a/faraday/server/api/modules/agent.py +++ b/faraday/server/api/modules/agent.py @@ -282,17 +282,19 @@ def manifests_get(self): description: Ok """ try: - manifest = get_manifests(request.args.get("agent_version")) - manifest["burp"]["optional_environment_variables"] = [ - manifest["burp"]["environment_variables"].pop( - manifest["burp"]["environment_variables"].index("BURP_API_PULL_INTERVAL") - ) - ] - manifest["tenableio"]["optional_environment_variables"] = [ - manifest["tenableio"]["environment_variables"].pop( - manifest["tenableio"]["environment_variables"].index("TENABLE_PULL_INTERVAL") - ) - ] + manifest = get_manifests(request.args.get("agent_version")).copy() + if "BURP_API_PULL_INTERVAL" in manifest.get("burp", {}).get("environment_variables", ""): + manifest["burp"]["optional_environment_variables"] = [ + manifest["burp"].get("environment_variables").pop( + manifest["burp"]["environment_variables"].index("BURP_API_PULL_INTERVAL") + ) + ] + if "TENABLE_PULL_INTERVAL" in manifest.get("tenableio", {}).get("environment_variables", ""): + manifest["tenableio"]["optional_environment_variables"] = [ + manifest["tenableio"]["environment_variables"].pop( + manifest["tenableio"]["environment_variables"].index("TENABLE_PULL_INTERVAL") + ) + ] return flask.jsonify(manifest) except ValueError as e: flask.abort(400, e) From 94f11ef253ddfbdd92e3a011608fff557981309d Mon Sep 17 00:00:00 2001 From: David Kraus Date: Mon, 29 May 2023 10:06:20 -0300 Subject: [PATCH 30/31] Run pynixify and update swagger --- faraday/__init__.py | 2 +- faraday/openapi/faraday_swagger.json | 1356 ++++++++--------- pynixify/packages/faraday-plugins/default.nix | 6 +- pynixify/packages/faradaysec/default.nix | 2 +- pynixify/packages/flask-socketio/default.nix | 4 +- pynixify/packages/pyjwt/default.nix | 4 +- pynixify/packages/python-engineio/default.nix | 4 +- requirements.txt | 2 +- 8 files changed, 691 insertions(+), 689 deletions(-) diff --git a/faraday/__init__.py b/faraday/__init__.py index 4ccc8fbce80..86d60a5cb97 100644 --- a/faraday/__init__.py +++ b/faraday/__init__.py @@ -4,5 +4,5 @@ See the file 'doc/LICENSE' for the license information """ -__version__ = '4.3.5' +__version__ = '4.4.0' __license_version__ = __version__ diff --git a/faraday/openapi/faraday_swagger.json b/faraday/openapi/faraday_swagger.json index 515dbc88b37..4f3c77bbe4e 100644 --- a/faraday/openapi/faraday_swagger.json +++ b/faraday/openapi/faraday_swagger.json @@ -1,7 +1,7 @@ { "info": { "description": "The Faraday REST API enables you to interact with [our server](https://github.com/infobyte/faraday).\nUse this API to interact or integrate with Faraday server. This page documents the REST API, with HTTP response codes and example requests and responses.", - "title": "Faraday 4.3.5 API", + "title": "Faraday 4.4.0 API", "version": "v3" }, "security": { @@ -4185,49 +4185,49 @@ "nullable": true, "maxLength": 6 }, - "itime": {}, - "duration": { + "_id": { + "type": "integer", + "readOnly": true + }, + "params": { + "type": "string", "nullable": true }, - "command": { + "metadata": {}, + "itime": {}, + "hostname": { "type": "string", "nullable": true, - "minLength": 1 + "maxLength": 250 + }, + "creator": { + "readOnly": true }, "workspace": { "readOnly": true }, - "params": { + "ip": { "type": "string", - "nullable": true + "nullable": true, + "maxLength": 250 }, "tool": { "type": "string", "nullable": true, "minLength": 1 }, - "user": { + "command": { "type": "string", "nullable": true, - "maxLength": 250 - }, - "_id": { - "type": "integer", - "readOnly": true + "minLength": 1 }, - "hostname": { - "type": "string", - "nullable": true, - "maxLength": 250 + "duration": { + "nullable": true }, - "ip": { + "user": { "type": "string", "nullable": true, "maxLength": 250 - }, - "metadata": {}, - "creator": { - "readOnly": true } }, "required": [ @@ -4239,6 +4239,24 @@ "ActivityFeed": { "type": "object", "properties": { + "sum_created_vulnerability_info": { + "type": "integer", + "readOnly": true + }, + "sum_created_vulnerability_high": { + "type": "integer", + "readOnly": true + }, + "tool": { + "type": "string", + "nullable": true, + "minLength": 1 + }, + "user": { + "type": "string", + "nullable": true, + "maxLength": 250 + }, "import_source": { "enum": [ "report", @@ -4248,57 +4266,48 @@ "nullable": true, "maxLength": 6 }, - "sum_created_vulnerability_unclassified": { - "type": "integer", - "readOnly": true - }, - "workspace": { - "readOnly": true - }, - "sum_created_vulnerability_medium": { - "type": "integer", - "readOnly": true - }, - "sum_created_vulnerability_low": { + "sum_created_vulnerability_critical": { "type": "integer", "readOnly": true }, - "sum_created_hosts": { + "sum_created_services": { "readOnly": true, "nullable": true }, - "command": { - "type": "string", - "nullable": true, - "minLength": 1 + "creator": { + "readOnly": true }, - "tool": { + "ip": { "type": "string", "nullable": true, - "minLength": 1 + "maxLength": 250 }, - "user": { + "command": { "type": "string", "nullable": true, - "maxLength": 250 + "minLength": 1 }, - "_id": { + "itime": {}, + "sum_created_vulnerability_unclassified": { "type": "integer", "readOnly": true }, - "ip": { - "type": "string", - "nullable": true, - "maxLength": 250 + "workspace": { + "readOnly": true }, - "sum_created_services": { + "sum_created_hosts": { "readOnly": true, "nullable": true }, - "creator": { + "sum_created_vulnerabilities": { + "readOnly": true, + "nullable": true + }, + "_id": { + "type": "integer", "readOnly": true }, - "sum_created_vulnerability_critical": { + "sum_created_vulnerability_low": { "type": "integer", "readOnly": true }, @@ -4306,23 +4315,14 @@ "type": "string", "nullable": true }, - "sum_created_vulnerability_high": { + "sum_created_vulnerability_medium": { "type": "integer", "readOnly": true }, - "itime": {}, "hostname": { "type": "string", "nullable": true, "maxLength": 250 - }, - "sum_created_vulnerabilities": { - "readOnly": true, - "nullable": true - }, - "sum_created_vulnerability_info": { - "type": "integer", - "readOnly": true } }, "required": [ @@ -4337,53 +4337,53 @@ "password": { "type": "string" }, - "target": { - "type": "string", + "_id": { + "type": "integer", "readOnly": true }, - "_rev": { - "type": "string", - "readOnly": true + "description": { + "type": "string" }, - "parent": {}, "couchdbid": { "type": "string" }, - "description": { - "type": "string" + "metadata": {}, + "id": { + "type": "integer" }, "service_name": { "type": "string", "readOnly": true }, - "_id": { - "type": "integer", - "readOnly": true - }, "username": { "type": "string", "minLength": 1 }, - "metadata": {}, - "host_ip": { + "name": { + "type": "string", + "nullable": true + }, + "parent": {}, + "_rev": { "type": "string", "readOnly": true }, - "owner": { + "host_ip": { "type": "string", "readOnly": true }, "parent_type": {}, - "id": { - "type": "integer" - }, - "name": { + "owner": { "type": "string", - "nullable": true + "readOnly": true }, "owned": { "type": "boolean", "readOnly": true + }, + "target": { + "type": "string", + "readOnly": true } }, "required": [ @@ -4395,77 +4395,77 @@ "Host": { "type": "object", "properties": { - "_rev": { - "type": "string", - "readOnly": true - }, "services": { "type": "integer", "readOnly": true }, - "credentials": { + "vulns": { "type": "integer", "readOnly": true }, - "metadata": {}, + "service_summaries": { + "readOnly": true + }, "mac": { "type": "string", "nullable": true }, - "vulns": { - "type": "integer", - "readOnly": true + "description": { + "type": "string" }, - "_id": { - "type": "integer", - "readOnly": true + "metadata": {}, + "default_gateway": { + "type": "string", + "nullable": true }, "ip": { "type": "string" }, - "versions": { - "readOnly": true - }, - "service_summaries": { - "readOnly": true + "os": { + "type": "string" }, - "type": { + "owner": { "readOnly": true }, - "hostnames": {}, - "importance": { + "id": { "type": "integer" }, - "severity_counts": { - "readOnly": true + "command_id": { + "type": "integer", + "writeOnly": true }, - "owned": { - "type": "boolean" + "name": { + "type": "string", + "readOnly": true }, - "os": { - "type": "string" + "_rev": { + "type": "string", + "readOnly": true }, - "description": { - "type": "string" + "versions": { + "readOnly": true }, - "default_gateway": { - "type": "string", - "nullable": true + "severity_counts": { + "readOnly": true }, - "owner": { + "_id": { + "type": "integer", "readOnly": true }, - "id": { + "importance": { "type": "integer" }, - "name": { - "type": "string", + "type": { "readOnly": true }, - "command_id": { + "credentials": { "type": "integer", - "writeOnly": true - } + "readOnly": true + }, + "owned": { + "type": "boolean" + }, + "hostnames": {} }, "required": [ "description" @@ -4474,15 +4474,15 @@ "HostCount": { "type": "object", "properties": { - "low": { + "critical": { "type": "integer", "readOnly": true }, - "unclassified": { + "high": { "type": "integer", "readOnly": true }, - "host_id": { + "total": { "type": "integer", "readOnly": true }, @@ -4490,19 +4490,19 @@ "type": "integer", "readOnly": true }, - "critical": { + "med": { "type": "integer", "readOnly": true }, - "total": { + "host_id": { "type": "integer", "readOnly": true }, - "high": { + "unclassified": { "type": "integer", "readOnly": true }, - "med": { + "low": { "type": "integer", "readOnly": true } @@ -4515,46 +4515,10 @@ "Service": { "type": "object", "properties": { - "_rev": { - "type": "string", - "readOnly": true - }, - "host_id": { + "vulns": { "type": "integer", "readOnly": true }, - "credentials": { - "type": "integer", - "readOnly": true - }, - "metadata": {}, - "vulns": { - "type": "integer", - "readOnly": true - }, - "_id": { - "type": "integer", - "readOnly": true - }, - "summary": { - "type": "string", - "readOnly": true - }, - "ports": {}, - "type": { - "readOnly": true - }, - "port": { - "type": "integer", - "readOnly": true, - "minimum": 0 - }, - "owned": { - "type": "boolean" - }, - "parent": { - "type": "integer" - }, "status": { "type": "string", "default": "open", @@ -4564,32 +4528,68 @@ "filtered" ] }, + "host_id": { + "type": "integer", + "readOnly": true + }, "description": { "type": "string", "nullable": true }, - "protocol": { + "summary": { "type": "string", - "nullable": true, - "minLength": 1 + "readOnly": true }, + "metadata": {}, "owner": { "readOnly": true }, - "version": { + "protocol": { "type": "string", - "nullable": true + "nullable": true, + "minLength": 1 }, "id": { "type": "integer" }, + "command_id": { + "type": "integer", + "writeOnly": true + }, "name": { "type": "string", "nullable": true }, - "command_id": { + "_rev": { + "type": "string", + "readOnly": true + }, + "_id": { "type": "integer", - "writeOnly": true + "readOnly": true + }, + "port": { + "type": "integer", + "readOnly": true, + "minimum": 0 + }, + "type": { + "readOnly": true + }, + "credentials": { + "type": "integer", + "readOnly": true + }, + "ports": {}, + "parent": { + "type": "integer" + }, + "owned": { + "type": "boolean" + }, + "version": { + "type": "string", + "nullable": true } }, "required": [ @@ -4601,33 +4601,33 @@ "License": { "type": "object", "properties": { + "start": { + "type": "string", + "format": "date-time" + }, "_id": { "type": "integer", "readOnly": true }, + "id": { + "type": "integer" + }, "lictype": { "type": "string", "nullable": true }, - "end": { + "product": { "type": "string", - "format": "date-time" + "nullable": true, + "minLength": 1 }, - "start": { + "end": { "type": "string", "format": "date-time" }, "notes": { "type": "string", "nullable": true - }, - "id": { - "type": "integer" - }, - "product": { - "type": "string", - "nullable": true, - "minLength": 1 } }, "required": [ @@ -4637,14 +4637,6 @@ "Service1": { "type": "object", "properties": { - "_id": { - "type": "integer", - "readOnly": true - }, - "summary": { - "type": "string", - "readOnly": true - }, "status": { "type": "string", "default": "open", @@ -4654,6 +4646,19 @@ "filtered" ] }, + "_id": { + "type": "integer", + "readOnly": true + }, + "name": { + "type": "string", + "nullable": true + }, + "summary": { + "type": "string", + "readOnly": true + }, + "ports": {}, "protocol": { "type": "string", "nullable": true, @@ -4662,12 +4667,7 @@ "version": { "type": "string", "nullable": true - }, - "name": { - "type": "string", - "nullable": true - }, - "ports": {} + } }, "required": [ "ports", @@ -4677,10 +4677,10 @@ "Reference": { "type": "object", "properties": { - "type": { + "name": { "type": "string" }, - "name": { + "type": { "type": "string" } } @@ -4688,44 +4688,97 @@ "VulnerabilityWeb": { "type": "object", "properties": { - "_rev": { + "severity": { + "type": "string" + }, + "owned": { + "type": "boolean", + "readOnly": true + }, + "request": { + "type": "string" + }, + "path": { + "type": "string" + }, + "impact": {}, + "host_os": { "type": "string", "readOnly": true }, - "custom_fields": {}, - "query": { + "status": { + "enum": [ + "open", + "closed", + "re-opened", + "risk-accepted", + "opened" + ] + }, + "reference_instances": {}, + "tool": { "type": "string" }, - "tags": { + "method": { + "type": "string" + }, + "risk": { "readOnly": true }, - "owasp": { + "cve": { "type": "array", - "readOnly": true, "items": { "type": "string" } }, + "description": { + "type": "string", + "readOnly": true + }, + "tags": { + "readOnly": true + }, "metadata": {}, - "method": { + "service": { + "readOnly": true, + "allOf": [ + { + "$ref": "#/components/schemas/Service1" + } + ] + }, + "owner": { + "readOnly": true + }, + "confirmed": { + "type": "boolean" + }, + "custom_fields": {}, + "website": { "type": "string" }, + "command_id": { + "type": "integer", + "writeOnly": true + }, "obj_id": { "type": "string", "readOnly": true }, - "target": { - "type": "string", - "readOnly": true + "response": { + "type": "string" }, - "parent_type": {}, - "external_id": { + "desc": { + "type": "string" + }, + "name": { "type": "string", - "nullable": true + "nullable": true, + "minLength": 1 }, - "command_id": { - "type": "integer", - "writeOnly": true + "_rev": { + "type": "string", + "readOnly": true }, "easeofresolution": { "type": "string", @@ -4738,133 +4791,80 @@ ], "nullable": true }, - "reference_instances": {}, - "tool": { - "type": "string" + "cvss2": {}, + "cwe": { + "type": "array", + "items": { + "type": "string" + } + }, + "owasp": { + "type": "array", + "readOnly": true, + "items": { + "type": "string" + } }, "_id": { "type": "integer", "readOnly": true }, - "resolution": { - "type": "string", - "nullable": true - }, - "website": { + "params": { "type": "string" }, - "_attachments": {}, - "risk": { + "issuetracker": { "readOnly": true }, - "date": { + "target": { "type": "string", - "format": "date-time", "readOnly": true }, - "response": { - "type": "string" + "data": { + "type": "string", + "nullable": true }, + "type": {}, "cvss3": {}, + "query": { + "type": "string" + }, "status_code": { "type": "integer", "nullable": true }, - "data": { + "resolution": { "type": "string", "nullable": true }, - "host_os": { - "type": "string", - "readOnly": true - }, - "params": { - "type": "string" - }, - "path": { - "type": "string" - }, - "impact": {}, + "parent": {}, "policyviolations": { "type": "array", "items": { "type": "string" } }, - "type": {}, - "hostnames": { - "readOnly": true - }, - "owned": { - "type": "boolean", - "readOnly": true - }, - "severity": { - "type": "string" - }, - "request": { - "type": "string" - }, - "pname": { - "type": "string" - }, - "parent": {}, - "status": { - "enum": [ - "open", - "closed", - "re-opened", - "risk-accepted", - "opened" - ] - }, - "issuetracker": { + "parent_type": {}, + "_attachments": {}, + "date": { + "type": "string", + "format": "date-time", "readOnly": true }, - "description": { + "external_id": { "type": "string", - "readOnly": true + "nullable": true }, - "desc": { + "pname": { "type": "string" }, - "cwe": { - "type": "array", - "items": { - "type": "string" - } - }, - "service": { - "readOnly": true, - "allOf": [ - { - "$ref": "#/components/schemas/Service1" - } - ] - }, - "cvss2": {}, - "owner": { - "readOnly": true - }, "refs": { "type": "array", "items": { "$ref": "#/components/schemas/Reference" } }, - "name": { - "type": "string", - "nullable": true, - "minLength": 1 - }, - "confirmed": { - "type": "boolean" - }, - "cve": { - "type": "array", - "items": { - "type": "string" - } + "hostnames": { + "readOnly": true } }, "required": [ @@ -4878,10 +4878,10 @@ "Evidence": { "type": "object", "properties": { - "content_type": { + "data": { "readOnly": true }, - "data": { + "content_type": { "readOnly": true } } @@ -4889,18 +4889,41 @@ "VulnerabilityTemplate": { "type": "object", "properties": { - "_rev": { - "type": "string", + "creator_id": { + "type": "integer", "readOnly": true }, + "impact": {}, + "description": { + "type": "string", + "nullable": true + }, + "references": {}, "create_at": { "type": "string", "format": "date-time", "readOnly": true }, - "external_id": { + "creator": { + "readOnly": true + }, + "customfields": {}, + "id": { + "type": "integer", + "readOnly": true + }, + "desc": { "type": "string", - "nullable": true + "readOnly": true + }, + "name": { + "type": "string", + "nullable": true, + "minLength": 1 + }, + "_rev": { + "type": "string", + "readOnly": true }, "easeofresolution": { "type": "string", @@ -4913,21 +4936,23 @@ ], "nullable": true }, + "cwe": { + "type": "string", + "readOnly": true + }, + "exploitation": { + "type": "string" + }, "_id": { "type": "integer", "readOnly": true }, - "resolution": { - "type": "string", - "nullable": true - }, - "customfields": {}, "data": { "type": "string" }, - "creator_id": { - "type": "integer", - "readOnly": true + "resolution": { + "type": "string", + "nullable": true }, "policyviolations": { "type": "array", @@ -4935,41 +4960,16 @@ "type": "string" } }, - "impact": {}, - "exploitation": { - "type": "string" - }, - "references": {}, - "description": { + "external_id": { "type": "string", "nullable": true }, - "desc": { - "type": "string", - "readOnly": true - }, "refs": { "type": "array", "readOnly": true, "items": { "type": "string" } - }, - "creator": { - "readOnly": true - }, - "id": { - "type": "integer", - "readOnly": true - }, - "name": { - "type": "string", - "nullable": true, - "minLength": 1 - }, - "cwe": { - "type": "string", - "readOnly": true } }, "required": [ @@ -4992,52 +4992,45 @@ "type": "integer", "readOnly": true }, - "date": { - "type": "string", - "readOnly": true - }, "confirmed": { "type": "integer", "readOnly": true + }, + "date": { + "type": "string", + "readOnly": true } } }, "Workspace": { "type": "object", "properties": { - "customer": { - "type": "string", - "nullable": true, - "maxLength": 250 + "_id": { + "type": "integer", + "readOnly": true }, - "duration": {}, "description": { "type": "string", "nullable": true }, - "last_run_agent_date": { - "type": "string", - "format": "date-time", - "readOnly": true + "public": { + "type": "boolean" + }, + "scope": {}, + "importance": { + "type": "integer" }, "create_date": { "type": "string", "format": "date-time", "readOnly": true }, - "public": { - "type": "boolean" - }, - "stats": {}, - "readonly": { - "type": "boolean" - }, - "_id": { - "type": "integer", + "update_date": { + "type": "string", + "format": "date-time", "readOnly": true }, - "scope": {}, - "importance": { + "id": { "type": "integer" }, "histogram": { @@ -5046,19 +5039,26 @@ "$ref": "#/components/schemas/Histogram" } }, - "active": { + "name": { + "type": "string" + }, + "readonly": { "type": "boolean" }, - "update_date": { + "customer": { + "type": "string", + "nullable": true, + "maxLength": 250 + }, + "last_run_agent_date": { "type": "string", "format": "date-time", "readOnly": true }, - "id": { - "type": "integer" - }, - "name": { - "type": "string" + "duration": {}, + "stats": {}, + "active": { + "type": "boolean" } }, "required": [ @@ -5068,12 +5068,15 @@ "Comment": { "type": "object", "properties": { - "text": { - "type": "string" - }, "id": { "type": "integer" }, + "object_id": { + "type": "integer" + }, + "text": { + "type": "string" + }, "object_type": { "type": "string", "enum": [ @@ -5082,9 +5085,6 @@ "comment", "vulnerability" ] - }, - "object_id": { - "type": "integer" } }, "required": [ @@ -5099,26 +5099,26 @@ "field_order": { "type": "integer" }, + "field_display_name": { + "type": "string" + }, "field_metadata": { "type": "string", "nullable": true }, - "table_name": { - "type": "string" - }, - "field_type": { - "type": "string" + "id": { + "type": "integer", + "readOnly": true }, "field_name": { "type": "string" }, - "field_display_name": { + "table_name": { "type": "string" }, - "id": { - "type": "integer", - "readOnly": true - } + "field_type": { + "type": "string" + } }, "required": [ "field_display_name", @@ -5146,11 +5146,6 @@ "Executor": { "type": "object", "properties": { - "last_run": { - "type": "string", - "format": "date-time", - "readOnly": true - }, "schedules": { "readOnly": true, "allOf": [ @@ -5159,7 +5154,7 @@ } ] }, - "agent_id": { + "id": { "type": "integer", "readOnly": true }, @@ -5167,30 +5162,24 @@ "type": "object", "readOnly": true }, - "id": { - "type": "integer", + "last_run": { + "type": "string", + "format": "date-time", "readOnly": true }, "name": { "type": "string", "readOnly": true + }, + "agent_id": { + "type": "integer", + "readOnly": true } } }, "Agent": { "type": "object", "properties": { - "status": { - "type": "string", - "readOnly": true - }, - "creator": { - "readOnly": true - }, - "active": { - "type": "boolean", - "nullable": true - }, "executors": { "readOnly": true, "allOf": [ @@ -5199,11 +5188,6 @@ } ] }, - "last_run": { - "type": "string", - "format": "date-time", - "readOnly": true - }, "create_date": { "type": "string", "format": "date-time", @@ -5217,14 +5201,30 @@ "id": { "type": "integer" }, + "creator": { + "readOnly": true + }, + "status": { + "type": "string", + "readOnly": true + }, "name": { "type": "string", "nullable": true, "minLength": 1 }, + "last_run": { + "type": "string", + "format": "date-time", + "readOnly": true + }, "is_online": { "type": "boolean", "readOnly": true + }, + "active": { + "type": "boolean", + "nullable": true } }, "required": [ @@ -5234,14 +5234,14 @@ "AgentAuthToken": { "type": "object", "properties": { - "token": { - "type": "string" + "expires_in": { + "type": "number" }, "total_duration": { "type": "number" }, - "expires_in": { - "type": "number" + "token": { + "type": "string" } }, "required": [ @@ -5250,101 +5250,181 @@ "total_duration" ] }, - "Vulnerability": { + "BulkCommand": { "type": "object", "properties": { - "_rev": { + "import_source": { + "enum": [ + "report", + "shell", + "agent" + ], + "nullable": true, + "maxLength": 6 + }, + "params": { "type": "string", - "readOnly": true + "nullable": true }, - "custom_fields": {}, - "tags": { - "readOnly": true + "hostname": { + "type": "string", + "nullable": true, + "maxLength": 250 }, - "owasp": { - "type": "array", - "readOnly": true, - "items": { - "type": "string" - } + "creator": {}, + "start_date": { + "type": "string", + "format": "date-time" }, - "metadata": {}, - "obj_id": { + "ip": { "type": "string", - "readOnly": true + "nullable": true, + "maxLength": 250 }, - "run_date": {}, - "target": { + "tool": { "type": "string", - "readOnly": true + "nullable": true, + "minLength": 1 }, - "external_id": { + "command": { "type": "string", - "nullable": true + "nullable": true, + "minLength": 1 }, - "command_id": { + "duration": { "type": "integer", - "writeOnly": true + "x-unit": "microseconds" }, - "easeofresolution": { + "user": { + "type": "string", + "nullable": true, + "maxLength": 250 + } + }, + "required": [ + "command", + "start_date", + "tool" + ] + }, + "BulkCredential": { + "type": "object", + "properties": { + "password": { "type": "string", - "enum": [ - "trivial", - "simple", - "moderate", - "difficult", - "infeasible" - ], "nullable": true }, - "reference_instances": {}, - "tool": { - "type": "string" + "name": { + "type": "string", + "nullable": true }, - "_id": { + "description": { + "type": "string", + "nullable": true + }, + "username": { + "type": "string", + "nullable": true + } + } + }, + "BulkService": { + "type": "object", + "properties": { + "vulns": { "type": "integer", "readOnly": true }, - "resolution": { + "status": { "type": "string", - "nullable": true + "default": "open", + "enum": [ + "open", + "closed", + "filtered" + ] }, - "_attachments": {}, - "risk": { + "host_id": { + "type": "integer", "readOnly": true }, - "date": { + "description": { + "type": "string", + "nullable": true + }, + "summary": { "type": "string", - "format": "date-time", "readOnly": true }, - "cvss3": {}, - "data": { + "metadata": {}, + "owner": { + "readOnly": true + }, + "protocol": { + "type": "string", + "nullable": true, + "minLength": 1 + }, + "id": { + "type": "integer" + }, + "command_id": { + "type": "integer", + "writeOnly": true + }, + "name": { "type": "string", "nullable": true }, - "host_os": { + "_rev": { "type": "string", "readOnly": true }, - "policyviolations": { + "_id": { + "type": "integer", + "readOnly": true + }, + "port": { + "type": "integer", + "minimum": 0 + }, + "vulnerabilities": { + "default": [] + }, + "type": { + "readOnly": true + }, + "credentials": { + "default": [], "type": "array", "items": { - "type": "string" + "$ref": "#/components/schemas/BulkCredential" } }, - "impact": {}, - "type": {}, - "hostnames": { - "readOnly": true - }, "owned": { - "type": "boolean", - "readOnly": true + "type": "boolean" }, + "version": { + "type": "string", + "nullable": true + } + }, + "required": [ + "port", + "protocol" + ] + }, + "Vulnerability": { + "type": "object", + "properties": { "severity": { "type": "string" }, + "impact": {}, + "host_os": { + "type": "string", + "readOnly": true + }, "status": { "enum": [ "open", @@ -5354,23 +5434,28 @@ "opened" ] }, - "description": { - "type": "string", - "readOnly": true + "reference_instances": {}, + "tool": { + "type": "string" }, - "issuetracker": { + "risk": { "readOnly": true }, - "desc": { - "type": "string" - }, - "cwe": { + "cve": { "type": "array", "items": { "type": "string" } }, - "service": { + "description": { + "type": "string", + "readOnly": true + }, + "tags": { + "readOnly": true + }, + "metadata": {}, + "service": { "readOnly": true, "allOf": [ { @@ -5378,158 +5463,119 @@ } ] }, - "cvss2": {}, + "confirmed": { + "type": "boolean" + }, "owner": { "readOnly": true }, - "refs": { - "type": "array", - "items": { - "$ref": "#/components/schemas/Reference" - } - }, - "name": { - "type": "string", - "nullable": true, - "minLength": 1 - }, - "confirmed": { - "type": "boolean" + "run_date": {}, + "custom_fields": {}, + "command_id": { + "type": "integer", + "writeOnly": true }, - "cve": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "name", - "severity", - "type" - ] - }, - "BulkCredential": { - "type": "object", - "properties": { - "password": { + "obj_id": { "type": "string", - "nullable": true + "readOnly": true }, - "username": { - "type": "string", - "nullable": true + "desc": { + "type": "string" }, "name": { "type": "string", - "nullable": true - }, - "description": { - "type": "string", - "nullable": true - } - } - }, - "BulkService": { - "type": "object", - "properties": { - "vulnerabilities": { - "default": [] + "nullable": true, + "minLength": 1 }, "_rev": { "type": "string", "readOnly": true }, - "host_id": { - "type": "integer", - "readOnly": true + "easeofresolution": { + "type": "string", + "enum": [ + "trivial", + "simple", + "moderate", + "difficult", + "infeasible" + ], + "nullable": true }, - "credentials": { - "default": [], + "cvss2": {}, + "cwe": { "type": "array", "items": { - "$ref": "#/components/schemas/BulkCredential" + "type": "string" } }, - "metadata": {}, - "vulns": { - "type": "integer", - "readOnly": true + "owasp": { + "type": "array", + "readOnly": true, + "items": { + "type": "string" + } }, "_id": { "type": "integer", "readOnly": true }, - "summary": { - "type": "string", + "issuetracker": { "readOnly": true }, - "type": { + "target": { + "type": "string", "readOnly": true }, - "port": { - "type": "integer", - "minimum": 0 - }, - "owned": { - "type": "boolean" - }, - "status": { + "data": { "type": "string", - "default": "open", - "enum": [ - "open", - "closed", - "filtered" - ] + "nullable": true }, - "description": { + "type": {}, + "cvss3": {}, + "resolution": { "type": "string", "nullable": true }, - "protocol": { - "type": "string", - "nullable": true, - "minLength": 1 + "policyviolations": { + "type": "array", + "items": { + "type": "string" + } }, - "owner": { + "_attachments": {}, + "date": { + "type": "string", + "format": "date-time", "readOnly": true }, - "version": { + "external_id": { "type": "string", "nullable": true }, - "id": { - "type": "integer" + "owned": { + "type": "boolean", + "readOnly": true }, - "name": { - "type": "string", - "nullable": true + "refs": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Reference" + } }, - "command_id": { - "type": "integer", - "writeOnly": true + "hostnames": { + "readOnly": true } }, "required": [ - "port", - "protocol" + "name", + "severity", + "type" ] }, "HostBulk": { "type": "object", "properties": { - "vulnerabilities": { - "default": [], - "type": "array", - "items": { - "$ref": "#/components/schemas/Vulnerability" - } - }, - "_rev": { - "type": "string", - "readOnly": true - }, "services": { "default": [], "type": "array", @@ -5537,140 +5583,94 @@ "$ref": "#/components/schemas/BulkService" } }, - "credentials": { - "default": [], - "type": "array", - "items": { - "$ref": "#/components/schemas/BulkCredential" - } - }, - "metadata": {}, - "mac": { - "type": "string", - "nullable": true - }, "vulns": { "type": "integer", "readOnly": true }, - "_id": { - "type": "integer", - "readOnly": true - }, - "ip": { - "type": "string" - }, - "versions": { - "readOnly": true - }, "service_summaries": { "readOnly": true }, - "type": { - "readOnly": true - }, - "hostnames": {}, - "importance": { - "type": "integer" - }, - "severity_counts": { - "readOnly": true - }, - "owned": { - "type": "boolean" - }, - "os": { - "type": "string" + "mac": { + "type": "string", + "nullable": true }, "description": { "type": "string" }, + "metadata": {}, "default_gateway": { "type": "string", "nullable": true }, + "ip": { + "type": "string" + }, + "os": { + "type": "string" + }, "owner": { "readOnly": true }, "id": { "type": "integer" }, - "name": { - "type": "string", - "readOnly": true - }, "command_id": { "type": "integer", "writeOnly": true - } - }, - "required": [ - "description", - "ip" - ] - }, - "BulkCommand": { - "type": "object", - "properties": { - "import_source": { - "enum": [ - "report", - "shell", - "agent" - ], - "nullable": true, - "maxLength": 6 }, - "start_date": { + "name": { "type": "string", - "format": "date-time" - }, - "duration": { - "type": "integer", - "x-unit": "microseconds" + "readOnly": true }, - "command": { + "_rev": { "type": "string", - "nullable": true, - "minLength": 1 + "readOnly": true }, - "params": { - "type": "string", - "nullable": true + "versions": { + "readOnly": true }, - "tool": { - "type": "string", - "nullable": true, - "minLength": 1 + "severity_counts": { + "readOnly": true }, - "user": { - "type": "string", - "nullable": true, - "maxLength": 250 + "_id": { + "type": "integer", + "readOnly": true }, - "hostname": { - "type": "string", - "nullable": true, - "maxLength": 250 + "importance": { + "type": "integer" }, - "ip": { - "type": "string", - "nullable": true, - "maxLength": 250 + "vulnerabilities": { + "default": [], + "type": "array", + "items": { + "$ref": "#/components/schemas/Vulnerability" + } + }, + "type": { + "readOnly": true + }, + "credentials": { + "default": [], + "type": "array", + "items": { + "$ref": "#/components/schemas/BulkCredential" + } }, - "creator": {} + "owned": { + "type": "boolean" + }, + "hostnames": {} }, "required": [ - "command", - "start_date", - "tool" + "description", + "ip" ] }, "BulkCreate": { "type": "object", "properties": { - "execution_id": { - "type": "integer" + "command": { + "$ref": "#/components/schemas/BulkCommand" }, "hosts": { "type": "array", @@ -5678,8 +5678,8 @@ "$ref": "#/components/schemas/HostBulk" } }, - "command": { - "$ref": "#/components/schemas/BulkCommand" + "execution_id": { + "type": "integer" } }, "required": [ @@ -5694,7 +5694,7 @@ "type": "string", "nullable": true }, - "user_query": { + "name": { "type": "string", "nullable": true }, @@ -5702,7 +5702,7 @@ "type": "integer", "readOnly": true }, - "name": { + "user_query": { "type": "string", "nullable": true } @@ -5791,4 +5791,4 @@ "name": "settings" } ] -} +} \ No newline at end of file diff --git a/pynixify/packages/faraday-plugins/default.nix b/pynixify/packages/faraday-plugins/default.nix index 9831c0d0f82..b159cff66f7 100644 --- a/pynixify/packages/faraday-plugins/default.nix +++ b/pynixify/packages/faraday-plugins/default.nix @@ -11,6 +11,7 @@ , html2text , lib , lxml +, markdown , packaging , pytz , requests @@ -22,7 +23,7 @@ buildPythonPackage rec { pname = "faraday-plugins"; version = - "1.11.0"; + "1.12.0"; src = fetchPypi { @@ -30,7 +31,7 @@ buildPythonPackage rec { pname version; sha256 = - "1yzvhzc4rm473057dvwmc2kv6yzp9zp9hhhaj7knn0jbc7rapv2i"; + "0g4nfdyd4zmv7kdly1489q7mmsdm506hps1hs5l1sf4db37jwh17"; }; propagatedBuildInputs = @@ -46,6 +47,7 @@ buildPythonPackage rec { colorama tabulate packaging + markdown ]; # TODO FIXME diff --git a/pynixify/packages/faradaysec/default.nix b/pynixify/packages/faradaysec/default.nix index b2fc4424875..23974b17865 100644 --- a/pynixify/packages/faradaysec/default.nix +++ b/pynixify/packages/faradaysec/default.nix @@ -70,7 +70,7 @@ buildPythonPackage rec { pname = "faradaysec"; version = - "4.3.5"; + "4.4.0"; src = lib.cleanSource diff --git a/pynixify/packages/flask-socketio/default.nix b/pynixify/packages/flask-socketio/default.nix index 3a569c3a589..220fd9c7e38 100644 --- a/pynixify/packages/flask-socketio/default.nix +++ b/pynixify/packages/flask-socketio/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "flask-socketio"; version = - "5.3.3"; + "5.3.4"; src = fetchPypi { @@ -22,7 +22,7 @@ buildPythonPackage rec { pname = "Flask-SocketIO"; sha256 = - "0pgfxy2rp45bxnmf384c87mxnw26vmhqckqzq35icsdps4npciwg"; + "0321g4l7k4w87xyl998kblvacbwj10bx0l27rixw72pnkff3gg8w"; }; propagatedBuildInputs = diff --git a/pynixify/packages/pyjwt/default.nix b/pynixify/packages/pyjwt/default.nix index a2bdabc7c8c..869a67c808b 100644 --- a/pynixify/packages/pyjwt/default.nix +++ b/pynixify/packages/pyjwt/default.nix @@ -11,7 +11,7 @@ buildPythonPackage rec { pname = "pyjwt"; version = - "2.6.0"; + "2.7.0"; src = fetchPypi { @@ -20,7 +20,7 @@ buildPythonPackage rec { pname = "PyJWT"; sha256 = - "1z85kwr945rbzrn5wabrsmck5x8disa9wc7b3y5gci7w65z5qa39"; + "0x70qffax798pbkcn3yd9kh99yzqzlss1ra98cnilp18qjis8v5x"; }; # TODO FIXME diff --git a/pynixify/packages/python-engineio/default.nix b/pynixify/packages/python-engineio/default.nix index 9827098c25c..12f2b5681f2 100644 --- a/pynixify/packages/python-engineio/default.nix +++ b/pynixify/packages/python-engineio/default.nix @@ -11,7 +11,7 @@ buildPythonPackage rec { pname = "python-engineio"; version = - "4.4.0"; + "4.4.1"; src = fetchPypi { @@ -19,7 +19,7 @@ buildPythonPackage rec { pname version; sha256 = - "1wjcs180yj6pq9cgml5dm9ngllbcradg37nlrz1sqc6c1v3kbh5w"; + "0a8c29h93npf5svbg3w15h4wv17z5mqnyf16nlk5j680ngn66dpb"; }; # TODO FIXME diff --git a/requirements.txt b/requirements.txt index 18755a71e2a..6a915c24462 100644 --- a/requirements.txt +++ b/requirements.txt @@ -36,7 +36,7 @@ syslog-rfc5424-formatter>=1.1.1 simplekv>=0.13.0 Flask-KVSession-fork>=0.6.4 distro>=1.4.0 -faraday-plugins>=1.10.0,<2.0.0 +faraday-plugins>=1.12.0,<2.0.0 apispec>=4.0.0,<5.0.0 apispec-webframeworks>=0.5.0 pyyaml From 45076e1c7a5c691c87149e1edba7d6a7e5ff1aa2 Mon Sep 17 00:00:00 2001 From: Diego Nadares Date: Mon, 29 May 2023 10:14:07 -0300 Subject: [PATCH 31/31] ready for release 4.4.0 --- CHANGELOG/4.4.0/community.md | 4 ++++ CHANGELOG/4.4.0/date.md | 1 + CHANGELOG/current/7394.json | 4 ---- CHANGELOG/current/7426.json | 4 ---- CHANGELOG/current/7447.json | 4 ---- CHANGELOG/current/7476.json | 4 ---- CHANGELOG/current/7481.json | 4 ---- CHANGELOG/current/7500.json | 4 ---- RELEASE.md | 7 +++++++ 9 files changed, 12 insertions(+), 24 deletions(-) create mode 100644 CHANGELOG/4.4.0/community.md create mode 100644 CHANGELOG/4.4.0/date.md delete mode 100644 CHANGELOG/current/7394.json delete mode 100644 CHANGELOG/current/7426.json delete mode 100644 CHANGELOG/current/7447.json delete mode 100644 CHANGELOG/current/7476.json delete mode 100644 CHANGELOG/current/7481.json delete mode 100644 CHANGELOG/current/7500.json diff --git a/CHANGELOG/4.4.0/community.md b/CHANGELOG/4.4.0/community.md new file mode 100644 index 00000000000..9d25044781a --- /dev/null +++ b/CHANGELOG/4.4.0/community.md @@ -0,0 +1,4 @@ + * [ADD] Now it's possible to modify the host or service assigned of a vulnerability. #7476 + * [MOD] Now `/get_manifest` separates the optional environment variables from the rest. #7481 + * [FIX] Add `not_any` filter operator which will retrieve results that not contains the value requested. #7394 + * [FIX] Make `get_manifest` compatible with all versions of dispatcher. #7500 diff --git a/CHANGELOG/4.4.0/date.md b/CHANGELOG/4.4.0/date.md new file mode 100644 index 00000000000..36a69a848bc --- /dev/null +++ b/CHANGELOG/4.4.0/date.md @@ -0,0 +1 @@ +May 29th, 2023 diff --git a/CHANGELOG/current/7394.json b/CHANGELOG/current/7394.json deleted file mode 100644 index 3dbb75376d7..00000000000 --- a/CHANGELOG/current/7394.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "level": "community", - "md": "[FIX] Add `not_any` filter operator which will retrieve results that not contains the value requested. #7394" -} diff --git a/CHANGELOG/current/7426.json b/CHANGELOG/current/7426.json deleted file mode 100644 index 5ace7840ad1..00000000000 --- a/CHANGELOG/current/7426.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "level": "community", - "md": "[MOD] Allow workspace to start with capital letter. #7426" -} diff --git a/CHANGELOG/current/7447.json b/CHANGELOG/current/7447.json deleted file mode 100644 index 2c5bb4f6613..00000000000 --- a/CHANGELOG/current/7447.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "level": "prof", - "md": "[ADD] Add global assets endpoint and when the maximum number of hosts is exceeded, the command will have a warning. #7447" -} diff --git a/CHANGELOG/current/7476.json b/CHANGELOG/current/7476.json deleted file mode 100644 index ec512857a22..00000000000 --- a/CHANGELOG/current/7476.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "level": "community", - "md": "[ADD] Now it's possible to modify the host or service assigned of a vulnerability. #7476" -} diff --git a/CHANGELOG/current/7481.json b/CHANGELOG/current/7481.json deleted file mode 100644 index 574c2c62a3a..00000000000 --- a/CHANGELOG/current/7481.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "level": "community", - "md": "[MOD] Now /get_manifest separate the optional environment variables from the rest. #7481" -} diff --git a/CHANGELOG/current/7500.json b/CHANGELOG/current/7500.json deleted file mode 100644 index f756acbcfa8..00000000000 --- a/CHANGELOG/current/7500.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "level": "community", - "md": "[FIX] Make get_manifest compatible with all version of dispatcher #7500" -} diff --git a/RELEASE.md b/RELEASE.md index 35f16f3a720..50895f5bcae 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -2,6 +2,13 @@ New features in the latest update ===================================== +4.4.0 [May 29th, 2023]: +--- + * [ADD] Now it's possible to modify the host or service assigned of a vulnerability. #7476 + * [MOD] Now `/get_manifest` separates the optional environment variables from the rest. #7481 + * [FIX] Add `not_any` filter operator which will retrieve results that not contains the value requested. #7394 + * [FIX] Make `get_manifest` compatible with all versions of dispatcher. #7500 + 4.3.5 [Apr 12th, 2023]: --- * [FIX] Modify migration with autocommit. #7487