Version 6.1.4

Enhancements:

• #7102 Taking into account workflow ID at relationship creation
• #7058 [backend/frontend] Add an option in user to force stateless session
• #7018 Improve search to prevent score ordering when specific ordering is requested
• #6843 Be able to select the default dashboard for home
• #5549 Add specific capability to access audit logging

Bug Fixes:

• #7097 A user with no access to knowledge shouldn't see the Global Search bar
• #7078 Error on Inject simulated emails
• #7044 Error logs meta information missing
• #7042 Boutton "Share as public dashboard" is displayed in Investigation screen
• #7015 Deleting a report with orphans lead to errors
• #6996 [Workbench] Creating or editing Observable File does not work
• #6991 Once a report is shared with an organisation, added entities are not shared
• #6919 Selecting a domain as a nested object of an Ipv4 crashes the front
• #6797 Entities disappearing when editing container on workbench
• #6421 Deletion leaves some orphans
• #6383 System non-responsive (UI nearly unusable) when editing/downloading/saving large HTML files in content editor

Pull Requests:

• [backend] remove concurrency in reportDeleteWithElements (#7015) by @JeremyCloarec in #7021
• [backend] check user access rights before deletion(#6421) by @JeremyCloarec in #6811
• [frontend] improve large HTML content editing (#6383) by @frapuks in #6958
• [frontend] hide share as public dashboard button for investigation (#7042) by @marieflorescontact in #7045
• [frontend] Fix workbench SDO deduplication (#6797) by @SouadHadjiat in #7033
• [frontend] Workbench: use octi observable type instead of stix type to compute observable value (#6996) by @lndrtrbn in #7046
• [frontend]Error message for the dashboard form is missing(#6704) by @CelineSebe in #7067
• [frontend] Tooltip on group confidence level, displaying overrides by @CelineSebe in #7010
• [backend] Fix error in OpenBas scenario generation (#7078) by @RomuDeuxfois in #7076
• [backend/frontend] Add an option in user to force stateless session (#7058) by @richard-julien in #7059
• [backend/frontend] Improve search to prevent score ordering when specific ordering is requested (#7018) by @richard-julien in #7019
• [frontend/backend] Default dashboard available in popover by @Kedae in #7030
• [frontend] Selecting a domain as a nested object of an Ipv4 crashes the front (#6919) by @ValentinBouzinFiligran in #6923
• Update react monorepo by @renovate in #7084
• Update dependency apexcharts to v3.49.1 by @renovate in #7081
• Update dependency axios to v1.7.2 by @renovate in #7082
• [frontend/backend] Add available filter keys to stored filters for Taxii collections by @Goumies in #7057
• [backend] adapt effective confidence level computation (#6878) by @labo-flg in #7047
• [backtend] create sharing task when add or delete relations (#6991) by @marieflorescontact in #7074
• [backend/frontend] Create 2 capabilities to access audit logging (#5549) by @SarahBocognano in #7048

Full Changelog: 6.1.3...6.1.4

Version 6.1.3

Enhancements:

• #7026 Add chmod for docker files new directories .support and telemetry

Bug Fixes:

• #6976 Remove "Entity" choice from Entity type list in data view filter
• #6951 [Live stream] Deleting data on the sender's side deletes the data on the receiver's side
• #6834 Can't unlink a task from a case template
• #6824 TTPs export from knowledge tab does not work as expected
• #6783 Page crash in data/entities when shift selecting multiple entities of the same type
• #6658 Headers in CSV feeds are not respecting the separator

Pull Requests:

• [frontend] remove unnecessary abstract types in entity type filter list (#6976) by @Archidoit in #6987
• [frontend] fix incorrect query used in RuleList (#6873) by @labo-flg in #6988
• [frontend/backend] Fix the separator in CSV feed's header(#6658) by @CelineSebe in #6957
• [frontend] use i18n properly to insert links in text by @labo-flg in #7007
• [frontend] Drone e2e wait longer for API to inject data (fix flaky tests) by @lndrtrbn in #7024
• [frontend] Fix the Shift key multi-select issue in the data/entities(#6783) by @CelineSebe in #7025
• [frontend/backend] Fix Can't unlink a task from a case template (#6834) by @SarahBocognano in #6986
• [backend] Add an option in logger to enable logging of data from Error. (#6818) by @aHenryJard in #7004
• [backend] fix stream sync handling of loss of entity visibility by @JeremyCloarec in #7035

Full Changelog: 6.1.2...6.1.3

Version 6.1.2

Enhancements:

• #6944 [backend] Add family option in Redis to support IPv6 domain connection
• #5648 Implement test automation for CRUD

Bug Fixes:

• #7000 [backend] Ensure export files visibility inside list or elements
• #6983 [Rule engine] We can't access the config panel of rule engine
• #6978 [Playbook] Issue when manipulating an observable
• #6977 Most active labels on dashboard is not working
• #6973 [TAXII collection] Not a valid ISO8601-formatted datetime (non-compliant with the TAXII 2.1 spec)
• #6953 [Dashboard] No available option for "Relationship_type" filter
• #6952 "Resolved credential object is not valid" when updating from 6.0.10 -> 6.1.0
• #6941 [Playbook] Manipulate knowledge/manipulate all elements in the bundle Error
• #6920 user with only access knowledge capability can remove entities from reports
• #6886 CSV Mappers can have no representations, leading to errors in ingestion
• #6866 [Playbook] Generation of indicator after enrichment does not work
• #6796 [Playbook] Detection field not updated by the playbook
• #6732 Dashboard time filter not properly taken into account depending on view
• #6739 [Playbook] Rename Filter knowledge to Match to reflect his real behavior
• #6311 [Playbook] Error when applying label on some types of observables

Pull Requests:

• [frontend] Fix all filters usage by @Kedae in #6971
• [frontend] displays ContainerStixCoreObjectPopover if update capability (#6920) by @marieflorescontact in #6924
• [backend] Add initializer to file engine to allow async loading of the configuration (#6952) by @richard-julien in #6982
• [Backend] Fix relationship_type get from rule page by @Kedae in #6985
• [Backend] Fix marking getting in settings if not existing by @Kedae in #6981
• [frontend ] Changes e2e tests for Report update to avoid flaky tests by @lndrtrbn in #6993
• [backend] validate CSV mappers representations (#6886) by @labo-flg in #6893
• [frontend] Fix relationships widgets not using the date attribute (#6732) by @labo-flg in #6970
• [frontend] TTPs export from knowledge tab does not work as expected (#6824) by @ValentinBouzinFiligran in #6998
• [backend] Improve playbook automation by @richard-julien in #6984

Full Changelog: 6.1.1...6.1.2

Version 6.1.1

Bug Fixes:

• #6956 Align colors in triggers icons / chips
• #6948 Public dashboards with platform organization are not working
• #6942 Error when importing text files or PDFs
• #6934 Back button no longer works
• #6874 Already deleted error when cascade deleting in report
• #6873 [technical] incorrect use of stixCoreRelationshipDistribution queries
• #6845 [Indicator generation] Text displayed false
• #6804 Several clicks needed to open an entity page displayed on a widget "List Distribution"
• #6761 'sighting' export from an entity exports all the sightings of the platform
• #6757 CSV feeds screen broken after deleting the CSV mapper
• #6718 Confidence field is disabled in admin when > 100

Pull Requests:

• [frontend] fix several click needed to go to entity (#6804) by @marieflorescontact in #6936
• Fix flaky e2e test by @marieflorescontact in #6901
• [backend/frontend] prevent delete CSV mappers if used by CSV ingesters (#6757) by @labo-flg in #6891
• [frontend] 'sighting' export from an entity exports all the sightings of the platform (#6761) by @ValentinBouzinFiligran in #6926
• [backend] improved code comments (#1536) by @JeremyCloarec in #6940
• [frontend] fix icons/chips colors in triggers list (#6956) by @Archidoit in #6964
• [frontend] always enable confidence level field in admin screens (#6718) by @labo-flg in #6965
• [backend] improve report cascade delete algorithm to prevent Already deleted error (#6874) by @JeremyCloarec in #6967
• [frontend/backend] Fix incorrect use of stixCoreRelationshipDistribution queries (#6873) by @marieflorescontact in #6910
• Error when importing text files or PDFs (#6942) by @richard-julien in #6974
• [frontend] Fix Navigation issue (#6934) by @Kedae in #6955
• [backend] fix public dashboard with platform organization (#6948) by @marieflorescontact in #6966
• [frontend] Complete Reports e2e tests (#5648) by @marieflorescontact in #6927
• [frontend] indicator generation Text displayed false (#6845) by @ValentinBouzinFiligran in #6890

Full Changelog: 6.1.0...6.1.1

Version 6.1.0

Dear community, we're delighted to announce the release of OpenCTI 6.1.0 🥳! This milestone materializes our Extended Threat Management suite by integrating OpenCTI with our new Breach and Attack Simulation open-source platform OpenBAS 🔥 !! And that’s not all! 6.1 incorporates also a lot of long awaited features🚀!

First of all, let's discuss the OpenBAS integration 🤝. OpenBAS is a platform where you can define series of events (technical or not) to be simulated towards endpoints or players. These simulations help you evaluate your security posture. Evaluating security posture makes more sense when tested against real and relevant threats. Here comes your OpenCTI and all of its carefully triaged, qualified, and crafted CTI! Directly from the Overview of Reports, Cases, and even Threats, you can generate a Breach and Attack simulation, evaluate your security posture, and have results integrated into your threat context. At a glance, you'll know if you are at risk! 🤯 We are very excited to bring this to the community and can't wait to receive your feedback on it!

OpenCTI 6.1.0 also brings Public Dashboards 📢! Now, you can create snapshots of your custom Dashboards and share them via a permalink, with people who don't have access to your OpenCTI platform. But these snapshots aren't static—they dynamically update as data in OpenCTI changes over time! Because data confidentiality always matters 🤫, users and platform administrators can control which data is shared through Public Dashboards using a maximum marking definition setting.

Now, regarding confidentiality, we've enhanced how marking definitions are handled for files associated with Knowledge entities. You can specify the maximum marking for generating exported file contents and apply markings directly to the files themselves 🛡️.

With this milestone, we're thrilled to introduce a long-awaited feature: rollback on deletion! Who hasn't felt the frustration of accidentally deleting the APT28 Intrusion Set from the platform 😱? I certainly have 😉 ! Mistakes are inevitable, and until now, some deletion actions were not easily reversible. But those days are behind us! Users now have the ability to rollback deletions for up to 7 days, by default. When you delete a Knowledge entity or relation, it's sent to a Trash collector where it can be restored from! So, the next time you accidentally delete APT28 or Cobalt Strike and their countless relationships, fear not—they'll be waiting for you in the trash, ready to be restored 😌.

Speaking of rollback, you may have also noticed that a 6.0 minor release introduced rollback functionality for investigations' graphs. Give it a try!
Version 6.0 introduced the Max Confidence level feature for users and groups, offering a powerful tool for enhancing Knowledge quality within your platform. If you haven't already, check out the dedicated blog post for more details. OpenCTI 6.1 takes it a step further 🚀! Now, you can define max confidence level overrides per entity types! This means you can tailor the impact of connectors on entities like Intrusion Sets and Vulnerabilities differently. You can also give more control to users over certain entities like Reports while limiting control over others like Locations and Sectors, for example. Give it a try and let us know what you think about it!

We've dedicated some time to enhance our Assignee system for Cases. Now, when users are assigned to Cases (whether as Assignee or Participant), they'll receive automatic notifications about the assignment and any subsequent changes made to the Case. Additionally, you now have the option to define in your Profile how you prefer to be notified by default for these assignments 💼.

To enhance our ability to address any bugs you encounter on your OpenCTI platform, we're implementing a Support Package generation system. Administrators can now generate an archive containing relevant log files from all nodes, aiding in more precise diagnostics of any situation. Additionally, users now have the capability to copy and paste the stack trace directly when an error occurs in the front-end 🛠️.

On the Integration side, we updated Malpedia and Recorded Future connector to make them Playbook compatible. We also created a Crowdstrike Falcon EDR connector to send IoC from OpenCTI to Falcon. Community members brought also a lot of value over the last minor releases, with the development of connectors for NIST NVD CPE, RST Noise Control, MITRE ATLAS matrix, Malcore and Socprime. Thanks a lot! ♥️

OpenCTI 6.1 also introduces our telemetry framework. These metrics collection is now mandatory for us to improve platform performances, as current usage implies significantly larger data volumes than before. It is also essential for us to enhance internal workflows and adapt them to community usage patterns. All collected data are anonymous and statistical. You can find detailed information on the collected data and associated usage in the telemetry documentation.

Finally, for those within our community operating in highly confidential environments, we've made a significant improvement to our Python framework to natively support air-gapped architecture. Our CTO, Julien Richard, has authored a dedicated blogpost to assist you with this. Be sure to check it out for detailed guidance 🧠.

⚠️ Breaking changes

It is not possible anymore to ingest Objects with a name containing less than 3 characters (space character at the beginning or the end of the string are not included in the count)

Enhancements:

• #6930 [playbook] Improve playbook to implement looping control and avoid extra execution
• #6904 Report frontend error in logs and support package
• #6899 [backend] Improve graphql subscriptions data control
• #6898 [backend] Add batch aliases protection in graphql api
• #6896 Secure schema changing force_disabled_introspection option to true by default
• #6883 Introduce credential provider for elasticsearch / redis and minio
• #6292 Implement the Telemetry framework into OpenCTI
• #5859 OpenBAS integration
• #5823 Marking definitions for uploaded files
• #5797 Apply marking definition to export files
• #5548 Be able to generate a "support package" by clicking on a button
• #4903 Share Public Dashboard - MVP
• #4900 Add overrides to the max confidence level of Users for specific Entities
• #3389 Global problem about displayed nested / refs relationships everywhere
• #3365 Notifying users when they are Assignee/Participant
• #1536 Be able to go back or cancel suppression

Bug Fixes:

• #6897 [backend] Prevent user to regenerate is 2FA secret
• #6894 Cannot expand entities in investigations
• #6888 Country flag next to IP addresses have disappeared in observables list
• #6837 Impossible to add an override for a new user who doesn't have an initialized user confidence level.
• #6833 Malware analysis name displayed as Unknown in Search list
• #6832 Knowledge widget filters issues
• #6827 OpenCTI doesn't have the same logo spacing on light and dark mode
• #6820 Global search no indication when files are found
• #6816 Cannot add Data Component through contextual component
• #6809 Capability "Restrict organization access" has a different name in DB
• #6787 Threat Actor Participate In Campaign not displayed in the Campaign knowledge Tab attribution view
• #6779 Unusable filter for observables
• #6777 Widgets handle relation between Role and Capability
• #6768 Translation in french for light theme is not correct
• #6765 Relationships of observables are not correctly displayed
• #6764 Horizontal bar charts are not clickable anymore
  ...

Version 6.0.10

Enhancements:

• #6638 Improve objects resolutions event loop usage for large report (60K+ object_refs)
• #6602 [backend/frontend] Add TrackingNumber and Credential observables
• #6303 Upgrade react router to v6
• #3167 Be able to rollback / cancel expanding an entity in investigation

Bug Fixes:

• #6717 Impossible to search a user using its email address in Security => Users
• #6708 Creating an entity with ending/starting whitespaces can lead to stream sync infinite loop
• #6706 Marking displayed as none when creating a entity
• #6703 Frontend not updated properly when adding a user to a group
• #6702 Very slow session refresh and possible infinite loop in the cache management
• #6698 User can create entities with blank names
• #6696 Loader keeps turning in relationship creation from entity when Reverse relation
• #6692 Entity type filters not protected in contextual relationship creation list
• #6687 ObservedData name not displaying correctly in container list for an object
• #6681 Small typo in pycti/entities/opencti_stix_cyber_observable.py line 1650
• #6680 Not translated error message in creation report form
• #6666 Linked RFI is not displayed in Report's entities panel
• #6655 Most used filters are at the end of the list instead of beginning
• #6648 Bad french translations
• #6646 Missing translations on Profil page
• #6635 Slow list entities graphQL queries with refs loading
• #6601 UI stuck when opening the relationship edition form
• #6599 Markers on map are not placed at the right place
• #6585 In playbook => manipulate knowledge, statuses are not correctly grouped
• #6581 [Playbook] The drop-down menu doesn't show everything
• #6578 Opinion are not visible anymore
• #6559 Error when merging imported entities
• #6551 Error message when searching in Incidents / Knowledge / Attack patterns
• #6528 Region countries are not highlited anymore
• #6521 Widgets that use the entity color might end up unreadable
• #6520 PolarArea widget does not take into account the colors of the entities
• #6518 Relationship updates at CSV file import don't check confidence
• #6507 [Merge] Bad management of Author when merging several Organizations
• #6502 No error when merging two entities with a higher confidence level
• #6501 The merge does not take into account the max confidence level in some cases.
• #6499 Incomplete JSON export of reports
• #6472 Redirect to specific vulnerability from a widget does not work
• #6407 "Select all" not available for relationship creation
• #6404 Error not shown in UI
• #6384 when downloading artifact in encrypted zip, original file inside encrypted zip has also .zip added in name instead preserving original filename
• #6379 When a document is imported in grouping, it does not appear in content
• #6360 [Groupings] Content is not saved
• #6319 Relationship Distribution gives inconsistent results when changing the limit parameter
• #6174 [Export CSV (dashboard)] CSV export of widget cuts off data

Pull Requests:

• Bump vite from 5.2.4 to 5.2.6 in /opencti-platform/opencti-front by @dependabot in #6560
• Bump vite from 5.2.3 to 5.2.8 in /opencti-platform/opencti-graphql by @dependabot in #6561
• Update dependency vite to v5.2.6 [SECURITY] - autoclosed by @renovate in #6562
• [backend] use representatives in distrib graphs, including 'restricted' case (#6319) by @labo-flg in #6323
• Update dependency react-intl to v6.6.4 by @renovate in #6571
• Update opentelemetry-js monorepo by @renovate in #6569
• Update dependency css-loader to v6.11.0 by @renovate in #6568
• Update dependency react-cookie to v7.1.4 by @renovate in #6570
• Update dependency reactflow to v11.11.0 by @renovate in #6587
• Update aws-sdk-js-v3 monorepo to v3.549.0 by @renovate in #6586
• [frontend] fix call to stixCoreRelationshipsDistribution by @labo-flg in #6580
• Update dependency recharts to v2.12.4 by @renovate in #6588
• Update material-ui monorepo by @renovate in #6589
• Update dependency react-router-dom to v6 by @renovate in #5575
• Update dependency typescript to v5.4.4 by @renovate in #6596
• Update dependency vite-plugin-static-copy to v1.0.2 by @renovate in #6598
• [backend] Fix No error when merging two entities with a higher confidence level (#6502) by @SarahBocognano in #6565
• [frontend] Fix "Select all" not available for relationship creation (#6407) by @SarahBocognano in #6574
• Update dependency vite to v5.2.8 by @renovate in #6597
• [frontend] fix error when searching attack patterns (#6551) by @marieflorescontact in #6591
• [frontend] change message if no vocabulary when creating opinion (#6578) by @marieflorescontact in #6593
• [frontend] roll back investigation graph after expanding a node (#3167) by @ValentinBouzinFiligran in #6468
• [frontend] fix editing panel closing (#6601) by @marieflorescontact in #6624
• [frontend] relationship page - remove padding right by @frapuks in #6631
• [frontend] Improve PolarArea widget by @lndrtrbn in #6595
• [frontend] replace icon anchor on minimap (#6599) by @frapuks in #6639
• [frontend] CI Verify translation automatically by @jpkha in #6590
• [backend] fix rels batch loading (#6635) by @SouadHadjiat in #6636
• [backend] Improve objects resolutions event loop usage for large report (#6638) by @richard-julien in #6640
• [frontend] add deprecated message on makeStyles calls by @lndrtrbn in #6661
• Fix the redirection to "files" when exporting in observed data and notes by @CelineSebe in #6628
• [frontend/backend] fix translations (#6648) by @Archidoit in #6649
• [frontend] fix filters group sorting in filter list (#6655) by @Archidoit in #6663
• [frontend/backend] Fix 'User experience' and 'Unit system translation(#6… by @CelineSebe in #6664
• [backend/frontend] Logica...

Version 6.0.9

Enhancements:

• #5756 Implement sorting on max confidence level in groups

Bug Fixes:

• #6549 Error on instance context
• #6542 Missing marking colors in group edition form
• #6526 Launching a background task should uncheck the select all box
• #6523 Icon for polar area widget is the same as radar
• #6522 Bulk Search not returning all results
• #6516 Slow entities list queries with status templates
• #6515 Donut widget on Entities cannot be configured properly: field is free text
• #6490 Clicking on one of the vulnerability in the homepage refreshes the page
• #6486 Cascade remove in report knowledge graph is not working as expected
• #6484 Removing a relation in a grouping knowledge graph removes it in all containers
• #6482 Nested refs are not properly removed in groupings knowledge graph
• #6464 When consulting a read-only dashboard, the "+" button is still displayed for widgets creation
• #6416 'in regards of' filter not correctly displayed in background task
• #6412 Home dashboards number metrics loarders are not centered vertically
• #6403 [TAXII ingester] Problem with passwords containing ":"
• #6400 Link to relationship object to ObservedData objects in Infrastructure object is wrong
• #6391 Several issues in filters of entities' knowledges tab
• #6389 Error deleting a file from a data tab
• #6382 Initial admin password with digits only fails on first platform start
• #6378 EE button in organization edition is not clickable
• #6357 Error on deletion of entities with many relationships
• #6350 No available options for Source entity filter
• #6327 Cannot hide entity type "External references"
• #6314 CSV Import Connector getting hung up on imports
• #6295 Background tasks trigger multiple multiple history events instead of one
• #6145 [Dashboard] Date displayed in a timeline view is inconsistent with the configuration
• #5884 Mechanisms inconsistency when "enforce reference" is activated
• #5857 [Data segregation] Enriching an observable removes sharing to organizations
• #5856 Access denied despite capabilities
• #5842 Hygiene connector displays user's name for enrichment actions
• #5293 network-traffic Observable created from a malicious-activity indicator doesn't have any dst_ref and linked object

Pull Requests:

• [frontend] fix widgets number alignment on default dashboard (#6412) by @lndrtrbn in #6466
• [backend/frontend] allow sorting groups by confidence level (#5756) by @labo-flg in #6183
• [frontend/backend] Cannot hide entity type "External references" (#6327) by @SarahBocognano in #6371
• [backend] use patchAttribute for ref relation Replace (#6295) by @marieflorescontact in #6396
• [frontend] add entity_type filter in Victimology tab (#6391) by @Archidoit in #6397
• [backend] Fix error deleting a file from a data tab (#6389) by @SouadHadjiat in #6467
• [frontend] use good StixType for Infrastucture link (#6400) by @frapuks in #6469
• [frontend] create unit tests utils functions and refacto Security tests by @lndrtrbn in #6492
• [frontend] add widget PolarArea for relationships by @lndrtrbn in #6470
• Replace dependency passport-saml with @node-saml/passport-saml 4.0.4 by @renovate in #6016
• Bump express from 4.19.1 to 4.19.2 in /opencti-platform/opencti-graphql by @dependabot in #6496
• Bump express from 4.19.1 to 4.19.2 in /opencti-platform/opencti-front by @dependabot in #6497
• [backend] Allow passwords with digits only for initial admin (#6382) by @aHenryJard in #6489
• Revert "Replace dependency passport-saml with @node-saml/passport-saml 4.0.4" by @aHenryJard in #6504
• [frontend] unit test example + improve testRender function by @lndrtrbn in #6503
• [frontend] Add Playwright teams webhook by @jpkha in #6178
• [frontend] fix redirection link to entity for WidgetDistributionList (#6490) by @marieflorescontact in #6512
• [frontend] fix remove relation ref from Grouping Knowledge graph (#6482) by @Archidoit in #6491
• [frontend] hide create widget button for read-only dashboard (#6464) by @marieflorescontact in #6511
• 'in regards of' filter display in background tasks by @Archidoit in #6420
• [frontend] Fix date attribute for list and timeLine widgets (#6145) by @marieflorescontact in #6487
• [backend] Improve config restrictions / visibility for batch rel loading by @richard-julien in #6473
• Update dependency typescript to v5.4.3 by @renovate in #6437
• [frontend] Added auto collapse and submenu icon switches to settings by @Bonsai8863 in #6341
• [backend] Improve template loading if available in cache (#6516) by @richard-julien in #6524
• [build] Unpriviledged user in Docker and wx permissions in logs volume by @WolfByttner in #6530
• [frontend] possibility to select attributes in entity widgets (#6515) by @Archidoit in #6519
• [frontend] change icon for PolarArea by @lndrtrbn in #6531
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.13.1 by @renovate in #6537
• Update dependency @elastic/elasticsearch to v8.13.0 by @renovate in #6535
• Update slack orb to v4.13.2 by @renovate in #6539
• Update docker.elastic.co/kibana/kibana Docker tag to v8.13.1 by @renovate in #6538
• Update Node.js to v20.12.0 by @renovate in #6534
• Update dependency openai to v4.32.1 by @renovate in #6536
• [frontend] Correct CSS color for various plus icons and one edit pencil by @ParamConstructor in #6540
• [backend] Improve connection drop handling for importCSV connector (#6314) by @JeremyCloarec in #6533
• [frontend/backend] Add validation on authentication field content for Taxii authentication (#6403) by @aHenryJard in #6529
• [backend] Filter observables creation with refs from indicators (#5293) by @SouadHadjiat in #6163
• Update dependency winston to v3.13.0 by @renovate in #6546
• Update dependency @emotion/styled to v11.11.5 by @renovate in #6547
• [frontend] fix bulk search not returning HashedObservable (#6522) by @marieflorescontact in #6548
• [frontend] Uncheck the 'select all' box when launching a background task (#6526) by @CelineSebe in #6532
• [frontend] fix EE button in organization edition is not clickable (#...

Version 6.0.8

Enhancements:

• #4090 Timeout in platform startup, could we get a more descriptive error?
• #1604 Search OpenCTI based on an STIX indicator patter

Bug Fixes:

• #6452 Decay score is rewritten at upsert even if the score passed at creation is the same
• #6415 Empty knowledge pages
• #6411 "Select all" selects the whole platform, not just what's on the screen
• #6401 Duplicate header
• #6399 [Playbook] "Promote observable" component crashes
• #6390 Some filters in the entities' "knowledge" tabs don't seem to work.
• #6386 Improve bulk Stix loader to support 100K+ relations loading in one bulk
• #6374 Live stream element dependency containers resolution fetching improvement
• #6346 Files search EE button not aligned
• #6318 Marking Definition Search Broken
• #6308 Can't search in Taxonomies > Kill chain phases
• #6307 [Filters] Not equals operator not working for status filters
• #6297 Replacing a marking on a existing entity with the same marking is triggering events
• #6275 Sample ref not created when importing a bundle STIX
• #6185 Connector page in GUI not available after proxy set up
• #6031 Errors related to Elasticsearch engine pagination.(CVE Connector error)

Pull Requests:

• Improve Simplified Chinese translations by @yolylight in #6365
• [frontend] improve e2e tests (#6343) by @SarahBocognano in #6367
• [backend] Live stream element dependency containers resolution fetching improvement (#6374) by @richard-julien in #6375
• [backend] avoid useless operations during batched replace (#6297) by @marieflorescontact in #6354
• Bump follow-redirects from 1.15.5 to 1.15.6 in /opencti-platform/opencti-front by @dependabot in #6363
• [backend] Fix search broken in kill chain phases and marking definition (#6308 & #6318) by @SarahBocognano in #6394
• [frontend] Fix Files search EE button not aligned (#6346) by @ValentinBouzinFiligran in #6376
• [backend] Fix connectors work cleanup perf (#6031) by @SouadHadjiat in #6203
• [backend] Add samples attribute to Malware in API by @JeremyCloarec in #6337
• [frontend/backend] Public dashboard chunk 2 (#4903) by @lndrtrbn in #5951
• [backend] fix workflow filter with not_eq operator (#6307) by @Archidoit in #6330
• [backend] Update errors that are not retryable by @Kedae in #6366
• [backend] Improve bulk Stix loader to support 100K+ relations loading in one bulk (#6386) by @richard-julien in #6387
• [backend] during boot: add try/catch at each step to improve debug (#4090) by @shawrupesh in #6398
• [backend] Fix Promote observable component crashes (#6399) by @SouadHadjiat in #6402
• [backend/frontend] fromOrTo relations filters with different operators/modes combinations (#6390) by @Archidoit in #6395
• [frontend] remove duplicate header (#6401) by @frapuks in #6414
• [frontend] Fix filtering for toolbar by @Kedae in #6413
• implement route 'infra / knowledge / incident' (#6415) by @frapuks in #6419
• [frontend] e2e fix eslint config for imports by @lndrtrbn in #6393
• Update dependency apexcharts to v3.48.0 by @renovate in #6423
• Update dependency date-fns to v3.6.0 - autoclosed by @renovate in #6424
• Update dependency express to v4.19.1 by @renovate in #6425
• Update dependency openai to v4.29.2 by @renovate in #6427
• Update aws-sdk-js-v3 monorepo to v3.540.0 by @renovate in #6422
• Update dependency graphql-scalars to v1.23.0 by @renovate in #6426
• Update dependency axios to v1.6.8 by @renovate in #6428
• Update material-ui monorepo by @renovate in #6431
• Update react monorepo by @renovate in #6432
• Update dependency @opensearch-project/opensearch to v2.6.0 by @renovate in #6433
• Update dependency eslint-plugin-react to v7.34.1 by @renovate in #6435
• Update dependency turndown to v7.1.3 by @renovate in #6429
• Update fontsource monorepo by @renovate in #6430
• Update dependency vite to v5.2.3 by @renovate in #6438
• Update dependency remark-flexible-markers to v1.2.1 by @renovate in #6436
• Update dependency eslint-plugin-import-newlines to v1.4.0 by @renovate in #6434
• Update Yarn to v4.1.1 by @renovate in #6445
• Update dependency @testing-library/react to v14.2.2 by @renovate in #6447
• Update dependency archiver to v7.0.1 by @renovate in #6449
• Update dependency winston to v3.12.0 by @renovate in #6440
• Update dependency yup to v1.4.0 by @renovate in #6441
• Update rjsf monorepo to v5.18.1 by @renovate in #6442
• Update typescript-eslint monorepo to v7.3.1 by @renovate in #6443
• Update dependency @graphql-tools/utils to v10.1.2 by @renovate in #6446
• [backend/frontend] Connector page in GUI not available after proxy set up (#6185) by @richard-julien in #6451
• Update dependency webpack to v5.91.0 by @renovate in #6439
• Update dependency esbuild to v0.20.2 by @renovate in #6450
• Update vitest monorepo to v1.4.0 by @renovate in #6444
• Update dependency @types/node to v20.11.30 by @renovate in #6448
• Update dependency tap to v18.7.1 by @renovate in #6455
• Update dependency vite to v5.2.4 by @renovate in #6456
• Update dependency jose to v5.2.3 by @renovate in #6458
• Update dependency html-to-pdfmake to v2.5.6 by @renovate in #6457
• Update dependency react-router-dom-v5-compat to v6.22.3 by @renovate in #6453
• Update dependency monocart-reporter to v2.4.5 by @renovate in #6459
• Update dependency recharts to v2.12.3 by @renovate in #6454
• Update dependency nodemailer to v6.9.13 by @renovate in #6460
• Update dependency archiver-zip-encrypted to v2 by @renovate in #6463
• Update dependency pdfmake to v0.2.10 by @renovate in #6461

New Contributors:

• @yolylight made their first contribution in #6365
• @ValentinBouzinFiligran made their first contribution in #6376
• @shawrupesh made their first contribution in #6398

Full Changelog: 6.0.7...6.0.8

Version 6.0.7

Bug Fixes:

• #6348 Can't add several values for a filter in Alert Live and Time Line views
• #6347 Quick adding of label filter works only once
• #6343 Impossible to create a relationship from an entity "knowledge" view
• #6335 'In regards of' filter should propose all the relationship types
• #6334 Error occurs when changing the bulk edition field
• #6329 Capabilities settings do not work correctly with the Connectors section
• #6326 Batch Update Observables Available Types Mismatch
• #6312 Unauthorized access to Data > Processing

Pull Requests:

• [frontend] allow all relationship types in 'in regards of' filter (#6335) by @Archidoit in #6336
• [frontend] fix FR translations by @labo-flg in #6339
• [frontend] fix bulk edition field changing (#6334) by @Archidoit in #6338
• [frontend] increase and sort values in bulk update lists (#6326) by @Archidoit in #6333
• [frontend] Fix Data > Ingestion and Processing menus access (#6312) (#6328) (#6329) by @SouadHadjiat in #6340
• [backend] fix targetEntity and sourceEntity filters (#6350) by @Archidoit in #6352
• [frontend] Impossible to create a relationship from an entity "knowledge" view (#6343) by @SarahBocognano in #6356
• [frontend] fix filters adding for TimeLine views, Alert Live, and label icon (#6348) by @Archidoit in #6349

Full Changelog: 6.0.6...6.0.7

Version 6.0.6

Enhancements:

• #6170 Ability to create observables/indicators from observabel/indicator when select all in the context of a container is not possible
• #5696 Enforce input validation against schema for patching object attributes

Bug Fixes:

• #6322 Take into account empty last seen in the playbook rule
• #6315 When upserting an entity, name should also change
• #6313 Critical bug in subscribers / instance trigger
• #6296 Icon size in dashboard choice (on home)
• #6294 Max confidence level in user disabled field
• #6293 In activity tab, the relation history is not working anymore
• #6291 Creation of created-by relatiohship is not protected to target only identity
• #6290 Login Display Issues
• #6288 'Add' icon bad alignement in forms fields
• #6283 Mass selection with the shift key does not work on Incident
• #6282 Missing "System" objects when trying to update incident author
• #6274 I can't create indicators within a report at once.
• #6264 Labels are clickable in horizontal bars (home dashboard) and should not be
• #6261 Mutation icon not always well displayed in Activity
• #6112 Cannot add TTP directly from matrix

Pull Requests:

• [frontend] fix content mapping view by @frapuks in #6159
• [frontend] Improve Simplified Chinese translations by @satan1a in #6277
• [frontend] add System in author update via background task (#6282) by @Archidoit in #6286
• [frontend] harmonise the size of dashboard icons (#6296) by @frapuks in #6300
• [backend] extend our vitest config for easier dev process by @labo-flg in #5796
• [backend] validate elUpdateElement input value against schema before indexing (#5696) by @labo-flg in #6046
• Update dependency convert to v5 by @renovate in #6234
• [frontend] fix bulk indicators generation (#6274) by @Archidoit in #6306
• [frontend] horizontal bars representing labels should not be clickable by @Archidoit in #6289
• [frontend] dont disable when value > limit (#6294) by @frapuks in #6299
• [frontend] Fix instance triggers subscription (#6313) by @SouadHadjiat in #6317
• [frontend] mutation icon appears in activity (#6261) by @CelineSebe in #6301
• [frontend] Fix cannot add TTP directly from matrix (#6112) by @SarahBocognano in #6272
• [frontend] Fix mass selection with the shift key in incidents container (#6283) by @CelineSebe in #6331
• [backend]Verify createdBy type on malware creation (#6291) by @aHenryJard in #6309
• [backend] Fix createdBy validation on SDO edit (#6291) by @SouadHadjiat in #6332
• [frontend] fix history filters in activity tab (#6293) by @marieflorescontact in #6305

New Contributors:

• @satan1a made their first contribution in #6277

Full Changelog: 6.0.5...6.0.6