Version 5.0.1
Dear community, OpenCTI 5.0.1 has been released π₯³! This minor release includes several bug fixes for all known issues since the release of the version 5 πΎ. Also, a new rule has been introduced to automatically create incidents based on sightings in order to prepare our future case management system π‘.
One of the major enhancements in 5.0.1 is also the activation of new sorting capabilities (by observable "value", by author, by marking definition, etc.) π, thanks to new ElasticSearch runtime fields. Next releases will be focused on garbage collection and case management, as planned in our strategic roadmap πͺ.
This version requires ElasticSearch >= 7.12 (for observables sorting). This is not compatible with OpenSearch/AWS. Given the feedback from the community, we have decided to bring back the support of OpenSearch in the next version using a feature flag to disable this feature if not supported.
Enhancements:
- #1588 Enhancement of modification reference
- #1587 Add UI capability to manage x_opencti_stix_ids
- #1585 Create the SightingIncident rule and adapt the observed sighting one
- #1578 Migration to Yarn 2
- #1571 Improve inputs resolution and change tests to use object_refs direct creation
- #1570 Populate x_opencti_additional_names field of File observable when merging multiple file names
- #1564 The deleted or merged entities should not be imported once again.
- #1477 Multitenancy support
- #1394 [frontend] Sort report observables causes crash
Bug Fixes:
- #1586 Creating report with all object_refs unknown fail
- #1582 Artifact STIX2.1 export
- #1581 Artifact - Mutual exclusion of properties 'url' and 'payload_bin'
- #1575 TAXII Collections Discovery URL
- #1572 [frontent] File - Artifact relationship wrong name
- #1517 It will show error if the TLP level is not granted to the user on the whole page
Pull Requests:
Full Changelog: 5.0.0...5.0.1
