Release notes 2.3.4

Product

EclecticIQ Platform

Release version

2.3.4

Release date

2019-04-01

Summary

Maintenance release containing bug fixes

Upgrade impact

Low

Time to upgrade

~30 minutes to upgrade

  • From the previous release

  • Using the installation script

  • For an instance running on one machine.

Time to migrate

n/a

EclecticIQ Platform 2.3.4 is a maintenance release. It contains a mix of fixes for bugs and security issues.

Upgrade

Upgrade path from release 2.0.x(.x) to 2.3.4:

images/download/attachments/23432012/eiq-tip-upgrade-paths.png
EclecticIQ Platform upgrade paths to release 2.3.4

Enhancements

  • The STIX data validation pipeline now includes additional checks to address specific edge cases.

  • We have implemented stricter validation of output data before it is packaged for dissemination through outgoing feeds.

  • We have also resolved numerous bugs in the UI and the API. The UI is now stricter about the values users are allowed to enter in the entity builder.

  • The platform is still flexible regarding the data it accepts from third-party intel data providers.

Important bug fixes

This section is not an exhaustive list of all the important bug fixes we shipped with this release.

  • Clicking Save and duplicate would take you out of the workspace.
    When you created a dataset in the workspace and clicked Save and duplicate, instead of remaining within the workspace, you would be taken to All Intelligence.
    This has now been fixed.

  • Flashpoint would trigger an error when clicking View full content .
    When you uploaded a JSON file, opening the Overview pane and clicking View full content would show you an extract instead of the complete report.
    This has now been fixed.

  • Flashpoint would trigger an error when clicking the JSON tab.
    When manually uploading an EclecticIQ JSON file holding a Flashpoint report, and then trying to open it through the JSON tab, it would return an error.
    This has now been fixed.

  • After editing a report entity attachment, it would disappear.
    This has now been fixed.

  • Non-admin users were unable to save a graph.
    When a non-admin user with all permissions created a graph, clicking Save would return an error.
    This has now been fixed.

  • Newly created entities kept displaying the SHOW PROGRESS notification.
    After creating and publishing a new entity, the system got stuck at this notification.
    This has now been fixed.

  • Editing an enrichment rule would remove the active selection in the Source field.
    This has now been fixed.

  • The text of very long graph names would spill over their designated fields onto neighboring areas of the UI.
    This has now been fixed.

  • It was not possible to assign collaborators to workspaces.
    Selecting users to add to a workspace, and then clicking Share to confirm would return an error.
    This has now been fixed.

  • Reprocessing an uploaded JSON file would result in an error.
    This has now been fixed.

  • The EclecticIQ JSON format outgoing feed processed data slowly.
    We improved its performance and reduced processing time for the data.

  • Entity rules not tagging consistently.
    Larger entity rules (10K+ entities) were not tagging consistently upon ingestion.
    You would need to run the rule manually after ingestion.
    This has now been fixed.

  • Refreshing a report would result in a scroll lock.
    When opening a report and refreshing the page, the the report would open fullscreen.
    The screen would lock up, making scrolling impossible.
    This has now been fixed.

  • Relationships of reports would disappear during editing.
    Editing a report containing relationships to CVE exploit target entities would cause the related CVE exploit target to disappear from the Relations section of the report.
    Publishing the report would restore them.
    This has now been fixed.

  • The workspaces were slow to load.
    Steps have been taken to improve the performance.

  • One rule was not matching entities or working as it should.
    This has now been fixed.

  • Outgoing feeds packaged content for publication as HTML reports, but did not apply any user-defined content filtering.
    This has now been fixed.

  • Due to the selector closing automatically, the execution schedule iteration could not be set up.
    This has now been fixed.

Security issues and mitigation actions

The following table lists known security issues, their severity, and the corresponding mitigation actions.
The state of an issue indicates whether a bug is still open, or if it was fixed in this release.

For more information, see All security issues and mitigation actions for a complete and up-to-date overview of open and fixed security issues.

Known issues

  • We implemented stricter STIX data validation checks.
    As a consequence, users may experience more STIX validation warnings.

  • Occasionally, when accessing a workspace, it may take some time to retrieve workspace data from the backend.

Contact

For any questions, and to share your feedback about the documentation, contact us at [email protected] .



^ back to top