From 76f67d661079502a627ae613e5b740a9755c8c4b Mon Sep 17 00:00:00 2001 From: Jose Angel Sanchez Velazquez Date: Thu, 17 Jul 2025 15:23:33 +0100 Subject: [PATCH 1/5] increase blocklist for maliciuos ip alert --- correlation/ti/ti.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/correlation/ti/ti.go b/correlation/ti/ti.go index e1ca56823..3ebaf50b5 100644 --- a/correlation/ti/ti.go +++ b/correlation/ti/ti.go @@ -1,13 +1,14 @@ package ti import ( - "github.com/tidwall/gjson" - "github.com/utmstack/UTMStack/correlation/correlation" - "github.com/utmstack/UTMStack/correlation/utils" "runtime" "strings" "sync" "time" + + "github.com/tidwall/gjson" + "github.com/utmstack/UTMStack/correlation/correlation" + "github.com/utmstack/UTMStack/correlation/utils" ) type Cache map[string]bool @@ -34,6 +35,8 @@ func blocked(log string) bool { "drop", "reject", "deny", + "timeout", + "closed", } for _, e := range exclusionList { From 595375e83f860099156dcc6c1aa54ff8d5e090e5 Mon Sep 17 00:00:00 2001 From: Yorjander Hernandez Vergara Date: Mon, 21 Jul 2025 11:50:02 -0400 Subject: [PATCH 2/5] Update version and changelog --- CHANGELOG.md | 5 +++-- version.yml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 617bbb6f5..173a5e4ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,4 @@ -# UTMStack 10.8.4 Release Notes +# UTMStack 10.8.5 Release Notes -- Enhanced security and compliance by upgrading several internal components—most notably the update server—to exclusively support TLS 1.3. \ No newline at end of file +- Expanded the exclusion dictionary for malicious IP connection logs to reduce false positives +- Automatically close alerts with SOC-AI when the feature is enabled \ No newline at end of file diff --git a/version.yml b/version.yml index 71d121f8c..e1809b58b 100644 --- a/version.yml +++ b/version.yml @@ -1 +1 @@ -version: 10.8.4 \ No newline at end of file +version: 10.8.5 \ No newline at end of file From 792797ab24646095a45b7c8830978e10e45fa83e Mon Sep 17 00:00:00 2001 From: Yorjander Hernandez Vergara Date: Mon, 21 Jul 2025 11:55:10 -0400 Subject: [PATCH 3/5] trigger actions --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 173a5e4ec..cd858bb18 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ # UTMStack 10.8.5 Release Notes -- Expanded the exclusion dictionary for malicious IP connection logs to reduce false positives -- Automatically close alerts with SOC-AI when the feature is enabled \ No newline at end of file +- Expanded the exclusion dictionary for malicious IP connection logs to reduce false positives. +- Automatically close alerts with SOC-AI when the feature is enabled. \ No newline at end of file From d561193a4d460eecdf75804fa499c695081445cf Mon Sep 17 00:00:00 2001 From: Manuel Abascal Date: Wed, 23 Jul 2025 09:27:43 -0500 Subject: [PATCH 4/5] replace npm install with npm ci for consistent dependency installation --- .github/workflows/v10-v11-used-docker-frontend.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/v10-v11-used-docker-frontend.yml b/.github/workflows/v10-v11-used-docker-frontend.yml index e4cd815dc..2d11272a1 100644 --- a/.github/workflows/v10-v11-used-docker-frontend.yml +++ b/.github/workflows/v10-v11-used-docker-frontend.yml @@ -32,7 +32,7 @@ jobs: working-directory: ./${{inputs.image_name}} run: | export NODE_OPTIONS=--max_old_space_size=8192 - npm install + npm ci npm run-script build - name: Setup BuildX From bc3b40a5ff8cfd6224a5c9c81eff3710c3df4b89 Mon Sep 17 00:00:00 2001 From: Manuel Abascal Date: Wed, 23 Jul 2025 09:35:12 -0500 Subject: [PATCH 5/5] replace npm ci with npm install in Docker frontend build process --- .github/workflows/v10-v11-used-docker-frontend.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/v10-v11-used-docker-frontend.yml b/.github/workflows/v10-v11-used-docker-frontend.yml index 2d11272a1..e4cd815dc 100644 --- a/.github/workflows/v10-v11-used-docker-frontend.yml +++ b/.github/workflows/v10-v11-used-docker-frontend.yml @@ -32,7 +32,7 @@ jobs: working-directory: ./${{inputs.image_name}} run: | export NODE_OPTIONS=--max_old_space_size=8192 - npm ci + npm install npm run-script build - name: Setup BuildX