From bfd8a78a553df89211aedf1192134674f8faeadd Mon Sep 17 00:00:00 2001
From: Kamil Mankowski <mankowski@cert.at>
Date: Thu, 27 Jul 2023 16:47:49 +0200
Subject: [PATCH 1/3] Fix uvicorn commands

---
 .docker/intelmq-full-dev/entrypoint-dev.sh | 2 +-
 entrypoint.sh                              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.docker/intelmq-full-dev/entrypoint-dev.sh b/.docker/intelmq-full-dev/entrypoint-dev.sh
index 6553d14..152ec75 100644
--- a/.docker/intelmq-full-dev/entrypoint-dev.sh
+++ b/.docker/intelmq-full-dev/entrypoint-dev.sh
@@ -26,6 +26,6 @@ then
     export INTELMQ_TEST_EXOTIC=1
     pytest-3 /etc/intelmq/intelmq/tests
 else
-    cd /etc/intelmq-api && uvicorn intelmq_api.main:app -p8080
+    cd /etc/intelmq-api && uvicorn intelmq_api.main:app --port 8080 --host 0.0.0.0
 fi
 
diff --git a/entrypoint.sh b/entrypoint.sh
index e59fc49..7b0bb46 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -16,5 +16,5 @@ then
     export INTELMQ_TEST_EXOTIC=1
     pytest-3 /opt/intelmq/intelmq/tests
 else
-    cd /opt/intelmq-api && uvicorn intelmq_api.main:app -p8080
+    cd /opt/intelmq-api && uvicorn intelmq_api.main:app --port 8080 --host 0.0.0.0
 fi

From 5142422890623c266e0c6d54ffe5fb4bb846cd09 Mon Sep 17 00:00:00 2001
From: Kamil Mankowski <mankowski@cert.at>
Date: Thu, 27 Jul 2023 16:51:22 +0200
Subject: [PATCH 2/3] Remove deprecated config

---
 example_config/intelmq/etc/feeds.yaml         | 54 -------------------
 .../intelmq/etc/manager/positions.conf        |  8 ---
 example_config/intelmq/etc/runtime.yaml       | 32 -----------
 3 files changed, 94 deletions(-)

diff --git a/example_config/intelmq/etc/feeds.yaml b/example_config/intelmq/etc/feeds.yaml
index e87fcba..d2c19f1 100644
--- a/example_config/intelmq/etc/feeds.yaml
+++ b/example_config/intelmq/etc/feeds.yaml
@@ -628,60 +628,6 @@ providers:
       revision: 2018-01-20
       documentation: https://project.turris.cz/en/greylist
       public: yes
-  Malc0de:
-    Bind Format:
-      description: This feed includes FQDN's of malicious hosts, the file format is
-        in Bind file format.
-      additional_information:
-      bots:
-        collector:
-          module: intelmq.bots.collectors.http.collector_http
-          parameters:
-            http_url: https://malc0de.com/bl/ZONES
-            rate_limit: 10800
-            name: __FEED__
-            provider: __PROVIDER__
-        parser:
-          module: intelmq.bots.parsers.malc0de.parser
-          parameters:
-      revision: 2018-01-20
-      documentation: http://malc0de.com/dashboard/
-      public: yes
-    Windows Format:
-      description: This feed includes FQDN's of malicious hosts, the file format is
-        in Windows Hosts file format.
-      additional_information:
-      bots:
-        collector:
-          module: intelmq.bots.collectors.http.collector_http
-          parameters:
-            http_url: https://malc0de.com/bl/BOOT
-            rate_limit: 10800
-            name: __FEED__
-            provider: __PROVIDER__
-        parser:
-          module: intelmq.bots.parsers.malc0de.parser
-          parameters:
-      revision: 2018-01-20
-      documentation: http://malc0de.com/dashboard/
-      public: yes
-    IP Blacklist:
-      description: This feed includes IP Addresses of malicious hosts.
-      additional_information:
-      bots:
-        collector:
-          module: intelmq.bots.collectors.http.collector_http
-          parameters:
-            http_url: https://malc0de.com/bl/IP_Blacklist.txt
-            rate_limit: 10800
-            name: __FEED__
-            provider: __PROVIDER__
-        parser:
-          module: intelmq.bots.parsers.malc0de.parser
-          parameters:
-      revision: 2018-01-20
-      documentation: http://malc0de.com/dashboard/
-      public: yes
   University of Toulouse:
     Blacklist:
       description: Various blacklist feeds
diff --git a/example_config/intelmq/etc/manager/positions.conf b/example_config/intelmq/etc/manager/positions.conf
index 942a4c7..b2eec86 100644
--- a/example_config/intelmq/etc/manager/positions.conf
+++ b/example_config/intelmq/etc/manager/positions.conf
@@ -27,14 +27,6 @@
         "x": -252,
         "y": 243
     },
-    "malc0de-parser": {
-        "x": 297,
-        "y": 24
-    },
-    "malc0de-windows-format-collector": {
-        "x": 433,
-        "y": 121
-    },
     "malware-domain-list-collector": {
         "x": 465,
         "y": -198
diff --git a/example_config/intelmq/etc/runtime.yaml b/example_config/intelmq/etc/runtime.yaml
index 0cfad2b..24afacf 100644
--- a/example_config/intelmq/etc/runtime.yaml
+++ b/example_config/intelmq/etc/runtime.yaml
@@ -118,38 +118,6 @@ gethostbyname-2-expert:
 global: {destination_pipeline_broker: redis, process_manager: intelmq, source_pipeline_broker: redis,
   ssl_ca_certificate: null, statistics_database: 3, statistics_host: 127.0.0.1, statistics_password: null,
   statistics_port: 6379, destination_pipeline_host: redis, source_pipeline_host: redis}
-malc0de-parser:
-  bot_id: malc0de-parser
-  description: Malc0de Parser is the bot responsible to parse the IP Blacklist and
-    either Windows Format or Bind Format reports and sanitize the information.
-  enabled: true
-  group: Parser
-  groupname: parsers
-  module: intelmq.bots.parsers.malc0de.parser
-  name: Malc0de
-  parameters:
-    destination_queues:
-      _default: [deduplicator-expert-queue]
-  run_mode: continuous
-malc0de-windows-format-collector:
-  bot_id: malc0de-windows-format-collector
-  description: ''
-  enabled: true
-  group: Collector
-  groupname: collectors
-  module: intelmq.bots.collectors.http.collector_http
-  name: Malc0de Windows Format
-  parameters:
-    destination_queues:
-      _default: [malc0de-parser-queue]
-    http_password: null
-    http_url: https://malc0de.com/bl/BOOT
-    http_username: null
-    name: Windows Format
-    provider: Malc0de
-    rate_limit: 10800
-    ssl_client_certificate: null
-  run_mode: continuous
 spamhaus-drop-collector:
   bot_id: spamhaus-drop-collector
   description: ''

From 3972be906de4c87ca8ad30c215df2dfd9648b623 Mon Sep 17 00:00:00 2001
From: Kamil Mankowski <mankowski@cert.at>
Date: Thu, 27 Jul 2023 17:15:25 +0200
Subject: [PATCH 3/3] Add missed sieve dependency

---
 .docker/intelmq-full/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.docker/intelmq-full/Dockerfile b/.docker/intelmq-full/Dockerfile
index b93e277..ec24f52 100644
--- a/.docker/intelmq-full/Dockerfile
+++ b/.docker/intelmq-full/Dockerfile
@@ -56,7 +56,7 @@ RUN useradd -d /opt/intelmq -U -s /bin/bash intelmq \
     && sudo chown -R intelmq:intelmq /opt/intelmq_persistence
 
 ### Install IntelMQ
-RUN pip3 install url-normalize geolib imbox jinja2 pyasn textx tld time-machine otxv2 \
+RUN pip3 install url-normalize geolib imbox jinja2 pyasn textx tld time-machine otxv2 pendulum \
     && pip3 install --force pymisp[fileobjects,openioc,virustotal]
 
 RUN cd /opt/intelmq \