From fd340a0e17de096141ff5cff94d4033b6ce3994c Mon Sep 17 00:00:00 2001
From: rshunim <102469772+rshunim@users.noreply.github.com>
Date: Tue, 14 Jan 2025 09:48:29 +0200
Subject: [PATCH] A small fix in CSP, FireEye, O365 for supporting python 3.12
 (#38051)

* make the docstring a raw str

* RN

* add some more fixes

* rn

* rn

---------

Co-authored-by: RotemAmit <ramit@paloaltonetworks.com>
---
 Packs/Base/ReleaseNotes/1_39_14.md                           | 5 +++++
 Packs/Base/Scripts/CommonServerPython/CommonServerPython.py  | 4 ++--
 Packs/Base/pack_metadata.json                                | 2 +-
 Packs/FireEyeHX/Integrations/FireEyeHXv2/FireEyeHXv2.py      | 4 ++--
 Packs/FireEyeHX/ReleaseNotes/2_3_18.md                       | 5 +++++
 Packs/FireEyeHX/pack_metadata.json                           | 2 +-
 .../MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py  | 2 +-
 Packs/MicrosoftExchangeOnline/ReleaseNotes/1_5_25.md         | 5 +++++
 Packs/MicrosoftExchangeOnline/pack_metadata.json             | 2 +-
 9 files changed, 23 insertions(+), 8 deletions(-)
 create mode 100644 Packs/Base/ReleaseNotes/1_39_14.md
 create mode 100644 Packs/FireEyeHX/ReleaseNotes/2_3_18.md
 create mode 100644 Packs/MicrosoftExchangeOnline/ReleaseNotes/1_5_25.md

diff --git a/Packs/Base/ReleaseNotes/1_39_14.md b/Packs/Base/ReleaseNotes/1_39_14.md
new file mode 100644
index 000000000000..c18a874e6840
--- /dev/null
+++ b/Packs/Base/ReleaseNotes/1_39_14.md
@@ -0,0 +1,5 @@
+#### Scripts
+
+##### CommonServerPython
+
+- Improved implementation.
\ No newline at end of file
diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py
index cfb9edab8165..2e081b8c7433 100644
--- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py
+++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py
@@ -6793,7 +6793,7 @@ def arg_to_datetime(arg, arg_name=None, is_utc=True, required=False, settings=No
             ms = ms / 1000.0
 
         if is_utc:
-            return datetime.utcfromtimestamp(ms).replace(tzinfo=timezone.utc)
+            return datetime.fromtimestamp(ms, tz=timezone.utc)
         else:
             return datetime.fromtimestamp(ms)
     if isinstance(arg, str):
@@ -12650,7 +12650,7 @@ def function_runner(func, profiler, signal_event,
 
 
 def find_and_remove_sensitive_text(text, pattern):
-    """
+    r"""
     Finds all appearances of sensitive information in a string using regex and adds the sensitive
     information to the list of strings that should not appear in any logs.
     The regex pattern can be used to search for a specific word, or a pattern such as a word after a given word.
diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json
index 70ba2851437f..bdf46d4ef07c 100644
--- a/Packs/Base/pack_metadata.json
+++ b/Packs/Base/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Base",
     "description": "The base pack for Cortex XSOAR.",
     "support": "xsoar",
-    "currentVersion": "1.39.13",
+    "currentVersion": "1.39.14",
     "author": "Cortex XSOAR",
     "serverMinVersion": "6.0.0",
     "url": "https://www.paloaltonetworks.com/cortex",
diff --git a/Packs/FireEyeHX/Integrations/FireEyeHXv2/FireEyeHXv2.py b/Packs/FireEyeHX/Integrations/FireEyeHXv2/FireEyeHXv2.py
index 068ee108dd32..32ef154d1f37 100644
--- a/Packs/FireEyeHX/Integrations/FireEyeHXv2/FireEyeHXv2.py
+++ b/Packs/FireEyeHX/Integrations/FireEyeHXv2/FireEyeHXv2.py
@@ -1686,7 +1686,7 @@ def parse_alert_to_incident(alert: Dict, pattern: Pattern) -> Dict:
         indicator = event_values.get(event_indicator, '')
 
     incident_name = '{event_type_parsed}: {indicator}'.format(
-        event_type_parsed=pattern.sub("\g<1> \g<2>", event_type).title(),
+        event_type_parsed=pattern.sub(r"\g<1> \g<2>", event_type).title(),
         indicator=indicator
     )
 
@@ -2580,7 +2580,7 @@ def get_alert_command(client: Client, args: Dict[str, Any]) -> List[CommandResul
 
     event_type = alert.get('event_type')
     event_type = event_type if event_type else "NewEvent"
-    event_type = re.sub("([a-z])([A-Z])", "\g<1> \g<2>", event_type).title()
+    event_type = re.sub("([a-z])([A-Z])", r"\g<1> \g<2>", event_type).title()
     event_table = tableToMarkdown(
         name=event_type,
         t=alert.get('event_values')
diff --git a/Packs/FireEyeHX/ReleaseNotes/2_3_18.md b/Packs/FireEyeHX/ReleaseNotes/2_3_18.md
new file mode 100644
index 000000000000..298ab045f996
--- /dev/null
+++ b/Packs/FireEyeHX/ReleaseNotes/2_3_18.md
@@ -0,0 +1,5 @@
+#### Integrations
+
+##### FireEye Endpoint Security (HX) v2
+
+Improved implementation.
\ No newline at end of file
diff --git a/Packs/FireEyeHX/pack_metadata.json b/Packs/FireEyeHX/pack_metadata.json
index cf8eed8d6ce0..9327c186634b 100644
--- a/Packs/FireEyeHX/pack_metadata.json
+++ b/Packs/FireEyeHX/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "FireEye HX",
     "description": "FireEye Endpoint Security is an integrated solution that detects and protects endpoints against known and unknown threats. The FireEye HX Cortex XSOAR integration provides access to information about endpoints, acquisitions, alerts, indicators, and containment. Customers can extract critical data and effectively operate the security operations automated playbooks.",
     "support": "xsoar",
-    "currentVersion": "2.3.17",
+    "currentVersion": "2.3.18",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",
diff --git a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py
index 9190ae03a921..2d15a7b5dd16 100644
--- a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py
+++ b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py
@@ -2165,7 +2165,7 @@ def handle_incorrect_message_id(message_id: str) -> str:
     2. '\r\n\t<[message_id]>' --> '\r\n\t<message_id>'
     If no necessary changes identified the original 'message_id' argument value is returned.
     """
-    if re.search("\<\[.*\]\>", message_id):
+    if re.search(r"\<\[.*\]\>", message_id):
         # find and replace "<[" with "<" and "]>" with ">"
         fixed_message_id = re.sub(r'<\[(.*?)\]>', r'<\1>', message_id)
         demisto.debug('Fixed message id {message_id} to {fixed_message_id}')
diff --git a/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_5_25.md b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_5_25.md
new file mode 100644
index 000000000000..8b7d0cebf73f
--- /dev/null
+++ b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_5_25.md
@@ -0,0 +1,5 @@
+#### Integrations
+
+##### EWS O365
+
+Improved implementation.
\ No newline at end of file
diff --git a/Packs/MicrosoftExchangeOnline/pack_metadata.json b/Packs/MicrosoftExchangeOnline/pack_metadata.json
index 16da4dcbba84..e62ad880b1dc 100644
--- a/Packs/MicrosoftExchangeOnline/pack_metadata.json
+++ b/Packs/MicrosoftExchangeOnline/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Microsoft Exchange Online",
     "description": "Exchange Online and Office 365 (mail)",
     "support": "xsoar",
-    "currentVersion": "1.5.24",
+    "currentVersion": "1.5.25",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",