Package Release Info


Update Info: Base Release
Available in Package Hub : 15 SP3





Change Logs

Version: 3.7.1-bp152.1.10
* Tue May 22 2018
- Update to 3.7.1:
  * Fix regression in include directive (issue #796)
  * Fix bug in PE checksum calculation causing wrong results in some cases.
  * time module (Wesley Shields)
  * yara command-line tool now accept multiple rule files
  * Allow a configurable limit for the number of strings per rule (option --max-strings-per-rule)
  * Implement integrity check for compiled rules
  * Implement API for customizingimport statement (@edhoedt)
  * Scan process memory in FreeBSD and OpenBDS (Hilko Bengen)
  * BUGFIX: Negated character classes not working with case-insensitive regexps (#765)
  * BUGFIX: Multiple bugs while parsing ELF files (Nate Rosenblum)
  * BUGFIX: Out-of-bounds access while parsing PE files.
  * BUGFIX: Memory leaks while parsing invalid rules.
  * BUGFIX: Heap overflow (4a342f0)
  * BUGFIX: Off-by-one NULL write in stack buffer (964d6c0)
  * BUGFIX: Multiple issues in "dotnet" module (f40c14c, fc35e5f)
  * Increase RE_MAX_AST_LEVELS from 2000 to 6000.
  * BUGFIX: Buffer overrun in regexp engine (issue #678)
  * BUGFIX: Null pointer dereference in regexp engine (issue #682).
- Run testsuite
Version: 3.6.1-bp150.2.4
* Tue Jun 06 2017
- update to v3.6.1
  * BUGFIX: Stack overflow caused by uncontrolled recursiveness (CVE-2017-9304)
  * BUGFIX: pe.overlay.size was undefined if the PE didn't have an overlay. Now it's set to 0 in those cases.
  * BUGFIX: Fix initalization issue that could cause a crash if rules compiled with a 32bit yarac is used with a 64bit yara.
- update to v3.6.0
  * .NET module (Wesley Shields)
  * New features for ELF module (Jacob Baines)
  * Fix endianness issues (Hilko Bengen)
  * Function yr_compiler_add_fd added to libyara
  * MAX_THREADS limit can be arbitrarily increased (Emerson R. Wiley)
  * Added --fail-on-warnings command-line option
  * Multiple bug fixes:
  CVE-2016-10210, CVE-2016-10211, CVE-2017-5923, CVE-2017-5924,
  CVE-2017-8294, CVE-2017-8929, CVE-2017-9438
* Sat Nov 12 2016
- Add pkg-config to ensure .pc autodetection is always in effect
* Fri Sep 30 2016
- update to v3.5.0
  * Match length operator (
  * Performance improvements
  * Less memory consumption while scanning processes
  * Exception handling when scanning memory blocks
  * Negative integers in meta fields
  * Added the --stack-size command-argument
  * Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module
  * Functions rich_signature.toolid and rich_signature.version added to PE module
  * Lots of bug fixes
- upstream moved python-yara into a separate project.  Do the same.
- python-plaso now requires python-yana >= v3.5.0
- add BuildRequires: pkg-config as documented in the openSUSE packaging guidelines
* Thu Jul 23 2015
- add yara.pc to the libyara subpackage
- remove sed command previously needed to properly link Yara and libyara.  No longer needed with latest upstream source.
- update to v3.4.0
  * Short-circuit evaluation for conditions
  * New yr_rules_save_stream/yr_rules_load_stream APIs.
  * load() and save() methods in yara-python accept file-like objects
  * Improvements to the PE and ELF modules
  * Some performance improvements
  * New command-line option --print-module-data
  * Multiple bug fixes.
- v3.3.0
  * Added support for negative integers and floating point numbers
  * Implemented operators >,<, >=, <= for strings
  * Implemented word boundary anchors (\b, \B) in regular expressions
  * New features in PE module
  * Math module
  * New --print-namespace command line argument
  * Better error handling in low memory conditions
  * BUGFIX: "at" operator not working with certain strings containing wildcards
  * BUGFIX: precedence of bitwise operators was incorrect
  * BUGFIX: incorrect imphash result for certain PE files importing functions by ordinal
  * BUGFIX: handle and memory leaks
  * BUGFIX: multiple segfaults
- v3.2.0
  * ELF module
  * Hash module
  * New features in PE module
  * Big-endian version of intXX and uintXX functions
  * Modules can declare dictionary objects
  * Modules accept overloaded functions
  * Performance improvements
  * BUGFIX: "and" operator not working properly with integer operands
  * BUGFIX: False positive with strings declared as "fullword wide ascii"
  * BUGFIX: False positive with "wide fullword" strings shorter than 5 bytes
  * BUGFIX: Functions declared in a structure array not working properly
  * BUGFIX: "contains" operator causing segfault if operand is an undefined string
* Fri Sep 26 2014
- split off a -doc sub-project
* Wed Sep 24 2014
- update to v3.1.0
  * Yara now supports plugin modules
  * Numerous major improvements.  See in the documentation folder for details
- update License to Apache 2.0
- build with cuckoo and magic modules (cuckoo only for factory and newer)
- major specfile cleanup
  * add soname as a variable and use it appropriately
  * add /usr/bin/yarac and associated man file
  * update Url and Source fields
  * add libtool build requirement
  * delete no longer needed patch, now upstream: yara-fixes.patch
  * add ./ call to %build section as recommended by upstream
  * add +%{_includedir}/yara to -devel since it is full of yara related header files
  * use default naming for devel sub-project
  * remove *.a and *.la files from the devel sub-project
  * incorporate python-yara as a sub-project
* Wed Feb 15 2012
- Release should have a value of zero in OBS.  It is handled automatically via OBS.
* Mon Feb 13 2012
- use %{__make} macro
* Thu Feb 09 2012
- built with default compile flags, fixed 2 small issues
* Tue Feb 07 2012
- Initial submission
  A malware identification and classification tool