Update Info

openSUSE-2024-250


Security update for sleuthkit


Type: security
Severity: moderate
Issued: 2024-08-17
Description:
This update for sleuthkit fixes the following issues:

* CVE-2019-14531: Fixed an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.  (boo#1144304)

update to 4.12.1:

  *     C/C++:
  *         Bug fixes from Luis Nassif and Joachim Metz
  *         Added check to stop for very large folders to prevent memory exhaustion
  *     Java:
  *         Added File Repository concept for files to be stored in another location
  *         Schema updated to 9.4
  *         Fixed OS Account merge bug and now fire events when accounts are merged

update to 4.12.0:

  *      Add Linux LVM support
  *      Logical File System support (a folder structure is parsed by TSK libraries)
  *      Many small fixes

update to 4.11.1:

  *     C/C++:
  *         Several fixes from @joachimmetz
  *         NTFS Decompression bug fix from @kastonework and @uckelman-sf
  *     Java:
  *         Fixed connection leak when making OS Accounts in bridge
  *         OsAccount updates for instance types and special Windows SIDs
            Fixed issue with duplicate value in Japanese timeline translation

update to 4.11.0:

  *     C/C++:
  *         Added checks at various layers to detect encrypted file systems and disks to give more useful error messages.
  *         Added checks to detect file formats that are not supported (such as AD1, ZIP, etc.) to give more useful error messages.
  *         Added tsk_imageinfo tool that detects if an image is supported by TSK and if it is encrypted.
  *         Add numerous bound checks from @joachimmetz
  *         Clarified licenses as pointed out by @joachimmetz
  *     Java:
  *         Updated from Schema 8.6 to 9.1.
  *         Added tables and classes for OS Accounts and Realms (Domains).
  *         Added tables and classes for Host Addresses (IP, MAC, etc.).
  *         Added tables and classes for Analysis Results vs Data Artifacts by adding onto BlackboardArtifacts.
  *         Added tables and classes for Host and Person to make it easier to group data sources.
  *         Added static types for standard artifact types.
  *         Added File Attribute table to allow custom information to be stored for each file.
  *         Made ordering of getting lock and connection consistent.
  *         Made the findFile methods more efficient by using extension (which is indexed).


              

Packages


  • sleuthkit-4.12.1-bp155.3.3.1