./security/yara, Pattern matching swiss knife for malware researchers

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2017Q1, Version: 3.6.1, Package name: yara-3.6.1, Maintainer: khorben

YARA is a tool aimed at (but not limited to) helping malware
researchers to identify and classify malware samples. With YARA
you can create descriptions of malware families (or whatever you
want to describe) based on textual or binary patterns.


Required to build:
[pkgtools/cwrappers]

Master sites:

Version history: (Expand)

CVS history: (Expand)


   2017-06-13 20:41:37 by Benny Siegert | Files touched by this commit (7) | Package updated
Log message:
Pullup ticket #5475 - requested by khorben
security/py-yara: security fix
security/yara: security fix

Revisions pulled up:
- security/py-yara/Makefile                                     1.5
- security/py-yara/PLIST                                        1.2
- security/py-yara/distinfo                                     1.5-1.7
- security/yara/Makefile                                        1.3
- security/yara/Makefile.common                                 1.5-1.8
- security/yara/PLIST                                           1.3
- security/yara/distinfo                                        1.6-1.8

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Mon May 15 15:27:31 UTC 2017

   Modified Files:
   	pkgsrc/security/py-yara: Makefile PLIST distinfo
   	pkgsrc/security/yara: Makefile Makefile.common PLIST distinfo

   Log message:
   Update security/{,py-yara} to version 3.5.0

   The release notes mention:

      * Match length operator
   (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
      * Performance improvements
      * Less memory consumption while scanning processes
      * Exception handling when scanning memory blocks
      * Negative integers in meta fields
      * Added the --stack-size command-argument
      * Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE
   module
      * Functions rich_signature.toolid and rich_signature.version added to
   PE module
      * Lots of bug fixes

   The Python bindings are now released from a different tree, with the same
   versioning apparently though.

   "welcome to update" pettai@

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Mon May 15 15:34:12 UTC 2017

   Modified Files:
   	pkgsrc/security/yara: Makefile.common

   Log message:
   Set myself as the maintainer

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Wed Jun  7 20:11:42 UTC 2017

   Modified Files:
   	pkgsrc/security/py-yara: distinfo
   	pkgsrc/security/yara: Makefile.common distinfo

   Log message:
   Package yara 3.6.0

   In the release notes:
     * .NET module (Wesley Shields)
     * New features for ELF module (Jacob Baines)
     * Fix endianness issues (Hilko Bengen)
     * Function yr_compiler_add_fd added to libyara
     * MAX_THREADS limit can be arbitrarily increased (Emerson R. Wiley)
     * Added --fail-on-warnings command-line option
     * Multiple bug fixes

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Wed Jun  7 20:27:37 UTC 2017

   Modified Files:
   	pkgsrc/security/py-yara: distinfo
   	pkgsrc/security/yara: Makefile.common distinfo

   Log message:
   Package yara 3.6.1

   In the release notes:

     * BUGFIX: Stack overflow caused by uncontrolled recursiveness
   (CVE-2017-9304)
     * BUGFIX: pe.overlay.size was undefined if the PE didn't have an
   overlay. Now it's set to 0 in those cases.
     * BUGFIX: Fix initalization issue that could cause a crash if rules
   compiled with a 32bit yarac is used with a 64bit yara.