Log Message:
security/yara: Update to 3.11.0

Coordinated with leot@ and he@ while investigating CVE-2019-19648.

The changes listed for this version include:

 * Duplicated string modifiers are now an error.
 * More flexible xor modifier.
 * Implement private strings (#1096)
 * Add field_offsets to dotnet module.
 * Implement crc32 functions in hash module.
 * Improvements to rich_signature functions in pe module.
 * Implement sandboxed API using SAPI
 * BUGFIX: Some regexp character classes not matching correctly when used with \ 
nocase modifier (#1117)
 * BUGFIX: Reduce the number of ERROR_TOO_MANY_RE_FIBERS errors for certain hex \ 
pattern containing large jumps (#1107)
 * BUGFIX: Buffer overrun in dotnet module (#1108)
 * BUGFIX: Segfault in certain Windows versions (#1068)
 * BUGFIX: Memory leak while attaching to a process fails (#1070)

Changes for version 3.10.0:

 * Optimize integer range loops by exiting earlier when possible.
 * Cache the result of PE module's imphash function in order to improve performance.
 * Harden virtual machine against malicious code.
 * BUGFIX: xor modifier not working as expected if not accompanied by ascii (#1053).
 * BUGFIX: \s and \S character classes in regular expressions now include \ 
vertical tab, new line, carriage return and form feed characters.
 * BUGFIX: Regression bug in hex strings containing wildcards (#1025).
 * BUGFIX: Buffer overrun in elf module.
 * BUGFIX: Buffer overrun in dotnet module

Changes for version 3.9.0:

 * Improve scan performance for certain strings.
 * Reduce stack usage.
 * Prevent inadvertent use of compiled rules by forcing the use of -C when using \ 
yara command-line tool.
 * BUGFIX: Buffer overflow in "dotnet" module.
 * BUGFIX: Internal error when running multiple instances of YARA in Mac OS X. (#945)
 * BUGFIX: Regexp regression when using nested quantifiers {x,y} for certain \ 
values of x and y. (#1018)
 * BUGFIX: High RAM consumption in "pe" module while parsing certain \ 
files.(0c8b461)
 * BUGFIX: Denial of service when using "dex" module. Found by the \ 
Cisco Talos team. (#1023)
 * BUGFIX: Issues with comments inside hex strings.

Changes for version 3.8.1:

 * BUGFIX: Some combinations of boolean command-line flags were broken in \ 
version 3.8.0.
 * BUGFIX: While reporting errors that occur at the end of the file, the file \ 
name appeared as null.
 * BUGFIX: dex module now works in big-endian architectures.
 * BUGFIX: Keep ABI compatibility by keeping deprecated functions visible.

Changes for version 3.8.0:

 * Scanner API
 * New xor modifier for strings
 * New fields and functions in PE module.
 * Add functions min and max to math module.
 * Make compiled.
 * yara and yaracsupport reading rules from stdin by using - as the file name.
 * Rule compilation is faster.
 * BUGFIX: Regression in regex engine. /ba{3}b/ was matching baaaab.
 * BUGFIX: Function yr_compiler_add_fd() was reading only the first 1024 bytes \ 
of the file.
 * BUGFIX: Wrong calculation of sha256 hashes in Windows when using native \ 
crypto API.
 * Lots of more bug fixes.

Changes for version 3.7.1:

 * Fix regression in include directive (issue #796)
 * Fix bug in PE checksum calculation causing wrong results in some cases.