Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libyara-devel | Distribution: SUSE Linux Enterprise 15 SP3 |
Version: 3.7.1 | Vendor: openSUSE |
Release: bp153.1.18 | Build date: Sat Mar 6 02:29:29 2021 |
Group: Development/Libraries/C and C++ | Build host: s390p21 |
Size: 113756 | Source RPM: yara-3.7.1-bp153.1.18.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: http://plusvic.github.io/yara/ | |
Summary: Development files to support the yara malware identification tool |
YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. Let's see an example:
Apache-2.0
* Tue May 22 2018 tchvatal@suse.com - Update to 3.7.1: * Fix regression in include directive (issue #796) * Fix bug in PE checksum calculation causing wrong results in some cases. * time module (Wesley Shields) * yara command-line tool now accept multiple rule files * Allow a configurable limit for the number of strings per rule (option --max-strings-per-rule) * Implement integrity check for compiled rules * Implement API for customizingimport statement (@edhoedt) * Scan process memory in FreeBSD and OpenBDS (Hilko Bengen) * BUGFIX: Negated character classes not working with case-insensitive regexps (#765) * BUGFIX: Multiple bugs while parsing ELF files (Nate Rosenblum) * BUGFIX: Out-of-bounds access while parsing PE files. * BUGFIX: Memory leaks while parsing invalid rules. * BUGFIX: Heap overflow (4a342f0) * BUGFIX: Off-by-one NULL write in stack buffer (964d6c0) * BUGFIX: Multiple issues in "dotnet" module (f40c14c, fc35e5f) * Increase RE_MAX_AST_LEVELS from 2000 to 6000. * BUGFIX: Buffer overrun in regexp engine (issue #678) * BUGFIX: Null pointer dereference in regexp engine (issue #682). - Run testsuite * Tue Jun 06 2017 Greg.Freemyer@gmail.com - update to v3.6.1 * BUGFIX: Stack overflow caused by uncontrolled recursiveness (CVE-2017-9304) * BUGFIX: pe.overlay.size was undefined if the PE didn't have an overlay. Now it's set to 0 in those cases. * BUGFIX: Fix initalization issue that could cause a crash if rules compiled with a 32bit yarac is used with a 64bit yara. - update to v3.6.0 * .NET module (Wesley Shields) * New features for ELF module (Jacob Baines) * Fix endianness issues (Hilko Bengen) * Function yr_compiler_add_fd added to libyara * MAX_THREADS limit can be arbitrarily increased (Emerson R. Wiley) * Added --fail-on-warnings command-line option * Multiple bug fixes: CVE-2016-10210, CVE-2016-10211, CVE-2017-5923, CVE-2017-5924, CVE-2017-8294, CVE-2017-8929, CVE-2017-9438 * Sat Nov 12 2016 jengelh@inai.de - Add pkg-config to ensure .pc autodetection is always in effect * Fri Sep 30 2016 Greg.Freemyer@gmail.com - update to v3.5.0 * Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length) * Performance improvements * Less memory consumption while scanning processes * Exception handling when scanning memory blocks * Negative integers in meta fields * Added the --stack-size command-argument * Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module * Functions rich_signature.toolid and rich_signature.version added to PE module * Lots of bug fixes - upstream moved python-yara into a separate project. Do the same. - python-plaso now requires python-yana >= v3.5.0 - add BuildRequires: pkg-config as documented in the openSUSE packaging guidelines * Thu Jul 23 2015 Greg.Freemyer@gmail.com - add yara.pc to the libyara subpackage - remove sed command previously needed to properly link Yara and libyara. No longer needed with latest upstream source. - update to v3.4.0 * Short-circuit evaluation for conditions * New yr_rules_save_stream/yr_rules_load_stream APIs. * load() and save() methods in yara-python accept file-like objects * Improvements to the PE and ELF modules * Some performance improvements * New command-line option --print-module-data * Multiple bug fixes. - v3.3.0 * Added support for negative integers and floating point numbers * Implemented operators >,<, >=, <= for strings * Implemented word boundary anchors (\b, \B) in regular expressions * New features in PE module * Math module * New --print-namespace command line argument * Better error handling in low memory conditions * BUGFIX: "at" operator not working with certain strings containing wildcards * BUGFIX: precedence of bitwise operators was incorrect * BUGFIX: incorrect imphash result for certain PE files importing functions by ordinal * BUGFIX: handle and memory leaks * BUGFIX: multiple segfaults - v3.2.0 * ELF module * Hash module * New features in PE module * Big-endian version of intXX and uintXX functions * Modules can declare dictionary objects * Modules accept overloaded functions * Performance improvements * BUGFIX: "and" operator not working properly with integer operands * BUGFIX: False positive with strings declared as "fullword wide ascii" * BUGFIX: False positive with "wide fullword" strings shorter than 5 bytes * BUGFIX: Functions declared in a structure array not working properly * BUGFIX: "contains" operator causing segfault if operand is an undefined string * Fri Sep 26 2014 Greg.Freemyer@gmail.com - split off a -doc sub-project * Wed Sep 24 2014 Greg.Freemyer@gmail.com - update to v3.1.0 * Yara now supports plugin modules * Numerous major improvements. See README.md in the documentation folder for details - update License to Apache 2.0 - build with cuckoo and magic modules (cuckoo only for factory and newer) - major specfile cleanup * add soname as a variable and use it appropriately * add /usr/bin/yarac and associated man file * update Url and Source fields * add libtool build requirement * delete no longer needed patch, now upstream: yara-fixes.patch * add ./bootstrap.sh call to %build section as recommended by upstream * add +%{_includedir}/yara to -devel since it is full of yara related header files * use default naming for devel sub-project * remove *.a and *.la files from the devel sub-project * incorporate python-yara as a sub-project * Wed Feb 15 2012 Greg.Freemyer@gmail.com - Release should have a value of zero in OBS. It is handled automatically via OBS. * Mon Feb 13 2012 Greg.Freemyer@gmail.com - use %{__make} macro * Thu Feb 09 2012 meissner@suse.com - built with default compile flags, fixed 2 small issues
/usr/include/yara /usr/include/yara.h /usr/include/yara/ahocorasick.h /usr/include/yara/arena.h /usr/include/yara/atoms.h /usr/include/yara/compiler.h /usr/include/yara/error.h /usr/include/yara/exec.h /usr/include/yara/exefiles.h /usr/include/yara/filemap.h /usr/include/yara/hash.h /usr/include/yara/integers.h /usr/include/yara/libyara.h /usr/include/yara/limits.h /usr/include/yara/mem.h /usr/include/yara/modules.h /usr/include/yara/object.h /usr/include/yara/parser.h /usr/include/yara/proc.h /usr/include/yara/re.h /usr/include/yara/rules.h /usr/include/yara/scan.h /usr/include/yara/sizedstr.h /usr/include/yara/stream.h /usr/include/yara/strutils.h /usr/include/yara/threading.h /usr/include/yara/types.h /usr/include/yara/utils.h /usr/lib64/libyara.so /usr/lib64/pkgconfig/yara.pc /usr/share/doc/packages/libyara-devel /usr/share/doc/packages/libyara-devel/AUTHORS /usr/share/doc/packages/libyara-devel/CONTRIBUTORS /usr/share/doc/packages/libyara-devel/README.md /usr/share/licenses/libyara-devel /usr/share/licenses/libyara-devel/COPYING
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 14:06:45 2024