kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
280569 commits 166 branches 0 tags 1.5 GiB
Commit graph

5 commits

Author SHA1 Message Date
he
f1c7f60ae0 Update {py-,}yara to version 3.7.0. 
Pkgsrc changes:
 * adapt PLIST
 * remove patch which no longer applies
 * apply patches for proper value domain for isxxxx() functions/macros

Upstream changes:
 * time module (Wesley Shields)
 * yara command-line tool now accept multiple rule files
 * Allow a configurable limit for the number of strings per rule
   (option --max-strings-per-rule)
 * Implement integrity check for compiled rules
 * Implement API for customizingimport statement (@edhoedt)
 * Scan process memory in FreeBSD and OpenBDS (Hilko Bengen)
 * BUGFIX: Negated character classes not working with case-insensitive
   regexps (#765)
 * BUGFIX: Multiple bugs while parsing ELF files (Nate Rosenblum)
 * BUGFIX: Out-of-bounds access while parsing PE files.
 * BUGFIX: Memory leaks while parsing invalid rules.
 2017-11-15 18:22:22 +00:00
khorben
abae6fb2f1 Update yara to version 3.6.3 
From the release notes for version 3.6.3:
* BUGFIX: Heap overflow (4a342f0)
* BUGFIX: Off-by-one NULL write in stack buffer (964d6c0)
* BUGFIX: Multiple issues in "dotnet" module (f40c14c, fc35e5f)

From the release notes for version 3.6.2:

* Increase RE_MAX_AST_LEVELS from 2000 to 6000.
* BUGFIX: Buffer overrun in regexp engine (issue #678)
* BUGFIX: Null pointer dereference in regexp engine (issue #682).

XXX pullup (security fixes)
 2017-07-05 23:55:00 +00:00
khorben
7db7c12abf Update security/{,py-yara} to version 3.5.0 
The release notes mention:

  * Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
  * Performance improvements
  * Less memory consumption while scanning processes
  * Exception handling when scanning memory blocks
  * Negative integers in meta fields
  * Added the --stack-size command-argument
  * Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module
  * Functions rich_signature.toolid and rich_signature.version added to PE module
  * Lots of bug fixes

The Python bindings are now released from a different tree, with the same
versioning apparently though.

"welcome to update" pettai@
 2017-05-15 15:27:31 +00:00
khorben
0b0fadad04 Update security/yara to version 3.4.0 
The changes include:

 * Short-circuit evaluation for conditions
 * New yr_rules_save_stream/yr_rules_load_stream APIs.
 * load() and save() methods in yara-python accept file-like objects
 * Improvements to the PE and ELF modules
 * Some performance improvements
 * New command-line option --print-module-data
 * Multiple bug fixes.
 2016-05-26 14:41:48 +00:00
pettai
a89b1e4746 YARA is a tool aimed at (but not limited to) helping malware 
researchers to identify and classify malware samples. With YARA
you can create descriptions of malware families (or whatever you
want to describe) based on textual or binary patterns.
 2015-06-06 08:18:17 +00:00