Linux Forensics Tools Repository: Package Summary for Packages on August 15, 2014:

  • bulk_extractor-1.5.3-1.{fc17,fc18,fc19,fc20,el6,el7}.{i686,x86_64}.rpm - Bulk_extractor bulk_extractor is a C++ program that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. The results are stored in feature files that can be easily inspected, parsed, or processed with automated tools. bulk_extractor also creates histograms of features that it finds, as features that are more common tend to be more important. This version fixes many issues. In addition, it also contains the BEViewer GUI front-end for bulk_extractor. Note that this release of Bulk_extractor is not available for CentOS/RHEL 5 due to an outdated version of flex for that OS.
  • fmem-kernel-modules-{fc19,fc20,el5,el6,el7}-{i686,x86_64}-1.6-1.4.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.14.15-100 for FC19

  • lime-kernel-modules-{fc19,fc20,el5,el6,el7}-{i686,x86_64}-1.1.r17-*.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.14.15-100 for FC19

  • libbde{,-devel,-python,-tools}-20140731-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Libbde is a library and tools to access the BitLocker Drive Encryption (BDE) format. The BDE format is used by Windows, as of Vista, to encrypt data on a storage media volume. See here for the support formats, protection methods, and additional features. Here are the changes for this release:
    • added is locked function
    • bug fix in Python bindings
    • compression method is now forced to effective 16-bits
    • fixes for FreeBSD 8 compilation
    • moved password hashes to password keep
    • small change in bdemount for Dokan support
    • small improvements to error reporting
    • updated dependencies
    • updated msvscpp files
    • worked on bdemount
    • worked on exposing metadata
    • worked on exposing metadata via bdeinfo
    • worked on Python bindings
    • worked on setup.py
    • worked on tests

  • Volatility-2.4-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i386,x86_64}.rpm - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. See here for a list of changes and features in this major release.