Software Engineering Institute

LiFTeR: Changes for February 5, 2016

fmem-kernel-modules-fc23-{i686,x86_64}-1.6-1.6.noarch.rpm - Support for the following kernels were added for Fmem:
- 4.3.4-300 for FC23
- 4.3.3-303 for FC23
lime-kernel-modules-fc23-{i686,x86_64}-1.1.r17-6.noarch.rpm - Support for the following kernels were added for LiME:
- 4.3.4-300 for FC23
- 4.3.3-303 for FC23
fmem-kernel-modules-fc22-{i686,x86_64}-1.6-1.22.noarch.rpm - Support for the following kernels were added for Fmem:
- 4.3.4-200 for FC22
lime-kernel-modules-fc22-{i686,x86_64}-1.1.r17-22.noarch.rpm - Support for the following kernels were added for LiME:
- 4.3.4-200 for FC22
fmem-kernel-modules-el7-x86_64-1.6-1.18.noarch.rpm - Support for the following kernels were added for Fmem:
- 3.10.0-327.4.5 for EL7
lime-kernel-modules-el7-x86_64-1.1.r17-18.noarch.rpm - Support for the following kernels were added for LiME:
- 3.10.0-327.4.5 for EL7
splunk-6.3.2-aaff59bb082c-linux-2.6-x86_64.rpm and splunk-6.3.2-aaff59bb082c.i386.rpm - This version of Splunk was added to the Splunk repository for Fedora 20 through 23 and Fedora 6 and 7 for the i386 and x86_64 architectures. Follow these instructions after upgrading to this version. Make sure that you following these instruction after upgrading but before rebooting. If you do not following these instructions your system may hang when it reboots.
libbde{,-devel,-python,-tools}-20160110-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libbde{,-devel,-python,-tools}-20160110-1.el7}.86_64.rpm - Libbde is a library and tools to access the BitLocker Drive Encryption (BDE) format. The BDE format is used by Windows, as of Vista, to encrypt data on a storage media volume. See here for the list of changes.
libevt{,-devel,-python,-tools}-20160107-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libevt contains libraries and tools to access the Windows Event Log (EVT) format files. See here for the list of changes.
libevtx{,-devel,-python,-tools}-20160107-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libevtx{,-devel,-python,-tools}-20160107-1.el7.x86_64.rpm - Libevtx contains libraries and tools to access the Windows XML Event Log (EVTX) format files. See here for the list of changes.
libfwsi{,-devel,-python}-20160110-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libfwsi{,-devel,-python}-20160110-1.el7.x86_64.rpm - Libfwsi is a library to access the Windows Shell Item format. See here for the list of changes.
liblnk{,-devel,-python,-tools}-20160107-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and liblnk{,-devel,-python,-tools}-20160107-1.el7.x86_64.rpm - Liblnk contains libraries and tools to access the Windows Shortcut File (LNK) format file. See here for the list of changes.
libmsiecf{,-devel,-python,-tools}-20160107-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm and libmsiecf{,-devel,-python,-tools}-20160107-1.el7.x86_64.rpm - Libmsiecf contains libraries and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files. See here for the list of changes.
libolecf{,-devel-,-python,-tools}-20160107-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libolecf contains libraries and tools to access the OLE 2 Compound File (OLECF) format filed. See here for the list of changes.
libqcow{,-devel,-tools,-python}-20160123-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libqcow{,-devel,-tools,-python}-20160123-1.el7.x86_64.rpm - Libqcow is a library and tools used to access the QEMU Copy-On-Write (QCOW) image format. See here for the list of changes.
libregf{,-devel,-python,-tools}-20160107-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libregf{,-devel,-python,-tools}-20160107-1.el7.x86_64.rpm - Libregf contains libraries and tools to access the Windows NT Registry File files. See here for the list of changes.
libsigscan{,-devel,-python,-tools}-20160108-1.{fc20,fc21,,fc22,fc23,el6}.{i686,x86_64}.rpm and libsigscan{,-devel,-python,-tools}-20160108-1.el7.x86_64.rpm - Libsigscan is a library and tools used to binary signature scanning. See here for the list of changes.
libsmdev{,-devel,-python,-tools}-20160109-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libsmdev{,-devel,-python,-tools}-20160109-1.el7.x86_64.rpm - Libsmdev is a library and tools used to access storage media devices. See here for the list of changes.
libsmraw{,-devel,-python,-tools}-20160108-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libsmraw{,-devel,-python,-tools}-20160108-1.el7.x86_64.rpm - Libsmraw is a library and tools used to read and write (split) RAW storage media bitstream copies. Libsmraw contains supports for multiple (split) RAW naming schemes. See here for the list of changes.
libvhdi{,-devel,-python,-tools}-20160108-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libvhdi{,-devel,-python,-tools}-20160108-1.el7.x86_64.rpm - Libvhdi is a library and tools to access the Virtual Hard Disk (VHD) image format. Note that this project has an experimental status. See here for the list of supported disk formats.
libvmdk{,-devel,-python,-tools}-20160119-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libvmdk is a library and tools used to access the VMware Virtual Disk (VMDK) image format. See here the list of changes.
libvshadow{,-devel,-python,-tools}-20160110-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libvshadow{,-devel,-python,-tools}-20160110-1.el7.x86_64.rpm - Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format. The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
dfwinreg-20160116-1.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm and dfwinreg-20160116-1.{el6,el7}.x86_64.rpm - DFWinreg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects. The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.
libscca{,-devel,-python,-python3,-tools}-20160108-1.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm and libscca{,-devel,-python,-python3,-tools}-20160108-1.{el6,el7}.x86_64.rpm - Libscca is a library to access the Windows Prefetch File (SCCA) format. See here for the list of changes.
plaso-1.4-2.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm, plaso-1.4-2.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release adds the missing artifacts and python-requests dependencies.

At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, and 23 for i686 and x86_64 architectures and CentOS/RHEL versions 7 for the x86_64 architecture for this version of plaso.
libfsntfs{,-devel,-python,-tools}-20160108-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libfsntfs contains library and tools to access the New Technology File System (NTFS). See here for the list of changes.