Linux Forensics Tools Repository: Package Summary for Packages on August 22, 2016:

  • yara-3.5.0-1.{fc20,fc21,fc22,fc23,fc24,el6,el7}.{i686,x86_64}.rpm - Yara scans the given FILE or the process indentified by PID looking if it matches the patterns and rules provided in a special purpose language. The rules are read from RULEFILEs or standard input. Here are the changes since the last version (3.4.0):
    • Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
    • Performance improvements
    • Less memory consumption while scanning processes
    • Exception handling when scanning memory blocks
    • Negative integers in meta fields
    • Added the --stack-size command-argument
    • Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module
    • Functions rich_signature.toolid and rich_signature.version added to PE module
    • Lots of bug fixes

  • yara-python-3.5.0-2.{fc20,fc21,fc22,fc23,fc24,el6,el7}.{i686,x86_64}.rpm - Yara-python is a Python extension that gives access to Yara's powerful features from Python scripts. Here are the changes since the last version (3.4.0):
    • Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
    • Performance improvements
    • Less memory consumption while scanning processes
    • Exception handling when scanning memory blocks
    • Negative integers in meta fields
    • Added the --stack-size command-argument
    • Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module
    • Functions rich_signature.toolid and rich_signature.version added to PE module
    • Lots of bug fixes

  • fmem-kernel-modules-fc24-{i686,x86_64}-1.6-1.5.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.6.6-300 for FC24

  • lime-kernel-modules-fc24-{i686,x86_64}-1.1.r17-5.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.6.6-300 for FC24

  • fmem-kernel-modules-fc23-{i686,x86_64}-1.6-1.23.noarch.rpm - Support for the following kernels were added for Fmem:
    • 4.6.6-200 for FC23

  • lime-kernel-modules-fc23-{i686,x86_64}-1.1.r17-23.noarch.rpm - Support for the following kernels were added for LiME:
    • 4.6.6-200 for FC23

  • cert-forensics-tools-release-2{3,4}-12.noarch.rpm - cert-forensics-tools-release is the package that connects a Fedora-based computer system to the CERT Linux Forensics Tools Repository (LiFTeR). This package has been changed to require either a Fedora release or a Generic release to be able to install this package. Note that this feature is entitied Boolean Dependencies and as such requires a version of rpm version 4.13 or newer. See here for an explanation of Boolean Dependencies.
  • fmem-kernel-modules-el7-{i686,x86_64}-1.6-1.24.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.10.0-327.28.3 for EL7

  • lime-kernel-modules-el7-{i686,x86_64}-1.1.r17-24.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.10.0-327.28.3 for EL7