LiFTeR: Changes for November 22, 2019
- python{2,3}-elasticsearch-7.1.0-1.i{fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm, python{2,36}-elasticsearch-7.1.0-1.el7.x86_64.rpm, and python{2,3}-elasticsearch-7.1.0-1.{fc31,el8}.x86_64.rpm -
ElasticSearch is the official low-level client for Elasticsearch.
Its goal is to provide common ground for all Elasticsearch-related code in Python; because of this it tries to be opinion-free and very extendable.
- python{2,3}-xlsxwriter-1.2.6-1.{fc26,fc27,fc28,fc29,fc30,el7,el8}.noarch.rpm -
XlsxWriter is a Python module for writing files in the Excel 2007+ XLSX file format.
XlsxWriter can be used to write text, numbers, formulas and hyperlinks to multiple worksheets and it supports features such as formatting and many more.
- python3-zmq{,-tests}-18.1.1-el8.x86_64.rpm and zmq{,-tests}-18.1.1-el8.x86_64.rpm -
ZMQ is the Python bindings for ØMQ. This documentation currently contains notes on some important aspects of developing PyZMQ and an overview of what the ØMQ API looks like in Python.
For information on how to use ØMQ in general, see the many examples in the excellent ØMQ Guide, all of which have a version in Python.
- python2-haystack-0.42-3.{fc25,fc26,fc26,fc27,fc28,fc29,fc30,fc31,el6,el7,el8}.noarch.rpm -
Python-Haystack is an heap analysis framework, focused on searching and reversing of C structure in allcoated memory.
- libffi{,-devel}-3.1-19.el8.x86_64.rpm -
Libffi is a portable foreign function interface library.
This package was built to support the packaging of python-cffi.
- python{2,3}-ply-3.11-2.el8.noarch.rpm -
Python-PLY is an implementation of lex and yacc parsing tools for Python.
This package was built to support the packaging of Python-PYCParser.
- python{2,3}-pycparser-2.14-18.el8.noarch.rpm -
Python-PYCParser is a complete C99 parser in pure Python.
This package was built to support the packaging of Python-CFFI.
- python{2,3}-cffi-1.11.5-7.el8.x86_64.rpm and python-cffi-doc-1.11.5-7.el8.noarch.rpm -
Python-CFFI is a C Foreign Function Interface for Python.
Interact with almost any C code from Python, based on C-like declarations that you can often copy-paste from header files or documentation.
This package was built to support the packaging of python-ssdeep.
- python{2,3}-ssdeep-3.2-1.el8.x86_64.rpm -
Python-SSDeep is a Python wrapper for SSDeep fuzzy hashing library.
This package was built to support the packaging of Volatility-community-plugins.
- python2-dpapick-0.3-1.{fc25,fc26,fc26,fc27,fc28,fc29,fc30,fc31,el6,el7,el8}.noarch.rpm -
Python-DPAPick is a Python toolkit to provide a platform-independant implementation of Microsoft's cryptography subsytem called DPAPI (Data Protection API).
This package was built to support the packaging of Volatility-community-plugins.
- python2-ioc_writer-0.3.3-1.{fc25,fc26,fc26,fc27,fc28,fc29,fc30,fc31,el6,el7,el8}.noarch.rpm -
Python-IOCWriter is a Python library that provides a limited CRUD for manipulating OpenIOC formatted Indicators of Compromise.
This package was built to support the packaging of Volatility-community-plugins.
- python2-pycoin-0.77-0.{fc25,fc26,fc26,fc27,fc28,fc29,fc30,fc31,el6,el7,el8}.noarch.rpm -
Python-PYCoin is a Python library implements many of utilities useful when dealing with bitcoin and some bitcoin-like alt-coins.
It has been tested with Python 2.7, 3.6 and 3.7.
This package was built to support the packaging of Volatility-community-plugins.
- python2-colorama-0.3.9-4.el8.noarch.rpm -
Python-Colorama is a Python library that makes ANSI escape character sequences (for producing colored terminal text and cursor positioning) work under MS Windows.
This package was built to support the packaging of Volatility-community-plugins.
- python{2,3}-m2crypto-0.30.1-2.el8.x86_64.rpm -
M2Crypto is a Python library that allows you to call OpenSSL functions from Python 2 and 3 scripts.
This package was built to support the packaging of Python-Typing.
- python2-typing-3.6.2-4.el8.noarch.rpm -
Python-Typing is a Python library that defines a standard notation for type annotations.
This package was built to support the packaging of Volatility-community-plugins.
- python{2,3}-future-0.16.0-4.el8.noarch.rpm -
Python-Future is the missing compatibility layer between Python 2 and Python 3.
It allows you to use a single, clean Python 3.x-compatible codebase to support both Python 2 and Python 3 with minimal overhead.
This package was built to support the packaging of Python-PEFile
which in turn is needed to support the packaging of Volatility-community-plugins.
- Volatility-community-plugins-20190729-3.el8.noarch.rpm -
The Volatility Community Plugins is a collection of Volatility plugins written and maintained by authors in the forensics community.
This packages was added to CentOS/RHEL 8.
- python{2,3}-pyfixbuf-0.8.1-1.{fc25,fc26,fc27,fc28,fc29,fc30,el6}.{i686,x86_64}.rpm, python2-pyfixbuf-0.8.1-1.el6.{i686,x86_64}.rpm, python{2,36}-pyfixbuf-0.8.1-1.el7.x86_64.rpm -
Pyfixbuf is a Python API for libfixbuf,
an implementation of the IPFIX protocol used for building, collecting, and exporting processes.
Pyfixbuf can be used to write applications, often called mediators, that collect and export IPFIX.
Mediators are useful in modifying, filtering, or adding to the contents of a message before forwarding to another
IPFIX collection point, or converting IPFIX to another format (text, database, JSON, etc.).
See this page for a list of problems fixed in this and all releases.
- ghidra-9.1-PUBLIC_20191023.1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and ghidra-9.1-PUBLIC_20191023.1.{fc25,fc26,fc31,el7,el8}.x86_64.rpm -
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.
This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms
including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features.
Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.
Users may also develop their own Ghidra plug-in components and/or scripts using Java or Python.
See the list of changes and improvement here.
- python{2,3}-requests-2.22.0-2.fc26.{i686,x86_64}.rpm and python36-requests-2.22.0-2.el7.x86_64.rpm -
Python-requests is an Apache2 Licensed HttP library, written in Python, for human beings.
Python’s standard urllib2 module provides most of the HttP capabilities you need, but the API is thoroughly broken. It was built for a different time — and a different web.
It requires an enormous amount of work (even method overrides) to perform the simplest of tasks.
In this release, the dependencies for urllib3 were updated.
- plaso-20190916-1.{fc25,fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20190708-1.{fc31,el7,el8}.x86_64.rpm -
Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines.
The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
This release uses Python 3 instead of Python 2.
Please note that for Fedora 25, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 25, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.