by Lawrence R. Rogers (2021-03-22):
* Release 4.18.0-1
A major upgrade from Solr 4 to Solr 8.6.3. Single user cases continue to use the embedded server.
Multi-user clusters need to install a new Solr 8 server and can now create a Solr cloud with multiple servers.
NOTE: Cases created with Autopsy 4.18 cannot be opened by previous versions of Autopsy. Autopsy 4.18 can open older cases though.
See http://sleuthkit.org/autopsy/docs/user-docs/4.18.0/upgrade_solr8_page.html for more details.
Improved text indexing speed by not doing language detection on unknown file formats and unallocated space.
Added details view to Domain Discovery to show what web-based artifacts are associated with the selected domain.
Updated the Domain Discovery grouping and sorting by options.
Added basic domain categorization for webmail-based domains.
Built more specialized viewers for web-based artifacts.
Data Source Summary:
Added a “Geolocations” tab that shows what cities the data source was near (based on geolocation data).
Added a “Timeline” tab that shows counts of events from the last 30 days the data source was used.
Added navigation buttons to jump from the summary view to the main Autopsy UI (for example to go to the map).
New YARA ingest module to flag files based on regular expression patterns.
New “Android Analyzer (aLEAPP)” module based on aLEAPP. Previous “Android Analyzer” also still exists.
Updated “iOS Analyzer (iLEAPP)” module to create more artifacts and work on disk images.
Hash Database module will calculate SHA-256 hash in addition to MD5.
Removed Interesting Item rule that flagged existence of Bitlocker (since it ships with Windows).
Fixed a major bug in the PhotoRec module that could result in an incorrect file layout if the carved file spanned non-contiguous sectors.
Fixed MBOX detection bug in Email module.
Attachments from tagged messages are now included in a Portable Case.
Added support for Ext4 inline data and sparse blocks (via TSK fix).
Updated PostgreSQL JDBC driver to support any recent version of PostgreSQL for multi-user cases and PostgreSQL Central Repository.
Added personas to the summary viewer in CVT.
Handling of bad characters in auto ingest manifest files.
Assorted small bug fixes.