guymager-0.6.12-1.{fc14,fc15,fc16,fc17,el5,el6}.{i686,x86_64}.rpm - Guymager is a forensic imaging package. Here are the changes
since the last release (0.6.11):
Avoiding -O3 / inline compiler bug
Correct srceen output if no log file is in use
DD verification: retry with NOATIME switched off if open fails
DD verification: Do not exit if open fails
distorm3-3-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm -
Distorm3 is a lightweight, easy-to-use and fast decomposer library.
It disassembles instructions in 16, 32 and 64 bit modes. Supported instruction sets: FPU, MMX, SSE, SSE2,
SSE3, SSSE3, SSE4, 3DNow! (w/ extensions), new x86-64 instruction sets, VMX, AMD's SVM and AVX. Distorm3 is used by
The Volatility Framework.
ghostpdl-9.05-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm -
Ghostpdl is Artifex Software's implementation of the PCL-5™ and PCL-XL™ family of page description languages.
Ghostpdl is used by Xplico.
libpff-20120802-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - Libpff is a library
and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format. PFF is used in PAB (Personal Address Book), PST (Personal
Storage Table) and OST (Offline Storage Table) files. Static and dynamic versions of the libraries are provided.
Libpff is used by DFF - the Digital Forensics Framework.
tcpflow-1.2.8-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - Tcpflow is a program
that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
Each TCP flow is stored in its own file. Thus, the typical TCP flow will be stored in two files, one for each direction.
Tcpflow can also process stored tcpdump packet flows.
Here are the changes in this version:
src/main.cpp (main): added calling process_infile(expression,device,"",true) when no files are provided to fix bug of no live capture.
src/sysdep.h: removed; put code in tcpflow.h for simplicity
src/datalink.cpp (dl_null): moved ETHERTYPE_IPV6 from sysdep.h to datalink.cpp