CERT-Forensics-Tools-1.0-55.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm -
This package was updated to do the following:
For Fedora 19, use ewftools.
For all else, use libewf-tools and obsolete ewftools.
libbfio{,devel}-20120425-1.{fc16,fc17,fc18,fc19,el5,el6}.{i386,x86_64}.rpm - Libbfio is a
library that provides basic file input/output abstraction. Libbfio is used in multiple other libraries like libewf, libmsiecf, libnk2, libolecf and libpff.
It is used to chain I/O to support file-in-file access.
Here are the changes:
add VC_EXTRALEAN to config_msc.h
add autoconf/make test suite
add callback function to resize memory range if needed?
additional checks for system strings
allow re-set of pool entries?
bug fix for POSIX wide character support in path functions
check if libbfio.3 is up to date
code clean up
fixed memory leak due to recent changes
remove deprecated functions in libbfio_legacy.[ch]
removed deprecated functions
updated .pc and .spec file
updated codegear files
updated common
updated configure.ac
updated configure.ac and m4 files
updated dependencies
updated gettext
updated libcstring, libuna
updated libuna
updated list type, offset list
updated msvscpp and borlandc files
updated msvscpp files
updated spec and pc files
what about disk full on write
wide to narrow (ASCII with codepage) conversion
worked on absolute path support with /../
worked on file range back end
worked on full file name support for open on demand
worked on full path functions
worked on libcfile rewrite
worked on libcpath rewrite
libpff-20120802-2.{fc16,fc17,fc18,fc19,el5,el6}.{i386,x86_64}.rpm - Libpff is a library
and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format. PFF is used in PAB (Personal Address Book), PST (Personal
Storage Table) and OST (Offline Storage Table) files. Static and dynamic versions of the libraries are provided.
Libpff is used by DFF - the Digital Forensics Framework.
See the libpff website for the list of changes
dff-1.3.0-3.{fc17,fc18,fc19}.{i686,x86_64}.rpm - The Digital Forensics Framework (DFF) is both
a digital investigation tool and a development platform. The framework is used by system administrators, law enforcement examinors, digital forensics researchers
and students, and security professionals world-wide. Written in Python and C++, it exclusively uses Open Source technologies. DFF combines an intuitive user
interface with a modular and cross-platform architecture. Note that only Fedora 17, 18, and 19 supported in this release.
Here are the changes (thanks to Danil Bazin for the bug report and suggested fixes):
Added a dynamic loader configuration file, activated them when dff is installed, and deactived them when dff is uninstalled.
Added missing PyQt4 dependency.
Added missing reglookup dependency.
Added the __init__.py file needed for searching.
Recomplied with latest libbfio and libpff libraries.
Installed the ffmpeg-devel package from the RPMFusion to add video support to dff.
This required the installation of these additional pagkages, all also from RPMFusion:
ffmpeg-libs
librtmp
x264-libs
xvidcore
fmem-kernel-objects-1.6-1.23.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm - Fmem is kernel module that creates
device /dev/fmem, similar to /dev/mem but without limitations.
The changes added support for the following kernels:
2.6.32-358.11.1 for EL6
3.9.8-108 for FC17
3.9.10-100 for FC17
3.9.5-201 for FC18
3.9.6-208 for FC18
3.9.9-201 for FC18
3.9.10-200 for FC18
3.9.11-200 for FC18
3.9.5-301 for FC19
3.9.9-302 for FC19
3.10.3-300 for FC19
libbde{,-devel,-python,-tools}-20130729-1.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm -
Libbde is a library and tools to access the BitLocker
Drive Encryption (BDE) format. The BDE format is used by Windows, as of Vista, to encrypt data on a storage media volume.
See here for the support formats, protection methods, and additional features.
Here are the changes for this release:
updated dependencies
pybde fixes for >2G file objects in BFIO glue code
worked on git support
updated dependencies
fixed some typos
fix for dealing with padding in FVE metadata block
partclone-0.2.48-3.{fc16,fc17,fc18,fc19,el6}.{i686,x86_64}.rpm - Partclone is a program similar to the
well-known backup utility "Partition Image" a.k.a partimage. Partclone provides utilities to save and restore used blocks on a
partition and is designed for higher compatibility of the file system by using existing libraries, e.g. e2fslibs is used to read and write
the ext2 partition.
The supported file systems are: ext2, ext3, ext4, hfs+, btrfs, ntfs, fat(12/16/32), and exfat.
This release was built to use the latest libntfs-3g shared library, bringing all of the releases to the same release level.
recoll-1.19.4-2.1.{fc16,fc17,fc18,fc19,el6}.{i686,x86_64}.rpm - Recoll
is a text search tool for Unix and Linux desktops. Recoll finds keywords inside documents as well as file names.
See here for a list of changes in this version.
In addition, tar archives have been enabled and the epub, pstotext, and aspell packages have been added as required packages.
stegdetect-0.6.0-2.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm - stegdetect is an automated tool for detecting steganographic content in images.
This package was rebuilt to remove compiler optimization, the inclusion of which caused stegdetect to crash.
Thanks to Pete Troxell for the bug reports and suggested fixes.
kracked-0.1-1.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm - Kracked is a tool that creates word lists from files, memory captures for example.
{vmfs-tools,ilibvmfs-devel}-0.2.5-1.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm - VMfs-tools is a collection of
command-line tools for operating on VMware's VMFS file system.
Included in this release is limited VMFS version 5 support.