sleuthkit-4.10.2-bp154.1.18 RPM for x86_64

From OpenSuSE Leap 15.4 for x86_64

The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that
allow you to investigate a computer. The current focus of the tools is the
file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS,
and ISO 9660 file systems

Provides

• sleuthkit
• fiwalk
• sleuthkit(x86-64)

Requires

• /usr/bin/perl
• file
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libc.so.6(GLIBC_2.8)(64bit)
• libgcc_s.so.1()(64bit)
• libgcc_s.so.1(GCC_3.0)(64bit)
• libpthread.so.0()(64bit)
• libpthread.so.0(GLIBC_2.2.5)(64bit)
• libstdc++.so.6()(64bit)
• libstdc++.so.6(CXXABI_1.3)(64bit)
• libstdc++.so.6(CXXABI_1.3.9)(64bit)
• libstdc++.so.6(GLIBCXX_3.4)(64bit)
• libstdc++.so.6(GLIBCXX_3.4.20)(64bit)
• libstdc++.so.6(GLIBCXX_3.4.21)(64bit)
• libstdc++.so.6(GLIBCXX_3.4.9)(64bit)
• libtsk.so.19()(64bit)
• libtsk19 = 4.10.2
• mac-robber
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsXz) <= 5.2-1

License

CPL-1.0 AND IPL-1.0 AND GPL-2.0-or-later

Changelog

* Sat Jun 26 2021 Greg Freemyer <Greg.Freemyer@gmail.com>
  - update to 4.10.2:
    * C/C++
    * Added support for Ext4 inline data
    * Java
    * New Blackboard Artifacts for ALEAPP/ILEAPP, Yara, Geo Area, etc.
    * Upgraded to PostgreSQL JDBC Driver 42.2.18
    * Added SHA256 to files table in DB and added utility calculation methods.
    * Changed TimelineManager to make events for any artifact with a time stamp
    * Added Japanese translations
    * Fixed synchronization bug in getUniquePath
* Sat Jun 26 2021 Greg Freemyer <Greg.Freemyer@gmail.com>
  - fix overly picky Buildrequires statement
* Wed Jun 09 2021 Greg Freemyer <Greg.Freemyer@gmail.com>
  - update Buildrequires line for libewf
  - all libyal packages have been updated from github
* Sun Jan 17 2021 Dirk Müller <dmueller@suse.com>
  - update to 4.10.1:
    * Changed Windows build to use Nuget for libewf, libvmdk, libvhdi.
    * Fixed compiler warnings
    * Clarified licenses and added Apache license to distribution
    * Improved error handling for out of memory issues
    * Rejistry++ memory leak fixes
  - spec-cleaner
* Wed Dec 16 2020 Greg Freemyer <Greg.Freemyer@gmail.com>
  - Update spec file to call for libewf version 0~20140811
    * Newer versions of libewf are experimental and not to be used in production
* Sun Nov 08 2020 Greg Freemyer <Greg.Freemyer@gmail.com>
  - Update to 4.10.0:
    * C/C++:
    - Removed PostgreSQL code (that was used only by Java code)
    - Added Java callback support so that database inserts are done in Java.
    * Java:
    - Added methods and callbacks as required to allow database population to happen in Java instead of C/C++.
    - Added support to allow Autopsy streaming ingest where files are added in batches.
    - Added TaggingManager class and concept of a TagSet to support ProjectVic categories.
    - Fixed changes to normalization and validation of emails and phone numbers.
    - Added a CASE/UCO JAR file that creates JSON-LD based on TSK objects.
* Wed May 27 2020 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.9.0:
    * C/C++
    - Removed framework project. Use Autopsy instead if you need an analysis framework.
    - Various fixes from Google-based fuzzing.
    - Ensure all reads (even big ones) are sector aligned when reading from Windows device.
    - Ensure all command line tools support new pool command line arguments.
    - Create virtual files for APFS unallocated space
    - HFS fix to display type
    * Java:
    - More artifact helper methods
    - More artifacts and attributes for drones and GPS coordinates
    - Updated TimelineManager to insert GPS artifacts into events table
* Tue Jan 28 2020 Greg Freemyer <Greg.Freemyer@gmail.com>
  - Update to 4.8.0:
    * added APFS support which required significant changes
    * added pool logic as required for APFS
    * fixes to the logical imager support
    * various other fixes
  - Update to 4.7.0
    * improvements to the logical imager
    * feature enhancements in support of autopsy release
  - added pstat tool
* Tue Jan 28 2020 Greg Freemyer <Greg.Freemyer@gmail.com>
  - update libewf buildrequires from 20140608 to 20140808
    * libewf 20140608 is from the stable branch
    * libewf 20140808 is the latest stable branch release
* Mon Aug 19 2019 Greg Freemyer <Greg.Freemyer@gmail.com>
  -Update to 4.6.7:
    * First release of new logical imager tool
    * VHD image writer fixes for out of space scenarios
  -Update to 4.6.6:
    * Acquisition details are set in DB for E01 files
    * Fix NTFS decompression issue (from Joe Sylve)
    * Image reading fix when cache fails (Joe Sylve)
    * Fix HFS+ issue with large catalog files (Joe Sylve)
    * Fix free memory issue in srch_strings (Derrick Karpo)
* Fri Jan 18 2019 seanlew@opensuse.org
  -Update to 4.6.5:
    * HFX boundary check fix
    * New fields for hash value and acquisitions details
    * Store "created schema version" in case database
    * New Java artifacts and attributes defined
    * Fixed bug in SleuthkitCase.getContentById()
    * Fixed bug in LayoutFile.read() that could allow oob reading
* Fri Jan 04 2019 Jan Engelhardt <jengelh@inai.de>
  - Avoid name repetition in summaries.
* Fri Dec 21 2018 atoptsoglou@suse.com
  -Update to 4.6.4:
    * Java Code:
    - Increase max statements in database to prevent errors under load
    - Have a max timeout for SQLite retries
  -Update to 4.6.3:
    * C/C++ Code:
    - Hashdb bug fixes for corrupt indexes and 0 hashes
    - New code for testing power of number in ExtX code
    * Java Code:
    - New class that allows generic database access
    - New methods that check for duplicate artifacts
    - Added caches for frequently used content
    * Database Schema:
    - Added Examiner table
    - Tags are now associated with Examiners
    - Changed parent_path for logical files to be consistent with FS files.
  -Update to 4.6.2:
    * C/C++ Code:
    - Various compiler warning fixes
    - Added small delay into image writer to not starve other threads
    * Java Code:
    - Added more locking to ensure that handles were not closed while other threads were using them.
    - Added APIs to support more queries by data source
    - Added memory-based caching when detecting if an object has children or not.
  -Update to 4.6.1:
    * C/C++ Code:
    - Lots of bounds checking fixes from Google's fuzzing tests.  Thanks Google.
    - Cleanup and fixes from uckelman-sf and others
    - PostgreSQL, libvhdi, & libvmdk are supported
    - Fixed display of NTFS GUID in istat - report from Eric Zimmerman.
    - NTFS istat shows details about all FILE_NAME attributes, not just the first.  report from Eric Zimmerman.
    * Java Code:
    - Reports can be URLs
    - Reports are Content
    - Added APIs for graph view of communications
    - JNI library is extracted to name with user name in it to avoid conflicts
    * Database:
    - Version upgraded from to 8.0 because Reports are now Content
  -Update to 4.6.0:
    * New Features
    - New Communications related Java classes and database tables.
    - Java build updates for Autopsy Linux build
    - Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database.
    - Increased cache sizes.
    - Lots of bounds checking fixes from Google's fuzzing tests.  Thanks Google.
    - HFS fix from uckelman-sf.
  -Update to 4.5.0:
    * New Features:
    - Support for LZVN compressed HFS files (from Joel Uckelman)
    - Use sector size from E01 (helps with 4k sector sizes)
    - More specific version number of DB schema
    - New Local Directory type in DB to differentiate with Virtual Directories
    - All blackboard artifacts in DB are now 'content'. Attachments can now be children of their parent message.
    - Added extension as a column in tsk_files table.
    * Bug Fixes:
    - Faster resolving of HFS hard links
    - Lots of fixes from Google Fuzzing efforts.
* Thu Sep 14 2017 Greg.Freemyer@gmail.com
  - update to 4.4.2
    * usnjls tool for NTFS USN log (from noxdafox)
    * Added index to mime type column in DB
    * Use local SQLite3 if it exists (from uckelman-sf)
    * Blackboard Artifacts have a shortDescription metho
    * Fix for highest HFS+ inum lookup (from uckelman-sf)
    * Fix ISO9660 crash
    * various performance fixes and added thread safety checks
  - add files related to the new usnjls tool
* Sat Feb 25 2017 Greg.Freemyer@gmail.com
  - update to 4.4.0
    * Compiling in Windows now uses Visual Studio 2015
    * tsk_loaddb now adds new files for slack space
    and JNI was upgraded accordingly.
* Fri Jul 29 2016 Greg.Freemyer@gmail.com
  - update to 4.3.0
    * PostgreSQL support (Windows only)
    * Support for virtual machine formats via libvmdk and libvhdi (Windows only)
    * Schema updates (data sources table, mime type, attributes store type)
    * tsk_img_open can take externally created TSK_IMG_INFO
    * New Release_ NoLibs Visual Studio target
    * Various bug fixes
* Wed Feb 03 2016 Greg.Freemyer@gmail.com
  - upgrade to 4.2.0
    * ExFAT support added
    * New database schema
    * New Sqlite hash database
    * Added secondary hash database index
    * Various bug fixes
    * NTFS pays more attention to sequence and loads metadata only
    if it matches.
  - README.txt renamed README.md
  - patch sleuthkit-4.1.3-python-tsk.patch removed, now upstream

Files

/usr/bin/blkcalc
/usr/bin/blkcat
/usr/bin/blkls
/usr/bin/blkstat
/usr/bin/fcat
/usr/bin/ffind
/usr/bin/fiwalk
/usr/bin/fls
/usr/bin/fsstat
/usr/bin/hfind
/usr/bin/icat
/usr/bin/ifind
/usr/bin/ils
/usr/bin/img_cat
/usr/bin/img_stat
/usr/bin/istat
/usr/bin/jcat
/usr/bin/jls
/usr/bin/jpeg_extract
/usr/bin/mactime
/usr/bin/mmcat
/usr/bin/mmls
/usr/bin/mmstat
/usr/bin/pstat
/usr/bin/sigfind
/usr/bin/sorter
/usr/bin/srch_strings
/usr/bin/tsk_comparedir
/usr/bin/tsk_gettimes
/usr/bin/tsk_loaddb
/usr/bin/tsk_recover
/usr/bin/usnjls
/usr/share/doc/packages/sleuthkit
/usr/share/doc/packages/sleuthkit/ChangeLog.txt
/usr/share/doc/packages/sleuthkit/GNU-COPYING
/usr/share/doc/packages/sleuthkit/IBM-LICENSE
/usr/share/doc/packages/sleuthkit/NEWS.txt
/usr/share/doc/packages/sleuthkit/README.md
/usr/share/doc/packages/sleuthkit/bsd.txt
/usr/share/doc/packages/sleuthkit/cpl1.0.txt
/usr/share/doc/packages/sleuthkit/mit.txt
/usr/share/man/man1/blkcalc.1.gz
/usr/share/man/man1/blkcat.1.gz
/usr/share/man/man1/blkls.1.gz
/usr/share/man/man1/blkstat.1.gz
/usr/share/man/man1/fcat.1.gz
/usr/share/man/man1/ffind.1.gz
/usr/share/man/man1/fls.1.gz
/usr/share/man/man1/fsstat.1.gz
/usr/share/man/man1/hfind.1.gz
/usr/share/man/man1/icat.1.gz
/usr/share/man/man1/ifind.1.gz
/usr/share/man/man1/ils.1.gz
/usr/share/man/man1/img_cat.1.gz
/usr/share/man/man1/img_stat.1.gz
/usr/share/man/man1/istat.1.gz
/usr/share/man/man1/jcat.1.gz
/usr/share/man/man1/jls.1.gz
/usr/share/man/man1/mactime.1.gz
/usr/share/man/man1/mmcat.1.gz
/usr/share/man/man1/mmls.1.gz
/usr/share/man/man1/mmstat.1.gz
/usr/share/man/man1/sigfind.1.gz
/usr/share/man/man1/sorter.1.gz
/usr/share/man/man1/tsk_comparedir.1.gz
/usr/share/man/man1/tsk_gettimes.1.gz
/usr/share/man/man1/tsk_loaddb.1.gz
/usr/share/man/man1/tsk_recover.1.gz
/usr/share/man/man1/usnjls.1.gz
/usr/share/tsk
/usr/share/tsk/sorter
/usr/share/tsk/sorter/default.sort
/usr/share/tsk/sorter/freebsd.sort
/usr/share/tsk/sorter/images.sort
/usr/share/tsk/sorter/linux.sort
/usr/share/tsk/sorter/openbsd.sort
/usr/share/tsk/sorter/solaris.sort
/usr/share/tsk/sorter/windows.sort

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 16:00:25 2024