SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sleuthkit-4.10.2-bp154.1.18.x86_64.rpm :

* Sat Jun 26 2021 Greg Freemyer - update to 4.10.2:
* C/C++
* Added support for Ext4 inline data
* Java
* New Blackboard Artifacts for ALEAPP/ILEAPP, Yara, Geo Area, etc.
* Upgraded to PostgreSQL JDBC Driver 42.2.18
* Added SHA256 to files table in DB and added utility calculation methods.
* Changed TimelineManager to make events for any artifact with a time stamp
* Added Japanese translations
* Fixed synchronization bug in getUniquePath
* Sat Jun 26 2021 Greg Freemyer - fix overly picky Buildrequires statement
* Wed Jun 09 2021 Greg Freemyer - update Buildrequires line for libewf- all libyal packages have been updated from github
* Sun Jan 17 2021 Dirk Müller - update to 4.10.1:
* Changed Windows build to use Nuget for libewf, libvmdk, libvhdi.
* Fixed compiler warnings
* Clarified licenses and added Apache license to distribution
* Improved error handling for out of memory issues
* Rejistry++ memory leak fixes- spec-cleaner
* Wed Dec 16 2020 Greg Freemyer - Update spec file to call for libewf version 0~20140811
* Newer versions of libewf are experimental and not to be used in production
* Sun Nov 08 2020 Greg Freemyer - Update to 4.10.0:
* C/C++: - Removed PostgreSQL code (that was used only by Java code) - Added Java callback support so that database inserts are done in Java.
* Java: - Added methods and callbacks as required to allow database population to happen in Java instead of C/C++. - Added support to allow Autopsy streaming ingest where files are added in batches. - Added TaggingManager class and concept of a TagSet to support ProjectVic categories. - Fixed changes to normalization and validation of emails and phone numbers. - Added a CASE/UCO JAR file that creates JSON-LD based on TSK objects.
* Wed May 27 2020 Paolo Stivanin - Update to 4.9.0:
* C/C++ - Removed framework project. Use Autopsy instead if you need an analysis framework. - Various fixes from Google-based fuzzing. - Ensure all reads (even big ones) are sector aligned when reading from Windows device. - Ensure all command line tools support new pool command line arguments. - Create virtual files for APFS unallocated space - HFS fix to display type
* Java: - More artifact helper methods - More artifacts and attributes for drones and GPS coordinates - Updated TimelineManager to insert GPS artifacts into events table
* Tue Jan 28 2020 Greg Freemyer - Update to 4.8.0:
* added APFS support which required significant changes
* added pool logic as required for APFS
* fixes to the logical imager support
* various other fixes- Update to 4.7.0
* improvements to the logical imager
* feature enhancements in support of autopsy release- added pstat tool
* Tue Jan 28 2020 Greg Freemyer - update libewf buildrequires from 20140608 to 20140808
* libewf 20140608 is from the stable branch
* libewf 20140808 is the latest stable branch release
* Mon Aug 19 2019 Greg Freemyer -Update to 4.6.7:
* First release of new logical imager tool
* VHD image writer fixes for out of space scenarios-Update to 4.6.6:
* Acquisition details are set in DB for E01 files
* Fix NTFS decompression issue (from Joe Sylve)
* Image reading fix when cache fails (Joe Sylve)
* Fix HFS+ issue with large catalog files (Joe Sylve)
* Fix free memory issue in srch_strings (Derrick Karpo)
* Fri Jan 18 2019 seanlewAATTopensuse.org-Update to 4.6.5:
* HFX boundary check fix
* New fields for hash value and acquisitions details
* Store \"created schema version\" in case database
* New Java artifacts and attributes defined
* Fixed bug in SleuthkitCase.getContentById()
* Fixed bug in LayoutFile.read() that could allow oob reading
* Fri Jan 04 2019 Jan Engelhardt - Avoid name repetition in summaries.
* Fri Dec 21 2018 atoptsoglouAATTsuse.com-Update to 4.6.4:
* Java Code: - Increase max statements in database to prevent errors under load - Have a max timeout for SQLite retries-Update to 4.6.3:
* C/C++ Code: - Hashdb bug fixes for corrupt indexes and 0 hashes - New code for testing power of number in ExtX code
* Java Code: - New class that allows generic database access - New methods that check for duplicate artifacts - Added caches for frequently used content
* Database Schema: - Added Examiner table - Tags are now associated with Examiners - Changed parent_path for logical files to be consistent with FS files.-Update to 4.6.2:
* C/C++ Code: - Various compiler warning fixes - Added small delay into image writer to not starve other threads
* Java Code: - Added more locking to ensure that handles were not closed while other threads were using them. - Added APIs to support more queries by data source - Added memory-based caching when detecting if an object has children or not.-Update to 4.6.1:
* C/C++ Code: - Lots of bounds checking fixes from Google\'s fuzzing tests. Thanks Google. - Cleanup and fixes from uckelman-sf and others - PostgreSQL, libvhdi, & libvmdk are supported - Fixed display of NTFS GUID in istat - report from Eric Zimmerman. - NTFS istat shows details about all FILE_NAME attributes, not just the first. report from Eric Zimmerman.
* Java Code: - Reports can be URLs - Reports are Content - Added APIs for graph view of communications - JNI library is extracted to name with user name in it to avoid conflicts
* Database: - Version upgraded from to 8.0 because Reports are now Content-Update to 4.6.0:
* New Features - New Communications related Java classes and database tables. - Java build updates for Autopsy Linux build - Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database. - Increased cache sizes. - Lots of bounds checking fixes from Google\'s fuzzing tests. Thanks Google. - HFS fix from uckelman-sf.-Update to 4.5.0:
* New Features: - Support for LZVN compressed HFS files (from Joel Uckelman) - Use sector size from E01 (helps with 4k sector sizes) - More specific version number of DB schema - New Local Directory type in DB to differentiate with Virtual Directories - All blackboard artifacts in DB are now \'content\'. Attachments can now be children of their parent message. - Added extension as a column in tsk_files table.
* Bug Fixes: - Faster resolving of HFS hard links - Lots of fixes from Google Fuzzing efforts.
* Thu Sep 14 2017 Greg.FreemyerAATTgmail.com- update to 4.4.2
* usnjls tool for NTFS USN log (from noxdafox)
* Added index to mime type column in DB
* Use local SQLite3 if it exists (from uckelman-sf)
* Blackboard Artifacts have a shortDescription metho
* Fix for highest HFS+ inum lookup (from uckelman-sf)
* Fix ISO9660 crash
* various performance fixes and added thread safety checks- add files related to the new usnjls tool
* Sat Feb 25 2017 Greg.FreemyerAATTgmail.com- update to 4.4.0
* Compiling in Windows now uses Visual Studio 2015
* tsk_loaddb now adds new files for slack space and JNI was upgraded accordingly.
* Fri Jul 29 2016 Greg.FreemyerAATTgmail.com- update to 4.3.0
* PostgreSQL support (Windows only)
* Support for virtual machine formats via libvmdk and libvhdi (Windows only)
* Schema updates (data sources table, mime type, attributes store type)
* tsk_img_open can take externally created TSK_IMG_INFO
* New Release_ NoLibs Visual Studio target
* Various bug fixes
* Wed Feb 03 2016 Greg.FreemyerAATTgmail.com- upgrade to 4.2.0
* ExFAT support added
* New database schema
* New Sqlite hash database
* Added secondary hash database index
* Various bug fixes
* NTFS pays more attention to sequence and loads metadata only if it matches.- README.txt renamed README.md- patch sleuthkit-4.1.3-python-tsk.patch removed, now upstream
  
ICM