SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for plaso-base-20231224-lp155.9.2.noarch.rpm :

* Sat Jan 27 2024 Greg Freemyer - update to version 20231224- support python39, python310, and python311 packages simultaneously via multi-package building
* move the files that are NOT python version dependant out to a plaso-tools package- remove dependancy on python-future. That was meant for python 2 packages only.
* Tue Aug 01 2023 Greg Freemyer - use %{?sle15_python_module_pythons} for opensuse15.5 compatibility
* Wed Mar 08 2023 Greg Freemyer - update to version 20222129- remove Requires: python-efilter
* At some point python-efilter was apparently dropped as a requirement for plaso
* python-efilter has been dropped from factory- change libewf2 requirement from the stable branch to the libewf3 experimental branch
* Wed Nov 30 2022 Greg Freemyer - update to version 20220930- Add Requires python-libfsfat- Change Requires python-cffi-backend to python-cffi- Change Requires python-zmq to python-pyzmq- Remove Requires python-idma (no longer in openSUSE)- Remove Requires python-fnt (no longer in openSUSE)- Remove Requires python-yaml (no longer in openSUSE)
* Mon Sep 26 2022 Greg Freemyer - correct the name of the openSUSE timezone package. Should be python-pytz
* Mon Sep 19 2022 Greg Freemyer - update to version 20220724
* For Release Notes, see https://osdfir.blogspot.com/2022/08/plaso-20220724-released.html
* elasticsearch fully deprecated in favor of opensearch # totally untested in openSUSE- removed Recommends: python-elasticsearch- added Recommends: python-opensearch- updated numerous Requires statements, and added numerous others- changed from python39 to python310 as the underlying python release- removed Requires: python3-six
* This is untested as it is hard to have an opensuse install without python3-six at this point.
* Wed Jun 08 2022 Greg Freemyer -remove BuildRequires: %{python_module pbr} -- no longer needed-remove BuildRequires: %{python_module devel} -- no longer needed-add %if logic to allow PyYAML/bencode/etc to install on 15.4 and tumbleweed
* Wed Jun 01 2022 Greg Freemyer - update to version 20220428
* The 20220428 release did not come with release note. The previous 5 are at:
* https://osdfir.blogspot.com/2021/02/plaso-20210213-released.html
* https://osdfir.blogspot.com/2021/04/plaso-20210412-released.html
* https://osdfir.blogspot.com/2021/06/plaso-20210606-released.html
* https://osdfir.blogspot.com/2021/10/plaso-20211024-released.html
* https://osdfir.blogspot.com/2021/10/plaso-20211024-released.html
* Key notes from the above
* Beggining migration from elasticsearch to opensearch
* Initial support to directly read from Mac OS disk images (.dmg, .sparseimage, .sparsebundle) (#3540).- added requires python-defusedxml- remove references to non-existing folders from for loop that preps the source code folder.- add %define pythons python39 - python39 also works for opensuse 15.4 - - Trying to bulid python38, python39, python310 is failing for unknown reasons - - Wrap this in an if so only applies to tumbleweed or releases greater than 15.4
* Thu Dec 24 2020 Greg Freemyer - update to version 20201007
* The Elasticsearch output module now includes default type mappings thanks to AATTwilliam-billaud. This avoids fields containing both numbers and text being misinterpreted by Elasticsearch.
* A new parser containing initial support for Spotlight store database (store.db) files.
* libfsext/pytfsext has been added as an experimental feature to overcome shortcomings in the pytsk ext implementation. Use the `--vfs-back-end=fsext` option to use libfsext instead of SleuthKit.
* Log2timeline will now not attempt to extract events from MacOS sleep and swap files.- from version 20200630
* new unattended mode
* The linear status view now shows more information about the overall processing status
* Time zone handling was overhauled. There are now two separate timezone-related options: `--timezone` indicates the time zone of the source data, and will be used when Plaso can’t determine the appropriate time zone automatically. `--output_time_zone` specifies a time zone to use when outputting events. This is currently only supported by the ‘dynamic’ and ‘l2tcsv’ output modules.
* There are some new additions to the Windows and Linux tag files, courtesy of pyllyukkoAATT
* It’s now possible to specify an elasticsearch password on the command line thanks to new contributor william-billaudAATT. Note that this password will be visible to anyone who is able to list running processes, so be careful about using this on any shared system.
* New parsers / supported data formats: Apple\'s Transparency, Consent, and Control (TCC) SQlite database. Google Log (glog) files.
* Sun Apr 05 2020 Greg Freemyer - update to version 20200227
* Changes to handle multi string Windows computer name value #2819 (#2820)
* Removed 4n6time output modules #2809 (#2810)
* Changes Elasticsearch output module to support version 7 (#2830)
* Various small updates to file processors- add reguires python-libluksde
* Mon Jan 27 2020 Greg Freemyer - convert to new python singlespec syntax- ran spec-cleaner- add python3 support and drop python 2 builds- update to version 20200121
* first openSUSE update in 2 years
* see release announcements: http://blog.kiddaland.net
* removal of Python 2.7 and 3.4 support
* Migration to Cryptography.io, as pycrypto appears to be unmaintained - version 20191203
* image_export now supports json output- version 20190531
* added new event and path filtering- version 20181219
* added APFS support- version 20180930
* added python 3 support
* migrated binary file processing to drfabrick
* Mon Jan 08 2018 Greg.FreemyerAATTgmail.com- update to 20171231
* includes the new psteal supervisor program. All users should consider using psteal
* upstream had changed to using dates for release numbers
* events are now represented via the new dfDateTime library
* preparing for a switch to a SQL backend
* significant effort has been spent on automated testing
* For addition release notes: See http://blog.kiddaland.net/2017/10/drink-joyful-good-mead-plaso-20170925.html- There is no storage compatibility with databases created with older releases
* Wed Oct 04 2017 Greg.FreemyerAATTgmail.com- prepare for python2/python3 support- In Requires: lines for libyal python bindings, use the python-lib
* variant of the package Python singlespec automatically converts that to python2 / python3 as appropriate
* Tue May 02 2017 Greg.FreemyerAATTgmail.com- Rename dependency OleFileIO_PL to python-olefile
* Thu Mar 02 2017 dimstarAATTopensuse.org- Update Dependency on python-PyYAML: this package had been renamed a long time ago to follow the naming convention. The compat symbol \'python-yaml\' was lost with the migration to singlespec.
* Sat Feb 25 2017 Greg.FreemyerAATTgmail.com- update to v1.5.1
* add support for Sleuthkit 4.4.0
* Requires recent python-tsk
* Wed Feb 15 2017 Greg.FreemyerAATTgmail.com- fix a major bug where the front-end files were being removed.
* Apparently there was old plaso install bug that installed 2 copies- change python-construct require to only accept v2.5.2. Testing showed 2.5.5 was incompatible.
* Mon Oct 03 2016 Greg.FreemyerAATTgmail.com- require python-efilter >= 1.1.5 to fix a bug found in testing
* Sun Sep 25 2016 Greg.FreemyerAATTgmail.com- update to v1.5.0 (Gna)
* See release announcement for details: - http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html - DC3 - The DoD Computer Foresics Lap made significant contributions to plaso 1.5- Add Requires: pyscca, pyfvde, python-dfwinreg, python-efilter, python-yara- Update Source: tag to the new location- Change capitalization of xlsxwriter to XlsxWriter- Add GITHUB_version tag to allow pre-release testing- remove python-psutil < 3.0 restriction
* Tue Jan 26 2016 Greg.FreemyerAATTgmail.com- update to v1.4.0
* See release announcement for details: - http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html
* New features - Parsers for $MFT and the NTFS USN change journal - Docker file - ZeroMQ - File content hashing is now on by default - Window status view now on by default for non-Windows OS’. log2timeline has a new look. - A new parser for client-local SCCM logs - An XSLX output module, for writing events directly to a file readable with Microsoft Excel - Distributed link tracking support in the winlnk parser - The Windows Registry handling functionality has been moved to a separate submodule- Add Requires: libzmq5 >= 4.1.2- Add Requires: python-protobuf- Add Requires: python-xlsxwriter- Add Requires: artifacts-validator instead of just artifacts- Add Requires: python-requests- Add Requires: pybde- Add Requires: pyfsntfs- Add Requires: pysmraw- Add Require pyesedb >= 20150409- Add Recommends: python-mock # Used by internal test suite- Require libewf2 = 0~20140608 # Newer versions are buggy- Require pyewf = 0~20140608 # Newer versions are buggy- Require pyesedb >= 20150409- Require pyevtx >= 20160107- Require pylnk >= 20150830- Require pyolecf >= 20160107- Require python-dfVFS >= 20160108- Require python-psutil < 3.0.0 # Not yet compatible with newer psutil- remove references to subdir winreg- Add removal of duplicate files %{buildroot}/usr/share/doc/plaso/ACKNOWLEDGEMENTS, etc
* Wed Aug 12 2015 Greg.FreemyerAATTgmail.com- update to v1.3.0
* Numerous new features
* See http://blog.kiddaland.net/2015/07/bringing-end-to-sorrow-new-plaso-release.html
* Major stability improvements- add /usr/share/plaso as a data directory- add requires python-pefile >= 1.2.1+139- add requires pysigscan- require recent python-dateutils- remove frontend test files. They have been isolated by upstream.- remove frontend/plasm, plasm.py, pprof.py, pshell.ph Removed by upstream- add a openSUSE 13.1 workaround for a unicode bug- update minimum depency versions- add a loop to force %py_compile - getting an rpmlint warning without this
* Mon Jan 12 2015 Greg.FreemyerAATTgmail.com- Make iPython a requirement, not a recommendation.
* It is needed for preg and pshell
* version 1.2.1 or newer is required
* Mon Dec 22 2014 Greg.FreemyerAATTgmail.com- update to v1.2.0
* Increased stabiity, less memory, faster extraction
* Fixed excessive momory consusmption bugs
* Source scanner moved from plaso to dfVFS
* New JSON storage back-end available for testing only
* preg overhauled
* New parsers and plug-ins- update some Requires tag version levels to agree with check_dependencies- remove #DL_URL field and make #Source a full URL- added \"internal_version\" macro useful when building git code- Added Requires: pyfwsi- add numerous lines to %prep to eliminate shebang lines which rpmlint was complaining about- add check_dependencies.py to the %doc files so users can check their own dependencies- remove frontend python files that are in both /usr/bin and under the python tree structure- remove other unneeded python files instead of excluding them. Do this prior to calling fdupes- add explicit \"%py_compile .\" to resolve rpmlint complaint about datestamps not matching
  
ICM