Changelog for
sleuthkit-devel-4.12.1-41.36.i586.rpm :
* Sat Jan 27 2024 Greg Freemyer
- update to 4.12.1
* C/C++:
* Bug fixes from Luis Nassif and Joachim Metz
* Added check to stop for very large folders to prevent memory exhaustion
* Java:
* Added File Repository concept for files to be stored in another location
* Schema updated to 9.4
* Fixed OS Account merge bug and now fire events when accounts are merged- remove sleuthkit-4.12.0_add-missing-include-file.patch
* No longer missing
* gh#sleuthkit/sleuthkit#2812- add sleuthkit-4.12.0_add-lvm-support.patch
* Joachem Metz submitted changes to 4.12.0 to allow lvm support, but one header file was missed
* Fri Feb 17 2023 Greg Freemyer - update to 4.12.0
* Add Linux LVM support
* Logical File System support (a folder structure is parsed by TSK libraries)
* Many small fixes- update to 4.11.1
* C/C++:
* Several fixes from AATTjoachimmetz
* NTFS Decompression bug fix from AATTkastonework and AATTuckelman-sf
* Java:
* Fixed connection leak when making OS Accounts in bridge
* OsAccount updates for instance types and special Windows SIDs Fixed issue with duplicate value in Japanese timeline translation- update to 4.11.0
* C/C++:
* Added checks at various layers to detect encrypted file systems and disks to give more useful error messages.
* Added checks to detect file formats that are not supported (such as AD1, ZIP, etc.) to give more useful error messages.
* Added tsk_imageinfo tool that detects if an image is supported by TSK and if it is encrypted.
* Add numerous bound checks from AATTjoachimmetz
* Clarified licenses as pointed out by AATTjoachimmetz
* Java:
* Updated from Schema 8.6 to 9.1.
* Added tables and classes for OS Accounts and Realms (Domains).
* Added tables and classes for Host Addresses (IP, MAC, etc.).
* Added tables and classes for Analysis Results vs Data Artifacts by adding onto BlackboardArtifacts.
* Added tables and classes for Host and Person to make it easier to group data sources.
* Added static types for standard artifact types.
* Added File Attribute table to allow custom information to be stored for each file.
* Made ordering of getting lock and connection consistent.
* Made the findFile methods more efficient by using extension (which is indexed).- add 0001-build-support-libewf-V3.patch to support the experimental release branch of libewf- add sleuthkit-4.12.0_add-missing-include-file.patch
* Sat Jun 26 2021 Greg Freemyer - update to 4.10.2:
* C/C++
* Added support for Ext4 inline data
* Java
* New Blackboard Artifacts for ALEAPP/ILEAPP, Yara, Geo Area, etc.
* Upgraded to PostgreSQL JDBC Driver 42.2.18
* Added SHA256 to files table in DB and added utility calculation methods.
* Changed TimelineManager to make events for any artifact with a time stamp
* Added Japanese translations
* Fixed synchronization bug in getUniquePath
* Sat Jun 26 2021 Greg Freemyer - fix overly picky Buildrequires statement
* Wed Jun 09 2021 Greg Freemyer - update Buildrequires line for libewf- all libyal packages have been updated from github
* Sun Jan 17 2021 Dirk Müller - update to 4.10.1:
* Changed Windows build to use Nuget for libewf, libvmdk, libvhdi.
* Fixed compiler warnings
* Clarified licenses and added Apache license to distribution
* Improved error handling for out of memory issues
* Rejistry++ memory leak fixes- spec-cleaner
* Wed Dec 16 2020 Greg Freemyer - Update spec file to call for libewf version 0~20140811
* Newer versions of libewf are experimental and not to be used in production
* Sun Nov 08 2020 Greg Freemyer - Update to 4.10.0:
* C/C++: - Removed PostgreSQL code (that was used only by Java code) - Added Java callback support so that database inserts are done in Java.
* Java: - Added methods and callbacks as required to allow database population to happen in Java instead of C/C++. - Added support to allow Autopsy streaming ingest where files are added in batches. - Added TaggingManager class and concept of a TagSet to support ProjectVic categories. - Fixed changes to normalization and validation of emails and phone numbers. - Added a CASE/UCO JAR file that creates JSON-LD based on TSK objects.
* Wed May 27 2020 Paolo Stivanin - Update to 4.9.0:
* C/C++ - Removed framework project. Use Autopsy instead if you need an analysis framework. - Various fixes from Google-based fuzzing. - Ensure all reads (even big ones) are sector aligned when reading from Windows device. - Ensure all command line tools support new pool command line arguments. - Create virtual files for APFS unallocated space - HFS fix to display type
* Java: - More artifact helper methods - More artifacts and attributes for drones and GPS coordinates - Updated TimelineManager to insert GPS artifacts into events table
* Tue Jan 28 2020 Greg Freemyer - Update to 4.8.0:
* added APFS support which required significant changes
* added pool logic as required for APFS
* fixes to the logical imager support
* various other fixes- Update to 4.7.0
* improvements to the logical imager
* feature enhancements in support of autopsy release- added pstat tool