Hello community, here is the log from the commit of package yara for openSUSE:Factory checked in at 2017-07-21 22:44:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yara (Old) and /work/SRC/openSUSE:Factory/.yara.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yara" Fri Jul 21 22:44:53 2017 rev:5 rq:501373 version:3.6.1 Changes: -------- --- /work/SRC/openSUSE:Factory/yara/yara.changes 2016-11-14 20:15:16.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.yara.new/yara.changes 2017-07-21 22:44:54.934677077 +0200 @@ -1,0 +2,18 @@ +Tue Jun 6 10:15:25 UTC 2017 - [email protected] + +- update to v3.6.1 + * BUGFIX: Stack overflow caused by uncontrolled recursiveness (CVE-2017-9304) + * BUGFIX: pe.overlay.size was undefined if the PE didn't have an overlay. Now it's set to 0 in those cases. + * BUGFIX: Fix initalization issue that could cause a crash if rules compiled with a 32bit yarac is used with a 64bit yara. +- update to v3.6.0 + * .NET module (Wesley Shields) + * New features for ELF module (Jacob Baines) + * Fix endianness issues (Hilko Bengen) + * Function yr_compiler_add_fd added to libyara + * MAX_THREADS limit can be arbitrarily increased (Emerson R. Wiley) + * Added --fail-on-warnings command-line option + * Multiple bug fixes: + CVE-2016-10210, CVE-2016-10211, CVE-2017-5923, CVE-2017-5924, + CVE-2017-8294, CVE-2017-8929, CVE-2017-9438 + +------------------------------------------------------------------- @@ -20,0 +39 @@ +- add BuildRequires: pkg-config as documented in the openSUSE packaging guidelines Old: ---- v3.5.0.tar.gz New: ---- v3.6.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yara.spec ++++++ --- /var/tmp/diff_new_pack.6LyC15/_old 2017-07-21 22:44:56.762419250 +0200 +++ /var/tmp/diff_new_pack.6LyC15/_new 2017-07-21 22:44:56.766418686 +0200 @@ -1,7 +1,7 @@ # # spec file for package yara # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define soname 3 Name: yara -Version: 3.5.0 +Version: 3.6.1 Release: 0 Summary: A malware identification and classification tool License: Apache-2.0 @@ -46,7 +46,7 @@ %package -n python-%name Summary: Python bindings to support the yara malware identification tool -Group: Development/Libraries/Python +Group: Development/Languages/Python Requires: python %description -n python-%name ++++++ v3.5.0.tar.gz -> v3.6.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/yara/v3.5.0.tar.gz /work/SRC/openSUSE:Factory/.yara.new/v3.6.1.tar.gz differ: char 16, line 1
