2024-01-27 21:26:05 +00:00
-------------------------------------------------------------------
Sat Jan 27 18:43:28 UTC 2024 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20231224
- support python39, python310, and python311 packages simultaneously via multi-package building
* move the files that are NOT python version dependant out to a plaso-tools package
- remove dependancy on python-future. That was meant for python 2 packages only.
2023-08-01 16:51:07 +00:00
-------------------------------------------------------------------
Tue Aug 1 16:50:39 UTC 2023 - Greg Freemyer <Greg.Freemyer@gmail.com>
- use %{?sle15_python_module_pythons} for opensuse15.5 compatibility
2023-03-08 00:16:03 +00:00
-------------------------------------------------------------------
2023-03-08 21:10:33 +00:00
Wed Mar 8 18:20:43 UTC 2023 - Greg Freemyer <Greg.Freemyer@gmail.com>
2023-03-08 00:16:03 +00:00
2023-03-08 21:10:33 +00:00
- update to version 20222129
2023-03-08 00:16:03 +00:00
- remove Requires: python-efilter
* At some point python-efilter was apparently dropped as a requirement for plaso
* python-efilter has been dropped from factory
2023-03-08 21:10:33 +00:00
- change libewf2 requirement from the stable branch to the libewf3 experimental branch
2023-03-08 00:16:03 +00:00
2022-12-27 22:28:39 +00:00
-------------------------------------------------------------------
Wed Nov 30 19:50:18 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20220930
- Add Requires python-libfsfat
- Change Requires python-cffi-backend to python-cffi
- Change Requires python-zmq to python-pyzmq
- Remove Requires python-idma (no longer in openSUSE)
- Remove Requires python-fnt (no longer in openSUSE)
- Remove Requires python-yaml (no longer in openSUSE)
2022-09-28 07:01:41 +00:00
-------------------------------------------------------------------
Mon Sep 26 20:23:02 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
- correct the name of the openSUSE timezone package. Should be python-pytz
2022-09-23 17:42:02 +00:00
-------------------------------------------------------------------
Mon Sep 19 22:37:01 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20220724
* For Release Notes, see https://osdfir.blogspot.com/2022/08/plaso-20220724-released.html
*elasticsearch fully deprecated in favor of opensearch # totally untested in openSUSE
- removed Recommends: python-elasticsearch
- added Recommends: python-opensearch
- updated numerous Requires statements, and added numerous others
- changed from python39 to python310 as the underlying python release
- removed Requires: python3-six
* This is untested as it is hard to have an opensuse install without python3-six at this point.
2022-06-08 17:57:21 +00:00
-------------------------------------------------------------------
Wed Jun 8 16:33:35 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
-remove BuildRequires: %{python_module pbr} -- no longer needed
-remove BuildRequires: %{python_module devel} -- no longer needed
2022-06-09 21:43:36 +00:00
-add %if logic to allow PyYAML/bencode/etc to install on 15.4 and tumbleweed
2022-06-08 17:57:21 +00:00
2022-06-08 16:27:33 +00:00
-------------------------------------------------------------------
Wed Jun 1 20:04:50 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20220428
* The 20220428 release did not come with release note. The previous 5 are at:
* https://osdfir.blogspot.com/2021/02/plaso-20210213-released.html
* https://osdfir.blogspot.com/2021/04/plaso-20210412-released.html
* https://osdfir.blogspot.com/2021/06/plaso-20210606-released.html
* https://osdfir.blogspot.com/2021/10/plaso-20211024-released.html
* https://osdfir.blogspot.com/2021/10/plaso-20211024-released.html
* Key notes from the above
* Beggining migration from elasticsearch to opensearch
* Initial support to directly read from Mac OS disk images (.dmg, .sparseimage, .sparsebundle) (#3540).
- added requires python-defusedxml
- remove references to non-existing folders from for loop that preps the source code folder.
2022-06-09 19:32:47 +00:00
- add %define pythons python39 - python39 also works for opensuse 15.4
2022-06-08 16:27:33 +00:00
-- Trying to bulid python38, python39, python310 is failing for unknown reasons
2022-06-09 23:16:48 +00:00
-- Wrap this in an if so only applies to tumbleweed or releases greater than 15.4
2022-06-08 16:27:33 +00:00
2020-12-25 00:42:56 +00:00
-------------------------------------------------------------------
Thu Dec 24 22:52:27 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20201007
* The Elasticsearch output module now includes default type mappings thanks to @william-billaud.
This avoids fields containing both numbers and text being misinterpreted by Elasticsearch.
* A new parser containing initial support for Spotlight store database (store.db) files.
* libfsext/pytfsext has been added as an experimental feature to overcome shortcomings in the pytsk ext implementation. Use the `--vfs-back-end=fsext` option to use libfsext instead of SleuthKit.
* Log2timeline will now not attempt to extract events from MacOS sleep and swap files.
- from version 20200630
* new unattended mode
* The linear status view now shows more information about the overall processing status
* Time zone handling was overhauled. There are now two separate timezone-related options:
`--timezone` indicates the time zone of the source data, and will be used when Plaso can’
`--output_time_zone` specifies a time zone to use when outputting events. This is currently only supported by the ‘ ’ ‘ ’
* There are some new additions to the Windows and Linux tag files, courtesy of pyllyukko@
* It’
* New parsers / supported data formats:
Apple's Transparency, Consent, and Control (TCC) SQlite database.
Google Log (glog) files.
2020-04-05 23:18:20 +00:00
-------------------------------------------------------------------
Sun Apr 5 22:28:32 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20200227
* Changes to handle multi string Windows computer name value #2819 (#2820)
* Removed 4n6time output modules #2809 (#2810)
* Changes Elasticsearch output module to support version 7 (#2830)
* Various small updates to file processors
Accepting request 792777 from home:gregfreemyer:Tools-for-forensic-boot-cd
- update to version 20200227
* Changes to handle multi string Windows computer name value #2819 (#2820)
* Removed 4n6time output modules #2809 (#2810)
* Changes Elasticsearch output module to support version 7 (#2830)
* Various small updates to file processors
- add reguires python-libluksde
- convert to new python singlespec syntax
- ran spec-cleaner
- add python3 support and drop python 2 builds
- update to version 20200121
* first openSUSE update in 2 years
* see release announcements: http://blog.kiddaland.net
* removal of Python 2.7 and 3.4 support
* Migration to Cryptography.io, as pycrypto appears to be unmaintained
- version 20191203
* image_export now supports json output
- version 20190531
* added new event and path filtering
- version 20181219
* added APFS support
- version 20180930
* added python 3 support
* migrated binary file processing to drfabrick
- update to 20171231
* includes the new psteal supervisor program. All users should consider using psteal
* upstream had changed to using dates for release numbers
* events are now represented via the new dfDateTime library
* preparing for a switch to a SQL backend
* significant effort has been spent on automated testing
* For addition release notes:
See http://blog.kiddaland.net/2017/10/drink-joyful-good-mead-plaso-20170925.html
- There is no storage compatibility with databases created with older releases
- prepare for python2/python3 support
- In Requires: lines for libyal python bindings, use the python-lib* variant of the package
Python singlespec automatically converts that to python2 / python3 as appropriate
- Rename dependency OleFileIO_PL to python-olefile
- Update Dependency on python-PyYAML: this package had been renamed
a long time ago to follow the naming convention. The compat
symbol 'python-yaml' was lost with the migration to singlespec.
- update to v1.5.1
* add support for Sleuthkit 4.4.0
* Requires recent python-tsk
- fix a major bug where the front-end files were being removed.
* Apparently there was old plaso install bug that installed 2 copies
- change python-construct require to only accept v2.5.2. Testing showed 2.5.5 was incompatible.
- require python-efilter >= 1.1.5 to fix a bug found in testing
- update to v1.5.0 (Gna)
* See release announcement for details:
- http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html
- DC3 - The DoD Computer Foresics Lap made significant contributions to plaso 1.5
- Add Requires: pyscca, pyfvde, python-dfwinreg, python-efilter, python-yara
- Update Source: tag to the new location
- Change capitalization of xlsxwriter to XlsxWriter
- Add GITHUB_version tag to allow pre-release testing
- remove python-psutil < 3.0 restriction
- update to v1.4.0
* See release announcement for details:
- http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html
* New features
- Parsers for $MFT and the NTFS USN change journal
- Docker file
- ZeroMQ
- File content hashing is now on by default
- Window status view now on by default for non-Windows OS’. log2timeline has a new look.
- A new parser for client-local SCCM logs
- An XSLX output module, for writing events directly to a file readable with Microsoft Excel
- Distributed link tracking support in the winlnk parser
- The Windows Registry handling functionality has been moved to a separate submodule
- Add Requires: libzmq5 >= 4.1.2
- Add Requires: python-protobuf
- Add Requires: python-xlsxwriter
- Add Requires: artifacts-validator instead of just artifacts
- Add Requires: python-requests
- Add Requires: pybde
- Add Requires: pyfsntfs
- Add Requires: pysmraw
- Add Require pyesedb >= 20150409
- Add Recommends: python-mock # Used by internal test suite
- Require libewf2 = 0~20140608 # Newer versions are buggy
- Require pyewf = 0~20140608 # Newer versions are buggy
- Require pyesedb >= 20150409
- Require pyevtx >= 20160107
- Require pylnk >= 20150830
- Require pyolecf >= 20160107
- Require python-dfVFS >= 20160108
- Require python-psutil < 3.0.0 # Not yet compatible with newer psutil
- remove references to subdir winreg
- Add removal of duplicate files %{buildroot}/usr/share/doc/plaso/ACKNOWLEDGEMENTS, etc
- update to v1.3.0
* Numerous new features
* See http://blog.kiddaland.net/2015/07/bringing-end-to-sorrow-new-plaso-release.html
* Major stability improvements
- add /usr/share/plaso as a data directory
- add requires python-pefile >= 1.2.1+139
- add requires pysigscan
- require recent python-dateutils
- remove frontend test files. They have been isolated by upstream.
- remove frontend/plasm, plasm.py, pprof.py, pshell.ph Removed by upstream
- add a openSUSE 13.1 workaround for a unicode bug
- update minimum depency versions
- add a loop to force %py_compile - getting an rpmlint warning without this
- Make iPython a requirement, not a recommendation.
* It is needed for preg and pshell
* version 1.2.1 or newer is required
- update to v1.2.0
* Increased stabiity, less memory, faster extraction
* Fixed excessive momory consusmption bugs
* Source scanner moved from plaso to dfVFS
* New JSON storage back-end available for testing only
* preg overhauled
* New parsers and plug-ins
- update some Requires tag version levels to agree with check_dependencies
- remove #DL_URL field and make #Source a full URL
- added "internal_version" macro useful when building git code
- Added Requires: pyfwsi
- add numerous lines to %prep to eliminate shebang lines which rpmlint was complaining about
- add check_dependencies.py to the %doc files so users can check their own dependencies
- remove frontend python files that are in both /usr/bin and under the python tree structure
- remove other unneeded python files instead of excluding them. Do this prior to calling fdupes
- add explicit "%py_compile ." to resolve rpmlint complaint about datestamps not matching
- update to v1.1.0
* This is a major update
* See the announcement at http://blog.kiddaland.net/2014/06/what-is-one-to-say-about-june-time-of.html
* Highlights
** the ability to read the storage media image formats EWF, QCOW, VHD and VMDK, besides RAW;
** improved existing parsers and plugins, e.g. multi volume support in the Windows Prefetch parser;
** various additional parsers and plugins;
** new features.
- change Requires to use upstream naming where we can
- change Requires to use recent version of core python modules
- correct Requires: py* lines to have the 0~ at the start of the version
* For normal symbols, the 0~ is required NOT to be present, but is required on these
- Add all remaining dependencies that plaso v1.1.0 can leverage at run time
* add Requires: pyesedb since it is now in OBS
* add Requires: pyqcow since it is now in OBS
* add Requires: pyvmdk since it is now in OBS
* add Requires: pyvhdi since it is now in OBS
* Add Requires: python-bencode since it is now in OBS
- remove %attr(755...) line and instead use sed to remove #!/usr/bin/python from *py files
- specfile cleanup
-- added %doc directive
-- added fdupes call
-- fixes a few permissions issues reported by rpmlint
-- ran spec-cleaner
- update to v1.0.2
* Lots of upstream development
* Several new parsers
* first support of TSK v4.1
* improvements in export_image.py
* For detaiils see http://blog.kiddaland.net/2013/10/halloween-brings-with-it-riding-witches.html
- reverse hack associated with plaso in a sub-folder. Now handled properly by upstream
- remove support of openSUSE 11.1 and older
- add requires for OleFileIO_PL
- add requires for python-libolecf
- add requires for python-binplist
- add requires for python-construct
- add requires for python-dpkt
- add requires for python-pyparsing
- quit using the --record-files feature to know what files to put in the %files section
- update to v1.0.1alpha
- update build and install to handle upstream change to have plaso in a sub-folder
- initial build
OBS-URL: https://build.opensuse.org/request/show/792777
OBS-URL: https://build.opensuse.org/package/show/security:forensics/python-plaso?expand=0&rev=31
2020-04-09 16:27:27 +00:00
- add reguires python-libluksde
2020-04-05 23:18:20 +00:00
2020-02-04 12:33:47 +00:00
-------------------------------------------------------------------
Mon Jan 27 13:14:15 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com>
- convert to new python singlespec syntax
- ran spec-cleaner
- add python3 support and drop python 2 builds
- update to version 20200121
* first openSUSE update in 2 years
* see release announcements: http://blog.kiddaland.net
* removal of Python 2.7 and 3.4 support
* Migration to Cryptography.io, as pycrypto appears to be unmaintained
- version 20191203
* image_export now supports json output
- version 20190531
* added new event and path filtering
- version 20181219
* added APFS support
- version 20180930
* added python 3 support
* migrated binary file processing to drfabrick
-------------------------------------------------------------------
Mon Jan 8 23:23:09 UTC 2018 - Greg.Freemyer@gmail.com
- update to 20171231
* includes the new psteal supervisor program. All users should consider using psteal
* upstream had changed to using dates for release numbers
* events are now represented via the new dfDateTime library
* preparing for a switch to a SQL backend
* significant effort has been spent on automated testing
* For addition release notes:
See http://blog.kiddaland.net/2017/10/drink-joyful-good-mead-plaso-20170925.html
- There is no storage compatibility with databases created with older releases
-------------------------------------------------------------------
Wed Oct 4 20:57:03 UTC 2017 - Greg.Freemyer@gmail.com
- prepare for python2/python3 support
- In Requires: lines for libyal python bindings, use the python-lib* variant of the package
Python singlespec automatically converts that to python2 / python3 as appropriate
2020-02-04 09:39:00 +00:00
-------------------------------------------------------------------
Tue May 2 10:15:01 UTC 2017 - Greg.Freemyer@gmail.com
- Rename dependency OleFileIO_PL to python-olefile
-------------------------------------------------------------------
Thu Mar 2 22:25:11 UTC 2017 - dimstar@opensuse.org
- Update Dependency on python-PyYAML: this package had been renamed
a long time ago to follow the naming convention. The compat
symbol 'python-yaml' was lost with the migration to singlespec.
-------------------------------------------------------------------
Sat Feb 25 21:25:22 UTC 2017 - Greg.Freemyer@gmail.com
- update to v1.5.1
2020-02-04 12:33:47 +00:00
* add support for Sleuthkit 4.4.0
2020-02-04 09:39:00 +00:00
* Requires recent python-tsk
-------------------------------------------------------------------
Wed Feb 15 13:34:35 UTC 2017 - Greg.Freemyer@gmail.com
- fix a major bug where the front-end files were being removed.
* Apparently there was old plaso install bug that installed 2 copies
- change python-construct require to only accept v2.5.2. Testing showed 2.5.5 was incompatible.
-------------------------------------------------------------------
Mon Oct 3 23:02:50 UTC 2016 - Greg.Freemyer@gmail.com
- require python-efilter >= 1.1.5 to fix a bug found in testing
-------------------------------------------------------------------
Sun Sep 25 02:08:05 UTC 2016 - Greg.Freemyer@gmail.com
- update to v1.5.0 (Gna)
* See release announcement for details:
- http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html
- DC3 - The DoD Computer Foresics Lap made significant contributions to plaso 1.5
- Add Requires: pyscca, pyfvde, python-dfwinreg, python-efilter, python-yara
- Update Source: tag to the new location
- Change capitalization of xlsxwriter to XlsxWriter
- Add GITHUB_version tag to allow pre-release testing
- remove python-psutil < 3.0 restriction
-------------------------------------------------------------------
Tue Jan 26 03:38:52 UTC 2016 - Greg.Freemyer@gmail.com
- update to v1.4.0
* See release announcement for details:
- http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html
* New features
- Parsers for $MFT and the NTFS USN change journal
- Docker file
- ZeroMQ
- File content hashing is now on by default
- Window status view now on by default for non-Windows OS’
- A new parser for client-local SCCM logs
- An XSLX output module, for writing events directly to a file readable with Microsoft Excel
- Distributed link tracking support in the winlnk parser
- The Windows Registry handling functionality has been moved to a separate submodule
- Add Requires: libzmq5 >= 4.1.2
- Add Requires: python-protobuf
- Add Requires: python-xlsxwriter
- Add Requires: artifacts-validator instead of just artifacts
- Add Requires: python-requests
- Add Requires: pybde
- Add Requires: pyfsntfs
- Add Requires: pysmraw
- Add Require pyesedb >= 20150409
- Add Recommends: python-mock # Used by internal test suite
- Require libewf2 = 0~20140608 # Newer versions are buggy
- Require pyewf = 0~20140608 # Newer versions are buggy
- Require pyesedb >= 20150409
- Require pyevtx >= 20160107
- Require pylnk >= 20150830
- Require pyolecf >= 20160107
- Require python-dfVFS >= 20160108
- Require python-psutil < 3.0.0 # Not yet compatible with newer psutil
- remove references to subdir winreg
- Add removal of duplicate files %{buildroot}/usr/share/doc/plaso/ACKNOWLEDGEMENTS, etc
-------------------------------------------------------------------
Wed Aug 12 22:35:58 UTC 2015 - Greg.Freemyer@gmail.com
- update to v1.3.0
* Numerous new features
* See http://blog.kiddaland.net/2015/07/bringing-end-to-sorrow-new-plaso-release.html
* Major stability improvements
- add /usr/share/plaso as a data directory
- add requires python-pefile >= 1.2.1+139
- add requires pysigscan
- require recent python-dateutils
- remove frontend test files. They have been isolated by upstream.
- remove frontend/plasm, plasm.py, pprof.py, pshell.ph Removed by upstream
- add a openSUSE 13.1 workaround for a unicode bug
- update minimum depency versions
- add a loop to force %py_compile - getting an rpmlint warning without this
-------------------------------------------------------------------
Mon Jan 12 16:46:29 UTC 2015 - Greg.Freemyer@gmail.com
- Make iPython a requirement, not a recommendation.
* It is needed for preg and pshell
* version 1.2.1 or newer is required
-------------------------------------------------------------------
Mon Dec 22 20:32:35 UTC 2014 - Greg.Freemyer@gmail.com
- update to v1.2.0
* Increased stabiity, less memory, faster extraction
* Fixed excessive momory consusmption bugs
* Source scanner moved from plaso to dfVFS
* New JSON storage back-end available for testing only
* preg overhauled
* New parsers and plug-ins
- update some Requires tag version levels to agree with check_dependencies
- remove #DL_URL field and make #Source a full URL
- added "internal_version" macro useful when building git code
- Added Requires: pyfwsi
- add numerous lines to %prep to eliminate shebang lines which rpmlint was complaining about
- add check_dependencies.py to the %doc files so users can check their own dependencies
- remove frontend python files that are in both /usr/bin and under the python tree structure
- remove other unneeded python files instead of excluding them. Do this prior to calling fdupes
- add explicit "%py_compile ." to resolve rpmlint complaint about datestamps not matching
-------------------------------------------------------------------
Sat Aug 23 21:37:25 UTC 2014 - Greg.Freemyer@gmail.com
- update to v1.1.0
* This is a major update
* See the announcement at http://blog.kiddaland.net/2014/06/what-is-one-to-say-about-june-time-of.html
* Highlights
** the ability to read the storage media image formats EWF, QCOW, VHD and VMDK, besides RAW;
** improved existing parsers and plugins, e.g. multi volume support in the Windows Prefetch parser;
** various additional parsers and plugins;
** new features.
- change Requires to use upstream naming where we can
- change Requires to use recent version of core python modules
- correct Requires: py* lines to have the 0~ at the start of the version
* For normal symbols, the 0~ is required NOT to be present, but is required on these
- Add all remaining dependencies that plaso v1.1.0 can leverage at run time
* add Requires: pyesedb since it is now in OBS
* add Requires: pyqcow since it is now in OBS
* add Requires: pyvmdk since it is now in OBS
* add Requires: pyvhdi since it is now in OBS
* Add Requires: python-bencode since it is now in OBS
- remove %attr(755...) line and instead use sed to remove #!/usr/bin/python from *py files
-------------------------------------------------------------------
Fri May 30 18:38:10 UTC 2014 - Greg.Freemyer@gmail.com
- specfile cleanup
-- added %doc directive
-- added fdupes call
-- fixes a few permissions issues reported by rpmlint
-- ran spec-cleaner
-------------------------------------------------------------------
Mon Oct 15 15:29:29 UTC 2013 - Greg.Freemyer@gmail.com
- update to v1.0.2
* Lots of upstream development
* Several new parsers
* first support of TSK v4.1
* improvements in export_image.py
* For detaiils see http://blog.kiddaland.net/2013/10/halloween-brings-with-it-riding-witches.html
- reverse hack associated with plaso in a sub-folder. Now handled properly by upstream
- remove support of openSUSE 11.1 and older
- add requires for OleFileIO_PL
- add requires for python-libolecf
- add requires for python-binplist
- add requires for python-construct
- add requires for python-dpkt
- add requires for python-pyparsing
- quit using the --record-files feature to know what files to put in the %files section
-------------------------------------------------------------------
Wed Apr 24 03:12:20 UTC 2013 - Greg.Freemyer@gmail.com
- update to v1.0.1alpha
- update build and install to handle upstream change to have plaso in a sub-folder
-------------------------------------------------------------------
Tue Mar 26 23:12:58 UTC 2013 - Greg.Freemyer@gmail.com
- initial build
