2020-02-04 09:39:00 +00:00
|
|
|
#
|
|
|
|
|
# spec file for package python-plaso
|
|
|
|
|
#
|
2020-02-04 12:33:47 +00:00
|
|
|
# Copyright (c) 2020 SUSE LLC
|
2020-02-04 09:39:00 +00:00
|
|
|
#
|
|
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
2020-02-04 12:33:47 +00:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2020-02-04 09:39:00 +00:00
|
|
|
#
|
|
|
|
|
|
2023-08-01 16:50:19 +00:00
|
|
|
%{?sle15_python_module_pythons}
|
2020-02-04 09:39:00 +00:00
|
|
|
|
2024-01-27 21:26:05 +00:00
|
|
|
%define timestamp 20231224
|
2022-06-08 16:27:33 +00:00
|
|
|
|
2020-02-04 09:39:00 +00:00
|
|
|
Name: python-plaso
|
2020-02-04 12:33:47 +00:00
|
|
|
Version: %{timestamp}
|
2020-02-04 09:39:00 +00:00
|
|
|
Release: 0
|
|
|
|
|
Summary: Plaso is a library for working with forensic timelines
|
|
|
|
|
License: Apache-2.0
|
|
|
|
|
Group: Development/Libraries/Python
|
2020-02-04 12:33:47 +00:00
|
|
|
URL: http://plaso.kiddaland.net/
|
2020-02-04 09:39:00 +00:00
|
|
|
#git: git clone https://github.com/log2timeline/plaso.git
|
2020-02-04 12:33:47 +00:00
|
|
|
Source: https://github.com/log2timeline/plaso/releases/download/%{version}/plaso-%{version}.tar.gz
|
|
|
|
|
BuildRequires: %{python_module setuptools}
|
2020-02-04 09:39:00 +00:00
|
|
|
BuildRequires: fdupes
|
2020-02-04 12:33:47 +00:00
|
|
|
BuildRequires: pkgconfig
|
|
|
|
|
BuildRequires: python-rpm-macros
|
2022-06-09 22:02:10 +00:00
|
|
|
|
2022-06-08 16:27:33 +00:00
|
|
|
Requires: artifacts-validator >= 20220219
|
2022-06-09 21:53:08 +00:00
|
|
|
|
2020-02-04 12:33:47 +00:00
|
|
|
# libewf newer versions than 2016-01-26 are buggy
|
2023-03-08 21:10:33 +00:00
|
|
|
#Requires: libewf2 = 20140811
|
|
|
|
|
# Testing the experimental branch. Initial testing of the experimental branch od libewf2 found no relevant errors
|
|
|
|
|
# relevant bugs were fixed in 2021
|
|
|
|
|
Requires: libewf3 >= 20220101
|
2020-02-04 09:39:00 +00:00
|
|
|
Requires: libzmq5 > 4.1.2
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-lz4 >= 0.10.0
|
2022-06-09 22:02:10 +00:00
|
|
|
Requires: python-jupyter
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-defusedxml >= 0.5.0
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-PyYAML
|
2022-06-09 21:38:10 +00:00
|
|
|
Requires: python-bencode
|
2022-12-27 22:28:39 +00:00
|
|
|
# Requires: python-idma >= 2.5
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-certifi >= 2016.9.26
|
|
|
|
|
# possibly optional?
|
2022-12-27 22:28:39 +00:00
|
|
|
Requires: python-cffi >= 1.15.1
|
|
|
|
|
# Requires: python-cffi-backend >= 1.9.1 old name? Not avalable in openSUSE
|
2022-09-23 17:42:02 +00:00
|
|
|
# optional
|
|
|
|
|
Requires: python-chardet
|
2022-12-27 22:41:39 +00:00
|
|
|
Requires: python-dfdatetime >= 0~20220419
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-cryptography >= 2.0.2
|
2022-06-09 21:43:13 +00:00
|
|
|
Requires: python-biplist
|
2022-06-09 21:48:12 +00:00
|
|
|
Requires: python-construct
|
2022-06-09 21:57:33 +00:00
|
|
|
Requires: python-dpkt
|
2022-12-27 22:28:39 +00:00
|
|
|
Requires: python-pyzmq >= 2.1.11
|
2020-02-04 09:39:00 +00:00
|
|
|
Requires: python-XlsxWriter >= 0.9.3
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-urllib3 >= 1.21.1
|
|
|
|
|
Requires: python-pyxattr >= 0.7.2
|
|
|
|
|
|
|
|
|
|
Requires: python-libbde >= 20220121
|
|
|
|
|
Requires: python-libcreg >= 20200725
|
2020-02-04 09:39:00 +00:00
|
|
|
Requires: python-dateutil >= 2.4.2
|
2023-03-08 21:10:33 +00:00
|
|
|
Requires: python-dfVFS >= 0~20221224
|
2022-06-08 16:27:33 +00:00
|
|
|
Requires: python-dfwinreg >= 0~20211207
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-dtfabric >= 0~20220219
|
2022-06-09 23:41:48 +00:00
|
|
|
Requires: python-fakeredis
|
2020-04-05 23:18:20 +00:00
|
|
|
#Requires: python-hachoir-core
|
|
|
|
|
#Requires: python-hachoir-metadata
|
|
|
|
|
#Requires: python-hachoir-parser >= 1.3.4
|
2022-06-09 22:06:32 +00:00
|
|
|
|
2020-02-04 09:39:00 +00:00
|
|
|
# These are core libraries. Make sure current versions are used
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-libesedb >= 0~20150409
|
|
|
|
|
Requires: python-libevt >= 0~20140731
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libevtx >= 0~20210424
|
2023-03-08 21:10:33 +00:00
|
|
|
Requires: python-libewf > 20220101
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libfsapfs >= 20201107
|
|
|
|
|
Requires: python-libfsext >= 20220112
|
2022-12-27 22:28:39 +00:00
|
|
|
Requires: python-libfsfat >= 20220925
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libfshfs >= 20220115
|
|
|
|
|
Requires: python-libfsntfs >= 0~20211229
|
|
|
|
|
Requires: python-libfsxfs >= 0~20220113
|
|
|
|
|
Requires: python-libfvde >= 20220121
|
2022-12-27 22:28:39 +00:00
|
|
|
# Requires: python-libfnt >= 20210717
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-libfwsi >= 0~20150606
|
|
|
|
|
Requires: python-liblnk >= 0~20150830
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libluksde >= 20220121
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-libmsiecf >= 0~20150314
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libmodi >= 0~20210405
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-libolecf >= 0~20160107
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libqcow >= 20201213
|
2021-01-17 03:53:41 +00:00
|
|
|
Requires: python-libregf >= 0~20201007
|
2020-04-05 23:18:20 +00:00
|
|
|
Requires: python-libscca >= 0~20190605
|
2020-04-10 00:51:38 +00:00
|
|
|
Requires: python-libsigscan >= 0~20191221
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-libsmdev
|
|
|
|
|
Requires: python-libsmraw
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libvhdi >= 2020114
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-libvmdk
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-libvsgpt >= 20211115
|
|
|
|
|
Requires: python-libvshadow >= 0~20160109
|
|
|
|
|
Requires: python-libvslvm >= 0~20160109
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-olefile
|
2022-06-09 23:11:02 +00:00
|
|
|
Requires: python-pefile >= 2021.5.24
|
2020-02-04 09:39:00 +00:00
|
|
|
Requires: python-protobuf
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-psutil >= 5.4.3
|
2020-02-04 09:39:00 +00:00
|
|
|
Requires: python-pyparsing >= 2.0.3
|
2022-12-27 22:28:39 +00:00
|
|
|
Requires: python-redis >= 3.4
|
2022-09-23 17:42:02 +00:00
|
|
|
Requires: python-requests >= 2.18.0
|
|
|
|
|
Requires: python-tsk >= 0~20210419
|
2022-09-28 07:01:41 +00:00
|
|
|
Requires: python-pytz
|
2020-02-04 12:33:47 +00:00
|
|
|
Requires: python-yara >= 3.5.0
|
2024-01-27 21:26:05 +00:00
|
|
|
Requires: plaso-base
|
2022-12-27 22:28:39 +00:00
|
|
|
# Requires: python-yaml >= 3.10
|
2020-02-04 12:33:47 +00:00
|
|
|
Recommends: libesedb-tools
|
2020-02-04 09:39:00 +00:00
|
|
|
Recommends: libevt-tools
|
|
|
|
|
Recommends: libevtx-tools
|
|
|
|
|
Recommends: libewf-tools
|
|
|
|
|
Recommends: liblnk-tools
|
|
|
|
|
Recommends: libmsiecf-tools
|
|
|
|
|
Recommends: libolecf-tools
|
|
|
|
|
Recommends: libregf-tools
|
|
|
|
|
Recommends: libsmdev-tools
|
|
|
|
|
Recommends: libvhdi-tools
|
|
|
|
|
Recommends: libvmdk-tools
|
2020-02-04 12:33:47 +00:00
|
|
|
Recommends: libvshadow-tools
|
2022-09-23 17:42:02 +00:00
|
|
|
# python-opensearch is totally untested
|
|
|
|
|
Recommends: python-opensearch
|
2020-02-04 09:39:00 +00:00
|
|
|
# for running the test suite
|
|
|
|
|
Recommends: python-mock
|
2020-02-04 12:33:47 +00:00
|
|
|
Recommends: sleuthkit >= 4.1.2
|
2020-02-04 09:39:00 +00:00
|
|
|
Provides: plaso
|
|
|
|
|
BuildArch: noarch
|
2020-02-04 12:33:47 +00:00
|
|
|
%python_subpackages
|
2020-02-04 09:39:00 +00:00
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
Plaso (plaso langar að safna öllu) is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computer and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
|
|
|
|
|
|
2024-01-27 21:26:05 +00:00
|
|
|
%package -n plaso-base
|
|
|
|
|
Summary: Python version neutral tools for plaso
|
|
|
|
|
License: Apache-2.0
|
|
|
|
|
|
|
|
|
|
%description -n plaso-base
|
|
|
|
|
Several tools provided with the plaso program
|
|
|
|
|
|
2020-02-04 09:39:00 +00:00
|
|
|
%prep
|
2020-02-04 12:33:47 +00:00
|
|
|
%setup -q -n plaso-%{version}
|
2022-06-08 16:27:33 +00:00
|
|
|
for subdir in analysis cli engine filters formatters lib parsers preprocessors serializer storage output; do
|
2020-02-04 09:39:00 +00:00
|
|
|
find plaso/$subdir -name \*.py | xargs sed -i "/#!\/usr\/bin\/python/d"
|
|
|
|
|
done
|
Accepting request 792777 from home:gregfreemyer:Tools-for-forensic-boot-cd
- update to version 20200227
* Changes to handle multi string Windows computer name value #2819 (#2820)
* Removed 4n6time output modules #2809 (#2810)
* Changes Elasticsearch output module to support version 7 (#2830)
* Various small updates to file processors
- add reguires python-libluksde
- convert to new python singlespec syntax
- ran spec-cleaner
- add python3 support and drop python 2 builds
- update to version 20200121
* first openSUSE update in 2 years
* see release announcements: http://blog.kiddaland.net
* removal of Python 2.7 and 3.4 support
* Migration to Cryptography.io, as pycrypto appears to be unmaintained
- version 20191203
* image_export now supports json output
- version 20190531
* added new event and path filtering
- version 20181219
* added APFS support
- version 20180930
* added python 3 support
* migrated binary file processing to drfabrick
- update to 20171231
* includes the new psteal supervisor program. All users should consider using psteal
* upstream had changed to using dates for release numbers
* events are now represented via the new dfDateTime library
* preparing for a switch to a SQL backend
* significant effort has been spent on automated testing
* For addition release notes:
See http://blog.kiddaland.net/2017/10/drink-joyful-good-mead-plaso-20170925.html
- There is no storage compatibility with databases created with older releases
- prepare for python2/python3 support
- In Requires: lines for libyal python bindings, use the python-lib* variant of the package
Python singlespec automatically converts that to python2 / python3 as appropriate
- Rename dependency OleFileIO_PL to python-olefile
- Update Dependency on python-PyYAML: this package had been renamed
a long time ago to follow the naming convention. The compat
symbol 'python-yaml' was lost with the migration to singlespec.
- update to v1.5.1
* add support for Sleuthkit 4.4.0
* Requires recent python-tsk
- fix a major bug where the front-end files were being removed.
* Apparently there was old plaso install bug that installed 2 copies
- change python-construct require to only accept v2.5.2. Testing showed 2.5.5 was incompatible.
- require python-efilter >= 1.1.5 to fix a bug found in testing
- update to v1.5.0 (Gna)
* See release announcement for details:
- http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html
- DC3 - The DoD Computer Foresics Lap made significant contributions to plaso 1.5
- Add Requires: pyscca, pyfvde, python-dfwinreg, python-efilter, python-yara
- Update Source: tag to the new location
- Change capitalization of xlsxwriter to XlsxWriter
- Add GITHUB_version tag to allow pre-release testing
- remove python-psutil < 3.0 restriction
- update to v1.4.0
* See release announcement for details:
- http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html
* New features
- Parsers for $MFT and the NTFS USN change journal
- Docker file
- ZeroMQ
- File content hashing is now on by default
- Window status view now on by default for non-Windows OS’. log2timeline has a new look.
- A new parser for client-local SCCM logs
- An XSLX output module, for writing events directly to a file readable with Microsoft Excel
- Distributed link tracking support in the winlnk parser
- The Windows Registry handling functionality has been moved to a separate submodule
- Add Requires: libzmq5 >= 4.1.2
- Add Requires: python-protobuf
- Add Requires: python-xlsxwriter
- Add Requires: artifacts-validator instead of just artifacts
- Add Requires: python-requests
- Add Requires: pybde
- Add Requires: pyfsntfs
- Add Requires: pysmraw
- Add Require pyesedb >= 20150409
- Add Recommends: python-mock # Used by internal test suite
- Require libewf2 = 0~20140608 # Newer versions are buggy
- Require pyewf = 0~20140608 # Newer versions are buggy
- Require pyesedb >= 20150409
- Require pyevtx >= 20160107
- Require pylnk >= 20150830
- Require pyolecf >= 20160107
- Require python-dfVFS >= 20160108
- Require python-psutil < 3.0.0 # Not yet compatible with newer psutil
- remove references to subdir winreg
- Add removal of duplicate files %{buildroot}/usr/share/doc/plaso/ACKNOWLEDGEMENTS, etc
- update to v1.3.0
* Numerous new features
* See http://blog.kiddaland.net/2015/07/bringing-end-to-sorrow-new-plaso-release.html
* Major stability improvements
- add /usr/share/plaso as a data directory
- add requires python-pefile >= 1.2.1+139
- add requires pysigscan
- require recent python-dateutils
- remove frontend test files. They have been isolated by upstream.
- remove frontend/plasm, plasm.py, pprof.py, pshell.ph Removed by upstream
- add a openSUSE 13.1 workaround for a unicode bug
- update minimum depency versions
- add a loop to force %py_compile - getting an rpmlint warning without this
- Make iPython a requirement, not a recommendation.
* It is needed for preg and pshell
* version 1.2.1 or newer is required
- update to v1.2.0
* Increased stabiity, less memory, faster extraction
* Fixed excessive momory consusmption bugs
* Source scanner moved from plaso to dfVFS
* New JSON storage back-end available for testing only
* preg overhauled
* New parsers and plug-ins
- update some Requires tag version levels to agree with check_dependencies
- remove #DL_URL field and make #Source a full URL
- added "internal_version" macro useful when building git code
- Added Requires: pyfwsi
- add numerous lines to %prep to eliminate shebang lines which rpmlint was complaining about
- add check_dependencies.py to the %doc files so users can check their own dependencies
- remove frontend python files that are in both /usr/bin and under the python tree structure
- remove other unneeded python files instead of excluding them. Do this prior to calling fdupes
- add explicit "%py_compile ." to resolve rpmlint complaint about datestamps not matching
- update to v1.1.0
* This is a major update
* See the announcement at http://blog.kiddaland.net/2014/06/what-is-one-to-say-about-june-time-of.html
* Highlights
** the ability to read the storage media image formats EWF, QCOW, VHD and VMDK, besides RAW;
** improved existing parsers and plugins, e.g. multi volume support in the Windows Prefetch parser;
** various additional parsers and plugins;
** new features.
- change Requires to use upstream naming where we can
- change Requires to use recent version of core python modules
- correct Requires: py* lines to have the 0~ at the start of the version
* For normal symbols, the 0~ is required NOT to be present, but is required on these
- Add all remaining dependencies that plaso v1.1.0 can leverage at run time
* add Requires: pyesedb since it is now in OBS
* add Requires: pyqcow since it is now in OBS
* add Requires: pyvmdk since it is now in OBS
* add Requires: pyvhdi since it is now in OBS
* Add Requires: python-bencode since it is now in OBS
- remove %attr(755...) line and instead use sed to remove #!/usr/bin/python from *py files
- specfile cleanup
-- added %doc directive
-- added fdupes call
-- fixes a few permissions issues reported by rpmlint
-- ran spec-cleaner
- update to v1.0.2
* Lots of upstream development
* Several new parsers
* first support of TSK v4.1
* improvements in export_image.py
* For detaiils see http://blog.kiddaland.net/2013/10/halloween-brings-with-it-riding-witches.html
- reverse hack associated with plaso in a sub-folder. Now handled properly by upstream
- remove support of openSUSE 11.1 and older
- add requires for OleFileIO_PL
- add requires for python-libolecf
- add requires for python-binplist
- add requires for python-construct
- add requires for python-dpkt
- add requires for python-pyparsing
- quit using the --record-files feature to know what files to put in the %files section
- update to v1.0.1alpha
- update build and install to handle upstream change to have plaso in a sub-folder
- initial build
OBS-URL: https://build.opensuse.org/request/show/792777
OBS-URL: https://build.opensuse.org/package/show/security:forensics/python-plaso?expand=0&rev=31
2020-04-09 16:27:27 +00:00
|
|
|
chmod -x utils/check_dependencies.py
|
2020-02-04 12:33:47 +00:00
|
|
|
# sed -i "/#!\/usr\/bin\/env python/d" plaso/lib/objectfilter*.py
|
|
|
|
|
# sed -i "/#!\/usr\/bin\/python/d" plaso/frontend/__init__.py
|
|
|
|
|
# sed -i "/#!\/usr\/bin\/python/d" plaso/frontend/frontend.py
|
|
|
|
|
# sed -i "/#!\/usr\/bin\/python/d" plaso/__init__.py
|
2020-02-04 09:39:00 +00:00
|
|
|
|
|
|
|
|
%build
|
2020-02-04 12:33:47 +00:00
|
|
|
%python_build
|
2020-02-04 09:39:00 +00:00
|
|
|
|
|
|
|
|
%install
|
2020-02-04 12:33:47 +00:00
|
|
|
%python_install
|
|
|
|
|
%{python_expand %fdupes %{buildroot}%{$python_sitelib} }
|
2020-02-04 09:39:00 +00:00
|
|
|
|
|
|
|
|
%check
|
|
|
|
|
# this would require all the "#requires" packages to be installed. They aren't.
|
|
|
|
|
#python utils/check_dependencies.py
|
|
|
|
|
|
2020-02-04 12:33:47 +00:00
|
|
|
|
2024-01-27 21:26:05 +00:00
|
|
|
%files -n plaso-base
|
2020-02-04 12:33:47 +00:00
|
|
|
%license LICENSE
|
|
|
|
|
%doc ACKNOWLEDGEMENTS AUTHORS
|
2020-02-04 09:39:00 +00:00
|
|
|
%doc utils/check_dependencies.py
|
2020-02-04 12:33:47 +00:00
|
|
|
%{_datadir}/plaso
|
2020-02-04 09:39:00 +00:00
|
|
|
%{_bindir}/image_export.py
|
|
|
|
|
%{_bindir}/log2timeline.py
|
|
|
|
|
%{_bindir}/pinfo.py
|
|
|
|
|
%{_bindir}/psort.py
|
2020-02-04 12:33:47 +00:00
|
|
|
%{_bindir}/psteal.py
|
2020-02-04 09:39:00 +00:00
|
|
|
|
2024-01-27 21:26:05 +00:00
|
|
|
%files %{python_files}
|
|
|
|
|
%license LICENSE
|
|
|
|
|
%doc ACKNOWLEDGEMENTS AUTHORS
|
|
|
|
|
%{python_sitelib}/plaso-%{version}-py%{python_version}.egg-info
|
|
|
|
|
%{python_sitelib}/plaso
|
|
|
|
|
%{python_sitelib}/tools
|
Accepting request 792777 from home:gregfreemyer:Tools-for-forensic-boot-cd
- update to version 20200227
* Changes to handle multi string Windows computer name value #2819 (#2820)
* Removed 4n6time output modules #2809 (#2810)
* Changes Elasticsearch output module to support version 7 (#2830)
* Various small updates to file processors
- add reguires python-libluksde
- convert to new python singlespec syntax
- ran spec-cleaner
- add python3 support and drop python 2 builds
- update to version 20200121
* first openSUSE update in 2 years
* see release announcements: http://blog.kiddaland.net
* removal of Python 2.7 and 3.4 support
* Migration to Cryptography.io, as pycrypto appears to be unmaintained
- version 20191203
* image_export now supports json output
- version 20190531
* added new event and path filtering
- version 20181219
* added APFS support
- version 20180930
* added python 3 support
* migrated binary file processing to drfabrick
- update to 20171231
* includes the new psteal supervisor program. All users should consider using psteal
* upstream had changed to using dates for release numbers
* events are now represented via the new dfDateTime library
* preparing for a switch to a SQL backend
* significant effort has been spent on automated testing
* For addition release notes:
See http://blog.kiddaland.net/2017/10/drink-joyful-good-mead-plaso-20170925.html
- There is no storage compatibility with databases created with older releases
- prepare for python2/python3 support
- In Requires: lines for libyal python bindings, use the python-lib* variant of the package
Python singlespec automatically converts that to python2 / python3 as appropriate
- Rename dependency OleFileIO_PL to python-olefile
- Update Dependency on python-PyYAML: this package had been renamed
a long time ago to follow the naming convention. The compat
symbol 'python-yaml' was lost with the migration to singlespec.
- update to v1.5.1
* add support for Sleuthkit 4.4.0
* Requires recent python-tsk
- fix a major bug where the front-end files were being removed.
* Apparently there was old plaso install bug that installed 2 copies
- change python-construct require to only accept v2.5.2. Testing showed 2.5.5 was incompatible.
- require python-efilter >= 1.1.5 to fix a bug found in testing
- update to v1.5.0 (Gna)
* See release announcement for details:
- http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html
- DC3 - The DoD Computer Foresics Lap made significant contributions to plaso 1.5
- Add Requires: pyscca, pyfvde, python-dfwinreg, python-efilter, python-yara
- Update Source: tag to the new location
- Change capitalization of xlsxwriter to XlsxWriter
- Add GITHUB_version tag to allow pre-release testing
- remove python-psutil < 3.0 restriction
- update to v1.4.0
* See release announcement for details:
- http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html
* New features
- Parsers for $MFT and the NTFS USN change journal
- Docker file
- ZeroMQ
- File content hashing is now on by default
- Window status view now on by default for non-Windows OS’. log2timeline has a new look.
- A new parser for client-local SCCM logs
- An XSLX output module, for writing events directly to a file readable with Microsoft Excel
- Distributed link tracking support in the winlnk parser
- The Windows Registry handling functionality has been moved to a separate submodule
- Add Requires: libzmq5 >= 4.1.2
- Add Requires: python-protobuf
- Add Requires: python-xlsxwriter
- Add Requires: artifacts-validator instead of just artifacts
- Add Requires: python-requests
- Add Requires: pybde
- Add Requires: pyfsntfs
- Add Requires: pysmraw
- Add Require pyesedb >= 20150409
- Add Recommends: python-mock # Used by internal test suite
- Require libewf2 = 0~20140608 # Newer versions are buggy
- Require pyewf = 0~20140608 # Newer versions are buggy
- Require pyesedb >= 20150409
- Require pyevtx >= 20160107
- Require pylnk >= 20150830
- Require pyolecf >= 20160107
- Require python-dfVFS >= 20160108
- Require python-psutil < 3.0.0 # Not yet compatible with newer psutil
- remove references to subdir winreg
- Add removal of duplicate files %{buildroot}/usr/share/doc/plaso/ACKNOWLEDGEMENTS, etc
- update to v1.3.0
* Numerous new features
* See http://blog.kiddaland.net/2015/07/bringing-end-to-sorrow-new-plaso-release.html
* Major stability improvements
- add /usr/share/plaso as a data directory
- add requires python-pefile >= 1.2.1+139
- add requires pysigscan
- require recent python-dateutils
- remove frontend test files. They have been isolated by upstream.
- remove frontend/plasm, plasm.py, pprof.py, pshell.ph Removed by upstream
- add a openSUSE 13.1 workaround for a unicode bug
- update minimum depency versions
- add a loop to force %py_compile - getting an rpmlint warning without this
- Make iPython a requirement, not a recommendation.
* It is needed for preg and pshell
* version 1.2.1 or newer is required
- update to v1.2.0
* Increased stabiity, less memory, faster extraction
* Fixed excessive momory consusmption bugs
* Source scanner moved from plaso to dfVFS
* New JSON storage back-end available for testing only
* preg overhauled
* New parsers and plug-ins
- update some Requires tag version levels to agree with check_dependencies
- remove #DL_URL field and make #Source a full URL
- added "internal_version" macro useful when building git code
- Added Requires: pyfwsi
- add numerous lines to %prep to eliminate shebang lines which rpmlint was complaining about
- add check_dependencies.py to the %doc files so users can check their own dependencies
- remove frontend python files that are in both /usr/bin and under the python tree structure
- remove other unneeded python files instead of excluding them. Do this prior to calling fdupes
- add explicit "%py_compile ." to resolve rpmlint complaint about datestamps not matching
- update to v1.1.0
* This is a major update
* See the announcement at http://blog.kiddaland.net/2014/06/what-is-one-to-say-about-june-time-of.html
* Highlights
** the ability to read the storage media image formats EWF, QCOW, VHD and VMDK, besides RAW;
** improved existing parsers and plugins, e.g. multi volume support in the Windows Prefetch parser;
** various additional parsers and plugins;
** new features.
- change Requires to use upstream naming where we can
- change Requires to use recent version of core python modules
- correct Requires: py* lines to have the 0~ at the start of the version
* For normal symbols, the 0~ is required NOT to be present, but is required on these
- Add all remaining dependencies that plaso v1.1.0 can leverage at run time
* add Requires: pyesedb since it is now in OBS
* add Requires: pyqcow since it is now in OBS
* add Requires: pyvmdk since it is now in OBS
* add Requires: pyvhdi since it is now in OBS
* Add Requires: python-bencode since it is now in OBS
- remove %attr(755...) line and instead use sed to remove #!/usr/bin/python from *py files
- specfile cleanup
-- added %doc directive
-- added fdupes call
-- fixes a few permissions issues reported by rpmlint
-- ran spec-cleaner
- update to v1.0.2
* Lots of upstream development
* Several new parsers
* first support of TSK v4.1
* improvements in export_image.py
* For detaiils see http://blog.kiddaland.net/2013/10/halloween-brings-with-it-riding-witches.html
- reverse hack associated with plaso in a sub-folder. Now handled properly by upstream
- remove support of openSUSE 11.1 and older
- add requires for OleFileIO_PL
- add requires for python-libolecf
- add requires for python-binplist
- add requires for python-construct
- add requires for python-dpkt
- add requires for python-pyparsing
- quit using the --record-files feature to know what files to put in the %files section
- update to v1.0.1alpha
- update build and install to handle upstream change to have plaso in a sub-folder
- initial build
OBS-URL: https://build.opensuse.org/request/show/792777
OBS-URL: https://build.opensuse.org/package/show/security:forensics/python-plaso?expand=0&rev=31
2020-04-09 16:27:27 +00:00
|
|
|
|
2024-01-27 21:26:05 +00:00
|
|
|
%changelog
|
