security-forensics/python-plaso
SHA256
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0a65b5d8e41fdd4b8ec88ed201114a79d1ce9ebd99b8d05e73405151f9aaff96
python-plaso/python-plaso.changes
Greg Freemyer 0a65b5d8e4 Accepting request 981366 from home:gregfreemyer:Tools-for-forensic-boot-cd 
-remove BuildRequires:  %{python_module pbr}   -- no longer needed
-remove BuildRequires:  %{python_module devel} -- no longer needed

OBS-URL: https://build.opensuse.org/request/show/981366
OBS-URL: https://build.opensuse.org/package/show/security:forensics/python-plaso?expand=0&rev=39
2022-06-08 17:57:21 +00:00

286 lines
14 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
-------------------------------------------------------------------
Wed Jun 8 16:33:35 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
-remove BuildRequires: %{python_module pbr} -- no longer needed
-remove BuildRequires: %{python_module devel} -- no longer needed
-------------------------------------------------------------------
Wed Jun 1 20:04:50 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20220428
* The 20220428 release did not come with release note. The previous 5 are at:
* https://osdfir.blogspot.com/2021/02/plaso-20210213-released.html
* https://osdfir.blogspot.com/2021/04/plaso-20210412-released.html
* https://osdfir.blogspot.com/2021/06/plaso-20210606-released.html
* https://osdfir.blogspot.com/2021/10/plaso-20211024-released.html
* https://osdfir.blogspot.com/2021/10/plaso-20211024-released.html
* Key notes from the above
* Beggining migration from elasticsearch to opensearch
* Initial support to directly read from Mac OS disk images (.dmg, .sparseimage, .sparsebundle) (#3540).
- added requires python-defusedxml
- remove references to non-existing folders from for loop that preps the source code folder.
- add %define pythons python38
-- Trying to bulid python38, python39, python310 is failing for unknown reasons
-------------------------------------------------------------------
Thu Dec 24 22:52:27 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20201007
* The Elasticsearch output module now includes default type mappings thanks to @william-billaud.
This avoids fields containing both numbers and text being misinterpreted by Elasticsearch.
* A new parser containing initial support for Spotlight store database (store.db) files.
* libfsext/pytfsext has been added as an experimental feature to overcome shortcomings in the pytsk ext implementation. Use the `--vfs-back-end=fsext` option to use libfsext instead of SleuthKit.
* Log2timeline will now not attempt to extract events from MacOS sleep and swap files.
- from version 20200630
* new unattended mode
* The linear status view now shows more information about the overall processing status
* Time zone handling was overhauled. There are now two separate timezone-related options:
`--timezone` indicates the time zone of the source data, and will be used when Plaso cant determine the appropriate time zone automatically.
`--output_time_zone` specifies a time zone to use when outputting events. This is currently only supported by the dynamic and l2tcsv output modules.
* There are some new additions to the Windows and Linux tag files, courtesy of pyllyukko@
* Its now possible to specify an elasticsearch password on the command line thanks to new contributor william-billaud@. Note that this password will be visible to anyone who is able to list running processes, so be careful about using this on any shared system.
* New parsers / supported data formats:
Apple's Transparency, Consent, and Control (TCC) SQlite database.
Google Log (glog) files.
-------------------------------------------------------------------
Sun Apr 5 22:28:32 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com>
- update to version 20200227
* Changes to handle multi string Windows computer name value #2819 (#2820)
* Removed 4n6time output modules #2809 (#2810)
* Changes Elasticsearch output module to support version 7 (#2830)
* Various small updates to file processors
- add reguires python-libluksde
-------------------------------------------------------------------
Mon Jan 27 13:14:15 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com>
- convert to new python singlespec syntax
- ran spec-cleaner
- add python3 support and drop python 2 builds
- update to version 20200121
* first openSUSE update in 2 years
* see release announcements: http://blog.kiddaland.net
* removal of Python 2.7 and 3.4 support
* Migration to Cryptography.io, as pycrypto appears to be unmaintained 
- version 20191203
* image_export now supports json output
- version 20190531
* added new event and path filtering
- version 20181219
* added APFS support
- version 20180930
* added python 3 support
* migrated binary file processing to drfabrick
-------------------------------------------------------------------
Mon Jan 8 23:23:09 UTC 2018 - Greg.Freemyer@gmail.com
- update to 20171231
* includes the new psteal supervisor program. All users should consider using psteal
* upstream had changed to using dates for release numbers
* events are now represented via the new dfDateTime library
* preparing for a switch to a SQL backend
* significant effort has been spent on automated testing
* For addition release notes:
See http://blog.kiddaland.net/2017/10/drink-joyful-good-mead-plaso-20170925.html
- There is no storage compatibility with databases created with older releases
-------------------------------------------------------------------
Wed Oct 4 20:57:03 UTC 2017 - Greg.Freemyer@gmail.com
- prepare for python2/python3 support
- In Requires: lines for libyal python bindings, use the python-lib* variant of the package
Python singlespec automatically converts that to python2 / python3 as appropriate
-------------------------------------------------------------------
Tue May 2 10:15:01 UTC 2017 - Greg.Freemyer@gmail.com
- Rename dependency OleFileIO_PL to python-olefile
-------------------------------------------------------------------
Thu Mar 2 22:25:11 UTC 2017 - dimstar@opensuse.org
- Update Dependency on python-PyYAML: this package had been renamed
a long time ago to follow the naming convention. The compat
symbol 'python-yaml' was lost with the migration to singlespec.
-------------------------------------------------------------------
Sat Feb 25 21:25:22 UTC 2017 - Greg.Freemyer@gmail.com
- update to v1.5.1
* add support for Sleuthkit 4.4.0
* Requires recent python-tsk
-------------------------------------------------------------------
Wed Feb 15 13:34:35 UTC 2017 - Greg.Freemyer@gmail.com
- fix a major bug where the front-end files were being removed.
* Apparently there was old plaso install bug that installed 2 copies
- change python-construct require to only accept v2.5.2. Testing showed 2.5.5 was incompatible.
-------------------------------------------------------------------
Mon Oct 3 23:02:50 UTC 2016 - Greg.Freemyer@gmail.com
- require python-efilter >= 1.1.5 to fix a bug found in testing
-------------------------------------------------------------------
Sun Sep 25 02:08:05 UTC 2016 - Greg.Freemyer@gmail.com
- update to v1.5.0 (Gna)
* See release announcement for details:
- http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html
- DC3 - The DoD Computer Foresics Lap made significant contributions to plaso 1.5
- Add Requires: pyscca, pyfvde, python-dfwinreg, python-efilter, python-yara
- Update Source: tag to the new location
- Change capitalization of xlsxwriter to XlsxWriter
- Add GITHUB_version tag to allow pre-release testing
- remove python-psutil < 3.0 restriction
-------------------------------------------------------------------
Tue Jan 26 03:38:52 UTC 2016 - Greg.Freemyer@gmail.com
- update to v1.4.0
* See release announcement for details:
- http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html
* New features
- Parsers for $MFT and the NTFS USN change journal
- Docker file
- ZeroMQ
- File content hashing is now on by default
- Window status view now on by default for non-Windows OS. log2timeline has a new look.
- A new parser for client-local SCCM logs
- An XSLX output module, for writing events directly to a file readable with Microsoft Excel
- Distributed link tracking support in the winlnk parser
- The Windows Registry handling functionality has been moved to a separate submodule
- Add Requires: libzmq5 >= 4.1.2
- Add Requires: python-protobuf
- Add Requires: python-xlsxwriter
- Add Requires: artifacts-validator instead of just artifacts
- Add Requires: python-requests
- Add Requires: pybde
- Add Requires: pyfsntfs
- Add Requires: pysmraw
- Add Require pyesedb >= 20150409
- Add Recommends: python-mock # Used by internal test suite
- Require libewf2 = 0~20140608 # Newer versions are buggy
- Require pyewf = 0~20140608 # Newer versions are buggy
- Require pyesedb >= 20150409
- Require pyevtx >= 20160107
- Require pylnk >= 20150830
- Require pyolecf >= 20160107
- Require python-dfVFS >= 20160108
- Require python-psutil < 3.0.0 # Not yet compatible with newer psutil
- remove references to subdir winreg
- Add removal of duplicate files %{buildroot}/usr/share/doc/plaso/ACKNOWLEDGEMENTS, etc
-------------------------------------------------------------------
Wed Aug 12 22:35:58 UTC 2015 - Greg.Freemyer@gmail.com
- update to v1.3.0
* Numerous new features
* See http://blog.kiddaland.net/2015/07/bringing-end-to-sorrow-new-plaso-release.html
* Major stability improvements
- add /usr/share/plaso as a data directory
- add requires python-pefile >= 1.2.1+139
- add requires pysigscan
- require recent python-dateutils
- remove frontend test files. They have been isolated by upstream.
- remove frontend/plasm, plasm.py, pprof.py, pshell.ph Removed by upstream
- add a openSUSE 13.1 workaround for a unicode bug
- update minimum depency versions
- add a loop to force %py_compile - getting an rpmlint warning without this
-------------------------------------------------------------------
Mon Jan 12 16:46:29 UTC 2015 - Greg.Freemyer@gmail.com
- Make iPython a requirement, not a recommendation.
* It is needed for preg and pshell
* version 1.2.1 or newer is required
-------------------------------------------------------------------
Mon Dec 22 20:32:35 UTC 2014 - Greg.Freemyer@gmail.com
- update to v1.2.0
* Increased stabiity, less memory, faster extraction
* Fixed excessive momory consusmption bugs
* Source scanner moved from plaso to dfVFS
* New JSON storage back-end available for testing only
* preg overhauled
* New parsers and plug-ins
- update some Requires tag version levels to agree with check_dependencies
- remove #DL_URL field and make #Source a full URL
- added "internal_version" macro useful when building git code
- Added Requires: pyfwsi
- add numerous lines to %prep to eliminate shebang lines which rpmlint was complaining about
- add check_dependencies.py to the %doc files so users can check their own dependencies
- remove frontend python files that are in both /usr/bin and under the python tree structure
- remove other unneeded python files instead of excluding them. Do this prior to calling fdupes
- add explicit "%py_compile ." to resolve rpmlint complaint about datestamps not matching
-------------------------------------------------------------------
Sat Aug 23 21:37:25 UTC 2014 - Greg.Freemyer@gmail.com
- update to v1.1.0
* This is a major update
* See the announcement at http://blog.kiddaland.net/2014/06/what-is-one-to-say-about-june-time-of.html
* Highlights
** the ability to read the storage media image formats EWF, QCOW, VHD and VMDK, besides RAW;
** improved existing parsers and plugins, e.g. multi volume support in the Windows Prefetch parser;
** various additional parsers and plugins;
** new features.
- change Requires to use upstream naming where we can
- change Requires to use recent version of core python modules
- correct Requires: py* lines to have the 0~ at the start of the version
* For normal symbols, the 0~ is required NOT to be present, but is required on these
- Add all remaining dependencies that plaso v1.1.0 can leverage at run time
* add Requires: pyesedb since it is now in OBS
* add Requires: pyqcow since it is now in OBS
* add Requires: pyvmdk since it is now in OBS
* add Requires: pyvhdi since it is now in OBS
* Add Requires: python-bencode since it is now in OBS
- remove %attr(755...) line and instead use sed to remove #!/usr/bin/python from *py files
-------------------------------------------------------------------
Fri May 30 18:38:10 UTC 2014 - Greg.Freemyer@gmail.com
- specfile cleanup
-- added %doc directive
-- added fdupes call
-- fixes a few permissions issues reported by rpmlint
-- ran spec-cleaner
-------------------------------------------------------------------
Mon Oct 15 15:29:29 UTC 2013 - Greg.Freemyer@gmail.com
- update to v1.0.2
* Lots of upstream development
* Several new parsers
* first support of TSK v4.1
* improvements in export_image.py
* For detaiils see http://blog.kiddaland.net/2013/10/halloween-brings-with-it-riding-witches.html
- reverse hack associated with plaso in a sub-folder. Now handled properly by upstream
- remove support of openSUSE 11.1 and older
- add requires for OleFileIO_PL
- add requires for python-libolecf
- add requires for python-binplist
- add requires for python-construct
- add requires for python-dpkt
- add requires for python-pyparsing
- quit using the --record-files feature to know what files to put in the %files section
-------------------------------------------------------------------
Wed Apr 24 03:12:20 UTC 2013 - Greg.Freemyer@gmail.com
- update to v1.0.1alpha
- update build and install to handle upstream change to have plaso in a sub-folder
-------------------------------------------------------------------
Tue Mar 26 23:12:58 UTC 2013 - Greg.Freemyer@gmail.com
- initial build
Reference in New Issue View Git Blame Copy Permalink