Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Factory:Rebuild
volatility3
volatility3.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File volatility3.changes of Package volatility3
------------------------------------------------------------------- Fri May 3 19:46:00 UTC 2024 - Matej Cepl <mcepl@cepl.eu> - Rewrite of the Python packaging not to use superfluous %python_subpackages. - Upgrade to 2.5.2: New Layers: Amazon S3 support Google Cloud Storage support New plugins: linux.vmayarascan windows.mftscan.ads New features: Dumping of Elf files added to the elfs plugin Better support for remote ISF directories - Upgrade to 2.5.0: New plugins: Linux capabilities plugin Linux process dumping Add support for Xen ELF file format Improved Linux subsystem support - Upgrade to 2.4.1: New plugins: linux.sockstat linux.iomem linux.psscan linux.envars windows.drivermodule windows.vadwalk Pid filtering for Windows pstree plugin Minor fixes for Windows callbacks plugin Minimum Python version was increased to 3.7 Python-snappy dependency was replaced with ctypes to ease installation Whole codebase was reformatted with black - Upgrade to 2.4.0: For the 2.4.0 release, the major version has jumped a few numbers for compatibility, but this is the next release including the following: New plugins linux.mountinfo linux.psaux windows.devicetree windows.joblinks windows.ldrmodules windows.mbrscan windows.mftscan windows.sessions Introduced the concept of modules and module requirements Unified symbol handling and ISF file caching between OS versions Better QEVM support (fixed the QEMU PCI hole) Exposed an API for automatic PDB symbol table use ------------------------------------------------------------------- Fri Jun 10 01:35:22 UTC 2022 - Greg Freemyer <Greg.Freemyer@gmail.com> - update to v2.0.1 - New plugins such as: - Windows networking plugins - Windows crashinfo and skeleton_key_check - Linux kmsg plugin - New layers: AVML and LeechCore - QEMU layer performance optimization - Improved access to Windows library symbols - Better offline and remote support - Improved documentation - Improved working with python requirements - Drop support for python 3.5 - changed source to -- Source: v%{version}.tar.gz - add multi-python build support - add - Obsoletes: volatility3 < %{version} - Provides: volatility3 = %{version} ------------------------------------------------------------------- Wed Aug 19 11:58:40 UTC 2020 - hpj@urpla.net - Update to version v1.0.0~git.20200818T091513.73f3c217: - too many to list here. See: https://github.com/volatilityfoundation/volatility3/compare/v1.0.0-beta.1...master - Switch to tar_scm _service (disabled) - Add more requirements ------------------------------------------------------------------- Sat May 2 22:09:34 UTC 2020 - Greg Freemyer <Greg.Freemyer@gmail.com> - update to volatility3 version v1.0.0-beta.1 - this is a major rewrite of python-volatility to be python3 compatible - note that the update is so complete, a new name is provided by upstream and the version number is reset to v1.0.0 - obsolete python-volatility (the python 2 version) - update license to - License: BSD-2-Clause-Patent and CC-PDDC ------------------------------------------------------------------- Tue Dec 18 16:04:43 UTC 2018 - atoptsoglou@suse.com -Update to 2.6.1: *fix local variable 'all_zeros' referenced before assignment --------------------------------------------------------------- Thu Apr 20 11:35:00 UTC 2017 - jengelh@inai.de - Trim description of irrelevant stuff ------------------------------------------------------------------- Mon Apr 17 10:48:57 UTC 2017 - Greg.Freemyer@gmail.com - update to v2.6 * Enhanced support for Windows 10 (including 14393.447) * Added new profiles for recently patched Windows 7, Windows 8, and Server 2012 * Optimized page table enumeration and scanning algorithms, especially on 64-bit Windows 10 * Added support for carving Internet Explorer 10 history records * Added support for memory dumps from the most recent VirtualBox version * Updated the svcscan plugin to show FailureCommand (the command that runs when a service fails to start multiple times) * Add APIs to paged address spaces (x86 and x64) to allow easy lookups of PTE flags (i.e. writeable, no-exec, supervisor, copy-on-write) * Add support for tagging Mac memory ranges as heaps, stacks, etc. * Add plugins for checking Mac file operation pointers, C++ classes in the kernel, IOKit interest handlers, timers set by kernel drivers, and enumeration of processes that filter file system events * Add support for KASLR Linux kernels - add %{_docdir}/python-volatility to %files to fix factory build failure - add obsoletes: volatility <= 2.4 as the package was renamed ------------------------------------------------------------------- Thu Feb 11 03:54:06 UTC 2016 - Greg.Freemyer@gmail.com - update to v2.5 * Windows memory dump analysis Added profiles for Windows 8.1 Update 1 Added basic support for Windows 10 New plugin to print AmCache information from the registry (amcache) New plugin to dump registry files to disk (dumpregistry) New plugin to detect hidden/unlinked service record structures (servicediff) New plugin to print the shutdown time from the registry (shutdowntime) New plugin to print editbox controls from the GUI subsystem (editbox) Malfind plugin detects injected code with erased PE headers Imagecopy and raw2dmp can display the number of bytes copied or converted Fix an issue with the memmap and memdump offsets being inconsistent Fix an issue with vadtree's graphviz fill colors not being rendered by some viewers Update the well known SIDs reported by the getsids plugin Add an optional --max-size parameter to yarascan, dump_maps, etc Fix an issue translating strings in PAE and x64 images Add options to yarascan for case-insensitive search Add options to yarascan to scan process and kernel memory at once * Mac OSX memory dump analysis Added profiles and support for Mac 10.10 Yosemite and 10.11 El Capitan New plugin to print and extract compressed swap data (mac_compressed_swap) New plugin to automatically detect Mac OS X profiles (mac_get_profile) New plugin(s) to report Kauth scopes and listeners (mac_list_kauth_scopes | listeners) New plugin to identify applications with promiscuous sockets (mac_list_raw) New plugin to find hidden threads (mac_orphan_threads) New plugin to print process environment variables (mac_psenv) New plugin to print basic and complex thread data (mac_threads, mac_threads_simple) * Linux/Android memory dump analysis Addd support for Linux kernels up to 4.2.3 New plugin to print Linux dynamic environment variables (linux_dynamic_env) New plugin to print the current working directory of processes (linux_getcwd) New plugin to carve for network connection structures (linux_netscan) Speed improvements to various plugins Improve handling of mprotect() Linux memory regions -update specfile to match file placement from fedora v2.4 specfile ------------------------------------------------------------------- Thu Sep 25 20:12:57 UTC 2014 - Greg.Freemyer@gmail.com - update to v2.4 * As of Volatility 2.4, all changes are now tracked on the GitHub site: https://github.com/volatilityfoundation/volatility * Volatility 2.0-2.3: all changes were tracked on the Google Code site: http://code.google.com/p/volatility/source/list - specfile cleanup ------------------------------------------------------------------- Tue Feb 7 00:19:04 UTC 2012 - Greg.Freemyer@gmail.com - initial package An advanced memory forensics framework
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor