[pkgsrc/trunk]: pkgsrc/security/sleuthkit (Trimmed down commit message, but i...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/security/sleuthkit (Trimmed down commit message, but i...
From: pettai <pettai%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 15:33:50 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/aa9b611e0a08
branches:  trunk
changeset: 631809:aa9b611e0a08
user:      pettai <pettai%pkgsrc.org@localhost>
date:      Thu Mar 13 23:41:31 2014 +0000

description:
(Trimmed down commit message, but it's still huge to be able
 to cover all releases in this update...)

---------------- VERSION 4.1.3 --------------
- fixed bug that could crash UFS/ExtX in inode_lookup.
- More bounds checking in ISO9660 code
- Image layer bounds checking
- Update version of SQLITE-JDBC
- Config file for YAFFS2 spare area
- New method in image layer to return names
- Yaffs2 cleanup.
- Escape all strings in SQLite database
- SQlite code uses NTTFS sequence number to match parent IDs

---------------- VERSION 4.1.2 --------------
Core:
- TskAutoDB considers not finding a VS/FS a critical error.

---------------- VERSION 4.1.1 --------------
Core:
- Added FILE_SHARE_WRITE to all windows open calls.
- removed unused methods in CRC code that caused compile errors.
- Added NTFS FNAME times to time2 struct in TSK_FS_META to make them
  easier to access -- should have done this a long time ago!
- fls -m and tsk_gettimes output NTFS FNAME times to output for timelines.
- hfind with EnCase hashsets works when DB is specified (and not only index)
- TskAuto now goes into UNALLOC partitions by default too.
- Added support to automatically find all Cellebrite raw dump files given
  the name of the first image.
- Added NTFS sequence to parent address in directory and directory itself.
- Updated SQLite code to use sequence when finding parent object ID.

---------------- VERSION 4.1.0 --------------
Core:
- Added YAFFS2 support (patch from viaForensics).
- Added Ext4 support (patch from kfairbanks)
- changed all include paths to be 'tsk' instead of 'tsk3'
-- IMPORTANT FOR ALL DEVELOPERS!

---------------- VERSION 4.0.2 --------------
New Features:
- Added fiwalk tool from Simson.  Not supported in Visual Studio yet.

---------------- VERSION 4.0.1 --------------
New Features:
- Can open raw Windows devices with write mode sharing.
- More DOS partition types are displayed.
- Added fcat tool that takes in file name and exports content (equivalent to using ifind and icat together).
- Added new API to TskImgDB that returns hash value associated with carved files.
- performance improvements with FAT code (maps and dir_add)
- performance improvements with NTFS code (maps)
- added AONLY flag to block_walk
- Updated blkls and blkcalc to use AONLY flag -- MUCH faster.

---------------- VERSION 4.0.0 --------------
New Features:
- Added multithreaded support
- Added C++ wrapper classes
- Added JNI bindings / Java data model classes
- 3314047: Added utf8-specific versions of 'toid' methods for img,vs,fs types
- 3184429: More consistent printing of unset times (all zerso instead of 1970)
- New database design that allows for multiple images in the same database
- GPT volume system tries other sector sizes if first attempt fails.
- Added hash calculation and lookup to AutoDB and JNI.
- Upgraded SQLite to 3.7.9.
- EnCase hash support
- Libewf v2 support (it is now non-beta)
- First file in a raw split or E01 can be specified and the rest of the files
  are found.
- mactime displays times as 0 if the time is not set (isntead of 1970)
- Changed behavior of 'mactime -y' to use ISO8601 format.
- Updated HFS+ code from ATC-NY.
- FAT orphan file improvements to reduce false positives.
- TskAuto better reports errors.

diffstat:

 security/sleuthkit/Makefile                                       |   6 +-
 security/sleuthkit/PLIST                                          |  62 +++++----
 security/sleuthkit/distinfo                                       |  11 +-
 security/sleuthkit/patches/patch-configure                        |  13 ++
 security/sleuthkit/patches/patch-tools_autotools_tsk__recover.cpp |   9 +-
 5 files changed, 59 insertions(+), 42 deletions(-)

diffs (167 lines):

diff -r 3a26cee30c7d -r aa9b611e0a08 security/sleuthkit/Makefile
--- a/security/sleuthkit/Makefile       Thu Mar 13 23:26:35 2014 +0000
+++ b/security/sleuthkit/Makefile       Thu Mar 13 23:41:31 2014 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2013/10/30 15:22:36 pettai Exp $
+# $NetBSD: Makefile,v 1.3 2014/03/13 23:41:31 pettai Exp $
 
-DISTNAME=      sleuthkit-3.2.3
+DISTNAME=      sleuthkit-4.1.3
 CATEGORIES=    security sysutils
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=sleuthkit/}
 
@@ -14,7 +14,5 @@
 USE_LIBTOOL=   yes
 USE_TOOLS+=    gmake file perl:run
 
-REPLACE_PERL=  tools/timeline/mactime tools/sorter/sorter
-
 .include "../../sysutils/file/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r 3a26cee30c7d -r aa9b611e0a08 security/sleuthkit/PLIST
--- a/security/sleuthkit/PLIST  Thu Mar 13 23:26:35 2014 +0000
+++ b/security/sleuthkit/PLIST  Thu Mar 13 23:41:31 2014 +0000
@@ -1,9 +1,11 @@
-@comment $NetBSD: PLIST,v 1.1 2013/10/29 23:33:02 pettai Exp $
+@comment $NetBSD: PLIST,v 1.2 2014/03/13 23:41:31 pettai Exp $
 bin/blkcalc
 bin/blkcat
 bin/blkls
 bin/blkstat
+bin/fcat
 bin/ffind
+bin/fiwalk
 bin/fls
 bin/fsstat
 bin/hfind
@@ -15,6 +17,7 @@
 bin/istat
 bin/jcat
 bin/jls
+bin/jpeg_extract
 bin/mactime
 bin/mmcat
 bin/mmls
@@ -26,27 +29,28 @@
 bin/tsk_gettimes
 bin/tsk_loaddb
 bin/tsk_recover
-include/tsk3/auto/tsk_auto.h
-include/tsk3/base/tsk_base.h
-include/tsk3/base/tsk_os.h
-include/tsk3/fs/tsk_ext2fs.h
-include/tsk3/fs/tsk_fatfs.h
-include/tsk3/fs/tsk_ffs.h
-include/tsk3/fs/tsk_fs.h
-include/tsk3/fs/tsk_hfs.h
-include/tsk3/fs/tsk_iso9660.h
-include/tsk3/fs/tsk_ntfs.h
-include/tsk3/hashdb/tsk_hashdb.h
-include/tsk3/img/tsk_img.h
-include/tsk3/libtsk.h
-include/tsk3/tsk_incs.h
-include/tsk3/vs/tsk_bsd.h
-include/tsk3/vs/tsk_dos.h
-include/tsk3/vs/tsk_gpt.h
-include/tsk3/vs/tsk_mac.h
-include/tsk3/vs/tsk_sun.h
-include/tsk3/vs/tsk_vs.h
-lib/libtsk3.la
+include/tsk/auto/tsk_auto.h
+include/tsk/base/tsk_base.h
+include/tsk/base/tsk_os.h
+include/tsk/fs/tsk_ext2fs.h
+include/tsk/fs/tsk_fatfs.h
+include/tsk/fs/tsk_ffs.h
+include/tsk/fs/tsk_fs.h
+include/tsk/fs/tsk_hfs.h
+include/tsk/fs/tsk_iso9660.h
+include/tsk/fs/tsk_ntfs.h
+include/tsk/fs/tsk_yaffs.h
+include/tsk/hashdb/tsk_hashdb.h
+include/tsk/img/tsk_img.h
+include/tsk/libtsk.h
+include/tsk/tsk_incs.h
+include/tsk/vs/tsk_bsd.h
+include/tsk/vs/tsk_dos.h
+include/tsk/vs/tsk_gpt.h
+include/tsk/vs/tsk_mac.h
+include/tsk/vs/tsk_sun.h
+include/tsk/vs/tsk_vs.h
+lib/libtsk.la
 man/man1/blkcalc.1
 man/man1/blkcat.1
 man/man1/blkls.1
@@ -73,10 +77,10 @@
 man/man1/tsk_gettimes.1
 man/man1/tsk_loaddb.1
 man/man1/tsk_recover.1
-share/tsk3/sorter/default.sort
-share/tsk3/sorter/freebsd.sort
-share/tsk3/sorter/images.sort
-share/tsk3/sorter/linux.sort
-share/tsk3/sorter/openbsd.sort
-share/tsk3/sorter/solaris.sort
-share/tsk3/sorter/windows.sort
+share/tsk/sorter/default.sort
+share/tsk/sorter/freebsd.sort
+share/tsk/sorter/images.sort
+share/tsk/sorter/linux.sort
+share/tsk/sorter/openbsd.sort
+share/tsk/sorter/solaris.sort
+share/tsk/sorter/windows.sort
diff -r 3a26cee30c7d -r aa9b611e0a08 security/sleuthkit/distinfo
--- a/security/sleuthkit/distinfo       Thu Mar 13 23:26:35 2014 +0000
+++ b/security/sleuthkit/distinfo       Thu Mar 13 23:41:31 2014 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.2 2014/02/24 13:10:12 wiedi Exp $
+$NetBSD: distinfo,v 1.3 2014/03/13 23:41:31 pettai Exp $
 
-SHA1 (sleuthkit-3.2.3.tar.gz) = 85d100ffde54f051916a4ea9452563ff85fad4ac
-RMD160 (sleuthkit-3.2.3.tar.gz) = ee9849ff34bd7d1ce90819f22f1e09a71e4d0e8c
-Size (sleuthkit-3.2.3.tar.gz) = 2039699 bytes
-SHA1 (patch-tools_autotools_tsk__recover.cpp) = 1541241ddbc66d4cdd9f63d97715e576ad36f194
+SHA1 (sleuthkit-4.1.3.tar.gz) = 9350bb59bb5fbe41d6e29a8d0494460b937749ef
+RMD160 (sleuthkit-4.1.3.tar.gz) = 223c6ffe22259ca057b6d9634813536e7ccd9dba
+Size (sleuthkit-4.1.3.tar.gz) = 7952733 bytes
+SHA1 (patch-configure) = 3ecfeb1af019fc7b365374c06e82aeb4b9900e6d
+SHA1 (patch-tools_autotools_tsk__recover.cpp) = c82f8c366ae2675ee6c0c948c466b40f27bc1163
diff -r 3a26cee30c7d -r aa9b611e0a08 security/sleuthkit/patches/patch-configure
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/sleuthkit/patches/patch-configure        Thu Mar 13 23:41:31 2014 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-configure,v 1.1 2014/03/13 23:41:31 pettai Exp $
+
+--- configure.orig     2014-03-13 22:51:42.000000000 +0000
++++ configure
+@@ -21983,7 +21983,7 @@ else
+   ax_java_support=no
+ fi
+ 
+- if test "x$ax_java_support" == "xyes"; then
++ if test "x$ax_java_support" = "xyes"; then
+   X_JNI_TRUE=
+   X_JNI_FALSE='#'
+ else
diff -r 3a26cee30c7d -r aa9b611e0a08 security/sleuthkit/patches/patch-tools_autotools_tsk__recover.cpp
--- a/security/sleuthkit/patches/patch-tools_autotools_tsk__recover.cpp Thu Mar 13 23:26:35 2014 +0000
+++ b/security/sleuthkit/patches/patch-tools_autotools_tsk__recover.cpp Thu Mar 13 23:41:31 2014 +0000
@@ -1,13 +1,14 @@
-$NetBSD: patch-tools_autotools_tsk__recover.cpp,v 1.1 2014/02/24 13:10:12 wiedi Exp $
+$NetBSD: patch-tools_autotools_tsk__recover.cpp,v 1.2 2014/03/13 23:41:31 pettai Exp $
 
 needs limits.h for PATH_MAX
---- tools/autotools/tsk_recover.cpp.orig       2011-10-07 19:12:29.000000000 +0000
+
+--- tools/autotools/tsk_recover.cpp.orig       2014-03-13 23:04:47.000000000 +0000
 +++ tools/autotools/tsk_recover.cpp
 @@ -9,6 +9,7 @@
   **
   */
  
-+#include <limits.h>
- #include "tsk3/tsk_tools_i.h"
++#include "limits.h"
+ #include "tsk/tsk_tools_i.h"
  #include <locale.h>
  #include <sys/stat.h>
Prev by Date: [pkgsrc/trunk]: pkgsrc/databases/ruby-sequel Update ruby-sequel to 4.8.0.
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Updated www/librest07 to 0.7.92
Previous by Thread: [pkgsrc/trunk]: pkgsrc/databases/ruby-sequel Update ruby-sequel to 4.8.0.
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated www/librest07 to 0.7.92
Indexes:
Home | Main Index | Thread Index | Old Index