pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/sleuthkit



Module Name:    pkgsrc
Committed By:   pettai
Date:           Thu Mar 13 23:41:31 UTC 2014

Modified Files:
        pkgsrc/security/sleuthkit: Makefile PLIST distinfo
        pkgsrc/security/sleuthkit/patches:
            patch-tools_autotools_tsk__recover.cpp
Added Files:
        pkgsrc/security/sleuthkit/patches: patch-configure

Log Message:
(Trimmed down commit message, but it's still huge to be able
 to cover all releases in this update...)

---------------- VERSION 4.1.3 --------------
- fixed bug that could crash UFS/ExtX in inode_lookup.
- More bounds checking in ISO9660 code
- Image layer bounds checking
- Update version of SQLITE-JDBC
- Config file for YAFFS2 spare area
- New method in image layer to return names
- Yaffs2 cleanup.
- Escape all strings in SQLite database
- SQlite code uses NTTFS sequence number to match parent IDs

---------------- VERSION 4.1.2 --------------
Core:
- TskAutoDB considers not finding a VS/FS a critical error.

---------------- VERSION 4.1.1 --------------
Core:
- Added FILE_SHARE_WRITE to all windows open calls.
- removed unused methods in CRC code that caused compile errors.
- Added NTFS FNAME times to time2 struct in TSK_FS_META to make them
  easier to access -- should have done this a long time ago!
- fls -m and tsk_gettimes output NTFS FNAME times to output for timelines.
- hfind with EnCase hashsets works when DB is specified (and not only index)
- TskAuto now goes into UNALLOC partitions by default too.
- Added support to automatically find all Cellebrite raw dump files given
  the name of the first image.
- Added NTFS sequence to parent address in directory and directory itself.
- Updated SQLite code to use sequence when finding parent object ID.

---------------- VERSION 4.1.0 --------------
Core:
- Added YAFFS2 support (patch from viaForensics).
- Added Ext4 support (patch from kfairbanks)
- changed all include paths to be 'tsk' instead of 'tsk3'
-- IMPORTANT FOR ALL DEVELOPERS!

---------------- VERSION 4.0.2 --------------
New Features:
- Added fiwalk tool from Simson.  Not supported in Visual Studio yet.

---------------- VERSION 4.0.1 --------------
New Features:
- Can open raw Windows devices with write mode sharing.
- More DOS partition types are displayed.
- Added fcat tool that takes in file name and exports content (equivalent to 
using ifind and icat together).
- Added new API to TskImgDB that returns hash value associated with carved 
files.
- performance improvements with FAT code (maps and dir_add)
- performance improvements with NTFS code (maps)
- added AONLY flag to block_walk
- Updated blkls and blkcalc to use AONLY flag -- MUCH faster.

---------------- VERSION 4.0.0 --------------
New Features:
- Added multithreaded support
- Added C++ wrapper classes
- Added JNI bindings / Java data model classes
- 3314047: Added utf8-specific versions of 'toid' methods for img,vs,fs types
- 3184429: More consistent printing of unset times (all zerso instead of 1970)
- New database design that allows for multiple images in the same database
- GPT volume system tries other sector sizes if first attempt fails.
- Added hash calculation and lookup to AutoDB and JNI.
- Upgraded SQLite to 3.7.9.
- EnCase hash support
- Libewf v2 support (it is now non-beta)
- First file in a raw split or E01 can be specified and the rest of the files
  are found.
- mactime displays times as 0 if the time is not set (isntead of 1970)
- Changed behavior of 'mactime -y' to use ISO8601 format.
- Updated HFS+ code from ATC-NY.
- FAT orphan file improvements to reduce false positives.
- TskAuto better reports errors.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/sleuthkit/Makefile \
    pkgsrc/security/sleuthkit/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/sleuthkit/PLIST
cvs rdiff -u -r0 -r1.1 pkgsrc/security/sleuthkit/patches/patch-configure
cvs rdiff -u -r1.1 -r1.2 \
    pkgsrc/security/sleuthkit/patches/patch-tools_autotools_tsk__recover.cpp

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index