From 3458746c339880bfd40fad515750d4815626b25f Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 15 Nov 2022 01:41:32 -0500 Subject: [PATCH] import yara-4.2.3-1.el9 --- .gitignore | 1 + .yara.metadata | 1 + SPECS/yara.spec | 301 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 303 insertions(+) create mode 100644 .gitignore create mode 100644 .yara.metadata create mode 100644 SPECS/yara.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..77af85c --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/yara-4.2.3.tar.gz diff --git a/.yara.metadata b/.yara.metadata new file mode 100644 index 0000000..e471931 --- /dev/null +++ b/.yara.metadata @@ -0,0 +1 @@ +1c0776d0b147e260dc51b1f2002235f07d9cacd8 SOURCES/yara-4.2.3.tar.gz diff --git a/SPECS/yara.spec b/SPECS/yara.spec new file mode 100644 index 0000000..e786a8a --- /dev/null +++ b/SPECS/yara.spec @@ -0,0 +1,301 @@ +Name: yara +Version: 4.2.3 +Release: 1%{?dist} +Summary: Pattern matching Swiss knife for malware researchers + +License: BSD-3-Clause +VCS: http://github.com/VirusTotal/yara/ +# http://github.com/VirusTotal/yara/releases +URL: http://VirusTotal.github.io/yara/ + + +%global gituser VirusTotal +%global gitname yara + +# Build from git release version +Source0: https://github.com/%{gituser}/%{gitname}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz + + +BuildRequires: git +BuildRequires: gcc +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: m4 +BuildRequires: binutils +BuildRequires: coreutils +BuildRequires: sharutils +BuildRequires: file +BuildRequires: gawk +BuildRequires: gzip +BuildRequires: xz +BuildRequires: pcre +BuildRequires: bison +BuildRequires: flex +BuildRequires: libtool +BuildRequires: file-devel +BuildRequires: jansson-devel >= 2.5 +BuildRequires: openssl-devel +BuildRequires: protobuf-c-devel +BuildRequires: protobuf-compiler + +# html doc generation +BuildRequires: /usr/bin/sphinx-build + +%description +YARA is a tool aimed at (but not limited to) helping malware researchers to +identify and classify malware samples. With YARA you can create descriptions +of malware families (or whatever you want to describe) based on textual or +binary patterns. Each description, a.k.a rule, consists of a set of strings +and a Boolean expression which determine its logic. + + +%package doc +Summary: Documentation for %{name} +BuildArch: noarch + +%description doc +This package contains documentation for %{name}. + + +%package devel +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + + +%prep +%autosetup -p 1 -S git +%setup -q +autoreconf --force --install + + +%build + +# Add missing definition on RHEL7 +%if 0%{?rhel} && 0%{?rhel} == 7 +export CFLAGS="$CFLAGS -D PROTOBUF_C_FIELD_FLAG_ONEOF=4" +%endif + +# macro %%configure already does use CFLAGS="\{optflags}" and yara build +# scripts configure/make already honors that CFLAGS +%configure --enable-magic --enable-cuckoo --enable-debug --enable-dotnet \ + --enable-macho --enable-dex --enable-pb-tests \ + --with-crypto \ + --htmldir=%{_datadir}/doc/%{name}/html +%make_build + +# build the HTML documentation +pushd docs +make html +popd + + +%install +%make_install + +# Remove static libraries +rm %{buildroot}%{_libdir}/lib%{name}.la +rm %{buildroot}%{_libdir}/lib%{name}.a + +# Remove the rebuild-needed tag so it is not installed in doc pkg +rm -f %{buildroot}%{_datadir}/doc/%{name}/html/.buildinfo + + +%files +%license COPYING +%doc AUTHORS CONTRIBUTORS README.md +%{_bindir}/%{name} +%{_bindir}/%{name}c +%{_libdir}/lib%{name}.so.* +%{_mandir}/man1/%{name}.1* +%{_mandir}/man1/%{name}c.1* + + +%files devel +%{_includedir}/%{name}.h +%{_includedir}/%{name}/ +%{_libdir}/*.so +%{_libdir}/pkgconfig/%{name}.pc + + +%files doc +%license COPYING +%doc docs/_build/html + + +%changelog +* Tue Aug 16 2022 Mark Huth - 4.2.3-1 +- Bump to 4.2.3 +- Remove androguard module - github repo no longer exists + +* Thu Jun 16 2022 Mark Huth - 4.2.1-4 +- Use licence identifier BSD-3-Clause + +* Thu Jun 9 2022 Mark Huth - 4.2.1-2 +- Change spec file license to match COPYING file + +* Mon May 9 2022 Mark Huth - 4.2.1-1 +- bump to 4.2.1 + +* Fri Mar 25 2022 Mark Huth - 4.2.0-1 +- bump to 4.2.0 + +* Wed Nov 10 2021 Michal Ambroz - 4.1.3-1 +- bump to 4.1.3 + +* Sat Nov 06 2021 Adrian Reber - 4.1.1-5 +- Rebuilt for protobuf 3.19.0 + +* Mon Oct 25 2021 Adrian Reber - 4.1.1-4 +- Rebuilt for protobuf 3.18.1 + +* Tue Sep 14 2021 Sahana Prasad - 4.1.1-3 +- Rebuilt with OpenSSL 3.0.0 + +* Fri Jul 23 2021 Fedora Release Engineering - 4.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon May 24 2021 Michal Ambroz - 4.1.1-1 +- bump to 4.1.1 + +* Mon Apr 26 2021 Michal Ambroz - 4.1.0-1 +- bump to 4.1.0 + +* Sun Apr 25 2021 Michal Ambroz - 4.0.5-2 +- rebuild for epel + +* Fri Feb 5 2021 Michal Ambroz - 4.0.5-1 +- bump to yara bugfix 4.0.5 release + +* Wed Feb 3 2021 Michal Ambroz - 4.0.4-1 +- bump to yara bugfix 4.0.4 release + +* Thu Jul 16 2020 Michal Ambroz - 4.0.2-1 +- bump to yara bugfix 4.0.2 release +- fix build on epel7 + +* Sun Jun 14 2020 Adrian Reber - 4.0.1-2 +- Rebuilt for protobuf 3.12 + +* Tue Jun 2 2020 Michal Ambroz - 4.0.1-1 +- bump to yara bugfix 4.0.1 release + +* Tue Apr 28 2020 Michal Ambroz - 4.0.0-1 +- bump to yara 4.0.0 release + +* Fri Jan 31 2020 Fedora Release Engineering - 3.11.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Oct 11 2019 Michal Ambroz - 3.11.0-1 +- bump to 3.11.0 release (#1760678) +- BUGFIX: Some regexp character classes not matching correctly when used with “nocase” modifier (upstream #1117) +- BUGFIX: Reduce the number of ERROR_TOO_MANY_RE_FIBERS errors for certain hex pattern containing large jumps (upstream #1107) +- BUGFIX: Buffer overrun in “dotnet” module (upstream #1108) +- BUGFIX: Memory leak while attaching to a process fails (upstream #1070) + +* Sat Sep 28 2019 Michal Ambroz - 3.10.0-3 +- change the sphinx build dependency + +* Sat Jul 27 2019 Fedora Release Engineering - 3.10.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri May 03 2019 Michal Ambroz - 3.10.0-1 +- bump to 3.10.0 release (#1680204) +- Harden virtual machine against malicious code. +- BUGFIX: Regression bug in hex strings containing wildcards (upstream #1025). +- BUGFIX: Buffer overrun in “elf” module. +- BUGFIX: Buffer overrun in “dotnet” module. + +* Sat Mar 16 2019 Michal Ambroz - 3.9.0-1 +- bump to 3.9.0 release (#1680203) +- switch from python-sphinx to python3-sphinx for generating the documentation for fc31+ +- should fix also #1660398 (CVE-2018-19974 CVE-2018-19975 CVE-2018-19976), + but by design it might be always dangerous to run yara signatures compiled by 3rd party, + so it is advised to re-compile yara rules instead +- BUGFIX: Denial of service when using "dex" module. Found by the Cisco Talos team. (upstream #1023, CVE-2019-5020) +- BUGFIX: Buffer overflow in "dotnet" module. +- BUGFIX: Regexp regression when using nested quantifiers {x,y} for certain values of x and y. (#1018) + +* Sun Feb 03 2019 Fedora Release Engineering - 3.8.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Aug 27 2018 Michal Ambroz - 3.8.1-1 +- bump to 3.8.1 release (#1613093) + +* Sat Jul 14 2018 Fedora Release Engineering - 3.7.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Feb 09 2018 Fedora Release Engineering - 3.7.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Feb 05 2018 Michal Ambroz - 3.7.1-1 +- bump to 3.7.1 release (#1534993) + +* Wed Nov 15 2017 Michal Ambroz - 3.7.0-1 +- bump to 3.7.0 release (#1511921) + +* Thu Aug 03 2017 Fedora Release Engineering - 3.6.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 3.6.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sun Jul 16 2017 Michal Ambroz - 3.6.3-1 +- bump to 3.6.3 release - bugfix CVE-2017-11328 + +* Mon Jul 03 2017 Michal Ambroz - 3.6.2-1 +- bump to 3.6.2 release - bugfix CVE-2017-9304, CVE-2017-9465 + +* Wed May 24 2017 Michal Ambroz - 3.6.0-1 +- bump to 3.6.0 release +- update the androguard-yara with bugfixes + +* Thu Apr 13 2017 Michal Ambroz - 3.5.0-7 +- Adding patch from pull request 627 until 3.5.1 is released +- https://patch-diff.githubusercontent.com/raw/VirusTotal/yara/pull/627.patch +- Fixes CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924 + +* Sat Feb 11 2017 Fedora Release Engineering - 3.5.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Aug 09 2016 Michal Ambroz - 3.5.0-5 +- import package to Fedora +- remove unnecessary .buildinfo tag from doc package + +* Fri Aug 05 2016 Michal Ambroz - 3.5.0-4 +- package review - bugzilla #1362265 +- cosmetics of the changelog +- using default spinx theme to remove the static fonts + +* Fri Aug 05 2016 Michal Ambroz - 3.5.0-3 +- package review - bugzilla #1362265 +- dropped Buildroot, pkgconfig, zlib-devel, defattr +- added buildrequires gcc +- change license back to ASL 2.0 only + +* Thu Aug 04 2016 Michal Ambroz - 3.5.0-2 +- package review - bugzilla #1362265 +- changed packaging of doc sub-package + +* Thu Aug 04 2016 Michal Ambroz - 3.5.0-1 +- bump to new 3.5.0 + +* Wed Aug 03 2016 Michal Ambroz - 3.4.0-6 +- package review - bugzilla #1362265 +- dropped dependency of python-tools + +* Mon Aug 01 2016 Michal Ambroz - 3.4.0-4 +- compile with the androguard module + +* Wed Jun 08 2016 Michal Ambroz - 3.4.0-2 +- jansson dependency >= 2.5 + +* Wed Jun 08 2016 Michal Ambroz - 3.4.0-1 +- python3 stuff + +* Mon Jun 22 2015 Michal Ambroz - 3.4.0-0.git20150618 +- initial build for Fedora Project