diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 1a04535..0000000 --- a/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -/androguard-yara-2020-04-22-3eea86a.tar.gz -/yara-4.2.1.tar.gz -/yara-4.2.3.tar.gz diff --git a/README.md b/README.md new file mode 100644 index 0000000..24b9ea2 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# Package Not Available +This package is not available on CentOS Stream 10. +It may be available on another branch. \ No newline at end of file diff --git a/dead.package b/dead.package new file mode 100644 index 0000000..bf32130 --- /dev/null +++ b/dead.package @@ -0,0 +1 @@ +yara package is retired on branch c10s for CS-2551 \ No newline at end of file diff --git a/gating.yaml b/gating.yaml deleted file mode 100644 index 648918d..0000000 --- a/gating.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- !Policy -product_versions: - - rhel-9 -decision_context: osci_compose_gate -rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/sources b/sources deleted file mode 100644 index 59cd574..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -SHA512 (yara-4.2.3.tar.gz) = 1df23837d14d3f9f72db901190e7412241514a8914d72b753df32ad8a44c7a49ad8f14941a95de83754e4d1dd0f23d712d8e6a43916343341b92cb1bc66f3c09 diff --git a/tests/tests.yml b/tests/tests.yml deleted file mode 100644 index 052ce4c..0000000 --- a/tests/tests.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- hosts: localhost - gather_facts: yes - roles: - - role: standard-test-basic - tags: - - classic - tests: - - simple: - dir: . - run: /usr/bin/yara --version -# tasks: - # This is only used as part of rpm-ostree which has extensive tests - # and there is no point to testing it separately. - # - name: true - # shell: true - diff --git a/yara-androguard.patch b/yara-androguard.patch deleted file mode 100644 index b7ad794..0000000 --- a/yara-androguard.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff --git a/libyara/Makefile.am b/libyara/Makefile.am -index 4fa363a..a9242b2 100644 ---- a/libyara/Makefile.am -+++ b/libyara/Makefile.am -@@ -48,6 +48,7 @@ MODULES += modules/pe/pe_utils.c - - if CUCKOO_MODULE - MODULES += modules/cuckoo/cuckoo.c -+MODULES += modules/androguard/androguard.c - endif - - if MAGIC_MODULE -diff --git a/libyara/modules/module_list b/libyara/modules/module_list -index d81b8f3..ba43609 100644 ---- a/libyara/modules/module_list -+++ b/libyara/modules/module_list -@@ -10,6 +10,7 @@ MODULE(dotnet) - - #ifdef CUCKOO_MODULE - MODULE(cuckoo) -+MODULE(androguard) - #endif - - #ifdef MAGIC_MODULE diff --git a/yara-docs-theme.patch b/yara-docs-theme.patch deleted file mode 100644 index c518a42..0000000 --- a/yara-docs-theme.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -ru yara-74734418a256c5304ccaf1d322c57e305ff75362/docs/conf.py yara-74734418a256c5304ccaf1d322c57e305ff75362.new/docs/conf.py ---- yara-74734418a256c5304ccaf1d322c57e305ff75362/docs/conf.py 2016-08-02 22:08:18.000000000 +0200 -+++ yara-74734418a256c5304ccaf1d322c57e305ff75362.new/docs/conf.py 2016-08-08 23:08:47.637063737 +0200 -@@ -102,12 +102,13 @@ - # The theme to use for HTML and HTML Help pages. See the documentation for - # a list of builtin themes. - --try: -- import sphinx_rtd_theme -- html_theme = "sphinx_rtd_theme" -- html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] --except: -- html_theme = "default" -+#try: -+# import sphinx_rtd_theme -+# html_theme = "sphinx_rtd_theme" -+# html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] -+#except: -+# html_theme = "default" -+html_theme = "default" - - # Theme options are theme-specific and customize the look and feel of a theme - # further. For a list of options available for each theme, see the diff --git a/yara.spec b/yara.spec deleted file mode 100644 index e786a8a..0000000 --- a/yara.spec +++ /dev/null @@ -1,301 +0,0 @@ -Name: yara -Version: 4.2.3 -Release: 1%{?dist} -Summary: Pattern matching Swiss knife for malware researchers - -License: BSD-3-Clause -VCS: http://github.com/VirusTotal/yara/ -# http://github.com/VirusTotal/yara/releases -URL: http://VirusTotal.github.io/yara/ - - -%global gituser VirusTotal -%global gitname yara - -# Build from git release version -Source0: https://github.com/%{gituser}/%{gitname}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz - - -BuildRequires: git -BuildRequires: gcc -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: m4 -BuildRequires: binutils -BuildRequires: coreutils -BuildRequires: sharutils -BuildRequires: file -BuildRequires: gawk -BuildRequires: gzip -BuildRequires: xz -BuildRequires: pcre -BuildRequires: bison -BuildRequires: flex -BuildRequires: libtool -BuildRequires: file-devel -BuildRequires: jansson-devel >= 2.5 -BuildRequires: openssl-devel -BuildRequires: protobuf-c-devel -BuildRequires: protobuf-compiler - -# html doc generation -BuildRequires: /usr/bin/sphinx-build - -%description -YARA is a tool aimed at (but not limited to) helping malware researchers to -identify and classify malware samples. With YARA you can create descriptions -of malware families (or whatever you want to describe) based on textual or -binary patterns. Each description, a.k.a rule, consists of a set of strings -and a Boolean expression which determine its logic. - - -%package doc -Summary: Documentation for %{name} -BuildArch: noarch - -%description doc -This package contains documentation for %{name}. - - -%package devel -Summary: Development files for %{name} -Requires: %{name}%{?_isa} = %{version}-%{release} - - -%description devel -The %{name}-devel package contains libraries and header files for -developing applications that use %{name}. - - -%prep -%autosetup -p 1 -S git -%setup -q -autoreconf --force --install - - -%build - -# Add missing definition on RHEL7 -%if 0%{?rhel} && 0%{?rhel} == 7 -export CFLAGS="$CFLAGS -D PROTOBUF_C_FIELD_FLAG_ONEOF=4" -%endif - -# macro %%configure already does use CFLAGS="\{optflags}" and yara build -# scripts configure/make already honors that CFLAGS -%configure --enable-magic --enable-cuckoo --enable-debug --enable-dotnet \ - --enable-macho --enable-dex --enable-pb-tests \ - --with-crypto \ - --htmldir=%{_datadir}/doc/%{name}/html -%make_build - -# build the HTML documentation -pushd docs -make html -popd - - -%install -%make_install - -# Remove static libraries -rm %{buildroot}%{_libdir}/lib%{name}.la -rm %{buildroot}%{_libdir}/lib%{name}.a - -# Remove the rebuild-needed tag so it is not installed in doc pkg -rm -f %{buildroot}%{_datadir}/doc/%{name}/html/.buildinfo - - -%files -%license COPYING -%doc AUTHORS CONTRIBUTORS README.md -%{_bindir}/%{name} -%{_bindir}/%{name}c -%{_libdir}/lib%{name}.so.* -%{_mandir}/man1/%{name}.1* -%{_mandir}/man1/%{name}c.1* - - -%files devel -%{_includedir}/%{name}.h -%{_includedir}/%{name}/ -%{_libdir}/*.so -%{_libdir}/pkgconfig/%{name}.pc - - -%files doc -%license COPYING -%doc docs/_build/html - - -%changelog -* Tue Aug 16 2022 Mark Huth - 4.2.3-1 -- Bump to 4.2.3 -- Remove androguard module - github repo no longer exists - -* Thu Jun 16 2022 Mark Huth - 4.2.1-4 -- Use licence identifier BSD-3-Clause - -* Thu Jun 9 2022 Mark Huth - 4.2.1-2 -- Change spec file license to match COPYING file - -* Mon May 9 2022 Mark Huth - 4.2.1-1 -- bump to 4.2.1 - -* Fri Mar 25 2022 Mark Huth - 4.2.0-1 -- bump to 4.2.0 - -* Wed Nov 10 2021 Michal Ambroz - 4.1.3-1 -- bump to 4.1.3 - -* Sat Nov 06 2021 Adrian Reber - 4.1.1-5 -- Rebuilt for protobuf 3.19.0 - -* Mon Oct 25 2021 Adrian Reber - 4.1.1-4 -- Rebuilt for protobuf 3.18.1 - -* Tue Sep 14 2021 Sahana Prasad - 4.1.1-3 -- Rebuilt with OpenSSL 3.0.0 - -* Fri Jul 23 2021 Fedora Release Engineering - 4.1.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Mon May 24 2021 Michal Ambroz - 4.1.1-1 -- bump to 4.1.1 - -* Mon Apr 26 2021 Michal Ambroz - 4.1.0-1 -- bump to 4.1.0 - -* Sun Apr 25 2021 Michal Ambroz - 4.0.5-2 -- rebuild for epel - -* Fri Feb 5 2021 Michal Ambroz - 4.0.5-1 -- bump to yara bugfix 4.0.5 release - -* Wed Feb 3 2021 Michal Ambroz - 4.0.4-1 -- bump to yara bugfix 4.0.4 release - -* Thu Jul 16 2020 Michal Ambroz - 4.0.2-1 -- bump to yara bugfix 4.0.2 release -- fix build on epel7 - -* Sun Jun 14 2020 Adrian Reber - 4.0.1-2 -- Rebuilt for protobuf 3.12 - -* Tue Jun 2 2020 Michal Ambroz - 4.0.1-1 -- bump to yara bugfix 4.0.1 release - -* Tue Apr 28 2020 Michal Ambroz - 4.0.0-1 -- bump to yara 4.0.0 release - -* Fri Jan 31 2020 Fedora Release Engineering - 3.11.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Fri Oct 11 2019 Michal Ambroz - 3.11.0-1 -- bump to 3.11.0 release (#1760678) -- BUGFIX: Some regexp character classes not matching correctly when used with “nocase” modifier (upstream #1117) -- BUGFIX: Reduce the number of ERROR_TOO_MANY_RE_FIBERS errors for certain hex pattern containing large jumps (upstream #1107) -- BUGFIX: Buffer overrun in “dotnet” module (upstream #1108) -- BUGFIX: Memory leak while attaching to a process fails (upstream #1070) - -* Sat Sep 28 2019 Michal Ambroz - 3.10.0-3 -- change the sphinx build dependency - -* Sat Jul 27 2019 Fedora Release Engineering - 3.10.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Fri May 03 2019 Michal Ambroz - 3.10.0-1 -- bump to 3.10.0 release (#1680204) -- Harden virtual machine against malicious code. -- BUGFIX: Regression bug in hex strings containing wildcards (upstream #1025). -- BUGFIX: Buffer overrun in “elf” module. -- BUGFIX: Buffer overrun in “dotnet” module. - -* Sat Mar 16 2019 Michal Ambroz - 3.9.0-1 -- bump to 3.9.0 release (#1680203) -- switch from python-sphinx to python3-sphinx for generating the documentation for fc31+ -- should fix also #1660398 (CVE-2018-19974 CVE-2018-19975 CVE-2018-19976), - but by design it might be always dangerous to run yara signatures compiled by 3rd party, - so it is advised to re-compile yara rules instead -- BUGFIX: Denial of service when using "dex" module. Found by the Cisco Talos team. (upstream #1023, CVE-2019-5020) -- BUGFIX: Buffer overflow in "dotnet" module. -- BUGFIX: Regexp regression when using nested quantifiers {x,y} for certain values of x and y. (#1018) - -* Sun Feb 03 2019 Fedora Release Engineering - 3.8.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Mon Aug 27 2018 Michal Ambroz - 3.8.1-1 -- bump to 3.8.1 release (#1613093) - -* Sat Jul 14 2018 Fedora Release Engineering - 3.7.1-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Fri Feb 09 2018 Fedora Release Engineering - 3.7.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Mon Feb 05 2018 Michal Ambroz - 3.7.1-1 -- bump to 3.7.1 release (#1534993) - -* Wed Nov 15 2017 Michal Ambroz - 3.7.0-1 -- bump to 3.7.0 release (#1511921) - -* Thu Aug 03 2017 Fedora Release Engineering - 3.6.3-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Thu Jul 27 2017 Fedora Release Engineering - 3.6.3-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Sun Jul 16 2017 Michal Ambroz - 3.6.3-1 -- bump to 3.6.3 release - bugfix CVE-2017-11328 - -* Mon Jul 03 2017 Michal Ambroz - 3.6.2-1 -- bump to 3.6.2 release - bugfix CVE-2017-9304, CVE-2017-9465 - -* Wed May 24 2017 Michal Ambroz - 3.6.0-1 -- bump to 3.6.0 release -- update the androguard-yara with bugfixes - -* Thu Apr 13 2017 Michal Ambroz - 3.5.0-7 -- Adding patch from pull request 627 until 3.5.1 is released -- https://patch-diff.githubusercontent.com/raw/VirusTotal/yara/pull/627.patch -- Fixes CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924 - -* Sat Feb 11 2017 Fedora Release Engineering - 3.5.0-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Tue Aug 09 2016 Michal Ambroz - 3.5.0-5 -- import package to Fedora -- remove unnecessary .buildinfo tag from doc package - -* Fri Aug 05 2016 Michal Ambroz - 3.5.0-4 -- package review - bugzilla #1362265 -- cosmetics of the changelog -- using default spinx theme to remove the static fonts - -* Fri Aug 05 2016 Michal Ambroz - 3.5.0-3 -- package review - bugzilla #1362265 -- dropped Buildroot, pkgconfig, zlib-devel, defattr -- added buildrequires gcc -- change license back to ASL 2.0 only - -* Thu Aug 04 2016 Michal Ambroz - 3.5.0-2 -- package review - bugzilla #1362265 -- changed packaging of doc sub-package - -* Thu Aug 04 2016 Michal Ambroz - 3.5.0-1 -- bump to new 3.5.0 - -* Wed Aug 03 2016 Michal Ambroz - 3.4.0-6 -- package review - bugzilla #1362265 -- dropped dependency of python-tools - -* Mon Aug 01 2016 Michal Ambroz - 3.4.0-4 -- compile with the androguard module - -* Wed Jun 08 2016 Michal Ambroz - 3.4.0-2 -- jansson dependency >= 2.5 - -* Wed Jun 08 2016 Michal Ambroz - 3.4.0-1 -- python3 stuff - -* Mon Jun 22 2015 Michal Ambroz - 3.4.0-0.git20150618 -- initial build for Fedora Project