Accepted pytsk 20180225-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 31 Mar 2018 19:56:47 +0200
Source: pytsk
Binary: python-tsk python3-tsk
Architecture: source
Version: 20180225-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <team+pkg-secur...@tracker.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 python-tsk - Python Bindings for The Sleuth Kit
 python3-tsk - Python Bindings for The Sleuth Kit
Changes:
 pytsk (20180225-1) unstable; urgency=medium
 .
   * Team upload
   [ Raphaël Hertzog ]
   * Update team maintainer address to Debian Security Tools
 <team+pkg-secur...@tracker.debian.org>
   * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
 .
   [ Hilko Bengen ]
   * New upstream version 20180225
   * Rebase build patch
   * Bump Standards-Version
Checksums-Sha1:
 cfbdd741d3460a8bd10617ef9222d9805d2d61b4 2118 pytsk_20180225-1.dsc
 3b56e53fb4a97a49108fc808a31916eb4ae6ec56 126733 pytsk_20180225.orig.tar.gz
 cc0ef23d8484ee2d8024e0256df4de5b7b7b2926 4376 pytsk_20180225-1.debian.tar.xz
 74cf8f910d61993dad3d9076b9ee36161a648ff8 8142 pytsk_20180225-1_source.buildinfo
Checksums-Sha256:
 c1a82bd635abda6fc85857e5218538d740c2e05451f881215345f9d1344ba27c 2118 
pytsk_20180225-1.dsc
 429ab99ca25b800542cdf70d90ae2854ae68f02c7f249ca64c70ce84db9fcc77 126733 
pytsk_20180225.orig.tar.gz
 1a6f1b756aae63f98ff96b7fd32bc443c7554ea85118cfa6117c5c5dffb4e7ef 4376 
pytsk_20180225-1.debian.tar.xz
 baec047cd5ede8d627bb1a56c3d01f5ffbc56f02d7216b693e024ac0ec6e07c0 8142 
pytsk_20180225-1_source.buildinfo
Files:
 f45ad1a1becb7304287e21ed88304171 2118 python optional pytsk_20180225-1.dsc
 bef8effd932c1a26bc17e1907506b343 126733 python optional 
pytsk_20180225.orig.tar.gz
 1d945f1155c883a677af0ef2b74c3d24 4376 python optional 
pytsk_20180225-1.debian.tar.xz
 872c52f8f6c29118ab8921138dc0a481 8142 python optional 
pytsk_20180225-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlq/zAYACgkQdbcQY1wh
On789hAApVZ5RqXHk43CYu/dm28p0RAvo7KfCGacLGEUliZvjflO8hiwdcvQnqP6
cVGJE/XoK+1gmERuW0kIDN/LVT3kweJnh5XkFAl0DwUjVxSXoxliropQDai906dC
eoRkugk32sEG154mo4lTju2iD32QsFb+CWeoi8yAXD8XKZDxGgI+35VPDgBIOlR2
xnz9alCOAwtS6snO2jszuMJnw5XtLMFWgecAZiSR7L6ZY5Mwx3y0rVJS5JKc+Ce4
L5dHb+4pVDaAx9H2oK+PrP6sgkPBuAvk/Osa5q6nAqzk8fCX2V6Vgfy/AoOOso6b
9WXCGIHBBSV4hQaOCBb+RLAPBWX3RhFXKv1Y6iRy4niDmsrG1fElEZTMM3MVPROd
qOGViVF/5ZgIFdAwgNwzHElxP9mUszZd+582IH9d5FcW1YlzdFWROTecLqaEj7Go
Du3zCu/5pdLBTJZ8yCEjRNYaBkM3MSfO3sXozfw6AdBQ8QBXgtPpKTLtRfzuFkjR
jRuZr1tYEbY9MLRPS3Ar19SGlrchK7Uj491FDLrDiZfzGwe6xTHvjne2L8W7igII
LrDrXmoSndTMvfFf/nNYlkX0Le2VyE3ayw3x5BaVuFiaiqgyGFeKwolZi154yNrO
KkVvsv8yaffHeXmbQyFWwr+0ogt4TZOuu9fy40wyoiap4NAhJ5E=
=HRSi
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted sleuthkit 4.6.0-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 31 Mar 2018 19:15:06 +0200
Source: sleuthkit
Binary: sleuthkit libtsk13 libtsk-dev
Architecture: source
Version: 4.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <team+pkg-secur...@tracker.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 libtsk-dev - library for forensics analysis (development files)
 libtsk13   - library for forensics analysis on volume and filesystem data
 sleuthkit  - tools for forensics analysis on volume and filesystem data
Changes:
 sleuthkit (4.6.0-1) unstable; urgency=medium
 .
   * Team upload
   [ Raphaël Hertzog ]
   * Update team maintainer address to Debian Security Tools
 <team+pkg-secur...@tracker.debian.org>
   * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
 .
   [ Hilko Bengen ]
   * New upstream version 4.6.0
   * Bump Standards-Version
   * Drop CVE-* patches that have been integrated upstream
   * Update .symbols file
Checksums-Sha1:
 efe426dde3c314ad583c136e2e6aa170e9bc1f68 2110 sleuthkit_4.6.0-1.dsc
 3a77931cb8fc67b2b419bd77e39b18d7db426521 9109116 sleuthkit_4.6.0.orig.tar.gz
 cb93ba3583b64d754ea59174f001a86920706ce6 36596 sleuthkit_4.6.0-1.debian.tar.xz
 57343c17e07e34bc87efcd94bdd5ca4d675952d2 6920 
sleuthkit_4.6.0-1_source.buildinfo
Checksums-Sha256:
 d51c0e900eac6988d51024b06957ce33f4f88a21ff9ebaa755bd389f79b7b780 2110 
sleuthkit_4.6.0-1.dsc
 ad3e26958234c9e866dfbfb751bcd6ed300ff76446dc6767a6f9083df4bf4974 9109116 
sleuthkit_4.6.0.orig.tar.gz
 7674b681b6cc8006512cecf866ba8a440a64183a34b0875c084b2bc5de9bd04d 36596 
sleuthkit_4.6.0-1.debian.tar.xz
 a2f12643d270193c5fe1c7cdb04a24ea4b22fd670b9d832e283f78e076f628cb 6920 
sleuthkit_4.6.0-1_source.buildinfo
Files:
 95851e0527324b0178f304250cd03a12 2110 admin optional sleuthkit_4.6.0-1.dsc
 b94388c5f9de8a9f017619f4855f4401 9109116 admin optional 
sleuthkit_4.6.0.orig.tar.gz
 4fc7614bde96e9d3c5d843fc193ce0bf 36596 admin optional 
sleuthkit_4.6.0-1.debian.tar.xz
 aa64274fc709d9416d71d40434dea77d 6920 admin optional 
sleuthkit_4.6.0-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlq/xbwACgkQdbcQY1wh
On5xog/9He9gsjH3FHEHrDzNrge5JOAkawxR3Ak3IgzL3XIkmFlwCrwdbIw6RQCp
ILL9L2iMVMM6aSqrXPrpaaxNDq/BxST7YBvMbiGmJ20KKU0cXDlYYxaJ8j8Yx4JA
VrgaXuzD5F5iHWSCZHMG1dNM3VyMvlH/IUAcz5bMimBqVBoIU2Gb6UxFQOTeBuo+
s7MWmL5H4+l+vf2KXa7aeHshArGSAdTDtUfEdLwFK45E1IxIL8mbWhbHTQkrpC7a
M+2lRMq2U2FsHanYHNbbPEfNh1udLENssTl1dEGongfuPPceYdj9RUa4CSC6RB2K
81E+MnER7SOjWhEQAHiEbas1fDMabCbWKRoJiCwPsaoZxthcfy91Ik0Ye4UdE9Y6
r8BGC0obOI1lF+DfDKvXMwLkA5QiykTtn3hmyPPducT4Z1cO1JiYs6Fjak44EZa9
4/+HPEu+Go0poBS7BD8EmC9hWLMR7IE0eMyKwqm/J95tUm9QJy2crDZcX3mvXyH8
rHnkFGcxp20RWbtpJoJzZ5zo74dI9zwWrBtdngIpSMxPVMGZlCLVh67znorNeg4/
O2eLfa2EbTLVnMA0lWfP8rdFqkPB7LP+XTTbIk8QNdx05XswoZNUfIkCBldQftqq
+9ppHMhM8Ndd1YGFBj725pdqe4+7as75uEPO9Ryr4Tc0jtsRTt4=
=ZsmA
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted libfwsi 20180330-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 31 Mar 2018 18:09:09 +0200
Source: libfwsi
Binary: libfwsi-dev libfwsi1 python-libfwsi python3-libfwsi
Architecture: source
Version: 20180330-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <team+pkg-secur...@tracker.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 libfwsi-dev - Windows Shell Item format access library -- development files
 libfwsi1   - Windows Shell Item format access library
 python-libfwsi - Windows Shell Item format access library -- Python 2 bindings
 python3-libfwsi - Windows Shell Item format access library -- Python 3 bindings
Changes:
 libfwsi (20180330-1) unstable; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Update team maintainer address to Debian Security Tools
 <team+pkg-secur...@tracker.debian.org>
   * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
 .
   [ Hilko Bengen ]
   * New upstream version 20180330
   * Bump Standards-Version
   * Remove unneeded dh --parallel
Checksums-Sha1:
 6cb784e3aa6134dcf7e1d5450e1a99c6a3a716f6 2140 libfwsi_20180330-1.dsc
 2f4af7e4e6bd019b9869734312bc177662dd4652 1280846 libfwsi_20180330.orig.tar.gz
 e082de6cbdee02aa8fff3075f2d5a15db078f7be 3680 libfwsi_20180330-1.debian.tar.xz
 bbd7ce1e93a48835344376c958c9426b242fb756 6980 
libfwsi_20180330-1_source.buildinfo
Checksums-Sha256:
 101045464ff317653d11c2a48bd7679fff8c78b3dc7b4220779447fea709a840 2140 
libfwsi_20180330-1.dsc
 c5512374e9570116f21ce791ac5c03b49dd66500f2c9a7d55b8d6ec69118119c 1280846 
libfwsi_20180330.orig.tar.gz
 9e866d2f035bb409fbec7a816789fa715af2be8500e3868e96d2d368eae0e1bf 3680 
libfwsi_20180330-1.debian.tar.xz
 b76066c4fad0bad2943127cc0ebec06160f57ad9123262e26a6b55a115741bc8 6980 
libfwsi_20180330-1_source.buildinfo
Files:
 61c2d56f33a8f7a568fcdb839a4b14d0 2140 libs optional libfwsi_20180330-1.dsc
 c65a84ab8558c4bba703e4b221f3e857 1280846 libs optional 
libfwsi_20180330.orig.tar.gz
 faeeedc4fa216ee66ad751fafc02a352 3680 libs optional 
libfwsi_20180330-1.debian.tar.xz
 733ded2dcea3a553de71b15e77c934db 6980 libs optional 
libfwsi_20180330-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlq/sr8ACgkQdbcQY1wh
On6+4Q//Tnx+nFbipArHg5S7ClugIOHwStQpkCW436Sh1sMf7MpTdQ/YKq9vYQtH
oFZrpH+jMx3c8bv4ONVMOkFkMq5Cb9A1hplEfihfL5uJ0Xj8B4cGYHd8Cf5swQ1T
Fni6imcyHgVKVEDKe3b0xYzCA7UHIci++BnveLhAYB0wXRuqAFJhwd8TSGoElXOF
YbMVDu2O0v4LKuVcYvfFvaKZ8wfqC0TRq/Dk2+GjbE3FvlsfodB1AVWw3VOqmkc1
sv5MKDBxLc+Z6WusOv46TdOAp/PTjzwDC5TcTgwn/H6V2RzCsn6b20j+sJ7BtUdy
p3tkspwDOjkpfysV98AFzIoBz6XKe+DQGhPYTvc0FbR8sHWV2J8/M9zCM0gnEE2G
DyKuvb/eTYeZ9uuwpV3lppOFgqEb0fAiL8hiAIXSUVhnb4p5Tn9IhX5GrfM/Aj5o
Iy0CbsiV5GdRsMoC7mlNQW/A+cvnhAycn8OJ1HCsddmG3E/ajFB34ukqZ5w91Hyv
wydl1eXR36s4cTxFZFfpn2Lvg3POiKQVtZOcdsxhY3g/9iLTckI9T+SPxSLyXbAb
top92nSV3neVYpucuTsy/aGDl27rbXFnuOONZO90DbjAmRzNI+zPPa5eDre4C+rQ
EreCqyY0Uwo/RAFoeNh1uLZh0wMTfO3Mk5VEdQAFWRgGjiPEgKA=
=ccm4
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted dfvfs 20180326-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 29 Mar 2018 11:09:37 +0200
Source: dfvfs
Binary: python-dfvfs
Architecture: source
Version: 20180326-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <team+pkg-secur...@tracker.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 python-dfvfs - Digital Forensics Virtual File System
Changes:
 dfvfs (20180326-1) unstable; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Update team maintainer address to Debian Security Tools
 <team+pkg-secur...@tracker.debian.org>
   * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
 .
   [ Hilko Bengen ]
   * New upstream version 20180326
   * Update patch
   * Update dfdatetime dependency
Checksums-Sha1:
 819a717d19b1cdcc2a931b5ce465362afda85733 2562 dfvfs_20180326-1.dsc
 1cfe942321d4db1c5f9c9ebbd524ef01d8bf151b 77714062 dfvfs_20180326.orig.tar.gz
 5f83cd557f2df67bea00200147fa2990b1c92018 3880 dfvfs_20180326-1.debian.tar.xz
 291826ee90d7504000452b7e7b02a24877196445 8466 dfvfs_20180326-1_source.buildinfo
Checksums-Sha256:
 06e2da3f4a2c6edd0512f72713cf8b5681a91b256ffa57fea847af3869dd48a1 2562 
dfvfs_20180326-1.dsc
 e54c0518bbac411dcba49dc9a97275105a33d1328e6e2592674ecd938cde9e38 77714062 
dfvfs_20180326.orig.tar.gz
 1c9996f442d7c33345af2a9658dc7b0f24067b6272dad57b4cc6e02f00e4e5b5 3880 
dfvfs_20180326-1.debian.tar.xz
 9e6d910d7bb82dc350743e03e6e41dc034df39319772eaa4f32cbfd294188400 8466 
dfvfs_20180326-1_source.buildinfo
Files:
 1151773b2eb1be355a7f3ea4c9d2302b 2562 python optional dfvfs_20180326-1.dsc
 783b10657f2e695f1db99b1f8fba7754 77714062 python optional 
dfvfs_20180326.orig.tar.gz
 1426c768e69bd0ce9b6596a8fc91aa2d 3880 python optional 
dfvfs_20180326-1.debian.tar.xz
 bef68b34000256d624757e402ca37934 8466 python optional 
dfvfs_20180326-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlq8rYQACgkQdbcQY1wh
On6zIA//QuzrblC4S0spwI1t/XHC3HS+BGQz0KD6/SzQZs9+N6qI+F5ECDdiQOUp
Y/Xx65ysvPZAK7c3IGypf/txpj31fnejw3wGqZBiLx9lgjYBhx3lwm8DpN0TT+uF
+BYZRWigkG4R2INnGB6erT1J8clGppDUfZF3o8Ypilqr1vTtgXpeML+dB6DK3qLo
KvrdD/4LtAIvvxVBzNyODaa9j9nnPmKzUvGCrBx+e3qxoohC2BZa8kNOufsxfJ4H
J0kl7+dHsy4mVKegLW962J4MgE7WEU+SgA7HZmwxr5fVjNgZvuS4wMLbSATVxb45
7lzPM0BZn72YtTa/NZlPWe//lPZWxiZLdVW8teRkoFrnzkjiEqRlBQvy+NvSACeY
taHtacuaRtHgJshQqXs85+qxB/OkpIqv/tUhh53B8svFkjUtRSE8OmVnDNR5d5LJ
Ha/k0YkwOOGmfk/BPKZxN+r4O4swcCgysFbaSrPia3rEmGXud+gk8LDK2db5yJ8A
k9yO+MES6UaPXB+A0xXjkx5DgaKNmo6uLNLgRwIP2VHZzB+Nk03SC+g8MXB43MaN
siRpf/TFlaULRdwVFSDT9nru+W6MgQAg3Ztk+uSMvtKVGXLYFuhN17X24xqclBXH
DrSDAvOk+AEWZbSpYuePKc3mCjVzxVFoNvB6yzxOxVKJWirhh/E=
=HyjU
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted dfdatetime 20180324-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 28 Mar 2018 15:52:58 +0200
Source: dfdatetime
Binary: python-dfdatetime python3-dfdatetime
Architecture: source
Version: 20180324-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <team+pkg-secur...@tracker.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 python-dfdatetime - Digital Forensics date and time library for Python 2
 python3-dfdatetime - Digital Forensics date and time library for Python 3
Changes:
 dfdatetime (20180324-1) unstable; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Update team maintainer address to Debian Security Tools
 <team+pkg-secur...@tracker.debian.org>
   * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
 .
   [ Hilko Bengen ]
   * New upstream version 20180324
Checksums-Sha1:
 bca4e0bbfafc4980689fe75acff01748ab3e25a3 2135 dfdatetime_20180324-1.dsc
 3c3b3af57cf284a57d03373f4e70b8f43997e621 46820 dfdatetime_20180324.orig.tar.gz
 5c389ee2e1c6eecf2bfaaa819707eca50eacc933 2268 
dfdatetime_20180324-1.debian.tar.xz
 27a5e43c3013e2a6eb2b054f77f07d4f4e4d7d6e 6976 
dfdatetime_20180324-1_source.buildinfo
Checksums-Sha256:
 ca834bd862c9f33a83671d48a1825e34f0961f130725e99abe57cb9d18c8de74 2135 
dfdatetime_20180324-1.dsc
 cb4cf629474d260c4085f273cbbe0335b27c46f6f346f0d9850f6df90afec6b1 46820 
dfdatetime_20180324.orig.tar.gz
 b6c7486497951b72c95ae743f7a116f809f36f845bc67b8d3691420f3a37e40f 2268 
dfdatetime_20180324-1.debian.tar.xz
 3409d72d6e08bdec786a9b9fab315e9010f5b43129d1948f0ade8c1c2368c639 6976 
dfdatetime_20180324-1_source.buildinfo
Files:
 0c6398b6f2381c720c96ebb0d3fd3d2d 2135 python optional dfdatetime_20180324-1.dsc
 57735f87512cc2f0ac6a8fd02e6a99f0 46820 python optional 
dfdatetime_20180324.orig.tar.gz
 cdde6479d228d91a2de065d81aed08b1 2268 python optional 
dfdatetime_20180324-1.debian.tar.xz
 8430f9c7fab3639142d1becee2574f24 6976 python optional 
dfdatetime_20180324-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlq7nnAACgkQdbcQY1wh
On6IUxAAvoIrjjNQhWJE68vSaakT/sj4EFwjw77UapjAZv11cpBucjwigCnrAagz
xQyIRZ2wCuA8Yj0gZzo24Nc/z/ijJvFtwK4tFcHVRHX4QFzbSPcXvW5x/elPvUbk
JyiTfcz2EqQM8hO2Pqv7aaWONtOZddTUYtZDvx+Emtx1H0hCcTHRwDg2AkpW/Zn1
WiwIBEULcmOXZtQkV9cW7F4QbfDQSU8AsAkPPRdpJlqth+gvu6elRcYvLSPHiprE
Dq39sjs1HsiHnbtonK7Chj5viZFNyj6QMvFzDi9OV3+cjeTRs1BbVsKaBxDeiJoj
DkujxUGocjvP7dbldlEaGyI5TFj3W/1DIOw4dXk8y1uuv7PeFTRC+LazTjWwORTj
8XDxboUOEhs8Kj+8LVT9FkbZ6CqKhZa7ZX/vISVZvVq9GGvMHo8K5iSnTXFdwN1+
BMUDqcfEHUenccKdDFSe1QS+crzRx54VFAU7SUyYl2yQBGv5ebISE8Oq/FmsyOvH
BC5b11R7lyQHZ2QgEEIARGAfvonGAXLGYY1t/UT6e6n5MA7W6AIpFl46BagC71UX
LJ/7hmwAXv/bq+PM9cms5nFtCYIcg1Bn+7PoClf4k0GDlRZDItb/fXF7fPn1dBUX
CpYW3tQxr7Moq9plnodlqkik5/VUYafAjXLKkPSUVQVX/nN1qIo=
=MARh
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted libevt 20180317-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 27 Mar 2018 20:57:24 +0200
Source: libevt
Binary: libevt-dev libevt1 libevt-utils python-libevt python3-libevt
Architecture: source
Version: 20180317-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools <team+pkg-secur...@tracker.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 libevt-dev - Windows Event Log (EVT) format access library -- development file
 libevt-utils - Windows Event Log (EVT) format access library -- Utilities
 libevt1- Windows Event Log (EVT) format access library
 python-libevt - Windows Event Log (EVT) format access library -- Python 2 
binding
 python3-libevt - Windows Event Log (EVT) format access library -- Python 3 
binding
Closes: 893431
Changes:
 libevt (20180317-1) unstable; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Update team maintainer address to Debian Security Tools
 <team+pkg-secur...@tracker.debian.org>
   * Update Vcs-Git and Vcs-Browser for the move to salsa.debian.org
 .
   [ Hilko Bengen ]
   * New upstream version 20180317
 - Includes fix for CVE-2018-8754 (Closes: #893431)
   * Update .symbols
Checksums-Sha1:
 ab43dad946fd85b70c0d435cb8971c74ece551a9 2195 libevt_20180317-1.dsc
 b5611c8438a00ee735c97928ef2493c764df50c2 1862295 libevt_20180317.orig.tar.gz
 a52b244604c70a8689ef47129d99da63ca252d91 3072 libevt_20180317-1.debian.tar.xz
 577875bae77294eca924a033e74ce8c0802d3dbc 7072 
libevt_20180317-1_source.buildinfo
Checksums-Sha256:
 624ebb4c4b084e5f4c4d068837372909f36d7636b1da7b8ea1c21f8b3d01360d 2195 
libevt_20180317-1.dsc
 c9a6e4fee80e1a30d27d98f1590e82e470c1f999c679aa5b6c55e40e24da9f91 1862295 
libevt_20180317.orig.tar.gz
 c95966f59ff763f9c4a78598952573e0d3638881484d5f94d4f8af4d66efc1e3 3072 
libevt_20180317-1.debian.tar.xz
 b2a8b006c62527f570e47e2759aa8a2552b642aada8f64ed0687364e8581a15a 7072 
libevt_20180317-1_source.buildinfo
Files:
 3eeb53d228570c11ac3e5dccb377b079 2195 libs optional libevt_20180317-1.dsc
 457ffb9014c7358202ba18399c6b402e 1862295 libs optional 
libevt_20180317.orig.tar.gz
 53686160acf6656d774a435cec80ede5 3072 libs optional 
libevt_20180317-1.debian.tar.xz
 eaad5546c4bc521ff2103ed127f2717a 7072 libs optional 
libevt_20180317-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlq6lcMACgkQdbcQY1wh
On4H3g/+PeEbfU0GJV2alNbKB+NvXEx261CI9nyNBVeY09fLPfzu0Z0XhMOglUJF
66RFZg+JD8mnouj0yu9qIINBpjlox2E0LCAGm1/cyhbd4pekkSCZABMsd3aFn37w
pxnxiBd8u8eu2yu5LdSsrJwwUla9vPtleVx2ERu0I3X6DV5fVtSsCgn5nSkJl70e
iwbPSV4Z6VeptynCy9pamsygtXJAqemOLkll9BUECkXr97Qvs0qh4DIvZ1YT2UXa
0Xo0Url66Z+XXECZzyAnGGo9/piIZN6pbwz4psI9BWd84M/sOhJO7UNNx5DlbdaU
KgSTktQId6e7lx8OlIDl+hPgk246p6jUPPEZqUk8wXcr0/4CtumLcgftPxPHhHU0
ZMENAkCoRbdSlgOYD59EnQuj+zbZLTiixB4InONxA9L4iHyu8Fe8Id7qD+x0YpeY
YrT1fQU5amqeEkO7sAxyIDbPu0Bnki+C1SdnSd8FiUFrHwTqdqgb8ltcNwZb8RtM
f9+bCZ6h22lbNEdNUAdXXr1o6KDxetCmF7PPzeyndHQ36daY/yndoctRcupWOmcd
wavmXL7W5Q9lvLq9/eVV86KtIeTw7tlXZT4/MdR2snGM1hNNXs2VDCZ1ch/Bv6dm
eJXdf9/EvSyDiiQ2b726RmvcZrhC9J8BfZ7pC34mN7ZP9e2a5t4=
=2N9I
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted libvhdi 20160424-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 12 Dec 2017 10:31:06 +0100
Source: libvhdi
Binary: libvhdi-dev libvhdi1 libvhdi-dbg libvhdi-utils python-libvhdi 
python3-libvhdi
Architecture: source
Version: 20160424-1+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian Forensics <forensics-devel@lists.alioth.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 libvhdi-dbg - Virtual Hard Disk image format access library -- debug symbols
 libvhdi-dev - Virtual Hard Disk image format access library -- development file
 libvhdi-utils - Virtual Hard Disk image format access library -- Utilities
 libvhdi1   - Virtual Hard Disk image format access library
 python-libvhdi - Virtual Hard Disk image format access library -- Python 2 
binding
 python3-libvhdi - Virtual Hard Disk image format access library -- Python 3 
binding
Closes: 867409 867610
Changes:
 libvhdi (20160424-1+deb9u1) stretch; urgency=medium
 .
   * Add mising Python3 dependency, thanks to Adrian Bunk, Scott Kitterman
 (Closes: #867409, #867610)
Checksums-Sha1:
 1c5ee6b241f8561504ba81badf020e043108 2325 libvhdi_20160424-1+deb9u1.dsc
 04be6ba67d012d4a2bd3b68645cdff6499d0ee5b 2960 
libvhdi_20160424-1+deb9u1.debian.tar.xz
 bcf58aa64f2f65c5843648da9d93eeaa6324ae4b 7049 
libvhdi_20160424-1+deb9u1_source.buildinfo
Checksums-Sha256:
 30ae2d94e5d3ccb7a7186758001238d8044f94790ceff921fe6c3b6c63cb7b91 2325 
libvhdi_20160424-1+deb9u1.dsc
 a554b36e2c10a2e345f2390774993527f3f8c44df7ca85d9f9673fb92a43ad25 2960 
libvhdi_20160424-1+deb9u1.debian.tar.xz
 86114f7f1d62e9c9740b38290c19a90058b9b26d2f50c5301f00f5e2cffd1722 7049 
libvhdi_20160424-1+deb9u1_source.buildinfo
Files:
 66f3bedf0cd3cc95d887afad28b65a91 2325 libs optional 
libvhdi_20160424-1+deb9u1.dsc
 f76cf739c63c33cec27b6efd0d76da95 2960 libs optional 
libvhdi_20160424-1+deb9u1.debian.tar.xz
 2de238b3099703470d94aaa53d5010a8 7049 libs optional 
libvhdi_20160424-1+deb9u1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlozoiIACgkQdbcQY1wh
On7J9Q//RNZmLe6MJT56G9Gm4YY+ybRlD6asxQUK3lXBgIBX+a7cvWNbuM5GxzMt
Im20slWAiooSRH5i8+soYJPbRQFu2cVuCdV+holzRJ8mW8P8TDXEtFmJ3ucTEwir
3TlfMKdgb/E1XZO17Clg7hxTygdePVIw9sEo6YS+0oGRW5J+NBlYHAwCbOJ3IYQq
r28R/p8wtB0xzxteH6Pw7GAMyOEE52QQJptiZuDmmcqTd50cNwjghGkr7vV+O2b2
0T2HIIWzH1jhpb4B4FzIuoGCA94ZeRocXKBi31OEbb/fWmyEehKnXQAEQmF27BGU
s6hzxHl1SDWxB7hfJ++4MqcSgSUnlDszGb5Y6PSEoZ6DHcFwlLkPyZfuSAl0d6Z0
XOjLEKEKjz8xNhfl8tvfCiIC1Ia16qWNKzACxPgpw+OXaIhpM6XrvZLD/pBWCugr
q1wDLiTi+gqPc8HzVwm8OQOO9H/uCHLuYx0PYrHvJmjvrA8veA8Ok4qqxAwIXTqX
SvFlNzo5/cxP2Ru0U40p28+HttyeslSCM97AFG7EbkosvYCKbwADDetB0+HPPopc
R7PKnzbFJtKQW/Z4i9C02JihTlYAaD6h3g6EwWomr8j5wrpdlHGYL44w8AnrO1k6
7p1Tu7t7cIs6gkYxWh585nsMGqSF2WQSy2lA74q2ydG6TwS1hjk=
=fCdU
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted yara 3.7.1-2 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 13 Feb 2018 23:27:11 +0100
Source: yara
Binary: yara libyara3 libyara-dev yara-doc
Architecture: source
Version: 3.7.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Forensics <forensics-devel@lists.alioth.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 libyara-dev - YARA development libraries and headers
 libyara3   - YARA shared library
 yara   - Pattern matching swiss knife for malware researchers
 yara-doc   - HTML documentation for YARA
Closes: 869777
Changes:
 yara (3.7.1-2) unstable; urgency=medium
 .
   * Fix unaligned access that leads to failing tests. Thanks to Matthias
 Klose for the patch. (Closes: #869777)
Checksums-Sha1:
 b3a2ddee28377f924fec10ee9cfd14b1e149280f 2104 yara_3.7.1-2.dsc
 d692dac21def535b4e0beb949cb01d8852dfe109 7880 yara_3.7.1-2.debian.tar.xz
 eb6fc1a98b22b0079b51eff9120abe733d38 4086 yara_3.7.1-2_source.buildinfo
Checksums-Sha256:
 390adba34dc539b856274c4bbc7b37aec58840b7e95916b59f13fbc3a791653f 2104 
yara_3.7.1-2.dsc
 447439a9f1fca3801a2d9a58cd73becce14494505b4efdf1ae5e227c08050856 7880 
yara_3.7.1-2.debian.tar.xz
 f0a819fbddfed093969ea004bd8fb19bb31e5b230d76f777cdddfd3cfef98dc8 4086 
yara_3.7.1-2_source.buildinfo
Files:
 48d13e68da13d529d5445f5846600b34 2104 utils optional yara_3.7.1-2.dsc
 8092dc8cd711d584ac33d6c0bef0c041 7880 utils optional yara_3.7.1-2.debian.tar.xz
 263a8aaf96c8533d9a791d722e2c3520 4086 utils optional 
yara_3.7.1-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlqDcCwACgkQdbcQY1wh
On5dsRAAk/Yu/5uTfJ8dcN4/UvOV9Dswd2WCD+aZrgTeKfrqnI/wvUyTYiphAnY8
a4AOxou/JOOcPCsUvHGNa3HNW0uG7e+YXOX9bHgZquKfGlWjiozeG0uRUXzXtOpT
zNscmgPLhBL2obxT/nX8LnTK3w+xlm32Uw77Rmd9/I6kEY6Q+h80BqeWGJv9AhC6
DTwDJbyB6/YqHXcHW0aEw9H9Uqt+G4VTGKHRWNjmdsnaeyPV8XIWItJDle3zWQ1d
qGx/AdPeyQhBzeS8KuiAokQ7R9sTL0soqiy49vSMIGkF4Z34XHkg/345WWCnJNjZ
zlQMmpiPCXH5NgyxGbefxkpDtI7uwChAKX5kRKrQQ756uGRF+YqmehqJIL8F60Gs
ZUYpojdHk7lDJ+zrTDpFTgm35Tr4pQFXMB5GPyfEjyFhe6Kh4o3IoQT099dlWqmL
U1J2I+stVF9OnuDdz9FDlZNwGja/OOvc3UaLAkMSRpuw8NFiM/KNslUcSQZZpF34
vEcpVFrYY2htTjDJHl9BQqJMlEg5JpStQkptfCsnJugH7oRxnIYA7R17leK7oEIE
6rPnA9pPbpj3Y/t0kbLSf6se4cCsjkMvQ+ZEVoczyfKTiZEN/qxslu+nNVD+zQrF
UwyZgiZK6x/dGn3ighsMzf5Jcxx5oeNs2HD/zQYU4xZjG93eoSk=
=kLY6
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Accepted libsmraw 20180123-1 (source) into unstable

[Hilko Bengen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 07 Feb 2018 00:41:19 +0100
Source: libsmraw
Binary: libsmraw-dev libsmraw1 libsmraw-utils python-libsmraw python3-libsmraw
Architecture: source
Version: 20180123-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Forensics <forensics-devel@lists.alioth.debian.org>
Changed-By: Hilko Bengen <ben...@debian.org>
Description:
 libsmraw-dev - split RAW image format access library -- development files
 libsmraw-utils - split RAW image format access library -- Utilities
 libsmraw1  - split RAW image format access library
 python-libsmraw - split RAW image format access library -- Python 2 bindings
 python3-libsmraw - split RAW image format access library -- Python 3 bindings
Changes:
 libsmraw (20180123-1) unstable; urgency=medium
 .
   * New upstream version 20180123
   * Bump Standards-Version
Checksums-Sha1:
 7fc76e58a84aaa7c2c325953fc4075fa648ba5cf 2257 libsmraw_20180123-1.dsc
 f22ba7ef78dd3b08df56ed69deaff77ccc2b2fc2 1558801 libsmraw_20180123.orig.tar.gz
 004d157bbddfa313c5dbcc4b30ba607571f26713 3144 libsmraw_20180123-1.debian.tar.xz
 460dba4839111f1e40331126e1061e7604308fac 7058 
libsmraw_20180123-1_source.buildinfo
Checksums-Sha256:
 e6a8acfe88acb37af994616275d103292ece10d9279c72db939ee1d6aca50095 2257 
libsmraw_20180123-1.dsc
 66a3027f3b218df1c9e172c549492b24e60de1b350c0785cabf33c270e67419c 1558801 
libsmraw_20180123.orig.tar.gz
 eb151ba90276e88a6daeb317a21ed2cce64edced97b1338176b023bb4614ca03 3144 
libsmraw_20180123-1.debian.tar.xz
 b6bb5add26778c11996151e02ad7c19651e225411f80292162f63a8d5aee0c8e 7058 
libsmraw_20180123-1_source.buildinfo
Files:
 2d524e52ccb29efeb34644ec00310e13 2257 libs optional libsmraw_20180123-1.dsc
 de1f131af012e001007893fd813d8d0e 1558801 libs optional 
libsmraw_20180123.orig.tar.gz
 00318e9e1bdb8cf155085d456af41f6e 3144 libs optional 
libsmraw_20180123-1.debian.tar.xz
 69277dd5a57b8fd603613aa12bbe84cd 7058 libs optional 
libsmraw_20180123-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlp6PTgACgkQdbcQY1wh
On7JFxAAmvQcQA7yLSRMplQkd50hSGg01HbljxV0hy2IluGfEXUFb8lauGQay+Pq
xAvhEjTecS//qEdxWB3Zmx48B1eBijGlPT8cHdvK5WCpZ27AzbckgEzuItaqwd05
zqPqC5JMJxXaHLjqQ+STYlkN9IWGxMB/TI93yDs7kytmsZ4WEraRYAc9Li5WAAuU
YkS/JWRtoS9BOlVfLlk8NOIS6uczT6bv6RSqe4zk7B6ay5wp7bAVic8noC2tDNDD
tIS7U9cYbo5KIUrun+mvmmG72vn2JAMPRscsRbwqO0Y97mUlI2ZDiEfxeNtQnVw8
Bq3IOdDm76Gz3qzFjv/F0sfjsxlLOu0bRCZfqaLBY6e078Uau6HlvsXeqK/2cHbr
GaY67wFC5XJ3GdKVF6Aa/z0BdXhaA3OXcYIktsJcw0+4qPoL8UqUQ9piHVMQz1Cc
3x92pIE1ESYgiJbAlcsHETxBEtvY8Hkw6LkuPh1+MuCggPZYMemH1xiaOZHXTLmc
pH6YrUwVPHrE2VIe7uXNhCD4FhfVCD68eV4DhpysqZ0AduDbZ0w4F3uO8nmrjdOg
Pp2M3oitG0UFQnQzXkU1Ter/U8NacLyO6nl2oipTii9S2dgzpoew25YnxjFmJO37
wYA5HIoiF5YHaeSvR+DcsPgDybJcXevkkAtmYsxy0oZnQphQMg0=
=MWW9
-END PGP SIGNATURE-


___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#884830: grr: New version 3.2.1.1 available

[Hilko Bengen]

Source: grr
Severity: normal

A new version of GRR is available and it requires a lot of new build
dependencies for the web frontend that will be tracked using this bug.
Those are Gulp plugins plus dependencies and some Javascript plugins.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#882538: jpeg-6b-steg/configure in outguess can be removed

[Hilko Bengen]

Control: tag -1 patch

Hi,

the configure file can be removed if the Makefile.in is patched to use
the existing makefile.unix to build the patched JPEG sources.

diff --git a/Makefile.in b/Makefile.in
index c911a5a..88a5717 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -45,7 +45,7 @@ extract: outguess
ln -sf outguess $@
 
 $(JPEGDEP):
-   cd $(JPEGDIR); $(MAKE) libjpeg.a
+   cd $(JPEGDIR); $(MAKE) -f makefile.unix CFLAGS=-DHAVE_STDC_HEADERS 
libjpeg.a
 
 install: all
$(INSTALL_PROG) -m 755 outguess $(install_prefix)$(bindir)

By the way, There *are* a few other packages that embed an old copy of
libjpeg with this specific configure file and without source: Search for
ijg_cv_have_prototypes on codesearch.debian.net.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#881783: libesedb: FTBFS on hurd-i386: PATH_MAX undeclared

[Hilko Bengen]

* Aaron M. Ucko:

> Builds of libesedb for hurd-i386 (admittedly not a release
> architecture) have been failing:
>
>   libcpath_path.c:487:45: error: 'PATH_MAX' undeclared (first use in this 
> function); did you mean 'INT8_MAX'?
>
> The Hurd famously has no static PATH_MAX.  Best practice is to
> allocate path buffers dynamically based on what you actually
> encounter, but if that's not convenient, you can look up _PC_PATH_MAX
> via pathconf or define a fallback constant (traditionally 4096).

I will accept patches. :-)

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#873374: libtsk13 4.4.2-1 crash in the dfvfs test suite

[Hilko Bengen]

* Eriberto Mota:

> Control: reassign 873374 python-tsk
>
> After a conversation with upstream[1] and several tests, I can confirm
> the problem is being caused by python-tsk package. Rebuilding the
> package will solve the problem.

Thank you for doing the testing and getting to the root of this!

I must say that I am a bit surprised that this has become a problem, I
was not expecting there to be ABI breakage.

I'll have to figure out how to statically link libtsk and do the upload.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#853374: Fixed in 0.7.1

[Hilko Bengen]

Control: tag -1 fixed-upstream

Hi,

the package can be updated to upstream version 0.7.1 which no longer has
the FTBFS problem with GCC 7.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#867610: python3-libvhdi: Missing python3 interpreter depends

[Hilko Bengen]

Hi Scott,

I have just uploaded a fixed package, but a question remains:

> As an added bonus, it would be nice if you could build python3-libvhdi
> for all supported python3 versions and not just the default. This
> eases python3 transitions considerably.

At some point I thought that building with all available Python versions
was no longer necessary with Python3 due to some ABI stability
guarantees...

Do I really need to rebuild the package or is there some dh_python magic
that edits the resulting pyvhdi.*.so file(s)?

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#859821: CVE-2017-5923 CVE-2017-5924 CVE-2016-10210 CVE-2016-10211

[Hilko Bengen]

Control: found -1 3.1.0-2

The bugs are present in the package present in jessie, too. The same
four patches can be applied there straight away. Preparing a fixed
package right now.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#852922: dfvfs: FTBFS: Test failures

[Hilko Bengen]

* Lucas Nussbaum:

> Source: dfvfs
> Version: 20160918-1
> Severity: serious
> Tags: stretch sid
> User: debian...@lists.debian.org
> Usertags: qa-ftbfs-20170128 qa-ftbfs
> Justification: FTBFS on amd64
>
> Hi,
>
> During a rebuild of all packages in sid, your package failed to build on
> amd64.

It looks like this happened because of the recent upload of a new
upstream version of construct, in which upstream entirely broke the API.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#852881: dfwinreg: FTBFS: Test failures

[Hilko Bengen]

* Lucas Nussbaum:

> Source: dfwinreg
> Version: 20160428-1
> Severity: serious
> Tags: stretch sid
> User: debian...@lists.debian.org
> Usertags: qa-ftbfs-20170128 qa-ftbfs
> Justification: FTBFS on amd64
>
> Hi,
>
> During a rebuild of all packages in sid, your package failed to build on
> amd64.

It looks like this happened because of the recent upload of a new
upstream version of construct, in which upstream entirely broke the API.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#850828: New .symbols file

[Hilko Bengen]

Hi Eriberto,

> Ok. I can see the problem here. However, I can't have time (because
> the freeze stage) to do tests (I need tests to understand better the
> process to split these symbols, uploading to experimental before
> unstable). So, I think that the best way is remove all optional
> entries and improve it after freeze. I will start to package the 4.4
> upstream version now.

I suggest uploading 4.4 as it is now and fixing the .symbols file once
it has migrated to testing. I think that getting a freeze exception even
after Feb 5 for the .symbols fix should be doable.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#850828: New .symbols file

[Hilko Bengen]

Hi Eriberto,

I see that you have simply marked many symbols optional instead of
splitting the .symbols file. Please reconsider that decision.

You approach works in the sense that the package no longer fails to
build on architectures where not all defined symbols aren't present.
However, there are few subtle problems with this. On 32bit
architectures, many symbols that are not defined in the .symbols file
get added automatically. Those symbols are then annotated with the wrong
default version number.

Example from the current i386 build log[1]:

While a symbol is removed without causing an error because it has been
declared optional, another symbol for the equivalent function is added,
but with a different version number:

- (optional|c++)"TskDbSqlite::getFsInfos(long, std::vector<_TSK_DB_FS_INFO, 
std::allocator<_TSK_DB_FS_INFO> >&)@Base" 4.3.0
  [...]
+ _ZN11TskDbSqlite10getFsInfosExRSt6vectorI15_TSK_DB_FS_INFOSaIS1_EE@Base 4.3.1

This is the demangled version of the added symbol:

TskDbSqlite::getFsInfos(long long, std::vector<_TSK_DB_FS_INFO, 
std::allocator<_TSK_DB_FS_INFO> >&)@Base

The second symbol represents the same function as the first; on 32bit
architectures the C++ compiler (or rather the preprocessor) replaces the
first argument type "int64_t" with "long long" instead of "long" ... and
thus name mangling produces a different symbol.

The version number is important because dpkg-shlibdeps uses it to infer
the automatic dependencies it generates for ${shlibs:Depends}. Building
a different package that uses only a subset of the libtsk functions
would get a "libtsk13 (>= 4.3.0)" dependency on some architectures while
the same package might get a "libtsk13 (>= 4.3.1)" dependency on other
architectures. This is clearly broken.

Normally, the added version number would even contain the Debian
revision which would get marked as an error by Lintian for half of the
architectures. This does not happen because you added an override for
the version number (override_dh_makeshlibs), thereby hiding the actual
problem.

Cheers,
-Hilko

[1] 
https://buildd.debian.org/status/fetch.php?pkg=sleuthkit=i386=4.3.1-5=1484596774=0

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#850828: New .symbols file

[Hilko Bengen]

Eriberto,

please take a look at the commit I pushed to
https://anonscm.debian.org/git/forensics/sleuthkit.git, specifically
19ed029000b71d6900368294130c4c919aff369d. I have split the .symbols file
into three files (common, 32bit, 64bit) and made a few classes of
symbols optional.

Cheers,
-Hilko



libtsk13.symbols
Description: Binary data


libtsk13.symbols.32bit
Description: Binary data


libtsk13.symbols.64bit
Description: Binary data
___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Proper fix for #850828

[Hilko Bengen]

Hi Eriberto,

I have pushed a proper fix for #850828 which gets rid of all those
mangled C++ symbols and takes 32 and 64 bit architectures into account.
Is it okay for me to upload?

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#850828: New .symbols file

[Hilko Bengen]

control: tag -1 patch

Hi,

here is a .symbols file for which I have replaced the mangled C++
symbols with their unmangled versions. I have also added a couple of new
symbols, assuming that they have been added in 4.3.0 (not 4.3.1).

Cheers,
-Hilko
libtsk.so.13 libtsk13 #MINVER#
 TSK_MD5_Final@Base 4.2.0
 TSK_MD5_Init@Base 4.2.0
 TSK_MD5_Update@Base 4.2.0
 TSK_SHA_Final@Base 4.2.0
 TSK_SHA_Init@Base 4.2.0
 TSK_SHA_Update@Base 4.2.0
 (c++)"Guid::Guid()@Base" 4.3.0
 (c++)"Guid::Guid(Guid const&)@Base" 4.3.0
 (c++)"Guid::Guid(std::__cxx11::basic_string const&)@Base" 4.3.0
 (c++)"Guid::Guid(std::vector > 
const&)@Base" 4.3.0
 (c++)"Guid::Guid(unsigned char const*)@Base" 4.3.0
 (c++)"Guid::operator=(Guid const&)@Base" 4.3.0
 (c++)"Guid::operator==(Guid const&) const@Base" 4.3.0
 (c++)"Guid::operator!=(Guid const&) const@Base" 4.3.0
 (c++)"hexDigitToChar(char)@Base" 4.3.0
 (c++)"hexPairToChar(char, char)@Base" 4.3.0
 (c++)"operator<<(std::basic_ostream&, 
_TSK_DB_FILE_LAYOUT_RANGE const&)@Base" 4.2.0
 (c++)"operator<<(std::basic_ostream&, 
_TSK_DB_FS_INFO const&)@Base" 4.2.0
 (c++)"operator<<(std::basic_ostream&, 
_TSK_DB_OBJECT const&)@Base" 4.2.0
 (c++)"operator<<(std::basic_ostream&, 
_TSK_DB_VS_INFO const&)@Base" 4.2.0
 (c++)"operator<<(std::basic_ostream&, 
_TSK_DB_VS_PART_INFO const&)@Base" 4.2.0
 (c++)"TskAuto::closeImage()@Base" 4.2.0
 (c++)"TskAutoDb::addFilesInImgToDb()@Base" 4.2.0
 (c++)"TskAutoDb::addFsInfoUnalloc(_TSK_DB_FS_INFO const&)@Base" 4.2.0
 (c++)"TskAutoDb::addImageDetails(char const* const*, int, char const*)@Base" 
4.3.0
 (c++)"TskAutoDb::addUnallocFsSpaceToDb(unsigned long&)@Base" 4.3.0
 (c++)"TskAutoDb::addUnallocImageSpaceToDb()@Base" 4.2.0
 (c++)"TskAutoDb::addUnallocSpaceToDb()@Base" 4.2.0
 (c++)"TskAutoDb::addUnallocVsSpaceToDb(unsigned long&)@Base" 4.3.0
 (c++)"TskAutoDb::closeImage()@Base" 4.2.0
 (c++)"TskAutoDb::commitAddImage()@Base" 4.2.0
 (c++)"TskAutoDb::createBlockMap(bool)@Base" 4.2.0
 (c++)"TskAutoDb::filterFs(TSK_FS_INFO*)@Base" 4.2.0
 (c++)"TskAutoDb::filterVol(TSK_VS_PART_INFO const*)@Base" 4.2.0
 (c++)"TskAutoDb::filterVs(TSK_VS_INFO const*)@Base" 4.2.0
 (c++)"TskAutoDb::fsWalkUnallocBlocksCb(TSK_FS_BLOCK const*, void*)@Base" 4.2.0
 (c++)"TskAutoDb::getCurDir[abi:cxx11]()@Base" 4.2.0
 (c++)"TskAutoDb::hashFiles(bool)@Base" 4.2.0
 (c++)"TskAutoDb::insertFileData(TSK_FS_FILE*, TSK_FS_ATTR const*, char const*, 
unsigned char const*, TSK_DB_FILES_KNOWN_ENUM)@Base" 4.2.0
 (c++)"TskAutoDb::isDbOpen()@Base" 4.3.0
 (c++)"TskAutoDb::md5HashAttr(unsigned char*, TSK_FS_ATTR const*)@Base" 4.2.0
 (c++)"TskAutoDb::md5HashCallback(TSK_FS_FILE*, long, unsigned long, char*, 
unsigned long, TSK_FS_BLOCK_FLAG_ENUM, void*)@Base" 4.3.0
 (c++)"TskAutoDb::openImage(int, char const* const*, TSK_IMG_TYPE_ENUM, 
unsigned int, char const*)@Base" 4.3.0
 (c++)"TskAutoDb::openImageUtf8(int, char const* const*, TSK_IMG_TYPE_ENUM, 
unsigned int, char const*)@Base" 4.3.0
 (c++)"TskAutoDb::processAttribute(TSK_FS_FILE*, TSK_FS_ATTR const*, char 
const*)@Base" 4.2.0
 (c++)"TskAutoDb::processFile(TSK_FS_FILE*, char const*)@Base" 4.2.0
 (c++)"TskAutoDb::revertAddImage()@Base" 4.2.0
 (c++)"TskAutoDb::setAddUnallocSpace(bool)@Base" 4.2.0
 (c++)"TskAutoDb::setAddUnallocSpace(bool, long)@Base" 4.3.0
 (c++)"TskAutoDb::setNoFatFsOrphans(bool)@Base" 4.2.0
 (c++)"TskAutoDb::setTz(std::__cxx11::basic_string)@Base" 4.2.0
 (c++)"TskAutoDb::startAddImage(int, char const* const*, TSK_IMG_TYPE_ENUM, 
unsigned int, char const*)@Base" 4.3.0
 (c++)"TskAutoDb::stopAddImage()@Base" 4.2.0
 (c++)"TskAutoDb::~TskAutoDb()@Base" 4.2.0
 (c++)"TskAutoDb::TskAutoDb(TskDb*, TSK_HDB_INFO*, TSK_HDB_INFO*)@Base" 4.3.0
 (c++)"TskAuto::dirWalkCb(TSK_FS_FILE*, char const*, void*)@Base" 4.2.0
 (c++)"TskAuto::error_record::~error_record()@Base" 4.2.0
 (c++)"TskAuto::errorRecordToString[abi:cxx11](TskAuto::error_record&)@Base" 
4.2.0
 (c++)"TskAuto::filterFs(TSK_FS_INFO*)@Base" 4.2.0
 (c++)"TskAuto::filterVol(TSK_VS_PART_INFO const*)@Base" 4.2.0
 (c++)"TskAuto::filterVs(TSK_VS_INFO const*)@Base" 4.2.0
 (c++)"TskAuto::findFilesInFsInt(TSK_FS_INFO*, unsigned long)@Base" 4.3.0
 (c++)"TskAuto::findFilesInFs(long)@Base" 4.3.0
 (c++)"TskAuto::findFilesInFs(long, TSK_FS_TYPE_ENUM)@Base" 4.3.0
 (c++)"TskAuto::findFilesInFs(long, TSK_FS_TYPE_ENUM, unsigned long)@Base" 4.3.0
 (c++)"TskAuto::findFilesInFs(long, unsigned long)@Base" 4.3.0
 (c++)"TskAuto::findFilesInFsRet(long, TSK_FS_TYPE_ENUM)@Base" 4.3.0
 (c++)"TskAuto::findFilesInFs(TSK_FS_INFO*)@Base" 4.2.0
 (c++)"TskAuto::findFilesInImg()@Base" 4.2.0
 (c++)"TskAuto::findFilesInVs(long)@Base" 4.3.0
 (c++)"TskAuto::findFilesInVs(long, TSK_VS_TYPE_ENUM)@Base" 4.3.0
 (c++)"TskAuto::getCurVsPartDescr[abi:cxx11]() const@Base" 4.2.0
 (c++)"TskAuto::getCurVsPartFlag() const@Base" 4.2.0
 

Bug#838846: RFP: python-efilter -- EFILTER query language

[Hilko Bengen]

Control: block 838839 by -1
Package: wnpp
Severity: wishlist

* Package name: python-efilter
  Version : 1.5
  Upstream Author : Google Inc.
* URL or Web page : https://pypi.python.org/pypi/efilter
* License : Apache 2
  Description : EFILTER query language

python-efilter is a dependency of rekall.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#838841: RFP: python-intervaltree -- A mutable, self-balancing interval tree

[Hilko Bengen]

Control: block 838839 by -1
Package: wnpp
Severity: wishlist

* Package name: python-intervaltree
  Version : 2.1.0
  Upstream Author : Chaim-Leib Halbert, Konstantin Tretyakov
* URL or Web page : https://pypi.python.org/pypi/intervaltree
* License : Apache 2
  Description : A mutable, self-balancing interval tree

python-intervaltree is a dependency of rekall.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#838843: RFP: python-acora -- a fast multi-keyword text search engine

[Hilko Bengen]

Control: block 838839 by -1
Package: wnpp
Severity: wishlist

* Package name: python-acora
  Version : 2.0
  Upstream Author : Stefan Behnel
* URL or Web page : https://pypi.python.org/pypi/acora
* License : BSD-3-clause
  Description : a fast multi-keyword text search engine

python-acora is a dependency of rekall.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#838840: RFP: aff4 -- The Advanced Forensics File Format

[Hilko Bengen]

Control: block 838839 by -1
Package: wnpp
Severity: wishlist

* Package name: aff4
  Version : 0.23
  Upstream Author : Michael Cohen
* URL or Web page : http://www.rekall-forensic.com
* License : Apache 2
  Description : The Advanced Forensics File Format

aff4 is a dependency of rekall.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#838839: RFP: rekall -- Memory forensic framework

[Hilko Bengen]

Package: wnpp
Severity: wishlist

* Package name: rekall
  Version : 1.5.3
  Upstream Author : Volatile Systems, Google Inc.
* URL or Web page : http://www.rekall-forensic.com
* License : GPLv2
  Description : Memory forensic framework

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#835994: ITP: dfwinreg -- Digital Forensics Windows Registry library

[Hilko Bengen]

Package: wnpp
Owner: Hilko Bengen <ben...@debian.org>
Severity: wishlist

* Package name: dfwinreg
  Version : 20160428
  Upstream Author : The dfWinReg development team
* URL or Web page : https://github.com/log2timeline/dfwinreg
* License : Apache 2.0
  Description : Digital Forensics Windows Registry library

dfwinreg is a dependency for Plaso as of version 1.5.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#833577: ITP: libfvde -- library to access FileVault Drive Encryption (FVDE) (or FileVault2) encrypted volumes

[Hilko Bengen]

Package: wnpp
Owner: Hilko Bengen <ben...@debian.org>
Severity: wishlist

* Package name: libfvde
  Version : 20160801
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libfvde
* License : LGPL-3.0+
  Description : library to access FileVault Drive Encryption (FVDE) (or 
FileVault2) encrypted volumes

libfvde is a dependency for recent dfvfs versions (and thus Plaso).

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#828614: yara: FTBFS with openssl 1.1.0

[Hilko Bengen]

* Kurt Roeckx:

>> 2. i2c_ASN1_INTEGER() is no longer available outside the OpenSSL code
>>base. What am I supposed to use instead? (What is this "context
>>encoding", anyway?)
>
> I think you mean "content".  

Yes.

> I didn't really look all that close at the asn1 stuff, but from what I
> understand it's contains the content bytes in asn1 format, and it's
> probably not something you want to do and you want to do. Can you
> point me to the code.

https://github.com/VirusTotal/yara/blob/master/libyara/modules/pe.c#L1276

Am I correct in assuming that since the X509 certificates' serial
numbers are stored in DER, one should just use i2d_ASN1_INTEGER()
instead?

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#828614: yara: FTBFS with openssl 1.1.0

[Hilko Bengen]

* Kurt Roeckx:

>> crypto.h seems to have:
>> # if OPENSSL_API_COMPAT < 0x1010L
>> [...]
>> #  define CRYPTO_num_locks()(0)
>> #  define CRYPTO_set_locking_callback(func)
>> #  define CRYPTO_get_locking_callback() (NULL)
>> #  define CRYPTO_set_add_lock_callback(func)
>> #  define CRYPTO_get_add_lock_callback()(NULL)
>> 
>> I'll look into why they're inside this #if, I think that #if
>> should just get removed.
>
> When I test it myself, it just works?   It only fails when I
> actually try -DOPENSSL_API_COMPAT=0x1010L

Shouldn't the constants that may be used with the callback function
before 1.1 (CRYPTO_LOCK, CRYPTO_UNLOCK, CRYPTO_READ, CRYPTO_WRITE)
be defined inside the "#if OPENSSL_API_COMPAT < 0x1010L" block?

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#828614: yara: FTBFS with openssl 1.1.0

[Hilko Bengen]

* Kurt Roeckx:

> On Mon, Jun 27, 2016 at 12:46:26AM +0200, Hilko Bengen wrote:
>> control: tag -1 moreinfo
>> 
>> Hi Kurt,
>> 
>> I was able to get the yara build fixed by applying this simple patch:
>> 
>> -  const char* sig_alg = 
>> OBJ_nid2ln(OBJ_obj2nid(cert->sig_alg->algorithm));
>> +  const char* sig_alg = OBJ_nid2ln(X509_get_signature_nid(cert));
>> 
>> However, since I don't really know a lot about OpenSSL's internals, I'm
>> not sure if the fix is actually correct.
>
> Yes, that looks correct.

I have some more questions:

YARA upstream has added some things, leading to further breakage with
OpenSSL 1.1:

1. CRYPTO_LOCK is no longer defined, apparently because some locking
   functions have been removed:

   - CRYPTO_num_locks()
   - CRYPTO_set_id_callback()
   - CRYPTO_set_locking_callback()
   - CRYPTO_num_locks()

   What API am I supposed to use instead ... and is it also available
   with previous versions of OpenSSL?

2. i2c_ASN1_INTEGER() is no longer available outside the OpenSSL code
   base. What am I supposed to use instead? (What is this "context
   encoding", anyway?)

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#828614: yara: FTBFS with openssl 1.1.0

[Hilko Bengen]

control: tag -1 moreinfo

Hi Kurt,

I was able to get the yara build fixed by applying this simple patch:

-  const char* sig_alg = OBJ_nid2ln(OBJ_obj2nid(cert->sig_alg->algorithm));
+  const char* sig_alg = OBJ_nid2ln(X509_get_signature_nid(cert));

However, since I don't really know a lot about OpenSSL's internals, I'm
not sure if the fix is actually correct. I have found neither the
OpenSSL manpages nor upstream's wiki page about the API changes to be
particularly helpful.

A document describing to Debian maintainers how they need to change
specific struct accesses would be very helpful.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#813723: ITP: libvslvm -- Linux LVM volume system format access library

[Hilko Bengen]

Package: wnpp
Owner: Hilko Bengen <ben...@debian.org>
Severity: wishlist

* Package name: libvslvm
  Version : 20160110
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libvslvm
* License : LGPL 3.0+
  Description : Linux LVM volume system format access library

Dependency for new version of dfvfs

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#812552: ITP: libfsntfs -- NTFS access library

[Hilko Bengen]

Package: wnpp
Owner: Hilko Bengen <ben...@debian.org>
Severity: wishlist

* Package name: libfsntfs
  Version : 20160108
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libfsntfs
* License : LGPL-3.0+
  Description : NTFS access library

libfsntfs is a dependency for recent versions of dfvfs and Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Team maintenance for plaso and dependencies; jessie backports

[Hilko Bengen]

Hi,

after preparing packages for plaso and dependencies, I'd like to put the
packages into the responsibility of the Debian Forensics team. I have
created git repositories in the appropriate places
(alioth:/git/forensics/$pkg.git) and changed the Maintainer and
Uploaders fields accordingly.

These are the affected packages.

- plaso (still waiting in NEW)
- dfvfs (still waiting in NEW)
- binplist
- libbde
- libesedb
- libevt
- libevtx
- libfwsi
- liblnk
- libmsiecf
- libolecf
- libqcow
- libregf
- libsigscan
- libsmdev
- libsmraw
- libvhdi
- libvmdk
- libvshadow
- pytsk

Once the packages have hit testing, I would also like to provide jessie
backports.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#793395: ITP: binplist -- binary property list parser module

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: binplist
  Version : 0.1.5
  Upstream Author : Google Inc
* URL or Web page : https://github.com/libyal/binplist
* License : Apache-2.0
  Description : binary property list parser module

binplist is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792888: ITP: pytsk -- Python Bindings for The Sleuth Kit

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: pytsk
  Version : 20150406
  Upstream Author : Michael Cohen
* URL or Web page : https://code.google.com/p/pytsk/
* License : LGPL-3.0+
  Description : Python Bindings for The Sleuth Kit

pytsk is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792800: src:libewf: Add Python bindings

[Hilko Bengen]

Package: src:libewf
Version: 20140608-5
Severity: normal
Tags: patch
Control: block 792335 by -1

Please add a package with Python bindings, this is needed for Plaso (ITP
bug at #792335).

Thanks,
-Hilko

diff --git a/debian/control b/debian/control
index 7a3a2d5..dda1942 100644
--- a/debian/control
+++ b/debian/control
@@ -15,7 +15,8 @@ Build-Depends: debhelper (= 9),
   libssl-dev,
   flex,
   bison,
-  pkg-config
+  pkg-config,
+  python-dev,
 Standards-Version: 3.9.6
 Homepage: https://github.com/libyal/libewf
 Vcs-Browser: https://anonscm.debian.org/cgit/forensics/libewf.git
@@ -78,3 +79,17 @@ Description: collection of tools for reading and writing EWF 
files
  investigations.
  .
  This package contains tools to acquire, verify and export EWF files.
+
+Package: python-libewf
+Section: python
+Architecture: any
+Depends: libewf2 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, 
${python:Depends}
+Description: support for Expert Witness Compression format -- Python bindings
+ Libewf is a library with support for reading and writing the Expert Witness
+ Compression Format (EWF).
+ This library allows you to read media information of EWF files in the SMART
+ (EWF-S01) format and the EnCase (EWF-E01) format. It supports files created
+ by EnCase 1 to 6, linen and FTK Imager. The libewf is useful for forensics
+ investigations.
+ .
+ This package contains Python bindings for libewf.
diff --git a/debian/python-libewf.install b/debian/python-libewf.install
new file mode 100644
index 000..47e0ed4
--- /dev/null
+++ b/debian/python-libewf.install
@@ -0,0 +1 @@
+/usr/lib/python*
diff --git a/debian/rules b/debian/rules
index 8adfa25..f6088e6 100755
--- a/debian/rules
+++ b/debian/rules
@@ -13,7 +13,7 @@ override_dh_clean:
do rm -f $$filename; done
 
 override_dh_auto_configure:
-   dh_auto_configure -- LDFLAGS=-Wl,--as-needed $(LDFLAGS)
+   dh_auto_configure -- --enable-python LDFLAGS=-Wl,--as-needed 
$(LDFLAGS)
 
 override_dh_strip:
dh_strip --dbg-package=libewf-dbg
@@ -25,7 +25,8 @@ override_dh_install:
find debian/tmp/usr/lib  -name *.la -exec \
sed -i -e s,^dependency_libs=.*,dependency_libs='', {} +
dh_install
+   rm -f debian/python-libewf/usr/lib/python2.7/dist-packages/*.a
 
 %:
-   dh $@  --with autoreconf
+   dh $@  --with autoreconf,python2
 

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792349: ITP: libvshadow -- Volume Shadow Snapshot format access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: libvshadow
  Version : 20150106
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libvshadow
* License : LGPL-3.0+
  Description : Volume Shadow Snapshot format access library

libvshadow is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792347: ITP: libvhdi -- Virtual Hard Disk image format access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: libvhdi
  Version : 20150110
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libvhdi
* License : LGPL-3.0+
  Description : Virtual Hard Disk image format access library

libvhdi is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792340: ITP: liblnk -- Windows Shortcut File format access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: liblnk
  Version : 20150617
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/liblnk
* License : LGPL-3.0+
  Description : Windows Shortcut File format access library

liblnk is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792341: ITP: libmsiecf -- Microsoft Internet Explorer Cache File access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: libmsiecf
  Version : 20150708
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libmsiecf
* License : LGPL-3.0+
  Description : Microsoft Internet Explorer Cache File access library

libmsiecf is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792338: ITP: libevt -- Windows Event Log (EVT) format access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: libevt
  Version : 20150706
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libevt
* License : LGPL-3.0+
  Description : Windows Event Log (EVT) format access library

libevt is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792339: ITP: libfwsi -- Windows Shell Item format access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: libfwsi
  Version : 20150701
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libfwsi
* License : LGPL-3.0+
  Description : Windows Shell Item format access library

libfwsi is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#792345: ITP: libsmdev -- storage media device access library

[Hilko Bengen]

Control: block 792335 by -1
Package: wnpp
Owner: Hilko Bengen ben...@debian.org
Severity: wishlist

* Package name: libsmdev
  Version : 20150105
  Upstream Author : Joachim Metz
* URL or Web page : https://github.com/libyal/libsmdev
* License : LGPL-3.0+
  Description : storage media device access library

libsmdev is a dependency for Plaso.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#734777: yara: Sort how to deal with new ABI in 2.0.0 before testing migration

[Hilko Bengen]

Source: yara
Version: 2.0.0-1
Severity: serious
Tags: pending

The C-level API and ABI have changed between yara 1.7.2 and 2.0.0:

,[ https://github.com/plusvic/yara/blob/master/README.md ]
| The C API provided by libyara has changed. If you're a developer using
| this API you'll need to make some changes to your application in order
| to adapt it to YARA 2.0. But don't worry, it won't be too much work and
| the benefits worth the effort. Users of yara-python are not affected,
| the Python interface remains the same.
`

The package does not reflect this yet, but we are working on it.

Cheers,
-Hilko

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Bug#688510: Patch, NMU

[Hilko Bengen]

tags 688510 +patch +pending
thanks

I have fixed the bug and NMU'd to DELAYED/3.

Cheers,
-Hilko


memdump_1.01-6.1.diff.gz
Description: Binary data
___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel