Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package sleuthkit for openSUSE:Factory checked in at 2023-02-22 15:21:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sleuthkit (Old) and /work/SRC/openSUSE:Factory/.sleuthkit.new.1706 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sleuthkit" Wed Feb 22 15:21:59 2023 rev:30 rq:1067138 version:4.12.0 Changes: -------- --- /work/SRC/openSUSE:Factory/sleuthkit/sleuthkit.changes 2021-06-28 15:33:47.783198322 +0200 +++ /work/SRC/openSUSE:Factory/.sleuthkit.new.1706/sleuthkit.changes 2023-02-22 15:21:59.593999676 +0100 @@ -1,0 +2,36 @@ +Fri Feb 17 22:36:16 UTC 2023 - Greg Freemyer <greg.freem...@gmail.com> + +- update to 4.12.0 + * Add Linux LVM support + * Logical File System support (a folder structure is parsed by TSK libraries) + * Many small fixes +- update to 4.11.1 + * C/C++: + * Several fixes from @joachimmetz + * NTFS Decompression bug fix from @kastonework and @uckelman-sf + * Java: + * Fixed connection leak when making OS Accounts in bridge + * OsAccount updates for instance types and special Windows SIDs + Fixed issue with duplicate value in Japanese timeline translation +- update to 4.11.0 + * C/C++: + * Added checks at various layers to detect encrypted file systems and disks to give more useful error messages. + * Added checks to detect file formats that are not supported (such as AD1, ZIP, etc.) to give more useful error messages. + * Added tsk_imageinfo tool that detects if an image is supported by TSK and if it is encrypted. + * Add numerous bound checks from @joachimmetz + * Clarified licenses as pointed out by @joachimmetz + * Java: + * Updated from Schema 8.6 to 9.1. + * Added tables and classes for OS Accounts and Realms (Domains). + * Added tables and classes for Host Addresses (IP, MAC, etc.). + * Added tables and classes for Analysis Results vs Data Artifacts by adding onto BlackboardArtifacts. + * Added tables and classes for Host and Person to make it easier to group data sources. + * Added static types for standard artifact types. + * Added File Attribute table to allow custom information to be stored for each file. + * Made ordering of getting lock and connection consistent. + * Made the findFile methods more efficient by using extension (which is indexed). + +- add 0001-build-support-libewf-V3.patch to support the experimental release branch of libewf +- add sleuthkit-4.12.0_add-missing-include-file.patch + +------------------------------------------------------------------- Old: ---- sleuthkit-4.10.2.tar.gz New: ---- 0001-build-support-libewf-V3.patch sleuthkit-4.12.0.tar.gz sleuthkit-4.12.0_add-missing-include-file.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sleuthkit.spec ++++++ --- /var/tmp/diff_new_pack.pM2Ajh/_old 2023-02-22 15:22:00.106002580 +0100 +++ /var/tmp/diff_new_pack.pM2Ajh/_new 2023-02-22 15:22:00.114002625 +0100 @@ -1,7 +1,7 @@ # # spec file for package sleuthkit # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,17 +18,23 @@ %define sosuffix 19 Name: sleuthkit -Version: 4.10.2 +Version: 4.12.0 Release: 0 Summary: Tools for file system and volume forensic analysis License: CPL-1.0 AND IPL-1.0 AND GPL-2.0-or-later Group: System/Monitoring URL: https://www.sleuthkit.org/ Source0: https://github.com/%{name}/%{name}/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz +# PATCH-FIX-UPSTREAM upsteam_tarball_left_a_file_out gh#sleuthkit/sleuthkit#642 +Patch1: 0001-build-support-libewf-V3.patch +# PATCH-FIX-UPSTREAM upsteam_tarball_left_a_file_out gh#sleuthkit/sleuthkit#2812 +Patch2: sleuthkit-4.12.0_add-missing-include-file.patch BuildRequires: gcc-c++ #BuildRequires: libtool # libewf - Newer versions are plain BSD (older are BSD with advertising) -BuildRequires: libewf-devel = 20140811 +#BuildRequires: libewf-devel = 20140811 +BuildRequires: libewf-devel +BuildRequires: libbfio-devel BuildRequires: libopenssl-devel BuildRequires: zlib-devel Requires: file @@ -63,7 +69,7 @@ developing applications that use %{name}. %prep -%setup -q +%autosetup -p1 %build export LIBS=' -lpthread -ldl' @@ -168,6 +174,7 @@ %{_bindir}/tsk_gettimes %{_bindir}/tsk_loaddb %{_bindir}/tsk_recover +%{_bindir}/tsk_imageinfo %{_mandir}/man1/tsk_comparedir.1%{?ext_man} %{_mandir}/man1/tsk_gettimes.1%{?ext_man} %{_mandir}/man1/tsk_loaddb.1%{?ext_man} @@ -181,6 +188,7 @@ # CPL and IBM %{_includedir}/tsk/ %{_libdir}/*.so +%{_libdir}/pkgconfig/tsk.pc %{_datadir}/sleuthkit %changelog ++++++ 0001-build-support-libewf-V3.patch ++++++ >From b55196f9da7de4a5bad23bf0051a2d6c6ee7f04d Mon Sep 17 00:00:00 2001 From: Jan Engelhardt <jeng...@inai.de> Date: Tue, 14 Feb 2023 09:14:43 +0000 Subject: [PATCH] build: support libewf V3 References: https://github.com/sleuthkit/sleuthkit/pull/2810 --- tsk/img/ewf.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tsk/img/ewf.cpp b/tsk/img/ewf.cpp index 1dc8c81da..3ae381e6b 100755 --- a/tsk/img/ewf.cpp +++ b/tsk/img/ewf.cpp @@ -67,8 +67,14 @@ ewf_image_read(TSK_IMG_INFO * img_info, TSK_OFF_T offset, char *buf, tsk_take_lock(&(ewf_info->read_lock)); #if defined( HAVE_LIBEWF_V2_API ) +#if LIBEWF_VERSION >= 20160319 + /* V3 API */ + cnt = libewf_handle_read_buffer_at_offset(ewf_info->handle, + buf, len, offset, &ewf_error); +#else cnt = libewf_handle_read_random(ewf_info->handle, buf, len, offset, &ewf_error); +#endif if (cnt < 0) { char *errmsg = NULL; tsk_error_reset(); -- 2.39.1 ++++++ sleuthkit-4.10.2.tar.gz -> sleuthkit-4.12.0.tar.gz ++++++ ++++ 56410 lines of diff (skipped) ++++++ sleuthkit-4.12.0_add-missing-include-file.patch ++++++ Index: sleuthkit-4.12.0/tsk/pool/img_bfio_handle.h =================================================================== --- /dev/null +++ sleuthkit-4.12.0/tsk/pool/img_bfio_handle.h @@ -0,0 +1,89 @@ +/* + * The Sleuth Kit - Image BFIO handle + * + * Copyright (c) 2022 Joachim Metz <joachim.m...@gmail.com> + * + * This software is distributed under the Common Public License 1.0 + */ + +#if !defined( _IMG_BFIO_HANDLE_H ) +#define _IMG_BFIO_HANDLE_H + +#include "tsk/base/tsk_base_i.h" + +#ifdef HAVE_LIBBFIO + +#include <libbfio.h> + +#include "tsk/img/tsk_img.h" + +#if defined( __cplusplus ) +extern "C" { +#endif + +typedef struct img_bfio_handle img_bfio_handle_t; + +struct img_bfio_handle +{ + TSK_IMG_INFO *image; + TSK_OFF_T base_offset; + TSK_OFF_T logical_offset; + int access_flags; +}; + +int img_bfio_handle_initialize( + libbfio_handle_t **handle, + TSK_IMG_INFO *image, + TSK_OFF_T offset, + libbfio_error_t **error ); + +int img_bfio_handle_free( + img_bfio_handle_t **img_bfio_handle, + libbfio_error_t **error ); + +int img_bfio_handle_clone( + img_bfio_handle_t **destination_img_bfio_handle, + img_bfio_handle_t *source_img_bfio_handle, + libbfio_error_t **error ); + +int img_bfio_handle_open( + img_bfio_handle_t *img_bfio_handle, + int access_flags, + libbfio_error_t **error ); + +int img_bfio_handle_close( + img_bfio_handle_t *img_bfio_handle, + libbfio_error_t **error ); + +ssize_t img_bfio_handle_read( + img_bfio_handle_t *img_bfio_handle, + uint8_t *buffer, + size_t size, + libbfio_error_t **error ); + +off64_t img_bfio_handle_seek_offset( + img_bfio_handle_t *img_bfio_handle, + off64_t offset, + int whence, + libbfio_error_t **error ); + +int img_bfio_handle_exists( + img_bfio_handle_t *img_bfio_handle, + libbfio_error_t **error ); + +int img_bfio_handle_is_open( + img_bfio_handle_t *img_bfio_handle, + libbfio_error_t **error ); + +int img_bfio_handle_get_size( + img_bfio_handle_t *img_bfio_handle, + size64_t *size, + libbfio_error_t **error ); + +#if defined( __cplusplus ) +} +#endif + +#endif /* HAVE_LIBBFIO */ + +#endif /* !defined( _IMG_BFIO_HANDLE_H ) */
