Debian Package Tracker
Register | Log in
Subscribe

yara

Pattern matching swiss knife for malware researchers

Choose email to subscribe with

general
  • source: yara (main)
  • version: 4.2.1-1
  • maintainer: Debian Security Tools (DMD)
  • uploaders: Hilko Bengen [DMD]
  • arch: all any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 3.5.0+dfsg-9
  • o-o-bpo: 3.8.1-2~bpo9+1
  • oldstable: 3.9.0-1
  • old-bpo: 4.0.2-1~bpo10+1
  • stable: 4.0.5-1
  • stable-bpo: 4.2.1-1~bpo11+1
  • testing: 4.2.1-1
  • unstable: 4.2.1-1
versioned links
  • 3.5.0+dfsg-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.8.1-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.9.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.0.2-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.0.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.1.3-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.1-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libyara-dev
  • libyara9
  • yara
  • yara-doc
action needed
5 new commits since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 23d177fbe0d58b3ee440a47a6a3ce1df2bc26085
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Apr 26 19:59:25 2022 +0000

    Update standards version to 4.6.0, no changes needed.
    
    Changes-By: lintian-brush
    Fixes: lintian: out-of-date-standards-version
    See-also: https://lintian.debian.org/tags/out-of-date-standards-version.html

commit fd90a407d1e614f0fe6c14931ccf98dad01d34f6
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Apr 26 19:59:17 2022 +0000

    Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.
    
    Changes-By: lintian-brush
    Fixes: lintian: upstream-metadata-file-is-missing
    See-also: https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html
    Fixes: lintian: upstream-metadata-missing-bug-tracking
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-bug-tracking.html
    Fixes: lintian: upstream-metadata-missing-repository
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-repository.html

commit 3f92f88a025e0c1e8f0c902192a7bca18534d121
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Apr 26 19:59:09 2022 +0000

    Bump debhelper from old 12 to 13.
    + debian/rules: Drop --fail-missing argument to dh_missing, which is now the default.
    
    Changes-By: lintian-brush
    Fixes: lintian: package-uses-old-debhelper-compat-version
    See-also: https://lintian.debian.org/tags/package-uses-old-debhelper-compat-version.html

commit 706e81cd2e33bec8994685d6904d38b926b8b713
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Apr 26 19:58:59 2022 +0000

    Use secure copyright file specification URI.
    
    Changes-By: lintian-brush
    Fixes: lintian: insecure-copyright-format-uri
    See-also: https://lintian.debian.org/tags/insecure-copyright-format-uri.html

commit 9b218c911deda605cefcabc0b10e5b926f8f11a0
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Apr 26 19:58:58 2022 +0000

    Trim trailing whitespace.
    
    Changes-By: lintian-brush
    Fixes: lintian: trailing-whitespace
    See-also: https://lintian.debian.org/tags/trailing-whitespace.html
Created: 2022-03-11 Last update: 2022-05-28 05:40
lintian reports 38 warnings normal
Lintian reports 38 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2022-01-01 Last update: 2022-01-01 04:35
2 low-priority security issues in buster low

There are 2 open security issues in buster.

2 issues left for the package maintainer to handle:
  • CVE-2021-3402: (needs triaging) An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4
  • CVE-2021-45429: (needs triaging) A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2022-05-02 06:30
1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2021-45429: (needs triaging) A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-02-08 Last update: 2022-05-02 06:30
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.5.0).
Created: 2019-07-08 Last update: 2022-05-11 23:25
testing migrations
  • This package is part of the ongoing testing transition known as auto-openssl. Please avoid uploads unrelated to this transition, they would likely delay it and require supplementary work from the release managers. On the other hand, if your package has problems preventing it to migrate to testing, please fix them as soon as possible. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
news
[rss feed]
  • [2022-05-02] yara 4.2.1-1 MIGRATED to testing (Debian testing watch)
  • [2022-04-26] Accepted yara 4.2.1-1~bpo11+1 (source) into bullseye-backports (Hilko Bengen)
  • [2022-04-26] Accepted yara 4.2.1-1 (source) into unstable (Hilko Bengen)
  • [2022-03-31] Accepted yara 4.2.0-3~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Hilko Bengen)
  • [2022-03-17] yara 4.2.0-3 MIGRATED to testing (Debian testing watch)
  • [2022-03-12] Accepted yara 4.2.0-3 (source) into unstable (Hilko Bengen)
  • [2022-03-11] Accepted yara 4.2.0-2 (source) into unstable (Hilko Bengen)
  • [2022-03-11] Accepted yara 4.2.0-1 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Hilko Bengen)
  • [2022-02-23] Accepted yara 4.1.3-1~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Hilko Bengen)
  • [2021-10-28] yara 4.1.3-1 MIGRATED to testing (Debian testing watch)
  • [2021-10-22] Accepted yara 4.1.3-1 (source) into unstable (Hilko Bengen)
  • [2021-09-06] yara 4.1.2-1 MIGRATED to testing (Debian testing watch)
  • [2021-08-24] Accepted yara 4.1.2-1 (source) into unstable (Hilko Bengen)
  • [2021-06-11] Accepted yara 4.1.0-1 (source amd64 all) into experimental, experimental (Debian FTP Masters) (signed by: Hilko Bengen)
  • [2021-03-27] Accepted yara 4.1.0~rc2-1 (source) into unstable (Hilko Bengen)
  • [2021-02-20] yara 4.0.5-1 MIGRATED to testing (Debian testing watch)
  • [2021-02-09] Accepted yara 4.0.5-1 (source) into unstable (Hilko Bengen)
  • [2021-02-02] yara 4.0.4-1 MIGRATED to testing (Debian testing watch)
  • [2021-01-28] Accepted yara 4.0.4-1 (source) into unstable (Hilko Bengen)
  • [2021-01-26] Accepted yara 4.0.3-1 (source) into unstable (Hilko Bengen)
  • [2020-11-16] Accepted yara 4.0.2-1~bpo10+1 (all amd64 source) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Hilko Bengen)
  • [2020-07-02] yara 4.0.2-1 MIGRATED to testing (Debian testing watch)
  • [2020-06-27] Accepted yara 4.0.2-1 (source) into unstable (Hilko Bengen)
  • [2020-06-01] yara 4.0.1-2 MIGRATED to testing (Debian testing watch)
  • [2020-05-30] Accepted yara 4.0.1-2 (source) into unstable (Hilko Bengen)
  • [2020-05-16] Accepted yara 4.0.1-1 (source amd64 all) into unstable (Hilko Bengen)
  • [2020-05-05] yara 3.11.0-4 MIGRATED to testing (Debian testing watch)
  • [2020-04-30] Accepted yara 4.0.0-2 (source) into experimental (Hilko Bengen)
  • [2020-04-29] Accepted yara 3.11.0-4 (source) into unstable (Hilko Bengen)
  • [2020-04-29] Accepted yara 4.0.0-1 (source) into experimental (Hilko Bengen)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian (0, 38)
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 4.2.1-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing