Register | Log in

yara

Pattern matching swiss knife for malware researchers

Choose email to subscribe with

general

source: yara (main)
version: 3.8.1-1
maintainer: Debian Security Tools [DMD]
uploaders: Hilko Bengen [DMD]
arch: all any
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-bpo: 3.1.0-2~bpo70+1
oldstable: 3.1.0-2+deb8u1
old-bpo: 3.5.0+dfsg-9~bpo8+1
stable: 3.5.0+dfsg-9
stable-bpo: 3.7.1-3~bpo9+1
testing: 3.8.0-5
unstable: 3.8.1-1

versioned links

3.1.0-2~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.1.0-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.5.0+dfsg-9~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.5.0+dfsg-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.1-3~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libyara-dev
libyara3
yara
yara-doc

action needed

The VCS repository is not up to date, consider pushing the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2018-08-17 Last update: 2018-08-17 02:12

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

yara-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-08-18 08:28

8 ignored security issues in stretch low

There are 8 open security issues in stretch.

8 issues skipped by the security teams:

CVE-2017-8929: The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.
CVE-2018-12035: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
CVE-2017-9465: The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c.
CVE-2017-8294: libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
CVE-2017-9304: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
CVE-2017-9438: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
CVE-2017-11328: Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVE-2018-12034: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.

Please fix them.

Created: 2017-04-28 Last update: 2018-08-17 01:56

8 ignored security issues in jessie low

There are 8 open security issues in jessie.

8 issues skipped by the security teams:

CVE-2017-8929: The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.
CVE-2018-12035: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
CVE-2017-9465: The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c.
CVE-2017-8294: libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
CVE-2017-9304: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
CVE-2017-9438: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
CVE-2017-11328: Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVE-2018-12034: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.

Please fix them.

Created: 2017-04-03 Last update: 2018-08-17 01:56

testing migrations

excuses:
- Too young, only 1 of 5 days old
- Piuparts tested OK - https://piuparts.debian.org/sid/source/y/yara.html
- Not considered

news

[2018-08-16] Accepted yara 3.8.1-1 (source) into unstable (Hilko Bengen)
[2018-08-15] yara 3.8.0-5 MIGRATED to testing (Debian testing watch)
[2018-08-09] Accepted yara 3.8.0-5 (source) into unstable (Hilko Bengen)
[2018-08-08] Accepted yara 3.8.0-4 (source) into unstable (Hilko Bengen)
[2018-08-07] Accepted yara 3.8.0-3 (source) into unstable (Hilko Bengen)
[2018-08-06] Accepted yara 3.8.0-2 (source) into unstable (Hilko Bengen)
[2018-08-06] Accepted yara 3.8.0-1 (source) into unstable (Hilko Bengen)
[2018-07-11] Accepted yara 3.7.1-3~bpo9+1 (source) into stretch-backports (Hilko Bengen)
[2018-06-22] yara 3.7.1-3 MIGRATED to testing (Debian testing watch)
[2018-06-17] Accepted yara 3.7.1-3 (source) into unstable (Hilko Bengen)
[2018-02-19] yara 3.7.1-2 MIGRATED to testing (Debian testing watch)
[2018-02-13] Accepted yara 3.7.1-2 (source) into unstable (Hilko Bengen)
[2018-01-21] yara 3.7.1-1 MIGRATED to testing (Debian testing watch)
[2018-01-16] Accepted yara 3.7.1-1 (source) into unstable (Hilko Bengen)
[2017-12-08] Accepted yara 3.7.0-5~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Hilko Bengen)
[2017-11-30] yara 3.7.0-5 MIGRATED to testing (Debian testing watch)
[2017-11-24] Accepted yara 3.7.0-5 (source) into unstable (Hilko Bengen)
[2017-11-20] Accepted yara 3.7.0-4 (source) into unstable (Hilko Bengen)
[2017-11-17] yara 3.7.0-3 MIGRATED to testing (Debian testing watch)
[2017-11-11] Accepted yara 3.7.0-3 (source) into unstable (Hilko Bengen)
[2017-11-10] Accepted yara 3.7.0-2 (source) into unstable (Hilko Bengen)
[2017-11-10] Accepted yara 3.7.0-1 (source) into unstable (Hilko Bengen)
[2017-07-12] yara 3.6.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-07-06] Accepted yara 3.6.3+dfsg-1 (source) into unstable (Hilko Bengen)
[2017-07-06] yara 3.6.2+dfsg-4 MIGRATED to testing (Debian testing watch)
[2017-07-01] Accepted yara 3.6.2+dfsg-4 (source) into unstable (Hilko Bengen)
[2017-06-30] Accepted yara 3.6.2+dfsg-3 (source) into unstable (Hilko Bengen)
[2017-06-30] Accepted yara 3.6.2+dfsg-2 (source) into unstable (Hilko Bengen)
[2017-06-30] Accepted yara 3.6.2+dfsg-1 (source) into unstable (Hilko Bengen)
[2017-06-29] yara 3.6.1+dfsg-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.8.0-5

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing