Register | Log in

yara

Pattern matching swiss knife for malware researchers

Choose email to subscribe with

general

source: yara (main)
version: 3.8.1-1
maintainer: Debian Security Tools [DMD]
uploaders: Hilko Bengen [DMD]
arch: all any
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-bpo: 3.1.0-2~bpo70+1
oldstable: 3.1.0-2+deb8u1
old-bpo: 3.5.0+dfsg-9~bpo8+1
stable: 3.5.0+dfsg-9
stable-bpo: 3.8.1-1~bpo9+1
testing: 3.8.1-1
unstable: 3.8.1-1

versioned links

3.1.0-2~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.1.0-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.5.0+dfsg-9~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.5.0+dfsg-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.1-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libyara-dev
libyara3
yara
yara-doc

action needed

1 new commit since last upload, time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit f6189c4cd149743ec335a1e31ec408061670cfcd
Author: Hilko Bengen <bengen@debian.org>
Date:   Thu Aug 16 18:25:00 2018 +0200

    Mark yara-doc Multi-Arch: foreign

Created: 2018-08-17 Last update: 2018-11-13 15:42

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

yara-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-11-14 10:14

8 ignored security issues in stretch low

There are 8 open security issues in stretch.

8 issues skipped by the security teams:

CVE-2018-12035: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
CVE-2017-9438: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
CVE-2017-9304: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
CVE-2017-11328: Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVE-2017-9465: The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c.
CVE-2018-12034: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
CVE-2017-8294: libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
CVE-2017-8929: The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.

Please fix them.

Created: 2017-04-28 Last update: 2018-08-22 06:49

8 ignored security issues in jessie low

There are 8 open security issues in jessie.

8 issues skipped by the security teams:

CVE-2018-12035: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
CVE-2017-9438: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
CVE-2017-9304: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
CVE-2017-11328: Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVE-2017-9465: The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/re.c and the _yr_scan_match_callback function in libyara/scan.c.
CVE-2018-12034: In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
CVE-2017-8294: libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
CVE-2017-8929: The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.

Please fix them.

Created: 2017-04-03 Last update: 2018-08-22 06:49

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.2.0).

Created: 2018-08-26 Last update: 2018-08-26 08:16

news

[2018-08-22] Accepted yara 3.8.1-1~bpo9+1 (source) into stretch-backports (Hilko Bengen)
[2018-08-22] yara 3.8.1-1 MIGRATED to testing (Debian testing watch)
[2018-08-16] Accepted yara 3.8.1-1 (source) into unstable (Hilko Bengen)
[2018-08-15] yara 3.8.0-5 MIGRATED to testing (Debian testing watch)
[2018-08-09] Accepted yara 3.8.0-5 (source) into unstable (Hilko Bengen)
[2018-08-08] Accepted yara 3.8.0-4 (source) into unstable (Hilko Bengen)
[2018-08-07] Accepted yara 3.8.0-3 (source) into unstable (Hilko Bengen)
[2018-08-06] Accepted yara 3.8.0-2 (source) into unstable (Hilko Bengen)
[2018-08-06] Accepted yara 3.8.0-1 (source) into unstable (Hilko Bengen)
[2018-07-11] Accepted yara 3.7.1-3~bpo9+1 (source) into stretch-backports (Hilko Bengen)
[2018-06-22] yara 3.7.1-3 MIGRATED to testing (Debian testing watch)
[2018-06-17] Accepted yara 3.7.1-3 (source) into unstable (Hilko Bengen)
[2018-02-19] yara 3.7.1-2 MIGRATED to testing (Debian testing watch)
[2018-02-13] Accepted yara 3.7.1-2 (source) into unstable (Hilko Bengen)
[2018-01-21] yara 3.7.1-1 MIGRATED to testing (Debian testing watch)
[2018-01-16] Accepted yara 3.7.1-1 (source) into unstable (Hilko Bengen)
[2017-12-08] Accepted yara 3.7.0-5~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Hilko Bengen)
[2017-11-30] yara 3.7.0-5 MIGRATED to testing (Debian testing watch)
[2017-11-24] Accepted yara 3.7.0-5 (source) into unstable (Hilko Bengen)
[2017-11-20] Accepted yara 3.7.0-4 (source) into unstable (Hilko Bengen)
[2017-11-17] yara 3.7.0-3 MIGRATED to testing (Debian testing watch)
[2017-11-11] Accepted yara 3.7.0-3 (source) into unstable (Hilko Bengen)
[2017-11-10] Accepted yara 3.7.0-2 (source) into unstable (Hilko Bengen)
[2017-11-10] Accepted yara 3.7.0-1 (source) into unstable (Hilko Bengen)
[2017-07-12] yara 3.6.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-07-06] Accepted yara 3.6.3+dfsg-1 (source) into unstable (Hilko Bengen)
[2017-07-06] yara 3.6.2+dfsg-4 MIGRATED to testing (Debian testing watch)
[2017-07-01] Accepted yara 3.6.2+dfsg-4 (source) into unstable (Hilko Bengen)
[2017-06-30] Accepted yara 3.6.2+dfsg-3 (source) into unstable (Hilko Bengen)
[2017-06-30] Accepted yara 3.6.2+dfsg-2 (source) into unstable (Hilko Bengen)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.8.1-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing