[Forensics-changes] [yara] 353/415: Imported Debian patch 2.0.0-1
Hilko Bengen
bengen at moszumanska.debian.org
Thu Apr 3 05:43:23 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch debian
in repository yara.
commit 8bfac1d98f5af2947021a3e976ceff405b0cc58d
Merge: 905abbd ea7ee42
Author: Joao Eriberto Mota Filho <eriberto at eriberto.pro.br>
Date: Sun Jan 5 15:47:56 2014 +0000
Imported Debian patch 2.0.0-1
AUTHORS | 1 +
Makefile.am | 14 +-
README.md | 144 +-
bootstrap.sh | 2 +-
build.sh | 0
config.h | 16 +-
configure.ac | 29 +-
debian/README.Debian | 5 +-
debian/changelog | 39 +
debian/changelog.upstream | 103 +
debian/control | 12 +-
debian/copyright | 61 +-
debian/libyara0.symbols | 436 +-
debian/man/header.txt | 1 +
debian/man/yarac.1 | 51 +
debian/man/yarac.txt | 35 +
debian/patches/fix-python-build | 27 +-
debian/patches/manpage | 18 +-
debian/python-yara.lintian-overrides | 2 +
debian/python3-yara.lintian-overrides | 2 +
debian/rules | 9 +
debian/watch | 2 +-
debian/yara.manpages | 1 +
doc/YARA User's Manual.pdf | Bin 263042 -> 258130 bytes
extra/logo-small.psd | Bin 0 -> 317296 bytes
extra/logo.psd | Bin 4082328 -> 2909856 bytes
extra/{logo.png => old-logo.png} | Bin
extra/{logo.psd => old-logo.psd} | Bin
force.cpp | 0
libyara/Makefile.am | 66 +-
libyara/ahocorasick.c | 697 ++
libyara/{lex.h => ahocorasick.h} | 38 +-
libyara/arena.c | 1059 +++
libyara/arena.h | 106 +
libyara/ast.c | 1005 ---
libyara/ast.h | 252 -
libyara/atoms.c | 1159 +++
libyara/atoms.h | 70 +
libyara/compiler.c | 764 ++
libyara/{eval.h => compiler.h} | 32 +-
libyara/config.h | 15 +-
libyara/configure.ac | 32 +-
libyara/elf.h | 1672 +----
libyara/eval.c | 470 --
libyara/exe.c | 285 -
libyara/exe.h | 27 -
libyara/exec.c | 553 ++
libyara/exec.h | 94 +
libyara/exefiles.c | 320 +
libyara/{weight.h => exefiles.h} | 24 +-
libyara/filemap.c | 187 +-
libyara/filemap.h | 23 +-
libyara/grammar.c | 2510 +++----
libyara/grammar.h | 18 +-
libyara/grammar.y | 1957 +++--
libyara/hash.c | 221 +-
libyara/hash.h | 24 +-
libyara/hex_grammar.c | 1880 +++++
libyara/hex_grammar.h | 71 +
libyara/hex_grammar.y | 313 +
libyara/hex_lexer.c | 2171 ++++++
libyara/hex_lexer.h | 75 +
libyara/hex_lexer.l | 224 +
libyara/lex.l | 562 --
libyara/{lex.c => lexer.c} | 1563 ++--
libyara/lexer.h | 70 +
libyara/lexer.l | 647 ++
libyara/libyara.c | 866 +--
libyara/ltmain.sh | 7874 --------------------
libyara/mem.c | 56 +-
libyara/mem.h | 34 +-
libyara/missing | 367 -
libyara/parser.c | 840 +++
libyara/parser.h | 106 +
libyara/proc.c | 398 +-
libyara/proc.h | 5 +-
libyara/re.c | 1492 ++++
libyara/re.h | 199 +
libyara/re_grammar.c | 1935 +++++
libyara/re_grammar.h | 87 +
libyara/re_grammar.y | 308 +
libyara/{lex.c => re_lexer.c} | 1686 ++---
libyara/re_lexer.h | 81 +
libyara/re_lexer.l | 497 ++
libyara/regex.h | 48 -
libyara/regex/Makefile.am | 9 -
libyara/regex/regex-pcre.c | 154 -
libyara/regex/regex-re2.cc | 110 -
libyara/rules.c | 1391 ++++
libyara/scan.c | 882 ---
libyara/scan.h | 25 -
libyara/sizedstr.h | 7 +-
libyara/utils.c | 64 +
libyara/{xtoi.h => utils.h} | 9 +-
libyara/weight.c | 45 -
libyara/xtoi.c | 68 -
libyara/yara.h | 935 ++-
libyara/ylwrap | 223 -
missing | 330 -
threading.c | 145 +
threading.h | 79 +
windows/lib/pcre.lib | Bin 167802 -> 0 bytes
windows/lib/pcre32.lib | Bin 283028 -> 0 bytes
windows/lib/pcre64.lib | Bin 308148 -> 0 bytes
windows/libyara/libyara.vcxproj | 55 +-
windows/yara/yara.sln | 32 +-
windows/yara/yara.vcxproj | 31 +-
windows/yarac/getopt.c | 120 +
windows/{yara/yara.vcxproj => yarac/yarac.vcxproj} | 296 +-
yara-python/README | 27 +-
yara-python/setup.py | 25 +-
yara-python/setupwin32.py | 29 +-
yara-python/setupwin64.py | 29 +-
yara-python/tests.py | 307 +-
yara-python/yara-python.c | 1853 +++--
yara.c | 1302 ++--
yara.man | 49 +-
yarac.c | 247 +
ylwrap | 232 -
119 files changed, 26092 insertions(+), 22163 deletions(-)
diff --cc debian/README.Debian
index d1ae19b,0000000..310a522
mode 100644,000000..100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@@ -1,7 -1,0 +1,8 @@@
+yara for Debian
+---------------
+
+You can get a detailed manual (PDF) about YARA at
- http://code.google.com/p/yara-project/downloads/list.
++http://plusvic.github.io/yara/.
+
- -- Joao Eriberto Mota Filho <eriberto at eriberto.pro.br> Sun, 03 Nov 2013 22:51:33 -0200
++ -- Joao Eriberto Mota Filho <eriberto at eriberto.pro.br> Sun, 03 Nov 2013 22:51:33 -0200,
++ updated at Tue, 07 Jan 2014 00:07:00 -0200.
diff --cc debian/changelog
index d7b5000,0000000..525abf5
mode 100644,000000..100644
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,29 -1,0 +1,68 @@@
++yara (2.0.0-1) unstable; urgency=medium
++
++ * New upstream release.
++ * debian/changelog.upstream: added to provide a upstream changelog to
++ libyara-dev, libyara0, python-yara, python3-yara and yara.
++ * debian/control:
++ - Added the X-Python-Version and X-Python3-Version fields.
++ - Changed from "Python" to "Python 3" in short description of the
++ python3-yara binary to avoid a lintian "duplicate-short-description"
++ message.
++ - Enabled the VCS fields.
++ * debian/copyright:
++ - Added Hilko Bengen as package maintainer.
++ - Added references to windows/include/{pcre,pcreposix}.h and
++ windows/yarac/getopt.c, all using BSD-3-Clause license.
++ - Removed references to:
++ - libyara/grammar.y and libyara/elf.h that were rewritten and
++ relicensed as Apache-2.0.
++ - libyara/lex.l that was removed from source code.
++ - Updated the upstream e-mail address.
++ - Updated the packaging years.
++ * debian/libyara0.symbols: updated.
++ * debian/man/: created to provide absent manpages. Currently, yarac.1.
++ * debian/patches/:
++ - Added a header to fix-python-build.
++ - Updated the fix-python-build and manpage patches.
++ * debian/{python,python3}-yara.lintian-overrides: added to explain a
++ specific situation to lintian.
++ * debian/README.Debian: updated.
++ * debian/rules:
++ - Added the override_dh_installchangelogs to install the
++ changelog.upstream file.
++ - Added a command to override_dh_auto_clean target to remove
++ yara-python/build directory.
++ * debian/watch: little adjustment.
++ * debian/yara.manpages: created to install the yarac manpage.
++
++ -- Joao Eriberto Mota Filho <eriberto at eriberto.pro.br> Sun, 05 Jan 2014 15:47:56 +0000
++
+yara (1.7.2-3) unstable; urgency=low
+
+ * Added files that are only used in Windows builds to debian/copyright
+ (Closes: #733522)
+
+ -- Hilko Bengen <bengen at debian.org> Sun, 29 Dec 2013 20:58:10 +0100
+
+yara (1.7.2-2) unstable; urgency=low
+
+ * Added Python3 bindings package
+ * Corrected license for libyara/grammar.y, libyara/lex.l
+
+ -- Hilko Bengen <bengen at debian.org> Sun, 29 Dec 2013 14:48:00 +0100
+
+yara (1.7.2-1) unstable; urgency=low
+
+ [ Joao Eriberto Mota Filho ]
+ * Initial release (Closes: #728934)
+
+ [ Hilko Bengen ]
+ * Added myself to uploaders, with permission from Joao Eriberto Mota
+ Filho who did the initial work on the package.
+ * Updated package from 1.7 to 1.7.2
+ * Bumped Standards-Version, no changes
+ * Fixed copyright, watch file
+ * Fixed Homepage field
+ * Added python-yara package
+
+ -- Hilko Bengen <bengen at debian.org> Sat, 21 Dec 2013 14:28:56 +0100
diff --cc debian/changelog.upstream
index 0000000,0000000..f5de472
new file mode 100644
--- /dev/null
+++ b/debian/changelog.upstream
@@@ -1,0 -1,0 +1,103 @@@
++2.0.0 (26/12/2013)
++* Faster matching algorithm
++* Command-line scanner is now multi-threaded
++* Compiled rules can be saved to and loaded from a file
++* Added support for unbounded jumps
++* New libyara API
++
++1.7.2 (02/12/2013)
++* BUGFIX: Regular expressions marked as both "wide" and "ascii" were treated as
++ just "wide"
++* BUGFIX: Bug in "n of (<string_set>)" operator
++* BUGFIX: Bug in get_process_memory could cause infinite loop
++
++1.7.1 (25/11/2013)
++* BUGFIX: Fix SIGABORT in ARM
++* BUGFIX: Failing to detect one-byte strings at the end of a file.
++* BUGFIX: Strings being incorrectly printed when marked both as wide and ascii
++* BUGFIX: Stack overflow while following circular symlinks
++* BUGFIX: Expression "/re/ matches var" always matching if "var" was an empty
++ string
++* BUGFIX: Strings marked as "fullword" were incorrectly matching in some cases.
++
++1.7 (29/03/2013)
++* Faster compilation
++* Added suport for modulus (%) and bitwise xor (|) operators
++* Better hashing of regular expressions
++* BUGFIX: yara-python segfault when using dir() on Rules and Match classes
++* BUGFIX: Integer overflow causing infinite loop
++* BUGFIX: Handling strings containing \x00 characters correctly
++* BUGFIX: Regular expressions not matching at the end of the file when compiled
++ with RE2
++* BUGFIX: Memory leaks
++* BUGFIX: File handle leaks
++
++1.6 (04/08/2011)
++* Added support for bitwise operators
++* Added support for multi-line hex strings
++* Scan speed improvement for regular expressions (with PCRE)
++* yara-python ported to Python 3.x
++* yara-python support for 64-bits Python under Windows
++* BUGFIX: Buffer overflow in error printing
++
++1.5 (22/03/2011)
++* Added -l parameter to abort scanning after a number of matches
++* Added support for scanning processes memory
++* Entrypoint now works with ELF as well as PE files
++* Added support for linking with the faster RE2 library
++ (http://code.google.com/p/re2/) instead of PCRE
++* Implemented index operator to access offsets where string was found
++* Implemented new operator
++ "for < quantifier > < variable > in < set or range > : (< expression >) "
++* BUGFIX: Memory leaks in yara-python
++* BUGFIX: yara.compile namespaces not working with filesources
++
++1.4 (13/05/2010)
++* Added external variables
++* Scan speed improvements
++* Added fast scan mode
++* BUGFIX: crash in 64-bits Windows
++
++1.3 (26/10/2009)
++* Added a C-like "include" directive
++* Added support for multi-sources compilation in yara-python
++* Added support for metadata declaration in rules
++* BUGFIX: Incorrect handling of single-line comments at the end of the file
++* BUGFIX: Integer underflow when scanning files of size <= 2 bytes
++
++1.2.1 (14/04/2009)
++* libyara: added support for compiling rules directly from memory
++* libyara: interface refactored
++* libyara: is thread-safe now
++* BUGFIX: Invoking pcre_compile with non-terminated string
++* BUGFIX: Underscore not recognized in string identifiers
++* BUGFIX: Memory leak
++* BUGFIX: Access violation on xxcompare functions
++
++1.2 (13/01/2009)
++* Added support for global rules
++* Added support for declaring alternative sub-strings in hex strings
++* Added support for anonymous strings
++* Added support for intXX and uintXX functions
++* Operator "of" was enhanced
++* Implemented new operator "for..of"
++* "widechar" is now "wide" and can be used in conjuntion with "ascii"
++* Improved syntax error reporting in yara-python
++* "compile" method in yara-python was enhanced
++* "matchfile" method in yara-python was substituted by "match"
++* Some performance improvements
++* BUGFIX: Wrong behavior of escaped characters in regular expressions
++* BUGFIX: Fatal error in yara-python when invoking matchfile with invalid path
++ twice
++* BUGFIX: Wrong precedence of OR and AND operators
++* BUGFIX: Access violation when scanning MZ files with e_lfanew == -1
++* BUGFIX: Incorrect handling of hex strings in lexer
++
++1.1 (05/01/2009)
++* Added support for strings containing null (\x00) chars
++* Added syntactic construct "x of them"
++* Regular expressions syntax changed
++* Now regular expressions can begin with any character
++
++1.0 (24/09/2008)
++* First release
diff --cc debian/control
index 5c7f295,0000000..277b392
mode 100644,000000..100644
--- a/debian/control
+++ b/debian/control
@@@ -1,154 -1,0 +1,156 @@@
+Source: yara
+Section: utils
+Priority: optional
+Maintainer: Debian Forensics <forensics-devel at lists.alioth.debian.org>
+Uploaders: Joao Eriberto Mota Filho <eriberto at eriberto.pro.br>,
- Hilko Bengen <bengen at debian.org>
++ Hilko Bengen <bengen at debian.org>
+Build-Depends: debhelper (>= 9), dh-autoreconf, libpcre3-dev,
- python-all-dev, python3-all-dev,
++ python-all-dev, python3-all-dev
+Standards-Version: 3.9.5
++X-Python-Version: >= 2.6
++X-Python3-Version: => 3.3
+Homepage: http://plusvic.github.io/yara/
- # Vcs-Git: git://anonscm.debian.org/forensics/yara.git
- # Vcs-Browser: http://anonscm.debian.org/gitweb/?p=forensics/yara.git;a=summary
++Vcs-Git: git://anonscm.debian.org/forensics/yara.git
++Vcs-Browser: http://anonscm.debian.org/gitweb/?p=forensics/yara.git;a=summary
+
+Package: yara
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, libyara0
+Description: help to identify and classify malwares
+ YARA is a tool aimed at helping malware researchers to identify
+ and classify malware samples. With YARA you can create descriptions
+ of malware families based on textual or binary patterns contained
+ on samples of those families. Each description consists of a set of
+ strings and a Boolean expression which determines its logic. This is
+ useful in forensics analysis.
+ .
+ Complex and powerful rules can be created by using binary strings with
+ wild-cards, case-insensitive text strings, special operators, regular
+ expressions and many other features.
+ .
+ Are examples of the organizations and services using YARA:
+ .
+ - VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
+ - jsunpack-n (http://jsunpack.jeek.org/)
+ - We Watch Your Website (http://www.wewatchyourwebsite.com/)
+ - FireEye, Inc. (http://www.fireeye.com)
+ - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
+ Fidelis-XPS)
+ .
+ The Volatility Framework is an example of the software that uses YARA.
+
+Package: libyara0
+Architecture: any
+Section: libs
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: help to identify and classify malwares (shared library)
+ YARA is a tool aimed at helping malware researchers to identify
+ and classify malware samples. With YARA you can create descriptions
+ of malware families based on textual or binary patterns contained
+ on samples of those families. Each description consists of a set of
+ strings and a Boolean expression which determines its logic. This is
+ useful in forensics analysis.
+ .
+ Complex and powerful rules can be created by using binary strings with
+ wild-cards, case-insensitive text strings, special operators, regular
+ expressions and many other features.
+ .
+ Are examples of the organizations and services using YARA:
+ .
+ - VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
+ - jsunpack-n (http://jsunpack.jeek.org/)
+ - We Watch Your Website (http://www.wewatchyourwebsite.com/)
+ - FireEye, Inc. (http://www.fireeye.com)
+ - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
+ Fidelis-XPS)
+ .
+ The Volatility Framework is an example of the software that uses YARA.
+ .
+ This package provides a shared library.
+
+Package: libyara-dev
+Section: libdevel
+Architecture: any
+Depends: ${misc:Depends}, libyara0 (= ${binary:Version})
+Description: help to identify and classify malwares (development files)
+ YARA is a tool aimed at helping malware researchers to identify
+ and classify malware samples. With YARA you can create descriptions
+ of malware families based on textual or binary patterns contained
+ on samples of those families. Each description consists of a set of
+ strings and a Boolean expression which determines its logic. This is
+ useful in forensics analysis.
+ .
+ Complex and powerful rules can be created by using binary strings with
+ wild-cards, case-insensitive text strings, special operators, regular
+ expressions and many other features.
+ .
+ Are examples of the organizations and services using YARA:
+ .
+ - VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
+ - jsunpack-n (http://jsunpack.jeek.org/)
+ - We Watch Your Website (http://www.wewatchyourwebsite.com/)
+ - FireEye, Inc. (http://www.fireeye.com)
+ - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
+ Fidelis-XPS)
+ .
+ The Volatility Framework is an example of the software that uses YARA.
+ .
+ This package provides development libraries and headers.
+
+Package: python-yara
+Section: python
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: help to identify and classify malwares (Python bindings)
+ YARA is a tool aimed at helping malware researchers to identify
+ and classify malware samples. With YARA you can create descriptions
+ of malware families based on textual or binary patterns contained
+ on samples of those families. Each description consists of a set of
+ strings and a Boolean expression which determines its logic. This is
+ useful in forensics analysis.
+ .
+ Complex and powerful rules can be created by using binary strings with
+ wild-cards, case-insensitive text strings, special operators, regular
+ expressions and many other features.
+ .
+ Are examples of the organizations and services using YARA:
+ .
+ - VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
+ - jsunpack-n (http://jsunpack.jeek.org/)
+ - We Watch Your Website (http://www.wewatchyourwebsite.com/)
+ - FireEye, Inc. (http://www.fireeye.com)
+ - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
+ Fidelis-XPS)
+ .
+ The Volatility Framework is an example of the software that uses YARA.
+ .
+ This package provides Python 2 bindings.
+
+Package: python3-yara
+Section: python
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
- Description: help to identify and classify malwares (Python bindings)
++Description: help to identify and classify malwares (Python 3 bindings)
+ YARA is a tool aimed at helping malware researchers to identify
+ and classify malware samples. With YARA you can create descriptions
+ of malware families based on textual or binary patterns contained
+ on samples of those families. Each description consists of a set of
+ strings and a Boolean expression which determines its logic. This is
+ useful in forensics analysis.
+ .
+ Complex and powerful rules can be created by using binary strings with
+ wild-cards, case-insensitive text strings, special operators, regular
+ expressions and many other features.
+ .
+ Are examples of the organizations and services using YARA:
+ .
+ - VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
+ - jsunpack-n (http://jsunpack.jeek.org/)
+ - We Watch Your Website (http://www.wewatchyourwebsite.com/)
+ - FireEye, Inc. (http://www.fireeye.com)
+ - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
+ Fidelis-XPS)
+ .
+ The Volatility Framework is an example of the software that uses YARA.
+ .
+ This package provides Python 3 bindings.
diff --cc debian/copyright
index 67aa280,0000000..989918f
mode 100644,000000..100644
--- a/debian/copyright
+++ b/debian/copyright
@@@ -1,117 -1,0 +1,64 @@@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: yara
+Source: http://code.google.com/p/yara-project
+
+Files: *
- Copyright: 2007, 2011-2013 Victor M. Alvarez <victor.alvarez at virustotal.com>
++Copyright: 2007, 2011-2013 Victor M. Alvarez <vmalvarez at virustotal.com>
+ 2011 Google, Inc., by Mike Wiacek <mjwiacek at google.com>
+License: Apache-2.0
+
- Files: libyara/grammar.y libyara/lex.l
- Copyright: 2007 Victor M. Alvarez <plusvic at gmail.com>
- License: BSD-4-Clause
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
- .
- 1. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
- .
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- .
- 3. All advertising materials mentioning features or use of this software
- must display the following acknowledgement:
- This product includes software developed by Victor M. Alvarez and its
- contributors.
- .
- 4. Neither the name of Victor M. Alvarez nor the names of its contributors
- may be used to endorse or promote products derived from this software
- without specific prior written permission.
- .
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-
- Files: libyara/elf.h
- Copyright: 1995, 1996, 1997, 1998, 1999 Free Software Foundation, Inc.
- License: LGPL-2.0+
- This package is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2 of the License, or (at your option) any later version.
- .
- This package is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
- .
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- .
- On Debian systems, the complete text of the GNU Lesser General
- Public License can be found in "/usr/share/common-licenses/LGPL-2".
-
+Files: windows/include/pcre.h windows/include/pcreposix.h
+Comment: Only used in Windows build
+Copyright: 1997-2006 University of Cambridge
+License: BSD-3-Clause
+
- Files: windows/yara/getopt.c
++Files: windows/yara/getopt.c windows/yarac/getopt.c
+Comment: Only used in Windows build
+Copyright: 1987-2002 The Regents of the University of California
+License: BSD-3-Clause
+
+Files: debian/*
- Copyright: 2013 Joao Eriberto Mota Filho <eriberto at eriberto.pro.br>
++Copyright: 2013-2014 Joao Eriberto Mota Filho <eriberto at eriberto.pro.br>,
++ Hilko Bengen <bengen at debian.org>
+License: Apache-2.0
+
+License: Apache-2.0
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian systems, the complete text of the Apache version 2.0 license
+ can be found in "/usr/share/common-licenses/Apache-2.0".
+
+License: BSD-3-Clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the University nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE HOLDERS OR
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --cc debian/libyara0.symbols
index 3990f3c,0000000..91d9169
mode 100644,000000..100644
--- a/debian/libyara0.symbols
+++ b/debian/libyara0.symbols
@@@ -1,152 -1,0 +1,286 @@@
+libyara.so.0 libyara0 #MINVER#
- add_term_to_vector at Base 1.7
- byte_to_int32 at Base 1.7
- clear_hash_table at Base 1.7
- clear_marks at Base 1.7
- compare at Base 1.7
- elf_rva_to_offset_32 at Base 1.7
- elf_rva_to_offset_64 at Base 1.7
- evaluate at Base 1.7
- find_matches at Base 1.7
- find_matches_for_strings at Base 1.7
- free_term at Base 1.7
- get_elf_type at Base 1.7
- get_entry_point_address at Base 1.7
- get_entry_point_offset at Base 1.7
- get_pe_header at Base 1.7
- get_process_memory at Base 1.7
- hash at Base 1.7
- hash_update at Base 1.7
- hex_match at Base 1.7
- icompare at Base 1.7
- is_elf at Base 1.7
- is_pe at Base 1.7
- lookup_meta at Base 1.7
- lookup_rule at Base 1.7
- lookup_string at Base 1.7
- lookup_tag at Base 1.7
- lookup_variable at Base 1.7
- map_file at Base 1.7
- new_binary_operation at Base 1.7
- new_constant at Base 1.7
- new_hex_string at Base 1.7
- new_range at Base 1.7
- new_rule at Base 1.7
- new_simple_term at Base 1.7
- new_string at Base 1.7
- new_string_identifier at Base 1.7
- new_ternary_operation at Base 1.7
- new_text_string at Base 1.7
- new_unary_operation at Base 1.7
- new_variable at Base 1.7
- new_vector at Base 1.7
- parse_rules_file at Base 1.7
- parse_rules_string at Base 1.7
- pe_rva_to_offset at Base 1.7
- populate_hash_table at Base 1.7
- range_first at Base 1.7
- range_next at Base 1.7
- read_int16 at Base 1.7
- read_int32 at Base 1.7
- read_int8 at Base 1.7
- read_uint16 at Base 1.7
- read_uint32 at Base 1.7
- read_uint8 at Base 1.7
- reduce_constant at Base 1.7
- reduce_entrypoint at Base 1.7
- reduce_filesize at Base 1.7
- reduce_identifier at Base 1.7
- reduce_integer_enumeration at Base 1.7
- reduce_integer_for at Base 1.7
- reduce_meta_declaration at Base 1.7
- reduce_metas at Base 1.7
- reduce_range at Base 1.7
- reduce_rule_declaration at Base 1.7
- reduce_string at Base 1.7
- reduce_string_at at Base 1.7
- reduce_string_count at Base 1.7
- reduce_string_declaration at Base 1.7
- reduce_string_enumeration at Base 1.7
- reduce_string_in_range at Base 1.7
- reduce_string_in_section_by_name at Base 1.7
- reduce_string_offset at Base 1.7
- reduce_string_operation at Base 1.7
- reduce_string_with_wildcard at Base 1.7
- reduce_strings at Base 1.7
- reduce_tags at Base 1.7
- reduce_term at Base 1.7
- regex_compile at Base 1.7
- regex_exec at Base 1.7
- regex_free at Base 1.7
- regex_get_first_bytes at Base 1.7
- regexp_match at Base 1.7
- string_match at Base 1.7
- string_weight at Base 1.7
- unmap_file at Base 1.7
- valid_string_identifier at Base 1.7
- vector_first at Base 1.7
- vector_next at Base 1.7
- wcompare at Base 1.7
- wicompare at Base 1.7
- xtoi at Base 1.7
- yr_calculate_rules_weight at Base 1.7
- yr_compile_file at Base 1.7
- yr_compile_string at Base 1.7
- yr_create_context at Base 1.7
- yr_create_namespace at Base 1.7
- yr_define_boolean_variable at Base 1.7
- yr_define_integer_variable at Base 1.7
- yr_define_string_variable at Base 1.7
- yr_destroy_context at Base 1.7
- yr_free at Base 1.7
- yr_get_current_file_name at Base 1.7
- yr_get_error_message at Base 1.7
- yr_heap_alloc at Base 1.7
- yr_heap_free at Base 1.7
- yr_init at Base 1.7
- yr_malloc at Base 1.7
- yr_pop_file at Base 1.7
- yr_pop_file_name at Base 1.7
- yr_push_file at Base 1.7
- yr_push_file_name at Base 1.7
- yr_scan_file at Base 1.7
- yr_scan_mem at Base 1.7
- yr_scan_mem_blocks at Base 1.7
- yr_scan_proc at Base 1.7
- yr_strdup at Base 1.7
- yr_undefine_variable at Base 1.7
- yy_create_buffer at Base 1.7
- yy_delete_buffer at Base 1.7
- yy_flush_buffer at Base 1.7
- yy_scan_buffer at Base 1.7
- yy_scan_bytes at Base 1.7
- yy_scan_string at Base 1.7
- yy_switch_to_buffer at Base 1.7
- yyalloc at Base 1.7
- yyerror at Base 1.7
- yyfree at Base 1.7
- yyget_column at Base 1.7
- yyget_debug at Base 1.7
- yyget_extra at Base 1.7
- yyget_in at Base 1.7
- yyget_leng at Base 1.7
- yyget_lineno at Base 1.7
- yyget_lval at Base 1.7
- yyget_out at Base 1.7
- yyget_text at Base 1.7
- yylex at Base 1.7
- yylex_destroy at Base 1.7
- yylex_init at Base 1.7
- yylex_init_extra at Base 1.7
- yyparse at Base 1.7
- yypop_buffer_state at Base 1.7
- yypush_buffer_state at Base 1.7
- yyrealloc at Base 1.7
- yyrestart at Base 1.7
- yyset_column at Base 1.7
- yyset_debug at Base 1.7
- yyset_extra at Base 1.7
- yyset_in at Base 1.7
- yyset_lineno at Base 1.7
- yyset_lval at Base 1.7
- yyset_out at Base 1.7
++ _yr_ac_create_state at Base 2.0.0
++ _yr_ac_first_transition at Base 2.0.0
++ _yr_ac_next_transition at Base 2.0.0
++ _yr_ac_print_automaton_state at Base 2.0.0
++ _yr_ac_queue_is_empty at Base 2.0.0
++ _yr_ac_queue_pop at Base 2.0.0
++ _yr_ac_queue_push at Base 2.0.0
++ _yr_arena_make_relocatable at Base 2.0.0
++ _yr_arena_new_page at Base 2.0.0
++ _yr_arena_page_for_address at Base 2.0.0
++ _yr_atoms_case_combinations at Base 2.0.0
++ _yr_atoms_case_insentive at Base 2.0.0
++ _yr_atoms_choose at Base 2.0.0
++ _yr_atoms_extract_from_re_node at Base 2.0.0
++ _yr_atoms_list_concat at Base 2.0.0
++ _yr_atoms_min_quality at Base 2.0.0
++ _yr_atoms_quality at Base 2.0.0
++ _yr_atoms_tree_destroy at Base 2.0.0
++ _yr_atoms_tree_node_append at Base 2.0.0
++ _yr_atoms_tree_node_create at Base 2.0.0
++ _yr_atoms_tree_node_destroy at Base 2.0.0
++ _yr_atoms_wide at Base 2.0.0
++ _yr_compiler_compile_rules at Base 2.0.0
++ _yr_compiler_pop_file at Base 2.0.0
++ _yr_compiler_push_file at Base 2.0.0
++ _yr_compiler_set_namespace at Base 2.0.0
++ _yr_emit_inst at Base 2.0.0
++ _yr_emit_inst_arg_int16 at Base 2.0.0
++ _yr_emit_inst_arg_uint16 at Base 2.0.0
++ _yr_emit_inst_arg_uint32 at Base 2.0.0
++ _yr_emit_inst_arg_uint8 at Base 2.0.0
++ _yr_parser_write_string at Base 2.0.0
++ _yr_re_emit at Base 2.0.0
++ _yr_re_fiber_append at Base 2.0.0
++ _yr_re_fiber_create at Base 2.0.0
++ _yr_re_fiber_kill at Base 2.0.0
++ _yr_re_fiber_kill_tail at Base 2.0.0
++ _yr_re_fiber_split at Base 2.0.0
++ _yr_re_print_node at Base 2.0.0
++ _yr_rules_clean_matches at Base 2.0.0
++ _yr_rules_lock at Base 2.0.0
++ _yr_rules_unlock at Base 2.0.0
++ _yr_scan_add_match_to_list at Base 2.0.0
++ _yr_scan_compare at Base 2.0.0
++ _yr_scan_fast_hex_re_exec at Base 2.0.0
++ _yr_scan_icompare at Base 2.0.0
++ _yr_scan_match_callback at Base 2.0.0
++ _yr_scan_remove_match_from_list at Base 2.0.0
++ _yr_scan_update_match_chain_length at Base 2.0.0
++ _yr_scan_verify_chained_string_match at Base 2.0.0
++ _yr_scan_verify_literal_match at Base 2.0.0
++ _yr_scan_verify_match at Base 2.0.0
++ _yr_scan_verify_re_match at Base 2.0.0
++ _yr_scan_wcompare at Base 2.0.0
++ _yr_scan_wicompare at Base 2.0.0
++ altercase at Base 2.0.0
++ byte_to_int32 at Base 2.0.0
++ hash at Base 2.0.0
++ hex_yy_create_buffer at Base 2.0.0
++ hex_yy_delete_buffer at Base 2.0.0
++ hex_yy_flush_buffer at Base 2.0.0
++ hex_yy_scan_buffer at Base 2.0.0
++ hex_yy_scan_bytes at Base 2.0.0
++ hex_yy_scan_string at Base 2.0.0
++ hex_yy_switch_to_buffer at Base 2.0.0
++ hex_yyalloc at Base 2.0.0
++ hex_yyerror at Base 2.0.0
++ hex_yyfatal at Base 2.0.0
++ hex_yyfree at Base 2.0.0
++ hex_yyget_column at Base 2.0.0
++ hex_yyget_debug at Base 2.0.0
++ hex_yyget_extra at Base 2.0.0
++ hex_yyget_in at Base 2.0.0
++ hex_yyget_leng at Base 2.0.0
++ hex_yyget_lineno at Base 2.0.0
++ hex_yyget_lval at Base 2.0.0
++ hex_yyget_out at Base 2.0.0
++ hex_yyget_text at Base 2.0.0
++ hex_yylex at Base 2.0.0
++ hex_yylex_destroy at Base 2.0.0
++ hex_yylex_init at Base 2.0.0
++ hex_yylex_init_extra at Base 2.0.0
++ hex_yyparse at Base 2.0.0
++ hex_yypop_buffer_state at Base 2.0.0
++ hex_yypush_buffer_state at Base 2.0.0
++ hex_yyrealloc at Base 2.0.0
++ hex_yyrestart at Base 2.0.0
++ hex_yyset_column at Base 2.0.0
++ hex_yyset_debug at Base 2.0.0
++ hex_yyset_extra at Base 2.0.0
++ hex_yyset_in at Base 2.0.0
++ hex_yyset_lineno at Base 2.0.0
++ hex_yyset_lval at Base 2.0.0
++ hex_yyset_out at Base 2.0.0
++ lowercase at Base 2.0.0
++ re_yy_create_buffer at Base 2.0.0
++ re_yy_delete_buffer at Base 2.0.0
++ re_yy_flush_buffer at Base 2.0.0
++ re_yy_scan_buffer at Base 2.0.0
++ re_yy_scan_bytes at Base 2.0.0
++ re_yy_scan_string at Base 2.0.0
++ re_yy_switch_to_buffer at Base 2.0.0
++ re_yyalloc at Base 2.0.0
++ re_yyerror at Base 2.0.0
++ re_yyfatal at Base 2.0.0
++ re_yyfree at Base 2.0.0
++ re_yyget_column at Base 2.0.0
++ re_yyget_debug at Base 2.0.0
++ re_yyget_extra at Base 2.0.0
++ re_yyget_in at Base 2.0.0
++ re_yyget_leng at Base 2.0.0
++ re_yyget_lineno at Base 2.0.0
++ re_yyget_lval at Base 2.0.0
++ re_yyget_out at Base 2.0.0
++ re_yyget_text at Base 2.0.0
++ re_yylex at Base 2.0.0
++ re_yylex_destroy at Base 2.0.0
++ re_yylex_init at Base 2.0.0
++ re_yylex_init_extra at Base 2.0.0
++ re_yyparse at Base 2.0.0
++ re_yypop_buffer_state at Base 2.0.0
++ re_yypush_buffer_state at Base 2.0.0
++ re_yyrealloc at Base 2.0.0
++ re_yyrestart at Base 2.0.0
++ re_yyset_column at Base 2.0.0
++ re_yyset_debug at Base 2.0.0
++ re_yyset_extra at Base 2.0.0
++ re_yyset_in at Base 2.0.0
++ re_yyset_lineno at Base 2.0.0
++ re_yyset_lval at Base 2.0.0
++ re_yyset_out at Base 2.0.0
++ read_escaped_char at Base 2.0.0
++ read_int16_t at Base 2.0.0
++ read_int32_t at Base 2.0.0
++ read_int8_t at Base 2.0.0
++ read_uint16_t at Base 2.0.0
++ read_uint32_t at Base 2.0.0
++ read_uint8_t at Base 2.0.0
++ recovery_state_key at Base 2.0.0
++ thread_storage_key at Base 2.0.0
++ tidx_key at Base 2.0.0
++ xtoi at Base 2.0.0
++ yara_yy_create_buffer at Base 2.0.0
++ yara_yy_delete_buffer at Base 2.0.0
++ yara_yy_flush_buffer at Base 2.0.0
++ yara_yy_scan_buffer at Base 2.0.0
++ yara_yy_scan_bytes at Base 2.0.0
++ yara_yy_scan_string at Base 2.0.0
++ yara_yy_switch_to_buffer at Base 2.0.0
++ yara_yyalloc at Base 2.0.0
++ yara_yydebug at Base 2.0.0
++ yara_yyerror at Base 2.0.0
++ yara_yyfatal at Base 2.0.0
++ yara_yyfree at Base 2.0.0
++ yara_yyget_column at Base 2.0.0
++ yara_yyget_debug at Base 2.0.0
++ yara_yyget_extra at Base 2.0.0
++ yara_yyget_in at Base 2.0.0
++ yara_yyget_leng at Base 2.0.0
++ yara_yyget_lineno at Base 2.0.0
++ yara_yyget_lval at Base 2.0.0
++ yara_yyget_out at Base 2.0.0
++ yara_yyget_text at Base 2.0.0
++ yara_yylex at Base 2.0.0
++ yara_yylex_destroy at Base 2.0.0
++ yara_yylex_init at Base 2.0.0
++ yara_yylex_init_extra at Base 2.0.0
++ yara_yyparse at Base 2.0.0
++ yara_yypop_buffer_state at Base 2.0.0
++ yara_yypush_buffer_state at Base 2.0.0
++ yara_yyrealloc at Base 2.0.0
++ yara_yyrestart at Base 2.0.0
++ yara_yyset_column at Base 2.0.0
++ yara_yyset_debug at Base 2.0.0
++ yara_yyset_extra at Base 2.0.0
++ yara_yyset_in at Base 2.0.0
++ yara_yyset_lineno at Base 2.0.0
++ yara_yyset_lval at Base 2.0.0
++ yara_yyset_out at Base 2.0.0
++ yr_ac_add_string at Base 2.0.0
++ yr_ac_create_automaton at Base 2.0.0
++ yr_ac_create_failure_links at Base 2.0.0
++ yr_ac_next_state at Base 2.0.0
++ yr_ac_print_automaton at Base 2.0.0
++ yr_arena_allocate_memory at Base 2.0.0
++ yr_arena_allocate_struct at Base 2.0.0
++ yr_arena_append at Base 2.0.0
++ yr_arena_base_address at Base 2.0.0
++ yr_arena_coalesce at Base 2.0.0
++ yr_arena_create at Base 2.0.0
++ yr_arena_destroy at Base 2.0.0
++ yr_arena_duplicate at Base 2.0.0
++ yr_arena_load at Base 2.0.0
++ yr_arena_make_relocatable at Base 2.0.0
++ yr_arena_next_address at Base 2.0.0
++ yr_arena_save at Base 2.0.0
++ yr_arena_write_data at Base 2.0.0
++ yr_arena_write_string at Base 2.0.0
++ yr_atoms_extract_from_re at Base 2.0.0
++ yr_atoms_extract_from_string at Base 2.0.0
++ yr_atoms_extract_triplets at Base 2.0.0
++ yr_atoms_list_destroy at Base 2.0.0
++ yr_atoms_tree_node_print at Base 2.0.0
++ yr_compiler_add_file at Base 2.0.0
++ yr_compiler_add_string at Base 2.0.0
++ yr_compiler_create at Base 2.0.0
++ yr_compiler_define_boolean_variable at Base 2.0.0
++ yr_compiler_define_integer_variable at Base 2.0.0
++ yr_compiler_define_string_variable at Base 2.0.0
++ yr_compiler_destroy at Base 2.0.0
++ yr_compiler_get_current_file_name at Base 2.0.0
++ yr_compiler_get_error_message at Base 2.0.0
++ yr_compiler_get_rules at Base 2.0.0
++ yr_compiler_pop_file_name at Base 2.0.0
++ yr_compiler_push_file_name at Base 2.0.0
++ yr_elf_rva_to_offset_32 at Base 2.0.0
++ yr_elf_rva_to_offset_64 at Base 2.0.0
++ yr_execute_code at Base 2.0.0
++ yr_file_is_elf at Base 2.0.0
++ yr_file_is_pe at Base 2.0.0
++ yr_filemap_map at Base 2.0.0
++ yr_filemap_unmap at Base 2.0.0
++ yr_finalize at Base 2.0.0
++ yr_finalize_thread at Base 2.0.0
++ yr_free at Base 2.0.0
++ yr_get_elf_type at Base 2.0.0
++ yr_get_entry_point_address at Base 2.0.0
++ yr_get_entry_point_offset at Base 2.0.0
++ yr_get_pe_header at Base 2.0.0
++ yr_get_tidx at Base 2.0.0
++ yr_hash_table_add at Base 2.0.0
++ yr_hash_table_create at Base 2.0.0
++ yr_hash_table_destroy at Base 2.0.0
++ yr_hash_table_lookup at Base 2.0.0
++ yr_heap_alloc at Base 2.0.0
++ yr_heap_free at Base 2.0.0
++ yr_initialize at Base 2.0.0
++ yr_lex_parse_rules_file at Base 2.0.0
++ yr_lex_parse_rules_string at Base 2.0.0
++ yr_malloc at Base 2.0.0
++ yr_parse_hex_string at Base 2.0.0
++ yr_parse_re_string at Base 2.0.0
++ yr_parser_emit at Base 2.0.0
++ yr_parser_emit_pushes_for_strings at Base 2.0.0
++ yr_parser_emit_with_arg at Base 2.0.0
++ yr_parser_emit_with_arg_reloc at Base 2.0.0
++ yr_parser_lookup_external_variable at Base 2.0.0
++ yr_parser_lookup_loop_variable at Base 2.0.0
++ yr_parser_lookup_string at Base 2.0.0
++ yr_parser_reduce_external at Base 2.0.0
++ yr_parser_reduce_meta_declaration at Base 2.0.0
++ yr_parser_reduce_rule_declaration at Base 2.0.0
++ yr_parser_reduce_string_declaration at Base 2.0.0
++ yr_parser_reduce_string_identifier at Base 2.0.0
++ yr_pe_rva_to_offset at Base 2.0.0
++ yr_process_get_memory at Base 2.0.0
++ yr_re_compile at Base 2.0.0
++ yr_re_compile_hex at Base 2.0.0
++ yr_re_create at Base 2.0.0
++ yr_re_destroy at Base 2.0.0
++ yr_re_emit_code at Base 2.0.0
++ yr_re_exec at Base 2.0.0
++ yr_re_extract_literal at Base 2.0.0
++ yr_re_finalize at Base 2.0.0
++ yr_re_finalize_thread at Base 2.0.0
++ yr_re_initialize at Base 2.0.0
++ yr_re_node_create at Base 2.0.0
++ yr_re_node_destroy at Base 2.0.0
++ yr_re_print at Base 2.0.0
++ yr_re_split_at_chaining_point at Base 2.0.0
++ yr_realloc at Base 2.0.0
++ yr_rules_define_boolean_variable at Base 2.0.0
++ yr_rules_define_integer_variable at Base 2.0.0
++ yr_rules_define_string_variable at Base 2.0.0
++ yr_rules_destroy at Base 2.0.0
++ yr_rules_load at Base 2.0.0
++ yr_rules_save at Base 2.0.0
++ yr_rules_scan_file at Base 2.0.0
++ yr_rules_scan_mem at Base 2.0.0
++ yr_rules_scan_mem_block at Base 2.0.0
++ yr_rules_scan_mem_blocks at Base 2.0.0
++ yr_rules_scan_proc at Base 2.0.0
++ yr_set_tidx at Base 2.0.0
++ yr_strdup at Base 2.0.0
++
diff --cc debian/man/header.txt
index 0000000,0000000..ea7e106
new file mode 100644
--- /dev/null
+++ b/debian/man/header.txt
@@@ -1,0 -1,0 +1,1 @@@
++.TH YARAC "1" "Jan 2014" "YARAC 2.0" "compile rules to yara"
diff --cc debian/man/yarac.1
index 0000000,0000000..099daa0
new file mode 100644
--- /dev/null
+++ b/debian/man/yarac.1
@@@ -1,0 -1,0 +1,51 @@@
++.\"Text automatically generated by txt2man
++.TH YARAC "1" "Jan 2014" "YARAC 2.0" "compile rules to yara"
++.SH NAME
++\fByarac \fP- compile rules to yara
++.SH SYNOPSIS
++.nf
++.fam C
++\fByarac\fP [OPTION]\.\.\. [RULE_FILE]\.\.\. \fIOUTPUT_FILE\fP
++.fam T
++.fi
++.fam T
++.fi
++.SH DESCRIPTION
++To invoke YARA you will need two things: a file with the rules you want to
++use (either in source code or compiled form) and the target to be scanned.
++The target can be a file, a folder, or a process.
++.PP
++Rule files can be passed directly in source code form, or can be previously
++compiled with the \fByarac\fP tool. You may prefer to use your rules in compiled
++form if you are going to invoke YARA multiple times with the same rules.
++This way you’ll save time, because for YARA is faster to load compiled rules
++than compiling the same rules over and over again.
++.PP
++The rules will be applied to the target specified as the last argument to YARA,
++if it’s a path to a directory all the files contained in it will be scanned.
++.SH OPTIONS
++.TP
++.B
++\fB-d\fP <identifier>=<value>
++define external variable.
++.TP
++.B
++\fB-w\fP
++disable warnings.
++.TP
++.B
++\fB-v\fP
++show version information.
++.SH EXAMPLE
++The \fB-d\fP is used to define external variables. For example:
++.PP
++\fB-d\fP flag=true
++.PP
++\fB-d\fP beast=666
++.PP
++\fB-d\fP name="James Bond"
++.SH SE ALSO
++\fByara\fP(1)
++.SH AUTHOR
++\fByarac\fP was written by Victor M. Alvarez <vmalvarez at virustotal.com>.
++This manual page was written by Joao Eriberto Mota Filho <eriberto at eriberto.pro.br> for the Debian project (but may be used by others).
diff --cc debian/man/yarac.txt
index 0000000,0000000..dc7944d
new file mode 100644
--- /dev/null
+++ b/debian/man/yarac.txt
@@@ -1,0 -1,0 +1,35 @@@
++NAME
++ yarac - compile rules to yara
++SYNOPSIS
++ yarac [OPTION]... [RULE_FILE]... OUTPUT_FILE
++DESCRIPTION
++ To invoke YARA you will need two things: a file with the rules you want to
++ use (either in source code or compiled form) and the target to be scanned.
++ The target can be a file, a folder, or a process.
++
++ Rule files can be passed directly in source code form, or can be previously
++ compiled with the yarac tool. You may prefer to use your rules in compiled
++ form if you are going to invoke YARA multiple times with the same rules.
++ This way you’ll save time, because for YARA is faster to load compiled rules
++ than compiling the same rules over and over again.
++
++ The rules will be applied to the target specified as the last argument to YARA,
++ if it’s a path to a directory all the files contained in it will be scanned.
++OPTIONS
++ -d <identifier>=<value> define external variable.
++ -w disable warnings.
++ -v show version information.
++EXAMPLE
++ The -d is used to define external variables. For example:
++
++ -d flag=true
++
++ -d beast=666
++
++ -d name="James Bond"
++SE ALSO
++ yara(1)
++AUTHOR
++ yarac was written by Victor M. Alvarez <vmalvarez at virustotal.com>.
++ This manual page was written by Joao Eriberto Mota Filho <eriberto at eriberto.pro.br> for the Debian project (but may be used by others).
++
diff --cc debian/patches/fix-python-build
index f8b40e5,0000000..b5ed9bf
mode 100644,000000..100644
--- a/debian/patches/fix-python-build
+++ b/debian/patches/fix-python-build
@@@ -1,14 -1,0 +1,13 @@@
- Index: yara/yara-python/setup.py
- ===================================================================
- --- yara.orig/yara-python/setup.py 2013-12-21 14:48:26.230383113 +0100
- +++ yara/yara-python/setup.py 2013-12-21 14:50:09.059686946 +0100
- @@ -10,7 +10,8 @@
- name='yara',
- sources=['yara-python.c'],
- libraries=['yara','pcre'],
- - include_dirs=['/usr/local/include']
- + include_dirs=['../libyara'],
- + library_dirs=['../libyara/.libs']
- )])
-
-
++Description: fix python build.
++Author: Hilko Bengen <bengen at debian.org>
++Last-Update: 2014-01-05
++--- a/yara-python/setup.py
+++++ b/yara-python/setup.py
++@@ -8,5 +8,6 @@
++ name='yara',
++ sources=['yara-python.c'],
++ libraries=['yara'],
++- include_dirs=['../windows/include', '../libyara'],
+++ include_dirs=['../libyara'],
+++ library_dirs=['../libyara/.libs']
++ )])
diff --cc debian/patches/manpage
index 0602841,0000000..06b47cb
mode 100644,000000..100644
--- a/debian/patches/manpage
+++ b/debian/patches/manpage
@@@ -1,32 -1,0 +1,32 @@@
+Description: fix some hyphens in manpage.
+Author: Joao Eriberto Mota Filho <eriberto at eriberto.pro.br>
- Last-Update: 2013-11-03
++Last-Update: 2014-01-05
+--- a/yara.man
++++ b/yara.man
- @@ -67,7 +67,7 @@
++@@ -80,7 +80,7 @@
+ to all files on current directory. Subdirectories are not scanned.
+ .RE
+ .PP
+-$ yara -t Packer -t Compiler /foo/bar/rules bazfile
++$ yara \-t Packer \-t Compiler /foo/bar/rules bazfile
+ .RS
+ .PP
+ Apply rules on
- @@ -80,7 +80,7 @@
++@@ -93,7 +93,7 @@
+ .I Compiler.
+ .RE
+ .PP
- -$ cat /foo/bar/rules1 | yara -r /foo
- +$ cat /foo/bar/rules1 | yara \-r /foo
++-$ cat /foo/bar/rules1 | yara -r /foo
+++$ cat /foo/bar/rules1 | yara \-r /foo
+ .RS
+ .PP
+ Scan all files in the
- @@ -88,7 +88,7 @@
++@@ -101,7 +101,7 @@
+ directory and its subdirectories. Rules are read from standard input.
+ .RE
+ .PP
- -$ yara -d mybool=true -d myint=5 -d mystring="my string" /foo/bar/rules bazfile
- +$ yara \-d mybool=true \-d myint=5 \-d mystring="my string" /foo/bar/rules bazfile
++-$ yara -d mybool=true -d myint=5 -d mystring="my string" /foo/bar/rules bazfile
+++$ yara \-d mybool=true \-d myint=5 \-d mystring="my string" /foo/bar/rules bazfile
+ .RS
+ .PP
- Defines three external variables
++ Defines three external variables
diff --cc debian/python-yara.lintian-overrides
index 0000000,0000000..184c2e0
new file mode 100644
--- /dev/null
+++ b/debian/python-yara.lintian-overrides
@@@ -1,0 -1,0 +1,2 @@@
++# Not an error, but a site name (We Watch Your Website).
++python-yara: using-first-person-in-description line 13: We
diff --cc debian/python3-yara.lintian-overrides
index 0000000,0000000..1fcc24c
new file mode 100644
--- /dev/null
+++ b/debian/python3-yara.lintian-overrides
@@@ -1,0 -1,0 +1,2 @@@
++# Not an error, but a site name (We Watch Your Website).
++python3-yara: using-first-person-in-description line 13: We
diff --cc debian/rules
index d1bf4c5,0000000..224b670
mode 100755,000000..100755
--- a/debian/rules
+++ b/debian/rules
@@@ -1,22 -1,0 +1,31 @@@
+#!/usr/bin/make -f
+#export DH_VERBOSE=1
+
+PYTHONS:=$(shell pyversions --installed; py3versions --installed)
+
+%:
+ dh $@ --with autoreconf,python2,python3
++
+override_dh_auto_build:
+ dh_auto_build
+ set -e; for python in $(PYTHONS); do \
+ ( cd yara-python && $$python setup.py build ); \
+ done
++
+override_dh_auto_install:
+ dh_auto_install
+ set -e; for python in $(PYTHONS); do \
+ ( cd yara-python && $$python setup.py install --skip-build --root ../debian/tmp --install-layout=deb ); \
+ done
++
+override_dh_auto_clean:
++ rm -rf yara-python/build
+ dh_auto_clean
+ dh_auto_clean --sourcedirectory=yara-python
++
+override_dh_install:
+ dh_install --fail-missing -X.la
++
++override_dh_installchangelogs:
++ dh_installchangelogs
++ dh_installchangelogs -p libyara-dev -p libyara0 -p python-yara -p python3-yara -p yara debian/changelog.upstream
diff --cc debian/watch
index 97006d2,0000000..9cbea7d
mode 100644,000000..100644
--- a/debian/watch
+++ b/debian/watch
@@@ -1,3 -1,0 +1,3 @@@
+version=3
- https://github.com/plusvic/yara/releases .*v(\d.*)\.tar\.gz
++https://github.com/plusvic/yara/releases .*v(\d\S*)\.tar\.gz
+
diff --cc debian/yara.manpages
index 0000000,0000000..16a7f29
new file mode 100644
--- /dev/null
+++ b/debian/yara.manpages
@@@ -1,0 -1,0 +1,1 @@@
++debian/man/yarac.1
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list