[pkgsrc/trunk]: pkgsrc/security {,py-}yara: update to version 4.1.0

[khorben <khorben%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/a3e040fba2fc
branches:  trunk
changeset: 453429:a3e040fba2fc
user:      khorben <khorben%pkgsrc.org@localhost>
date:      Sun May 30 01:16:28 2021 +0000

description:
{,py-}yara: update to version 4.1.0

Since version 3.11.0:

YARA v4.1.0

 * New operators icontains, endswith, iendswith, startswith, istartswith.
 * Accept \t escape sequence in text strings.
 * Add --no-follow-links command-line option to yara.
 * Prevent yara from following links to "." (@1D2D).
 * Implemented non-blocking scanning API (@simonhf).
 * When a string causes too many matches, YARA raises a warning instead of failing (@wxsBSD).
 * BUGFIX: The use of --timeout could hang yara when scanning directories or lists of files (#1481).
 * BUGFIX: Incorrect parsing of PE certificates (#1443).
 * BUGFIX: Short-circuit evaluation not working fine with undefined expressions.

YARA v4.1.0-rc2

 * Don't raise warnings for non-ASCII strings.

YARA v4.1.0-rc1

 * New operators icontains, endswith, iendswith, startswith, istartswith.
 * Raise warnings for non-ascii strings.
 * Accept \t escape sequence in text strings.
 * Add --no-follow-links command-line option to yara.
 * Prevent yara from following links to "." (@1D2D).
 * Implemented non-blocking scanning API (@simonhf).
 * When a string causes too many matches, YARA raises a warning instead of failing.

YARA v4.0.5

 * BUGFIX: Fix bug in "macho" module introduced in v4.0.4.

YARA v4.0.4

 * BUGFIX: Multiple out-of-bounds reads in "macho" module.

Credits to Luis Merino from X41 D-SEC GmbH for reporting these issues.

YARA v4.0.3

 * BUGFIX: Multiple out-of-bounds read in "dotnet" module.

YARA v4.0.2

 * BUGFIX: Use-after-free bug in PE module (#1287).
 * BUGFIX: Incorrect errors in rules when a single rule is badly formatted (#1294).
 * BUGFIX: Assertion failed with rules that have invalid syntax (#1295).
 * BUGFIX: Integer overflow causing missed matches on files larger than 2GB (#1304).
 * BUGFIX: Crashes in Mac OS while scanning binaries with a signature that can't be verified (#1309).

YARA v4.0.1

 * Update sandboxed API (#1276).
 * BUGFIX: Fix regression in exports parsing in PE module (2bf67e6).
 * BUGFIX: Fix unaligned accesses in ARM (e1654ae).

YARA v4.0.0

 * New string modifiers base64 and base64wide (#1185).
 * New string modifier private (#1096).
 * Iterators for dictionaries and arrays (#1141).
 * Multiple API changes.
 * Memory footprint greatly reduced, specially when compiling large numbers of rules.
 * New commmand-line option --scan-list (#1261).
 * Added pdb_path field to "pe" module.
 * Added export_details array to "pe" module.
 * Added exports_index functions to "pe" module.
 * Improvements to "cuckoo" module.
 * BUGFIX: PE files with multiple signatures are parsed correctly (#940).
 * BUGFIX: Fix PE rich header parsing (#1164).
 * BUGFIX: Buffer overruns in "dotnet" module (#1167, #1173).

diffstat:

 security/py-yara/Makefile                       |   9 ++++-----
 security/py-yara/distinfo                       |  10 +++++-----
 security/yara/Makefile                          |   6 +++---
 security/yara/Makefile.common                   |   7 +++----
 security/yara/PLIST                             |   4 +++-
 security/yara/distinfo                          |  14 +++++---------
 security/yara/patches/patch-libyara_libyara.c   |  15 ---------------
 security/yara/patches/patch-libyara_re.c        |  23 -----------------------
 security/yara/patches/patch-libyara_re__lexer.l |  15 ---------------
 9 files changed, 23 insertions(+), 80 deletions(-)

diffs (182 lines):

diff -r c4f036d58622 -r a3e040fba2fc security/py-yara/Makefile
--- a/security/py-yara/Makefile Sun May 30 00:49:51 2021 +0000
+++ b/security/py-yara/Makefile Sun May 30 01:16:28 2021 +0000
@@ -1,15 +1,14 @@
-# $NetBSD: Makefile,v 1.10 2019/11/04 21:13:01 rillig Exp $
+# $NetBSD: Makefile,v 1.11 2021/05/30 01:16:28 khorben Exp $
 
-DISTNAME=      yara-python-${VERSION}
-PKGNAME=       ${PYPKGPREFIX}-yara-${VERSION}
+DISTNAME=      yara-python-${YARA_VERSION}
+PKGNAME=       ${PYPKGPREFIX}-yara-${YARA_VERSION}
 CATEGORIES=    security python
 GITHUB_PROJECT=        yara-python
 
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=VirusTotal/}
 
 COMMENT=       Yara python bindings
-
-PYTHON_VERSIONS_ACCEPTED=      27
+LICENSE=       apache-2.0
 
 .include "../../security/yara/Makefile.common"
 .include "../../security/yara/buildlink3.mk"
diff -r c4f036d58622 -r a3e040fba2fc security/py-yara/distinfo
--- a/security/py-yara/distinfo Sun May 30 00:49:51 2021 +0000
+++ b/security/py-yara/distinfo Sun May 30 01:16:28 2021 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.11 2019/12/14 10:50:10 khorben Exp $
+$NetBSD: distinfo,v 1.12 2021/05/30 01:16:28 khorben Exp $
 
-SHA1 (yara-python-3.11.0.tar.gz) = 8e1c6c31875d1df685b4a97faf8d58287e8c38a4
-RMD160 (yara-python-3.11.0.tar.gz) = 000398c4041c1f495320d3ce7ad500b3c3ffddb4
-SHA512 (yara-python-3.11.0.tar.gz) = 0c8e6cbe51aa858c6d56b95c88bd450016924008b57b4910ed8edfb7bba4d7bfc18736844817978f74e72bed6765c484f275de4e7a53ec85048fb01713b6e959
-Size (yara-python-3.11.0.tar.gz) = 31830 bytes
+SHA1 (yara-python-4.1.0.tar.gz) = e47a2e6f3826de624be3da293080ac3a9ee863b1
+RMD160 (yara-python-4.1.0.tar.gz) = 24013ec2e3a6fac9383663efc28156625de4fd05
+SHA512 (yara-python-4.1.0.tar.gz) = 8b9ce780b6639ab2ee5222adec888c7e0fb6be81c7c64a8b33b033de3f261f9707aa208b7a3a86749f6e86a83fe6d73941c816857faf6eb714399d1f50239b51
+Size (yara-python-4.1.0.tar.gz) = 33717 bytes
diff -r c4f036d58622 -r a3e040fba2fc security/yara/Makefile
--- a/security/yara/Makefile    Sun May 30 00:49:51 2021 +0000
+++ b/security/yara/Makefile    Sun May 30 01:16:28 2021 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.10 2021/05/14 11:47:57 nia Exp $
+# $NetBSD: Makefile,v 1.11 2021/05/30 01:16:28 khorben Exp $
 
-DISTNAME=      yara-${VERSION}
-PKGREVISION=   1
+DISTNAME=      yara-${YARA_VERSION}
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=VirusTotal/}
 
 COMMENT=       Pattern matching swiss knife for malware researchers
+LICENSE=       modified-bsd
 
 USE_TOOLS+=    pkg-config automake autoreconf flex
 USE_LIBTOOL=   yes
diff -r c4f036d58622 -r a3e040fba2fc security/yara/Makefile.common
--- a/security/yara/Makefile.common     Sun May 30 00:49:51 2021 +0000
+++ b/security/yara/Makefile.common     Sun May 30 01:16:28 2021 +0000
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile.common,v 1.12 2019/12/14 10:46:08 khorben Exp $
+# $NetBSD: Makefile.common,v 1.13 2021/05/30 01:16:28 khorben Exp $
 #
 # used by security/yara/Makefile
 # used by security/py-yara/Makefile
 
-VERSION=       3.11.0
-GITHUB_TAG=    v${VERSION}
+YARA_VERSION=  4.1.0
+GITHUB_TAG=    v${YARA_VERSION}
 
 MAINTAINER=    khorben%defora.org@localhost
 HOMEPAGE=      https://virustotal.github.io/yara/
-LICENSE=       apache-2.0
diff -r c4f036d58622 -r a3e040fba2fc security/yara/PLIST
--- a/security/yara/PLIST       Sun May 30 00:49:51 2021 +0000
+++ b/security/yara/PLIST       Sun May 30 01:16:28 2021 +0000
@@ -1,10 +1,11 @@
-@comment $NetBSD: PLIST,v 1.6 2019/12/14 10:46:08 khorben Exp $
+@comment $NetBSD: PLIST,v 1.7 2021/05/30 01:16:28 khorben Exp $
 bin/yara
 bin/yarac
 include/yara.h
 include/yara/ahocorasick.h
 include/yara/arena.h
 include/yara/atoms.h
+include/yara/base64.h
 include/yara/bitmask.h
 include/yara/compiler.h
 include/yara/error.h
@@ -17,6 +18,7 @@
 include/yara/limits.h
 include/yara/mem.h
 include/yara/modules.h
+include/yara/notebook.h
 include/yara/object.h
 include/yara/parser.h
 include/yara/proc.h
diff -r c4f036d58622 -r a3e040fba2fc security/yara/distinfo
--- a/security/yara/distinfo    Sun May 30 00:49:51 2021 +0000
+++ b/security/yara/distinfo    Sun May 30 01:16:28 2021 +0000
@@ -1,10 +1,6 @@
-$NetBSD: distinfo,v 1.12 2019/12/14 10:46:08 khorben Exp $
+$NetBSD: distinfo,v 1.13 2021/05/30 01:16:28 khorben Exp $
 
-SHA1 (yara-3.11.0.tar.gz) = 81a243423352d66f5ec0cb657098c27f035cd164
-RMD160 (yara-3.11.0.tar.gz) = 18f28d9c6cface071f2526ca7d7c64a0b3a848f9
-SHA512 (yara-3.11.0.tar.gz) = 26d800284a2de07195e4a480eb7125b1f5ad0265b284bfbeee10dbab162ea0f419c9e2ea5c4ed5fa25a46a2c9e3c6b077dfe1cafece79251e20d5d70f91b80a8
-Size (yara-3.11.0.tar.gz) = 772122 bytes
-SHA1 (patch-common.h) = d85b8be6ee384630f8e1b7ffc3c126f25d13e956
-SHA1 (patch-libyara_libyara.c) = 3be4325f344676cc490ff262483b76fab4b080fa
-SHA1 (patch-libyara_re.c) = 4376d943b32fc0e13cb2b4ced99467da1f263da0
-SHA1 (patch-libyara_re__lexer.l) = 169802090dd922f06d8c32a0d1ea5409cf660f61
+SHA1 (yara-4.1.0.tar.gz) = 6aaf2696a9d00b89fea434eb013073ed569f3d48
+RMD160 (yara-4.1.0.tar.gz) = aa6999b4b5143c03aae26ddd791c7d7a7d5a4092
+SHA512 (yara-4.1.0.tar.gz) = b4b3d004181f4a5c7f35103082977f72155b1a80bcde84c09c68951b57c9b6cbb1304591172de72bdbd0b5a36c98a4671c5e4d428dfde809df717c32df4e2922
+Size (yara-4.1.0.tar.gz) = 935770 bytes
diff -r c4f036d58622 -r a3e040fba2fc security/yara/patches/patch-libyara_libyara.c
--- a/security/yara/patches/patch-libyara_libyara.c     Sun May 30 00:49:51 2021 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-libyara_libyara.c,v 1.1 2019/12/14 10:46:08 khorben Exp $
-
-Ensure we adhere to valid value domain for isxxxx() function/macro.
-
---- libyara/libyara.c.orig     2019-10-10 11:10:50.000000000 +0000
-+++ libyara/libyara.c
-@@ -138,7 +138,7 @@ YR_API int yr_initialize(void)
-     else
-       yr_altercase[i] = i;
- 
--    yr_lowercase[i] = tolower(i);
-+    yr_lowercase[i] = tolower((unsigned char)i);
-   }
- 
-   FAIL_ON_ERROR(yr_heap_alloc());
diff -r c4f036d58622 -r a3e040fba2fc security/yara/patches/patch-libyara_re.c
--- a/security/yara/patches/patch-libyara_re.c  Sun May 30 00:49:51 2021 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,23 +0,0 @@
-$NetBSD: patch-libyara_re.c,v 1.1 2019/12/14 10:46:08 khorben Exp $
-
-Ensure we adhere to valid value domain for isxxxx() function/macro.
-
---- libyara/re.c.orig  2019-10-10 11:10:50.000000000 +0000
-+++ libyara/re.c
-@@ -2063,14 +2063,14 @@ int yr_re_exec(
- 
-         case RE_OPCODE_DIGIT:
-           prolog;
--          match = isdigit(*input);
-+          match = isdigit((unsigned char)*input);
-           action = match ? ACTION_NONE : ACTION_KILL;
-           fiber->ip += 1;
-           break;
- 
-         case RE_OPCODE_NON_DIGIT:
-           prolog;
--          match = !isdigit(*input);
-+          match = !isdigit((unsigned char)*input);
-           action = match ? ACTION_NONE : ACTION_KILL;
-           fiber->ip += 1;
-           break;
diff -r c4f036d58622 -r a3e040fba2fc security/yara/patches/patch-libyara_re__lexer.l
--- a/security/yara/patches/patch-libyara_re__lexer.l   Sun May 30 00:49:51 2021 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-libyara_re__lexer.l,v 1.1 2017/11/15 18:22:22 he Exp $
-
-Ensure we adhere to valid value domain for isxxxx() function/macro.
-
---- libyara/re_lexer.l.orig    2017-11-10 11:21:21.000000000 +0000
-+++ libyara/re_lexer.l
-@@ -488,7 +488,7 @@ int escaped_char_value(
-   switch(text[1])
-   {
-   case 'x':
--    if (!isxdigit(text[2]) || !isxdigit(text[3]))
-+    if (!isxdigit((unsigned char)text[2]) || !isxdigit((unsigned char)text[3]))
-       return 0;
-     hex[0] = text[2];
-     hex[1] = text[3];