-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-5c55ef46ee 2017-06-17 19:40:32.934130 --------------------------------------------------------------------------------
Name : yara Product : Fedora 24 Version : 3.6.0 Release : 1.fc24 URL : http://VirusTotal.github.io/yara/ Summary : Pattern matching Swiss knife for malware researchers Description : YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a Boolean expression which determine its logic.
-------------------------------------------------------------------------------- Update Information:
Update to a bugfix release of yara. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1440739 - CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924 yara: Multiple security issues [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1440739 [ 2 ] Bug #1451383 - CVE-2017-8929 yara: Use-after-free in sized_string_cmp function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1451383 [ 3 ] Bug #1451384 - CVE-2017-8929 yara: Use-after-free in sized_string_cmp function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1451384 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade yara' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------