Fedora 20 Update: python-pefile-1.2.10_139-1.fc20
updates at fedoraproject.org
updates at fedoraproject.org
Sun Feb 16 23:15:44 UTC 2014
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-2144
2014-02-08 04:05:01
--------------------------------------------------------------------------------
Name : python-pefile
Product : Fedora 20
Version : 1.2.10_139
Release : 1.fc20
URL : http://code.google.com/p/pefile/
Summary : Python module for working with Portable Executable files
Description :
pefile is a multi-platform Python module to read and work with Portable
Executable (aka PE) files. Most of the information in the PE Header is
accessible, as well as all the sections, section's information and data.
pefile requires some basic understanding of the layout of a PE file. Armed
with it it's possible to explore nearly every single feature of the file.
Some of the tasks that pefile makes possible are:
* Modifying and writing back to the PE image
* Header Inspection
* Sections analysis
* Retrieving data
* Warnings for suspicious and malformed values
* Packer detection with PEiD’s signatures
* PEiD signature generation
--------------------------------------------------------------------------------
Update Information:
Version: 1.2.10-139
Changes since previous release:
* Added Mandiant's ordLookup to resolve the names for some symbols that are exported only by ordinal numbers.
* Added a feature requested in Issue 45 to produce a Python dictionary with all the information dumped by dump_info().
* In addition to the new features, the new version provides with the following bugfixes and improvements:
* Improved the handling of PEs with vast number of invalid import symbols.
* Improved the handling of invalid symbols in the export directory.
* Added an upper bound in the maximum number of entries to consider when parsing the delay import directory.
* Better handling of the Rich Header.
* Fixed a problem when writing back the contents of the VS_VERSIONINFO StringTable. StringTable key, value string pairs are no longer added to the StringTable struct, they polluted the namespace and potentially overwrote real fields in the structure.
Improved parsing of PEs with thousands of sections. Sections that appear to be invalid will now be ignored and some of the checks have been optimized for the cases where a file still has many possibly valid sections.
* Fixed a problem introduced when renaming the DLL Characteristics FLAGS that lead to them not being shown.
* Merged patches contributed by Ange Albertini adding more subsystem types and warning of Windows 8's problems loading PE files with the entrypoint pointing within the headers.
* Merged path from ThreatGrid's Wesley Brown. Summary: changed memory mapping usage, revamped to use bytearrays rather than list, complete rewrite of the checksum generation algorithm to be much more memory efficient, and less susceptible to PE bomb attacks.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 7 2014 Christopher Meng <rpm at cicku.me> - 1.2.10_139-1
- Update to 1.2.10_139
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1060585 - New version available - pefile-1.2.10-139
https://bugzilla.redhat.com/show_bug.cgi?id=1060585
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update python-pefile' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list