Skip to content

Commit 7d1c4ee

Browse files
vthibvthib
committed
release 0.5.0
1 parent 57f5aa9 commit 7d1c4ee

File tree

4 files changed

+35
-15
lines changed

4 files changed

+35
-15
lines changed

CHANGELOG.md

Lines changed: 30 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -5,19 +5,38 @@ All notable changes to this project will be documented in this file.
55
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
66
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
77

8-
## [Unreleased]
8+
## [0.5.0] - 2024-02-16
99

10-
Yara 4.5:
10+
This release mainly consists of Yara 4.5 compatibility features and fixes:
11+
12+
### boreal
13+
14+
#### Added:
15+
16+
YARA 4.5 support:
1117

1218
- New Warning on unknown escape sequences in regexes. See [PR #68](https://github.com/vthib/boreal/pull/68).
13-
This warning is however more broad than the YARA one.
14-
- Do not report strings whose name starts with `_` as unused.
15-
- Add `pe.export_details[*].rva` field.
19+
This warning is more broad than the YARA one from YARA 4.5.
20+
- always expose `pe.is_signed` [97d1d11](https://github.com/vthib/boreal/commit/97d1d11b8a30980906f1aa01e88da70d0fbd4da8)
21+
- Do not report strings whose name starts with `_` as unused [1a8a8cd](https://github.com/vthib/boreal/commit/1a8a8cdf32dbde114afeb7cd558a62efe8d9527f)
22+
- Add `pe.export_details[*].rva` field [7597d3f](https://github.com/vthib/boreal/commit/7597d3f6a227f9b45efa58562fb38a8722125bc2)
1623
- `math.count` and `math.percentage` now returns an undefined value when given a
17-
value outside the `[0; 255]` range.
18-
- Imported dlls are ignored if the dll name is longer than 255 bytes.
19-
- Fix endianness issue in `macho.magic` field, see the [Yara fix](https://github.com/VirusTotal/yara/pull/2041).
20-
- Always expose `pe.is_signed` as long as the `authenticode` feature is enabled.
24+
value outside the `[0; 255]` range. [6a09ed2](https://github.com/vthib/boreal/commit/6a09ed23f61be1a0ff7d08a8ad00216fa5c05856)
25+
- Imported dlls are ignored if the dll name is longer than 255 bytes [28f8626](https://github.com/vthib/boreal/commit/28f86267f9ed39fd7c5f2826d89796665bb7bda5)
26+
- Fix endianness issue in `macho.magic` field, see the [Yara fix](https://github.com/VirusTotal/yara/pull/2041) [50d418d](https://github.com/vthib/boreal/commit/50d418d1d40fb2d6cc61d34d1d813a8e7b373783)
27+
- filter imported functions with invalid name in pe module [5a0cb4e](https://github.com/vthib/boreal/commit/5a0cb4e22c24c6101e42cb9ae3f21377c7c47500)
28+
- bump limit on number of listed export symbols in pe module to 16384 [98032b3](https://github.com/vthib/boreal/commit/98032b3d23b41650e84a5c56f594f33d8bbad8d4)
29+
30+
#### Changed:
31+
32+
- crc32-fast dependency updated to 1.4 [f1ae01a](https://github.com/vthib/boreal/commit/f1ae01af06b773e5dd3038199ccbcf3e57c67ed7)
33+
- authenticode-parser dependency updated [e68dde7](https://github.com/vthib/boreal/commit/e68dde73a74b1a7c8e4a4e4939d86bfb0546e577)
34+
35+
#### Fixed:
36+
37+
- Exclude test assets in package [24ca838](https://github.com/vthib/boreal/commit/24ca83801b34b8e959d7c1bc11022409f1e9230d).
38+
This avoids having the package be flagged by antiviruses, as unfortunately, some of the binaries copied from the yara repository
39+
and used for testing seems trigger false positives.
2140

2241
## [0.4.0] - 2024-02-11
2342

@@ -279,7 +298,8 @@ Main changes:
279298

280299
Initial release.
281300

282-
[unreleased]: https://github.com/vthib/boreal/compare/v0.4.0...HEAD
301+
[unreleased]: https://github.com/vthib/boreal/compare/v0.5.0...HEAD
302+
[0.5.0]: https://github.com/vthib/boreal/compare/v0.4.0...v0.5.0
283303
[0.4.0]: https://github.com/vthib/boreal/compare/v0.3.1...v0.4.0
284304
[0.3.1]: https://github.com/vthib/boreal/compare/v0.3.0...v0.3.1
285305
[0.3.0]: https://github.com/vthib/boreal/compare/v0.2.0...v0.3.0

boreal-cli/Cargo.toml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "boreal-cli"
3-
version = "0.4.0"
3+
version = "0.5.0"
44
description = "CLI utility to run boreal, a YARA rules engine"
55
repository = "https://github.com/vthib/boreal"
66
readme = "README.md"
@@ -25,7 +25,7 @@ memmap = ["boreal/memmap"]
2525
profiling = ["boreal/profiling"]
2626

2727
[dependencies]
28-
boreal = { path = "../boreal", version = "0.4.0" }
28+
boreal = { path = "../boreal", version = "0.5.0" }
2929

3030
# CLI arguments handling
3131
clap = { version = "4.5", features = ["cargo"] }

boreal-parser/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "boreal-parser"
3-
version = "0.4.0"
3+
version = "0.5.0"
44
description = "A parser library for YARA files, intended for use with the boreal library"
55
repository = "https://github.com/vthib/boreal"
66
readme = "README.md"

boreal/Cargo.toml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "boreal"
3-
version = "0.4.0"
3+
version = "0.5.0"
44
description = "A library to evaluate YARA rules, used to scan bytes for textual and binary pattern"
55
repository = "https://github.com/vthib/boreal"
66
readme = "README.md"
@@ -38,7 +38,7 @@ process = ["dep:libc", "dep:windows", "dep:mach2"]
3838
profiling = []
3939

4040
[dependencies]
41-
boreal-parser = { path = "../boreal-parser", version = "0.4.0" }
41+
boreal-parser = { path = "../boreal-parser", version = "0.5.0" }
4242

4343
# Proper error reporting on compilation
4444
codespan-reporting = "0.11"

0 commit comments

Comments
 (0)