gentoo resync : 06.04.2022

8 files changed, 122 insertions, 1 deletions

diff --git a/app-forensics/Manifest.gz b/app-forensics/Manifest.gz
index 4a2bae5c4188..68581c7a216c 100644
--- a/app-forensics/Manifest.gz
+++ b/app-forensics/Manifest.gz
diff --git a/app-forensics/rkhunter/Manifest b/app-forensics/rkhunter/Manifest
index 543afd02d20a..1c6b7dd4c437 100644
--- a/app-forensics/rkhunter/Manifest
+++ b/app-forensics/rkhunter/Manifest
@@ -4,4 +4,4 @@ AUX rkhunter-1.4.cron 4002 BLAKE2B 4effc65dbff981fc90370dfae3c5e6b7d6d6f60e5aabc
 AUX rkhunter.bash-completion 2499 BLAKE2B 5cc845f3780e5b92acb84aad8141147b87245d554770282b91ba04771d7d8e727691872bdee129f25c7dd1a1440944e4b6959b9981c9c73683f1fddd479b225c SHA512 8fba540f5425169810b8baaf2e801638e3286aa93a69d4a96f5916e3bc9b632edaef6b509b8ca58f8047a7c7d4bb4bf348ad7923e855edce3dd0432725a944e7
 DIST rkhunter-1.4.6.tar.gz 302137 BLAKE2B 89c61386b57f743f4205f8c826eaa8a9dc9a0d413ac47efb26b6f93d8d642f619f35b7a4c021521b662547c02a16071b8980d158cfb9e081a64870558dbaeff0 SHA512 c51a21b6b66ed1f73a19d8ce04eaba35999eefcb666acc824989c3bf53ac56d24a33ac4fec290be942e33fe24674406b371eafff73f7e697b9e03ec031b37216
 EBUILD rkhunter-1.4.6-r1.ebuild 1421 BLAKE2B 01672b9f5175a07e82de80ea504bf2f417d5044d62734e0dd016ddb47275ab095002dc7bc40d17feda058f3d3cd1ded5db3fa526cfa900983fa95eb4df964dc3 SHA512 df67033f0f6398d4ef2da17801bed918d2decaf9271bc1a905001ef58b2a1b7307431483772d8e48b3c9b2fd03bd30f38e2430f4e3e27ce919b87d6ccc0b97cf
-MISC metadata.xml 300 BLAKE2B a4546c7b18be8832fc334d3056c3109b556e5511a65c0cc349e3698bdd73e675583a0fe63d6f54624851d37546ca9ccd811782e28ae287c7156a6fff2c8e1fed SHA512 5734429abfb1a0c07be1695736dcba4ee1c4a01b93724f46d976b290e1ce62b6ae0e9c22d9342d85767064f2349d6330bc9f0bab604a05bedd5ca4c75d3c3fd5
+MISC metadata.xml 332 BLAKE2B 87cb8f68933a9ad8385b1a1b9cefb15a2a93ba01433466550db12dffc89210d19f1f72d23c7f3d85913f9a704791f3ccf1924fbeb43f6e0462845178b03f7738 SHA512 f2b3fa491250a725ad5f66d201edef08d98e207515db19057c23fba42e6396d8a60ef6f90cc05fd9ceb06a45515cc529301172a6ff44cca3d0dabc8e9972fe4c
diff --git a/app-forensics/rkhunter/metadata.xml b/app-forensics/rkhunter/metadata.xml
index 4e8f6f59dab5..a2f63a17519c 100644
--- a/app-forensics/rkhunter/metadata.xml
+++ b/app-forensics/rkhunter/metadata.xml
@@ -3,6 +3,7 @@
 <pkgmetadata>
 	<maintainer type="person">
 		<email>kensington@gentoo.org</email>
+		<name>Michael Palimaka</name>
 	</maintainer>
 	<upstream>
 		<remote-id type="sourceforge">rkhunter</remote-id>
diff --git a/app-forensics/volatility3/Manifest b/app-forensics/volatility3/Manifest
new file mode 100644
index 000000000000..bfe4bbda5b75
--- /dev/null
+++ b/app-forensics/volatility3/Manifest
@@ -0,0 +1,3 @@
+DIST volatility3-2.0.1.tar.gz 427679 BLAKE2B eb9b4ebb885a8dd4de2769c666b503da4bef792389efbf487815808fd514cf84f7f10b5a12926cf398a4028e7b72a5b78892c4c92d3709fea37fe13a6f32af7d SHA512 752b3fc23b3668df4329f6dbefa2ff8eb2dd63bc6e22e18774096cebae93053567727e3dc6e5ecbf7a0731459c829c37cea8ac735564c62f96a4f652ad2b6cb9
+EBUILD volatility3-2.0.1.ebuild 1070 BLAKE2B 4e34bf20c94cbbaff69de8b371a4770564b026c406ef0e0df92b993edd243a79d3298c5b123888126aab9fa3ed7b042d09ab56f24b4768274a33a7c0cce3c773 SHA512 5a75000f80c3259da64f5392548dac7c48765c81ec6a2cca5269355881f245f0ee61295e2abf9f0fe6f17776b154476ececa7a729ac0750ea11c628004add1e6
+MISC metadata.xml 1304 BLAKE2B 2a972904591d4b6019a24839ac7d04a72332dd77e13beb7542c5dab31101ecdf1f4e69da5e72cdc41a5770360168df42edc745385f65d209e3161018c176a690 SHA512 0531a76f7bcb899e051ae30bf05b0f12e9fecab178837dd57907520ec94c6c96dceb7d6ac0d6aac2629ae559580f5e180409d55aecf8cca208c0ed89724590ff
diff --git a/app-forensics/volatility3/metadata.xml b/app-forensics/volatility3/metadata.xml
new file mode 100644
index 000000000000..edbcd55f84f9
--- /dev/null
+++ b/app-forensics/volatility3/metadata.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person" proxied="yes">
+		<email>mario.haustein@hrz.tu-chemnitz.de</email>
+		<name>Mario Haustein</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>sam@gentoo.org</email>
+		<name>Sam James</name>
+	</maintainer>
+	<longdescription>
+		Volatility is the world's most widely used framework for extracting
+		digital artifacts from volatile memory (RAM) samples. The extraction
+		techniques are performed completely independent of the system being
+		investigated but offer visibility into the runtime state of the system.
+	</longdescription>
+	<use>
+		<flag name='crypt'>support plugins that decrypt passwords, password hashes, etc.</flag>
+		<flag name='disasm'>support plugins that perform malware analysis and disassemble code</flag>
+		<flag name='jsonschema'>improve error messages regarding improperly configured ISF files</flag>
+		<flag name='leechcore'>support memory acquisition via leechcore</flag>
+		<flag name='snappy'>support AVMLs native compression format</flag>
+		<flag name='yara'>support YARA pattern matching engine</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">volatilityfoundation/volatility3</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/app-forensics/volatility3/volatility3-2.0.1.ebuild b/app-forensics/volatility3/volatility3-2.0.1.ebuild
new file mode 100644
index 000000000000..c8b4955f0506
--- /dev/null
+++ b/app-forensics/volatility3/volatility3-2.0.1.ebuild
@@ -0,0 +1,31 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{8..10} )
+inherit distutils-r1
+
+MY_PV=${PV//_beta/-beta.}
+
+DESCRIPTION="Framework for analyzing volatile memory"
+HOMEPAGE="https://github.com/volatilityfoundation/volatility3/ https://www.volatilityfoundation.org/"
+SRC_URI="https://github.com/volatilityfoundation/volatility3/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
+S="${WORKDIR}"/${PN}-${MY_PV}
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="crypt disasm jsonschema leechcore snappy yara"
+
+RDEPEND="
+	>=dev-python/pefile-2017.8.1[${PYTHON_USEDEP}]
+	crypt? ( >=dev-python/pycryptodome-3[${PYTHON_USEDEP}] )
+	disasm? ( >=dev-libs/capstone-3.0.5[python,${PYTHON_USEDEP}] )
+	jsonschema? ( >=dev-python/jsonschema-2.3.0[${PYTHON_USEDEP}] )
+	leechcore? ( >=dev-python/leechcorepyc-2.4.0[${PYTHON_USEDEP}] )
+	snappy? ( >=dev-python/snappy-0.6.0[${PYTHON_USEDEP}] )
+	yara? ( >=dev-python/yara-python-3.8.0[${PYTHON_USEDEP}] )
+"
+DEPEND="${RDEPEND}"
diff --git a/app-forensics/yara/Manifest b/app-forensics/yara/Manifest
index de4566ba38b6..f0d2d4545a30 100644
--- a/app-forensics/yara/Manifest
+++ b/app-forensics/yara/Manifest
@@ -1,5 +1,7 @@
 DIST yara-4.1.3.tar.gz 936462 BLAKE2B abfdd5918abe3641056ccde3eebb754cbd66eff5569978d3b1aad5d925d62fcb96b1f7367d0d014dd165db8634418259667be3b2441f93e0848bfbd905ca32dd SHA512 1bfa1787c62dfd9a87fa8db5e8c2fa68f082ae66b16b5373bdcc6bc66b32016fcaffd4baa7e59a7c1f6d3426c972eca9cc22f70d475067d7557b1014a4ab65fc
+DIST yara-4.2.0.tar.gz 1284059 BLAKE2B 735d161fde5f84199315f1ce6d31f1ad79488312bede85d2941a03cb97fe75c3c4db0b3cba75782d338a462d87e9d9ed57b393bbdb68decfb350a1bbd096258b SHA512 24ca707015c77d87126bcaac0991997f6b09403024765d615a06db47191a3f0177e1c1eb4a917ec8412876b61d28f4a708f36999ddd9214c3967968c71ae3b7c
 DIST yara-4.2.0_rc1.tar.gz 1283822 BLAKE2B d7bf869e670a0223895aac31df0dbe063d3f0110d1981ae8a42ab26726976790c744b522f13a6963f521310a281fab2b27d6336b23e504a4a9a3d414473ae452 SHA512 03bd09d7c020078946101854e68b7f9ca17c04f7a68624e9e15dc476fe209cc11b010108a0e7aea9746f05aabdbb8d6a6a2ffc54516eb9cb86f170c4259934df
 EBUILD yara-4.1.3.ebuild 1084 BLAKE2B 0a458d363a826219fca0b28da3d9520446597d89f5d51564b3801b7703421b2eead7360d0deb88382c4fd5459ff7165d60de16b060c3b3282f24ec71ce903d4e SHA512 a30a98f8a109130c06f578a76aa99f91bf2baaddaaa514b67e51cdc5957cb7b9f7a219827359a64df380425c26253e1114cfbed2007cbd5adf37cec9322c00b7
+EBUILD yara-4.2.0.ebuild 1154 BLAKE2B d881ba15e2b3bfcde9ce490981af10e8a2828edcfd6a729d5ce69b763fd4f6be1bd1c13fb83bc79602ba6d0be4f2c2f52cd840f07419687d2e8293bb2df1370c SHA512 edb5a75ad5fdef624320c18950a11faf45e5a04152afc3ec4c7621d07e9eb3000c8bd82e695ff8d5226ecb5347c3ab155dca98482d6bf102c261cf5c10f7b799
 EBUILD yara-4.2.0_rc1.ebuild 1154 BLAKE2B d881ba15e2b3bfcde9ce490981af10e8a2828edcfd6a729d5ce69b763fd4f6be1bd1c13fb83bc79602ba6d0be4f2c2f52cd840f07419687d2e8293bb2df1370c SHA512 edb5a75ad5fdef624320c18950a11faf45e5a04152afc3ec4c7621d07e9eb3000c8bd82e695ff8d5226ecb5347c3ab155dca98482d6bf102c261cf5c10f7b799
 MISC metadata.xml 1151 BLAKE2B a2f641c9c0f851884cc6482248446d7b509e4ca2c5cec26159063a0fec025b8928955cfefbdf87e26ace0d06a01a2cec7d1f3d10b09b99b1cf1040c09519adfa SHA512 5001e3a14dc458a6b27f69226fb346dc8bf07058270e20b81f325c0742300ccb6e241b3d3dc6f55eccc43b68f0fea74977d33d8bcca6d0612057f6015f857500
diff --git a/app-forensics/yara/yara-4.2.0.ebuild b/app-forensics/yara/yara-4.2.0.ebuild
new file mode 100644
index 000000000000..8bac51561719
--- /dev/null
+++ b/app-forensics/yara/yara-4.2.0.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+DESCRIPTION="A malware identification and classification tool"
+HOMEPAGE="http://virustotal.github.io/yara/"
+SRC_URI="https://github.com/virustotal/yara/archive/v${PV/_/-}.tar.gz -> ${P}.tar.gz"
+S="${WORKDIR}/${PN}-${PV/_/-}"
+
+LICENSE="Apache-2.0"
+SLOT="0/8"
+if [[ ${PV} != *_rc* ]] ; then
+	KEYWORDS="~amd64 ~x86"
+fi
+IUSE="+dex +dotnet +cuckoo +macho +magic profiling python test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	dev-libs/openssl:=
+	cuckoo? ( dev-libs/jansson:= )
+	magic? ( sys-apps/file:= )
+"
+RDEPEND="${DEPEND}"
+PDEPEND="python? ( =dev-python/yara-python-$(ver_cut 1)* )"
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		$(use_enable profiling) \
+		$(use_enable cuckoo) \
+		$(use_enable magic) \
+		$(use_enable dotnet) \
+		$(use_enable macho) \
+		$(use_enable dex) \
+		$(use_enable test static)
+}
+
+src_test() {
+	emake check
+}
+
+src_install() {
+	default
+
+	# TODO: Allow tests to work against dyn. lib rather than building
+	# statically just for tests.
+	find "${ED}" -name '*.a' -delete || die
+}