%global gituser VirusTotal %global gitname yara %global commit 74734418a256c5304ccaf1d322c57e305ff75362 %global shortcommit %(c=%{commit}; echo ${c:0:7}) #additional module for yara %global androguard_gituser Koodous %global androguard_gitname androguard-yara %global androguard_commit fc14c0f3d4d2fbcb0188b9a02321aa74983f588b %global androguard_shortcommit %(c=%{androguard_commit}; echo ${c:0:7}) Name: yara Version: 3.5.0 Release: 7%{?dist} Summary: Pattern matching Swiss knife for malware researchers Group: Development/Libraries #yara package itself is licensed as ASL 2.0 #bison grammar parsers in libyara/* are dual licensed under ASL 2.0 and GPLv3+ license. #resulting binary package licensed as ASL 2.0 License: ASL 2.0 URL: http://VirusTotal.github.io/yara/ #URL: http://github.com/VirusTotal/yara/ Source0: https://github.com/%{gituser}/%{gitname}/archive/%{commit}/%{name}-%{version}-%{shortcommit}.tar.gz #Source1: http://github.com/Koodous/androguard-yara/ Source1: https://github.com/%{androguard_gituser}/%{androguard_gitname}/archive/%{androguard_commit}/%{androguard_gitname}-%{version}-%{androguard_shortcommit}.tar.gz #Patch based on the installation guide for the androguard-yara module Patch0: %{name}-androguard.patch # Use default sphix theme to generate documentation rather than sphinx_rtd_theme # to avoid static installation of font files on fedora >= 24 Patch1: %{name}-docs-theme.patch # Patch https://patch-diff.githubusercontent.com/raw/VirusTotal/yara/pull/627.patch # Fixes: CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924 Patch2: %{name}-pull627.patch BuildRequires: gcc BuildRequires: autoconf BuildRequires: automake BuildRequires: m4 BuildRequires: binutils BuildRequires: coreutils BuildRequires: sharutils BuildRequires: file BuildRequires: gawk BuildRequires: gzip BuildRequires: xz BuildRequires: pcre BuildRequires: bison BuildRequires: flex BuildRequires: libtool BuildRequires: file-devel BuildRequires: jansson-devel >= 2.5 BuildRequires: openssl-devel #html doc generation BuildRequires: python-sphinx %description YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a Boolean expression which determine its logic. %package doc Summary: Documentation for %{name} Group: Documentation BuildArch: noarch %description doc This package contains documentation for %{name}. %package devel Summary: Development files for %{name} Group: Development/Libraries Requires: %{name}%{?_isa} = %{version}-%{release} %description devel The %{name}-devel package contains libraries and header files for developing applications that use %{name}. %prep %setup -qn %{gitname}-%{commit} #Add the Androguard module %setup -qn %{gitname}-%{commit} -a 1 -D -T pushd %{androguard_gitname}-%{androguard_commit} cp -p androguard.c ../libyara/modules/ popd %patch0 -p 1 -b .androguard %patch1 -p 1 -b .fonts autoreconf --force --install %build #macro \configure already does use CFLAGS="\{optflags}" and yara build #scripts configure/make already honors that CFLAGS %configure --enable-magic --enable-cuckoo --with-crypto \ --htmldir=%{_datadir}/doc/%{name}/html make %{?_smp_mflags} #build the HTML documentation pushd docs make html popd %install make install DESTDIR=%{buildroot} #Remove static libraries rm %{buildroot}%{_libdir}/lib%{name}.la rm %{buildroot}%{_libdir}/lib%{name}.a #Remove the rebuild-needed tag so it is not installed in doc pkg rm -f %{buildroot}%{_datadir}/doc/%{name}/html/.buildinfo %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %doc AUTHORS CONTRIBUTORS README.md %license COPYING %{_bindir}/%{name} %{_bindir}/%{name}c %{_libdir}/lib%{name}.so.* %{_mandir}/man1/%{name}.1* %{_mandir}/man1/%{name}c.1* %files devel %{_includedir}/%{name}.h %{_includedir}/%{name}/ %{_libdir}/*.so %{_libdir}/pkgconfig/%{name}.pc %files doc %license COPYING %doc docs/_build/html %changelog * Thu Apr 13 2017 Michal Ambroz - 3.5.0-7 - Adding patch from pull request 627 until 3.5.1 is released - https://patch-diff.githubusercontent.com/raw/VirusTotal/yara/pull/627.patch - Fixes CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924 * Sat Feb 11 2017 Fedora Release Engineering - 3.5.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Tue Aug 09 2016 Michal Ambroz - 3.5.0-5 - import package to Fedora - remove unnecessary .buildinfo tag from doc package * Fri Aug 05 2016 Michal Ambroz - 3.5.0-4 - package review - bugzilla #1362265 - cosmetics of the changelog - using default spinx theme to remove the static fonts * Fri Aug 05 2016 Michal Ambroz - 3.5.0-3 - package review - bugzilla #1362265 - dropped Buildroot, pkgconfig, zlib-devel, defattr - added buildrequires gcc - change license back to ASL 2.0 only * Thu Aug 04 2016 Michal Ambroz - 3.5.0-2 - package review - bugzilla #1362265 - changed packaging of doc sub-package * Thu Aug 04 2016 Michal Ambroz - 3.5.0-1 - bump to new 3.5.0 * Wed Aug 03 2016 Michal Ambroz - 3.4.0-6 - package review - bugzilla #1362265 - dropped dependency of python-tools * Mon Aug 01 2016 Michal Ambroz - 3.4.0-4 - compile with the androguard module * Wed Jun 08 2016 Michal Ambroz - 3.4.0-2 - jansson dependency >= 2.5 * Wed Jun 08 2016 Michal Ambroz - 3.4.0-1 - python3 stuff * Mon Jun 22 2015 Michal Ambroz - 3.4.0-0.git20150618 - initial build for Fedora Project