yara-python - yara-python - Python extension that gives access to YARA from Python scripts

Property Value
Distribution Fedora 25
Repository CERT Forensics Tools x86_64
Package name yara-python
Package version 3.5.0
Package release 5.fc25
Package architecture x86_64
Package type rpm
Installed size 114.90 KB
Download size 52.62 KB
Official Mirror forensics.cert.org
YARA for Python - This is a Python extension that gives access to YARA's powerful features from Python scripts.


Package Version Architecture Repository
yara-python-3.6.3-1.fc25.i686.rpm 3.6.3 i686 CERT Forensics Tools
yara-python-3.6.3-1.fc25.x86_64.rpm 3.6.3 x86_64 CERT Forensics Tools
yara-python-3.6.2-1.fc25.i686.rpm 3.6.2 i686 CERT Forensics Tools
yara-python-3.6.2-1.fc25.x86_64.rpm 3.6.2 x86_64 CERT Forensics Tools
yara-python-3.6.0-1.fc25.i686.rpm 3.6.0 i686 CERT Forensics Tools
yara-python-3.6.0-1.fc25.x86_64.rpm 3.6.0 x86_64 CERT Forensics Tools
yara-python-3.5.0-7.1.fc25.i686.rpm 3.5.0 i686 CERT Forensics Tools
yara-python-3.5.0-7.1.fc25.x86_64.rpm 3.5.0 x86_64 CERT Forensics Tools
yara-python-3.5.0-5.fc25.i686.rpm 3.5.0 i686 CERT Forensics Tools
yara-python - - -


Name Value
/usr/bin/python -
libc.so.6(GLIBC_2.4)(64bit) -
libpthread.so.0()(64bit) -
libpython2.7.so.1.0()(64bit) -
libyara.so.3()(64bit) -
python(abi) = 2.7
rtld(GNU_HASH) -
yara = 3.5.0


Name Value
python2.7dist(yara-python) = 3.5.0
python2dist(yara-python) = 3.5.0
yara-python = 3.5.0-5.fc25
yara-python(x86-64) = 3.5.0-5.fc25


Type URL
Binary Package yara-python-3.5.0-5.fc25.x86_64.rpm
Source Package yara-python-3.5.0-5.fc25.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-25 rpm:
  2. Install cert-forensics-tools-release-25 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install yara-python rpm package:
    # dnf --enablerepo=forensics install yara-python




2016-09-05 - Lawrence R. Rogers <lrr@cert.org> 3.5.0-5
* Release 3.5.0-5
Rebuilt to make version in Fedora updates.
2016-08-16 - Lawrence R. Rogers <lrr@cert.org> 3.5.0-2
* Release 3.5.0-2
Fixed shared library problem.
2016-08-02 - Lawrence R. Rogers <lrr@cert.org> 3.5.0-1
* Release 3.5.0-1
Version 3.5.0
Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
Performance improvements
Less memory consumption while scanning processes
Exception handling when scanning memory blocks
Negative integers in meta fields
Added the --stack-size command-argument
Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module
Functions rich_signature.toolid and rich_signature.version added to PE module
Lots of bug fixes
2015-09-24 - Lawrence R. Rogers <lrr@cert.org> 3.4.0-2
* Release 3.4.0-2
Added a build requires of openssl-devel
2015-06-18 - Lawrence R. Rogers <lrr@cert.org> 3.4.0-1
* Release 3.4.0-1
Short-circuit evaluation for conditions
New yr_rules_save_stream/yr_rules_load_stream APIs.
load() and save() methods in yara-python accept file-like objects
Improvements to the PE and ELF modules
Some performance improvements
New command-line option --print-module-data
Multiple bug fixes.
2015-02-10 - Lawrence R. Rogers <lrr@cert.org> 3.3.0-1
* Release 3.3.0-1
Added support for negative integers and floating point numbers
Implemented operators >,<, >=, <= for strings
Implemented word boundary anchors (\b, \B) in regular expressions
New features in PE module
Math module
New --print-namespace command line argument
Better error handling in low memory conditions
BUGFIX: "at" operator not working with certain strings containing wildcards
BUGFIX: precedence of bitwise operators was incorrect
BUGFIX: incorrect imphash result for certain PE files importing functions by ordinal
BUGFIX: handle and memory leaks
BUGFIX: multiple segfaults
2014-03-03 - Lawrence R. Rogers <lrr@cert.org> 2.010-1
* Release 2.1.0-1
* Improve regexp engine
* Improve multithreading support
* Case-insensitive and single-line matching modes for "matches" operator's regexps
* Added "error_on_warning" argument to "match" in yara-python
* Recognize x64 PE files
* BUGFIX: Mutex handle leak
* BUGFIX: NULL pointer dereferences
* BUGFIX: Buffer overflow
* BUGFIX: Crash while using compiled rules with yara64 in Windows
* BUGFIX: Infinite loop while scanning 64bits process in Windows
* BUGFIX: Side-effect on "externals" argument in yara-python's "match" function
* BUGFIX: "x of them" not working with strings containing unbounded jumps
2014-01-16 - Lawrence R. Rogers <lrr@cert.org> 2.0.0-1
* Release 2.0.0-1
Better multi-thread support
Rules can be saved in binary form
2013-12-02 - Lawrence R. Rogers <lrr@cert.org> 1.7.2-1
* Release 1.7.2-1
* BUGFIX: Regular expressions marked as both "wide" and "ascii" were treated as just "wide"
* BUGFIX: Bug in "n of (<string_set>)" operator
* BUGFIX: Bug in get_process_memory could cause infinite loop
2013-03-29 - Lawrence R. Rogers <lrr@cert.org> 1.7-1
* Release 1.7-1
* Version 1.7