yara-python - yara-python - Python extension that gives access to YARA from Python scripts

Distribution: Fedora 25
Repository: CERT Forensics Tools x86_64
Package name: yara-python
Package version: 3.5.0
Package release: 5.fc25
Package architecture: x86_64
Package type: rpm
Installed size: 114.90 KB
Download size: 52.62 KB
Official Mirror: forensics.cert.org
YARA for Python - This is a Python extension that gives access to YARA's powerful features from Python scripts.



  • python2.7dist(yara-python) = 3.5.0
  • python2dist(yara-python) = 3.5.0
  • yara-python = 3.5.0-5.fc25
  • yara-python(x86-64) = 3.5.0-5.fc25

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install yara-python rpm package:
      # dnf --enablerepo=forensics install yara-python


    • /usr/lib64/python2.7/site-packages/yara.so
    • /usr/lib64/python2.7/site-packages/yara_python-3.5.0-py2.7.egg-info/PKG-INFO
    • /usr/lib64/python2.7/site-packages/yara_python-3.5.0-py2.7.egg-info/SOURCES.txt
    • /usr/lib64/python2.7/site-packages/yara_python-3.5.0-py2.7.egg-info/dependency_links.txt
    • /usr/lib64/python2.7/site-packages/yara_python-3.5.0-py2.7.egg-info/not-zip-safe
    • /usr/lib64/python2.7/site-packages/yara_python-3.5.0-py2.7.egg-info/top_level.txt
    • /usr/share/doc/yara-python/LICENSE
    • /usr/share/doc/yara-python/README.rst


    2016-09-05 - Lawrence R. Rogers <lrr@cert.org> 3.5.0-5 * Release 3.5.0-5 Rebuilt to make version in Fedora updates.

    2016-08-16 - Lawrence R. Rogers <lrr@cert.org> 3.5.0-2 * Release 3.5.0-2 Fixed shared library problem.

    2016-08-02 - Lawrence R. Rogers <lrr@cert.org> 3.5.0-1 * Release 3.5.0-1 Version 3.5.0 Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length) Performance improvements Less memory consumption while scanning processes Exception handling when scanning memory blocks Negative integers in meta fields Added the --stack-size command-argument Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module Functions rich_signature.toolid and rich_signature.version added to PE module Lots of bug fixes

    2015-09-24 - Lawrence R. Rogers <lrr@cert.org> 3.4.0-2 * Release 3.4.0-2 Added a build requires of openssl-devel

    2015-06-18 - Lawrence R. Rogers <lrr@cert.org> 3.4.0-1 * Release 3.4.0-1 Short-circuit evaluation for conditions New yr_rules_save_stream/yr_rules_load_stream APIs. load() and save() methods in yara-python accept file-like objects Improvements to the PE and ELF modules Some performance improvements New command-line option --print-module-data Multiple bug fixes.

    2015-02-10 - Lawrence R. Rogers <lrr@cert.org> 3.3.0-1 * Release 3.3.0-1 Added support for negative integers and floating point numbers Implemented operators >,<, >=, <= for strings Implemented word boundary anchors (\b, \B) in regular expressions New features in PE module Math module New --print-namespace command line argument Better error handling in low memory conditions BUGFIX: "at" operator not working with certain strings containing wildcards BUGFIX: precedence of bitwise operators was incorrect BUGFIX: incorrect imphash result for certain PE files importing functions by ordinal BUGFIX: handle and memory leaks BUGFIX: multiple segfaults

    2014-03-03 - Lawrence R. Rogers <lrr@cert.org> 2.010-1 * Release 2.1.0-1 * Improve regexp engine * Improve multithreading support * Case-insensitive and single-line matching modes for "matches" operator's regexps * Added "error_on_warning" argument to "match" in yara-python * Recognize x64 PE files * BUGFIX: Mutex handle leak * BUGFIX: NULL pointer dereferences * BUGFIX: Buffer overflow * BUGFIX: Crash while using compiled rules with yara64 in Windows * BUGFIX: Infinite loop while scanning 64bits process in Windows * BUGFIX: Side-effect on "externals" argument in yara-python's "match" function * BUGFIX: "x of them" not working with strings containing unbounded jumps

    2014-01-16 - Lawrence R. Rogers <lrr@cert.org> 2.0.0-1 * Release 2.0.0-1 Faster Better multi-thread support Rules can be saved in binary form

    2013-12-02 - Lawrence R. Rogers <lrr@cert.org> 1.7.2-1 * Release 1.7.2-1 * BUGFIX: Regular expressions marked as both "wide" and "ascii" were treated as just "wide" * BUGFIX: Bug in "n of (<string_set>)" operator * BUGFIX: Bug in get_process_memory could cause infinite loop

    2013-03-29 - Lawrence R. Rogers <lrr@cert.org> 1.7-1 * Release 1.7-1 * Version 1.7