sleuthkit-libs - Library for sleuthkit

Property Value
Distribution Fedora 28
Repository CERT Forensics Tools x86_64
Package filename sleuthkit-libs-4.6.4-1.fc28.x86_64.rpm
Package name sleuthkit-libs
Package version 4.6.4
Package release 1.fc28
Package architecture x86_64
Package type rpm
Category System Environment/Libraries
License CPL and IBM and GPLv2+
Maintainer -
Download size 1.44 MB
Installed size 5.59 MB
The sleuthkit-libs package contains library for sleuthkit.


Package Version Architecture Repository
sleuthkit-libs-4.6.5-1.fc28.i686.rpm 4.6.5 i686 CERT Forensics Tools
sleuthkit-libs-4.6.5-1.fc28.x86_64.rpm 4.6.5 x86_64 CERT Forensics Tools
sleuthkit-libs-4.6.4-1.fc28.i686.rpm 4.6.4 i686 CERT Forensics Tools
sleuthkit-libs-4.6.3-1.fc28.i686.rpm 4.6.3 i686 CERT Forensics Tools
sleuthkit-libs-4.6.3-1.fc28.x86_64.rpm 4.6.3 x86_64 CERT Forensics Tools
sleuthkit-libs-4.6.2-2.fc28.i686.rpm 4.6.2 i686 CERT Forensics Tools
sleuthkit-libs-4.6.2-2.fc28.x86_64.rpm 4.6.2 x86_64 CERT Forensics Tools
sleuthkit-libs-4.6.2-1.fc28.i686.rpm 4.6.2 i686 Fedora Updates
sleuthkit-libs-4.6.2-1.fc28.i686.rpm 4.6.2 i686 Fedora Updates
sleuthkit-libs-4.6.2-1.fc28.x86_64.rpm 4.6.2 x86_64 Fedora Updates
sleuthkit-libs-4.6.0-3.fc28.x86_64.rpm 4.6.0 x86_64 CERT Forensics Tools
sleuthkit-libs-4.5.0-2.fc28.i686.rpm 4.5.0 i686 Fedora
sleuthkit-libs-4.5.0-2.fc28.i686.rpm 4.5.0 i686 Fedora
sleuthkit-libs-4.5.0-2.fc28.x86_64.rpm 4.5.0 x86_64 Fedora
sleuthkit-libs - - -


Name Value
/sbin/ldconfig - - - - - - - - - - - - - - - - - - - - - - -
rtld(GNU_HASH) -


Name Value - -
sleuthkit-libs = 4.6.4-1.fc28
sleuthkit-libs(x86-64) = 4.6.4-1.fc28


Type URL
Binary Package sleuthkit-libs-4.6.4-1.fc28.x86_64.rpm
Source Package sleuthkit-4.6.4-1.fc28.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-28 rpm:
  2. Install cert-forensics-tools-release-28 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install sleuthkit-libs rpm package:
    # dnf --enablerepo=forensics install sleuthkit-libs




2018-11-09 - Lawrence R. Rogers < 4.6.4-1
- Release 4.6.4-1
Java Code:
Increase max statements in database to prevent errors under load
Have a max timeout for SQLite retries
2018-10-14 - Lawrence R. Rogers < 4.6.3-1
- Release 4.6.3-1
C/C++ Code:
Hashdb bug fixes for corrupt indexes and 0 hashes
New code for testing power of number in ExtX code
Java Code:
New class that allows generic database access
New methods that check for duplicate artifacts
Added caches for frequently used content
Database Schema:
Added Examiner table
Tags are now associated with Examiners
Changed parent_path for logical files to be consistent with FS files.
2018-10-03 - Lawrence R. Rogers < 4.6.2-2
- Release 4.6.2-2
Built with Java support. Release number is greater than the release for Fedora 28 and 27.
2018-08-08 - Lawrence R. Rogers < 4.6.2-1
- Release 4.6.2-1
C/C++ Code:
- Various compiler warning fixes
- Added small delay into image writer to not starve other threads
- Added more locking to ensure that handles were not closed while other threads were using them. 
- Added APIs to support more queries by data source
- Added memory-based caching when detecting if an object has children or not.
2018-05-16 - Lawrence R. Rogers < 4.6.1-1
- Release 4.6.1-1
Lots of bounds checking fixes from Google's fuzzing tests. Thanks Goole.
Cleanup and fixes from uckelman-sf and others
PostgreSQL, libvhdi, & libvmdk are supported for Linux / OS X
Fixed display of NTFS GUID in istat - report from Eric Zimmerman.
NTFS istat shows details about all FILE_NAME attributes, not just the first. report from Eric Zimmerman.
2018-03-28 - Lawrence R. Rogers < 4.6.0-3
- Release 4.6.0-3
Moved sleuthkit-4.6.0.jar from sleuthkit-devel package to sleuthkit package.
2018-02-28 - Lawrence R. Rogers < 4.6.0-2
- Release 4.6.0-2
Removed patches from PyTSK.
2018-02-21 - Lawrence R. Rogers < 4.6.0-1
- Release 4.6.0-1
- New Features
- New Communications related Java classes and database tables.
- Java build updates for Autopsy Linux build
- Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database.
- Increased cache sizes.
- Lots of bounds checking fixes from Google's fuzzing tests.  Thanks Google.
- HFS fix from uckelman-sf.
2017-10-15 - Lawrence R. Rogers < 4.5.0-1
- Release 4.5.0-1
- New Features:
- Support for LZVN compressed HFS files (from Joel Uckelman)
- Use sector size from E01 (helps with 4k sector sizes)
- More specific version number of DB schema
- New Local Directory type in DB to differentiate with Virtual Directories
- All blackboard artifacts in DB are now 'content'. Attachments can now be children of their parent message.
- Added extension as a column in tsk_files table.
- Bug Fixes:
- Faster resolving of HFS hard links
- Lots of fixes from Google Fuzzing efforts.
2017-08-07 - Lawrence R. Rogers < 4.4.2-1
- Release 4.4.2-1
- New Features:
- usnjls tool for NTFS USN log (from noxdafox)
- Added index to mime type column in DB
- Use local SQLite3 if it exists (from uckelman-sf)
- Blackboard Artifacts have a shortDescription metho
- Bug Fixes:
- Fix for highest HFS+ inum lookup (from uckelman-sf)
- Fix ISO9660 crash
- various performance fixes and added thread safety checks

See Also

Package Description
snarf-0.3.0-3.fc28.x86_64.rpm snarf - Structured Network Alert Reporting Framework
snarf-devel-0.3.0-3.fc28.x86_64.rpm Static libraries and C header files for libsnarf
snarf-python-0.3.0-3.fc28.x86_64.rpm Python interface to snarf
snort- An open source Network Intrusion Detection System (NIDS)
snort-2.9.12-1.fc28.x86_64.rpm An open source Network Intrusion Detection System (NIDS)
snort-openappid- An open source Network Intrusion Detection System (NIDS) with open AppId support
snort-openappid-2.9.12-1.fc28.x86_64.rpm An open source Network Intrusion Detection System (NIDS) with open AppId support
snort-sample-rules- Sample rules for snort
snort-sample-rules-2.9.12-1.fc28.noarch.rpm Sample rules for snort
ssdeep-2.13-1.fc28.x86_64.rpm Computes a checksum based on context triggered piecewise hashes
ssdeep-2.14.1-1.fc28.x86_64.rpm Computes a checksum based on context triggered piecewise hashes
stegdetect-0.6-2.fc28.x86_64.rpm Detect and extract steganography messages inside JPEG
super_mediator-1.5.3-2.fc28.x86_64.rpm IPFIX Super Mediator for use with the YAF and SiLK tools
super_mediator-1.6.0-1.fc28.x86_64.rpm IPFIX Super Mediator for use with the YAF and SiLK tools
super_mediator-1.6.0-2.fc28.x86_64.rpm IPFIX Super Mediator for use with the YAF and SiLK tools