Debian Bug report logs - #728251
ITP: volatility -- advanced memory forensics framework

version graph

Package: wnpp; Maintainer for wnpp is wnpp@debian.org;

Reported by: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>

Date: Tue, 29 Oct 2013 22:24:06 UTC

Owned by: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>

Severity: wishlist

Fixed in version volatility/2.3.1-1

Done: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org, wnpp@debian.org:
Bug#728251; Package wnpp. (Tue, 29 Oct 2013 22:24:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>:
New Bug report received and forwarded. Copy sent to debian-devel@lists.debian.org, wnpp@debian.org. (Tue, 29 Oct 2013 22:24:11 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ITP: volatility -- advanced memory forensics framework
Date: Tue, 29 Oct 2013 20:21:29 -0200
Package: wnpp
Severity: wishlist
Owner: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>

* Package name    : volatility
  Version         : 2.3
  Upstream Author : Volatility Foundation <volatility@volatilityfoundation.org>
* URL             : https://code.google.com/p/volatility
* License         : GPL2
  Programming Lang: Python
  Description     : advanced memory forensics framework

 The Volatility Framework is a completely open collection of tools for the
 extraction of digital artifacts from volatile memory (RAM) samples. It is
 useful in forensics analysis. The extraction techniques are performed
 completely independent of the system being investigated but offer
 unprecedented visibilty into the runtime state of the system.
 .
 Volatility supports memory dumps from all major 32- and 64-bit Windows
 versions and service packs including XP, 2003 Server, Vista, Server 2008,
 Server 2008 R2, and Seven. Whether your memory dump is in raw format, a
 Microsoft crash dump, hibernation file, or virtual machine snapshot,
 Volatility is able to work with it.
 .
 Linux memory dumps in raw or LiME format is supported too. There are several
 plugins for analyzing 32- and 64-bit Linux kernels and distributions such as
 Debian, Ubuntu, OpenSuSE, Fedora, CentOS, and Mandrake.
 .
 Volatility support 38 versions of Mac OSX memory dumps from 10.5 to 10.8.3
 Mountain Lion, both 32- and 64-bit. Android phones with ARM processors are
 also supported.
 .
 These are some of the data that can be extracted:
    .
    - Image information (date, time, CPU count).
    - Running processes.
    - Open network sockets and connections.
    - OS kernel modules loaded.
    - Memory maps for each process.
    - Executables samples.
    - Command histories.
    - Passwords, as LM/NTLM hashes and LSA secrets.
    - Others.



Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>:
Bug#728251; Package wnpp. (Sat, 02 Nov 2013 03:42:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eriberto <eriberto@eriberto.pro.br>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>. (Sat, 02 Nov 2013 03:42:04 GMT) Full text and rfc822 format available.

Message #10 received at 728251@bugs.debian.org (full text, mbox):

From: Eriberto <eriberto@eriberto.pro.br>
To: 728251@bugs.debian.org
Subject: Re: ITP: volatility -- advanced memory forensics framework
Date: Sat, 2 Nov 2013 01:38:33 -0200
The package is ok. Waiting for upload.

Eriberto



Added tag(s) pending. Request was from Anibal Monsalve Salazar <anibal@debian.org> to control@bugs.debian.org. (Mon, 04 Nov 2013 19:06:04 GMT) Full text and rfc822 format available.

Reply sent to Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>:
You have taken responsibility. (Fri, 29 Nov 2013 17:03:32 GMT) Full text and rfc822 format available.

Notification sent to Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>:
Bug acknowledged by developer. (Fri, 29 Nov 2013 17:03:32 GMT) Full text and rfc822 format available.

Message #17 received at 728251-close@bugs.debian.org (full text, mbox):

From: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>
To: 728251-close@bugs.debian.org
Subject: Bug#728251: fixed in volatility 2.3.1-1
Date: Fri, 29 Nov 2013 17:00:10 +0000
Source: volatility
Source-Version: 2.3.1-1

We believe that the bug you reported is fixed in the latest version of
volatility, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 728251@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joao Eriberto Mota Filho <eriberto@eriberto.pro.br> (supplier of updated volatility package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 02 Nov 2013 01:10:33 -0200
Source: volatility
Binary: volatility
Architecture: source all
Version: 2.3.1-1
Distribution: unstable
Urgency: low
Maintainer: Debian Forensics <forensics-devel@lists.alioth.debian.org>
Changed-By: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>
Description: 
 volatility - advanced memory forensics framework
Closes: 728251
Changes: 
 volatility (2.3.1-1) unstable; urgency=low
 .
   * Initial release (Closes: #728251)
Checksums-Sha1: 
 60bd58291af4f842d0beeb5d710062b3b038a3d7 1367 volatility_2.3.1-1.dsc
 2b5d391e83bfbefc178482ea16ed17e64d52a724 1764063 volatility_2.3.1.orig.tar.gz
 06ac5d226f68f4c3e11e3e198c21a0e8c013c623 10200 volatility_2.3.1-1.debian.tar.gz
 b48b0886b7ada5f9f9f5aa6ff73e0338cfc919af 538920 volatility_2.3.1-1_all.deb
Checksums-Sha256: 
 5ff193add5f6eadec33bb389c5b91a1922b43d54746a82ee00281952c5f21813 1367 volatility_2.3.1-1.dsc
 bb1411fc671e0bf550a31e534fb1991b2f940f1dce1ebe4ce2fb627aec40726c 1764063 volatility_2.3.1.orig.tar.gz
 027e3046dc6352081fd39200229d84d4bd25c0db1e9a50632ddf164b70c3f4fd 10200 volatility_2.3.1-1.debian.tar.gz
 b9571e14b2a435fe6e6bfb4697d04fe14296ed97172ee34a692ce2cdf0717e50 538920 volatility_2.3.1-1_all.deb
Files: 
 6aaff8c992c184e9f82f3c846a3ad0cf 1367 utils optional volatility_2.3.1-1.dsc
 816325c01baa2ef87b8e2283b4b1a8e4 1764063 utils optional volatility_2.3.1.orig.tar.gz
 6cb8d316a3c7eaf2bbde897ba744698e 10200 utils optional volatility_2.3.1-1.debian.tar.gz
 c5e86e9b2592ad14ae00596a2c08e027 538920 utils optional volatility_2.3.1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlJ3anQACgkQ2N9T+zficugNfACdGoOiNR4HEsr4JigeuT714sbx
5rcAoIaBKTMwqOtKIWfj6zdWyL49XRsU
=PIZB
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 28 Dec 2013 07:35:27 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Apr 16 13:23:41 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.