3.2.7
Pre-release
This release is made available to address CVE-2018-6336.
The fix results in the macOS signature table reporting lines for each architecture within FAT bundled executables.
Improvements
We added lite-support for building the dependencies toolchain with GCC7.
The goal is to help folks building dependencies from source on Ubuntu 18.04 builds.
This also removes native compilation optimizations for RapidJSON.
#4437 Update AWS-SDK-CPP to version 1.4.55
#4439 Update libdpkg to version 1.19.0.5
#4440 Update The SleuthKit to version 4.6.1
#4393 Reduce drift time in query schedule
There was a minor unintentional drifting-effect on the query schedule.
This was adding slight delays to when queries are executed.
C++ extensions built using the external make target can now be bundled into a single executable.
Bug fixes
#3307 Various improvements to the python_packages table.
#4525 Address CVE-2018-6336 by making macOS signatures architecture-aware.
Table changes (from 3.2.6 to 3.2.7)
Added table battery to Darwin (Apple OS X)
Added table cpu_info to Microsoft Windows
Added table memory_array_mapped_addresses to POSIX-compatible Plaforms
Added table memory_arrays to POSIX-compatible Plaforms
Added table memory_device_mapped_addresses to POSIX-compatible Plaforms
Added table memory_error_info to POSIX-compatible Plaforms
Added table ulimit_info to POSIX-compatible Plaforms
Added column readonly_rootfs (INTEGER_TYPE) to table docker_containers
Added column directory (TEXT_TYPE) to table python_packages
Added column arch (TEXT_TYPE) to table signature