Python-yara

- ELF module
- Hash module
- New features in PE module
- Big-endian version of intXX and uintXX functions
- Modules can declare dictionary objects
- Modules accept overloaded functions
- Performance improvements
- BUGFIX: "and" operator not working properly with integer operands
- BUGFIX: False positive with strings declared as "fullword wide ascii"
- BUGFIX: False positive with "wide fullword" strings shorter than 5 bytes
- BUGFIX: Functions declared in a structure array not working properly
- BUGFIX: "contains" operator causing segfault if operand is an undefined string

Refer to the [documentation](http://yara.readthedocs.org/en/latest/gettingstarted.html#compiling-and-installing-yara) for information on how to build and install YARA.

- Magic module
- Zero-length file are treated as normal files
- Modules now must implement module_initialize and module_finalize functions
- Accept functions without arguments in modules
- BUGFIX: Fix issue with module functions receiving more than one regular expressions
- BUGFIX: Show appropriate error message while trying to import unknown module
- BUGFIX: Fix segfaults caused by improper buffer bounds validation in PE module
- BUGFIX: Fix dns_lookup function in PE module

Refer to the [documentation](http://yara.readthedocs.org/en/latest/gettingstarted.html#compiling-and-installing-yara) for information on how to build and install YARA.

- Support for modules
- PE module
- Cuckoo module
- Some improvements in the C API
- More comprehensive documentation
- BUGFIX: Start anchor (^) not working properly with the "matches" operator
- BUGFIX: False negative with certain regular expressions
- BUGFIX: Improper handling of nested includes with relative pathes
- BUGFIX: \s character class not recognizing \n, \r, \v and \f as spaces
- BUGFIX: YARA for Win64 scanning only the first 4GB of files.
- BUGFIX: Segmentation fault when using nested loops
- BUGFIX: Segmentation fault caused by invalid characters in regular expressions
- BUGFIX: Segmentation fault while scanning some processes in Windows
- BUGFIX: Segmentation fault caused by regexp code spanning over non-contiguous
memory pages

Refer to the [documentation](http://yara.readthedocs.org/en/latest/gettingstarted.html#compiling-and-installing-yara) for information on how to build and install YARA.

- Improve regexp engine
- Improve multithreading support
- Case-insensitive and single-line matching modes for "matches" operator's regexps
- Added "error_on_warning" argument to "match" in yara-python
- Recognize x64 PE files
- BUGFIX: Mutex handle leak
- BUGFIX: NULL pointer dereferences
- BUGFIX: Buffer overflow
- BUGFIX: Crash while using compiled rules with yara64 in Windows
- BUGFIX: Infinite loop while scanning 64bits process in Windows
- BUGFIX: Side-effect on "externals" argument in yara-python's "match" function
- BUGFIX: "x of them" not working with strings containing unbounded jumps

Refer to the [documentation](http://yara.readthedocs.org/en/latest/gettingstarted.html#compiling-and-installing-yara) for information on how to build and install YARA.

- Faster matching algorithm
- Command-line scanner is now multi-threaded
- Compiled rules can be saved to and loaded from a file
- Added support for unbounded jumps
- New libyara API

Refer to the [documentation](http://yara.readthedocs.org/en/latest/gettingstarted.html#compiling-and-installing-yara) for information on how to build and install YARA.