2.0.1

This release introduces a breaking change that fixes a security issue in
Peekaboo 2.0 that potentially allowed to evade analysis through a specially
crafted attachment name: The example ruleset configuration contained an
expression rule designed to ignore S/MIME signature attachments. This
expression contained an error so that only the beginning of the filename was
matched.

This release changes the behaviour of equality matches against regular
expressions so that the whole operand needs to match the pattern. An explicit
end-of-line anchor ($) is no longer required. This is done to more closely
match the reasonable expectations of users writing rules.

Users should also consider emptying the database of cached analysis results to
avoid any chance of reuse of results from previous successful attempts at
evading analysis.

Workaround for environments that cannot update: Change the first statement of
expression.2 in section [expressions] of ruleset.conf from

sample.name_declared == /smime.p7[mcs]/

to

sample.name_declared == /smime.p7[mcs]$/

to accept only filenames exactly matching smime.p7s, smime.p7m or smime.p7c.

Thanks to @mardom1 and @sukram230799 for finding and reporting the issue.

Changes from 2.0:

• Breaking change / security content: Equality operators in expressions using
  regexes do now need to match the whole string up to the end.
• Fix cluster duplicate handler dying (#160)