Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NODE_PATH isn't set to pull in libraries from /usr/lib/node_modules #3

Open
jadonk opened this issue Nov 7, 2013 · 0 comments
Open

Comments

@jadonk
Copy link
Owner

jadonk commented Nov 7, 2013

No description provided.

jadonk pushed a commit that referenced this issue Mar 19, 2019
Add fixes for some of the build failures caused by strict-overflow
warnings. Patches #1, #2, and #4 are upstream. Patch #3 is pending
upstream.

Fixes:
http://autobuild.buildroot.net/results/923/9239f230629ca4e381af5e8f43989997d9bfde99/
http://autobuild.buildroot.net/results/618/6187b92bcdfd9281683c37906ae74f2e0c5e6d0e/
http://autobuild.buildroot.net/results/9eb/9eb5ed92a923f0c038e3d913289eddc1cda1b62f/

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
jadonk pushed a commit that referenced this issue Apr 22, 2019
Fixed or improved security issues:

  CVE-2016-1549 (fixed in 4.2.8p7; this release adds protection): A
  malicious authenticated peer can create arbitrarily-many ephemeral
  associations in order to win the clock selection algorithm

  CVE-2018-7182: Buffer read overrun leads to undefined behavior and
  information leak

  CVE-2018-7170: Multiple authenticated ephemeral associations

  CVE-2018-7184: Interleaved symmetric mode cannot recover from bad
  state

  CVE-2018-7185: Unauthenticated packet can reset authenticated
  interleaved association

  CVE-2018-7183: ntpq:decodearr() can write beyond its buffer limit

Drop patch #3. libntpq_a_CFLAGS now includes NTP_HARD_CFLAGS via
AM_CFLAGS.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit da05d74)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant