CVE-2017-16042

Advisory

Sbp 2.4.2 updates its NPM dependency 'mocha' to fix a transitive vulnerability in 'growl' package.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

- Resource monitor support \[DEVC-1074\] [\612](https://github.com/swift-nav/libsbp/pull/612)
- Add cmake toolchain support for cortex-m7 [\610](https://github.com/swift-nav/libsbp/pull/610)
- Deprecate old orbit/clock message [\609](https://github.com/swift-nav/libsbp/pull/609)
- IOD of the SSR corrections [\608](https://github.com/swift-nav/libsbp/pull/608)
- Jkretzmer/tcp example [\607](https://github.com/swift-nav/libsbp/pull/607)
- Make generator for java have deterministic ordering [\606](https://github.com/swift-nav/libsbp/pull/606)
- Add 2.4.1 pdf [\605](https://github.com/swift-nav/libsbp/pull/605)

[v2.4.1](https://github.com/swift-nav/libsbp/tree/v2.4.1) (2018-10-03)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.4.0...v2.4.1)

**Merged pull requests:**

- V2.4.1 branch [\604](https://github.com/swift-nav/libsbp/pull/604)
- re-add space on ins-status message description [\603](https://github.com/swift-nav/libsbp/pull/603)
- Add sentence explaining how to find the measurement units. [\602](https://github.com/swift-nav/libsbp/pull/602)
- new ins status message definition as discussed with CRL [\601](https://github.com/swift-nav/libsbp/pull/601)
- SSR IOD should be 10bits for GAL and BDS [\599](https://github.com/swift-nav/libsbp/pull/599)
- Regenerated files [\597](https://github.com/swift-nav/libsbp/pull/597)
- Setup Travis CI to build Haskell based SBP tools [\595](https://github.com/swift-nav/libsbp/pull/595)
- Get rid of separate target for static library and stop fiddling BUILD… [\594](https://github.com/swift-nav/libsbp/pull/594)
- Add SSR messages to Libsbp [\591](https://github.com/swift-nav/libsbp/pull/591)
- Doc signal bds gal [\590](https://github.com/swift-nav/libsbp/pull/590)
- Note about carrier phase alignment [\589](https://github.com/swift-nav/libsbp/pull/589)
- Change `read\(\)` and `write\(\)` api from `size\_t` to `ssize\_t` [\585](https://github.com/swift-nav/libsbp/pull/585)
- Propagated time flag [\584](https://github.com/swift-nav/libsbp/pull/584)
- Inertial note [\581](https://github.com/swift-nav/libsbp/pull/581)
- Update pdf doc with better links [\535](https://github.com/swift-nav/libsbp/pull/535)

[v2.4.0](https://github.com/swift-nav/libsbp/tree/v2.4.0) (2018-08-08)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.17...v2.4.0)

**Merged pull requests:**

- V2.4.0 branch [\588](https://github.com/swift-nav/libsbp/pull/588)
- Add units for magnetometer [\587](https://github.com/swift-nav/libsbp/pull/587)
- Turn off extra warnings [\586](https://github.com/swift-nav/libsbp/pull/586)
- Put memory packing outside the COMMON\_INT\_TYPES macro [\583](https://github.com/swift-nav/libsbp/pull/583)
- CortexA7 rule [\582](https://github.com/swift-nav/libsbp/pull/582)
- Update Readme.md [\580](https://github.com/swift-nav/libsbp/pull/580)
- SBP\_MSG\_GNSS\_CAPB added, SBP\_MSG\_SV\_CONFIGURATION\_GPS removed. [\579](https://github.com/swift-nav/libsbp/pull/579)
- python: pin httpretty to fix tests on travis [\578](https://github.com/swift-nav/libsbp/pull/578)
- Update mocha away from a security vulnerability in growl [\575](https://github.com/swift-nav/libsbp/pull/575)
- Windows c again [\568](https://github.com/swift-nav/libsbp/pull/568)

[v2.3.17](https://github.com/swift-nav/libsbp/tree/v2.3.17) (2018-06-02)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.16...v2.3.17)

**Closed issues:**

- Please publish latest javascript libsbp to NPM [\562](https://github.com/swift-nav/libsbp/issues/562)

**Merged pull requests:**

- BDS and GAL ephemeris size fix [\572](https://github.com/swift-nav/libsbp/pull/572)
- Fix node [\566](https://github.com/swift-nav/libsbp/pull/566)
- New SBP ephemeris messages with floats [\564](https://github.com/swift-nav/libsbp/pull/564)
- SBP Galileo ephemeris [\563](https://github.com/swift-nav/libsbp/pull/563)
- Add Beidou ephemeris message [\561](https://github.com/swift-nav/libsbp/pull/561)
- Add patch version for c source [\560](https://github.com/swift-nav/libsbp/pull/560)

[v2.3.16](https://github.com/swift-nav/libsbp/tree/v2.3.16) (2018-04-17)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.15...v2.3.16)

**Merged pull requests:**

- Added Measurement Engine basic tracking state message [\559](https://github.com/swift-nav/libsbp/pull/559)
- Add Z to end of timestamp [\558](https://github.com/swift-nav/libsbp/pull/558)

[v2.3.15](https://github.com/swift-nav/libsbp/tree/v2.3.15) (2018-04-11)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.14...v2.3.15)

**Merged pull requests:**

- json2json [\557](https://github.com/swift-nav/libsbp/pull/557)
- Libsbp crl [\540](https://github.com/swift-nav/libsbp/pull/540)

[v2.3.14](https://github.com/swift-nav/libsbp/tree/v2.3.14) (2018-03-22)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.13...v2.3.14)

**Merged pull requests:**

- Cell Modem Status Message [\556](https://github.com/swift-nav/libsbp/pull/556)

[v2.3.13](https://github.com/swift-nav/libsbp/tree/v2.3.13) (2018-03-20)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.12...v2.3.13)

[v2.3.12](https://github.com/swift-nav/libsbp/tree/v2.3.12) (2018-03-20)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.11...v2.3.12)

**Merged pull requests:**

- Add SBAS position quality [\553](https://github.com/swift-nav/libsbp/pull/553)
- Protocol buffers for SBP [\551](https://github.com/swift-nav/libsbp/pull/551)

[v2.3.11](https://github.com/swift-nav/libsbp/tree/v2.3.11) (2018-03-09)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.10...v2.3.11)

**Merged pull requests:**

- TCPDriver ignore interrupted system call exeption [\550](https://github.com/swift-nav/libsbp/pull/550)

[v2.3.10](https://github.com/swift-nav/libsbp/tree/v2.3.10) (2018-03-09)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.9...v2.3.10)

**Merged pull requests:**

- Push v2.3.10 release updates [\549](https://github.com/swift-nav/libsbp/pull/549)
- Settings doc clarity \(WIP\) [\544](https://github.com/swift-nav/libsbp/pull/544)

[v2.3.9](https://github.com/swift-nav/libsbp/tree/v2.3.9) (2018-03-06)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.8...v2.3.9)

**Merged pull requests:**

- \[WIP\] Add NetworkUsage struct and MSG\_NETWORK\_BANDWIDTH\_USAGE [\547](https://github.com/swift-nav/libsbp/pull/547)

[v2.3.8](https://github.com/swift-nav/libsbp/tree/v2.3.8) (2018-02-26)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.7...v2.3.8)

**Merged pull requests:**

- py: add json bin logger [\548](https://github.com/swift-nav/libsbp/pull/548)

[v2.3.7](https://github.com/swift-nav/libsbp/tree/v2.3.7) (2018-02-22)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.6...v2.3.7)

**Merged pull requests:**

- upgrade to construct v2.9.33 [\546](https://github.com/swift-nav/libsbp/pull/546)
- Add file driver that exits when file is complete [\545](https://github.com/swift-nav/libsbp/pull/545)
- Update sbp doc [\542](https://github.com/swift-nav/libsbp/pull/542)

[v2.3.6](https://github.com/swift-nav/libsbp/tree/v2.3.6) (2018-01-26)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.5...v2.3.6)

**Merged pull requests:**

- s16 to s8 change for yaw rate [\541](https://github.com/swift-nav/libsbp/pull/541)

[v2.3.5](https://github.com/swift-nav/libsbp/tree/v2.3.5) (2018-01-26)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.4...v2.3.5)

**Closed issues:**

- \462 broke pyserial driver on windows [\467](https://github.com/swift-nav/libsbp/issues/467)
- crc mismatch Host Side Unhandled byte [\428](https://github.com/swift-nav/libsbp/issues/428)

**Merged pull requests:**

- Update templates around Copyright and POC [\539](https://github.com/swift-nav/libsbp/pull/539)
- Remove SBP\_MSG\_TRACKING\_STATE\_DETAILED message [\538](https://github.com/swift-nav/libsbp/pull/538)
- Add MSG\_SBAS\_RAW [\537](https://github.com/swift-nav/libsbp/pull/537)
- Precise orbit and clock message [\536](https://github.com/swift-nav/libsbp/pull/536)
- Add a flag that is high when antenna is shorted, according to MAX4829 IC [\533](https://github.com/swift-nav/libsbp/pull/533)

[v2.3.4](https://github.com/swift-nav/libsbp/tree/v2.3.4) (2017-12-12)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.3...v2.3.4)

**Merged pull requests:**

- add util subpackage to setup.py [\531](https://github.com/swift-nav/libsbp/pull/531)
- inertial\_updates: new messages & navigation changes [\454](https://github.com/swift-nav/libsbp/pull/454)

[v2.3.3](https://github.com/swift-nav/libsbp/tree/v2.3.3) (2017-12-12)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.2...v2.3.3)

**Merged pull requests:**

- version 2.3.3 [\530](https://github.com/swift-nav/libsbp/pull/530)
- Bb/monitor updates [\529](https://github.com/swift-nav/libsbp/pull/529)
- adding fftmonitor [\528](https://github.com/swift-nav/libsbp/pull/528)
- adding tcp client example [\526](https://github.com/swift-nav/libsbp/pull/526)

[v2.3.2](https://github.com/swift-nav/libsbp/tree/v2.3.2) (2017-11-29)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.1...v2.3.2)

**Merged pull requests:**

- Add MSG\_SETTINGS\_WRITE\_RESP [\525](https://github.com/swift-nav/libsbp/pull/525)

[v2.3.1](https://github.com/swift-nav/libsbp/tree/v2.3.1) (2017-11-25)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.3.0...v2.3.1)

**Merged pull requests:**

- Adding GLONASS code-phase bias message [\524](https://github.com/swift-nav/libsbp/pull/524)

[v2.3.0](https://github.com/swift-nav/libsbp/tree/v2.3.0) (2017-11-08)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.2.17...v2.3.0)

**Merged pull requests:**

- Move off GnssSignal [\522](https://github.com/swift-nav/libsbp/pull/522)
- Rename the js library to sbp. [\519](https://github.com/swift-nav/libsbp/pull/519)

[v2.2.17](https://github.com/swift-nav/libsbp/tree/v2.2.17) (2017-11-08)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.2.16...v2.2.17)

**Merged pull requests:**

- Get rid of GnssSignal16 [\523](https://github.com/swift-nav/libsbp/pull/523)
- Added Magnetometer [\520](https://github.com/swift-nav/libsbp/pull/520)

[v2.2.16](https://github.com/swift-nav/libsbp/tree/v2.2.16) (2017-11-04)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.2.15...v2.2.16)

[v2.2.15](https://github.com/swift-nav/libsbp/tree/v2.2.15) (2017-10-25)
[Full Changelog](https://github.com/swift-nav/libsbp/compare/v2.2.14...v2.2.15)

**Closed issues:**

- Missing test coverage for many current packet types [\284](https://github.com/swift-nav/libsbp/issues/284)

**Merged pull requests:**

Resources

• https://pypi.org/project/sbp
• https://pyup.io/changelogs/sbp/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16042