-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Jan 2026 12:45:58 +0100
Source: gpsd
Architecture: source
Version: 3.22-4.1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Bernd Zeimetz <bzed@debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1124799 1124800
Changes:
 gpsd (3.22-4.1+deb12u1) bookworm; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Remove BD: makedev, breaks debusine
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 582c6b9b24861ed66dc13bc6aa86793c043656fd 2872 gpsd_3.22-4.1+deb12u1.dsc
 546f1968d208c5d73cf65aa31ea6ee16b01fb445 3347364 gpsd_3.22.orig.tar.xz
 85ab7bc6af40473e12e213bdbd10f29cb1f5873a 59648 gpsd_3.22-4.1+deb12u1.debian.tar.xz
 2091bbeaf1cf71c51075db64938419a275586664 10456 gpsd_3.22-4.1+deb12u1_source.buildinfo
Checksums-Sha256:
 9c448de3d8e49bd974d309e3e190b5fc7c0a92c074cd49d9319921dfd3156c6a 2872 gpsd_3.22-4.1+deb12u1.dsc
 68d2a04e237a02ce42158ceda462a24afe11eeaa2b13482e94ac7ef66693f3a0 3347364 gpsd_3.22.orig.tar.xz
 ae4e649eed92f65a349dc341e07a04e605b50420cd93a114a041025dd8c4a896 59648 gpsd_3.22-4.1+deb12u1.debian.tar.xz
 83e32c199c0a4d228d4e3934abc519bbd90dafca58cf9cb98e8e49d68e157b03 10456 gpsd_3.22-4.1+deb12u1_source.buildinfo
Files:
 a0d0a2fe62004edb76933a2af2b4d624 2872 misc optional gpsd_3.22-4.1+deb12u1.dsc
 c4a284ddb482318e8fdccf2903fb22c2 3347364 misc optional gpsd_3.22.orig.tar.xz
 9bf5711e670f089284e4003e649d465b 59648 misc optional gpsd_3.22-4.1+deb12u1.debian.tar.xz
 f435a6a19c76dd8657ed019442ef804f 10456 misc optional gpsd_3.22-4.1+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmnTf2sACgkQADoaLapB
CF+/og/9EEZi9BAtFuvuSHnq+Hiy4YCF0IOuUxHtIs9R5mZRzwjQ+oWNPXRw/jIx
uQJXPzYXoTsgDIixUOvhoVgS494LcQUVu1KyhgQX6zAOZRzmKFH3KMyCUnMtUfSq
hmWHi9uLneK6K3CK4rWzQIEGHYLifcYkjkxbt5l5EMu78y9iq5XTGshD2/pt1Frb
6ehn5ZBxEFVLNotLGx8eceakcMESU7WA9+PoNp8Ue2qmNBc8SUfXY3uRTel7WQ5Q
FavecWITmR1zrb2ctHqVkqD+ZWAXwdxHk8B4RD7L+wAFDDbcJxYUKDNX9bciGAWD
K6W1Cr0glBqBwL6wcC3+03PcKHsJ7L0KF7DNjwIzjSWGHw1wNl+Eg06w3JsgslRt
OX8cd6ocKD0f/+8l5osMVpK8xnNoT/iZ2mXJ09B8hnPBWZFIp0JdTGrQy9bI4iPc
a0VWZYRC7hSAKi0jzb/nVOWgUlJCvZzQC8AYnUFwc+MdfVJ0bW2Gvwu8MjdnX373
6yvf41r887kJPjE2ytvlyWC7kuTo5tBtqqZJo4TpBcsai1QY1WXTlsUkMNMZp492
4f59m9HZrZH2PftAjSdI+j2SymxVlJ/umeacXxkbWiWl+undLpg9HPZ5xhCMw/SW
DKZbfD16QDJY2WwIjj9qp3JGk95sq6JYw+IPytMeC86c+rn0R5I=
=GAwA
-----END PGP SIGNATURE-----