-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Jan 2026 12:45:58 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps28 libgps28-dbgsym libqgpsmm-dev libqgpsmm28 libqgpsmm28-dbgsym python3-gps python3-gps-dbgsym
Architecture: armel
Version: 3.22-4.1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: armel Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps28   - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm28 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.22-4.1+deb12u1) bookworm; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Remove BD: makedev, breaks debusine
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 4cdf7d2e135956886fb364584967252b51ed08d4 1711388 gpsd-clients-dbgsym_3.22-4.1+deb12u1_armel.deb
 558bd7441f9a5d9bfcf5793c042b6d1a58eeeffe 429832 gpsd-clients_3.22-4.1+deb12u1_armel.deb
 4e1913104e6a318d211e2173d680df87aa81893c 1968820 gpsd-dbgsym_3.22-4.1+deb12u1_armel.deb
 98be79c2f454a15a14a0cb2641f66b2f714ab8e3 1225164 gpsd-tools-dbgsym_3.22-4.1+deb12u1_armel.deb
 d1c5d8480f5943b9f66e486f756d8e0b1f7e984c 273356 gpsd-tools_3.22-4.1+deb12u1_armel.deb
 ffc3de832d9d877d6f6176f833848ad5c685b8f8 20942 gpsd_3.22-4.1+deb12u1_armel-buildd.buildinfo
 7d134d64cdb0c85f9a8f96cad3b13bef824e11b5 348916 gpsd_3.22-4.1+deb12u1_armel.deb
 65e4592f40f03199e6b1d323ab06798a43d24634 130724 libgps-dev_3.22-4.1+deb12u1_armel.deb
 1aa7920e62d547dc4a5a002cfb9da2831bf5f84c 150996 libgps28-dbgsym_3.22-4.1+deb12u1_armel.deb
 07961c1944465281223865820f192faf1f9d2dd7 77828 libgps28_3.22-4.1+deb12u1_armel.deb
 254d128206d2f93f3e9519787494d518565a698f 30292 libqgpsmm-dev_3.22-4.1+deb12u1_armel.deb
 76c9f81f15eccf8b5dc8d01852ac52b3da80cb66 375684 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_armel.deb
 6e526c5453e1a3a433b273762faf0fb7265b52d1 80140 libqgpsmm28_3.22-4.1+deb12u1_armel.deb
 1eb0305011204dec7e098634ff927b7b59938533 61240 python3-gps-dbgsym_3.22-4.1+deb12u1_armel.deb
 29377356b7945b093b5e783b07f3535bf3c2a05d 134776 python3-gps_3.22-4.1+deb12u1_armel.deb
Checksums-Sha256:
 6926becdceb6717bbe47eb050c255deb2c497b5c60fcf45db88cfb5f455f1ebd 1711388 gpsd-clients-dbgsym_3.22-4.1+deb12u1_armel.deb
 32fa859b993c2a64dad4652d6bc0d2be314713ae46b033fd71109aecbace7778 429832 gpsd-clients_3.22-4.1+deb12u1_armel.deb
 0cca6aefea8f2a3311931865db2ea89b603c04445e8f248efe4e2e0623df40c0 1968820 gpsd-dbgsym_3.22-4.1+deb12u1_armel.deb
 95407e69e50ffc007e47a18f0ff407f093f852e926348e4918011834ed3b02f9 1225164 gpsd-tools-dbgsym_3.22-4.1+deb12u1_armel.deb
 812e312558aae8ede37482c4e087252724ae0ecea1cb4d64a7cf237c1593fc2f 273356 gpsd-tools_3.22-4.1+deb12u1_armel.deb
 c710be44afd377a526910b2edbde43016c35e181a6561252f22a59d1a57b0d42 20942 gpsd_3.22-4.1+deb12u1_armel-buildd.buildinfo
 838a64e9a8eb108d6757478f56d77726f3447420144302c9952f51bf27178a17 348916 gpsd_3.22-4.1+deb12u1_armel.deb
 c66e253deaa2eab108196b0ca3f46bff4442a43fef90c418f5ba8ce344563ef7 130724 libgps-dev_3.22-4.1+deb12u1_armel.deb
 1ef1fc3814ec771e17debed07f1bfabb0d54ae93fc85803d37416bf703cc2ea4 150996 libgps28-dbgsym_3.22-4.1+deb12u1_armel.deb
 e3b9111aa6c7af1ed89a0eb756aa04d8bad46fb5956ae1438cff570c4428edd7 77828 libgps28_3.22-4.1+deb12u1_armel.deb
 7b7d88edc866d98fafae70c1064cc51903d8c53549a2803318ef21b186cad260 30292 libqgpsmm-dev_3.22-4.1+deb12u1_armel.deb
 e46075bf6b6fb3bc21b42998bc90cf2c82845e5b7b67e36994fa2ff386f68cde 375684 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_armel.deb
 45d1b1fdd33faa592aa4e2f5dd7cb821d1d7ef81c6bac79394e1a9ade98e65b7 80140 libqgpsmm28_3.22-4.1+deb12u1_armel.deb
 b11db0840da6a515326f740065b339fa9f77094a78c849aa48b21bb10aaa77b0 61240 python3-gps-dbgsym_3.22-4.1+deb12u1_armel.deb
 fbade905f270d3d27b5ce0712eb426d5b00d9dc876b307824ce474d629477534 134776 python3-gps_3.22-4.1+deb12u1_armel.deb
Files:
 651c76be5b38b259d7bb3e90a9dd4ab4 1711388 debug optional gpsd-clients-dbgsym_3.22-4.1+deb12u1_armel.deb
 6b7fb2c62d3f9c02ada1c4fe9fc7239d 429832 misc optional gpsd-clients_3.22-4.1+deb12u1_armel.deb
 822ddec5e72dce79d7b2bbda1e921071 1968820 debug optional gpsd-dbgsym_3.22-4.1+deb12u1_armel.deb
 12eb3b701d146e404ef15c2c2b31decc 1225164 debug optional gpsd-tools-dbgsym_3.22-4.1+deb12u1_armel.deb
 2f66c2a0234a63495060ec6fc15bbd38 273356 misc optional gpsd-tools_3.22-4.1+deb12u1_armel.deb
 98a44b4bdcdb4c64e43628e20ee1c834 20942 misc optional gpsd_3.22-4.1+deb12u1_armel-buildd.buildinfo
 8d4379333ace98e0d50a44758cdd8f72 348916 misc optional gpsd_3.22-4.1+deb12u1_armel.deb
 ee2db8223940bce4f480c1365d783211 130724 libdevel optional libgps-dev_3.22-4.1+deb12u1_armel.deb
 b8d1fe506edccdaaf6da378c86f39307 150996 debug optional libgps28-dbgsym_3.22-4.1+deb12u1_armel.deb
 14e624eb7609be0688b3abbede512ac3 77828 libs optional libgps28_3.22-4.1+deb12u1_armel.deb
 90323443d3ea8c1e11c23cdbda476095 30292 libdevel optional libqgpsmm-dev_3.22-4.1+deb12u1_armel.deb
 6e6a00a43df1de987e8f664d41c6281f 375684 debug optional libqgpsmm28-dbgsym_3.22-4.1+deb12u1_armel.deb
 3a6b860aac9ac039774eaa504519afbf 80140 libs optional libqgpsmm28_3.22-4.1+deb12u1_armel.deb
 3118d207530f18a64c3c34840b9598c3 61240 debug optional python3-gps-dbgsym_3.22-4.1+deb12u1_armel.deb
 88f5d6f3988e473ecbbf52a4c1906b76 134776 python optional python3-gps_3.22-4.1+deb12u1_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEWHj9K9pO9l4btbD1OQKMdMnEH5MFAmn2d0IACgkQOQKMdMnE
H5POGhAA0PsYB9HZD0a4X62SIIG3a+swjlOFjrjR+KXBVn8VjJXTxHZ74FV/mpRu
iwgFBDnH8xfrjoPakqBsb/kW7jWe0YMU05hT4Bw4ZUgvJiTu+TPoN6SdA8wTtQe4
YlHIZwuBuZyxktVQY3azw0q6A7ctCdL7SW6xy+SvC5kTSciFI/ycp7t/5VqkuCbP
AFmtcGJkhiNzamSoFv9PUeYnC2RaEZhH5ExT7+i7+3z6cYsEOiECua51wQIL5Fz4
zfCZxMRgVTqoUxeOSB2gVb1BHB71568DRjDyamdE1BE8wwCiRWTPTiZDA4mzFfWL
+2nWO4/kdjoNtp0v6TauWstlt7lRgsW8VSwacbPyNZSg1GVmEPWy3GuXZ1whuile
0BnBR4Itgeu+D8oWHUTnSN11EG1gIoKhJ2qGJEb65GAF+v7ydn/stIYFVnFO5PUS
snHVFCQ32+A7aiGU3Yfv9tsou0WG2CXDbsnO8rOSy6oFTS2zmqaaUsDJoQhiCbcB
aFbcmWq9JYL/OgBneYSCN/2oLtHj+YP4HDTc00GsW1GVVZaMKSFFEZQk4bGwWIlP
zNwQM/6OKNcGs2t5VrJjXndhVNdG5Pjpf0SZ+J8UfjsJor4PE4lLf8ldnynR1kgv
M6HG2pG87IptsgD++n8ABw2ngyxZggqC1iGgv1mXq0p9wdJRJG4=
=XYKm
-----END PGP SIGNATURE-----