-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Jan 2026 12:45:58 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps28 libgps28-dbgsym libqgpsmm-dev libqgpsmm28 libqgpsmm28-dbgsym python3-gps python3-gps-dbgsym
Architecture: s390x
Version: 3.22-4.1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: s390x Build Daemon (zandonai) <buildd_s390x-zandonai@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps28   - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm28 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.22-4.1+deb12u1) bookworm; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Remove BD: makedev, breaks debusine
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 a755cf050272666bdfa8575fe95feec5cf939c73 1695928 gpsd-clients-dbgsym_3.22-4.1+deb12u1_s390x.deb
 4fedc7daa9dc50b0d5dc53e288179b796e2fc119 426776 gpsd-clients_3.22-4.1+deb12u1_s390x.deb
 1e6906f34d765cb3d600a8c5019cf298f0cf61e8 1988732 gpsd-dbgsym_3.22-4.1+deb12u1_s390x.deb
 ea9201715d7f31dd6555d49bccac291ca7ba3836 1231332 gpsd-tools-dbgsym_3.22-4.1+deb12u1_s390x.deb
 f0226529735615a6eccf39fb6d2cf947165280cd 262496 gpsd-tools_3.22-4.1+deb12u1_s390x.deb
 b55496ebf00ce394d09f5b9313446038fb4c9fc3 21054 gpsd_3.22-4.1+deb12u1_s390x-buildd.buildinfo
 143808de118bd0a846e3a310051ec8734f9e99ee 341692 gpsd_3.22-4.1+deb12u1_s390x.deb
 f34bf902d323e8614b05da7a0e257189b55f5b6b 128092 libgps-dev_3.22-4.1+deb12u1_s390x.deb
 06e7b51a866159726fdc52d1f7fb99a3406852dd 145540 libgps28-dbgsym_3.22-4.1+deb12u1_s390x.deb
 a6acd2064ea0fadea0ab5839ee273dfc4c9ddb52 75292 libgps28_3.22-4.1+deb12u1_s390x.deb
 e37bee39d3053657bf99825c92c7b55602d077db 30292 libqgpsmm-dev_3.22-4.1+deb12u1_s390x.deb
 d3398c1fe2a85e07dbd01cd8875db0dd7c16e90b 376928 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_s390x.deb
 588df8e8d2d0d1e6379e227e2f283211766f5983 77576 libqgpsmm28_3.22-4.1+deb12u1_s390x.deb
 2e04041a4f421a1604d05f8b3a63b8df16e5dcad 62012 python3-gps-dbgsym_3.22-4.1+deb12u1_s390x.deb
 9f66594e3481b18894b2445a2571f5287d4932f1 134392 python3-gps_3.22-4.1+deb12u1_s390x.deb
Checksums-Sha256:
 0bc15dc33033772c72037fdddd0152fcd3c0135fbe7deccb800700c50388d129 1695928 gpsd-clients-dbgsym_3.22-4.1+deb12u1_s390x.deb
 9f1b1e4d38613c0119d611341de7567e807e5028e6fa9b8c4fb37aed1d67fab2 426776 gpsd-clients_3.22-4.1+deb12u1_s390x.deb
 093a007c2624cd66344823f210cc0c201a010f8c91a1a8606ddc4579d580a101 1988732 gpsd-dbgsym_3.22-4.1+deb12u1_s390x.deb
 f3208f0554527322d48f6b506528faa8fdf1bf4bc67578d7c02ae9974dfd1aa9 1231332 gpsd-tools-dbgsym_3.22-4.1+deb12u1_s390x.deb
 dcf30fffd7603b24ae476bafd2f64d3de0235b7719083fe1bceb893d3ebebb8a 262496 gpsd-tools_3.22-4.1+deb12u1_s390x.deb
 571e4ec601557d97017f4dad6bd683011641bbcba6149aac488537cf82db5411 21054 gpsd_3.22-4.1+deb12u1_s390x-buildd.buildinfo
 eba60966ee87667f7ac5eb20f822311b4fab9a542d3124e99af5c200ec3d5122 341692 gpsd_3.22-4.1+deb12u1_s390x.deb
 027ebafc463792dca652433d4422ba93c3ed957e40f823d45e30e45239f7d386 128092 libgps-dev_3.22-4.1+deb12u1_s390x.deb
 c034b3fe9e3905cd91ee62881152c86451bd25d1849f6a7452ea10637c3c8e38 145540 libgps28-dbgsym_3.22-4.1+deb12u1_s390x.deb
 2913f7bef8bd6f5bda3d30281709b4b8d1d1940c298a48f421fa606285aa512c 75292 libgps28_3.22-4.1+deb12u1_s390x.deb
 bbed67d8469e8e096e790e721339ec415f4071634c524a2f52517c22680ad800 30292 libqgpsmm-dev_3.22-4.1+deb12u1_s390x.deb
 045a5ba7f7a43beb4acc8a534cbf49f9dd964ebdcdf231675f2066195eb2614d 376928 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_s390x.deb
 62f11698aab936453ab27b11e15f3a1c2e3eae412b0a1dd61e358cbc988015e8 77576 libqgpsmm28_3.22-4.1+deb12u1_s390x.deb
 f6efbaa6508f35358880b1ca11533a3927f9b1f6a31da5a0f000abe876e72ff0 62012 python3-gps-dbgsym_3.22-4.1+deb12u1_s390x.deb
 4afef49de87b1b1d2daf7bdc28129968bccdd1d156e25ef65769a18f69218f52 134392 python3-gps_3.22-4.1+deb12u1_s390x.deb
Files:
 25c0197395bf2b43fe6026a4613c8689 1695928 debug optional gpsd-clients-dbgsym_3.22-4.1+deb12u1_s390x.deb
 bdbd977fb0c17e2495527e9f0f6f39bb 426776 misc optional gpsd-clients_3.22-4.1+deb12u1_s390x.deb
 e3a3cf3b28a5b24429536c1fd01bdb6e 1988732 debug optional gpsd-dbgsym_3.22-4.1+deb12u1_s390x.deb
 c5a0a69ca4ecc2227b42532e6a574de7 1231332 debug optional gpsd-tools-dbgsym_3.22-4.1+deb12u1_s390x.deb
 7e85c4806f1c3f9477f502cdc45a9759 262496 misc optional gpsd-tools_3.22-4.1+deb12u1_s390x.deb
 c13bf2a0f49eaa3ca6966a21c88f4ab2 21054 misc optional gpsd_3.22-4.1+deb12u1_s390x-buildd.buildinfo
 03494038b613816f4b75c17e498d1184 341692 misc optional gpsd_3.22-4.1+deb12u1_s390x.deb
 21899476d6defee656ffb01b43d5feac 128092 libdevel optional libgps-dev_3.22-4.1+deb12u1_s390x.deb
 4382c6e6df48b76833602ae5a81b27da 145540 debug optional libgps28-dbgsym_3.22-4.1+deb12u1_s390x.deb
 48ba972ef801ac14f375bdd180719745 75292 libs optional libgps28_3.22-4.1+deb12u1_s390x.deb
 557227bcbfa6103f7656ce42062ef91e 30292 libdevel optional libqgpsmm-dev_3.22-4.1+deb12u1_s390x.deb
 c26da19c34460a4865fd2e54f2226193 376928 debug optional libqgpsmm28-dbgsym_3.22-4.1+deb12u1_s390x.deb
 1a37c7d61271096f7db0b547ba8a78a9 77576 libs optional libqgpsmm28_3.22-4.1+deb12u1_s390x.deb
 9e8fa406504dcfa14a99199634e1ea35 62012 debug optional python3-gps-dbgsym_3.22-4.1+deb12u1_s390x.deb
 d3f76030f530b0c7a172aac63fcd17ba 134392 python optional python3-gps_3.22-4.1+deb12u1_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENly2ANlpa4eeqnluvVOPI7pYNpgFAmn2dvQACgkQvVOPI7pY
Nph2nQ//cIhqGLIh87TVSj0MOKjz2wyuOzYYFuUqewYdDYr+gwElipyhKdtjp0c4
bRjrjdB8gw0cKB3ZsRJf/llEnurBrjMx+pqa6hT5gpaGO6lMuFNiQBpGHUdnOdoV
GpwjKie8vAYscY4ukilkn7ohMrvmYhwXeKtolB0pTfbBTmkdqLRt0aFAcqk8tdbD
vSfhxryPwvhdgOWZXxMZz9waKIoMYLfBpBsLjFYgUW+Bp363Dgl7tJyLBRxbadG4
W+H6ZNeSVIfh9wbB62eEi/VHx7QkYhfDAFmwYdJbhLER717PM6oyXx9v8qMzkvPA
pOnkpOX9bPNL6jn7T11tGpIAEr5hJfcHsNHEdl2CEAFiYSrR9vBv48qmEoIhqKMg
jQJm3Ut7/9QDimtbrc95MaCUUQcnsB+paU+YtYVvRIZ9e5OwvRcO/HQ+S0Hog/Sh
QlvhMESdwqnihYYZX2Zpuui864PVCciV2R3WQrB4g6SQM5ruxlz0bUx2+Ya8iLPh
r4+w5zju8B2pm8svFAiuaWtbVke5a+95swEU6OGCU8Ym2SPd0Vkow+Vv7HM/qo7P
ztl4b6e/BJOgIip6g+Vtvx0WE+Sr9bq3ISyT92oNJIvi1iuV5uvsyVPfCiMRLfnP
lU8zFxdgqVLRJEecJyfdxZNZY6j8uk+60xaQ4z//xmi/Szg5i9s=
=yLtg
-----END PGP SIGNATURE-----