-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Jan 2026 12:45:58 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps28 libgps28-dbgsym libqgpsmm-dev libqgpsmm28 libqgpsmm28-dbgsym python3-gps python3-gps-dbgsym
Architecture: arm64
Version: 3.22-4.1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps28   - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm28 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.22-4.1+deb12u1) bookworm; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Remove BD: makedev, breaks debusine
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 713be50f701f211e469ac4ad03fd2dd948f1abf7 1688748 gpsd-clients-dbgsym_3.22-4.1+deb12u1_arm64.deb
 62ccfa3e2a6868795bf44e9e7d46f530f05710a6 434976 gpsd-clients_3.22-4.1+deb12u1_arm64.deb
 8c75c5bc1eff57406bb0df0fa4892e3c100a4443 1947980 gpsd-dbgsym_3.22-4.1+deb12u1_arm64.deb
 12e07a3d703553745d81b106d8951c3a27e71cc4 1213932 gpsd-tools-dbgsym_3.22-4.1+deb12u1_arm64.deb
 bcd08fbd4142fcec31f6df7c5ba21757295317a4 276008 gpsd-tools_3.22-4.1+deb12u1_arm64.deb
 4cd545fc7cc84a3277b0180dde5ea90f28ec42e2 21208 gpsd_3.22-4.1+deb12u1_arm64-buildd.buildinfo
 cdc9a35073f20ebd2c036a9c835606a7129ce5ab 356828 gpsd_3.22-4.1+deb12u1_arm64.deb
 91f92da295f9d24634201d1ae6f5c8346550c698 133276 libgps-dev_3.22-4.1+deb12u1_arm64.deb
 79cd87a14dae3d33ea1c6c6853fae5e752bb9239 149100 libgps28-dbgsym_3.22-4.1+deb12u1_arm64.deb
 4d348eeae1760c44fa653deb8841e25d7a4873e4 80096 libgps28_3.22-4.1+deb12u1_arm64.deb
 253fe5c788ffc1005f159800311cc4467730ee75 30288 libqgpsmm-dev_3.22-4.1+deb12u1_arm64.deb
 8ec99853ae2f89894d54862745057ea683af5baa 373948 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_arm64.deb
 c7b3c5281030331bbd0537b77d3aeeeb6db197ac 82316 libqgpsmm28_3.22-4.1+deb12u1_arm64.deb
 4d907d8bad04cfae04810cc306bc17feb2277dbf 60600 python3-gps-dbgsym_3.22-4.1+deb12u1_arm64.deb
 3a622295e7e69382d6534bd5248c5b6e7c9a6da5 135024 python3-gps_3.22-4.1+deb12u1_arm64.deb
Checksums-Sha256:
 e13b964e86f160a2609b7ebdb7a4a0526d804ee62dc3329711bd40936502f136 1688748 gpsd-clients-dbgsym_3.22-4.1+deb12u1_arm64.deb
 d9891d9ee68289b8ce6130b5b1f8af1e95394074845a7c735b9051b0b34e1a2d 434976 gpsd-clients_3.22-4.1+deb12u1_arm64.deb
 baa170c6296ecfa5ec4d7d97a9a01e17b1dfbd794b7bf9ab768e9f058870f363 1947980 gpsd-dbgsym_3.22-4.1+deb12u1_arm64.deb
 d4f6e142c7ae5f794727523f9e17c5971d790f3f3f445d2257ad2334f56092e1 1213932 gpsd-tools-dbgsym_3.22-4.1+deb12u1_arm64.deb
 7e70419acc97e88ab14e8a83622f8e4241eb81ec707d861bc05c44869aa766ff 276008 gpsd-tools_3.22-4.1+deb12u1_arm64.deb
 4cbb952a7e1f660fee062e16fc4ea022a139dbecc689ac117f6d872cd9403b4f 21208 gpsd_3.22-4.1+deb12u1_arm64-buildd.buildinfo
 ae7babe3b252ea05b8e8ea7fd3c4b652ba911556b816d0107b15c7e52b31ae2e 356828 gpsd_3.22-4.1+deb12u1_arm64.deb
 a468c1268cfa6c42a8bc1bfc90faf9b795e3029d640feef562b65fa1c8821f1d 133276 libgps-dev_3.22-4.1+deb12u1_arm64.deb
 d107c675f388e2882745c483e99940a656f9b38bf1c4b32fd34264fb8b62e199 149100 libgps28-dbgsym_3.22-4.1+deb12u1_arm64.deb
 61083f711f25be3af5e771e8b74e5535c4f8daa8e39470194512a2bd2478b3e2 80096 libgps28_3.22-4.1+deb12u1_arm64.deb
 38c819c9157ac879c49c5d183b4276fcde36fff220ae79aea927d495484a3a2a 30288 libqgpsmm-dev_3.22-4.1+deb12u1_arm64.deb
 21a92d9ca761d3d9eee3c2d7ada0cff900ca536986e74a28fe3d16a918c6a723 373948 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_arm64.deb
 ba73dc18d97e410bef4936f29708356719943e31af3cc5e451d0f3fcb9b82831 82316 libqgpsmm28_3.22-4.1+deb12u1_arm64.deb
 24406fcc5013ab28f431e67e56745dd02cf3359e9a8fdb64812a534bec9b997f 60600 python3-gps-dbgsym_3.22-4.1+deb12u1_arm64.deb
 e6edbcff477da4f1280ef9e70b63b5b738cd7ee1cdc602bfe34599f430764ffa 135024 python3-gps_3.22-4.1+deb12u1_arm64.deb
Files:
 42b87dcc5026cd8a962a926a2c7c6403 1688748 debug optional gpsd-clients-dbgsym_3.22-4.1+deb12u1_arm64.deb
 d73e5eb351a0d104c3ce0165f04429ae 434976 misc optional gpsd-clients_3.22-4.1+deb12u1_arm64.deb
 0464dec26a9fb07e38d00c7d3e8a9143 1947980 debug optional gpsd-dbgsym_3.22-4.1+deb12u1_arm64.deb
 c9a81e35c60e5e69b07910dc202b5563 1213932 debug optional gpsd-tools-dbgsym_3.22-4.1+deb12u1_arm64.deb
 77cba1961d2ae7c9b34357e683df99dc 276008 misc optional gpsd-tools_3.22-4.1+deb12u1_arm64.deb
 8809efed99d3371048526e66d1a53341 21208 misc optional gpsd_3.22-4.1+deb12u1_arm64-buildd.buildinfo
 fac1d9650956bee0921feb0344a2c2f7 356828 misc optional gpsd_3.22-4.1+deb12u1_arm64.deb
 4fe0ae0d431d72f71538b1b8c92f7dbc 133276 libdevel optional libgps-dev_3.22-4.1+deb12u1_arm64.deb
 1d4bb6bb560b07be7880088300cbd63f 149100 debug optional libgps28-dbgsym_3.22-4.1+deb12u1_arm64.deb
 d308e131210222561736df77cba09ee3 80096 libs optional libgps28_3.22-4.1+deb12u1_arm64.deb
 7f03f79ee9db587f44c83d750ca5bbbf 30288 libdevel optional libqgpsmm-dev_3.22-4.1+deb12u1_arm64.deb
 eb62b1fc0b7be8d43f51e53964624a95 373948 debug optional libqgpsmm28-dbgsym_3.22-4.1+deb12u1_arm64.deb
 11384910d6d8faa7860c50f174e66ac8 82316 libs optional libqgpsmm28_3.22-4.1+deb12u1_arm64.deb
 1131dbc09ff24c19f71b5e38bd2464b1 60600 debug optional python3-gps-dbgsym_3.22-4.1+deb12u1_arm64.deb
 030c40e255a252ecedfb243d5c20a3bf 135024 python optional python3-gps_3.22-4.1+deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEJkN0BnKzGWWW6tS+G5VHrWJmwgcFAmn2d/IACgkQG5VHrWJm
wgep8A/+JEJfTtVJlpkoHW9f4jXarZCg7CHsKIJn6GnEsqPQ85tHmR/CNqslvyKb
k5/fh7y7npF23+vksOf70uENpgl+owNM4uII0gt0spzGscwzyI5bhgBAf7+a7GDt
a9+U72YufNnxJQG8G88xF2JxbRm2mBKkv4OzGpgNBTfAWXUPJpjbj001vE5ljuGt
6f7oui7+j0Ajdnlu0fuUFoSFyGO/vLh5jxJccDQ+reiLBlvIBxsRxvoozgurAXOw
h3pcwRbHOJv5CVXXbiVxbFv4nYddIG2nGJqbypiLXoebBqiEo0XDCHdXI1lXQtLR
bb1u90s0frrEEq8KGE8z4ZzM33zqvE3Ak3agpGdek0gVJgAWJctj3ODcS4sYoDv/
aFVf1G5W4w3NQBunkKDaKfO0qow36X1sXVjeHnkP2sppOCb7JBHkko5TdfJaCDpB
H0sWzxNfyUuJ7IJqv/EWWUbrVnSpBAWJLQK93YehenjpqGBqScfU5reE2CEPRIAG
AJp3oxhtjFOVPU7cWruxdgmsyh2fMoG4MMb2ZrYp4KTGBnCB9+4NDUPlTyqHjb2x
cVBu2MnwzJcEzCwA0Ft+cMOwHUUXFplskIqDKGofVy1BwSpuzPai9fmDrGGusO2S
023G5ybnobQHUVQjNEpX4Htgo0fHOpqMTVKKNK91gRw7DH2fA2Y=
=bBv6
-----END PGP SIGNATURE-----