-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Jan 2026 12:45:58 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps28 libgps28-dbgsym libqgpsmm-dev libqgpsmm28 libqgpsmm28-dbgsym python3-gps python3-gps-dbgsym
Architecture: armhf
Version: 3.22-4.1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: armhf Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps28   - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm28 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.22-4.1+deb12u1) bookworm; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Remove BD: makedev, breaks debusine
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 e0d88f8454d3e36dd3b06e14a587b75e0f9d6a56 1698296 gpsd-clients-dbgsym_3.22-4.1+deb12u1_armhf.deb
 ef2f74fa02440341fc3b56b217751c2b58d0b1fa 419240 gpsd-clients_3.22-4.1+deb12u1_armhf.deb
 bc385b4ee949568ce36364e4fcb39768686af955 1946812 gpsd-dbgsym_3.22-4.1+deb12u1_armhf.deb
 8526e1f9f93dd66b1d3048f32c32c032977b20a9 1215476 gpsd-tools-dbgsym_3.22-4.1+deb12u1_armhf.deb
 63764538ee1a917e17f77baa1b171820ec2b7bfa 263416 gpsd-tools_3.22-4.1+deb12u1_armhf.deb
 74fcdbe584e9bdb3470b270aec3fb59a83208d4a 20671 gpsd_3.22-4.1+deb12u1_armhf-buildd.buildinfo
 e226c92265af1bb406d42a4b83b550b53051938b 338444 gpsd_3.22-4.1+deb12u1_armhf.deb
 d19d1dc2e221f4318f753ffae9e78ec81668d141 129196 libgps-dev_3.22-4.1+deb12u1_armhf.deb
 6bc5f3c46069b3ff8626c81ac0a4c919a2e87461 151228 libgps28-dbgsym_3.22-4.1+deb12u1_armhf.deb
 659ab45f53191eed0750536ea3bb9af69640c54b 76036 libgps28_3.22-4.1+deb12u1_armhf.deb
 4a1916377f2a14ce5ac0a66730304a6c35625e06 30296 libqgpsmm-dev_3.22-4.1+deb12u1_armhf.deb
 2b86779cf6308cebe52f7fabb723e0c23bb57ffd 375792 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_armhf.deb
 5f8434a63808cd38353c0560b67c3270331689c3 78296 libqgpsmm28_3.22-4.1+deb12u1_armhf.deb
 056903e59c509aa5d14123f343f99f4ad7621317 62352 python3-gps-dbgsym_3.22-4.1+deb12u1_armhf.deb
 5f3fcab8f9773a6b3b5ef1066ecbd1e213add148 134508 python3-gps_3.22-4.1+deb12u1_armhf.deb
Checksums-Sha256:
 2aab7ec28b4fa2a665dbbb5b6a84f40ab4b3e7496358f576fca33c2461d67e5e 1698296 gpsd-clients-dbgsym_3.22-4.1+deb12u1_armhf.deb
 b83e1eca36810a107ee051543866a4624411ffc756acf317845b9ee7c700c9d1 419240 gpsd-clients_3.22-4.1+deb12u1_armhf.deb
 f95b55d6ca6ce640bf2f04cc6151cb5b612a1975e9e99df53647f0f97dcf391f 1946812 gpsd-dbgsym_3.22-4.1+deb12u1_armhf.deb
 41cdad2bd424296b91129d9c99d46082920b2e3fdd5c1051b60eb18fb53bc8a4 1215476 gpsd-tools-dbgsym_3.22-4.1+deb12u1_armhf.deb
 6a62e1f676128e05f36a7f971d2f6e3e6545ff5e8a2cbb794cabdcd1a808c161 263416 gpsd-tools_3.22-4.1+deb12u1_armhf.deb
 ca9af7d9be83315f6ffa273ceb545c18f864fcfcc6cb753c8cb0329366742e27 20671 gpsd_3.22-4.1+deb12u1_armhf-buildd.buildinfo
 03cdaa20b449efd9615ec20d023eb5628ec6f4d8e3b9b048afc6c8bb6f0d3cb7 338444 gpsd_3.22-4.1+deb12u1_armhf.deb
 d7676b395445c314aa1f839fb143442a9a543f6d2cd65b6ad2823aa6cf7d23e9 129196 libgps-dev_3.22-4.1+deb12u1_armhf.deb
 3e77c38a7e1d2c23028d5282dc5b74de07a1928c86542cfc4b7a376551dd2f9c 151228 libgps28-dbgsym_3.22-4.1+deb12u1_armhf.deb
 2fb3212ae9e609be7f174d392fd9daa7904df50497887c5e53dcaaa442d9efc4 76036 libgps28_3.22-4.1+deb12u1_armhf.deb
 078e74806ca265b6fde88f26bd151e43d34c72299e70225383b109d30330c429 30296 libqgpsmm-dev_3.22-4.1+deb12u1_armhf.deb
 ecbc74fdb5cf046aec0f42b9d30b799f7a141236705ecded21ad0129d9136505 375792 libqgpsmm28-dbgsym_3.22-4.1+deb12u1_armhf.deb
 16ea1598345f05a71e1da06811bcc5c6f96344f2aa2768162bbf8f1778112eff 78296 libqgpsmm28_3.22-4.1+deb12u1_armhf.deb
 93e449380418155708c8d6fca496bfc30ffe7561b305556795ab16148da71970 62352 python3-gps-dbgsym_3.22-4.1+deb12u1_armhf.deb
 4d020376485d3857a478213c5c4f5bb941061591632ed470a844b31924904a76 134508 python3-gps_3.22-4.1+deb12u1_armhf.deb
Files:
 23cd129b051e02e5dbe3156fb25e441e 1698296 debug optional gpsd-clients-dbgsym_3.22-4.1+deb12u1_armhf.deb
 0d99e703d1d7623f3cbb5a1f7328a8f9 419240 misc optional gpsd-clients_3.22-4.1+deb12u1_armhf.deb
 68c355bc0d314d2767042dd7ebf132c1 1946812 debug optional gpsd-dbgsym_3.22-4.1+deb12u1_armhf.deb
 edc8e4172f8d61b7ad7166ed71fcf97d 1215476 debug optional gpsd-tools-dbgsym_3.22-4.1+deb12u1_armhf.deb
 69019a96affe4d41a6fc17f1887b473a 263416 misc optional gpsd-tools_3.22-4.1+deb12u1_armhf.deb
 44c0894a7a9a1703c26a932c703b3f40 20671 misc optional gpsd_3.22-4.1+deb12u1_armhf-buildd.buildinfo
 3058fa29bb67f3da4b259d2f62e43aff 338444 misc optional gpsd_3.22-4.1+deb12u1_armhf.deb
 e803aa30a0ece05a559c3eb99391f471 129196 libdevel optional libgps-dev_3.22-4.1+deb12u1_armhf.deb
 b4e2a093e8f682fcf4a29a0e76e9bdf3 151228 debug optional libgps28-dbgsym_3.22-4.1+deb12u1_armhf.deb
 b15d70d4f9f5bd76256a4f29fc1add68 76036 libs optional libgps28_3.22-4.1+deb12u1_armhf.deb
 b06f70de1ab7e775d4db9b6d618db2d3 30296 libdevel optional libqgpsmm-dev_3.22-4.1+deb12u1_armhf.deb
 75b7360779389772a0f0e8ec0ea73fd8 375792 debug optional libqgpsmm28-dbgsym_3.22-4.1+deb12u1_armhf.deb
 8d9f0c47e1e624c386a549bd6374e490 78296 libs optional libqgpsmm28_3.22-4.1+deb12u1_armhf.deb
 2458ba90732351d70db2d344848e65e4 62352 debug optional python3-gps-dbgsym_3.22-4.1+deb12u1_armhf.deb
 ce17187ab0ea89056e620fa370eaa542 134508 python optional python3-gps_3.22-4.1+deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO4qAQUSIo2p/kVRf8U6eOZMpj68FAmn2eE8ACgkQ8U6eOZMp
j690hBAAnooaXBPby1qKdimpcui6ufeMJ+Hguy+d7ML1EiCVBvxOnvryU2qawVSP
zCYUDIQSKGqJc5P2c2Av4luR/ydKzYG7NiN/Oh8Nds+vlUIWCVQX8f2F0/jbd72y
YlRpPb1qSlX0tQ+aL/9hD5FJ96GqhaUEYPFUBSsfG3NVRGExOvvaoKpflRzx8K11
8pslO0MyKJTIM6ybT/y8EqZehGe7K/31MoAecVDIOmUdJy7mHAbP8jyAfxfW3DwQ
GD6tUBPtCnsNt6UdvqPLqTPMvznYWFX0Rsxc5lpae8OB3+9Xho8TlHSn6DLR/yLs
8ORnE1hbU5f6+e3RQo2Lx/hEnl+W7wChiq7vQxiZ/4taHzuDdEYWfaH5oOAcNzJc
bqPQYP2yEAuJyGM4WuZh2pTLGYKUXl+slPWMEihoHabr6VkYn/LyxINm7CGuo5Ii
QB6hGoMHn5OZxWwpAkUebYUhcEq4eV0ExT/95My6X/qjL6NXO66oqurRN4+0UQAU
1HzDNXNAUlpQax2l4q4Zu0hF39aniubWQ73MHiz5LH76Ljcd/yOnoYZroY4Pp8Il
PiQCo7S0u1bAXMaIp/blj8u+yv9pICcPIPvTAc9HlWLAPaa17zDrCrZRo8lxmQ2O
5Sa/y0d8oXzDVvU8D/VwyZjAnCFkQHekYFC/CwqEFkj2xTzrBlM=
=+fnq
-----END PGP SIGNATURE-----