Accepted gpsd 3.22-4+deb11u1 (source) into oldoldstable-security

Sun, 18 Jan 2026 10:41:20 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Jan 2026 12:45:58 +0100
Source: gpsd
Architecture: source
Version: 3.22-4+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Bernd Zeimetz <[email protected]>
Changed-By: Bastien Roucariès <[email protected]>
Closes: 1124799 1124800
Changes:
 gpsd (3.22-4+deb11u1) bullseye-security; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
   * Drop BD: makedev for debusine
Checksums-Sha1:
 efc98173ac4af0004b4dfea1bc1dbc7750034143 2864 gpsd_3.22-4+deb11u1.dsc
 546f1968d208c5d73cf65aa31ea6ee16b01fb445 3347364 gpsd_3.22.orig.tar.xz
 3239fde45048787e5faed9b17eb544a5c51486df 59252 
gpsd_3.22-4+deb11u1.debian.tar.xz
 affbc5a1a694309fefd535e72b762071c511aadd 10432 
gpsd_3.22-4+deb11u1_source.buildinfo
Checksums-Sha256:
 a9396b139f180bb453af6aea23ed97d378744f41031f625e90a68bcfeabe618e 2864 
gpsd_3.22-4+deb11u1.dsc
 68d2a04e237a02ce42158ceda462a24afe11eeaa2b13482e94ac7ef66693f3a0 3347364 
gpsd_3.22.orig.tar.xz
 0f7581deb5d2ce747f06633074fce483b4ba53bef55e1037041457b9d1d63f5b 59252 
gpsd_3.22-4+deb11u1.debian.tar.xz
 89ddb87d791163d55ebade32ccb39381af63a6c4167422af8c325c2834a690d0 10432 
gpsd_3.22-4+deb11u1_source.buildinfo
Files:
 bf064c43a558a2f4ea7538c5d6ec6388 2864 misc optional gpsd_3.22-4+deb11u1.dsc
 c4a284ddb482318e8fdccf2903fb22c2 3347364 misc optional gpsd_3.22.orig.tar.xz
 a69bd0ed94932046450d061dcb5136af 59252 misc optional 
gpsd_3.22-4+deb11u1.debian.tar.xz
 553cd646d632d17c2f6c1e15cd1914ba 10432 misc optional 
gpsd_3.22-4+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmltI6MACgkQADoaLapB
CF8Wog//dyRcb1DUGd42q2JPW6idOdOt74qyXEpxqizExe6a9CHMCzMO00yd7k3O
tIeqdN+ywy8qYLvlCUc4+vVMRJNODBfn0mH7i/Uon1aOyJ5MpizaTx8FEFGLjVEU
+4VoDsTR5cCxS75OZlqhXApa2DhYrfOi0psAN7shqhbqSk+MaacXp4tohT9DQi6K
cH34mfZjTHtpeFwtpBIcd0cJM2R2Qr0vDBB+7WbmIbj2vadl5TmSFNuIkkI9YPZj
GlW7q7azBI8EdSiMZf7agxIVFJbNyzdE6ePDLxwRh9S82D4DdtKVuS/BgogpF1Xr
dv3Zd9xQKM8D5mxChX9LRHnNrNUAY2uGP0aB2fJfRx1dR+xCPM1OedQRZlkGwssO
SOzlPd5W/e/guumZNGz+vCtz6fk/W6LOOqDR+IH3ZT7/SRkKjYXmL4H0gKGHClWK
kYYfEcfWGQ50bShcogdrYIbXiIIcWeBu4MStX+K68/UI9MfHSegIJG97bVC2FWR7
74D1fObYuulbzGpncsc8GGmoNSpu3tx2bzEKBc503kXNxde5/foMIP0cb9SZuUdX
qyOnMSgvc5eWHblBDKMneWO1Urywt3qb7IXlFJkHMawotNocGEWINPe6ScwUtawt
+3i46puwqMOAoP0tXuKY0JI5JlIYYVB7EkPVzb8KRTCarhZ89ug=
=YmPC
-----END PGP SIGNATURE-----

Attachment: pgpl0Kxdh5boj.pgp
Description: PGP signature

Reply via email to