-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2795-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 29, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : gpsd Version : 3.16-4+deb9u1 CVE ID : CVE-2018-17937 Debian Bug : 925327 A security vulnerability was discovered in gpsd, the Global Positioning System daemon. A stack-based buffer overflow may allow remote attackers to execute arbitrary code via traffic on port 2947/TCP or crafted JSON inputs. For Debian 9 stretch, this problem has been fixed in version 3.16-4+deb9u1. We recommend that you upgrade your gpsd packages. For the detailed security status of gpsd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gpsd Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmF7qtIACgkQiNJCh6LY mLHbiA/+OQ0sO2C7Kw3+6DrZ3YGnORgeHrj3WuZ3I1T1RyuLbOUB8i9dqZpP9ZQH 7Hsv64/IF/60bsnUsVqmkLLQhrq0Fs+eeFr+nujhsrtXdUzD3V8/6QdXEq+Ll7qG BrFsbrT/jpEd5JjYeZszYOAEeYI4aUe7AqGD7Ig0/rh33L+wFaQwuEdUfL3qzEi3 y/e+W8rRsVXOAk2zpZ6cUUajsRqb/uxszmjV+q8Nc8hNib7dKjXcnLll1y12FjHa zapX9j+r110nJMXy9h/5G9tH2pElJwVzevZGO4++4xw5bo1HAD5yThOAGJ7miqxE xy2Y+3SAS35j3eKEJ76JDt1aBOSx6zYatBVCk+ojBNrAH77r9bAfoN/Vmrtqhq4K +9nM+CUvIfxFpPN9nF2Sbr/DMtuaJCLl+lqtrphVVkmVaipD+JivGEJO8fTtmKDN 9IA5Xq0PyIDqDAwL+Qtlxq9az0PnzHVp4cIkCKYy7dFRnIfxqKbqaCT/Ph3NB1yF Pfj2wjNgNsLFEG9ZN091IA9Xlaq88GvPLSWDOEP1Qq1uST8sA2M12NmLjWQK1+fD EgcaR6J0lCEI42JpTBTQ+08mYMbaWGp1TNf5s68h+yYnszZusm/KdEJwbTJHFrAc jEaFlFP8VrxgNhlplxvJascfa0j2IW7cDD2VuZodSDdPJk43PXU= =QfLe -----END PGP SIGNATURE-----