-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 17 Jan 2026 17:51:45 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps30t64 libgps30t64-dbgsym libqgpsmm-dev libqgpsmm30t64 libqgpsmm30t64-dbgsym python3-gps python3-gps-dbgsym
Architecture: arm64
Version: 3.25-5+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps30t64 - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm30t64 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.25-5+deb13u1) trixie; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Add salsa CI for trixie
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 5deb07f6d22f113cd93bcc566a31c4ae68a61012 1945436 gpsd-clients-dbgsym_3.25-5+deb13u1_arm64.deb
 14c1a10e584114219a4eef40da28ea71ac13bed0 487820 gpsd-clients_3.25-5+deb13u1_arm64.deb
 01ac9d34477bbfd8ea65a20352bca192f9f2a38d 2282932 gpsd-dbgsym_3.25-5+deb13u1_arm64.deb
 0851dff84946737a0e5ce048e58cf30ff8ffe3dd 1576456 gpsd-tools-dbgsym_3.25-5+deb13u1_arm64.deb
 4272c386220ffc48c5e46fc10c827425b34c1f4c 331644 gpsd-tools_3.25-5+deb13u1_arm64.deb
 925f25e36b8db91c1a0ec6a0579ad0b78054d924 20622 gpsd_3.25-5+deb13u1_arm64-buildd.buildinfo
 56359cc849ed399b62c8289a78c8322cbb6cdebf 405620 gpsd_3.25-5+deb13u1_arm64.deb
 f2fa552748c0da669ae4f3bb8d070afd377da779 147564 libgps-dev_3.25-5+deb13u1_arm64.deb
 67449b9fad20aa12a18e264cc5f0cd8b37c1188f 170840 libgps30t64-dbgsym_3.25-5+deb13u1_arm64.deb
 41fab12df18b9fa8c759f1ccf9c1b7a4619ad0cf 87504 libgps30t64_3.25-5+deb13u1_arm64.deb
 dbfe0a84f01a719ff18f71826eed49a16410f7fb 34172 libqgpsmm-dev_3.25-5+deb13u1_arm64.deb
 166be9f45245120cfa8f6a6b1810abdcbecd5c8c 396788 libqgpsmm30t64-dbgsym_3.25-5+deb13u1_arm64.deb
 bd24efec0858b381814f002536de2a2cc67c0b91 89648 libqgpsmm30t64_3.25-5+deb13u1_arm64.deb
 3bca2863f97809e2b55832fd324627b9ac4e1bb6 62204 python3-gps-dbgsym_3.25-5+deb13u1_arm64.deb
 451226c99357fbbdd7f6f4537576aee36451ee42 151596 python3-gps_3.25-5+deb13u1_arm64.deb
Checksums-Sha256:
 5879a33943cefc585f6ad8e1f4871093f2ba1206e1deb1d4159d99f3517fd756 1945436 gpsd-clients-dbgsym_3.25-5+deb13u1_arm64.deb
 60348099d1e0eff0db3bb8732d88591b2607eb1143435090dbd5add0d08eb084 487820 gpsd-clients_3.25-5+deb13u1_arm64.deb
 e2ba0491fe234ad1ebdc0e096a1879c6345e02029a012aef70859d9dc9bd4ef5 2282932 gpsd-dbgsym_3.25-5+deb13u1_arm64.deb
 f3e4c6946e0644d4811ea411648f709febbf6923b30404e6652222b39ed0a537 1576456 gpsd-tools-dbgsym_3.25-5+deb13u1_arm64.deb
 310e28a679e4469445c3f31e29e2e000f615c4efbc8a3b04e6633558f35ff367 331644 gpsd-tools_3.25-5+deb13u1_arm64.deb
 be8e538c72e65b26ecfb23f06093f848883d21e4f3c94f2033d3b22bd2149601 20622 gpsd_3.25-5+deb13u1_arm64-buildd.buildinfo
 c667c923e43d8113f48e38dacf06fc75e1a06560e7785d3eccfa97041edb6f71 405620 gpsd_3.25-5+deb13u1_arm64.deb
 35ba0bdf1a8bfe1d57f6c1149ab44b7b448430decfbb5497bf935a6e55915ba3 147564 libgps-dev_3.25-5+deb13u1_arm64.deb
 50d5fb2798397df0fa95c66b5c1c375d7aa4d902a74d4dc5f199be3994ab0406 170840 libgps30t64-dbgsym_3.25-5+deb13u1_arm64.deb
 90688ccf72589c73b752f9722e22d409c1150664a5b56d6cb18ecd3149761119 87504 libgps30t64_3.25-5+deb13u1_arm64.deb
 9320b2153d31613230c4d5381fbe3f1b65888057bbe33328aff0b380375aa6b6 34172 libqgpsmm-dev_3.25-5+deb13u1_arm64.deb
 d44a71baa2ec05349485d645e742410e48f4261e91d28fcd0d0ae9ea6574c9fd 396788 libqgpsmm30t64-dbgsym_3.25-5+deb13u1_arm64.deb
 e9903929bbb50f5310c9e1a732470f8764214c705b704293a7428662340dc03d 89648 libqgpsmm30t64_3.25-5+deb13u1_arm64.deb
 1f7638497ffb4f2ffd9d70d901ee2343e68e6987e749310382ade6ada355bd91 62204 python3-gps-dbgsym_3.25-5+deb13u1_arm64.deb
 d8fb62426731358143c0c05aba1a759d7f995a4c8799c0a3d9e0eb9a1a3bdda6 151596 python3-gps_3.25-5+deb13u1_arm64.deb
Files:
 af16bd9ea247365283dcd29036c3aa22 1945436 debug optional gpsd-clients-dbgsym_3.25-5+deb13u1_arm64.deb
 100f428891bdef83d643491a7ed26075 487820 misc optional gpsd-clients_3.25-5+deb13u1_arm64.deb
 f0d997b1dd0a371abaca5b7e698f00f2 2282932 debug optional gpsd-dbgsym_3.25-5+deb13u1_arm64.deb
 ef2a79e7950a4739b32a6a909d9cc10a 1576456 debug optional gpsd-tools-dbgsym_3.25-5+deb13u1_arm64.deb
 04e1a30b5aa87e7a6700d05a1ae31655 331644 misc optional gpsd-tools_3.25-5+deb13u1_arm64.deb
 7f522318c5c1ee1a9d35fe84dc9b2917 20622 misc optional gpsd_3.25-5+deb13u1_arm64-buildd.buildinfo
 7d75316378c6940926ae1f97d57e0857 405620 misc optional gpsd_3.25-5+deb13u1_arm64.deb
 9dbb9b98554b500232fd1f760daae6d1 147564 libdevel optional libgps-dev_3.25-5+deb13u1_arm64.deb
 74e78cc1829faf02b36e98d70c4ee599 170840 debug optional libgps30t64-dbgsym_3.25-5+deb13u1_arm64.deb
 3f1f0e5b26ec324e12152ea971d6991a 87504 libs optional libgps30t64_3.25-5+deb13u1_arm64.deb
 0e4b1079ebb9d9f30a9e35f35e493421 34172 libdevel optional libqgpsmm-dev_3.25-5+deb13u1_arm64.deb
 1c3cff40a30e8e7572471458855caf30 396788 debug optional libqgpsmm30t64-dbgsym_3.25-5+deb13u1_arm64.deb
 720b7f9651fc01d02d498eb9e05826a9 89648 libs optional libqgpsmm30t64_3.25-5+deb13u1_arm64.deb
 cadee7ee93ccee243a34e1df449afa61 62204 debug optional python3-gps-dbgsym_3.25-5+deb13u1_arm64.deb
 b40c1b66341650928266dbcae85c31d6 151596 python optional python3-gps_3.25-5+deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmmkW80ACgkQScpU3dYu
lLhXBxAAtLgozlryNUd0qwCekXGyCJyNCN/h5vJD1gKi4mU+oYMcGbwnlBmdi5Z7
+Io3aDYki9HxuelvPj2/WXHAhImxuHjshhnd6cC5n46AngSLjwZg1z5PB692UGiQ
te5EVUUy5RWT+6UVfg9cgVFwbmO8XdYYlpwm+1CNGYviVNqiLPKlQWsStabSZ2bn
A6JoucdV+CcreN6dG29XinxKCyGNIjOCSkpUgMdMZFrIgbWwKqxogP6w7NOr/ZWM
nuu6GIZzgkaJdhFA1++PTlRAs+2qJYzTYttm5TcEueJ+RyltUL67fVplOdjFtuPM
tNQTWI9FuDgX6n4f52S3MfY2lFdiHYyoAyLR0kRo3kno2BgDlRXZbKxTWJ8slWwX
AH58cFvF7Z6PgnT+cNpH+SWMU+NIjYTytqdLmh2gYvS9Vemu6OX8WXbdUUW8QGx+
XCeySJ8Fg6g1Zh3uqYE0PaqEcDIIB/N89+IyILn45g6O2b8R7l28uMc5a7NnCWT5
/JXKdnQ4VS5QpxRNyTKve9RyGWA7JWT+ZBx4B3kDFXc3DqejFXpaW+oj/LsTE14P
PvgkD26IjDB/5yjjg0EkX+W4HUea5VjPDrXxDPD5W61cZSA+7R/RloikCpvK6ArR
Ajp6CUSbb5jJVnq7BxA5S3eBGFbAdZn9n3tRieQbeDTILMSnE0M=
=q28y
-----END PGP SIGNATURE-----