-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 17 Jan 2026 17:51:45 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps30t64 libgps30t64-dbgsym libqgpsmm-dev libqgpsmm30t64 libqgpsmm30t64-dbgsym python3-gps python3-gps-dbgsym
Architecture: armel
Version: 3.25-5+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps30t64 - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm30t64 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.25-5+deb13u1) trixie; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Add salsa CI for trixie
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 b240482c706354f3394ba02f1cc3391959c7f35d 1947312 gpsd-clients-dbgsym_3.25-5+deb13u1_armel.deb
 a6215d47566997bd6a0c47cc1ec9faf74875eac5 482304 gpsd-clients_3.25-5+deb13u1_armel.deb
 caa690165458f5c6d49dea49fe537997e9d878ad 2304476 gpsd-dbgsym_3.25-5+deb13u1_armel.deb
 d8f4fd5f2ac28ad5f05557b805f1fcec1d83cc5c 1580832 gpsd-tools-dbgsym_3.25-5+deb13u1_armel.deb
 8af04cedddc02a6ea3eb54e5395a473b0eee51ca 329200 gpsd-tools_3.25-5+deb13u1_armel.deb
 c6311be44081a9959f663816b711669f35946d88 20429 gpsd_3.25-5+deb13u1_armel-buildd.buildinfo
 7cfb7a397eb4fc0aa1887e92588ee7c7064e8c4a 399304 gpsd_3.25-5+deb13u1_armel.deb
 92e107038d4f24159c4a23f41e30ef90ce85567c 144456 libgps-dev_3.25-5+deb13u1_armel.deb
 d1f6146e811933052809e2ce114a4e5233376f32 167296 libgps30t64-dbgsym_3.25-5+deb13u1_armel.deb
 c10e714e43996679c912c63a258050b3221a177c 84136 libgps30t64_3.25-5+deb13u1_armel.deb
 cbdba7ad235646ff0c18b516c8c057c51a2d5e22 34172 libqgpsmm-dev_3.25-5+deb13u1_armel.deb
 6bf60d1557266301558083e78cefdad39e3413cd 398572 libqgpsmm30t64-dbgsym_3.25-5+deb13u1_armel.deb
 edef78c60911b62efa22f47d431135313d399b8d 86148 libqgpsmm30t64_3.25-5+deb13u1_armel.deb
 9d86b3a98cde2a07cdd41d9d45f15b6fae2b164d 62548 python3-gps-dbgsym_3.25-5+deb13u1_armel.deb
 42e85b645ad32267039d7732b24027da4648b32c 150872 python3-gps_3.25-5+deb13u1_armel.deb
Checksums-Sha256:
 c0fe2f59fc586ccd95aa963a0f886fd840b1e90db013d84498474bda1dc42b70 1947312 gpsd-clients-dbgsym_3.25-5+deb13u1_armel.deb
 7316f65995159825519d916e59440d94fdf01fda7f9c1c888089b192af7e2ea3 482304 gpsd-clients_3.25-5+deb13u1_armel.deb
 4151041b5a7a707981d1ee83110fcb16438c89fd40ace2771df288441fc29c37 2304476 gpsd-dbgsym_3.25-5+deb13u1_armel.deb
 8b5ffccd5d59d81cf0741f30cc386630b8ed91dc3f3fe9c58ce11d446d16b5e6 1580832 gpsd-tools-dbgsym_3.25-5+deb13u1_armel.deb
 f84720f4d27c5a58db6db117ccbf5f79a59c2f41cc81683e1a332f115ed59fc7 329200 gpsd-tools_3.25-5+deb13u1_armel.deb
 a2630e78bb0496456d00b24ef19084c3e300f91d26a4be7813bd733a7aa3b8f6 20429 gpsd_3.25-5+deb13u1_armel-buildd.buildinfo
 bcec01a99d9d820353fb0cd37fd78a898d85f0654ad32412f9eba54e0521ecba 399304 gpsd_3.25-5+deb13u1_armel.deb
 9d80f5b1db4214c27e9ffb6287521ebe0bfecb26077f0f128aa0db70e3be360b 144456 libgps-dev_3.25-5+deb13u1_armel.deb
 37e4a060e8cbdb0ed5c5a654fb71479e7fff86751db41109f99ff10f665dc6b0 167296 libgps30t64-dbgsym_3.25-5+deb13u1_armel.deb
 8a74ceac2f31d6c0aa497d27cf3e89e62ae0ebc5d881a4ee21062c01c184621c 84136 libgps30t64_3.25-5+deb13u1_armel.deb
 c5a3fa63b89e7d9f3d861067f2f7dba36e43e1f46b515d47cc62595ab069d769 34172 libqgpsmm-dev_3.25-5+deb13u1_armel.deb
 fa385cff8c57286c0b5a3485f9b2d58c103b0ddb45f2a9728bf125b7e1affc0c 398572 libqgpsmm30t64-dbgsym_3.25-5+deb13u1_armel.deb
 1c18cf3f7ed143b63978d16b2ecf28b3d181b502a94798891ca8bd3b6a34a124 86148 libqgpsmm30t64_3.25-5+deb13u1_armel.deb
 40573ff517cde6392c12bd15fd23a8a97f2d65ecb8b02ddb7e35da857497621e 62548 python3-gps-dbgsym_3.25-5+deb13u1_armel.deb
 fd20802ade06e995be5905a6c07eae60eab907cc6d1671b4a660b64c2206f1fe 150872 python3-gps_3.25-5+deb13u1_armel.deb
Files:
 0fc6969b57e496372f023c072ed453c4 1947312 debug optional gpsd-clients-dbgsym_3.25-5+deb13u1_armel.deb
 b70438c6d753f52e90dc87a335c5edcd 482304 misc optional gpsd-clients_3.25-5+deb13u1_armel.deb
 6d27f01177b3a33db5836b3d0b8a7a5b 2304476 debug optional gpsd-dbgsym_3.25-5+deb13u1_armel.deb
 20aefd566ecb6363329f01aca4d7c6fa 1580832 debug optional gpsd-tools-dbgsym_3.25-5+deb13u1_armel.deb
 89048fa99f7104fde66202ba4406a4e8 329200 misc optional gpsd-tools_3.25-5+deb13u1_armel.deb
 604fec6703f8482f40495ef3afb9a496 20429 misc optional gpsd_3.25-5+deb13u1_armel-buildd.buildinfo
 eb1f02d4d6cab1f7ffa345612be8af97 399304 misc optional gpsd_3.25-5+deb13u1_armel.deb
 4c65866b0fd5a8a77fc644175a203c68 144456 libdevel optional libgps-dev_3.25-5+deb13u1_armel.deb
 25637d9f6781a6184ce9a068d2086e2f 167296 debug optional libgps30t64-dbgsym_3.25-5+deb13u1_armel.deb
 f1dece150d938c8baf31e47dfa48f2fa 84136 libs optional libgps30t64_3.25-5+deb13u1_armel.deb
 e93dfbf3fc0f5876ad9c877cea658514 34172 libdevel optional libqgpsmm-dev_3.25-5+deb13u1_armel.deb
 e153f656e9a52f579c644d665828ff53 398572 debug optional libqgpsmm30t64-dbgsym_3.25-5+deb13u1_armel.deb
 e1b3f53a84d995fdfd520cbcecc90e24 86148 libs optional libqgpsmm30t64_3.25-5+deb13u1_armel.deb
 b7df682567d3447faf5fb3262a96c579 62548 debug optional python3-gps-dbgsym_3.25-5+deb13u1_armel.deb
 75961b91d88436a7de46a0f8d7fee10f 150872 python optional python3-gps_3.25-5+deb13u1_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENsdrABvTD8MQ0UffVza3l394K2AFAmmkXTUACgkQVza3l394
K2BjCBAAybHPwH2PW2jo+DCWzFn2O+Omng7Lh0uEmRe/yKWMIcqXw+7YkG26C8H4
3j+83eyyKC8yYGWf7fGIsyRMui8g9e5KeKtKqDpcLWcrqnzW0MY7qvbd+ggwhuJK
2C8krQ4GDKLgBN49UuUfPu/QgNZdOOI/icKJH5dthgyiS5fkSFdC5gXAPfypVa91
2Wvp9oN01Adu+Q/vXfqOqHHOUQWil90Nybv4dR6cMw2XiMWYaZMimaMBeeqgrLLh
mSJvxNKUHo30ERLUyA4bUZLO4JLUGKDx0wKSBRCTVuWQf7buxq+LLiiZJir8NaDM
RU91HlAzDWU2VmuIxUoWHPmX8tf0gvj6V0+9WcvSz/ahPpn2dDTR8adeG1eGzYr4
pvWNyoUMm3V/eQfeMFEaJHDXahGlnaMTy/FTwAQeDjtkaXZ4VrRj+cggGPc+J19a
tnNmk66lncMgXFuEXV41D8OpMBscXX1XWoHm30461LeZVzdlJjPyB3Vibyt0M9ye
fSt0hd0ZtL0t2B1yYZgMZbUTVqpZIbJmJQkw48rD92I7XXCCEc3bwNvRR7mGmrgt
lFrPA3k8wDNQAoPWTzISRS9UWk3A2ByYet/uQpwS6Y8LkukU29VZUoQo0byJlHh6
hxuM2XAadlL1rwYno80NkVS0KjdDmlV132STqH3cNUvqa3zoyNM=
=oNtC
-----END PGP SIGNATURE-----