-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 17 Jan 2026 17:51:45 +0100
Source: gpsd
Binary: gpsd gpsd-clients gpsd-clients-dbgsym gpsd-dbgsym gpsd-tools gpsd-tools-dbgsym libgps-dev libgps30t64 libgps30t64-dbgsym libqgpsmm-dev libqgpsmm30t64 libqgpsmm30t64-dbgsym python3-gps python3-gps-dbgsym
Architecture: s390x
Version: 3.25-5+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 gpsd       - Global Positioning System - daemon
 gpsd-clients - Global Positioning System - clients
 gpsd-tools - Global Positioning System - tools
 libgps-dev - Global Positioning System - development files
 libgps30t64 - Global Positioning System - library
 libqgpsmm-dev - Global Positioning System - Qt wrapper for libgps (development)
 libqgpsmm30t64 - Global Positioning System - Qt wrapper for libgps
 python3-gps - Global Positioning System - Python 3 libraries
Closes: 1124799 1124800
Changes:
 gpsd (3.25-5+deb13u1) trixie; urgency=medium
 .
   * Non-Maintainer Upload by LTS team
   * Add salsa CI for trixie
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 b6e496f4bad1040beb20d42cc875decf886e9b81 1982588 gpsd-clients-dbgsym_3.25-5+deb13u1_s390x.deb
 c9402831b5f85d69372af069a687888e9dd8ace5 497388 gpsd-clients_3.25-5+deb13u1_s390x.deb
 b2b1bdeb3c546146a3c9d49c8be4cc2d6c385638 2355536 gpsd-dbgsym_3.25-5+deb13u1_s390x.deb
 141bfcce34200f924d3a4b31472dbec62aa32f19 1614016 gpsd-tools-dbgsym_3.25-5+deb13u1_s390x.deb
 8aa3af13f5507d34b4b90bd0e729e573e57d139f 333984 gpsd-tools_3.25-5+deb13u1_s390x.deb
 e43e9a65deb7027b8a8e050219066a0f817c3265 20459 gpsd_3.25-5+deb13u1_s390x-buildd.buildinfo
 1adb87bd47a4a49ccf9e4dbec38237e05df85f76 408492 gpsd_3.25-5+deb13u1_s390x.deb
 872cb57a4227b98bf69ddb436c4a4e9630e18af3 144800 libgps-dev_3.25-5+deb13u1_s390x.deb
 fd77fb7d67e82f975089000521876951f88aab78 170968 libgps30t64-dbgsym_3.25-5+deb13u1_s390x.deb
 d5d833e77903cd1e558ec488cca1793e3006f713 84648 libgps30t64_3.25-5+deb13u1_s390x.deb
 d7aa326f8df32715c0b3854ecd11e98edb2b7ba7 34160 libqgpsmm-dev_3.25-5+deb13u1_s390x.deb
 5973174abe5fbba4bc3c5c66c9d798e3981cbbf7 401664 libqgpsmm30t64-dbgsym_3.25-5+deb13u1_s390x.deb
 7e7aa9c2040c46647420e282c05b27508f5b2c5b 86592 libqgpsmm30t64_3.25-5+deb13u1_s390x.deb
 2e256bd38c556ad29601c524549e754549cc1877 64480 python3-gps-dbgsym_3.25-5+deb13u1_s390x.deb
 7caa8a33afcf8158e7bba23feb85f95a9dcf52ed 152328 python3-gps_3.25-5+deb13u1_s390x.deb
Checksums-Sha256:
 30489a57fa67b979cbd3fca087052742e4cc3e17519f658f55eee3b7e9da2f1c 1982588 gpsd-clients-dbgsym_3.25-5+deb13u1_s390x.deb
 68306801f3e8528bfd07122740fd740c8ca1770ac0929404473beb0b564566b6 497388 gpsd-clients_3.25-5+deb13u1_s390x.deb
 c35c82d2eec19ac973cd93eeba8266db4ff5e5537abe0776940e6010e0b300c2 2355536 gpsd-dbgsym_3.25-5+deb13u1_s390x.deb
 b7a180a2c3e85dcf8de02edb1fb9e78c23ddc75e75d5ce0646b5cc94bdd1d83a 1614016 gpsd-tools-dbgsym_3.25-5+deb13u1_s390x.deb
 9638be8dd7102ea7bba5cd21bc3f813c0e891bf2f84370a8c63994436fdec718 333984 gpsd-tools_3.25-5+deb13u1_s390x.deb
 835823e13fa52561a247cd843e2dba0489a4251f31f45d59d0506af30ffd712a 20459 gpsd_3.25-5+deb13u1_s390x-buildd.buildinfo
 d596df8d20c490589aaa5a7b5da1ff22f8e1868653358e4d738ce47244e0e636 408492 gpsd_3.25-5+deb13u1_s390x.deb
 d24d6ecd0c4e3bf08c041a313e68248636c8099913e89cea86d169ada6faf5f0 144800 libgps-dev_3.25-5+deb13u1_s390x.deb
 f3249a0bd69059456b50a0e9f7aff1780f5a9e5f774188abe3a7d7fa30913132 170968 libgps30t64-dbgsym_3.25-5+deb13u1_s390x.deb
 71a876c706203dba2f2ea85fd856b5c0aaa947eebd733914babd6d3537a81351 84648 libgps30t64_3.25-5+deb13u1_s390x.deb
 5bbe770cf98156d593ff0a589512cdaba3b045ac75aec7aa504fd4e255f49fde 34160 libqgpsmm-dev_3.25-5+deb13u1_s390x.deb
 c3e13f50917190050a6216ef4a716ef0be10527bdb13e5bdc67df5cccc8dfe7b 401664 libqgpsmm30t64-dbgsym_3.25-5+deb13u1_s390x.deb
 d9f274327437755f76d79c0b1fe7e70c2e86fd7a6706cf4e7e5b44516c2ffe89 86592 libqgpsmm30t64_3.25-5+deb13u1_s390x.deb
 b41c6091b545e77ed1eefef080706158d669698a252c08fb3d6b09c1046decbc 64480 python3-gps-dbgsym_3.25-5+deb13u1_s390x.deb
 0e0452c919373e068ec8e5a2c7f0e3effcbe31ac588e75fc0b1fe23b432bf9ae 152328 python3-gps_3.25-5+deb13u1_s390x.deb
Files:
 5123781262116e43fce8e2ca52fc77dc 1982588 debug optional gpsd-clients-dbgsym_3.25-5+deb13u1_s390x.deb
 ba312d4a080152a3dae5351924424272 497388 misc optional gpsd-clients_3.25-5+deb13u1_s390x.deb
 b58fd7547d8953c4bc7e5b8e69891a7f 2355536 debug optional gpsd-dbgsym_3.25-5+deb13u1_s390x.deb
 5dd19c54981f053992779d7507413224 1614016 debug optional gpsd-tools-dbgsym_3.25-5+deb13u1_s390x.deb
 824c66b5001543eca87a4da71d291de1 333984 misc optional gpsd-tools_3.25-5+deb13u1_s390x.deb
 febaa88d8d02c18a6ba2f33e35d59377 20459 misc optional gpsd_3.25-5+deb13u1_s390x-buildd.buildinfo
 229ff74026cbef025b8eb671ddfe9cc5 408492 misc optional gpsd_3.25-5+deb13u1_s390x.deb
 3736549c02ff7bf752e188fe2ef03d1c 144800 libdevel optional libgps-dev_3.25-5+deb13u1_s390x.deb
 88fa5b5a02d0bc6f8f9a359df9f272e5 170968 debug optional libgps30t64-dbgsym_3.25-5+deb13u1_s390x.deb
 741e49217b1e69b6e9374c3459e3a06d 84648 libs optional libgps30t64_3.25-5+deb13u1_s390x.deb
 f7f7a7b66b93df1dc3ff22485cd471b9 34160 libdevel optional libqgpsmm-dev_3.25-5+deb13u1_s390x.deb
 5aab8a1302beb6052c9a82c3ca227f5c 401664 debug optional libqgpsmm30t64-dbgsym_3.25-5+deb13u1_s390x.deb
 7b53099d39abdb81463df40e0d6dbe44 86592 libs optional libqgpsmm30t64_3.25-5+deb13u1_s390x.deb
 f2717660df78caa886d4bbdf8a56a69f 64480 debug optional python3-gps-dbgsym_3.25-5+deb13u1_s390x.deb
 9f9a35c3cc3f4dd27bf16f98ae207e07 152328 python optional python3-gps_3.25-5+deb13u1_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgh4msZ+e2PZfd5KckaCrxAR3BY0FAmmkaPAACgkQkaCrxAR3
BY25bQ//Z3Aai3OJ8YujN08gbnNyLFfCfPAW0giyTymOTx/KPX75PreYMiCnBSHY
MF5YJp62dbIyigD14A7S6dgD9oIRlUfWZRw700UeJPway45pX7TweEG87ouVLVaB
UiOE8lIgG6+0NfWSaSDJQD+I0YQPghlbWdehvtznmlCorhsdd5rdlWZ9xdcfOHh3
STy58jTOkrAH8Omme+OluqIC6tY4qic35ijXDw+eU0lXom9Dmw+/AJ3NgYcu/9qu
/qaBjwCe99GAP7iZz9ICsVJ9ZuiWgk4utir9EvDcldXaAAjFsdXInxXag29dGOwc
7m5urT/nmiWhai3vKlBUc7ItCez51cs3BJUFPNOjj8FWtTDzB4UhiYvSeGWWkZJv
JZt5rWO1jJQ34MNjT4yaFHy5ik3BgOb1NpIEmsTpicOH8/lrBUWQDTj1tqr79TWe
6mXwMknc2BYsxSSvj7oc6D/Yyf3hgf6XbSrm0Flu3sHvmxEUFd0bmd8qnW8ECt57
aHHnkQauiqCFYlUrCEofLla5UcFKuxoq761AJu3IEAvbZIXVFE664hD2/g8so8F7
UjLXaSSt2OxXv+e0/FhNvr6H8/xCnKyXJV2LpM3ezqAVc8Kt+ijcikwnKSF0lZEH
DA4sxULO1GVPyk6ZIlKiYVSa6aGoA3eyKDhqreqtRwHkweo+LPE=
=8jLD
-----END PGP SIGNATURE-----