Accepted gpsd 3.27.5-0.1 (source) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 17 Jan 2026 16:47:06 +0100
Source: gpsd
Architecture: source
Version: 3.27.5-0.1
Distribution: unstable
Urgency: medium
Maintainer: Boian Bonev <bbonev@ipacct.com>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1124799 1124800
Changes:
 gpsd (3.27.5-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version
   * Fix CVE-2025-67268 (Closes: #1124800).
     gpsd contains a heap-based out-of-bounds write
     vulnerability in the drivers/driver_nmea2000.c file.
     The hnd_129540 function, which handles NMEA2000 PGN 129540
     (GNSS Satellites in View) packets, fails to validate the
     user-supplied satellite count against the size of the skyview
     array (184 elements). This allows an attacker to write beyond
     the bounds of the array by providing a satellite count up
     to 255, leading to memory corruption, Denial of Service (DoS),
     and potentially arbitrary code execution.
   * Fix CVE-2025-67269 (Closes: #1124799).
     An integer underflow vulnerability exists in the `nextstate()`
     function in `gpsd/packet.c`.
     When parsing a NAVCOM packet, the payload length is calculated
     using `lexer->length = (size_t)c - 4` without checking if
     the input byte `c` is less than 4. This results in an unsigned
     integer underflow, setting `lexer->length` to a very large value
     (near `SIZE_MAX`). The parser then enters a loop attempting to
     consume this massive number of bytes, causing 100% CPU utilization
     and a Denial of Service (DoS) condition.
Checksums-Sha1:
 9bc5bda1e4019d3b826719dde48e095878a49afa 3090 gpsd_3.27.5-0.1.dsc
 7569973ae01765772fc224b6bbc78b7acc55618e 4083248 gpsd_3.27.5.orig.tar.xz
 1a99d63fa03149f0162dadb48b705d5e72753d0f 265 gpsd_3.27.5.orig.tar.xz.asc
 bbf72b24d4faa9b25fb471934680b7df2b2a2626 48696 gpsd_3.27.5-0.1.debian.tar.xz
 e45aa404e71efbcd6c03ba734c304bbcb3fa3725 10416 gpsd_3.27.5-0.1_source.buildinfo
Checksums-Sha256:
 bb55cd91c20a232a024907f47d2036eaf7885082b03c6a0e4a963b06a8082a4f 3090 gpsd_3.27.5-0.1.dsc
 dc4a62bad835282bae788772bc7cc8f8bec4c7a48e8dceeb37477a89091c4656 4083248 gpsd_3.27.5.orig.tar.xz
 2d2296be81d59b4591707e3e8889abab972558c9d1adfb60ce31ddbd6a728e2c 265 gpsd_3.27.5.orig.tar.xz.asc
 20d06a871c056374cdcea3a5de454b27b6c8b357bff561ea525e10e9a4532185 48696 gpsd_3.27.5-0.1.debian.tar.xz
 99947428cc7ff4700c1658470c94dfe42cdf9f0a5b4ac897dba187b2513346ca 10416 gpsd_3.27.5-0.1_source.buildinfo
Files:
 2d4effcbb4dec141bb15978e2d1aa908 3090 misc optional gpsd_3.27.5-0.1.dsc
 6e1eaaa4cee79746cfe7a03e50c5868f 4083248 misc optional gpsd_3.27.5.orig.tar.xz
 c6bd7f56abfdbb2e9e07d8192b7a4509 265 misc optional gpsd_3.27.5.orig.tar.xz.asc
 224e5babcef06015fac137b5bac85974 48696 misc optional gpsd_3.27.5-0.1.debian.tar.xz
 ccbe76893e63969aa8978ad596a727ed 10416 misc optional gpsd_3.27.5-0.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmluH3IACgkQADoaLapB
CF9L2A//VMzFUsc8xbD9ISfskLHcRrCGTfJfgr7d25jl+87OEhV2JB2t4yWtx/51
ByCkP7KwfsXX2cnsddopM9U/35+wRhUpWy4UyOVy5x+KY5Z1vl0bAngx3O9qmZTC
LKTov9Xml/RRAIUqYNsaSE2lJ7hmICao5xxad3DFscJsuIN204TLhNdcuoGPR2/g
o/RbVXMkQ8ihaYhlICfOyzTgobtuBsQwSHyWEml/alhJeH8/x/OmNv+mmBBZBiXd
YvJxlzxNyAE8N+yRTUPcDrWrs9tZ4ivt/zJjBTYt2WHTulXWFx8VxF2OlfNGccVp
Qdawlu1slAoGFzW+Mhe5giswCJ91snn2gV8Jrj9IbmM0EyGXjMmJeVGzhylxwncX
MchOx/vUy1au2GI507cV0IVEx9lp8trZB2Tgyu8Ox6BO8sKeYk6bUIVm65ANAYY5
1HXDLBLCQUhWo9bEqPiLACrv6JRXGaqV7zAdSAxXL0ITQZrm07mPKOLmGJz1GraA
FwL/MBXRH48DrYZQHE/sIOZzP1jGsUS9wNm3SZJsee/cjpdo4yeC2KXZoCESDhgG
Trxzdv783xuNzJnJgR1gQ/30FiRAKlwgBHsIAoJJYIFwba1B0bv13BX9EsMIyQnh
TLPam0kXzRqnVO2ZPI26Gdgxwgl327ZZvv2ww+xTGM+lZLTDx/c=
=Rubn
-----END PGP SIGNATURE-----