-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : gpsd Version : 3.11-3+deb8u1 CVE ID : CVE-2018-17937 Debian Bug : 925327
A security vulnerability was discovered in gpsd, the Global Positioning System daemon. A stack-based buffer overflow may allow remote attackers to execute arbitrary code via traffic on port 2947/TCP or crafted JSON inputs. For Debian 8 "Jessie", this problem has been fixed in version 3.11-3+deb8u1. We recommend that you upgrade your gpsd packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlyfgshfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSrShAAjzfp6/lv6/lZr5/a+JQZX7Gtyao9TUo5XqExLz8FnVBDTATAGXqKKZfe e0Hyk55CRkkzG+Wtab73dbE6axapIJOwjjcIweGWjSZiSOL4tVrAQUI6kKXpq4oD fgx9eGApwLVtOKfY7yCGSHC7wtyJlkwDfh37u5mIwrwsi+aZhqYjb0ETQR6B4ZKu RFLnAbTO7lTKdcZx0D/EBMzTRhCFoYmmMlkDz5Z/y4nBraT9Vtjv8dAPYZ12ehKg Y2n/y1MuhC/xMlTq7XrbpCgK+ioWfzZw5aPXyLKuejgBTx8BtIXx+AS3/dZp9bKW smQ+z7Ealf9E2YDjHi03nHxeQ+L6WYuRNM6mOsUXXMRiRXOKuYvYhbBoiomJ71YE 9uLTF/KF5y0Tog1n19vt65lfyzJ9mXpClHtm60yxS7/RNbgzsbO2bu23BfeF0Q8G 1t8foqN/XeEIDBLCgBvVJSp/4cKgTdyRvBXFF8IEmrqK2KVE8T7fFG1SK2ybVMlT Zx8oFULyLOfo3wazHojHkZkyc6xUw7/VWRhqs+cMswPzO7ryUeZM7OphAIsw4Ap+ uBYsGSQbs9byzzmsmodr1VSBsjpqGVJVj12aokktul4TRx5Iu2CfCR7NWxuwve+2 YmP1uxPNTte3u42qxCYezExwD8vCm33Fj8YKB5Ratdu/tUzpfek= =jcm0 -----END PGP SIGNATURE-----
