[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1738-1] gpsd security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : gpsd
Version        : 3.11-3+deb8u1
CVE ID         : CVE-2018-17937
Debian Bug     : 925327

A security vulnerability was discovered in gpsd, the Global Positioning
System daemon. A stack-based buffer overflow may allow remote attackers
to execute arbitrary code via traffic on port 2947/TCP or crafted JSON
inputs.

For Debian 8 "Jessie", this problem has been fixed in version
3.11-3+deb8u1.

We recommend that you upgrade your gpsd packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlyfgshfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSrShAAjzfp6/lv6/lZr5/a+JQZX7Gtyao9TUo5XqExLz8FnVBDTATAGXqKKZfe
e0Hyk55CRkkzG+Wtab73dbE6axapIJOwjjcIweGWjSZiSOL4tVrAQUI6kKXpq4oD
fgx9eGApwLVtOKfY7yCGSHC7wtyJlkwDfh37u5mIwrwsi+aZhqYjb0ETQR6B4ZKu
RFLnAbTO7lTKdcZx0D/EBMzTRhCFoYmmMlkDz5Z/y4nBraT9Vtjv8dAPYZ12ehKg
Y2n/y1MuhC/xMlTq7XrbpCgK+ioWfzZw5aPXyLKuejgBTx8BtIXx+AS3/dZp9bKW
smQ+z7Ealf9E2YDjHi03nHxeQ+L6WYuRNM6mOsUXXMRiRXOKuYvYhbBoiomJ71YE
9uLTF/KF5y0Tog1n19vt65lfyzJ9mXpClHtm60yxS7/RNbgzsbO2bu23BfeF0Q8G
1t8foqN/XeEIDBLCgBvVJSp/4cKgTdyRvBXFF8IEmrqK2KVE8T7fFG1SK2ybVMlT
Zx8oFULyLOfo3wazHojHkZkyc6xUw7/VWRhqs+cMswPzO7ryUeZM7OphAIsw4Ap+
uBYsGSQbs9byzzmsmodr1VSBsjpqGVJVj12aokktul4TRx5Iu2CfCR7NWxuwve+2
YmP1uxPNTte3u42qxCYezExwD8vCm33Fj8YKB5Ratdu/tUzpfek=
=jcm0
-----END PGP SIGNATURE-----


Reply to: