Back to gpsd PTS page

Accepted gpsd 3.17-6 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted gpsd 3.17-6 (source) into unstable
From: Bernd Zeimetz <bzed@debian.org>
Date: Fri, 05 Apr 2019 22:18:36 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1hCXAS-000DlV-EH@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 05 Apr 2019 23:31:30 +0200
Source: gpsd
Architecture: source
Version: 3.17-6
Distribution: unstable
Urgency: medium
Maintainer: Bernd Zeimetz <bzed@debian.org>
Changed-By: Bernd Zeimetz <bzed@debian.org>
Closes: 925327
Changes:
 gpsd (3.17-6) unstable; urgency=medium
 .
   * [0a8e4e18] Pull json fixes from upstream to fix a stack-based
     buffer overflow, which may allow remote attackers to execute
     arbitrary code on embedded platforms via traffic on Port
     2947/TCP or crafted JSON inputs.
     CVE-2018-17937 / Closes: #925327
     The update also fixes several other json parser bugs.
     - ECMA-404 says JSON \u must have 4 hex digits
     - Allow for \u escapes with fewer than 4 digits.
     - Fail on bad escape string.
   * [71020f4f] Update git-buildpackage config to build from the
     buster branch.
Checksums-Sha1:
 466356a004345d6f7c6dfa59c2dd05012c294143 2573 gpsd_3.17-6.dsc
 c4979dfe9588b0651396e464e5c3ed90224de188 36996 gpsd_3.17-6.debian.tar.xz
 6165a5ab0e41b0f16e087a5fc549300c1bf1acad 13237 gpsd_3.17-6_source.buildinfo
Checksums-Sha256:
 393946eefc2ac406d508200ed721a480214db67bdbe09ab47e5edc22e539f7fd 2573 gpsd_3.17-6.dsc
 0d852cee49266122d925493c0633b5ed1bf84e1ee8b646d4c0a1c94aed29c141 36996 gpsd_3.17-6.debian.tar.xz
 e3327243dba07dfe524bcd800bf06113fec894fe9802d87cd775e3940f7966b4 13237 gpsd_3.17-6_source.buildinfo
Files:
 0e3d936a38543f89fe0f5d196db9b221 2573 misc optional gpsd_3.17-6.dsc
 4775f36adea7284bd76407c17fed2963 36996 misc optional gpsd_3.17-6.debian.tar.xz
 db7a1fd123ac7fb4f2af5fe190fbea1f 13237 misc optional gpsd_3.17-6_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE7KHj8o4RJDLUhd2V6zYXGm/5Q18FAlynzscACgkQ6zYXGm/5
Q18wdw//WqK0sXoGAHSACDOV+ELMsfpG99k7O95M2Ux0rx9Bm/mJYIr21sO1V5pR
xktyojSHW7v1Jd/4CGxFtMEVq1BfTsLc0+mlmP4bEIbNqiUHuE1g3xRNZ6TYTdbx
gu9YGtWnFPzijjj6Fj1UAo21XTTEfkj6jJfT3mj8Spb1uHH0uAKXtocg2wRAREXQ
cxfTSjwlRZj3v2vxTKcDNI6N1aClfBEom570XFOt77ujsEjNCJiRoTgz3n0QHmwr
bmaHD09f0mLD5ton69GCC2AjDnA3+ukXhEPom2HMg8hJcf919LlByTOh043xoGwi
yxnhOY5UK8zHC70R2uYvQSk6VaMUxcz29r3C6kAxM9LVAWxuiRbqblVIuEAKpLi4
cIbuBPCxd/WAMqUg0kcbJVHi/BgOjssfcSuSPYtdCHtzCjyZx88Tp4rh4wRupZaN
ksOKN1L4Fq1xDqv/9nVVsiCh6IwNHPUkWR2N9Ou+Yr6HHOqarWKkvUALCLFDiHU9
3uFOz8BESUF4+eCEVFz4PCe2jyh98xOH4MVRmABOweIvr+ziRcu3KnBE8zyBa2QS
dQt89C8Ws1s0OMzeB1hFGWESK9M83zFa26xqWIki/5F/5hb1oR71MmhUxkKsNKJU
B9HkP87Fc0MU3g1TMP3jip/hdCUJryml/g2DqcXHwut9r/Up7n8=
=BdJV
-----END PGP SIGNATURE-----