Source: gpsd Severity: important Tags: security patch Hi,
the following vulnerability was published for gpsd. CVE-2013-2038[0]: DoS (packet parser crash) in the AIS driver when processing malformed packet If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. Patches referenced by upstream developer and detailed explanation can be found at [1,2,3]. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2038 http://security-tracker.debian.org/tracker/CVE-2013-2038 [1] http://marc.info/?l=oss-security&m=136753549732442&w=2 [2] http://git.savannah.gnu.org/cgit/gpsd.git/commit/?id=dd9c3c2830cb8f8fd8491ce68c82698dc5538f50 [3] http://git.savannah.gnu.org/cgit/gpsd.git/commit/?id=08edc49d8f63c75bfdfb480b083b0d960310f94f Please adjust the affected versions in the BTS as needed. @Bernd: I have not (yet) further investigated, only looked at current code to see if above match. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
