Hi Bernd, On Fri, Mar 29, 2019 at 10:54:50PM +0100, Bernd Zeimetz wrote: > Hi Salvatore, > > > The following vulnerability was published for gpsd, not competely sure > > on severity and on if the referenced upstream commit is enough. > > Ideally though the fix seems ideal to go to buster. > > I've tried to get more information out of Upstream, but did not get a > reply yet. So I'll prepare an upload with the mentioned commit. Looking > trough the commit logs from gpsd it seems to be the only relevant one.
Ack thank you for investigating, I was neither more successfull to determine if that's enough. Cc;ing the security team alias, if anyone has more ideas. Thanks for your work! Salvatore
