[SECURITY] Fedora 28 Update: gpsd-3.17-6.fc28

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-3ee66c2020 2019-03-06 15:27:20.805958 -------------------------------------------------------------------------------- Name : gpsd Product : Fedora 28 Version : 3.17 Release : 6.fc28 URL : http://catb.org/gpsd/ Summary : Service daemon for mediating access to a GPS Description : gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications (such as navigational and war-driving software) can share access to a GPS without contention or loss of data. Also, gpsd responds to queries with a format that is substantially easier to parse than NMEA 0183. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2018-17937 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 25 2019 Miroslav Lichvar <mlichvar(a)redhat.com&gt; - 3.17-6 - fix buffer overflow in JSON parser (CVE-2018-17937) * Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 3.17-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com&gt; - 3.17-4 - Rebuilt for Python 3.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1679311 - gpsd: Stack-based buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1679311 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-3ee66c2020' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------