USN-5035-1

Source
https://ubuntu.com/security/notices/USN-5035-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5035-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5035-1
Published
2021-08-10T12:03:43Z
Modified
2026-04-22T10:16:57.754365Z
Summary
gpsd vulnerability
Details

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31.

References

Affected packages

Ubuntu:20.04:LTS / gpsd

Package

Name
gpsd
Purl
pkg:deb/ubuntu/gpsd@3.20-8ubuntu0.4?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20-8ubuntu0.4

Affected versions

3.*
3.17-7
3.19-3
3.20-1
3.20-3
3.20-4
3.20-4build1
3.20-5ubuntu1
3.20-6
3.20-8
3.20-8ubuntu0.1
3.20-8ubuntu0.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "gpsd",
            "binary_version": "3.20-8ubuntu0.4"
        },
        {
            "binary_name": "gpsd-clients",
            "binary_version": "3.20-8ubuntu0.4"
        },
        {
            "binary_name": "libgps26",
            "binary_version": "3.20-8ubuntu0.4"
        },
        {
            "binary_name": "libqgpsmm26",
            "binary_version": "3.20-8ubuntu0.4"
        },
        {
            "binary_name": "python3-gps",
            "binary_version": "3.20-8ubuntu0.4"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5035-1.json"
cves_map
{
    "ecosystem": "Ubuntu:20.04:LTS",
    "cves": []
}