From c57530e85fc711a11671db4eff080a88d3492b89 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 19 Jan 2026 13:46:11 +0100
Subject: [PATCH] 1:3.26.1-3

Related: CVE-2025-67268 CVE-2025-67269 RHEL-138260 RHEL-138270
---
 gpsd.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/gpsd.spec b/gpsd.spec
index 62a4a31..84aee1f 100644
--- a/gpsd.spec
+++ b/gpsd.spec
@@ -14,7 +14,7 @@
 
 Name:           gpsd
 Version:        3.26.1
-Release:        2%{?dist}
+Release:        3%{?dist}
 Epoch:          1
 Summary:        Service daemon for mediating access to a GPS
 
@@ -382,6 +382,10 @@ rm -rf %{buildroot}%{_docdir}/gpsd
 %{_mandir}/man1/xgpsspeed.1*
 
 %changelog
+* Mon Jan 19 2026 Miroslav Lichvar <mlichvar@redhat.com> - 1:3.26.1-3
+- fix buffer overflow in NMEA2000 driver (CVE-2025-67268)
+- fix integer underflow in handling of Navcom packets (CVE-2025-67269)
+
 * Wed Oct 01 2025 Miroslav Lichvar <mlichvar@redhat.com> - 1:3.26.1-2
 - add support note to package descriptions (RHEL-113507)