os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add EN-14:12, SA-14:24, SA-14:25 and SA-14:26.

Browse source
This commit is contained in:
Dag-Erling Smørgrav 2014-11-05 00:28:45 +00:00
parent 35a4e5ba7f
commit d97869806c
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=45928
18 changed files with 1029 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

139
share/security/advisories/FreeBSD-EN-14:12.zfs.asc Normal file
View file

@ -0,0 +1,139 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-14:12.zfs Errata Notice
The FreeBSD Project
Topic: NFSv4 and ZFS cache consistency issue
Category: contrib
Module: zfs
Announced: 2011-11-04
Credits: Bart Hsiao, Marcelo Araujo, Kevin Buhr
Affects: All supported versions of FreeBSD.
Corrected: 2014-10-07 06:00:09 UTC (stable/10, 10.0-STABLE)
2014-10-15 06:31:08 UTC (releng/10.1, 10.1-RC2)
2014-11-04 23:31:17 UTC (releng/10.0, 10.0-RELEASE-p12)
2014-10-07 06:00:32 UTC (stable/9, 9.3-STABLE)
2014-11-04 23:33:46 UTC (releng/9.3, 9.3-RELEASE-p5)
2014-11-04 23:33:17 UTC (releng/9.2, 9.2-RELEASE-p15)
2014-11-04 23:32:45 UTC (releng/9.1, 9.1-RELEASE-p22)
2014-11-04 23:30:23 UTC (stable/8, 8.4-STABLE)
2014-11-04 23:32:15 UTC (releng/8.4, 8.4-RELEASE-p19)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.
I. Background
The Network File System (NFS) allows a host to export some or all of
its file systems that can be any kind of file systems such like UFS, ZFS
etcetera, so that other hosts can access them over the network and mount
them as if they were on local disks.
II. Problem Description
In a configuration where two or more clients mount a ZFS file system over
NFSv4 from a FreeBSD server, if client1 caches a directory listing and a
file in the directory is renamed on client2, then client1 can end up in
a state where the cached but incorrect directory contents persists indefinitely
and is never updated.
III. Impact
When client2 renames a file or directory, client1 does not receive the
changed attributes and never does a READDIR to get the updated contents.
This could result in a client that has incorrect information about the
actual content of the mounted file system.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your present system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/EN-14:12/zfs.patch
# fetch http://security.FreeBSD.org/patches/EN-14:12/zfs.patch.asc
# gpg --verify zfs.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/zfs.patch
c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r274108
releng/8.4/ r274111
stable/9/ r272677
releng/9.1/ r274112
releng/9.2/ r274113
releng/9.3/ r274114
stable/10/ r272676
releng/10.0/ r274110
releng/10.1/ r273122
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-14:12.zfs.asc
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJUWWUOAAoJEO1n7NZdz2rn9KsQAIw7xhRYGUQ+SwIl6E8Tzodd
bx/VkTLOgcDrGSNqREzkgNeTtWXOXRwibZpBVXl8sglf+WPtZsnGcCALze9CiS14
boesjajpl7znqJ8zDpIU3qMdFsEOB5Ky3KDTQgCMEygAJrOxASGv6TCOT/3e1hRr
Ez0+32dnqooxNRJjHA0t+t+gBszFFLV1PbstpaCOOAsZpmNMtJGbhsydF/aKcK17
dcNaOKjMPB4SDGMx+dcZqS8bToEXfe0lwOGiEDAavVCyMx5zyie2bGfUWEI2bpu5
1VcOtnMxpKlgJdEOIbFI0RXdj4CujLbfwNBnDGLELcCZsPtoWJQZHDmDXK5pkEof
6aOHqqmZrFsI9V81ymVbQYYSHF67ZeRZB3CotC8trQn+tnxK1l0s6KF0FzSHQigU
y1Q1vErOKuzPEcrD7sp7xTS3VAQ1a7/uGY6KcTSrJu7xwrJe8KRNvufokgnzU3D4
X/O/L7TxvjTmTu1T2882mMIrtpALf/tjGwW32ksUnXo6RiwByvaalO9ObEBPYzGQ
C9xG3ggfqhyHDlw21VhCjZF5hQ7xUnBKHjT60LbGMB5llaN1DUN6HRT9rCbeN4gP
5eJalL2x1NLT1XVCBYlq1IhE6vTcnTdVVcGRBJQbPnfqivrDzBfIFzhy/4tc1J7K
IkJAwk+aThuF3j3xnt+z
=lQAP
-----END PGP SIGNATURE-----

160
share/security/advisories/FreeBSD-SA-14:24.sshd.asc Normal file
View file

@ -0,0 +1,160 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-14:24.sshd Security Advisory
The FreeBSD Project
Topic: Denial of service attack against sshd(8)
Category: contrib
Module: openssh
Announced: 2014-11-04
Credits:
Affects: FreeBSD 9.1, 9.2 and 10.0.
Corrected: 2014-05-04 07:28:26 UTC (stable/10, 10.0-STABLE)
2014-11-04 23:31:17 UTC (releng/10.0, 10.0-RELEASE-p12)
2014-05-04 07:57:20 UTC (stable/9, 9.2-STABLE)
2014-11-04 23:33:17 UTC (releng/9.2, 9.2-RELEASE-p15)
2014-11-04 23:32:45 UTC (releng/9.1, 9.1-RELEASE-p22)
CVE Name: CVE-2014-8475
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
OpenSSH is an implementation of the SSH protocol suite, providing an
encrypted and authenticated transport for a variety of services,
including remote shell access. The sshd(8) daemon is the server side
of OpenSSH.
Heimdal is an implementation of Kerberos 5, which provides
authentication and single sign-on capability for many network
services, including OpenSSH.
II. Problem Description
Although OpenSSH is not multithreaded, when OpenSSH is compiled with
Kerberos support, the Heimdal libraries bring in the POSIX thread
library as a dependency. Due to incorrect library ordering while
linking sshd(8), symbols in the C library which are shadowed by the
POSIX thread library may not be resolved correctly at run time.
Note that this problem is specific to the FreeBSD build system and
does not affect other operating systems or the version of OpenSSH
available from the FreeBSD ports tree.
III. Impact
An incorrectly linked sshd(8) child process may deadlock while
handling an incoming connection. The connection may then time out or
be interrupted by the client, leaving the deadlocked sshd(8) child
process behind. Eventually, the sshd(8) parent process stops
accepting new connections.
An attacker may take advantage of this by repeatedly connecting and
then dropping the connection after having begun, but not completed,
the authentication process.
IV. Workaround
Possible workarounds include rebuilding sshd with Kerberos support
disabled or installing the security/openssh-portable package from the
FreeBSD ports tree or an official package repository.
Systems that do not run an OpenSSH server are not affected.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/SA-14:24/sshd.patch
# fetch http://security.FreeBSD.org/patches/SA-14:24/sshd.patch.asc
# gpg --verify sshd.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/sshd.patch
c) Recompile sshd. Execute the following commands as root:
# cd /usr/src/secure/usr.sbin/sshd
# make && make install
4) Restart the affected service
To restart the affected service after updating the system, either
reboot the system or execute the following command as root:
# service sshd restart
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/9/ r265314
releng/9.1/ r274112
releng/9.2/ r274113
stable/10/ r265313
releng/10.0/ r274110
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<other info on vulnerability>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8475>
The latest revision of this advisory is available at
<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:24.sshd.asc>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJUWWlZAAoJEO1n7NZdz2rn4UEP/0VdM6uSHWyQSOzO+kuDxRfT
wru9+yjCB4NJtFzvBLe8eeiUDiTqJaTfrAGbbr9l5qkRXvTaUzWyaHyraLN4nK51
/ouxKzxxrqf0YDpYQPIUwCVmkoLn/+0T3U7sB78bx5WH4W1XoKKWIkChCyZpVvBI
vw6A5Ep4+U6mTGXE2D04WQISkKXYqzCuW0rJBnm0xDj9xUprgZJ7tTSx/ewAiA/L
FV37riqb8OII8lThV7g0s0F0JWDUf+AznG/S7amior0jMMSExdafifcvHEUZNs72
4cYh66p/GxeImU2Tm3VDRlfoAv86kUFwIevwD4oj5wXa7aBMdUwPITyQJ0We68gj
3kMBpJaZAJ7DpwYuCu7/RF7K4Irt3mSJJipS3IvI2LteHCakZBIUlbrPJrcfMl4P
VJQU3v4HLH5XZskuR5UEJ755DT+7ZMd7tFl0iWFVsutwjf/bn2u0rtfdcpOerAub
0gYGzPcC9dzBM5OHZdo1wwmZu56jRpddmQ/nc94Wsmm7Nw2ibd9YZpU88LCqR7xa
jsW+F/+napKvsBXqAHTlmJ87oJUSruYS+K/dKbGvCDIjBTjsNu3HqMNS5g4vG+GR
MazlN8Vrg6zVx11ESzFiIJBAgLLNfRgXNFNSPY3NMuMYiS7q0QwGkQlWBb5bmiB8
FlP/B/8bn/171n5RfarG
=mry5
-----END PGP SIGNATURE-----

153
share/security/advisories/FreeBSD-SA-14:25.setlogin.asc Normal file
View file

@ -0,0 +1,153 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-14:25.setlogin Security Advisory
The FreeBSD Project
Topic: Kernel stack disclosure in setlogin(2) / getlogin(2)
Category: core
Module: kernel
Announced: 2014-11-04
Credits: Mateusz Guzik
Affects: All supported versions of FreeBSD.
Corrected: 2014-11-04 23:29:57 UTC (stable/10, 10.1-PRERELEASE)
2014-11-04 23:34:46 UTC (releng/10.1, 10.1-RC4-p1)
2014-11-04 23:34:46 UTC (releng/10.1, 10.1-RC3-p1)
2014-11-04 23:34:46 UTC (releng/10.1, 10.1-RC2-p3)
2014-11-04 23:31:17 UTC (releng/10.0, 10.0-RELEASE-p12)
2014-11-04 23:30:47 UTC (stable/9, 9.3-STABLE)
2014-11-04 23:33:46 UTC (releng/9.3, 9.3-RELEASE-p5)
2014-11-04 23:33:17 UTC (releng/9.2, 9.2-RELEASE-p15)
2014-11-04 23:32:45 UTC (releng/9.1, 9.1-RELEASE-p22)
2014-11-04 23:30:23 UTC (stable/8, 8.4-STABLE)
2014-11-04 23:32:15 UTC (releng/8.4, 8.4-RELEASE-p19)
CVE Name: CVE-2014-8476
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
The setlogin(2) system call sets the login name of the user associated
with the current session. The getlogin(2) routine returns the login name
of the user associated with the current session, as previously set by
setlogin(2).
II. Problem Description
When setlogin(2) is called while setting up a new login session, the
login name is copied into an uninitialized stack buffer, which is then
copied into a buffer of the same size in the session structure. The
getlogin(2) system call returns the entire buffer rather than just the
portion occupied by the login name associated with the session.
III. Impact
An unprivileged user can access this memory by calling getlogin(2) and
reading beyond the terminating NUL character of the resulting string.
Up to 16 (FreeBSD 8) or 32 (FreeBSD 9 and 10) bytes of kernel memory
may be leaked in this manner for each invocation of setlogin(2).
This memory may contain sensitive information, such as portions of the
file cache or terminal buffers, which an attacker might leverage to
obtain elevated privileges.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 9.1]
# fetch http://security.FreeBSD.org/patches/SA-14:25/setlogin-91.patch
# fetch http://security.FreeBSD.org/patches/SA-14:25/setlogin-91.patch.asc
# gpg --verify setlogin-91.patch.asc
[All other versions]
# fetch http://security.FreeBSD.org/patches/SA-14:25/setlogin.patch
# fetch http://security.FreeBSD.org/patches/SA-14:25/setlogin.patch.asc
# gpg --verify setlogin.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r274108
releng/8.4/ r274111
stable/9/ r274109
releng/9.1/ r274112
releng/9.2/ r274113
releng/9.3/ r274114
stable/10/ r274107
releng/10.0/ r274110
releng/10.1/ r274115
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8476>
The latest revision of this advisory is available at
<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJUWWUQAAoJEO1n7NZdz2rnI0IP/RlwFhOJgr9CHdKg5SYsruSQ
LG6z0ufgUETIkeXP1KGm6oYz0X8hpU2Q+MIE5urrPbGYL4Ouo/1oCiwGkBPh4xM/
L2Z/qIBxmfG/NaRK8PnGSXzlCc02XGnqf9Y6CJN1sIkwrptop02y9sgaLsqLy7K6
s/YvQ1fe5FT6TV9Nr9l6OwKkVAYa1Ba+JUnklVBWA2eZkLa6YOUlY25w9alqTMVQ
Z4oaLHCnGradKdaKKk0NOOYv0ZGHjkp/Lwd9ja8wyW0K+R1aef9Z5tWloVWQBeJ8
gzxeA/JpfRtb0lYj2GIpny6znP/lzkEve42No6xDdmUr4Wp0b5hN2qGgwwgEFSIo
2kFVwMkRlK1JsD0U+VK8AxP4neJFECw3t0zWTUr3BMnxoOEG6O1nIU0T6Ru8/K0b
aIc/G8TiOxOaXHuiWJhR1p9cblGlz7HnFSAmM6vN0O4DBcX7xwr/ndDl/6npvkmt
biB+hXZK0Ega8X9LsZ5injDo0FZ4XNIyEOy4/QOeJW4kJQv0Oh14cYSU6cM/yfaU
tJ7M6WYnFS8G+0e03auM1XVeu2oxyR0ry1IC7xS4O9N4m+8nE7DlRU8okhQRXiFB
iCmzO1XmOTK0zygtS34bDaOuey3U0yFG4O5wMKrAkMeQ9jPogyt99ZzIk3L3UPqZ
xcWRhKahyz9umrzsssOL
=xiWR
-----END PGP SIGNATURE-----

151
share/security/advisories/FreeBSD-SA-14:26.ftp.asc Normal file
View file

@ -0,0 +1,151 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-14:26.ftp Security Advisory
The FreeBSD Project
Topic: Remote command execution in ftp(1)
Category: core
Module: ftp
Announced: 2014-11-04
Credits: Jared McNeill, Alistair Crooks
Affects: All supported versions of FreeBSD.
Corrected: 2014-11-04 23:29:57 UTC (stable/10, 10.1-PRERELEASE)
2014-11-04 23:34:46 UTC (releng/10.1, 10.1-RC4-p1)
2014-11-04 23:34:46 UTC (releng/10.1, 10.1-RC3-p1)
2014-11-04 23:34:46 UTC (releng/10.1, 10.1-RC2-p3)
2014-11-04 23:31:17 UTC (releng/10.0, 10.0-RELEASE-p12)
2014-11-04 23:30:47 UTC (stable/9, 9.3-STABLE)
2014-11-04 23:33:46 UTC (releng/9.3, 9.3-RELEASE-p5)
2014-11-04 23:33:17 UTC (releng/9.2, 9.2-RELEASE-p15)
2014-11-04 23:32:45 UTC (releng/9.1, 9.1-RELEASE-p22)
2014-11-04 23:30:23 UTC (stable/8, 8.4-STABLE)
2014-11-04 23:32:15 UTC (releng/8.4, 8.4-RELEASE-p19)
CVE Name: CVE-2014-8517
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
The ftp(1) userland utility is an interactive FTP client. It can also
be used non-interactively, by providing a URL on the command line. In
this mode, it supports HTTP in addition to FTP.
II. Problem Description
A malicious HTTP server could cause ftp(1) to execute arbitrary
commands.
III. Impact
When operating on HTTP URIs, the ftp(1) client follows HTTP redirects,
and uses the part of the path after the last '/' from the last
resource it accesses as the output filename if '-o' is not specified.
If the output file name provided by the server begins with a pipe
('|'), the output is passed to popen(3), which might be used to
execute arbitrary commands on the ftp(1) client machine.
IV. Workaround
No workaround is available. Users are encouraged to replace ftp(1) in
non-interactive use by either fetch(1) or a third-party client such as
curl or wget.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 8]
# fetch http://security.FreeBSD.org/patches/SA-14:26/ftp-8.patch
# fetch http://security.FreeBSD.org/patches/SA-14:26/ftp-8.patch.asc
# gpg --verify ftp-8.patch.asc
[All other versions]
# fetch http://security.FreeBSD.org/patches/SA-14:26/ftp.patch
# fetch http://security.FreeBSD.org/patches/SA-14:26/ftp.patch.asc
# gpg --verify ftp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile ftp. Execute the following commands as root:
# cd /usr/src/usr.bin/ftp
# make && make install
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r274108
releng/8.4/ r274111
stable/9/ r274109
releng/9.1/ r274112
releng/9.2/ r274113
releng/9.3/ r274114
stable/10/ r274107
releng/10.0/ r274110
releng/10.1/ r274115
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517>
The latest revision of this advisory is available at
<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:26.ftpd.asc>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJUWWUQAAoJEO1n7NZdz2rnhUwP+wQKrgKs6lRk6Yl4UtRyEwyG
BHGkA62oaQbehuccahjQgIcLTk3Vp3AalXtSQpdyWJktHiYrFwBnheW/IrhJ6bMS
dpJv3yqqQtSED9sADf+GAvxV6TG9bknq/RDxXKpsQ/MocYbiVxz/3nDOMz9CB7ep
saDttvGHW7RUmNoKL70pgItGapiVuBzMF01PCZ2SmFiJHYi7BoiJwm72Y1NLU8YE
TkiX2ZAoTVMN5/R3DW38HyVCyeY2tMTHSdQXRSYjwzJ0gEbBPWMPQyB1SAa8dtk5
j54KFNOBoaXMjd3USqFgo0fduU3rGZp5PwITTx5Rx5Ixtz2vHddyOISV0RcjA0cq
TWDwBGlKET7qZ1j7nHTgy4U4wMTWFbkjjqEY+RHYywaAmy8ACDmEUci8d3fWKWVY
d4y8RCvBrlnFVjmNiNcBc5XFXxY0Ra3BQ8C/VE0k0ZFuzmFUCi+DJZDR2Gtl0R9Q
1hAdj+yOJo46ylHPiSyoBZmsRZccV1a81phOPe0mPR84BvzNvBsdI+EFIJWi+5bw
bjuSM8YCOHrlGkqh9h9+BizvLfJFpjUSglwzPmOfRpTv59XJpc6D1Hia+uICTEfd
lSiJgDZ6enozY7QVoiO7G/ycyQCVe7Ehwywx/dpWXVpva85tn4Xl2khBCiPNbBBo
xnPjqxmwGK+4uegsO6CY
=QT3h
-----END PGP SIGNATURE-----