Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2010.0692 Moderate: Red Hat Certificate System 7.3 security update 6 August 2010 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Certificate System 7.3 Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 4 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Execute Arbitrary Code/Commands -- Existing Account Access Privileged Data -- Remote with User Interaction Modify Arbitrary Files -- Remote with User Interaction Cross-site Scripting -- Remote with User Interaction Denial of Service -- Remote with User Interaction Denial of Service -- Existing Account Provide Misleading Information -- Remote with User Interaction Read-only Data Access -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2010-0434 CVE-2010-0407 CVE-2009-4902 CVE-2009-4901 CVE-2009-3095 CVE-2009-3094 CVE-2009-2412 CVE-2009-1956 CVE-2009-1955 CVE-2009-1891 CVE-2009-0580 CVE-2009-0033 CVE-2009-0023 CVE-2008-5515 CVE-2008-2939 CVE-2008-2370 CVE-2008-2364 CVE-2008-1927 CVE-2008-1232 CVE-2008-0128 CVE-2008-0005 CVE-2007-6388 CVE-2007-5461 CVE-2007-5333 CVE-2007-5116 CVE-2007-5000 CVE-2007-4465 CVE-2007-3847 CVE-2007-3385 CVE-2007-3382 CVE-2007-3304 CVE-2007-1863 CVE-2007-1358 CVE-2007-1349 CVE-2007-0450 CVE-2006-5752 CVE-2006-3918 CVE-2006-3835 CVE-2005-3510 CVE-2005-2090 Reference: ESB-2010.0620 ESB-2010.0277 ESB-2009.1515 ESB-2009.0576 ESB-2009.0530 ESB-2009.0155 ESB-2008.1036 ESB-2008.0941 ESB-2008.0901 ESB-2008.0624 ESB-2008.0071 ESB-2008.0056 ESB-2007.0866 ESB-2007.0843 ESB-2007.0726 ESB-2007.0468 ESB-2007.0444 ESB-2007.0417 ESB-2007.0339 ESB-2007.0319 ESB-2006.0567 ESB-2006.0175 ESB-2010.0527.2 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2010-0602.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Certificate System 7.3 security update Advisory ID: RHSA-2010:0602-02 Product: Red Hat Certificate System Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0602.html Issue date: 2010-08-04 CVE Names: CVE-2005-2090 CVE-2005-3510 CVE-2006-3835 CVE-2006-3918 CVE-2006-5752 CVE-2007-0450 CVE-2007-1349 CVE-2007-1358 CVE-2007-1863 CVE-2007-3304 CVE-2007-3382 CVE-2007-3385 CVE-2007-3847 CVE-2007-4465 CVE-2007-5000 CVE-2007-5116 CVE-2007-5333 CVE-2007-5461 CVE-2007-6388 CVE-2008-0005 CVE-2008-0128 CVE-2008-1232 CVE-2008-1927 CVE-2008-2364 CVE-2008-2370 CVE-2008-2939 CVE-2008-5515 CVE-2009-0023 CVE-2009-0033 CVE-2009-0580 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 CVE-2009-2412 CVE-2009-3094 CVE-2009-3095 CVE-2009-4901 CVE-2010-0407 CVE-2010-0434 ===================================================================== 1. Summary: Updated packages that fix multiple security issues and rebase various components are now available for Red Hat Certificate System 7.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Certificate System 7.3 for 4AS - i386, noarch, x86_64 Red Hat Certificate System 7.3 for 4ES - i386, noarch, x86_64 3. Description: Red Hat Certificate System (RHCS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. Multiple buffer overflow flaws were discovered in the way the pcscd daemon, a resource manager that coordinates communications with smart card readers and smart cards connected to the system, handled client requests. A local user could create a specially-crafted request that would cause the pcscd daemon to crash or, possibly, execute arbitrary code. (CVE-2010-0407, CVE-2009-4901) This erratum updates the Tomcat component shipped as part of Red Hat Certificate System to version 5.5.23, to address multiple security issues. In a typical operating environment, Tomcat is not exposed to users of Certificate System in a vulnerable manner. These security updates will reduce risk in unique Certificate System environments. (CVE-2005-2090, CVE-2005-3510, CVE-2006-3835, CVE-2007-0450, CVE-2007-1358, CVE-2007-3382, CVE-2007-3385, CVE-2007-5461, CVE-2007-5333, CVE-2008-0128, CVE-2008-1232, CVE-2008-2370, CVE-2008-5515, CVE-2009-0033, CVE-2009-0580) This erratum provides updated versions of the following components, required by the updated Tomcat version: ant, avalon-logkit, axis, classpathx-jaf, classpathx-mail, geronimo-specs, jakarta-commons-modeler, log4j, mx4j, xerces-j2, and xml-commons. A number of components have been updated to fix security issues for users of Red Hat Certificate System for the Solaris operating system. These fixes are for apr issue CVE-2009-2412; apr-util issues CVE-2009-0023, CVE-2009-1955, CVE-2009-1956, and CVE-2009-2412; httpd issues CVE-2006-3918, CVE-2006-5752, CVE-2007-1863, CVE-2007-3304, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2008-2364, CVE-2008-2939, CVE-2009-1891, CVE-2009-3094, CVE-2009-3095, and CVE-2010-0434; mod_perl issue CVE-2007-1349; and perl issues CVE-2007-5116 and CVE-2008-1927. Note: Updated apr, apr-util, httpd, mod_perl, and perl packages were previously available to users of Red Hat Certificate System for Red Hat Enterprise Linux via the Red Hat Enterprise Linux 4 channels on the Red Hat Network. Additionally, the rhpki-ca, rhpki-kra, rhpki-ocsp, rhpki-tks, rhpki-java-tools, and rhpki-native-tools packages were updated to address some anomalous behavior on the Solaris operating system. (BZ#600513, BZ#605760) As well, this update provides an updated rhpki-manage package, which includes installation and uninstall scripts for Red Hat Certificate System that have been updated with the list of packages required by the Tomcat component, and an updated dependency on the NSS and NSPR packages. All users of Red Hat Certificate System are advised to upgrade to these updated packages, which correct these issues. Refer to the Red Hat Certificate System Administration Guide, linked to in the References, for details on how to install the updated packages on the Solaris operating system. After installing this update, all Red Hat Certificate System subsystems must be restarted ("/etc/init.d/[instance-name] restart") for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 200732 - CVE-2006-3918 Expect header XSS 237079 - CVE-2005-2090 tomcat multiple content-length header poisioning 237080 - CVE-2007-0450 tomcat directory traversal 237084 - CVE-2006-3835 tomcat directory listing issue 237085 - CVE-2005-3510 tomcat DoS 240423 - CVE-2007-1349 mod_perl PerlRun denial of service 244658 - CVE-2007-1863 httpd mod_cache segfault 244803 - CVE-2007-1358 tomcat accept-language xss flaw 245111 - CVE-2007-3304 httpd scoreboard lack of PID protection 245112 - CVE-2006-5752 httpd mod_status XSS 247972 - CVE-2007-3382 tomcat handling of cookies 247976 - CVE-2007-3385 tomcat handling of cookie values 250731 - CVE-2007-3847 httpd out of bounds read 289511 - CVE-2007-4465 mod_autoindex XSS 323571 - CVE-2007-5116 perl regular expression UTF parsing errors 333791 - CVE-2007-5461 Absolute path traversal Apache Tomcat WEBDAV 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427739 - CVE-2008-0005 mod_proxy_ftp XSS 427766 - CVE-2007-5333 Improve cookie parsing for tomcat5 429821 - CVE-2008-0128 tomcat5 SSO cookie login information disclosure 443928 - CVE-2008-1927 perl: heap corruption by regular expressions with utf8 characters 451615 - CVE-2008-2364 httpd: mod_proxy_http DoS via excessive interim responses from the origin server 457597 - CVE-2008-1232 tomcat: Cross-Site-Scripting enabled by sendError call 457934 - CVE-2008-2370 tomcat RequestDispatcher information disclosure vulnerability 458250 - CVE-2008-2939 httpd: mod_proxy_ftp globbing XSS 493381 - CVE-2009-0033 tomcat6 Denial-Of-Service with AJP connection 503928 - CVE-2009-0023 apr-util heap buffer underwrite 503978 - CVE-2009-0580 tomcat6 Information disclosure in authentication classes 504390 - CVE-2009-1956 apr-util single NULL byte buffer overflow 504555 - CVE-2009-1955 apr-util billion laughs attack 504753 - CVE-2008-5515 tomcat request dispatcher information disclosure vulnerability 509125 - CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in mod_deflate 515698 - CVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management 521619 - CVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply 522209 - CVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header 570171 - CVE-2010-0434 httpd: request header information leak 596426 - CVE-2009-4901 CVE-2009-4902 CVE-2010-0407 pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages 6. Package List: Red Hat Certificate System 7.3 for 4AS: Source: ant-1.6.5-1jpp_1rh.src.rpm avalon-logkit-1.2-2jpp_4rh.src.rpm axis-1.2.1-1jpp_3rh.src.rpm classpathx-jaf-1.0-2jpp_6rh.src.rpm classpathx-mail-1.1.1-2jpp_8rh.src.rpm geronimo-specs-1.0-0.M4.1jpp_10rh.src.rpm jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm log4j-1.2.12-1jpp_1rh.src.rpm mx4j-3.0.1-1jpp_4rh.src.rpm pcsc-lite-1.3.3-3.el4.src.rpm tomcat5-5.5.23-0jpp_4rh.16.src.rpm xerces-j2-2.7.1-1jpp_1rh.src.rpm xml-commons-1.3.02-2jpp_1rh.src.rpm i386: pcsc-lite-1.3.3-3.el4.i386.rpm pcsc-lite-debuginfo-1.3.3-3.el4.i386.rpm pcsc-lite-doc-1.3.3-3.el4.i386.rpm pcsc-lite-libs-1.3.3-3.el4.i386.rpm rhpki-native-tools-7.3.0-6.el4.i386.rpm noarch: ant-1.6.5-1jpp_1rh.noarch.rpm avalon-logkit-1.2-2jpp_4rh.noarch.rpm axis-1.2.1-1jpp_3rh.noarch.rpm classpathx-jaf-1.0-2jpp_6rh.noarch.rpm classpathx-mail-1.1.1-2jpp_8rh.noarch.rpm geronimo-ejb-2.1-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-1.4-apis-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-connector-1.5-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-deployment-1.1-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-management-1.0-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-jms-1.1-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-jsp-2.0-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-jta-1.0.1B-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-servlet-2.4-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-specs-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-specs-javadoc-1.0-0.M4.1jpp_10rh.noarch.rpm jakarta-commons-modeler-2.0-3jpp_2rh.noarch.rpm log4j-1.2.12-1jpp_1rh.noarch.rpm mx4j-3.0.1-1jpp_4rh.noarch.rpm rhpki-ca-7.3.0-20.el4.noarch.rpm rhpki-java-tools-7.3.0-10.el4.noarch.rpm rhpki-kra-7.3.0-14.el4.noarch.rpm rhpki-manage-7.3.0-19.el4.noarch.rpm rhpki-ocsp-7.3.0-13.el4.noarch.rpm rhpki-tks-7.3.0-13.el4.noarch.rpm tomcat5-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.16.noarch.rpm xerces-j2-2.7.1-1jpp_1rh.noarch.rpm xml-commons-1.3.02-2jpp_1rh.noarch.rpm xml-commons-apis-1.3.02-2jpp_1rh.noarch.rpm x86_64: pcsc-lite-1.3.3-3.el4.x86_64.rpm pcsc-lite-debuginfo-1.3.3-3.el4.x86_64.rpm pcsc-lite-doc-1.3.3-3.el4.x86_64.rpm pcsc-lite-libs-1.3.3-3.el4.x86_64.rpm rhpki-native-tools-7.3.0-6.el4.x86_64.rpm Red Hat Certificate System 7.3 for 4ES: Source: ant-1.6.5-1jpp_1rh.src.rpm avalon-logkit-1.2-2jpp_4rh.src.rpm axis-1.2.1-1jpp_3rh.src.rpm classpathx-jaf-1.0-2jpp_6rh.src.rpm classpathx-mail-1.1.1-2jpp_8rh.src.rpm geronimo-specs-1.0-0.M4.1jpp_10rh.src.rpm jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm log4j-1.2.12-1jpp_1rh.src.rpm mx4j-3.0.1-1jpp_4rh.src.rpm pcsc-lite-1.3.3-3.el4.src.rpm tomcat5-5.5.23-0jpp_4rh.16.src.rpm xerces-j2-2.7.1-1jpp_1rh.src.rpm xml-commons-1.3.02-2jpp_1rh.src.rpm i386: pcsc-lite-1.3.3-3.el4.i386.rpm pcsc-lite-debuginfo-1.3.3-3.el4.i386.rpm pcsc-lite-doc-1.3.3-3.el4.i386.rpm pcsc-lite-libs-1.3.3-3.el4.i386.rpm rhpki-native-tools-7.3.0-6.el4.i386.rpm noarch: ant-1.6.5-1jpp_1rh.noarch.rpm avalon-logkit-1.2-2jpp_4rh.noarch.rpm axis-1.2.1-1jpp_3rh.noarch.rpm classpathx-jaf-1.0-2jpp_6rh.noarch.rpm classpathx-mail-1.1.1-2jpp_8rh.noarch.rpm geronimo-ejb-2.1-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-1.4-apis-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-connector-1.5-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-deployment-1.1-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-j2ee-management-1.0-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-jms-1.1-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-jsp-2.0-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-jta-1.0.1B-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-servlet-2.4-api-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-specs-1.0-0.M4.1jpp_10rh.noarch.rpm geronimo-specs-javadoc-1.0-0.M4.1jpp_10rh.noarch.rpm jakarta-commons-modeler-2.0-3jpp_2rh.noarch.rpm log4j-1.2.12-1jpp_1rh.noarch.rpm mx4j-3.0.1-1jpp_4rh.noarch.rpm rhpki-ca-7.3.0-20.el4.noarch.rpm rhpki-java-tools-7.3.0-10.el4.noarch.rpm rhpki-kra-7.3.0-14.el4.noarch.rpm rhpki-manage-7.3.0-19.el4.noarch.rpm rhpki-ocsp-7.3.0-13.el4.noarch.rpm rhpki-tks-7.3.0-13.el4.noarch.rpm tomcat5-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.16.noarch.rpm xerces-j2-2.7.1-1jpp_1rh.noarch.rpm xml-commons-1.3.02-2jpp_1rh.noarch.rpm xml-commons-apis-1.3.02-2jpp_1rh.noarch.rpm x86_64: pcsc-lite-1.3.3-3.el4.x86_64.rpm pcsc-lite-debuginfo-1.3.3-3.el4.x86_64.rpm pcsc-lite-doc-1.3.3-3.el4.x86_64.rpm pcsc-lite-libs-1.3.3-3.el4.x86_64.rpm rhpki-native-tools-7.3.0-6.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2005-2090.html https://www.redhat.com/security/data/cve/CVE-2005-3510.html https://www.redhat.com/security/data/cve/CVE-2006-3835.html https://www.redhat.com/security/data/cve/CVE-2006-3918.html https://www.redhat.com/security/data/cve/CVE-2006-5752.html https://www.redhat.com/security/data/cve/CVE-2007-0450.html https://www.redhat.com/security/data/cve/CVE-2007-1349.html https://www.redhat.com/security/data/cve/CVE-2007-1358.html https://www.redhat.com/security/data/cve/CVE-2007-1863.html https://www.redhat.com/security/data/cve/CVE-2007-3304.html https://www.redhat.com/security/data/cve/CVE-2007-3382.html https://www.redhat.com/security/data/cve/CVE-2007-3385.html https://www.redhat.com/security/data/cve/CVE-2007-3847.html https://www.redhat.com/security/data/cve/CVE-2007-4465.html https://www.redhat.com/security/data/cve/CVE-2007-5000.html https://www.redhat.com/security/data/cve/CVE-2007-5116.html https://www.redhat.com/security/data/cve/CVE-2007-5333.html https://www.redhat.com/security/data/cve/CVE-2007-5461.html https://www.redhat.com/security/data/cve/CVE-2007-6388.html https://www.redhat.com/security/data/cve/CVE-2008-0005.html https://www.redhat.com/security/data/cve/CVE-2008-0128.html https://www.redhat.com/security/data/cve/CVE-2008-1232.html https://www.redhat.com/security/data/cve/CVE-2008-1927.html https://www.redhat.com/security/data/cve/CVE-2008-2364.html https://www.redhat.com/security/data/cve/CVE-2008-2370.html https://www.redhat.com/security/data/cve/CVE-2008-2939.html https://www.redhat.com/security/data/cve/CVE-2008-5515.html https://www.redhat.com/security/data/cve/CVE-2009-0023.html https://www.redhat.com/security/data/cve/CVE-2009-0033.html https://www.redhat.com/security/data/cve/CVE-2009-0580.html https://www.redhat.com/security/data/cve/CVE-2009-1891.html https://www.redhat.com/security/data/cve/CVE-2009-1955.html https://www.redhat.com/security/data/cve/CVE-2009-1956.html https://www.redhat.com/security/data/cve/CVE-2009-2412.html https://www.redhat.com/security/data/cve/CVE-2009-3094.html https://www.redhat.com/security/data/cve/CVE-2009-3095.html https://www.redhat.com/security/data/cve/CVE-2009-4901.html https://www.redhat.com/security/data/cve/CVE-2010-0407.html https://www.redhat.com/security/data/cve/CVE-2010-0434.html http://www.redhat.com/security/updates/classification/#moderate http://www.redhat.com/docs/manuals/cert-system/7.3/html/Administration_Guide/Administration_Guide-Updating_Certificate_System_Packages-Updating_a_Solaris_9_system_using_pkgrm_and_pkgadd.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMWsbTXlSAg2UNWIIRAuzwAKC/DlrNX1MWqd+JliAq0NQHwlsYaACfe9h6 GVFRiSJ0kyldp8T8TONIP18= =Txu0 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFMW3tX/iFOrG6YcBERAuKzAKCyjWlTMsv7F1w8ShrsoxoA8hTuJwCgl61o ohly5G1CnH5R6/xK0P3EHbo= =ooaV -----END PGP SIGNATURE-----