-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2014.0622.2
        Security Bulletin: Potential Security Vulnerabilities fixed
               in IBM WebSphere  Application Server 8.5.5.2
                                15 May 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM WebSphere Application Server
Publisher:         IBM
Operating System:  AIX
                   HP-UX
                   Linux variants
                   Solaris
                   Windows
                   IBM i
                   z/OS
Impact/Access:     Denial of Service        -- Remote/Unauthenticated      
                   Cross-site Scripting     -- Remote with User Interaction
                   Unauthorised Access      -- Remote/Unauthenticated      
                   Access Confidential Data -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-0896 CVE-2014-0891 CVE-2014-0859
                   CVE-2014-0857 CVE-2014-0823 CVE-2014-0050
                   CVE-2013-6747 CVE-2013-6738 CVE-2013-6725
                   CVE-2013-6438 CVE-2013-6349 CVE-2013-6329
                   CVE-2013-6325 CVE-2013-6323 CVE-2013-4039

Reference:         ESB-2014.0584
                   ESB-2014.0582
                   ESB-2014.0578
                   ESB-2014.0396
                   ESB-2014.0113
                   ESB-2014.0079
                   ESB-2013.1162

Original Bulletin: 
   http://www-01.ibm.com/support/docview.wss?uid=swg21669554

Revision History:  May   15 2014: Updated CVE number from 2014-0892 to 2014-0891 per Xforce change
                   April 30 2014: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere 
Application Server 8.5.5.2

Security Bulletin

Document information

More support for:
WebSphere Application Server

General

Software version:
6.1, 7.0, 8.0, 8.5, 8.5.5

Operating system(s):
AIX, HP-UX, IBM i, Linux, Solaris, Windows, z/OS

Software edition:
Base, Developer, Enterprise, Liberty, Network Deployment

Reference #:
1669554

Modified date:
2014-05-07

Summary

Cross reference list for security vulnerabilites fixed in IBM WebSphere 
Application Server 8.5.5.2

Vulnerability Details

CVE ID: CVE-2013-4039 (PM84760)

DESCRIPTION: WebSphere Application Server for Compute Grid could allow a 
remote attacker to obtain sensitive information and exploit this vulnerability 
to gain unauthorized access to jobs.

CVSS:
CVSS Base Score: 4
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/86175 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:L/Au:S/C:P/I:N/A:N)

AFFECTED VERSIONS: The following Versions are affected:

    Version 8.5 of WebSphere Application Server for Compute Grid users

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack containing this APAR PM84760, as noted below:

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.

Workaround(s): None

Mitigation(s): None

CVE ID: CVE-2013-6725 (PM98132)

DESCRIPTION: IBM WebSphere Application Server may be vulnerable to cross-site 
scripting, caused by improper validation of input in the Administrative 
Console. A remote attacker with Administrative authority could exploit this 
vulnerability using a specially-crafted URL to inject script into a victim's 
Web browser within the security context of the hosting Web site.

CVSS:
CVSS Base Score: 3.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/89280 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:S/C:N/I:P/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing this APAR PM98132, as noted below:

For IBM WebSphere Application Server

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.

For V8.0.0.0 through 8.0.0.7:

    Apply Fix Pack 8 (8.0.0.8), or later.

For V7.0.0.0 through 7.0.0.29:

    Apply Fix Pack 31 (7.0.0.31), or later.

Workaround(s): None

Mitigation(s): none

CVE ID: CVE-2013-6325 (PM99450 and PI08267)

DESCRIPTION: IBM WebSphere Application Server could be vulnerable to a denial 
of service, caused by improper handling of requests by a web services 
endpoint. By passing a specially-crafted request, a remote attacker could 
exploit this vulnerability to consume available resources.

CVSS:
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88906 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing APAR PM99450 for IBM WebSphere Application 
Server Full Profile or APAR PI08267 for IBM WebSphere Application Server 
Liberty Profile, as noted below:

For IBM WebSphere Application Server Full Profile or Liberty Profile

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.

For V8.0.0.0 through 8.0.0.7:

    Apply Fix Pack 8 (8.0.0.8), or later.

For V7.0.0.0 through 7.0.0.29:

    Apply Fix Pack 31 (7.0.0.31), or later.

Workaround(s): None
Mitigation(s): none

CVE ID: CVE-2013-6323 (PI04777 and PI04880)

DESCRIPTION: The Administration Console of IBM WebSphere Application Server 
and IBM WebSphere Application Server Virtual Edition may be vulnerable to 
cross-site scripting, caused by improper validation of user supplied input. A 
remote attacker could exploit this vulnerability to create a specially-crafted 
URL to execute script in a victim’s Web browser within the security context of 
the hosting Web site, once the URL is clicked.

CVSS:
CVSS Base Score: 3.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88903 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:S/C:N/I:P/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF for WebSphere Application Server as noted below:

For IBM WebSphere Application Server (PI04777)
For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.


For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 9 (8.0.0.9), or later (targeted availability 23 June 2014).


For V7.0.0.0 through 7.0.0.29:

    Apply Fix Pack 33 (7.0.0.33), or later (targeted availability 23 June 2014).


For IBM WebSphere Virtual Enterprise (PI04880)
For V7.0.0.0 through 7.0.0.4:

    Apply Fix Pack 5 (7.0.0.5), or later.

Workaround(s): None
Mitigation(s): none
Acknowledgement: Thanks to Michael Hoffman for reporting this vulnerability to 
IBM.

CVE ID: CVE-2013-6329 (PI05309)

DESCRIPTION: Potential denial of service in SSL handshake processing with IBM 
HTTP Server.

CVSS:
CVSS Base Score: 7.8
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88939 
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)

AFFECTED VERSIONS: This problem affects the IBM HTTP Server component in all 
editions of WebSphere Application Server and bundling products:
    Version 8.5
    Version 8
    Version 7
    Version 6.1

REMEDIATION: Please refer to WebSphere Application Server Security bulletin 
for CVE-2013-6349 for remediation information and workaround information.

CVE ID: CVE-2014-0823 (PI05324)

DESCRIPTION: IBM WebSphere Application Server Full Profile and IBM Websphere 
Application Server Liberty profile could allow a remote attacker to view files 
within an application by sending a specially-crafted URL.

CVSS:
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90498 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5 Full and Liberty
    Version 8

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing this APAR PI05324, as noted below:

For IBM WebSphere Application Server

For V8.5.0.0 through 8.5.5.1 Full Profile or Liberty Profile:

    Apply Fix Pack 2 (8.5.5.2), or later.


For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 9 (8.0.0.9), or later (targeted availability 23 June 2014).

Workaround(s): None
Mitigation(s): None

CVE ID: CVE-2013-6738 (PI05661)

DESCRIPTION: IBM WebSphere Application Server Oauth is vulnerable to 
cross-site scripting, caused by improper validation of user supplied input. A 
remote attacker could exploit this vulnerability to create a specially-crafted 
URL to execute script in a victim’s Web browser within the security context of 
the hosting Web site, once the URL is clicked.

CVSS:
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/89854 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5 Full Profile and Liberty Profile
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing this APAR PI05661, as noted below:

For IBM WebSphere Application Server

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.


For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 9(8.0.0.9), or later (targeted availability 23 June 2014).


For V7.0.0.0 through 7.0.0.31:

    Apply Fix Pack 33(7.0.0.33), or later (targeted availability 23 June 2014).

Workaround(s): None.
Mitigation(s): None.

CVE ID: CVE-2014-0857 (PI07808)

DESCRIPTION: IBM WebSphere Application Server Administrative Console could 
allow a network attacker to obtain sensitive information caused by improper 
handling of requests and exploit this vulnerability to gain unauthorized 
access to the Server.

CVSS:

CVSS Base Score: 4.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90863 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:L/Au:S/C:P/I:N/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5
    Version 8

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing APAR PI07808 for IBM WebSphere Application 
Server as noted below:

For IBM WebSphere Application Server Full Profile

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.


For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 9 (8.0.0.9), or later (targeted availability of 23 June 2014).

Workaround(s): None
Mitigation(s): none

CVE ID: CVE-2014-0859 (PI08892)

DESCRIPTION: IBM WebSphere Application server using the web server plugin that 
is configured to retry failed POST requests may be vulnerable to a denial of 
service. A remote attacker could exploit this vulnerability to cause the 
Application Server to crash.

CVSS:
CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90879 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing this APAR PI08892, as noted below:

For IBM WebSphere Application Server

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.


For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 9 (8.0.0.9), or later (targeted availability of 23 June 2014).


For V7.0.0.0 through 7.0.0.31:

    Apply Fix Pack 33 (7.0.0.33), or later (targeted availability of 23 June 2014).


Workaround(s): None
Mitigation(s): none

CVE ID: CVE-2013-6438 (PI09345)
DESCRIPTION: IBM HTTP Server may be vulnerable to a buffer overflow in the 
optional mod_dav module when using mod_dav addons. A remote attacker could 
overflow a buffer and cause a denial of service.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90878 
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

AFFECTED VERSIONS: This problem affects the IBM HTTP Server component in all 
editions of WebSphere Application Server and bundling products:
    Version 8.5
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:Apply a Fix Pack or PTF containing APAR PI09345, as noted below:

For affected IBM HTTP Server for WebSphere Application Server:

For V8.5.0.0 through 8.5.5.1 Full Profile:

    Apply Fix Pack 8.5.5.2 or later.

For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 8.0.0.9 or later (targeted to be available 23 June 2014).

For V7.0.0.0 through 7.0.0.31:
Apply Fix Pack 7.0.0.33 or later (targeted to be available 23 June 2014).

Workaround(s): Do not use optional mod_dav module.
Mitigation(s): none

CVE ID: CVE-2013-6747 (PI09443)

DESCRIPTION: IBM HTTP Server may be vulnerable to a denial of service, caused 
by an error in the GSKit component. By initiating an SSL/TLS connection using 
a malformed certificate chain, a remote attacker could exploit this 
vulnerability to cause the server process to hang or crash.

CVSS:
CVSS Base Score: 7.1
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/89863 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)

AFFECTED VERSIONS: This problem affects the IBM HTTP Server component in all 
editions of WebSphere Application Server and all products that bundle 
WebSphere Application Server:
    Version 8.5
    Version 8
    Version 7

Remediation/Workaround/Mitigation
Please refer to WebSphere Application Server Security bulletin for 
CVE-2013-6747 for remediation information.

CVE ID: CVE-2014-0891 (PI09786)

DESCRIPTION: The Proxy and ODR servers of the IBM WebSphere Application Server 
could allow a network attacker to obtain sensitive information caused by 
improper handling of requests.

CVSS:
CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/91286 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Versions are 
affected:

    Version 8.5
    Version 8
    Version 7

REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing this APAR PI09786, as noted below:

For IBM WebSphere Application Server

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.


For V8.0.0.0 through 8.0.0.8:

    Apply Fix Pack 9 (8.0.0.9), or later (targeted availability of 23 June 2014).

For V7.0.0.0 through 7.0.0.31:

    Apply Fix Pack 33 (7.0.0.33), or later (targeted availability of 23 June 2014).

Workaround(s): None
Mitigation(s): none

CVE ID: CVE-2014-0896 (PI10134)

DESCRIPTION: IBM WebSphere Application Server Liberty Profile could allow a 
network attacker to obtain sensitive information caused by improper handling 
of requests. The attacker could exploit this vulnerability to obtain sensitive 
information.

CVSS:
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/91326 
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

AFFECTED VERSIONS: The following IBM WebSphere Application Server Liberty 
Profile Version is affected:

    Version 8.5


REMEDIATION: The recommended solution is to apply the Fix Pack or PTF for each 
named product as soon as practical

Fix:

Apply a Fix Pack or PTF containing this APAR PI10134, as noted below:

For IBM WebSphere Application Server Liberty Profile

For V8.5.0.0 through 8.5.5.1:

    Apply Fix Pack 2 (8.5.5.2), or later.

Workaround(s): None
Mitigation(s): none

CVE ID: CVE-2014-0050 (PI12648, PI12926 and PI13162)

DESCRIPTION: Apache Commons FileUpload used by IBM WebSphere Application 
Server may be vulnerable to a denial of service.

CVSS:
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90987 
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

VERSIONS AFFECTED: This problem affects the following versions of the 
WebSphere Application Server:
    Version 8.5 Full Profile and Liberty Profile
    Version 8
    Version 7
    Version 6.1

This problem also affects the following versions of WebSphere Extended 
Deployment Compute Grid:
    Version 8 on WebSphere Application Server Version 7 or Version 8
    Version 6.1 on WebSphere Application Server Version 7

REMEDIATION/Workaround/Mitigation: Please refer to WebSphere Application 
Server Security bulletin for CVE-2014-0050 for information.

IBM SDK: Please refer to this security bulletin for SDK fixes that were 
shipped with WebSphere Application Server Version 8.5.5.2
http://www.ibm.com/support/docview.wss?&uid=swg21663938

Important note

IBM strongly suggests that all System z customers be subscribed to the System 
z Security Portal to receive the latest critical System z security and 
integrity service. If you are not subscribed, see the instructions on the 
System z Security web site. Security and integrity APARs and associated fixes 
will be posted to this portal. IBM suggests reviewing the CVSS scores and 
applying all security or integrity fixes as soon as possible to minimize any 
potential risk.

References

Complete CVSS Guide
On-line Calculator V2
WebSphere Application Server Security bulletin for CVE-2013-6349
WebSphere Application Server Security bulletin for CVE-2013-6747
WebSphere Application Server Security bulletin for CVE-2014-0050

Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

28 April 2014: original document published
06 May 2014: updated CVE number from 2014-0892 to 2014-0891 per Xforce change

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of 
this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Cross reference information 

Segment               Product                                          Component
Application Servers   WebSphere Application Server Hypervisor Edition  Not Applicable 
Application Servers   WebSphere Application Server Liberty Core 
Application Servers   WebSphere Extended Deployment Compute Grid

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU3RBNBLndAQH1ShLAQJu9g//c3YdOHiuwa4MjXz06XQDLolt42Ozdg8P
gcfgNrmueN93zEsb8JIL3HGLxyNP60tH5UGZCY0W57VmR9sNqgWGZZni3pDfxCUc
LMWsHxel9bw9EAfHEEoaq1vek1IbcP0FLec2PsbGEQ2syLwf4l16tkQ4C90xEMFi
90jYnEbT5rrDAsGKG6aJivlYdOikd+AodZ1bIRr44dziLviTEqwpbY59KZLLbjRo
+9vf9mCt/6iyOPJVvmfI0X3NSfzjYHPj6jQjiLUmYFxj3UAiU1GaU1texjj93XVs
rSQQY4AmaOu3BkX4/vFqypVD9RwFhqr6gGjK5eZW3EE/6bZbNi5VpUzcrNr6BDO3
K7wVVCWo2trTxkjUD9LjIOtXZcoaWIbAoLGMOVugJqe7yCapMjjRY1gx7kej1ATQ
dZSLLUsbsUEKO+AB03S8aTp9mfL1tghqsqD7g6VHkkTqoNlqSo48z2vAJIIVGity
l4/OQVnFtNW3yKqKU0dRBPVF54y/oinirWNMfQbQ9n/QkiEJh5gcZ5a4CsU8mQZM
02Ao8suleBtdmy865Am/CPMy9OEzKdK/zSHHD0UIVBB7aAgIbFKoakpV+nhKd0LC
Nvg9bNX0bP5ATTRiJMyFJwMpMvPAEInAffbH3eVaJY/rHviovEHZObdi4fUDLqxJ
EPw+Q46xfBI=
=6mZu
-----END PGP SIGNATURE-----