Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.0743 A number of vulnerabilities have been identified in Cisco IOS and Cisco IOS XE 26 March 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco IOS Cisco IOS XE Publisher: Cisco Systems Operating System: Cisco Impact/Access: Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-0650 CVE-2015-0649 CVE-2015-0648 CVE-2015-0647 CVE-2015-0646 CVE-2015-0643 CVE-2015-0642 CVE-2015-0638 CVE-2015-0637 CVE-2015-0636 CVE-2015-0635 Original Bulletin: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani Comment: This bulletin contains six (6) Cisco Systems security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability Advisory ID: cisco-sa-20150325-wedge Revision 1.0 For Public Release 2015 March 25 16:00 UTC (GMT) Summary ======= A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device. When the ICMPv4 messages are processed, the packet queue of the affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVEg3FAAoJEIpI1I6i1Mx3DKAQAKh0z1Us2roV3ahSr8fiIDVW /veWzUDTFiGdlGS4xWExyHL92srs+DoT3wRDwX1UqvmkdRUTfQPGIQl1LAyWujMA TkP6xhTBRTYVtQVQVb4Ubya966QlykNs4jEcmlcep/mGWddLDfF0cOpqDAREAc+Y A8FBn946o3m1Ds/zTkRtvuwc2MOEOglZS6A7fc0a/iDCsnD/FaBlaxHjukgt6xbY OShTjGzJZ7IMsbBizCvlVRYiogCED3EGJ4unM+LvjMRSX2JOu1t5CUJmcXmWIP3u KDQQRB/flmhIUkcaBOMxn4FdBc6ISVLRGPLFSyYJBxz3YE05JqER9QPdK+c2wjKl uyVjCa9Iljuxoqn4TYYFR1X5Gxzt3YZgNJIhy6DTZP6O0OI4U4OaJsiBNDrs3ZMo C9Khl63TlzPG0NfbKXaiPc/2ZakUqty1sKkrFagQ1NcyyzRMJL13uhRIm6G8PPhB Kh1K2GBqGuligoHLVSC0r2NR015iTNobmV+54RCb0RuU+LKl2XFQKYWc3UmNRuQG 36Kf5cZT0gJrF4rryaeCfaSA/LkQsBxEUaMci/APLSR/+qGADTR7EHfIW5kkFlZ7 t/Xi7LON6q3KVBavi3Lo1P+wYV9iNHqy1aeRzAGdC4+FKe0rCdU5cgMZrO1Oc+r6 POD7hEJjIhAb4hRZTjqN =qckG - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities Advisory ID: cisco-sa-20150325-ikev2 Revision 1.0 For Public Release 2015 March 25 16:00 UTC (GMT) Summary ======= Devices running Cisco IOS Software or IOS XE Software contain vulnerabilities within the Internet Key Exchange (IKE) version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to how an affected device processes certain malformed IKEv2 packets. An attacker could exploit these vulnerabilities by sending malformed IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause a reload of the affected device or excessive consumption of resources that would lead to a DoS condition. IKEv2 is automatically enabled on devices running Cisco IOS and Cisco IOS XE Software when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled. these vulnerabilities can be triggered only by sending malformed IKEv2 packets. There are no workarounds for the vulnerabilities described in this advisory. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2 Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVEtQfAAoJEIpI1I6i1Mx3cC4QAKmoyPEnSiWyCB/TmzivfNls 2cSx2Xs2sa9KNNhqZ69hW9Q5GYhMeR89fwbNEdp/+rh3g79lE1wh/YlPwai8IJl9 t1pLC15TVky5xiEwFbmhEuqpTQ7QbdODsXR+dAVStRun8l/pnxM/r3yFRwtpeTDO vNsJNoIlIK+Wk3onNlMVdrPaSOkMhFZysuVB8hhCdF1kow5FCoMElZONU25+Tb5u 3+S32WC/L3jyDaWbQvDKTnNeHBp6M3+8Y7eXHg74CQzWLrCXN+CN6dPFaI7aR8oY P4a6lqSrkrPRXHUgxAqGKtDgzw8UDaxWdf3RX5z1r54syKzuUyuqNSnAwhZ9+pyW lhKv6Ai5ic4tyNEL++QFoZxnRg8xSopuD8yJzuyC5ZhP48tfGdZ1IIBBwxo4vKd5 9PfOlw3+oMvZrxzLL8ajGi/Vfk4LMayqe0jfmBWVMLMdBe0Dhz0Wxihyt7l+FNLS 2ovubZhBCtmhHSy+cyEgyXEjIG+5KFFJ35Wrm/U0LwXXyPIR2vgp6xn7MT1mKONi w9hWjuxFV4EAHAERvHvNR1fq6HZV+y+0vhG+GZR65XNEGrynxqBd8Dh5VpgAoX+i z8rvo9oSK/OsfbDA/qdSiNNRKAYQaKMFUy8MTFR7i2rwNduosPD36HvE4BAwhsox NgLDi9f/QtXaABCuBLeG =YsTm - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability Advisory ID: cisco-sa-20150325-tcpleak Revision 1.0 For Public Release 2015 March 25 16:00 UTC (GMT) Summary ======= A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device. The vulnerability is due to improper handling of certain crafted packet sequences used in establishing a TCP three-way handshake. An attacker could exploit this vulnerability by sending a crafted sequence of TCP packets while establishing a three-way handshake. A successful exploit could allow the attacker to cause a memory leak and eventual reload of the affected device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVEg3FAAoJEIpI1I6i1Mx3s7EP/35lG2sxSOAqj5WWow1L0VbB eCYn6sQTavKyg5pXtFKUyUfF8AUHPrySGpcjy77+s+4uDNswIAXplYQrr8r8OifE xJ8OzuvCXOgvyQEAc8H6l7zLLYOkBv6cFAyYPepl0tPac15iOqX6Xv8l2+gnvi6p puKJYc/81bYmqeE0qRvPDzT9rWiccp1pbWUqUu1ZX31zJ86e/mERHFWOTOBA/qC3 Xd/36ljl4sTR8IPOE7Zoq8jfedlc9Bg3cz7aBrFgx8M9jB/V47MPe6eyfLKHHAEI oXPUu8uJBQsrnYa9/MbN3/wmI9weq3mGhaaStmV9JL0oYn/4gsgY+r4f9euXDMqW b/kIkHxtYHrShckox708oHCjCCTdKiTJcGy+GgTagq49c+A7UCzc8XEwgCOyFFbL 5E2AZ6PJUyUEfbPWhPlCj9H/t3G8mfcmH/FZLpwbEGTtfBCb5b1WRdXd0ARqJqD3 ZXy7M9gKGlifenvs9s9rElO+GuIVvmaAZ2anHgH7aLXCxoc7mIQfTxcjV9whXfD2 TBwHhsR7FMrgtqWbBokq/aNrs/ull9RXsubVFLSToj1BAuJlZpyvjbzQw10bPm5b ZL80JvOffzmf2711jIJCoOiVHGdO/jvb518JMY4XoPyBBKSxtTYpKdKXfBQjQgIv L3q5mEH18S0YiHC8yQAz =W7nK - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability Advisory ID: cisco-sa-20150325-mdns Revision 1.0 For Public Release 2015 March 25 16:00 UTC (GMT) Summary ======= A vulnerability in the multicast DNS (mDNS) gateway function of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to reload the vulnerable device. The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending malformed IP version 4 (IPv4) or IP version 6 (IPv6) packets on UDP port 5353. An exploit could allow the attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVEg3FAAoJEIpI1I6i1Mx3h30P/3gJw08jXsXrVu8KO7L3kqLR vKTMc5BYxLQPoLO3SjI2p6uNKn5iMM6oOsKSZt+mehlDZUUe1JBVricFa07bNQmh jW9mCwVrsMMfOF7NL47vJm6GtGZurhc5WlCRp0uE1PNJs6NmMyRgszTxDz1F5Tjh fq6/2SiKnZW0w+MuxZnrck9rPZ+fzjcpe7sKOUr3htAi/Z0cfhadQrEcVXFuRhn9 bSk0D71zzfXt1VazqOIZiciRJOu/cEN5Tq+NZWTUKqFPFlepjT1G/Ho3WPtQWxbp UwZyeh2InlFnc7DWuNCqW+eZ1CFDPWVNGmWcQq3oxNHkvAAvQsn7vsOgNJRr+yNi S8emKrm94iyIaD2ouOMDgof4MireHLNKNnVecsnuJqUui89zZiT6ZIXg5S8eM5sx rkkfoGjTALePenydwM7eAPjUxI4vFzGPwk1ikQrT49a8fZTJ0/p/S6X8BbybJJXK JHiBdOw88ppa7ixOHgSubHH86KKqm5tCqRI13RpTTtDXQpv4Ev0spiDGeTTKtWEA lGmZldoLHO5Tkk+HUwlUMobluwnt1kGKkAFA+wSRukArAt8i52OUziDmQ4WYBf7a CKw+f6WU9YjGxP2jpp/Xy3u9kKkHHXb8R9y009yXLg1ShZS8eiqQhh6O7O7NuiNL k43tGb1gB+D+0SPS3w/x =DuB0 - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol Advisory ID: cisco-sa-20150325-cip Revision 1.0 For Public Release 2015 March 25 16:00 UTC (GMT) Summary ======= The Cisco IOS Software implementation of the Common Industrial Protocol (CIP) feature contains the following vulnerabilities when processing crafted CIP packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition: Cisco IOS Software UDP CIP Denial of Service Vulnerability Cisco IOS Software TCP CIP Packet Memory Leak Vulnerability Cisco IOS Software TCP CIP Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the forwarding plane, resulting in an interruption of services on an affected device. Repeated exploitation could result in a sustained DoS condition. Additionally, successful exploitation of Cisco IOS Software TCP CIP Packet Memory Leak Vulnerability could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVEg3EAAoJEIpI1I6i1Mx3gQoQAMgga/GDsaG87OcxdBDP3PS0 VWVup8SutEuU6I0Gb+L/PmUYPTNCq7Tc25Cumoqy6z5K7jqNsmsrjzoFeUR86Ksr GYY1hFEc9M4nOapTzoiNFQAxg8bGxh5u4PemCCg9CbEfqP51ItKUmKKcsmT45YpJ M2uidBLWkPum0bcfAvD7JMox/luzMFyAiLnb0IJj217hMVr1OmZou66V8cQfWZZl He+pT5WcPKd116GAB3Gb7B0lcEHduTQAb2psSrPOPJLE4bOwBtyuC17wjCoblQKh W1SLIddEDTUHIkvKt71ZKjvARIiwdEFnZWd9QoH9DygSvTPoooN168Ub5S9rqVDy E84p7pJf0FSyAFrXqTdl0vZHIFmZlDwGZnablle1+E878im49dDY2mSLVEQs21Pr V1iu6R9o+affi4MLFPAQSf1zTx6r6zotCO0Rnp33QfFo97UdLyL7I2qtpZhSczGU 4wTySD8qvM/02rUvszWg/YoJ12A7IU5YMjCXb/Lfkd6UYK/go4BA3BuqZAqSuvAN AWq6MEdOsV4uuchVm0ha1YgdQzt9vNveR4twYpSiQZ0MnzcB9020nLlHmVAB3+lY d04mKF1SMQ568mfes8/lNt0fefc6XkVvrZeIk+9uNn+irAynRRBZR2wpnvQT/Xev qc1FbxmTWdixlVg1kZL6 =b7Xz - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure Advisory ID: cisco-sa-20150325-ani Revision 1.0 For Public Release 2015 March 25 16:00 UTC (GMT) Summary ======= The Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software and IOS XE Software has multiple vulnerabilities which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or gain limited command and control of the device. Autonomic Networking Registration Authority Spoofing Vulnerability Autonomic Networking Infrastructure Spoofed Autonomic Networking Messages Denial of Service Vulnerability Autonomic Networking Infrastructure Device Reload Denial of Service Vulnerability Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJVEg3EAAoJEIpI1I6i1Mx3D4kP/RHXNWflKJAGDDZwOfPHgPTu 3ILcyxaURs0troplCPwsJg94U8NZaeRiOQ8Xsu1s4ajquVEXLRFcdw5WKP/Yulir V7M106xpoemlQGMiw/MNEpAzzP4UNQBCO8A66gLrSGQVFI37C0ysH6yE/307d7Qz LX+aEF7nrOtOw6+ZbVF7irebyMGjaqfblOwDeuXzcyDfHp8hEKuIPfQEh7FaBooQ TnnySenNnhbfu6x0px7gTJteEMcOhDTOaW5m2MuF9STKRRGjauhng1IxJirJPC6k tyIJ+1VOop3Ps49E3czgWUtciFufCjgcl6SbmdYx97KCTQIyt7Mmel2cE37il7wR MzgSyuuIgI4METMdDWwxfTpujXXxdM5iRJNXpoSRzD40NFk9q57QvslwSSO6+1Yf ycnAGDVY+n9ahO3boZdMNne9V9dbCYIbVXES5VXxjaiHvCcRWIDUSJ+JeuX5s+em dMGGIqO8xz3Orl1i77kwWpo22V6txXX6YM07Bg52L+8xbbo7ChKDal5R6UAXsgRB vcA7ckhp28SDtlfy0aJHZHzvHNeOqCD55O8HaSdFoh94mkzBlFVxMkaKHnyeZWyA nWJtC8jHgu+VuyLien930AcUtY4NzO9ZT78c98FePuqkZbqKSvnRqYz69Dgaqu7i aqAAKX2qj2R18xzrUBya =yOgs - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVRNYaBLndAQH1ShLAQKrxxAAhXH29X86hUCy4mLjaFe4k6eWDGl6o++q mBEIpRKvUqiLhQ+b5SHzCsKN0pSGn8mVGj3Gmt+N3mq8G1MIrLwDR4hziFlD/2XW HQB3IOMXyB9iXqm+M/P3ccmiHeuHFuyBgB3EPpAwGXVEYBhgeR13aVfvqEjIacBt weUAkYmlsArEByyutd2iNxS4wILl1/v4vARMJkPoxrEXuTWdMMudimHpkTc02WD0 yU6hYC4V8EuE/HQMYMTdxIB/VWVf8OnPuQxXHA1gRqel5s2wx5WmflnCq7NW/7Yz XSAQzhQsfJjSVsbYs5+iD+s1DTFixfsWd+C2MAI/yiyHypivgWZFl4wAyIfi1qHl bBNl8Odij1HhtxhUDjjqnwLhM/IzzX/pCcRdi/MzaO7Uv5Mx3VSj8tpcWxHQUXCE ukc6MDYC7jyW21HmR24f/LrSnAP+fCqMyg3oA6dRkBeME5M1bhyC8oHuye0evh0E zckhoJW0j0JEkRXA+W0krkd5xNMGm4wRcGvCagaYvjLo67IgI8PhrGliIVETeoxl LgsOcIY6kxr7aCeYCoL+3r2OeF7zTwlGOGstYlVkN1/TMEmg4K3zXskycDIQnPoP iyCxfpD1hb3zpgK4xSZY3rkzg0G9gAOxz4aUMKMVCEL9w6aprjxIwrYnYNY2JzTq wbp+L+rTGNU= =a5Jj -----END PGP SIGNATURE-----