Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.2622
Multiple vulnerabilities have been identified in IBM
Security Network Protection
16 October 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Security Network Protection
Publisher: IBM
Operating System: Network Appliance
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Root Compromise -- Existing Account
Denial of Service -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Unauthorised Access -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2015-5621 CVE-2015-3405 CVE-2015-3246
CVE-2015-3245 CVE-2015-3183 CVE-2015-2716
CVE-2015-1799 CVE-2015-1798 CVE-2015-1283
CVE-2014-3565 CVE-2013-7424
Reference: ESB-2015.2559
ESB-2015.2517
ESB-2015.2141
ESB-2015.2135
ESB-2015.1930
ESB-2015.1174
ESB-2015.0933
ESB-2015.0899
ESB-2015.0428
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21963297
http://www-01.ibm.com/support/docview.wss?uid=swg21965877
http://www-01.ibm.com/support/docview.wss?uid=swg21966695
http://www-01.ibm.com/support/docview.wss?uid=swg21966578
http://www-01.ibm.com/support/docview.wss?uid=swg21967057
http://www-01.ibm.com/support/docview.wss?uid=swg21964539
Comment: This bulletin contains six (6) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network
Protection (CVE-2013-7424)
Security Bulletin
Document information
More support for:
IBM Security Network Protection
Software version:
5.2.0, 5.3
Operating system(s):
Firmware
Reference #:
1963297
Modified date:
2015-10-15
Summary
The GNU glibc packages provide the standard C libraries (libc), POSIX thread
libraries (libpthread), standard math libraries (libm), and the Name Server
Caching Daemon (nscd) used by multiple programs on the system. Security
vulnerabilities have been discovered in glibc used with IBM Security Network
Protection.
Vulnerability Details
CVE ID: CVE-2013-7424
DESCRIPTION: The GNU C Library (glibc) could allow a remote attacker to
execute arbitrary code on the system, caused by an invalid free error in the
getaddrinfo() function when used with the AI_IDN flag. An attacker able to
make an application call this function could exploit this vulnerability to
execute arbitrary code on the system.
CVSS Base Score: 5.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/101073 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Affected Products and Versions
IBM Security Network Protection 5.2
IBM Security Network Protection 5.3
Remediation/Fixes
Product VRMF Remediation/First Fix
IBM Security Network Protection Firmware version 5.2 Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012 from IBM Fix Central and upload and
install via the Fix Packs page of the local management interface.
IBM Security Network Protection Firmware version 5.3 Install Firmware 5.3.1.5 from the Available Updates page of the Local Management Interface, or by
performing a One Time Scheduled Installation from SiteProtector.
Workarounds and Mitigations
None Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS v2 Guide
On-line Calculator v2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
03 September 2015: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------------------------------------------------------------
Security Bulletin: A vulnerability in net-snmp affects IBM Security Network
Protection (CVE-2014-3565)
Security Bulletin
Document information
More support for:
IBM Security Network Protection
Software version:
5.2.0, 5.3
Operating system(s):
Firmware
Reference #:
1965877
Modified date:
2015-10-15
Summary
The net-snmp packages provide various libraries and tools for the Simple
Network Management Protocol (SNMP).One security vulnerability has been
discovered in net-snmp used with IBM Security Network Protection.
Vulnerability Details
CVE ID: CVE-2014-3565
DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by the
improper handling of SNMP traps when started with the "-OQ" option. By sending
an SNMP trap message containing a variable with a NULL type, a remote attacker
could exploit this vulnerability to cause snmptrapd to crash.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/95638 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Affected Products and Versions
IBM Security Network Protection 5.2
IBM Security Network Protection 5.3
Remediation/Fixes
Product VRMF Remediation/First Fix
IBM Security Network Protection Firmware version 5.2 Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012 from IBM Fix Central and upload and
install via the Fix Packs page of the Local Management Interface.
IBM Security Network Protection Firmware version 5.3 Install Firmware 5.3.1.5 from the Available Updates page of the Local Management Interface, or by
performing a One Time Scheduled Installation from SiteProtector.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS v2 Guide
On-line Calculator v2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
01 October 2015: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------------------------------------------------------------
Security Bulletin: A vulnerability in net-snmp affects IBM Security Network
Protection (CVE-2015-5621)
Security Bulletin
Document information
More support for:
IBM Security Network Protection
Software version:
5.2.0, 5.3
Operating system(s):
Firmware
Reference #:
1966695
Modified date:
2015-10-15
Summary
The net-snmp packages provide various libraries and tools for the Simple
Network Management Protocol (SNMP).One security vulnerability has been
discovered in net-snmp used with IBM Security Network Protection.
Vulnerability Details
CVEID: CVE-2015-5621
DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by
incompletely parsed varBind variables being left in the list of variables by
the snmp_pdu_parse() function. A remote attacker could exploit this
vulnerability to cause the application to crash or possibly execute arbitrary
code on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/105232 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Products and Versions
IBM Security Network Protection 5.2
IBM Security Network Protection 5.3
Remediation/Fixes
Product VRMF Remediation/First Fix
IBM Security Network Protection Firmware version 5.2 Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012 from IBM Fix Central and upload and
install via the Fix Packs page of the Local Management Interface.
IBM Security Network Protection Firmware version 5.3 Install Firmware 5.3.1.5 from the Available Updates page of the Local Management Interface, or by
performing a One Time Scheduled Installation from SiteProtector.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
01 October 2015: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------------------------------------------------------------
Security Bulletin: Vulnerabilities in NTP affect IBM Security Network
Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405)
Security Bulletin
Document information
More support for:
IBM Security Network Protection
Software version:
5.2.0, 5.3
Operating system(s):
Firmware
Reference #:
1966578
Modified date:
2015-10-15
Summary
Security vulnerabilities have been discovered in NTP used with IBM Security
Network Protection.
Vulnerability Details
CVEID: CVE-2015-1798
DESCRIPTION: Network Time Protocol (NTP) Project NTP daemon (ntpd) could allow
a remote attacker to bypass security restrictions, caused by the acceptance of
packets that do not contain a message authentication code (MAC) as valid
packets wen configured for symmetric key authentication. An attacker could
exploit this vulnerability using man-in-the-middle techniques to bypass the
authentication process.
CVSS Base Score: 5.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/102051 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:A/AC:M/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-1799
DESCRIPTION: Network Time Protocol (NTP) Project NTP daemon (ntpd) is
vulnerable to a denial of service, caused by an error when using symmetric key
authentication. By sending specially-crafted packets to both peering hosts, an
attacker could exploit this vulnerability to prevent synchronization.
CVSS Base Score: 5.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/102052 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:A/AC:M/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-3405
DESCRIPTION: Network Time Protocol (NTP) could allow a remote attacker to
conduct spoofing attacks, caused by the generation of MD5 symmetric keys on
big-endian systems by the ntp-keygen utility. An attacker could exploit this
vulnerability using the generated MD5 keys to spoof an NTP client or server.
CVSS Base Score: 5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/104387 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Affected Products and Versions
IBM Security Network Protection 5.2
IBM Security Network Protection 5.3
Remediation/Fixes
Product VRMF Remediation/First Fix
IBM Security Network Protection Firmware version 5.2 Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012 from IBM Fix Central and upload and
install via the Fix Packs page of the Local Management Interface.
IBM Security Network Protection Firmware version 5.3 Install Firmware 5.3.1.5 from the Available Updates page of the Local Management Interface, or by
performing a One Time Scheduled Installation from SiteProtector.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS v2 Guide
On-line Calculator v2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
12 September 2015: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------------------------------------------------------------
Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Security
Network Protection (CVE-2015-3183, and CVE-2015-1283)
Security Bulletin
Document information
More support for:
IBM Security Network Protection
Software version:
5.2.0, 5.3
Operating system(s):
Firmware
Reference #:
1967057
Modified date:
2015-10-15
Summary
Request smuggling and denial of service security vulnerabilities have been
discovered in IBM HTTP Server used with IBM Security Network Protection.
Vulnerability Details
CVEID: CVE-2015-3183
DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling,
caused by a chunk header parsing flaw in the apr_brigade_flatten() function.
By sending a specially-crafted request in a malformed chunked header to the
Apache HTTP server, an attacker could exploit this vulnerability to poison the
web cache, bypass web application firewall protection, and conduct XSS
attacks.
CVSS Base Score: 6.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/104844 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2015-1283
DESCRIPTION: Multiple integer overflows in the XML_GetBuffer function in Expat
through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other
products, allow remote attackers to cause a denial of service (heap-based
buffer overflow) or possibly have unspecified other impact via crafted XML
data, a related issue to CVE-2015-2716.
CVSS Base Score: 6.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/104964 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
Affected Products and Versions
IBM Security Network Protection 5.2
IBM Security Network Protection 5.3
Remediation/Fixes
Product VRMF Remediation/First Fix
IBM Security Network Protection Firmware version 5.2 Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012 from IBM Fix Central and upload and
install via the Fix Packs page of the Local Management Interface.
IBM Security Network Protection Firmware version 5.3 Install Firmware 5.3.1.5 from the Available Updates page of the Local Management Interface, or by
performing a One Time Scheduled Installation from SiteProtector.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
01 October 2015: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------------------------------------------------------------
Security Bulletin: Vulnerabilities in libuser affect IBM Security Network
Protection (CVE-2015-3245, CVE-2015-3246)
Security Bulletin
Document information
More support for:
IBM Security Network Protection
Software version:
5.2.0, 5.3
Operating system(s):
Firmware
Reference #:
1964539
Modified date:
2015-10-15
Summary
The libuser library implements a standardized interface for manipulating and
administering user and group accounts used by multiple programs on the system.
Security vulnerabilities have been discovered in libuser used with IBM
Security Network Protection.
Vulnerability Details
CVE ID: CVE-2015-3245
DESCRIPTION: libuser is vulnerable to a denial of service, caused by the
failure to properly filter out newline characters by the chfn() function
within the userhelper utility. A local authenticated attacker could exploit
this vulnerability to inject newline characters into the /etc/passwd file and
cause a denial of service.
CVSS Base Score: 4.7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/105022 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVE ID: CVE-2015-3246
DESCRIPTION: libuser could allow a local authenticated attacker to gain
elevated privileges on the system, caused by the improper handling of the
/etc/passwd file. An attacker could exploit this vulnerability to gain root
privileges on the system.
CVSS Base Score: 7.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/105023 for the current
score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
IBM Security Network Protection 5.2
IBM Security Network Protection 5.3
Remediation/Fixes
Product VRMF Remediation/First Fix
IBM Security Network Protection Firmware version 5.2 Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012 from IBM Fix Central and upload and
install via the Fix Packs page of the local management interface.
IBM Security Network Protection Firmware version 5.3 Install Firmware 5.3.1.5 from the Available Updates page of the Local Management Interface, or by
performing a One Time Scheduled Installation from SiteProtector.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support
alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
03 September 2015: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBViCK336ZAP0PgtI9AQIAghAAkF2kE++dIV3w5k9DLp6Mb8DLS3a7kKA6
p7UrrDym54d83pV2Qt8aJW6DUpaY8yxiIwVMHXg7U5avYS4yHllWMausO1XxgmR0
old7zdXyllG9d4LW8/UbBBF4+jJEJzgt9MznLGi4X1X065SFscOKbrNn/AIgzebl
aSe0DTOrSJPURtj8+0weCofIseWwyinIKQt8hhVZN3dUbuu0kEna+yb8d5GAl+lD
HR2fG1ZdFEm8mX4ZJl0Z7BVH7JwPgfEFy1NdPPBFMiHH1eajlNUI1zoHDa9oIsua
7D+mA8MA80TfPQSwfq2PuqDQ2A8h9BycOCRBI2iifg7+NGT06Z1kxiibuwuJlgD4
MDuSOEaVv7D8ggoPfz1pf4Jb16xrRnxC/7I7bszGi+hRK1dBciFOL6LtBOVzWrkQ
elF21MejpxR9MlrH6TFzHY6GaHabW/ZN4UMzRcxVAXCj55qFJHZggPUEFF4d3/Su
OfbOJiyLqVzVXolFl3jbvVHvb12MlSFwPsNCD00Jkrhd/QmOLPjp8jxC7QM2Avyg
Hnbb98n1ENJwrH/991k7DJKZy2wh6c2r9VwyyZH2iZ3Q+2HgYsxhE2BnmBxylYDd
odu5nau1TDT1zbHXZ51XPaNDp0YAas9K6qGdHMEShdNNt3+P6kE/HjIFSw4tJYDo
3wizNlNAkgg=
=pn47
-----END PGP SIGNATURE-----