Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.0957
Multiple vulnerabilities have been identified in Juniper Junos
14 April 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Juniper Junos
Publisher: Juniper Networks
Operating System: Juniper
Impact/Access: Root Compromise -- Existing Account
Access Privileged Data -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Unauthorised Access -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2016-1271 CVE-2016-1270 CVE-2016-1269
CVE-2016-0778 CVE-2016-0777 CVE-2015-3153
CVE-2015-3148 CVE-2015-3145 CVE-2015-3144
CVE-2015-3143 CVE-2014-8151 CVE-2014-8150
CVE-2014-3707 CVE-2014-3620 CVE-2014-3613
CVE-2014-0015
Reference: ASB-2016.0004
ASB-2015.0103
ASB-2015.0070
ASB-2015.0009
ESB-2014.2094
ESB-2014.1559
ESB-2014.0129
Original Bulletin:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10736
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10739
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
Comment: This bulletin contains five (5) Juniper Networks security
advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
2016-04 Security Bulletin: Junos: OpenSSH Client Information Leak and
Buffer Overflow in roaming support (CVE-2016-0777, CVE-2016-0778)
Categories:
Junos
Router Products
J-series
M-series
T-series
MX-series
Security Products
Switch Products
EX Series
SRX Series
Security Advisories ID: JSA10734
Last Updated: 13 Apr 2016
Version: 1.0
Product Affected:
These issues can affect any product or platform running Junos OS.
Problem:
CVE-2016-0777 and CVE-2016-0778 were released by Qualys and cross-announced
by OpenSSH on 2016-01-14.
A brief summary of the issue from the announcement follow, full details
are available at:
https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
"Since version 5.4 (released on March 8, 2010), the OpenSSH client supports
an undocumented feature called roaming: if the connection to an SSH server
breaks unexpectedly, and if the server supports roaming as well, the client
is able to reconnect to the server and resume the suspended SSH session.
Although roaming is not supported by the OpenSSH server, it is enabled by
default in the OpenSSH client, and contains two vulnerabilities that can be
exploited by a malicious SSH server (or a trusted but compromised server):
an information leak (memory disclosure), and a buffer overflow (heap-based)."
The attack vector leading to potential compromise in these scenarios
relates to a session initated from a Junos OS device using the SSH client
to an external SSH server.
No ScreenOS products or platforms are affected by these issues.
Juniper continues to investigate other products and services.
As investigations are completed this JSA will be updated.
These issues have been assigned CVE-2016-0777 and CVE-2016-0778.
Solution:
The following software releases have been updated to resolve these
specific issues with the SSH client: Junos OS 12.1X46-D45 12.1X47-D35
12.3R12 12.3X48-D30 13.3R9 14.1R7 14.2R6 15.1F5 15.1R3 15.1X49-D40 and
all subsequent releases.
These issues are being tracked and are visible on the Customer Support
website under the following PR: 1154016
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End
of Life support policies.
Workaround:
It is good security practice to connect only to known, trusted, SSH servers
from critical infrastructure networking equipment. Use outgoing access
lists or egress firewall filters to limit access from sensitive network
devices to only trusted, administrative networks or hosts.
Implementation:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available
Maintenance Release of each supported Junos version. In some cases,
a Maintenance Release is not planned to be available in an appropriate
time-frame. For these cases, Service Releases are made available in order
to be more timely. Security Advisory and Security Notices will indicate
which Maintenance and Service Releases contain fixes for the issues
described. Upon request to JTAC, customers will be provided download
instructions for a Service Release. Although Juniper does not provide
formal Release Note documentation for a Service Release, a list of "PRs
fixed" can be provided on request.
Modification History:
2016-04-13: Initial publication
Related Links:
KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories."
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security
Incident Response Team
CVE-2016-0777: Information Leak
CVE-2016-0778: Buffer Overflow
CVSS Score:
5.0 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)
Risk Level:
Medium
Risk Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
Acknowledgements:
- -------------------------------------------------------------------------------
2016-04 Security Bulletin: Junos: Manipulating TCP timestamps can lead to
resource exhaustion denial of service (CVE-2016-1269)
Categories:
Junos
Router Products
J-series
M-series
T-series
MX-series
Security Products
Switch Products
EX Series
SRX Series
Security Advisories ID: JSA10736
Last Updated: 13 Apr 2016
Version: 1.0
Product Affected:
This issue can affect any product or platform running Junos OS.
Problem:
By manipulating TCP timestamps within a TCP session to a reachable
listening port, it may be possible for an attacker to trigger a persistent
buffer/socket resource exhaustion denial of service DoS attack. Normally,
a networked device will time out a session after a number of unsuccessful
retransmission events, occurring at increasing intervals. However, in
this case, a crafted sequence of TCP packets will cause the device to not
try to retransmit, allowing the attacker to create sockets that will be
long-lived without the need to maintain state on them.
This issue was found during internal product security testing.
Juniper SIRT is not aware of any malicious exploitation of this
vulnerability.
No other Juniper Networks products or platforms are affected by this issue.
This issue has been assigned CVE-2016-1269.
Solution:
The following software releases have been updated to resolve this specific
issue: Junos OS 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20,
13.2R9, 13.2X51-D39, 13.2X51-D40, 13.3R8, 14.1R6, 14.1X53-D30, 14.2R4-S1,
14.2R5, 15.1R2, 15.1X49-D30, 16.1R1, and all subsequent releases.
This issue is being tracked as PR 1073571 and is visible on the Customer
Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End
of Life support policies.
Workaround:
Use access lists or firewall filters to limit access to the router via
TCP only from trusted hosts.
In addition to the recommendations listed above, it is good security practice
to limit the exploitable attack surface of critical infrastructure networking
equipment. Use access lists or firewall filters to limit all administrative
access to the router only from trusted, administrative networks or hosts.
Implementation:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available
Maintenance Release of each supported Junos version. In some cases,
a Maintenance Release is not planned to be available in an appropriate
time-frame. For these cases, Service Releases are made available in order
to be more timely. Security Advisory and Security Notices will indicate
which Maintenance and Service Releases contain fixes for the issues
described. Upon request to JTAC, customers will be provided download
instructions for a Service Release. Although Juniper does not provide
formal Release Note documentation for a Service Release, a list of "PRs
fixed" can be provided on request.
Modification History:
2016-04-13: Initial publication
Related Links:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security
Bulletin Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security
Incident Response Team
CVE-2016-1269: Manipulating TCP timestamps can lead to resource
exhaustion denial of service
CVSS Score:
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Risk Level:
High
Risk Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
Acknowledgements:
- -------------------------------------------------------------------------------
2016-04 Security Bulletin: Junos: RPD cores on receiving a crafted L2VPN
family BGP update (CVE-2016-1270)
Categories:
Junos
Router Products
J-series
M-series
T-series
MX-series
Security Products
Switch Products
EX Series
SRX Series
Security Advisories ID: JSA10737
Last Updated: 13 Apr 2016
Version: 1.0
Product Affected:
This issue can affect any product or platform running Junos OS with family
BGP based L2VPN and/or VPLS configured
Problem:
Upon receipt of a specially crafted BGP 'family l2vpn' UPDATE message,
the Junos OS rpd daemon will crash and restart. Receipt of a constant
stream of these crafted updates could lead to an extended denial of service.
This issue only affects BGP based L2VPN and VPLS configurations. No other
configurations are affected. The issue is not applicable to BGP Route
Reflectors (RR).
Note that this issue can only be triggered from inside a customer's
network. MPLS labels are not usually exchanged outside the protected network,
and are usually only received from a PE or RR in the same network.
This issue was found during internal product security testing.
Juniper SIRT is not aware of any malicious exploitation of this
vulnerability.
No other Juniper Networks products or platforms are affected by this issue.
This issue has been assigned CVE-2016-1270.
Solution:
The following software releases have been updated to resolve this specific
issue: Junos OS 12.1X44-D60, 12.1X46-D45, 12.1X47-D30, 12.3R9, 12.3X48-D20,
13.2R7, 13.2X51-D40, 13.3R6, 14.1R4, 14.2R2, 14.2R3, and all subsequent
releases.
This issue is being tracked as PR 1041189 and is visible on the Customer
Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End
of Life support policies.
Workaround:
While no single workaround is effective in all cases, the risk associated
with this issue can be mitigated by applying access lists or firewall
filters to limit access to the router's BGP port from trusted peers only.
Implementation:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available
Maintenance Release of each supported Junos version. In some cases,
a Maintenance Release is not planned to be available in an appropriate
time-frame. For these cases, Service Releases are made available in order
to be more timely. Security Advisory and Security Notices will indicate
which Maintenance and Service Releases contain fixes for the issues
described. Upon request to JTAC, customers will be provided download
instructions for a Service Release. Although Juniper does not provide
formal Release Note documentation for a Service Release, a list of "PRs
fixed" can be provided on request.
Modification History:
2016-04-13: Initial publication
Related Links:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security
Bulletin Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security
Incident Response Team
CVE-2016-1270: RPD cores on receiving a crafted update from an L2VPN peer
CVSS Score:
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Risk Level:
High
Risk Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
Acknowledgements:
- -------------------------------------------------------------------------------
2016-04 Security Bulletin: Junos: Multiple privilege escalation
vulnerabilities in Junos CLI (CVE-2016-1271)
Categories:
Junos
Router Products
J-series
M-series
T-series
MX-series
Security Products
Switch Products
EX Series
SRX Series
Security Advisories ID: JSA10739
Last Updated: 13 Apr 2016
Version: 1.0
Product Affected:
These issues can affect any product or platform running Junos OS.
Problem:
Certain combinations of Junos OS CLI commands and arguments have been found
to be exploitable in a way that can allow root access to the operating
system. This may allow any user with permissions to run these CLI commands
the ability to achieve elevated privileges and gain complete control of
the device.
These issues were found during internal product security testing.
Juniper SIRT is not aware of any malicious exploitation of these
vulnerabilities.
No other Juniper Networks products or platforms are affected by these issues.
This set of issues has been assigned CVE-2016-1271.
Solution:
The following software releases have been updated to resolve these specific
issues: Junos OS 12.1X46-D45, 12.1X47-D30, 12.3R11, 12.3X48-D25, 13.2R8,
13.3R7, 14.1R6, 14.2R4, 15.1R1, 15.1F2, 15.1X49-D15 and all subsequent
releases.
These issues are being tracked as PRs 973106, 442580, 980411, 1019669,
1069867, and 1069873, and are visible on the Customer Support website.
KB16765 - "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End
of Life support policies.
Workaround:
Use access lists or firewall filters to limit access to the router's CLI
only from trusted hosts. Restrict access to the CLI to only highly trusted
administrators.
Implementation:
How to obtain fixed software:
Security vulnerabilities in Junos are fixed in the next available
Maintenance Release of each supported Junos version. In some cases,
a Maintenance Release is not planned to be available in an appropriate
time-frame. For these cases, Service Releases are made available in order
to be more timely. Security Advisory and Security Notices will indicate
which Maintenance and Service Releases contain fixes for the issues
described. Upon request to JTAC, customers will be provided download
instructions for a Service Release. Although Juniper does not provide
formal Release Note documentation for a Service Release, a list of "PRs
fixed" can be provided on request.
Modification History:
2016-04-13: Initial publication
Related Links:
KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories."
KB16613: Overview of the Juniper Networks SIRT Quarterly Security
Bulletin Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security
Incident Response Team
CVE-2016-1271: Multiple privilege escalation vulnerabilities in Junos CLI
CVSS Score:
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Risk Level:
High
Risk Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
Acknowledgements:
- -------------------------------------------------------------------------------
2016-04 Security Bulletin: Junos: Multiple vulnerabilities in cURL and
libcurl
Categories:
Junos
Router Products
J-series
M-series
T-series
MX-series
Security Products
Switch Products
EX Series
SRX Series
Security Advisories ID: JSA10743
Last Updated: 13 Apr 2016
Version: 1.0
Product Affected:
This issue can affect any product or platform running Junos OS.
Problem:
Multiple vulnerabilities in Junos OS have been resolved by updating cURL
and libcurl library. These are used to support downloading updates or
importing data into a Junos device.
Libcurl and cURL were upgraded from 7.36.0 to 7.42.1 which resolves the
following vulnerabilities:
CVE CVSS v2 base score
CVE-2015-3144 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not
properly calculate an index, which allows remote attackers to cause a denial
of service (out-of-bounds read or write and crash) or possibly have other
unspecified impact via a zero-length host name, as demonstrated by
"http://:80" and ":80."
CVE-2015-3145 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0
does not properly calculate an index, which allows remote attackers to
cause a denial of service (out-of-bounds write and crash) or possibly have
other unspecified impact via a cookie path containing only a double-quote
character.
CVE-2014-8151 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl
7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport)
back-end for TLS, does not check if a cached TLS session validated the
certificate when reusing the session, which allows man-in-the-middle
attackers to spoof servers via a crafted certificate.
CVE-2014-3613 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie
domain names, which allows remote attackers to set cookies for or send
arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1
setting cookies for a site at 127.168.0.1.
CVE-2014-3620 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same
Origin Policy and set cookies for arbitrary sites by setting a cookie for a
top-level domain.
CVE-2015-3143 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM
connections, which allows remote attackers to connect as other users via an
unauthenticated request, a similar issue to CVE-2014-0015.
CVE-2015-3148 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated
Negotiate connections, which allows remote attackers to connect as other users
via a request.
CVE-2015-3153 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP
headers to both the proxy and destination server, which might allow remote
proxy servers to obtain sensitive information by reading the header contents.
CVE-2014-3707 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running
with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST
data for an easy handle, which triggers an out-of-bounds read that allows
remote web servers to read sensitive memory information.
CVE-2014-8150 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CRLF injectionvulnerability in libcurl 6.0 through 7.x before 7.40.0, when
using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers
and conduct HTTP response splitting attacks via CRLF sequences in a URL.
CVE-2014-0015 4.0 (AV:N/AC:H/Au:N/C:P/I:P/A:N)
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication
method is enabled, re-uses NTLM connections, which might allow
context-dependent attackers to authenticate as other users via a request.
Juniper SIRT is not aware of any malicious exploitation of these
vulnerabilities.
Solution:
The following software releases have been updated to resolve this specific
issue:
12.1X46-D50 (pending release), 12.1X47-D40 (pending release),
12.3R11, 12.3X48-D30 (to be released by end of April, 2016), 13.2R9,
13.2X51-D39, 13.2X51-D40, 13.3R8, 14.1R6, 14.1X53-D30, 14.2R5, 15.1R2,
15.1X49-D40, 15.1X53-D35 and all subsequent releases.
These issue was tracked as PR 1068204 and is visible on the Customer
Support website.
Workaround:
Avoid using untrusted URLs to fetch updates or to import data into a
Junos device.
Implementation:
Security vulnerabilities in Junos are fixed in the next available
Maintenance Release of each supported Junos version. In some cases,
a Maintenance Release is not planned to be available in an appropriate
time-frame. For these cases, Service Releases are made available in order
to be more timely. Security Advisory and Security Notices will indicate
which Maintenance and Service Releases contain fixes for the issues
described. Upon request to JTAC, customers will be provided download
instructions for a Service Release. Although Juniper does not provide
formal Release Note documentation for a Service Release, a list of "PRs
fixed" can be provided on request.
Modification History:
2016-04-13: Initial publication
Related Links:
KB16613: Overview of the Juniper Networks SIRT Quarterly Security
Bulletin Publication Process
KB16765: In which releases are vulnerabilities fixed?
KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's
Security Advisories
Report a Vulnerability - How to Contact the Juniper Networks Security
Incident Response Team
CVSS Score:
7.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Risk Level:
High
Risk Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."
Acknowledgements:
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVw77MH6ZAP0PgtI9AQKiTRAA0xH0l1A4efZjyIl2MX9dlrm0a5ziX2ja
5kL1WFfE2Yr5D2I6uWdDvjT2z+qnEyHeQScasu5FXCAHnlAzPIO0NAo52pKM8RVz
S9RKwiwkeeLQkND6iNzRQSc3AA3By4nftYYu6qanTD0guTiQwRTOq6jhoGHTenny
gbFfyBGrR9HhWjitFjEr6T1+SHLQ7AO2rLA26rtyoMTJN+mP7VwxgqDpt6ttzcQz
JHpzaFdtzTlD0LekPtSqfEsPmOv1iAKminyMvh4jbCx45kYMDDwmkaCsBR4B/vWy
hM8gfjyK4p+MpcSGQXpPVHmxXNhwSnzlwxDz1mur4i481eC84Ev0g5prysFXy/6l
XfNgcDRzeb0NAlPls+KfamnHAJc9aJStK4VqX0GdCwqhBzG9uOzlGXL3Sj1SbbbY
IV498/b3FbXu14pUcaJEcDQV7QlH/IeK1J1naklcXqoXlZ+qJo28x/v3ZpWoakck
SI+vAnU+pTZKdT+V4bOt+zKwrzzEMn4jcHo+Yy1lyuGwrrDWeCvXrPSsJtlxLBfL
OWtW8WHCpRdiHuL2diRN94ZtwTuE9SnD6a638K3WgcUG3yI3oUsqo0hQ/F+HUsJe
0ErKs2hYzB4sCvjF0xvo2cIOANPFmRVIpSIlcxPq3LP8oueOQzSnaeykIRYxTPDR
hUaIZdiIcDk=
=MUPZ
-----END PGP SIGNATURE-----