Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.1402 Security Bulletin: Multiple vulnerabilities affect IBM WebSphere MQ 3 June 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM WebSphere MQ Publisher: IBM Operating System: AIX HP-UX IBM i Linux variants Solaris Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Access Privileged Data -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2016-4560 CVE-2016-2542 CVE-2016-0260 CVE-2016-0259 CVE-2015-7473 CVE-2015-7462 CVE-2015-7421 CVE-2015-7420 Reference: ESB-2016.1315 Original Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21984564 http://www.ibm.com/support/docview.wss?uid=swg21984561 http://www.ibm.com/support/docview.wss?uid=swg21984555 http://www.ibm.com/support/docview.wss?uid=swg21984557 http://www.ibm.com/support/docview.wss?uid=swg21978363 http://www.ibm.com/support/docview.wss?uid=swg21983690 Comment: This bulletin contains six (6) IBM security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- Security Bulletin: IBM WebSphere MQ Heap storage leak on error path could lead to denial of service (CVE-2016-0260) Security Bulletin Document information More support for: WebSphere MQ Security Software version: 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Software edition: All Editions Reference #: 1984564 Modified date: 2016-06-02 Summary Heap storage allocated on an error path is not deallocated by queue manager agents, a malicious user could use an application to repeatedly cause the queue manager to execute this error path and eventually exhaust storage for the agent, thereby causing a denial of service. Vulnerability Details CVEID: CVE-2016-0260 DESCRIPTION: IBM WebSphere MQ contains an agent memory leak could be exploited by malicious user to cause a denial of service. CVSS Base Score: 5.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110602 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) Affected Products and Versions IBM WebSphere MQ 8.0.0.0 through 8.0.0.4 maintenance levels are affected. Remediation/Fixes Apply IBM WebSphere MQ 8.0.0.5 fixpack or later maintenance. Workarounds and Mitigations None. Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS v3 Guide On-line Calculator v3 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 2 June 2016: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --- Security Bulletin: IBM WebSphere MQ Improper access control for some display commands in local runmqsc (CVE-2016-0259) Security Bulletin Document information More support for: WebSphere MQ Security Software version: 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Software edition: All Editions Reference #: 1984561 Modified date: 2016-06-02 Summary Various display commands via local runmqsc return data for non-privileged users where they lack appropriate +dsp authority. The problem does not affect remotely connected runmqsc. Vulnerability Details CVEID: CVE-2016-0259 DESCRIPTION: IBM WebSphere MQ could allow a local user with authority to connect to the local queue manager to obtain sensitive information. CVSS Base Score: 2.9 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110601 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected Products and Versions IBM WebSphere MQ 8.0.0.0 through 8.0.0.4 maintenance levels Remediation/Fixes Apply IBM WebSphere MQ 8.0.0.5 Fixpack or later maintenance Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS v3 Guide On-line Calculator v3 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 2 June 2016: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --- Security Bulletin: IBM WebSphere MQ Improper access control for some local MQSC commands (CVE-2015-7473) Security Bulletin Document information More support for: WebSphere MQ Security Software version: 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Software edition: All Editions Reference #: 1984555 Modified date: 2016-06-02 Summary runmqsc allows a user who already has +connect and +dsp authority to a queue manager to perform a small number of commands that would normally require additional privileges. The vulnerability does not affect client MQSC, only locally connected runmqsc. Vulnerability Details CVEID: CVE-2015-7473 DESCRIPTION: IBM WebSphere MQ could allow a local attacker with certain permissions to execute commands against the local queue manager that they should not have access to. CVSS Base Score: 2.9 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/108500 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) Affected Products and Versions The problem affects IBM WebSphere MQ 8.0.0.0 through 8.0.0.4 maintenance levels, previous MQ releases required users to be administrative users to be able to execute the runmqsc program. Remediation/Fixes Apply fixpack IBM WebSphere MQ 8.0.0.5 or later Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS v3 Guide On-line Calculator v3 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 2 June 2016: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --- Security Bulletin: IBM WebSphere MQ keystore password traced by mqcertck on IBM i platform (CVE-2015-7462) Security Bulletin Document information More support for: WebSphere MQ Problem Determination Software version: 8.0.0.4 Operating system(s): IBM i Software edition: All Editions Reference #: 1984557 Modified date: 2016-06-02 Summary The mqcertck tool which was newly added in MQ 8.0.0.4 could trace certificate keystore passwords. Vulnerability Details CVEID: CVE-2015-7462 DESCRIPTION: IBM WebSphere MQ could allow a local user with administrator privileges to decrypt other MQ administrators passwords by using the mqcertck tool. CVSS Base Score: 4.4 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/108392 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) Affected Products and Versions IBM WebSphere MQ for IBM i V8.0.0.4 Remediation/Fixes Apply IBM WebSphere MQ for IBM i 8.0.0.5 or later maintenance. Workarounds and Mitigations Do not enable MQ trace whilst running the mqcertck tool. Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS v3 Guide On-line Calculator v3 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 2 June 2016: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --- Security Bulletin: Various IBM WebSphere MQ Installers are susceptible to DLL-planting vulnerabilities (CVE-2016-2542 & CVE-2016-4560) Security Bulletin Document information More support for: WebSphere MQ Install / Migration Software version: 7.0.1, 7.1, 7.5, 8.0 Operating system(s): Windows Software edition: All Editions Reference #: 1978363 Modified date: 2016-06-02 Summary Various IBM WebSphere MQ graphical user interface installers are susceptible to a DLL-planting vulnerability where a malicious DLL, that is present in the Windows search path, could be loaded by the operating system in place of the genuine file. The vulnerability affects Windows executable installers downloaded from IBM prior to 2nd June 2016. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a remote attacker to execute arbitrary code on the system. The application does not directly specify the fully qualified path to a dynamic-linked library (schannel.dll) when running on Microsoft Windows. By persuading a victim to open a specially-crafted file from a WebDAV or SMB share using a vulnerable application, a remote attacker could exploit this vulnerability via a specially-crafted library to execute arbitrary code on the system. CVSS Base Score: 7.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110914 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVEID: CVE-2016-4560 DESCRIPTION: Flexera InstallAnywhere could allow a remote attacker to execute arbitrary code on the system. The application does not directly specify the fully qualified path to a dynamic-linked library when running on Microsoft Windows. By persuading a victim to open a specially-crafted file from a WebDAV or SMB share using a vulnerable application, a remote attacker could exploit this vulnerability via a specially-crafted library to execute arbitrary code on the system. CVSS Base Score: 7.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113016 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Affected Products and Versions The vulnerability affects the executable (.exe file extension) installers, fixpacks and support packs; - - IBM WebSphere MQ for Windows (5.3 - All versions) - - IBM WebSphere MQ for Windows (6.0 - All versions) - - IBM WebSphere MQ for Windows (7.0.0.0 - 7.0.1.13) - - IBM WebSphere MQ for Windows (7.1.0.0 - 7.1.0.7) - - IBM WebSphere MQ for Windows (7.5.0.0 - 7.5.0.6) - - IBM WebSphere MQ for Windows (8.0.0.0 - 8.0.0.4) - - IBM WebSphere MQ Evaluation (8.0.0.0 - 8.0.0.4) - - IBM WebSphere MQ Evaluation (7.5.0.0 - 7.5.0.6) - - IBM WebSphere MQ Evaluation (7.1.0.0 - 7.1.0.7) - - IBM WebSphere MQ File Transfer Edition for Windows (V7.0.0.0 - V7.0.4.4) - - IBM WebSphere MQ File Transfer Edition Trial for Windows (V7.0.0.0 - V7.0.4.4) - - IBM WebSphere MQ Advanced Message Security for Windows (V7.0.1.0 - V7.0.1.3) - - IBM WebSphere MQ Advanced Message Security Trial for Windows (V7.0.1.0 - V7.0.1.3) - - IBM WebSphere MQ for HP NonStop Server V5.3 (Windows Installer V5.3.1.0) - - IBM WebSphere MQ Advanced for Developers (7.5.0.0 - 8.0.0.4) - - MS0T IBM WebSphere MQ Explorer (7.0.1.0 - 8.0.0.4) - - MQC7 IBM WebSphere MQ V7 Clients (All versions) - - MQC71 IBM WebSphere MQ V7.1 Clients (7.1.0.0 - 7.1.0.7) - - MQC75 IBM WebSphere MQ V7.5 Clients (7.5.0.0 - 7.5.0.6) - - MQC8 IBM WebSphere MQ V8 Clients (8.0.0.0 - 8.0.0.4) Where fixes are available (see below), users should discard any Windows installation images that were downloaded from IBM prior to 2nd June 2016 and download new images from Fix Central or Passport Advantage. Remediation/Fixes The executable installers for the following offerings now contain safeguards to prevent being started in an environment where a malicious DLL could be loaded by the operating system. The following offerings (and all subsequent levels of maintenance) have the installer fix applied; - - IBM WebSphere MQ for Windows (6.0.2.12) - - IBM WebSphere MQ for Windows (7.0.1.13) - - IBM WebSphere MQ for Windows (7.1.0.7) - - IBM WebSphere MQ for Windows (7.5.0.6) - - IBM WebSphere MQ for Windows (8.0.0.5) - - IBM WebSphere MQ File Transfer Edition for Windows (V7.0.4.5) - - IBM WebSphere MQ Advanced Message Security for Windows (V7.0.1.3) - - IBM WebSphere MQ for HP NonStop Server V5.3 (V5.3.1.0 Manufacturing Refresh) - - MS0T IBM WebSphere MQ Explorer (8.0.0.4) - - MQC7 IBM WebSphere MQ V7 Clients (7.0.1.13) - - MQC71 IBM WebSphere MQ V7.1 Clients (7.1.0.7) - - MQC75 IBM WebSphere MQ V7.5 Clients (7.5.0.6) - - MQC8 IBM WebSphere MQ V8 Clients (8.0.0.5) Users should download these new install images from Fix Central or Passport Advantage where possible, however if older installers must be used, please refer to the workarounds and mitigations detailed below. Workarounds and Mitigations The DLL-planting vulnerability only impacts IBM WebSphere MQ for Windows when an interactive installation is attempted via the graphical user interface via executable installer (.exe file extension). The advanced installation method of IBM WebSphere MQ that utilises msiexec offers both an interactive graphical interface and command line driven non- interactive installation and is not affected by this vulnerability. To install using msiexec, at the command line, enter the msiexec command in the following format: msiexec parameters [USEINI="response-file"] [TRANSFORMS="transform_file"] This installation method should be used in preference to running setup.exe. See the links below for detailed information on using this installation method. Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS v3 Guide On-line Calculator v3 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog IBM WebSphere MQ 7.1 Advanced Installation IBM WebSphere MQ V7.5 Advanced Installation IBM WebSphere MQ V8 Advanced Installation IBM MQ Advanced for Developers IBM MQ SupportPacs by Product Recommended Fixes for WebSphere MQ IBM WebSphere MQ Evaluation IBM WebSphere MQ Advanced Message Security Evalution IBM WebSphere MQ File Transfer Edition Evaluation Change History 2 June 2016: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --- Security Bulletin: Vulnerabilities in GSKit affect IBM WebSphere MQ (CVE-2015-7421, CVE-2015-7420) Security Bulletin Document information More support for: WebSphere MQ SSL Software version: 7.1, 7.5, 8.0 Operating system(s): AIX, HP-UX, Linux, Solaris, Windows Software edition: All Editions Reference #: 1983690 Modified date: 2016-06-02 Summary Vulnerabilities were discovered in GSKit. IBM WebSphere MQ uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-7421 DESCRIPTION: A vulnerability in GSKit could allow a remote attacker to obtain sensitive information. The internal ICC PRNG pool state is duplicated during a fork() system call operation which results in a period of time where child processes may generate identical PRNG output to the parent. This may allow possible attacks related to predicable state which an attacker could exploit. CVSS Base Score: 3.7 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107695 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) CVEID: CVE-2015-7420 DESCRIPTION: A vulnerability in GSKit could allow a remote attacker to obtain sensitive information. The GSKit PRNG state is duplicated during a fork() system call operation which results in a period of time where child processes may generate identical PRNG output to the parent. CVSS Base Score: 3.7 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107694 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected Products and Versions IBM WebSphere MQ 8.0 Fix Pack 8.0.0.4 and previous maintenance levels IBM WebSphere MQ 7.5 Fix Pack 7.5.0.5 and previous maintenance levels IBM WebSphere MQ 7.1 Fix Pack 7.1.0.6 and previous maintenance levels Remediation/Fixes IBM WebSphere MQ 8.0 Apply fix pack 8.0.0.5 IBM WebSphere MQ 7.5 Apply fix pack 7.5.0.6 IBM WebSphere MQ 7.1 Apply fix pack 7.1.0.7 For unsupported versions of IBM WebSphere MQ, IBM recommends upgrading to a fixed, supported version of the product. Workarounds and Mitigations None known Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. References Complete CVSS v3 Guide On-line Calculator v3 Related information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 01 June 2016: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBV1DvJox+lLeg9Ub1AQgUUw/9Fctr/oC0ufqPTRpfV5vIL2D8GTi/7+0u o4XqDJPtpYaY7Ymb6mJJwdfWEcsxpYNSCaup4lj7eJ/XJb7a0/thjh/w4uRIzSuO FE/KQ5XQBRUR5wzLggNOQrBrqk1v56lXNBSxjIeqUQz2qCgiCYUTXOCVNHW7sWnC 5kfF3oR87higi7DmhNH/k/Z30P1+UXm23H7gLdLO0FjcSk7WZSp1h1HOWhiIfpCv urMQ8xoGeGKj4FoUGZd+qsf7YvbfNmZLnJkAbSJuYL40Yjx6ZgJQ67kQ08AswOvy QbyicQTgNLyKFrjR4St78xhGgAoU8iXL7Q42SNbWsyN1geKHd6ZiFtbwOBG2YY4J xQblmOVUbUrZ+giv8SANBP56vfjtW5fsYAf70dURIXxzCh0gUykATSDbenfoI3XP w7AgQ5MkK/IPRQRY7QWTZKpsmdDs80np91XJJUefCuLhaaEvBJzu9cIgPuxaTfL8 R0XRNZ/peKLhdhUeuN8W5sfq4ch4BQsn1XVV5jV64gMR+DwNKmq2tReXqJIIRkOV hWGm1NZzac1w6LbEMJEF782R7Twj6basraLoYC3ht/q2P/9LfuttKmH2UBf2S+Q3 peLCMfsMt8oJmf57EFaxkCn+/mYaK6nuUA7Hfb/pih3kEB2wAZ9wxFTmg2QQsxXW xu0MNjxKuU0= =96Xq -----END PGP SIGNATURE-----