Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.1535 Important: ImageMagick security update 17 June 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ImageMagick Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux WS/Desktop 6 Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2016-5240 CVE-2016-5239 CVE-2016-5118 CVE-2015-8898 CVE-2015-8897 CVE-2015-8896 CVE-2015-8895 Reference: ESB-2016.1384 Original Bulletin: https://access.redhat.com/errata/RHSA-2016:1237 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: ImageMagick security update Advisory ID: RHSA-2016:1237-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1237 Issue date: 2016-06-16 CVE Names: CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2016-5118 CVE-2016-5239 CVE-2016-5240 ===================================================================== 1. Summary: An update for ImageMagick is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix(es): * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5118) * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5239) * Multiple flaws have been discovered in ImageMagick. A remote attacker could, for example, create specially crafted images that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would result in a memory corruption and, potentially, execution of arbitrary code, a denial of service, or an application crash. (CVE-2015-8896, CVE-2015-8895, CVE-2016-5240, CVE-2015-8897, CVE-2015-8898) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1269553 - CVE-2015-8895 ImageMagick: Integer and buffer overflow in coders/icon.c 1269562 - CVE-2015-8896 ImageMagick: Integer truncation vulnerability in coders/pict.c 1333417 - CVE-2016-5240 ImageMagick: SVG converting issue resulting in DoS 1334188 - CVE-2016-5239 ImageMagick,GraphicsMagick: Gnuplot delegate vulnerability allowing command injection 1340814 - CVE-2016-5118 ImageMagick: Remote code execution via filename 1344264 - CVE-2015-8898 ImageMagick: Prevent NULL pointer access in magick/constitute.c 1344271 - CVE-2015-8897 ImageMagick: Crash due to out of bounds error in SpliceImage 6. Package List: Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ImageMagick-6.7.2.7-5.el6_8.src.rpm x86_64: ImageMagick-6.7.2.7-5.el6_8.i686.rpm ImageMagick-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-c++-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-devel-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-doc-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-perl-6.7.2.7-5.el6_8.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ImageMagick-6.7.2.7-5.el6_8.src.rpm i386: ImageMagick-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ppc64: ImageMagick-6.7.2.7-5.el6_8.ppc.rpm ImageMagick-6.7.2.7-5.el6_8.ppc64.rpm ImageMagick-c++-6.7.2.7-5.el6_8.ppc64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.ppc.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.ppc64.rpm s390x: ImageMagick-6.7.2.7-5.el6_8.s390.rpm ImageMagick-6.7.2.7-5.el6_8.s390x.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.s390.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.s390x.rpm x86_64: ImageMagick-6.7.2.7-5.el6_8.i686.rpm ImageMagick-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-c++-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: ImageMagick-c++-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-doc-6.7.2.7-5.el6_8.i686.rpm ImageMagick-perl-6.7.2.7-5.el6_8.i686.rpm ppc64: ImageMagick-c++-6.7.2.7-5.el6_8.ppc.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.ppc.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.ppc64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.ppc.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.ppc64.rpm ImageMagick-devel-6.7.2.7-5.el6_8.ppc.rpm ImageMagick-devel-6.7.2.7-5.el6_8.ppc64.rpm ImageMagick-doc-6.7.2.7-5.el6_8.ppc64.rpm ImageMagick-perl-6.7.2.7-5.el6_8.ppc64.rpm s390x: ImageMagick-c++-6.7.2.7-5.el6_8.s390.rpm ImageMagick-c++-6.7.2.7-5.el6_8.s390x.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.s390.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.s390x.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.s390.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.s390x.rpm ImageMagick-devel-6.7.2.7-5.el6_8.s390.rpm ImageMagick-devel-6.7.2.7-5.el6_8.s390x.rpm ImageMagick-doc-6.7.2.7-5.el6_8.s390x.rpm ImageMagick-perl-6.7.2.7-5.el6_8.s390x.rpm x86_64: ImageMagick-c++-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-devel-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-doc-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-perl-6.7.2.7-5.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ImageMagick-6.7.2.7-5.el6_8.src.rpm i386: ImageMagick-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm x86_64: ImageMagick-6.7.2.7-5.el6_8.i686.rpm ImageMagick-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-c++-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: ImageMagick-c++-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-doc-6.7.2.7-5.el6_8.i686.rpm ImageMagick-perl-6.7.2.7-5.el6_8.i686.rpm x86_64: ImageMagick-c++-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-c++-devel-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.i686.rpm ImageMagick-debuginfo-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-devel-6.7.2.7-5.el6_8.i686.rpm ImageMagick-devel-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-doc-6.7.2.7-5.el6_8.x86_64.rpm ImageMagick-perl-6.7.2.7-5.el6_8.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: ImageMagick-6.7.8.9-15.el7_2.src.rpm x86_64: ImageMagick-6.7.8.9-15.el7_2.i686.rpm ImageMagick-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-c++-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: ImageMagick-c++-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-doc-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-perl-6.7.8.9-15.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: ImageMagick-6.7.8.9-15.el7_2.src.rpm x86_64: ImageMagick-6.7.8.9-15.el7_2.i686.rpm ImageMagick-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-c++-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-doc-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-perl-6.7.8.9-15.el7_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ImageMagick-6.7.8.9-15.el7_2.src.rpm ppc64: ImageMagick-6.7.8.9-15.el7_2.ppc.rpm ImageMagick-6.7.8.9-15.el7_2.ppc64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.ppc.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.ppc64.rpm ImageMagick-perl-6.7.8.9-15.el7_2.ppc64.rpm ppc64le: ImageMagick-6.7.8.9-15.el7_2.ppc64le.rpm ImageMagick-c++-6.7.8.9-15.el7_2.ppc64le.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.ppc64le.rpm ImageMagick-perl-6.7.8.9-15.el7_2.ppc64le.rpm s390x: ImageMagick-6.7.8.9-15.el7_2.s390.rpm ImageMagick-6.7.8.9-15.el7_2.s390x.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.s390.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.s390x.rpm ImageMagick-perl-6.7.8.9-15.el7_2.s390x.rpm x86_64: ImageMagick-6.7.8.9-15.el7_2.i686.rpm ImageMagick-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-c++-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-perl-6.7.8.9-15.el7_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: ImageMagick-c++-6.7.8.9-15.el7_2.ppc.rpm ImageMagick-c++-6.7.8.9-15.el7_2.ppc64.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.ppc.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.ppc64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.ppc.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.ppc64.rpm ImageMagick-devel-6.7.8.9-15.el7_2.ppc.rpm ImageMagick-devel-6.7.8.9-15.el7_2.ppc64.rpm ImageMagick-doc-6.7.8.9-15.el7_2.ppc64.rpm ppc64le: ImageMagick-c++-devel-6.7.8.9-15.el7_2.ppc64le.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.ppc64le.rpm ImageMagick-devel-6.7.8.9-15.el7_2.ppc64le.rpm ImageMagick-doc-6.7.8.9-15.el7_2.ppc64le.rpm s390x: ImageMagick-c++-6.7.8.9-15.el7_2.s390.rpm ImageMagick-c++-6.7.8.9-15.el7_2.s390x.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.s390.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.s390x.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.s390.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.s390x.rpm ImageMagick-devel-6.7.8.9-15.el7_2.s390.rpm ImageMagick-devel-6.7.8.9-15.el7_2.s390x.rpm ImageMagick-doc-6.7.8.9-15.el7_2.s390x.rpm x86_64: ImageMagick-c++-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-doc-6.7.8.9-15.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ImageMagick-6.7.8.9-15.el7_2.src.rpm x86_64: ImageMagick-6.7.8.9-15.el7_2.i686.rpm ImageMagick-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-c++-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-perl-6.7.8.9-15.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: ImageMagick-c++-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-c++-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.i686.rpm ImageMagick-debuginfo-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-devel-6.7.8.9-15.el7_2.i686.rpm ImageMagick-devel-6.7.8.9-15.el7_2.x86_64.rpm ImageMagick-doc-6.7.8.9-15.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8895 https://access.redhat.com/security/cve/CVE-2015-8896 https://access.redhat.com/security/cve/CVE-2015-8897 https://access.redhat.com/security/cve/CVE-2015-8898 https://access.redhat.com/security/cve/CVE-2016-5118 https://access.redhat.com/security/cve/CVE-2016-5239 https://access.redhat.com/security/cve/CVE-2016-5240 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXYyy5XlSAg2UNWIIRAnE9AJ9sMQSWCBGAv8dfTao42DPl+Z7CYgCfefuw cXtnX7Koy5K61nZodyFedH4= =qUqC - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBV2NG6Ix+lLeg9Ub1AQigwQ//SlUMnKSehm4vrzuMAhgNoyDr0YON2so2 wWxBsy0Ab8kOhf1rFHzDBQhRTy9msiPydYKbo++cbutHg2lnF/4XeiGxUOsvSrmH JAYwCXt+IQJRvwBbIdz2s06W9izaTpgOCiuB0tCjYmI9xJWToevgZfyx9KTqEGAi B8GLmCpIfjxkpQH5x4DSd9a9yJyfQKOIdnbB2OTzr7VaulA8c3/D6d48dXPouIGo CoE9e/1uLlEnxWEsw03tOr+IHE3WcxdBCFcGlWBzvArsTLw6sBh7MWKkZ3Y0YG6c 1J1JrUG8h8LnDbDVXfX46N9lAcFBKnLQGo4oyE1MT7XNJKVHRzT0DPwEttckze81 slANzK7uXGf3gY0Lp0ucY7jtnpx1GndlGmEFkUMU1UX2Gif1CpHTV7LsB1pXSFsE KwrBspf0dr/PfrP2uZh9YzhvuNHEx3uEqQ70oCODrZ+j0Ta2/hlobS21hK71hnSz Fnxz/NP1X+lvjnzkp3Fbo0XfzDE6r8aZMg3KXHIGDTYnLJJPBmOvQmBlIuLBosxn nR3K4lug5ZJ97CneJa2m1C8BCu3OIZBXIltdoQsjXUZjvsFIX6MfVMmv34RT635a bQGXwEpMRR+bhpu5CAwGbvAS7axuSW+yHlGgC6z6/v8SaH/PGuuqkUuzVusqZ6g+ sNgY7SPyU8M= =7taJ -----END PGP SIGNATURE-----