Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.2175
Security Bulletin: Multiple vulnerabilities affect IBM
Rational ClearCase and Rational Asset Analyzer
15 September 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Rational ClearCase
IBM Rational Asset Analyzer
Publisher: IBM
Operating System: AIX
HP-UX
Linux variants
Solaris
Windows
Impact/Access: Administrator Compromise -- Existing Account
Access Privileged Data -- Remote with User Interaction
Increased Privileges -- Existing Account
Provide Misleading Information -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2016-5967 CVE-2016-3426 CVE-2016-2107
CVE-2013-0513
Reference: ASB-2016.0074
ASB-2016.0043
ESB-2016.1065
Original Bulletin:
http://www.ibm.com/support/docview.wss?uid=swg21987848
http://www.ibm.com/support/docview.wss?uid=swg21987844
http://www.ibm.com/support/docview.wss?uid=swg21987846
http://www.ibm.com/support/docview.wss?uid=swg21990215
Comment: This bulletin contains four (4) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Rational
ClearCase (CVE-2016-3426)
Security Bulletin
Document information
More support for:
Rational ClearCase
ClearCase Remote Client
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1987848
Modified date:
2016-09-14
Summary
There is a vulnerability in IBM Runtime Environment Java Technology Edition,
Versions 6, 7, and 8, which are used by IBM Rational ClearCase. This issue
was disclosed as part of the IBM Java SDK updates in April 2016.
Vulnerability Details
CVEID:
CVE-2016-3426
DESCRIPTION:
An unspecified vulnerability related to the JCE component could allow a
remote attacker to obtain sensitive information, resulting in a partial
confidentiality impact using unknown attack vectors.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/112457
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Affected Products and Versions
IBM Rational ClearCase, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x,
and 9.0.0.x in the following components:
CCRC WAN server/CM Server component, when configured to use SSL
ClearCase remote client: CCRC/CTE GUI, rcleartool, and CMAPI clients, when
using SSL to access a CCRC WAN Server/CM Server
ClearCase version Status
9.0 through 9.0.0.01 Affected
8.0.1 through 8.0.1.11 Affected
8.0 through 8.0.0.18 Affected
7.1.0.x Affected
7.1.1.x
7.1.2.x
(all versions and fix packs)
Remediation/Fixes
The solution is to install a fix that includes an updated Java Virtual
Machine with fixes for the issues, and to apply fixes for WebSphere
Application Server (WAS).
CCRC Client fixes
Apply the relevant fixes as listed in the table below.
Affected Versions Applying the fix
9.0 through 9.0.0.01 Install Rational ClearCase Fix Pack 2 (9.0.0.02) for 9.0
8.0.1 through 8.0.1.11 Install Rational ClearCase Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.18 Install Rational ClearCase Fix Pack 18 (8.0.0.19) for 8.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact Customer Support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
Notes:
If you use CCRC as an extension offering installed into an Eclipse shell (one
not provided as part of a ClearCase release), or you use rcleartool or CMAPI
using a Java Virtual Machine not supplied by IBM as part of Rational
ClearCase, you should update the Java Virtual Machine that you use to include
a fix for the above issues. Contact the supplier of your Java Virtual Machine
and/or the supplier of your Eclipse shell.
CCRC WAN server fixes
1. Determine the WAS version used by your CCRC WAN server. Navigate to the
CCRC profile directory (either the profile you specified when installing
ClearCase, or <ccase-home>/common/ccrcprofile), then execute the script:
bin/versionInfo.sh (UNIX) or bin\versionInfo.bat (Windows). The output includes
a section "IBM WebSphere Application Server". Make note of the version listed
in this section.
2. Review the following WAS security bulletin:
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere
Application Server April 2016 CPU
and apply the latest available fix for the version of WAS used for CCRC WAN
server.
Note:
there may be newer security fixes for WebSphere Application Server. Follow
the link below (in the section "Get Notified about Future Security
Bulletins") to subscribe to WebSphere product support alerts for additional
Java SDK fixes.
Affected Versions Applying the fix
8.0.0.x Apply the appropriate WebSphere Application Server fix directly to your CCRC
8.0.1.x WAN server host. No ClearCase-specific steps are necessary.
9.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact customer support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
For 7.0.x and 7.1.x and earlier releases, IBM recommends upgrading to a
fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
Important note
IBM strongly suggests that all System z customers be subscribed to the System
z Security Portal to receive the latest critical System z security and
integrity service. If you are not subscribed, see the instructions on the
System z Security web site
Security and integrity APARs and associated fixes will be posted to this
portal. IBM suggests reviewing the CVSS scores and applying all security or
integrity fixes as soon as possible to minimize any potential risk.
References
Complete CVSS v2 Guide
On-line Calculator v2
IBM Java SDK April 2016 Security Bulletin
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 14 September 2016: Originally published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Vulnerability in OpenSSL affects IBM Rational ClearCase
(CVE-2016-2107)
Security Bulletin
Document information
More support for:
Rational ClearCase
Perl: ratlperl
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1987844
Modified date:
2016-09-14
Summary
OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project.
OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has
addressed the applicable CVEs.
Vulnerability Details
CVEID:
CVE-2016-2107
DESCRIPTION:
OpenSSL could allow a remote attacker to obtain sensitive information caused
by an error when the connection uses an AES CBC cipher and the server support
AES-NI. A remote user with the ability to conduct a man-in-the-middle attack
could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded
Legacy Encryption) attack to decrypt traffic.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/112854
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Rational ClearCase versions:
Version Status
9.0 through 9.0.0.01 Affected
8.0.1 through 8.0.1.10 Affected
8.0 through 8.0.0.17 Affected
7.1.0.x, 7.1.1.x, 7.1.2.x (all versions) Affected
Not all deployments of Rational ClearCase use OpenSSL in a way that is
affected by these vulnerabilities.
You are vulnerable if your use of Rational ClearCase includes any of these
configurations:
1. You use the base ClearCase/ClearQuest integration client on any platform,
configured to use SSL to communicate with a ClearQuest server.
2. You use the UCM/ClearQuest integration on UNIX/Linux clients, configured to
use SSL to communicate with a ClearQuest server.
Note:
Windows clients using the UCM/ClearQuest integration are not vulnerable.
3. On UNIX/Linux clients, you use the Change Management Integration (CMI) for
base ClearCase with ClearQuest or Rational Team Concert (RTC), or for UCM
with ClearQuest or RTC, or for Jira, when configured to use SSL to
communicate with the server.
Note:
Windows clients using the CMI integration are not vulnerable.
4. You use ratlperl, ccperl, or cqperl to run your own perl scripts,
and
those scripts use SSL connections.
Remediation/Fixes
Apply a fix pack as listed in the table below. The fix pack includes OpenSSL
1.0.2h.
Affected Versions Applying the fix
9.0 through 9.0.0.01 Install Rational ClearCase Fix Pack 2 (9.0.0.02) for 9.0
8.0.1 through 8.0.1.11 Install Rational ClearCase Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.18 Install Rational ClearCase Fix Pack 18 (8.0.0.19) for 8.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact Customer Support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed,
supported version/release/platform of the product.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
Important note
IBM strongly suggests that all System z customers be subscribed to the System
z Security Portal to receive the latest critical System z security and
integrity service. If you are not subscribed, see the instructions on the
System z Security web site
Security and integrity APARs and associated fixes will be posted to this
portal. IBM suggests reviewing the CVSS scores and applying all security or
integrity fixes as soon as possible to minimize any potential risk.
References
Complete CVSS v3 Guide
On-line Calculator v3
OpenSSL Project vulnerability website
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 14 September 2016: Original version published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Unquoted Service Path Enumeration vulnerability in IBM
Rational ClearCase (CVE-2013-0513)
Security Bulletin
Document information
More support for:
Rational ClearCase
ALBD
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
Windows
Reference #:
1987846
Modified date:
2016-09-14
Summary
IBM Rational ClearCase is vulnerable to an Unquoted Service Path Enumeration
vulnerability.
Vulnerability Details
CVEID:
CVE-2013-0513
DESCRIPTION:
IBM Rational AppScan, IBM Rational ClearCase, and IBM Rational ClearQuest
could allow a local attacker to gain elevated privileges on the system,
caused by the creation of a service during install that does not constrain
the service path in quotes and leaves it vulnerable to Microsoft Windows
Unquoted Service Path Enumeration issue. An attacker could gain elevated
privileges using the service. No specialized knowledge is necessary to
conduct this attack. The attacker will need local access to the AppScan
Enterprise, ClearCase, or ClearQuest machine in order to conduct the attack.
Authentication is not a requirement.
CVSS Base Score: 7.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/82594
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Affected Products and Versions
Rational ClearCase 7.1.x (all versions), 8.0 through 8.0.0.18, 8.0.1 through
8.0.1.11, and 9.0 through 9.0.0.01.
Remediation/Fixes
Install a fix pack containing fixes:
Affected version Fixes
9.0 through 9.0.0.01 Install Rational ClearCase Fix Pack 2 (9.0.0.02) for 9.0
8.0.1 through 8.0.1.11 Install Rational ClearCase Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.18 Install Rational ClearCase Fix Pack 18 (8.0.0.19) for 8.0
7.1.x Customers on extended support contracts for 7.1.x should contact Customer Support.
For 7.0.x and 7.1.x and earlier releases, IBM recommends upgrading to a
fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None.
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v2 Guide
On-line Calculator v2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 14 September 2016: Original Copy Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Rational Asset Analyzer (CVE-2016-5967)
Security Bulletin
Document information
More support for:
Rational Asset Analyzer
Software version:
6.1
Operating system(s):
Windows
Reference #:
1990215
Modified date:
2016-09-14
Summary
WAS Admin password appearing in IM native logs when installing/updating RAA
with security enabled
Vulnerability Details
CVEID:
CVE-2016-5967
DESCRIPTION:
IBM Rational Asset Analyzer (RAA) install process could allow a local
attacker to obtain sensitive information. By viewing the logs, an attacker
could exploit this vulnerability to obtain the WAS admin and local user
credentials.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/116188
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
Rational Asset Analyzer: 6.1.0
Remediation/Fixes
Remediation/Fixes
VRMF APAR Remediation/First Fix
Rational Asset Analyzer 6.1.0.x PI61540 Update to RAA Fix pack 10: http://www-01.ibm.com/support/docview.wss?uid=swg24042015
Workarounds and Mitigations
Manually delete Installation manager logs after installing or upgrading RAA
with security enabled on windows.
Important note:
IBM strongly suggests that all System z customers subscribe to the System z
Security Portal to receive the latest critical System z security and
integrity service. If you are not subscribed, see the instructions on the
System z Security web site
Security and integrity APARs and associated fixes will be posted to this
portal. IBM suggests reviewing the CVSS scores and applying all security or
integrity fixes as soon as possible to minimize any potential risk.
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV9o2Rox+lLeg9Ub1AQiphxAAmx56dv45+duiQVE4T5AhlIf+6HvL8Q1Z
XHvYgA5/oUZ3Vi+Oz9nygDz381zIWDRBkpwcoXvl4ty2l6uojyzxMXolcuBsMO0h
22JffGGuJLP6TICAhQQY7h+y9RV+fz/GSi4RJ27jyCx/S1pAazHz7E/ND/jEbiDM
X8MyBvU6B0b6fOqhbPrk3z6K/V/BRraPpOJTjNoI60rFyn85RMRbMO4gPxjE3xk3
/5s2g1aBt58vzH21ZfFm5byBj4a85KpmotgiDZi9WjVge3IRZPdMoWkDJTfkEuwW
+eWWvUqhJZPEBFRZr8sFNXUoAM5Eizw/S0SiYMu/k1n8V7mEu1IlUdjSrUpCHRhr
Qu7iwZYIpVyU/hGvlxWlhok/CVCe6QOJllKGH2hhf+3nrfOS6BtJyRBO2M2IHIjp
/LQAiAoglmOlybdk0mDlJ7VUq4uXEeTqe+EZC8QiqDOysxhLqZ0qydxygC3LPXil
H+klfNumFDAmDZbO24FqrXHaGMH0TjKo/IsOKx7DLj4HO3ttfs8+ANzKymhipweX
sz3aMhFmDWE8nBgXt2PfRyHq4XjGtbrRBp0S/zR7CWyN5XbfG9tvYgpxU+5yef5h
xvfsAb1OMIcrRKSABVEOJZVECWvK6xkOSKc4s0Klhlabcj2ni19+aaUrz9yPNxfe
Pdawx8iV6Ms=
=Be1A
-----END PGP SIGNATURE-----