Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.2196
Security Bulletin: Multiple vulnerabilities affect IBM Rational ClearQuest
16 September 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Rational ClearQuest
Publisher: IBM
Operating System: AIX
Linux variants
Solaris
Windows
Impact/Access: Access Privileged Data -- Remote/Unauthenticated
Increased Privileges -- Existing Account
Provide Misleading Information -- Remote with User Interaction
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2016-3426 CVE-2016-2107 CVE-2016-0702
CVE-2013-0513
Reference: ASB-2016.0074
ASB-2016.0043
ESB-2016.1076
ESB-2016.0543.2
Original Bulletin:
http://www.ibm.com/support/docview.wss?uid=swg21990134
http://www.ibm.com/support/docview.wss?uid=swg21990141
http://www.ibm.com/support/docview.wss?uid=swg21990151
http://www.ibm.com/support/docview.wss?uid=swg21990130
Comment: This bulletin contains four (4) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Rational
ClearQuest (CVE-2016-3426)
Security Bulletin
Document information
More support for:
Rational ClearQuest
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
AIX, Linux, Solaris, Windows
Reference #:
1990134
Modified date:
2016-09-15
Summary
There is a vulnerability in IBM Runtime Environment Java Technology Edition,
Versions 6, 7, and 8, which are used by IBM Rational ClearQuest. This issue
was disclosed as part of the IBM Java SDK updates in April 2016.
Vulnerability Details
CVEID:
CVE-2016-3426
DESCRIPTION:
An unspecified vulnerability related to the JCE component could allow a
remote attacker to obtain sensitive information, resulting in a partial
confidentiality impact using unknown attack vectors.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/112457
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Affected Products and Versions
IBM Rational ClearQuest, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x,
8.0.1.x, and 9.0.0.x in the following components:
ClearQuest Web/CQ OSLC server/CM Server component, when configured to use
SSL.
ClearQuest Eclipse clients that use Report Designer, run remote reports on
servers using secure connections, or use the embedded browser to connect to
secure web sites. If you do not use the ClearQuest Eclipse client in this
way, then you are not affected.
ClearQuest version Status
9.0 through 9.0.0.01 Affected
8.0.1 through 8.0.1.11 Affected
8.0 through 8.0.0.18 Affected
7.1.0.x Affected
7.1.1.x
7.1.2.x
(all versions and fix packs)
Remediation/Fixes
The solution is to install a fix that includes an updated Java Virtual
Machine with fixes for the issues, and to apply fixes for WebSphere
Application Server (WAS).
ClearQuest Eclipse Client and Report Designer fixes
Apply the relevant fixes as listed in the table below.
Affected Versions Applying the fix
9.0 through 9.0.0.01 Install Rational ClearQuest Fix Pack 2 (9.0.0.02) for 9.0
8.0.1 through 8.0.1.11 Install Rational ClearQuest Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.18 Install Rational ClearQuest Fix Pack 18 (8.0.0.19) for 8.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact Customer Support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
ClearQuest Web server fixes
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere
Application Server April 2016 CPU
Affected Versions Applying the fix
8.0.0.x Apply the appropriate WebSphere Application Server fix directly to your ClearQuest Web server host. No ClearQuest-specific steps are necessary.
8.0.1.x
9.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact customer support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
For 7.0.x and 7.1.x and earlier releases, IBM recommends upgrading to a
fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v2 Guide
On-line Calculator v2
IBM Java SDK April 2016 Security Bulletin
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 15 September 2016: Originally published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Vulnerability in OpenSSL affects IBM Rational ClearQuest
(CVE-2016-2107)
Security Bulletin
Document information
More support for:
Rational ClearQuest
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1990141
Modified date:
2016-09-15
Summary
OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project.
OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has
addressed the applicable CVEs.
Vulnerability Details
CVEID:
CVE-2016-2107
DESCRIPTION:
OpenSSL could allow a remote attacker to obtain sensitive information caused
by an error when the connection uses an AES CBC cipher and the server support
AES-NI. A remote user with the ability to conduct a man-in-the-middle attack
could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded
Legacy Encryption) attack to decrypt traffic.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/112854
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Rational ClearQuest versions:
Version Status
9.0 through 9.0.0.01 Affected
8.0.1 through 8.0.1.10 Affected
8.0 through 8.0.0.17 Affected
7.1.0.x, 7.1.1.x, 7.1.2.x (all versions) Affected
Not all deployments of Rational ClearQuest use OpenSSL in a way that is
affected by these vulnerabilities.
You are vulnerable if your use of Rational ClearQuest includes any of these
configurations:
You use SSL connections in perl scripts run by ratlperl or cqperl, or by
ClearQuest hooks. In this situation, you should review all the fixes provided
by the OpenSSL project to see which ones apply to your use of OpenSSL. See
the references link below.
You integrate with ClearCase. See
Security Bulletin: Vulnerability in OpenSSL affects IBM Rational ClearCase
(CVE-2016-2107)
You connect to a ClearQuest database using SSL.
Remediation/Fixes
Apply a fix pack as listed in the table below. The fix pack includes OpenSSL
1.0.2h.
Affected Versions Applying the fix
9.0 through 9.0.0.01 Install Rational ClearQuest Fix Pack 2 (9.0.0.02) for 9.0
8.0.1 through 8.0.1.11 Install Rational ClearQuest Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.18 Install Rational ClearQuest Fix Pack 18 (8.0.0.19) for 8.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact Customer Support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed,
supported version/release/platform of the product.
Workarounds and Mitigations
If exposure is due to hooks and scripts, disable the scripts that uses SSL
and runs in ratlperl, cqperl or ClearQuest hooks until you apply the fixes
listed above.
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
Important note
IBM strongly suggests that all System z customers be subscribed to the System
z Security Portal to receive the latest critical System z security and
integrity service. If you are not subscribed, see the instructions on the
System z Security web site
Security and integrity APARs and associated fixes will be posted to this
portal. IBM suggests reviewing the CVSS scores and applying all security or
integrity fixes as soon as possible to minimize any potential risk.
References
Complete CVSS v3 Guide
On-line Calculator v3
OpenSSL Project vulnerability website
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 15 September 2016: Original version published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest
(CVE-2016-0702)
Security Bulletin
Document information
More support for:
Rational ClearQuest
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1990151
Modified date:
2016-09-15
Summary
An OpenSSL vulnerability was disclosed on March 1, 2016 by the OpenSSL
Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest
has addressed the applicable CVE.
Vulnerability Details
CVEID: CVE-2016-0702
DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive
information, caused by a side-channel attack against a system based on the
Intel Sandy-Bridge microarchitecture. An attacker could exploit this
vulnerability to recover RSA keys.
CVSS Base Score: 2.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111144
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Rational ClearQuest, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x,
8.0.1.x, and 9.0 in the following component:
ClearQuest hooks and cqperl/ratlperl scripts that use SSL.
Database drivers configured to use SSL connections to the database.
ClearQuest version Status
9.0 through 9.0.0.1 Affected
8.0.1 through 8.0.1.11 Affected
8.0 through 8.0.0.18 Affected
7.1.0.x Affected
7.1.1.x
7.1.2.x
(all versions and fix packs)
Remediation/Fixes
Affected Versions Fixes
9.0 through 9.0.0.1 Install Rational ClearQuest Fix Pack 2 (9.0.0.2) for 9.0
8.0.1 through 8.0.1.10 Install Rational ClearQuest Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.17 Install Rational ClearQuest Fix Pack 19 (8.0.0.19) for 8.0
7.1.2.x (all fix packs) Customers on extended support contracts should contact customer support.
7.1.1.x (all fix packs)
7.1.0.x (all fix packs)
For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed,
supported version/release/platform of the product.
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
OpenSSL Project vulnerability website
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 15 September 2016: Original version published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Unquoted Service Path Enumeration vulnerability in IBM
Rational ClearQuest (CVE-2013-0513)
Security Bulletin
Document information
More support for:
Rational ClearQuest
Software version:
7.1, 7.1.0.1, 7.1.0.2, 7.1.1, 7.1.1.1, 7.1.1.2, 7.1.1.3, 7.1.1.4, 7.1.1.5,
7.1.1.6, 7.1.1.7, 7.1.1.8, 7.1.1.9, 7.1.2, 7.1.2.1, 7.1.2.2, 7.1.2.3,
7.1.2.4, 7.1.2.5, 7.1.2.6, 7.1.2.7, 7.1.2.8, 7.1.2.9, 7.1.2.10, 7.1.2.11,
7.1.2.12, 7.1.2.13, 7.1.2.14, 7.1.2.15, 7.1.2.16, 7.1.2.17, 7.1.2.18,
7.1.2.19, 8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.0.0.5, 8.0.0.6, 8.0.0.7,
8.0.0.8, 8.0.0.9, 8.0.0.10, 8.0.0.11, 8.0.0.12, 8.0.0.13, 8.0.0.14, 8.0.0.15,
8.0.0.16, 8.0.0.17, 8.0.0.18, 8.0.1, 8.0.1.1, 8.0.1.2, 8.0.1.3, 8.0.1.4,
8.0.1.5, 8.0.1.6, 8.0.1.7, 8.0.1.8, 8.0.1.9, 8.0.1.10, 8.0.1.11, 9.0, 9.0.0.1
Operating system(s):
Windows
Reference #:
1990130
Modified date:
2016-09-15
Summary
IBM Rational ClearQuest is vulnerable to an Unquoted Service Path Enumeration
vulnerability.
Vulnerability Details
CVEID:
CVE-2013-0513
DESCRIPTION:
IBM Rational AppScan, IBM Rational ClearCase, and IBM Rational ClearQuest
could allow a local attacker to gain elevated privileges on the system,
caused by the creation of a service during install that does not constrain
the service path in quotes and leaves it vulnerable to Microsoft Windows
Unquoted Service Path Enumeration issue. An attacker could gain elevated
privileges using the service. No specialized knowledge is necessary to
conduct this attack. The attacker will need local access to the AppScan
Enterprise, ClearCase, or ClearQuest machine in order to conduct the attack.
Authentication is not a requirement.
CVSS Base Score: 7.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/82594
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Affected Products and Versions
Rational ClearQuest 7.1.x (all versions), 8.0 through 8.0.0.18, 8.0.1 through
8.0.1.11, and 9.0 through 9.0.0.01.
Remediation/Fixes
Install a fix pack containing fixes:
Affected version Fixes
9.0 through 9.0.0.01 Install Rational ClearQuest Fix Pack 2 (9.0.0.02) for 9.0
8.0.1 through 8.0.1.11 Install Rational ClearQuest Fix Pack 12 (8.0.1.12) for 8.0.1
8.0 through 8.0.0.18 Install Rational ClearQuest Fix Pack 18 (8.0.0.19) for 8.0
7.1.x Customers on extended support contracts for 7.1.x should contact Customer Support.
For 7.0.x and 7.1.x and earlier releases, IBM recommends upgrading to a
fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None.
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v2 Guide
On-line Calculator v2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
* 15 September 2016: Original Copy Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV9tssIx+lLeg9Ub1AQgmdRAAmEHWcVMrk2bsuUdHdsswUVDLeecAyLiI
B2HU8vqUn7Oa/8JLla+LiATH2lABPwwBS5rdF0fdpMggE7LHGFy8XfhTl+Gb2XNg
Ju+fDHAI9KZFRzLDSc7EXvCkEkrOrqCOvaK6eEVdraT6DkybAEffEeHdnxGMKR3a
NAChmdJdRXw2KKXDBHPCKlPV9+uYe1vV03lXs03PmZGQRLJlsp24pEfiMzB01mxV
LXCmxQG+zt8hnl0SvTa9xoQLah/tb86T8NSsg6j+54xHz8E95QNxGm7SnhMNouGC
x5UZQ2bC6vHFo9Bg5d43t4y1j0YdO7YpdRNHcD/dqk1EcenHKOSbS4MxRv3v4RrJ
tV3C4+LP/gW7NPtNv5ZlypXsUPg1lY+bCjwM1j/oEEfbCoxxv4Wj2fqNwiEz41b7
N4O+H5TwMyTmFS5GFb8zYXMDWHQmYs2vtRcC+o3LFJr5dIE8jA+s0wLt0hShPem0
0RgNZSEq+k8/RHe9Ul9hi+yVH+Hg52VgH9rKWpZbe5jYdP5M2oP65fzth9NvOaXl
N5aYuN+bTpPxX6YUrISNeOEGSGpjqVB9k2MZPPaW4G8sbsvvezcOkhePNmNaAwr7
PT6rOvlqfW5+VMcOyg4HheL+6LaumpZS6SjvsqcPNUKXJHYabdern/+7Hu9InELc
MFGxq5j+sNE=
=bu9m
-----END PGP SIGNATURE-----