Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.2770
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016
21 November 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Collaboration and Social Media products
Cisco Endpoint Clients and Client Software
Cisco Network Application, Service, and Acceleration products
Cisco Network and Content Security Devices
Cisco Network Management and Provisioning products
Cisco Routing and Switching - Enterprise and Service Provider products
Cisco Voice and Unified Communications Devices
Cisco Video, Streaming, TelePresence, and Transcoding Devices
Cisco Hosted Services
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: None
CVE Names: CVE-2016-7055 CVE-2016-7054 CVE-2016-7053
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco Security Advisory
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016
Medium
Advisory ID: cisco-sa-20161114-openssl
First Published: 2016 November 14 16:00 GMT
Last Updated: 2016 November 18 15:07 GMT
Version 1.4: Interim
Workarounds: No workarounds available
CVE-2016-7053
CVE-2016-7054
CVE-2016-7055
CWE-119
CWE-310
Summary
On November 10, 2016, the OpenSSL Software Foundation released a security
advisory that describes three vulnerabilities. Of these vulnerabilities, the
OpenSSL Software Foundation classifies one as Critical Severity, one as
Moderate Severity, and one as Low Severity.
Two of the vulnerabilities affect only recent OpenSSL versions in the 1.1.0
release series. The remaining Low Severity vulnerability affects OpenSSL
versions in the 1.0.2 and 1.1.0 release series.
This advisory will be updated as additional information becomes available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl
Affected Products
Cisco investigated its product line to determine which products may be
affected by these vulnerabilities and the impact of the vulnerabilities on
each affected product. For information about whether a product is affected,
refer to the Vulnerable Products and Products Confirmed Not Vulnerable
sections of this advisory. The Vulnerable Products section includes the ID of
the Cisco bug for each affected product. The bugs are accessible through the
Cisco Bug Search Tool and will contain additional platform-specific
information, including any available workarounds and fixed software releases.
Products Under Investigation
The following Cisco products are under active investigation to determine
whether they are affected by one or more of the vulnerabilities described in
this advisory.
Collaboration and Social Media
Cisco SocialMiner
Endpoint Clients and Client Software
Cisco Jabber for Windows
Cisco WebEx Meetings Client - On-Premises
Cisco WebEx Meetings for BlackBerry
Network Application, Service, and Acceleration
Cisco Application and Content Networking System (ACNS)
Network and Content Security Devices
Cisco Content Security Management Appliance (SMA)
Cisco Email Security Appliance (ESA)
Cisco Physical Access Gateways
Cisco Secure Access Control System (ACS)
Cisco Web Security Appliance (WSA)
Network Management and Provisioning
Cisco Feature Analytics Service
Cisco Network Profiler
Cisco Prime Collaboration Assurance
Cisco Prime Infrastructure
Cisco Prime LAN Management Solution - Solaris
Cisco Prime License Manager
Cisco Prime Network Services Controller
Cisco Unified Intelligence Center
Routing and Switching - Enterprise and Service Provider
Cisco 910 Industrial Router
Unified Computing
Cisco HyperFlex System
Cisco UCS Director
Voice and Unified Communications Devices
Cisco Agent Desktop for Cisco Unified Contact Center Express
Cisco Agent Desktop
Cisco DX Series IP Phones
Cisco Emergency Responder
Cisco Finesse
Cisco Remote Silent Monitoring
Cisco UC Integration for Microsoft Lync
Cisco Unified Contact Center Express
Cisco Unified Customer Voice Portal
Cisco Unified E-Mail Interaction Manager
Cisco Unified IP 7937 Phone
Cisco Unified Web Interaction Manager
Cisco Unified Workforce Optimization - Quality Management Solution
Cisco Unified Workforce Optimization
Cisco Unity Express
Cisco Virtual PGW 2200 Softswitch
Cisco Virtualized Voice Browser
Video, Streaming, TelePresence, and Transcoding Devices
Cisco TelePresence System 1000
Cisco TelePresence System 1100
Cisco TelePresence System 1300
Cisco TelePresence System 3000 Series
Cisco TelePresence System 500-32
Cisco TelePresence System 500-37
Cisco TelePresence System TX1310
Cisco TelePresence TX9000 Series
Cisco Video Surveillance 4000 Series High-Definition IP Cameras
Cisco Videoscape Voyager Vantage
Wireless
Cisco Mobility Services Engine
Cisco Hosted Services
Cisco Cloud and Managed Services
Cisco Cloud Web Security
Cisco Connected Analytics for Collaboration
Cisco IC Capture
Cisco IC Distribution - Internal
Cisco Network Device Security Assessment Service
Cisco Network Health Framework
Cisco Network Performance Analysis
Cisco Powered Cloud and Managed Services Platform
Cisco Services Analytics Platform
Cisco Smart Net Total Care
Cisco Unified Service Delivery Platform
Cisco Universal Small Cell Iuh
Vulnerable Products
The following table lists Cisco products that are affected only by the low
severity vulnerability, CVE-2016-7055, described in this advisory.
Product Cisco Bug ID Fixed Release Availability
Collaboration and Social Media
Cisco WebEx Meetings Server Release 1.x CSCvc08554
Cisco WebEx Meetings Server Release 2.x CSCvc08554
Cisco WebEx Node for MCS CSCvc08544
Endpoint Clients and Client Software
Cisco Agent for OpenFlow CSCvc08715
Cisco Jabber Software Development Kit CSCvc08781
Cisco Jabber for Android CSCvc08820
Cisco Jabber for Mac CSCvc08779
Cisco WebEx Business Suite CSCvc08557
Cisco WebEx Meetings Server - Multimedia Platform (MMP) CSCvc08559
Cisco WebEx Meetings Server - SSL gateway CSCvc08555
Network Application, Service, and Acceleration
Cisco 1000 Series Connected Grid Routers CSCvc08663
Cisco Wide Area Application Services (WAAS) CSCvc08680
Network and Content Security Devices
Cisco Adaptive Security Appliance (ASA) CSCvc08670
Cisco Cisco Firepower9300 CSCvc08678
Cisco Content Security Appliance Update Servers CSCvc08542
Cisco FireSIGHT System Software CSCvc08539
Network Management and Provisioning
Cisco NetFlow Generation Appliance CSCvc08619
Cisco Network Analysis Module CSCvc08614
Cisco Prime IP Express CSCvc08612
Cisco Prime Network Registrar CSCvc08607
Cisco Security Manager CSCvc08623
Routing and Switching - Enterprise and Service Provider
Cisco ASR 5000 Series CSCvc08499
Cisco Application Policy Infrastructure Controller (APIC) CSCvc08570
Cisco Connected Grid Routers - Running Cisco CG-OS Software CSCvc08565
Cisco IOS XR Software CSCvc08628
Cisco IOS and Cisco IOS XE Software CSCvc08742
Cisco Nexus 9000 Series Fabric Switches - ACI mode CSCvc08571
Cisco ONS 15454 Series Multiservice Provisioning Platforms CSCvc08689
Voice and Unified Communications Devices
Cisco Computer Telephony Integration Object Server (CTIOS) CSCvc08529
Cisco Unified Attendant Console Advanced CSCvc08749
Cisco Unified Attendant Console Business Edition CSCvc08749
Cisco Unified Attendant Console Department Edition CSCvc08749
Cisco Unified Attendant Console Enterprise Edition CSCvc08749
Cisco Unified Attendant Console Premium Edition CSCvc08749
Cisco Unified Attendant Console Standard CSCvc08750
Cisco Unified Communications Manager IM & Presence Service
(formerly CUPS) CSCvc08769
Cisco Unified Communications Manager Session Management Edition CSCvc08756
Cisco Unified Communications Manager CSCvc08756
Cisco Unified Contact Center Enterprise CSCvc08529
Cisco Unified IP 8831 Conference Phone CSCvc08794
Cisco Unified IP 8961 Phone CSCvc08770
Cisco Unified IP 9951 Phone CSCvc08770
Cisco Unified IP 9971 Phone CSCvc08770
Cisco Unified Intelligent Contact Management Enterprise CSCvc08529
Cisco Unity Connection CSCvc08759
Cisco Virtualization Experience Media Edition CSCvc08826
Video, Streaming, TelePresence, and Transcoding Devices
Cisco Edge 300 Digital Media Player CSCvc08726
Cisco TelePresence Conductor CSCvc08629
Cisco TelePresence MX Series CSCvc08648
Cisco TelePresence Profile Series CSCvc08648
Cisco TelePresence SX Series CSCvc08648
Cisco TelePresence Server 7010 and MSE 8710 CSCvc08651
Cisco TelePresence Server on Multiparty Media 310 and 320 CSCvc08651
Cisco TelePresence Server on Multiparty Media 820 CSCvc08651
Cisco TelePresence Server on Virtual Machine CSCvc08651
Cisco TelePresence System EX Series CSCvc08648
Cisco Telepresence Integrator C Series CSCvc08648
Cisco Video Surveillance Media Server CSCvc08697
Cisco Videoscape Control Suite CSCvc08657
Cisco Hosted Services
Cisco WebEx Messenger Service CSCvc08556
Note: Due to the low severity of this vulnerability, the OpenSSL Software
Foundation is not planning to issue a new 1.0.2 release at this time.
Products Confirmed Not Vulnerable
Cisco has confirmed that the vulnerabilities described in this advisory do not
affect the following Cisco products.
Endpoint Clients and Client Software
Cisco AnyConnect Secure Mobility Client for Android
Cisco AnyConnect Secure Mobility Client for Desktop Platforms
Cisco AnyConnect Secure Mobility Client for Linux
Cisco AnyConnect Secure Mobility Client for Mac OS X
Cisco AnyConnect Secure Mobility Client for Windows
Cisco AnyConnect Secure Mobility Client for iOS
Cisco Jabber Guest
Network Application, Service, and Acceleration
Cisco Visual Quality Experience Server
Cisco Visual Quality Experience Tools Server
Network and Content Security Devices
Cisco Identity Services Engine (ISE)
Cisco Virtual Security Gateway for Microsoft Hyper-V
Network Management and Provisioning
Cisco Application Networking Manager
Cisco Business Video Services Automation Software
Cisco Configuration Professional
Cisco Digital Media Manager
Cisco Management Appliance
Cisco Multicast Manager
Cisco Packet Tracer
Cisco Prime Access Registrar
Cisco Prime Collaboration Deployment
Cisco Prime Collaboration Manager
Cisco Prime Collaboration Provisioning
Cisco Prime Data Center Network Manager
Cisco Prime Home
Cisco Prime Infrastructure Plug and Play Standalone Gateway
Cisco Prime Network Registrar IP Address Manager (IPAM)
Cisco Prime Network
Cisco Prime Optical for Service Providers
Cisco Prime Performance Manager
Cisco Smart Net Total Care - Local Collector appliance
Cisco UCS Central Software
Routing and Switching - Enterprise and Service Provider
Cisco Broadband Access Center for Telco and Wireless
Cisco MDS 9000 Series Multilayer Switches
Cisco Nexus 1000V Series Switches
Cisco Nexus 1000V Switch for VMware vSphere
Cisco Nexus 3000 Series Switches
Cisco Nexus 3500 Series Switches
Cisco Nexus 4000 Series Blade Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode
Cisco Service Control Operating System
Routing and Switching - Small Business
Cisco 220 Series Smart Plus (Sx220) Switches
Cisco 500 Series Stackable (Sx500) Managed Switches
Cisco Small Business 300 Series (Sx300) Managed Switches
Unified Computing
Cisco Common Services Platform Collector
Cisco UCS 6200 Series Fabric Interconnects
Cisco UCS B-Series Blade Servers
Cisco UCS Manager
Cisco UCS Standalone C-Series Rack Server - Integrated Management Controller
Voice and Unified Communications Devices
Cisco ATA 187 Analog Telephone Adaptor
Cisco ATA 190 Series Analog Terminal Adaptors
Cisco Hosted Collaboration Mediation Fulfillment
Cisco IP 7800 Series Phones
Cisco IP 8800 Series Phones - VPN feature
Cisco IP Interoperability and Collaboration System (IPICS)
Cisco Jabber for iPhone and iPad
Cisco MediaSense
Cisco Paging Server (InformaCast)
Cisco Paging Server
Cisco SPA112 2-Port Phone Adapter
Cisco SPA122 Analog Telephone Adapter (ATA) with Router
Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA)
Cisco SPA51x IP Phones
Cisco SPA525G 5-Line IP Phone
Cisco SPA8000 8-Port IP Telephony Gateway
Cisco SPA8800 IP Telephony Gateway with 4 FXS and 4 FXO Ports
Cisco Small Business SPA300 Series IP Phones
Cisco Small Business SPA500 Series IP Phones
Cisco TAPI Service Provider (TSP)
Cisco Unified Communications Domain Manager
Cisco Unified IP 6901 Phone
Cisco Unified IP 6945 Phone
Cisco Unified IP 7900 Series Phones
Cisco Unified IP 8831 Conference Phone for Third-Party Call Control
Cisco Unified IP 8945 Phone
Cisco Unified MeetingPlace
Cisco Unified SIP Proxy Software
Cisco Unified Wireless IP Phone
Video, Streaming, TelePresence, and Transcoding Devices
Cisco 4300 Series Digital Media Players
Cisco 4400 Series Digital Media Players
Cisco Cloud Object Storage
Cisco D9859 Advanced Receiver Transcoder
Cisco DCM Series D990x Digital Content Manager
Cisco Edge 340 Digital Media Player
Cisco Enterprise Content Delivery System (ECDS)
Cisco Expressway Series
Cisco MXE 3500 Series Media Experience Engines
Cisco Show and Share
Cisco TelePresence Content Server
Cisco TelePresence ISDN Gateway 3241
Cisco TelePresence ISDN Gateway MSE 8321
Cisco TelePresence ISDN Link
Cisco TelePresence MCU 4200 Series, 4500 Series, 5300 Series, MSE 8420, and
MSE 8510
Cisco TelePresence Serial Gateway Series
Cisco TelePresence Supervisor MSE 8050
Cisco TelePresence Video Communication Server (VCS)
Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS)
Cisco Video Surveillance 3000 Series IP Cameras
Cisco Video Surveillance 4300E and 4500E High-Definition IP Cameras
Cisco Video Surveillance 6000 Series IP Cameras
Cisco Video Surveillance 7000 Series IP Cameras
Cisco Video Surveillance PTZ IP Cameras
Cisco Videoscape AnyRes Live
Tandberg Codian ISDN Gateway 3210, 3220, and 3240
Tandberg Codian MSE 8320
Wireless
Cisco Wireless LAN Controller
Cisco Hosted Services
Cisco Assessment Service for Network Authentication
Cisco Cloud and Systems Management
Cisco Collaboration Virtual Machine Placement Tool
Cisco Connectivity
Cisco ONE Portal
Cisco Partner Support Service 1.x
Cisco Prime Network Change and Configuration Management
Cisco Proactive Network Operations Center
Cisco Registered Envelope Service
Cisco Sentinel
Cisco Services Provisioning Platform
Cisco Smart Care
Cisco Smart Collector - Product Lifecycle Manager
Cisco Smart Net Total Care - Contracts Information System
Cisco Smart Net Total Care - Contracts Information System Process Controller
Cisco Smart Net Total Care - Core services
Cisco Smart Net Total Care - Smart Interactions
Cisco Software Operations Risk Assessment (SORA)
Cisco Unified Communications Upgrade Readiness Assessment
Cisco Unified Communications/Collaboration Sizing Tool
Cisco Universal Small Cell 5000 Series - Running Release 3.4.2.x
Cisco Universal Small Cell 7000 Series - Running Release 3.4.2.x
Cisco Universal Small Cell CloudBase Factory Recovery Root Filesystem -
Releases 2.99.4 and later
Details
The Common Vulnerabilities and Exposures (CVE) IDs and names of the
vulnerabilities that were disclosed on November 10, 2016, in the OpenSSL
Software Foundation security advisory are as follows:
CVE-2016-7053: OpenSSL CMS Null Dereference Vulnerability
CVE-2016-7054: OpenSSL ChaCha20/Poly1305 Heap Buffer Overflow Vulnerability
CVE-2016-7055: OpenSSL Montgomery Multiplication May Produce Incorrect Results
Vulnerability
OpenSSL CMS Null Dereference Vulnerability
A vulnerability in the code that handles ASN.1 CHOICE type in OpenSSL 1.1.0
could allow an unauthenticated, remote attacker to cause a denial of service
(DoS) condition.
The vulnerability is due to a NULL value being passed to the structure
callback if an attempt is made to free certain invalid encodings. An attacker
could exploit this vulnerability by submitting crafted input to be processed
by the affected software. A successful exploit could allow an attacker to
cause the application to stop functioning properly, leading to a DoS
condition.
This vulnerability has been assigned the following CVE ID: CVE-2016-7053
OpenSSL ChaCha20/Poly1305 Heap Buffer Overflow Vulnerability
A vulnerability in the *-CHACHA20-POLY1305 cipher suites in OpenSSL could
allow an unauthenticated, remote attacker to cause a targeted system to crash,
resulting in a denial of service (DoS) condition.
The vulnerability is due to improper validation of user-supplied data by the
affected software. An attacker could exploit this vulnerability by submitting
large amounts of crafted data to the *-CHACHA20-POLY1305 cipher suites of the
affected software over a Transport Layer Security (TLS) connection. A
successful exploit could allow the attacker to cause the affected software to
crash, resulting in a DoS condition on the targeted system.
This vulnerability has been assigned the following CVE ID: CVE-2016-7054
OpenSSL Montgomery Multiplication May Produce Incorrect Results Vulnerability
A vulnerability in OpenSSL could cause authentication or key negotiation
failures, resulting in a denial of service (DoS) condition.
The vulnerability is due to Montgomery multiplication mathematical errors that
occur when using OpenSSL with elliptic curve algorithms. The vulnerability may
occur without any external attacker action when performing cryptographic
operations. Errors resulting from incorrect mathematical computations could
cause OpenSSL to fail during authentication or key negotiation, resulting in a
DoS.
This vulnerability has been assigned the following CVE ID: CVE-2016-7055
For additional details about the vulnerabilities, refer to the November 2016
OpenSSL Security Advisory published by the OpenSSL Software Foundation.
Workarounds
Any workarounds that address one or more of these vulnerabilities will be
documented in the Cisco bugs, which are accessible from the Cisco Bug Search
Tool, for each affected product.
Fixed Software
Updates for affected software releases will be published when they are
available and information about those updates will be documented in Cisco
bugs, which are accessible from the Cisco Bug Search Tool.
When considering software upgrades, customers are advised to regularly consult
the advisories for Cisco products, which are available from the Cisco Security
Advisories and Alerts page, to determine exposure and a complete upgrade
solution.
In all cases, customers should ensure that the devices to be upgraded contain
sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release. If
the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance providers.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any
public announcements or malicious use of the vulnerability that is described
in this advisory.
Source
These vulnerabilities were publicly disclosed by the OpenSSL Software
Foundation on November 10, 2016.
URL
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl
Revision History
Version Description Section Status Date
1.4 Updated the lists of products that are and are not vulnerable. Vulnerable Products and Products Confirmed Not Vulnerable Interim 2016-November-18
1.3 Updated the lists of products that are and are not vulnerable. Vulnerable Products and Products Confirmed Not Vulnerable Interim 2016-November-17Show
Complete History...
LEGAL DISCLAIMER
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS
DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
A standalone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy and may lack important information or
contain factual errors. The information in this document is intended for end
users of Cisco products.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWDJeMYx+lLeg9Ub1AQgJNQ//X8wy5UJ79K8z/6vj6dNmEccEAYH8ERiX
9x7MYbVZ6HVAb7U0iki7ZWEKDfd09JuOPVEdeGRXzHwxkXbnjR7YaYl3x3e1Hptz
7HO3rK3q85IJFlvfZ11+VS2fPDO3SSzwiTWaq4a8fewa91y7q/SpqtGiSSLHc5De
IUOs1oE6EVW7Q1gjTe5ItaStPgAQ2mlLaWM09Vd3CXhaX9h0JHvcdVH6jn5aKUTq
Lox9NqXMWaSuX6+ROkPKFyaLnHpGHXVSuNWo5o/UarMeFoYx1pcyriT9pYfUmMUb
vl/icvozOzuB1RN6q7H4atbRGR5zX0jlMKuJchPzkfpHgEqhAlW4wQsFN4ocCigw
cwioUvrv175nX2FxkyGrjONDoBumPC9ItJL9a81ZTaCU9Oz61WfnszARD0vBF/uF
FTAaBpk89OR/14dKn7CUFr+5BoU74D46Yf733dIx071QYiVhRB/yzmwmB83NjXxp
WL7MQ/dtB6JIWo/qF/DWz6y8aASpMYKoN4f1ni7ovegJv0xs7yn/FDXMgdwib8kb
3kPRld/fPm/0jt+/f0ItnXhlKzemqJeTf1aRM2hoDbVlZEcEyos7vE1GgJkWWT58
s7Jg+oxIC97TxoArmJCz4azSY6DVn/t//+SkHqb4kDfQx8I3/WDmSY0rQtYwgEJF
e1EOusleqZs=
=GTwN
-----END PGP SIGNATURE-----