Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.0356
SUSE Security Update: Security update for the Linux Kernel
7 February 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: SUSE
Operating System: SUSE
Impact/Access: Root Compromise -- Existing Account
Execute Arbitrary Code/Commands -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2017-5551 CVE-2017-2584 CVE-2017-2583
CVE-2016-10088 CVE-2016-9806 CVE-2016-9794
CVE-2016-9793 CVE-2016-9756 CVE-2016-9576
CVE-2016-9555 CVE-2016-9084 CVE-2016-9083
CVE-2016-8655 CVE-2016-8645 CVE-2016-8633
CVE-2016-8632 CVE-2016-8399 CVE-2016-7914
CVE-2016-7913 CVE-2016-7911 CVE-2016-7910
CVE-2015-8964 CVE-2015-8963 CVE-2015-8962
Reference: ASB-2016.0103
ESB-2017.0341
ESB-2017.0273
ESB-2017.0264
ESB-2017.0245
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:0407-1
Rating: important
References: #1003813 #1005666 #1007197 #1008557 #1008567
#1008831 #1008833 #1008876 #1008979 #1009062
#1009969 #1010040 #1010213 #1010294 #1010475
#1010478 #1010501 #1010502 #1010507 #1010612
#1010711 #1010716 #1011685 #1012060 #1012422
#1012754 #1012917 #1012985 #1013001 #1013038
#1013479 #1013531 #1013533 #1013540 #1013604
#1014410 #1014746 #1016713 #1016725 #1016961
#1017164 #1017170 #1017410 #1017710 #1018100
#1019032 #1019148 #1019260 #1019300 #1019783
#1019851 #1020214 #1020602 #1021258 #856380
#857394 #858727 #921338 #921778 #922052 #922056
#923036 #923037 #924381 #938963 #972993 #980560
#981709 #983087 #983348 #984194 #984419 #985850
#987192 #987576 #990384 #991273 #993739 #997807
#999101
Cross-References: CVE-2015-8962 CVE-2015-8963 CVE-2015-8964
CVE-2016-10088 CVE-2016-7910 CVE-2016-7911
CVE-2016-7913 CVE-2016-7914 CVE-2016-8399
CVE-2016-8632 CVE-2016-8633 CVE-2016-8645
CVE-2016-8655 CVE-2016-9083 CVE-2016-9084
CVE-2016-9555 CVE-2016-9576 CVE-2016-9756
CVE-2016-9793 CVE-2016-9794 CVE-2016-9806
CVE-2017-2583 CVE-2017-2584 CVE-2017-5551
Affected Products:
SUSE Linux Enterprise Real Time Extension 12-SP1
______________________________________________________________________________
An update that solves 24 vulnerabilities and has 56 fixes
is now available.
Description:
The SUSE Linux Enterprise 12 rt-kernel was updated to 3.12.69 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-8962: Fixed a double free vulnerability in the SCSI subsystem
that allowed local users to gain privileges or cause a denial of service
(memory corruption and system crash) (bnc#1010501).
- CVE-2015-8963: Fixed a race condition in kernel/events/core.c that
allowed local users to gain privileges or cause a denial of service
(use-after-free) (bnc#1010502).
- CVE-2015-8964: Fixed a bug in the tty_set_termios_ldisc function that
allowed local users to obtain sensitive information from kernel memory
(bnc#1010507).
- CVE-2016-10088: The sg implementation in the Linux kernel did not
properly restrict write operations in situations where the KERNEL_DS
option is set, which allowed local users to read or write to arbitrary
kernel memory locations or cause a denial of service (use-after-free)
(bnc#1017710).
- CVE-2016-7910: Fixed a use-after-free vulnerability in the block
subsystem that allowed local users to gain privileges (bnc#1010716).
- CVE-2016-7911: Fixed a race condition in the get_task_ioprio function
that allowed local users to gain privileges or cause a denial of service
(use-after-free) (bnc#1010711).
- CVE-2016-7913: Fixed a bug in the xc2028_set_config function that
allowed local users to gain privileges or cause a denial of service
(use-after-free) (bnc#1010478).
- CVE-2016-7914: The assoc_array_insert_into_terminal_node function did
not check whether a slot is a leaf, which allowed local users to obtain
sensitive information from kernel memory or cause a denial of service
(invalid pointer dereference and out-of-bounds read) (bnc#1010475).
- CVE-2016-8399: Fixed a bug in the kernel networking subsystem that could
have enabled a local malicious application to execute arbitrary code
within the context of the kernel. (bnc#1014746).
- CVE-2016-8632: The net subsystem did not validate the relationship
between the minimum fragment length and the maximum packet size, which
allowed local users to gain privileges or cause a denial of service
(heap-based buffer overflow) (bnc#1008831).
- CVE-2016-8633: The firewire subsystem allowed remote attackers to
execute arbitrary code via crafted fragmented packets in certain unusual
hardware configurations (bnc#1008833).
- CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb
truncation, which allowed local users to cause a denial of service
(system crash) (bnc#1009969).
- CVE-2016-8655: Fixed a race condition in the network subsystem that
allowed local users to gain privileges or cause a denial of service
(use-after-free) (bnc#1012754).
- CVE-2016-9083: The PCI subsystem local users to bypass integer overflow
checks and cause a denial of service (memory corruption) or have
unspecified other impact (bnc#1007197).
- CVE-2016-9084: The PCI subsystem misused the kzalloc() function, which
allowed local users to cause a denial of service (integer overflow) or
have unspecified other impact (bnc#1007197).
- CVE-2016-9555: Fixed a bug in the network subsystem that allowed remote
attackers to cause a denial of service (out-of-bounds slab access) or
possibly have unspecified other impact via crafted SCTP data
(bnc#1011685).
- CVE-2016-9576: The block subsystem did not properly restrict the type of
iterator, which allowed local users to read or write to arbitrary kernel
memory locations or cause a denial of service (use-after-free)
(bnc#1013604).
- CVE-2016-9756: The kernel did not properly initialize Code Segment (CS)
in certain error cases, which allowed local users to obtain sensitive
information from kernel stack memory (bnc#1013038).
- CVE-2016-9793: The net subsystem mishandled negative values of sk_sndbuf
and sk_rcvbuf, which allowed local users to cause a denial of service
(memory corruption and system crash) or possibly have unspecified other
impact (bnc#1013531).
- CVE-2016-9794: Fixed a race condition in the ALSA subsystem that allowed
local users to cause a denial of service (use-after-free) or possibly
have unspecified other impact (bnc#1013533).
- CVE-2016-9806: Fixed a race condition in the netlink_dump() function
which could have allowed local users to cause a denial of service
(double free) or possibly have unspecified other impact (bnc#1013540).
- CVE-2017-2583: kvm: x86: fixed emulation of "MOV SS, null selector"
(bsc#1020602).
- CVE-2017-2584: arch: x86: kvm: fixed a bug that could have allowed local
users to obtain sensitive information from kernel memory or cause a
denial of service (use-after-free) (bnc#1019851).
- CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set
setgid bits on files they don't down. (bsc#1021258, CVE-2017-5551).
The following non-security bugs were fixed:
- 8250_pci: Fix potential use-after-free in error path (bsc#1013001).
- block_dev: do not test bdev->bd_contains when it is not stable
(bsc#1008557).
- bna: Add synchronization for tx ring (bsc#993739).
- bnx2i/bnx2fc : fix randconfig error in next-20140909 (bsc#922052
bsc#922056).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- bnx2x: fix lockdep splat (bsc#922052 bsc#922056).
- btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space
(bsc#1005666).
- btrfs: Export and move leaf/subtree qgroup helpers to qgroup.c
(bsc#983087).
- btrfs: Revert "do not delay inode ref updates during log replay"
(bsc#987192).
- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in
btrfs_ioctl (bsc#1018100).
- btrfs: do not delay inode ref updates during log replay (bsc#987192).
- btrfs: fix incremental send failure caused by balance (bsc#985850).
- btrfs: fix relocation incorrectly dropping data references (bsc#990384).
- btrfs: increment ctx->pos for every emitted or skipped dirent in readdir
(bsc#981709).
- btrfs: qgroup: Fix qgroup data leaking by using subtree tracing
(bsc#983087).
- btrfs: remove old tree_root dirent processing in btrfs_real_readdir()
(bsc#981709).
- btrfs: send, do not bug on inconsistent snapshots (bsc#985850).
- cpufreq: intel_pstate: Fix divide by zero on Knights Landing (KNL)
(bsc#1008876).
- cpuset: fix sched_load_balance that was accidentally broken in a
previous update (bsc#1010294).
- ext4: fix data exposure after a crash (bsc#1012985).
- fs/dcache: move the call of __d_drop(anon) into
__d_materialise_unique(dentry, anon) (bsc#984194).
- fuse: do not use iocb after it may have been freed (bsc#1012985).
- hpilo: Add support for iLO5 (bsc#999101).
- ib/core: Avoid unsigned int overflow in sg_alloc_table (bsc#924381
bsc#921338).
- ib/mlx5: Fix FW version diaplay in sysfs (bnc#923036).
- ib/mlx5: Fix entries check in mlx5_ib_resize_cq (bnc#858727).
- ib/mlx5: Fix entries checks in mlx5_ib_create_cq (bnc#858727).
- ib/mlx5: Remove per-MR pas and dma pointers (bnc#923036).
- ibmveth: calculate gso_segs for large packets (bsc#1019148).
- ibmveth: check return of skb_linearize in ibmveth_start_xmit
(bsc#1019148).
- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019148).
- igb: Fix oops caused by missing queue pairing (bnc#857394).
- ipmi_si: create hardware-independent softdep for ipmi_devintf
(bsc#1009062).
- ipr: Enable SIS pipe commands for SIS-32 devices (bsc#1016961).
- ipv4: Fix ip_queue_xmit to pass sk into ip_local_out_sk (bsc#938963).
- kabi: protect __sk_mem_reclaim (kabi).
- kabi: protect struct perf_event_context (kabi).
- kabi: reintroduce sk_filter (kabi).
- kernel: remove broken memory detection sanity check (bnc#1008567,
LTC#148072).
- kgr: ignore zombie tasks during the patching (bnc#1008979).
- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread
(bsc#1010612).
- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410).
- net/mlx5: Avoid passing dma address 0 to firmware (bnc#858727).
- net/mlx5: Fix typo in mlx5_query_port_pvlc (bnc#923036).
- net/mlx5e: Do not modify CQ before it was created (bnc#923036).
- net/mlx5e: Do not try to modify CQ moderation if it is not supported
(bnc#923036).
- net/mlx5e: Fix MLX5E_100BASE_T define (bnc#923036).
- net/mlx5e: Remove wrong poll CQ optimization (bnc#923036).
- netback: correct array index (bsc#983348).
- nfsv4: Cap the transport reconnection timer at 1/2 lease period
(bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nfsv4: Fix "NFS Lock reclaim failed" errors (bsc#1014410).
- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
- posix_acl: Fixup acl reference leak and missing conversions in ext3,
gfs2, jfs, hfsplus.
- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec
(bsc#1003813).
- proc: avoid including "mountproto=" with no protocol in /proc/mounts
(bsc#1019260).
- raid1: ignore discard error (bsc#1017164).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm/kernel-spec-macros: Fix the check if there is no rebuild counter
(bsc#1012060)
- rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060)
- serial: 8250_pci: Detach low-level driver during PCI error recovery
(bsc#1013001).
- sfc: clear napi_hash state when copying channels (bsc#923037).
- sfc: fix potential stack corruption from running past stat bitmask
(bsc#923037).
- sfc: on MC reset, clear PIO buffer linkage in TXQs (bnc#856380).
- sunrpc: Enforce an upper limit on the number of cached credentials
(bsc#1012917).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout
(bsc#1014410).
- target: Make EXTENDED_COPY 0xe4 failure return COPY TARGET DEVICE NOT
REACHABLE (bsc#991273).
- target: add XCOPY target/segment desc sense codes (bsc#991273).
- target: bounds check XCOPY segment descriptor list (bsc#991273).
- target: bounds check XCOPY total descriptor list length (bsc#991273).
- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
- target: check for XCOPY parameter truncation (bsc#991273).
- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense
(bsc#991273).
- target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
- target: support XCOPY requests without parameters (bsc#991273).
- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
- tg3: Avoid NULL pointer dereference in tg3_io_error_detected()
(bsc#921778).
- tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).
- x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq()
(bsc#1013479).
- xen/ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short
jumps to it (bsc#984419).
- xenbus: correctly signal errors from xenstored_local_init() (luckily
none so far).
- xfs: allow lazy sb counter sync during filesystem freeze sequence
(bsc#980560).
- xfs: refactor xlog_recover_process_data() (bsc#1019300).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Real Time Extension 12-SP1:
zypper in -t patch SUSE-SLE-RT-12-SP1-2017-202=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Real Time Extension 12-SP1 (noarch):
kernel-devel-rt-3.12.69-60.30.1
kernel-source-rt-3.12.69-60.30.1
- SUSE Linux Enterprise Real Time Extension 12-SP1 (x86_64):
kernel-compute-3.12.69-60.30.1
kernel-compute-base-3.12.69-60.30.1
kernel-compute-base-debuginfo-3.12.69-60.30.1
kernel-compute-debuginfo-3.12.69-60.30.1
kernel-compute-debugsource-3.12.69-60.30.1
kernel-compute-devel-3.12.69-60.30.1
kernel-compute_debug-debuginfo-3.12.69-60.30.1
kernel-compute_debug-debugsource-3.12.69-60.30.1
kernel-compute_debug-devel-3.12.69-60.30.1
kernel-compute_debug-devel-debuginfo-3.12.69-60.30.1
kernel-rt-3.12.69-60.30.1
kernel-rt-base-3.12.69-60.30.1
kernel-rt-base-debuginfo-3.12.69-60.30.1
kernel-rt-debuginfo-3.12.69-60.30.1
kernel-rt-debugsource-3.12.69-60.30.1
kernel-rt-devel-3.12.69-60.30.1
kernel-rt_debug-debuginfo-3.12.69-60.30.1
kernel-rt_debug-debugsource-3.12.69-60.30.1
kernel-rt_debug-devel-3.12.69-60.30.1
kernel-rt_debug-devel-debuginfo-3.12.69-60.30.1
kernel-syms-rt-3.12.69-60.30.1
References:
https://www.suse.com/security/cve/CVE-2015-8962.html
https://www.suse.com/security/cve/CVE-2015-8963.html
https://www.suse.com/security/cve/CVE-2015-8964.html
https://www.suse.com/security/cve/CVE-2016-10088.html
https://www.suse.com/security/cve/CVE-2016-7910.html
https://www.suse.com/security/cve/CVE-2016-7911.html
https://www.suse.com/security/cve/CVE-2016-7913.html
https://www.suse.com/security/cve/CVE-2016-7914.html
https://www.suse.com/security/cve/CVE-2016-8399.html
https://www.suse.com/security/cve/CVE-2016-8632.html
https://www.suse.com/security/cve/CVE-2016-8633.html
https://www.suse.com/security/cve/CVE-2016-8645.html
https://www.suse.com/security/cve/CVE-2016-8655.html
https://www.suse.com/security/cve/CVE-2016-9083.html
https://www.suse.com/security/cve/CVE-2016-9084.html
https://www.suse.com/security/cve/CVE-2016-9555.html
https://www.suse.com/security/cve/CVE-2016-9576.html
https://www.suse.com/security/cve/CVE-2016-9756.html
https://www.suse.com/security/cve/CVE-2016-9793.html
https://www.suse.com/security/cve/CVE-2016-9794.html
https://www.suse.com/security/cve/CVE-2016-9806.html
https://www.suse.com/security/cve/CVE-2017-2583.html
https://www.suse.com/security/cve/CVE-2017-2584.html
https://www.suse.com/security/cve/CVE-2017-5551.html
https://bugzilla.suse.com/1003813
https://bugzilla.suse.com/1005666
https://bugzilla.suse.com/1007197
https://bugzilla.suse.com/1008557
https://bugzilla.suse.com/1008567
https://bugzilla.suse.com/1008831
https://bugzilla.suse.com/1008833
https://bugzilla.suse.com/1008876
https://bugzilla.suse.com/1008979
https://bugzilla.suse.com/1009062
https://bugzilla.suse.com/1009969
https://bugzilla.suse.com/1010040
https://bugzilla.suse.com/1010213
https://bugzilla.suse.com/1010294
https://bugzilla.suse.com/1010475
https://bugzilla.suse.com/1010478
https://bugzilla.suse.com/1010501
https://bugzilla.suse.com/1010502
https://bugzilla.suse.com/1010507
https://bugzilla.suse.com/1010612
https://bugzilla.suse.com/1010711
https://bugzilla.suse.com/1010716
https://bugzilla.suse.com/1011685
https://bugzilla.suse.com/1012060
https://bugzilla.suse.com/1012422
https://bugzilla.suse.com/1012754
https://bugzilla.suse.com/1012917
https://bugzilla.suse.com/1012985
https://bugzilla.suse.com/1013001
https://bugzilla.suse.com/1013038
https://bugzilla.suse.com/1013479
https://bugzilla.suse.com/1013531
https://bugzilla.suse.com/1013533
https://bugzilla.suse.com/1013540
https://bugzilla.suse.com/1013604
https://bugzilla.suse.com/1014410
https://bugzilla.suse.com/1014746
https://bugzilla.suse.com/1016713
https://bugzilla.suse.com/1016725
https://bugzilla.suse.com/1016961
https://bugzilla.suse.com/1017164
https://bugzilla.suse.com/1017170
https://bugzilla.suse.com/1017410
https://bugzilla.suse.com/1017710
https://bugzilla.suse.com/1018100
https://bugzilla.suse.com/1019032
https://bugzilla.suse.com/1019148
https://bugzilla.suse.com/1019260
https://bugzilla.suse.com/1019300
https://bugzilla.suse.com/1019783
https://bugzilla.suse.com/1019851
https://bugzilla.suse.com/1020214
https://bugzilla.suse.com/1020602
https://bugzilla.suse.com/1021258
https://bugzilla.suse.com/856380
https://bugzilla.suse.com/857394
https://bugzilla.suse.com/858727
https://bugzilla.suse.com/921338
https://bugzilla.suse.com/921778
https://bugzilla.suse.com/922052
https://bugzilla.suse.com/922056
https://bugzilla.suse.com/923036
https://bugzilla.suse.com/923037
https://bugzilla.suse.com/924381
https://bugzilla.suse.com/938963
https://bugzilla.suse.com/972993
https://bugzilla.suse.com/980560
https://bugzilla.suse.com/981709
https://bugzilla.suse.com/983087
https://bugzilla.suse.com/983348
https://bugzilla.suse.com/984194
https://bugzilla.suse.com/984419
https://bugzilla.suse.com/985850
https://bugzilla.suse.com/987192
https://bugzilla.suse.com/987576
https://bugzilla.suse.com/990384
https://bugzilla.suse.com/991273
https://bugzilla.suse.com/993739
https://bugzilla.suse.com/997807
https://bugzilla.suse.com/999101
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWJk70Yx+lLeg9Ub1AQjl+g/+JPVWzT6CmUm+I/DFZIhz5lokq2LI3T8/
PFT4qF4PswfUUlqHGMQgulptvmuD7iDExLkE0drpsGsRJsJi4FvgMauV63/0WwA8
ufZN6mSOth7iEV7x5weuD0zymFMSseyORuKZEdFphTQDTjulVJqoxVeSjSgrsDuP
riUtzK+2cGN1qYVK+B09gPw77E688pg88ks+nkTq8txDOtV5AFKVnuYBq2vbu1KL
C8l/tdEIBqB7x1rpb1PbZQUWUjlMLFryKa4aaH7R2wqUm6WQn7mUbFSCerikLOht
Y0tFPf0xB78QGFI/416B1kSl2jWwFw7qftTNc718r0QqnZuMr5Ccjyg2Ao7iL8NS
0QOOy5Wz3flyjLBbpYfJUc8R4tTUmV1wCbBTZdvtEsgQifNWI4PoY6CxtKGwgoW/
leVEMwFa3TVhg65LQOOA2sfr7+PRDihcEtWy04LET8o38aiT6YRJhfG5h6g2vW6y
bhj6w3Fkh7VIbms0l/xAgqEsKQTg1/uh5l/H4agCkbaDJPoWNfTT3QVJM4NFBSAv
gbkPZFzkkxiuhTi+Um6+8Yvbx2XWyjG7ErdwarEOUq2z5MGFsg9FkDme2Rgo7wxc
NjgjxC7ulK56yKYDb2roYdQ4WkyQTBGCQE26t2sObTf7Peq9f/Lbs/GjGek5nqSU
rG0ynu3lPLc=
=VfQN
-----END PGP SIGNATURE-----